Date
July 8, 2025, 11:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.839783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 21.792260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 21.822772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 21.844460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 21.780608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40fc/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.709052] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 21.716288] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 21.698481] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.614740] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.688536] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.697028] Modules linked in: [ 96.697724] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 96.698364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.698559] Hardware name: linux,dummy-virt (DT) [ 96.698838] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.699183] pc : kunit_test_null_dereference+0x70/0x170 [ 96.700026] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.700821] sp : ffff800080f77d30 [ 96.701345] x29: ffff800080f77d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.702307] x26: 1ffe000018ad4321 x25: 0000000000000000 x24: 0000000000000004 [ 96.703091] x23: fff00000c56a190c x22: ffffabf2698225f8 x21: fff00000c11f8a88 [ 96.703940] x20: 1ffff000101eefa6 x19: ffff800080087990 x18: 00000000c2f36203 [ 96.704746] x17: 00000000845c2284 x16: fff00000c097583c x15: fff00000ff616b08 [ 96.705505] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: fffd80001968862c [ 96.706257] x11: 1ffe00001968862b x10: fffd80001968862b x9 : ffffabf269819a60 [ 96.706993] x8 : ffff800080f77c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.707799] x5 : ffff7000101eefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.708775] x2 : dfff800000000000 x1 : fff00000cb442880 x0 : ffff800080087990 [ 96.709197] Call trace: [ 96.709359] kunit_test_null_dereference+0x70/0x170 (P) [ 96.709606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.709844] kthread+0x328/0x630 [ 96.710024] ret_from_fork+0x10/0x20 [ 96.710457] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.711093] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 53.296529] ================================================================== [ 53.296603] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 53.296603] [ 53.296681] Use-after-free read at 0x0000000012e1d9f1 (in kfence-#153): [ 53.296732] test_krealloc+0x51c/0x830 [ 53.296776] kunit_try_run_case+0x170/0x3f0 [ 53.296820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.296865] kthread+0x328/0x630 [ 53.296905] ret_from_fork+0x10/0x20 [ 53.296945] [ 53.296969] kfence-#153: 0x0000000012e1d9f1-0x00000000567a45a8, size=32, cache=kmalloc-32 [ 53.296969] [ 53.297025] allocated by task 337 on cpu 1 at 53.295905s (0.001116s ago): [ 53.297090] test_alloc+0x29c/0x628 [ 53.297131] test_krealloc+0xc0/0x830 [ 53.297186] kunit_try_run_case+0x170/0x3f0 [ 53.297226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.297270] kthread+0x328/0x630 [ 53.297305] ret_from_fork+0x10/0x20 [ 53.297344] [ 53.297366] freed by task 337 on cpu 1 at 53.296122s (0.001241s ago): [ 53.297428] krealloc_noprof+0x148/0x360 [ 53.297468] test_krealloc+0x1dc/0x830 [ 53.297508] kunit_try_run_case+0x170/0x3f0 [ 53.297548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.297593] kthread+0x328/0x630 [ 53.297628] ret_from_fork+0x10/0x20 [ 53.297667] [ 53.297708] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 53.297783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.297812] Hardware name: linux,dummy-virt (DT) [ 53.297848] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 53.204371] ================================================================== [ 53.204470] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.204470] [ 53.204565] Use-after-free read at 0x00000000f80ddb99 (in kfence-#152): [ 53.204620] test_memcache_typesafe_by_rcu+0x280/0x560 [ 53.204669] kunit_try_run_case+0x170/0x3f0 [ 53.204713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.204759] kthread+0x328/0x630 [ 53.204796] ret_from_fork+0x10/0x20 [ 53.204835] [ 53.204859] kfence-#152: 0x00000000f80ddb99-0x000000008287a69f, size=32, cache=test [ 53.204859] [ 53.204912] allocated by task 335 on cpu 0 at 53.192260s (0.012648s ago): [ 53.204981] test_alloc+0x230/0x628 [ 53.205022] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 53.205064] kunit_try_run_case+0x170/0x3f0 [ 53.205105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.205147] kthread+0x328/0x630 [ 53.205201] ret_from_fork+0x10/0x20 [ 53.205238] [ 53.205261] freed by task 335 on cpu 0 at 53.192372s (0.012886s ago): [ 53.205318] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 53.205363] kunit_try_run_case+0x170/0x3f0 [ 53.205403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 53.205445] kthread+0x328/0x630 [ 53.205481] ret_from_fork+0x10/0x20 [ 53.205518] [ 53.205563] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 53.205639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 53.205669] Hardware name: linux,dummy-virt (DT) [ 53.205704] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 30.128200] ================================================================== [ 30.128345] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 30.128345] [ 30.128443] Invalid read at 0x00000000c093632f: [ 30.128738] test_invalid_access+0xdc/0x1f0 [ 30.129700] kunit_try_run_case+0x170/0x3f0 [ 30.130062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.130142] kthread+0x328/0x630 [ 30.130208] ret_from_fork+0x10/0x20 [ 30.130444] [ 30.130538] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 30.130730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.130970] Hardware name: linux,dummy-virt (DT) [ 30.131291] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 29.896205] ================================================================== [ 29.896302] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.896302] [ 29.896366] Corrupted memory at 0x00000000bd2424a7 [ ! . . . . . . . . . . . . . . . ] (in kfence-#148): [ 29.896675] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.896724] kunit_try_run_case+0x170/0x3f0 [ 29.896767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.896812] kthread+0x328/0x630 [ 29.896851] ret_from_fork+0x10/0x20 [ 29.896891] [ 29.896915] kfence-#148: 0x0000000032b1cf8a-0x000000008b6ff2d8, size=73, cache=kmalloc-96 [ 29.896915] [ 29.896970] allocated by task 325 on cpu 1 at 29.895956s (0.001010s ago): [ 29.897032] test_alloc+0x29c/0x628 [ 29.897073] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 29.897117] kunit_try_run_case+0x170/0x3f0 [ 29.897167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.897212] kthread+0x328/0x630 [ 29.897250] ret_from_fork+0x10/0x20 [ 29.897288] [ 29.897311] freed by task 325 on cpu 1 at 29.896100s (0.001207s ago): [ 29.897373] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.897417] kunit_try_run_case+0x170/0x3f0 [ 29.897455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.897499] kthread+0x328/0x630 [ 29.897537] ret_from_fork+0x10/0x20 [ 29.897575] [ 29.897620] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 29.897701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.897731] Hardware name: linux,dummy-virt (DT) [ 29.897765] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.584106] ================================================================== [ 29.584200] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.584200] [ 29.584293] Out-of-bounds read at 0x00000000ddde0e49 (105B right of kfence-#145): [ 29.584354] test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.584403] kunit_try_run_case+0x170/0x3f0 [ 29.584447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.584493] kthread+0x328/0x630 [ 29.584532] ret_from_fork+0x10/0x20 [ 29.584572] [ 29.584596] kfence-#145: 0x000000002d702812-0x00000000dc8976a3, size=73, cache=kmalloc-96 [ 29.584596] [ 29.584650] allocated by task 323 on cpu 1 at 29.583881s (0.000765s ago): [ 29.584720] test_alloc+0x29c/0x628 [ 29.584761] test_kmalloc_aligned_oob_read+0x100/0x468 [ 29.584805] kunit_try_run_case+0x170/0x3f0 [ 29.584845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.584889] kthread+0x328/0x630 [ 29.584925] ret_from_fork+0x10/0x20 [ 29.584966] [ 29.585011] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 29.585093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.585123] Hardware name: linux,dummy-virt (DT) [ 29.585168] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.074921] ================================================================== [ 24.075026] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.075026] [ 24.075590] Corrupted memory at 0x00000000beb8f5fa [ ! . . . . . . . . . . . . . . . ] (in kfence-#92): [ 24.082029] test_corruption+0x278/0x378 [ 24.082265] kunit_try_run_case+0x170/0x3f0 [ 24.082541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.082799] kthread+0x328/0x630 [ 24.082941] ret_from_fork+0x10/0x20 [ 24.083476] [ 24.083807] kfence-#92: 0x000000005dc5e2c6-0x00000000c743b721, size=32, cache=kmalloc-32 [ 24.083807] [ 24.084069] allocated by task 311 on cpu 0 at 24.073624s (0.010388s ago): [ 24.084190] test_alloc+0x29c/0x628 [ 24.084323] test_corruption+0xdc/0x378 [ 24.084530] kunit_try_run_case+0x170/0x3f0 [ 24.084641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.084798] kthread+0x328/0x630 [ 24.085011] ret_from_fork+0x10/0x20 [ 24.085200] [ 24.085229] freed by task 311 on cpu 0 at 24.073973s (0.011252s ago): [ 24.085744] test_corruption+0x278/0x378 [ 24.085854] kunit_try_run_case+0x170/0x3f0 [ 24.086104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.086306] kthread+0x328/0x630 [ 24.086510] ret_from_fork+0x10/0x20 [ 24.086613] [ 24.086781] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.087062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.087225] Hardware name: linux,dummy-virt (DT) [ 24.087268] ================================================================== [ 24.384331] ================================================================== [ 24.384429] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.384429] [ 24.384491] Corrupted memory at 0x0000000031e1a4e6 [ ! ] (in kfence-#95): [ 24.384621] test_corruption+0x284/0x378 [ 24.384670] kunit_try_run_case+0x170/0x3f0 [ 24.384713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.384757] kthread+0x328/0x630 [ 24.384796] ret_from_fork+0x10/0x20 [ 24.384838] [ 24.384861] kfence-#95: 0x00000000e9862e77-0x00000000378f7e0f, size=32, cache=kmalloc-32 [ 24.384861] [ 24.384918] allocated by task 311 on cpu 0 at 24.384042s (0.000873s ago): [ 24.384980] test_alloc+0x29c/0x628 [ 24.385020] test_corruption+0x198/0x378 [ 24.385061] kunit_try_run_case+0x170/0x3f0 [ 24.385099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.385143] kthread+0x328/0x630 [ 24.385194] ret_from_fork+0x10/0x20 [ 24.385232] [ 24.385255] freed by task 311 on cpu 0 at 24.384143s (0.001108s ago): [ 24.385316] test_corruption+0x284/0x378 [ 24.385356] kunit_try_run_case+0x170/0x3f0 [ 24.385408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.385454] kthread+0x328/0x630 [ 24.385492] ret_from_fork+0x10/0x20 [ 24.385530] [ 24.385572] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.385651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.385679] Hardware name: linux,dummy-virt (DT) [ 24.385713] ================================================================== [ 24.592108] ================================================================== [ 24.592205] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.592205] [ 24.592265] Corrupted memory at 0x000000003f8792ae [ ! ] (in kfence-#97): [ 24.592378] test_corruption+0x1d8/0x378 [ 24.592424] kunit_try_run_case+0x170/0x3f0 [ 24.592466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.592511] kthread+0x328/0x630 [ 24.592550] ret_from_fork+0x10/0x20 [ 24.592589] [ 24.592612] kfence-#97: 0x00000000b86b48cb-0x000000007c3414cb, size=32, cache=test [ 24.592612] [ 24.592666] allocated by task 313 on cpu 1 at 24.591974s (0.000688s ago): [ 24.592727] test_alloc+0x230/0x628 [ 24.592768] test_corruption+0x198/0x378 [ 24.592808] kunit_try_run_case+0x170/0x3f0 [ 24.592846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.592890] kthread+0x328/0x630 [ 24.592925] ret_from_fork+0x10/0x20 [ 24.592964] [ 24.592987] freed by task 313 on cpu 1 at 24.592029s (0.000954s ago): [ 24.593047] test_corruption+0x1d8/0x378 [ 24.593086] kunit_try_run_case+0x170/0x3f0 [ 24.593126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.593179] kthread+0x328/0x630 [ 24.593214] ret_from_fork+0x10/0x20 [ 24.593254] [ 24.593293] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.593366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.593396] Hardware name: linux,dummy-virt (DT) [ 24.593429] ================================================================== [ 24.488053] ================================================================== [ 24.488140] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.488140] [ 24.488219] Corrupted memory at 0x00000000df6bf333 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 24.488530] test_corruption+0x120/0x378 [ 24.488578] kunit_try_run_case+0x170/0x3f0 [ 24.488624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.488669] kthread+0x328/0x630 [ 24.488709] ret_from_fork+0x10/0x20 [ 24.488751] [ 24.488773] kfence-#96: 0x0000000053055db7-0x00000000636f9fa4, size=32, cache=test [ 24.488773] [ 24.488828] allocated by task 313 on cpu 1 at 24.487900s (0.000925s ago): [ 24.488892] test_alloc+0x230/0x628 [ 24.488933] test_corruption+0xdc/0x378 [ 24.488974] kunit_try_run_case+0x170/0x3f0 [ 24.489015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.489058] kthread+0x328/0x630 [ 24.489094] ret_from_fork+0x10/0x20 [ 24.489133] [ 24.489169] freed by task 313 on cpu 1 at 24.487966s (0.001187s ago): [ 24.489232] test_corruption+0x120/0x378 [ 24.489273] kunit_try_run_case+0x170/0x3f0 [ 24.489313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.489358] kthread+0x328/0x630 [ 24.489394] ret_from_fork+0x10/0x20 [ 24.489433] [ 24.489478] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.489554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.489582] Hardware name: linux,dummy-virt (DT) [ 24.489616] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.866794] ================================================================== [ 23.866870] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.866870] [ 23.866931] Invalid free of 0x00000000c05b39f5 (in kfence-#90): [ 23.866982] test_invalid_addr_free+0x1ac/0x238 [ 23.867031] kunit_try_run_case+0x170/0x3f0 [ 23.867074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.867118] kthread+0x328/0x630 [ 23.867175] ret_from_fork+0x10/0x20 [ 23.867217] [ 23.867240] kfence-#90: 0x00000000fbf160db-0x0000000085ffd3eb, size=32, cache=kmalloc-32 [ 23.867240] [ 23.867296] allocated by task 307 on cpu 0 at 23.866655s (0.000637s ago): [ 23.867358] test_alloc+0x29c/0x628 [ 23.867399] test_invalid_addr_free+0xd4/0x238 [ 23.867441] kunit_try_run_case+0x170/0x3f0 [ 23.867481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.867556] kthread+0x328/0x630 [ 23.867846] ret_from_fork+0x10/0x20 [ 23.867924] [ 23.868325] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.868608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.868756] Hardware name: linux,dummy-virt (DT) [ 23.868948] ================================================================== [ 23.969285] ================================================================== [ 23.969359] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.969359] [ 23.969413] Invalid free of 0x000000002482c12f (in kfence-#91): [ 23.969464] test_invalid_addr_free+0xec/0x238 [ 23.969509] kunit_try_run_case+0x170/0x3f0 [ 23.969551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.969596] kthread+0x328/0x630 [ 23.969633] ret_from_fork+0x10/0x20 [ 23.969687] [ 23.969710] kfence-#91: 0x000000002d98e22f-0x00000000f269189e, size=32, cache=test [ 23.969710] [ 23.969773] allocated by task 309 on cpu 0 at 23.969145s (0.000615s ago): [ 23.969837] test_alloc+0x230/0x628 [ 23.969876] test_invalid_addr_free+0xd4/0x238 [ 23.969917] kunit_try_run_case+0x170/0x3f0 [ 23.969955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.970008] kthread+0x328/0x630 [ 23.970057] ret_from_fork+0x10/0x20 [ 23.970098] [ 23.970139] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.970231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.970259] Hardware name: linux,dummy-virt (DT) [ 23.970304] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.760744] ================================================================== [ 23.760860] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.760860] [ 23.760915] Invalid free of 0x000000008f2db779 (in kfence-#89): [ 23.761246] test_double_free+0x100/0x238 [ 23.761341] kunit_try_run_case+0x170/0x3f0 [ 23.761447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.761491] kthread+0x328/0x630 [ 23.761584] ret_from_fork+0x10/0x20 [ 23.761631] [ 23.761696] kfence-#89: 0x000000008f2db779-0x000000007a92b8db, size=32, cache=test [ 23.761696] [ 23.761751] allocated by task 305 on cpu 0 at 23.760255s (0.001493s ago): [ 23.761821] test_alloc+0x230/0x628 [ 23.761907] test_double_free+0xd4/0x238 [ 23.762063] kunit_try_run_case+0x170/0x3f0 [ 23.762107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.762274] kthread+0x328/0x630 [ 23.762391] ret_from_fork+0x10/0x20 [ 23.762478] [ 23.762573] freed by task 305 on cpu 0 at 23.760313s (0.002203s ago): [ 23.762678] test_double_free+0xf0/0x238 [ 23.762754] kunit_try_run_case+0x170/0x3f0 [ 23.762796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.762840] kthread+0x328/0x630 [ 23.762874] ret_from_fork+0x10/0x20 [ 23.762920] [ 23.763088] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.763338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.763372] Hardware name: linux,dummy-virt (DT) [ 23.763408] ================================================================== [ 23.656960] ================================================================== [ 23.657060] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.657060] [ 23.657304] Invalid free of 0x0000000031b744e2 (in kfence-#88): [ 23.657403] test_double_free+0x1bc/0x238 [ 23.657455] kunit_try_run_case+0x170/0x3f0 [ 23.657501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.657560] kthread+0x328/0x630 [ 23.657606] ret_from_fork+0x10/0x20 [ 23.657646] [ 23.657696] kfence-#88: 0x0000000031b744e2-0x00000000d46bb556, size=32, cache=kmalloc-32 [ 23.657696] [ 23.657754] allocated by task 303 on cpu 0 at 23.656682s (0.001068s ago): [ 23.657902] test_alloc+0x29c/0x628 [ 23.657953] test_double_free+0xd4/0x238 [ 23.658022] kunit_try_run_case+0x170/0x3f0 [ 23.658067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.658121] kthread+0x328/0x630 [ 23.658175] ret_from_fork+0x10/0x20 [ 23.658392] [ 23.658451] freed by task 303 on cpu 0 at 23.656744s (0.001702s ago): [ 23.658545] test_double_free+0x1ac/0x238 [ 23.658661] kunit_try_run_case+0x170/0x3f0 [ 23.658918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.659029] kthread+0x328/0x630 [ 23.659105] ret_from_fork+0x10/0x20 [ 23.659147] [ 23.659250] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.659394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.659505] Hardware name: linux,dummy-virt (DT) [ 23.659588] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.346105] ================================================================== [ 23.346206] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.346206] [ 23.346289] Use-after-free read at 0x000000006cb98fe6 (in kfence-#85): [ 23.346347] test_use_after_free_read+0x114/0x248 [ 23.346395] kunit_try_run_case+0x170/0x3f0 [ 23.346441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.346494] kthread+0x328/0x630 [ 23.346536] ret_from_fork+0x10/0x20 [ 23.346578] [ 23.346601] kfence-#85: 0x000000006cb98fe6-0x00000000272bd303, size=32, cache=test [ 23.346601] [ 23.346664] allocated by task 297 on cpu 0 at 23.345824s (0.000835s ago): [ 23.346734] test_alloc+0x230/0x628 [ 23.346785] test_use_after_free_read+0xd0/0x248 [ 23.346831] kunit_try_run_case+0x170/0x3f0 [ 23.346878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.346927] kthread+0x328/0x630 [ 23.346963] ret_from_fork+0x10/0x20 [ 23.347007] [ 23.347031] freed by task 297 on cpu 0 at 23.345890s (0.001137s ago): [ 23.347130] test_use_after_free_read+0xf0/0x248 [ 23.347211] kunit_try_run_case+0x170/0x3f0 [ 23.347251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.347294] kthread+0x328/0x630 [ 23.347331] ret_from_fork+0x10/0x20 [ 23.347369] [ 23.347411] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.347498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.347526] Hardware name: linux,dummy-virt (DT) [ 23.347583] ================================================================== [ 23.241217] ================================================================== [ 23.241299] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.241299] [ 23.241425] Use-after-free read at 0x00000000fab6fab3 (in kfence-#84): [ 23.241793] test_use_after_free_read+0x114/0x248 [ 23.241863] kunit_try_run_case+0x170/0x3f0 [ 23.241911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.241956] kthread+0x328/0x630 [ 23.242266] ret_from_fork+0x10/0x20 [ 23.242335] [ 23.242361] kfence-#84: 0x00000000fab6fab3-0x0000000068bb32da, size=32, cache=kmalloc-32 [ 23.242361] [ 23.242492] allocated by task 295 on cpu 0 at 23.240181s (0.002279s ago): [ 23.242568] test_alloc+0x29c/0x628 [ 23.242641] test_use_after_free_read+0xd0/0x248 [ 23.242721] kunit_try_run_case+0x170/0x3f0 [ 23.242765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.242819] kthread+0x328/0x630 [ 23.242856] ret_from_fork+0x10/0x20 [ 23.243108] [ 23.243150] freed by task 295 on cpu 0 at 23.240240s (0.002904s ago): [ 23.243235] test_use_after_free_read+0x1c0/0x248 [ 23.243280] kunit_try_run_case+0x170/0x3f0 [ 23.243547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.243684] kthread+0x328/0x630 [ 23.243852] ret_from_fork+0x10/0x20 [ 23.244056] [ 23.244277] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.244408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.244436] Hardware name: linux,dummy-virt (DT) [ 23.244478] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.033590] ================================================================== [ 23.033902] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.033902] [ 23.034013] Out-of-bounds write at 0x000000009e849406 (1B left of kfence-#82): [ 23.034214] test_out_of_bounds_write+0x100/0x240 [ 23.034282] kunit_try_run_case+0x170/0x3f0 [ 23.034522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.034586] kthread+0x328/0x630 [ 23.034629] ret_from_fork+0x10/0x20 [ 23.034676] [ 23.034805] kfence-#82: 0x00000000c269dfe6-0x00000000954aac20, size=32, cache=kmalloc-32 [ 23.034805] [ 23.034997] allocated by task 291 on cpu 0 at 23.033078s (0.001911s ago): [ 23.035394] test_alloc+0x29c/0x628 [ 23.035468] test_out_of_bounds_write+0xc8/0x240 [ 23.035617] kunit_try_run_case+0x170/0x3f0 [ 23.035663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.035708] kthread+0x328/0x630 [ 23.036008] ret_from_fork+0x10/0x20 [ 23.036213] [ 23.036364] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.036608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.036732] Hardware name: linux,dummy-virt (DT) [ 23.036816] ================================================================== [ 23.136799] ================================================================== [ 23.136874] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.136874] [ 23.136953] Out-of-bounds write at 0x000000003295f3c1 (1B left of kfence-#83): [ 23.137006] test_out_of_bounds_write+0x100/0x240 [ 23.137054] kunit_try_run_case+0x170/0x3f0 [ 23.137098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.137142] kthread+0x328/0x630 [ 23.137194] ret_from_fork+0x10/0x20 [ 23.137233] [ 23.137257] kfence-#83: 0x000000006ea2d877-0x000000001884d0a6, size=32, cache=test [ 23.137257] [ 23.137329] allocated by task 293 on cpu 0 at 23.136722s (0.000585s ago): [ 23.137411] test_alloc+0x230/0x628 [ 23.137461] test_out_of_bounds_write+0xc8/0x240 [ 23.137514] kunit_try_run_case+0x170/0x3f0 [ 23.137554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.137597] kthread+0x328/0x630 [ 23.137642] ret_from_fork+0x10/0x20 [ 23.137692] [ 23.137933] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.138015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.138054] Hardware name: linux,dummy-virt (DT) [ 23.138199] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.513298] ================================================================== [ 22.513402] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.513402] [ 22.513855] Out-of-bounds read at 0x0000000063ddcda8 (1B left of kfence-#77): [ 22.514300] test_out_of_bounds_read+0x114/0x3e0 [ 22.514406] kunit_try_run_case+0x170/0x3f0 [ 22.514464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.514652] kthread+0x328/0x630 [ 22.514721] ret_from_fork+0x10/0x20 [ 22.514762] [ 22.514926] kfence-#77: 0x00000000af33d86b-0x00000000cb1ba04b, size=32, cache=kmalloc-32 [ 22.514926] [ 22.514998] allocated by task 287 on cpu 0 at 22.512966s (0.002028s ago): [ 22.515512] test_alloc+0x29c/0x628 [ 22.515644] test_out_of_bounds_read+0xdc/0x3e0 [ 22.515935] kunit_try_run_case+0x170/0x3f0 [ 22.516002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.516098] kthread+0x328/0x630 [ 22.516168] ret_from_fork+0x10/0x20 [ 22.516270] [ 22.516339] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.516421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.516979] Hardware name: linux,dummy-virt (DT) [ 22.517031] ================================================================== [ 22.721245] ================================================================== [ 22.721406] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.721406] [ 22.721490] Out-of-bounds read at 0x00000000c22583b7 (1B left of kfence-#79): [ 22.721788] test_out_of_bounds_read+0x114/0x3e0 [ 22.721920] kunit_try_run_case+0x170/0x3f0 [ 22.722054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.722218] kthread+0x328/0x630 [ 22.722670] ret_from_fork+0x10/0x20 [ 22.722737] [ 22.722806] kfence-#79: 0x00000000f719cbef-0x000000006bf228a7, size=32, cache=test [ 22.722806] [ 22.722922] allocated by task 289 on cpu 0 at 22.721134s (0.001725s ago): [ 22.723114] test_alloc+0x230/0x628 [ 22.723230] test_out_of_bounds_read+0xdc/0x3e0 [ 22.723278] kunit_try_run_case+0x170/0x3f0 [ 22.723336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.723799] kthread+0x328/0x630 [ 22.723995] ret_from_fork+0x10/0x20 [ 22.724203] [ 22.724258] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.724507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.724694] Hardware name: linux,dummy-virt (DT) [ 22.724750] ================================================================== [ 22.616819] ================================================================== [ 22.616934] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.616934] [ 22.617028] Out-of-bounds read at 0x00000000a73d91c3 (32B right of kfence-#78): [ 22.617113] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.617184] kunit_try_run_case+0x170/0x3f0 [ 22.617230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.617274] kthread+0x328/0x630 [ 22.617311] ret_from_fork+0x10/0x20 [ 22.617391] [ 22.617418] kfence-#78: 0x000000000e2f53a9-0x00000000687ab893, size=32, cache=kmalloc-32 [ 22.617418] [ 22.617504] allocated by task 287 on cpu 0 at 22.616532s (0.000941s ago): [ 22.617571] test_alloc+0x29c/0x628 [ 22.617612] test_out_of_bounds_read+0x198/0x3e0 [ 22.617859] kunit_try_run_case+0x170/0x3f0 [ 22.617984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.618069] kthread+0x328/0x630 [ 22.618108] ret_from_fork+0x10/0x20 [ 22.618174] [ 22.618239] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.618344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.618375] Hardware name: linux,dummy-virt (DT) [ 22.618645] ================================================================== [ 22.930176] ================================================================== [ 22.930466] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.930466] [ 22.930815] Out-of-bounds read at 0x000000002fc09ace (32B right of kfence-#81): [ 22.931368] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.931447] kunit_try_run_case+0x170/0x3f0 [ 22.931533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.931585] kthread+0x328/0x630 [ 22.931626] ret_from_fork+0x10/0x20 [ 22.931687] [ 22.931713] kfence-#81: 0x000000005a432ffe-0x00000000e7be109f, size=32, cache=test [ 22.931713] [ 22.932001] allocated by task 289 on cpu 0 at 22.929829s (0.002167s ago): [ 22.932126] test_alloc+0x230/0x628 [ 22.932587] test_out_of_bounds_read+0x198/0x3e0 [ 22.932783] kunit_try_run_case+0x170/0x3f0 [ 22.932962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.933128] kthread+0x328/0x630 [ 22.933313] ret_from_fork+0x10/0x20 [ 22.933358] [ 22.933419] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.933826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.933947] Hardware name: linux,dummy-virt (DT) [ 22.934022] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-workqueue_uaf
[ 19.778109] ================================================================== [ 19.778212] BUG: KFENCE: use-after-free read in workqueue_uaf+0x270/0x4a8 [ 19.778212] [ 19.778288] Use-after-free read at 0x00000000b61e4c14 (in kfence-#59): [ 19.778470] workqueue_uaf+0x270/0x4a8 [ 19.778510] kunit_try_run_case+0x170/0x3f0 [ 19.778551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.778596] kthread+0x328/0x630 [ 19.779007] ret_from_fork+0x10/0x20 [ 19.779272] [ 19.780040] kfence-#59: 0x00000000b61e4c14-0x000000007f06e0df, size=32, cache=kmalloc-32 [ 19.780040] [ 19.780375] allocated by task 200 on cpu 1 at 19.771481s (0.008833s ago): [ 19.781146] workqueue_uaf+0x13c/0x4a8 [ 19.781220] kunit_try_run_case+0x170/0x3f0 [ 19.781260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.781666] kthread+0x328/0x630 [ 19.781733] ret_from_fork+0x10/0x20 [ 19.781882] [ 19.782215] freed by task 48 on cpu 1 at 19.771707s (0.010297s ago): [ 19.782519] workqueue_uaf_work+0x18/0x30 [ 19.782566] process_one_work+0x530/0xf98 [ 19.782918] worker_thread+0x618/0xf38 [ 19.783048] kthread+0x328/0x630 [ 19.783080] ret_from_fork+0x10/0x20 [ 19.783142] [ 19.783228] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.783472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.783543] Hardware name: linux,dummy-virt (DT) [ 19.783586] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.334376] ================================================================== [ 22.334436] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 22.334492] Write of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.334728] [ 22.334764] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.334846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.334879] Hardware name: linux,dummy-virt (DT) [ 22.334947] Call trace: [ 22.334974] show_stack+0x20/0x38 (C) [ 22.335189] dump_stack_lvl+0x8c/0xd0 [ 22.335283] print_report+0x118/0x608 [ 22.335334] kasan_report+0xdc/0x128 [ 22.335411] kasan_check_range+0x100/0x1a8 [ 22.335461] __kasan_check_write+0x20/0x30 [ 22.335616] strncpy_from_user+0x3c/0x2a0 [ 22.335667] copy_user_test_oob+0x5c0/0xec8 [ 22.335717] kunit_try_run_case+0x170/0x3f0 [ 22.335887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.335974] kthread+0x328/0x630 [ 22.336090] ret_from_fork+0x10/0x20 [ 22.336285] [ 22.336307] Allocated by task 285: [ 22.336382] kasan_save_stack+0x3c/0x68 [ 22.336461] kasan_save_track+0x20/0x40 [ 22.336503] kasan_save_alloc_info+0x40/0x58 [ 22.336544] __kasan_kmalloc+0xd4/0xd8 [ 22.336732] __kmalloc_noprof+0x198/0x4c8 [ 22.336824] kunit_kmalloc_array+0x34/0x88 [ 22.336938] copy_user_test_oob+0xac/0xec8 [ 22.337121] kunit_try_run_case+0x170/0x3f0 [ 22.337246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.337294] kthread+0x328/0x630 [ 22.337327] ret_from_fork+0x10/0x20 [ 22.337574] [ 22.337689] The buggy address belongs to the object at fff00000c63b9300 [ 22.337689] which belongs to the cache kmalloc-128 of size 128 [ 22.337832] The buggy address is located 0 bytes inside of [ 22.337832] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.337993] [ 22.338383] The buggy address belongs to the physical page: [ 22.338482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.338633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.338713] page_type: f5(slab) [ 22.338846] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.338929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.338972] page dumped because: kasan: bad access detected [ 22.339006] [ 22.339529] Memory state around the buggy address: [ 22.339729] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.339826] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.339932] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.340303] ^ [ 22.340410] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.340459] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.340524] ================================================================== [ 22.341366] ================================================================== [ 22.341447] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 22.341534] Write of size 1 at addr fff00000c63b9378 by task kunit_try_catch/285 [ 22.341589] [ 22.341627] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.341711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.341740] Hardware name: linux,dummy-virt (DT) [ 22.341772] Call trace: [ 22.341927] show_stack+0x20/0x38 (C) [ 22.342043] dump_stack_lvl+0x8c/0xd0 [ 22.342137] print_report+0x118/0x608 [ 22.342238] kasan_report+0xdc/0x128 [ 22.342286] __asan_report_store1_noabort+0x20/0x30 [ 22.342338] strncpy_from_user+0x270/0x2a0 [ 22.342544] copy_user_test_oob+0x5c0/0xec8 [ 22.342646] kunit_try_run_case+0x170/0x3f0 [ 22.342698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.342797] kthread+0x328/0x630 [ 22.342840] ret_from_fork+0x10/0x20 [ 22.342920] [ 22.342981] Allocated by task 285: [ 22.343013] kasan_save_stack+0x3c/0x68 [ 22.343056] kasan_save_track+0x20/0x40 [ 22.343125] kasan_save_alloc_info+0x40/0x58 [ 22.343270] __kasan_kmalloc+0xd4/0xd8 [ 22.343315] __kmalloc_noprof+0x198/0x4c8 [ 22.343468] kunit_kmalloc_array+0x34/0x88 [ 22.343701] copy_user_test_oob+0xac/0xec8 [ 22.343902] kunit_try_run_case+0x170/0x3f0 [ 22.343966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.344035] kthread+0x328/0x630 [ 22.344079] ret_from_fork+0x10/0x20 [ 22.344139] [ 22.344188] The buggy address belongs to the object at fff00000c63b9300 [ 22.344188] which belongs to the cache kmalloc-128 of size 128 [ 22.344259] The buggy address is located 0 bytes to the right of [ 22.344259] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.344337] [ 22.344358] The buggy address belongs to the physical page: [ 22.344393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.344468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.344520] page_type: f5(slab) [ 22.344592] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.344876] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.345066] page dumped because: kasan: bad access detected [ 22.345172] [ 22.345262] Memory state around the buggy address: [ 22.345430] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.345517] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.345617] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.345676] ^ [ 22.345721] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.345765] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.345806] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 22.324274] ================================================================== [ 22.324454] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 22.324573] Write of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.324635] [ 22.324669] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.324836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.324895] Hardware name: linux,dummy-virt (DT) [ 22.324933] Call trace: [ 22.324957] show_stack+0x20/0x38 (C) [ 22.325014] dump_stack_lvl+0x8c/0xd0 [ 22.325064] print_report+0x118/0x608 [ 22.325114] kasan_report+0xdc/0x128 [ 22.325351] kasan_check_range+0x100/0x1a8 [ 22.325608] __kasan_check_write+0x20/0x30 [ 22.325672] copy_user_test_oob+0x434/0xec8 [ 22.325970] kunit_try_run_case+0x170/0x3f0 [ 22.326033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.326088] kthread+0x328/0x630 [ 22.326131] ret_from_fork+0x10/0x20 [ 22.326195] [ 22.326274] Allocated by task 285: [ 22.326329] kasan_save_stack+0x3c/0x68 [ 22.326401] kasan_save_track+0x20/0x40 [ 22.326493] kasan_save_alloc_info+0x40/0x58 [ 22.326536] __kasan_kmalloc+0xd4/0xd8 [ 22.326576] __kmalloc_noprof+0x198/0x4c8 [ 22.326652] kunit_kmalloc_array+0x34/0x88 [ 22.326729] copy_user_test_oob+0xac/0xec8 [ 22.326795] kunit_try_run_case+0x170/0x3f0 [ 22.326837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.326894] kthread+0x328/0x630 [ 22.326928] ret_from_fork+0x10/0x20 [ 22.326967] [ 22.326988] The buggy address belongs to the object at fff00000c63b9300 [ 22.326988] which belongs to the cache kmalloc-128 of size 128 [ 22.327050] The buggy address is located 0 bytes inside of [ 22.327050] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.327115] [ 22.327136] The buggy address belongs to the physical page: [ 22.327343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.327430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.327638] page_type: f5(slab) [ 22.327693] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.327749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.327793] page dumped because: kasan: bad access detected [ 22.327855] [ 22.327891] Memory state around the buggy address: [ 22.327976] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.328085] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.328258] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.328376] ^ [ 22.328493] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.328560] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.328628] ================================================================== [ 22.318434] ================================================================== [ 22.318548] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 22.318600] Read of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.318674] [ 22.318944] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.319052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.319090] Hardware name: linux,dummy-virt (DT) [ 22.319138] Call trace: [ 22.319174] show_stack+0x20/0x38 (C) [ 22.319225] dump_stack_lvl+0x8c/0xd0 [ 22.319278] print_report+0x118/0x608 [ 22.319445] kasan_report+0xdc/0x128 [ 22.319642] kasan_check_range+0x100/0x1a8 [ 22.319842] __kasan_check_read+0x20/0x30 [ 22.319925] copy_user_test_oob+0x3c8/0xec8 [ 22.320255] kunit_try_run_case+0x170/0x3f0 [ 22.320371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.320516] kthread+0x328/0x630 [ 22.320592] ret_from_fork+0x10/0x20 [ 22.320720] [ 22.320799] Allocated by task 285: [ 22.320909] kasan_save_stack+0x3c/0x68 [ 22.320984] kasan_save_track+0x20/0x40 [ 22.321023] kasan_save_alloc_info+0x40/0x58 [ 22.321076] __kasan_kmalloc+0xd4/0xd8 [ 22.321115] __kmalloc_noprof+0x198/0x4c8 [ 22.321424] kunit_kmalloc_array+0x34/0x88 [ 22.321546] copy_user_test_oob+0xac/0xec8 [ 22.321601] kunit_try_run_case+0x170/0x3f0 [ 22.321654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.321931] kthread+0x328/0x630 [ 22.322083] ret_from_fork+0x10/0x20 [ 22.322184] [ 22.322229] The buggy address belongs to the object at fff00000c63b9300 [ 22.322229] which belongs to the cache kmalloc-128 of size 128 [ 22.322302] The buggy address is located 0 bytes inside of [ 22.322302] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.322370] [ 22.322404] The buggy address belongs to the physical page: [ 22.322440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.322494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.322563] page_type: f5(slab) [ 22.322604] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.322666] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.322717] page dumped because: kasan: bad access detected [ 22.322761] [ 22.322787] Memory state around the buggy address: [ 22.322832] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.322899] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.322948] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.322990] ^ [ 22.323035] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.323093] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.323136] ================================================================== [ 22.329211] ================================================================== [ 22.329264] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 22.329328] Read of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.329706] [ 22.329799] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.329888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.329930] Hardware name: linux,dummy-virt (DT) [ 22.329964] Call trace: [ 22.329989] show_stack+0x20/0x38 (C) [ 22.330338] dump_stack_lvl+0x8c/0xd0 [ 22.330422] print_report+0x118/0x608 [ 22.330472] kasan_report+0xdc/0x128 [ 22.330535] kasan_check_range+0x100/0x1a8 [ 22.330587] __kasan_check_read+0x20/0x30 [ 22.330654] copy_user_test_oob+0x4a0/0xec8 [ 22.330980] kunit_try_run_case+0x170/0x3f0 [ 22.331086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.331181] kthread+0x328/0x630 [ 22.331253] ret_from_fork+0x10/0x20 [ 22.331350] [ 22.331373] Allocated by task 285: [ 22.331424] kasan_save_stack+0x3c/0x68 [ 22.331469] kasan_save_track+0x20/0x40 [ 22.331676] kasan_save_alloc_info+0x40/0x58 [ 22.331732] __kasan_kmalloc+0xd4/0xd8 [ 22.331770] __kmalloc_noprof+0x198/0x4c8 [ 22.331838] kunit_kmalloc_array+0x34/0x88 [ 22.331876] copy_user_test_oob+0xac/0xec8 [ 22.331916] kunit_try_run_case+0x170/0x3f0 [ 22.332265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.332408] kthread+0x328/0x630 [ 22.332464] ret_from_fork+0x10/0x20 [ 22.332502] [ 22.332525] The buggy address belongs to the object at fff00000c63b9300 [ 22.332525] which belongs to the cache kmalloc-128 of size 128 [ 22.332588] The buggy address is located 0 bytes inside of [ 22.332588] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.332663] [ 22.332694] The buggy address belongs to the physical page: [ 22.332742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.332819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.332877] page_type: f5(slab) [ 22.332919] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.332989] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.333039] page dumped because: kasan: bad access detected [ 22.333074] [ 22.333103] Memory state around the buggy address: [ 22.333153] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.333213] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.333260] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.333303] ^ [ 22.333348] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.333405] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.333447] ================================================================== [ 22.292955] ================================================================== [ 22.293018] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 22.295293] Read of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.295374] [ 22.295411] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.296787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.296838] Hardware name: linux,dummy-virt (DT) [ 22.296873] Call trace: [ 22.296900] show_stack+0x20/0x38 (C) [ 22.299203] dump_stack_lvl+0x8c/0xd0 [ 22.301177] print_report+0x118/0x608 [ 22.301592] kasan_report+0xdc/0x128 [ 22.302701] kasan_check_range+0x100/0x1a8 [ 22.302767] __kasan_check_read+0x20/0x30 [ 22.302816] copy_user_test_oob+0x728/0xec8 [ 22.303557] kunit_try_run_case+0x170/0x3f0 [ 22.303732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.303826] kthread+0x328/0x630 [ 22.303871] ret_from_fork+0x10/0x20 [ 22.303922] [ 22.303944] Allocated by task 285: [ 22.303975] kasan_save_stack+0x3c/0x68 [ 22.304272] kasan_save_track+0x20/0x40 [ 22.304421] kasan_save_alloc_info+0x40/0x58 [ 22.304493] __kasan_kmalloc+0xd4/0xd8 [ 22.304532] __kmalloc_noprof+0x198/0x4c8 [ 22.304838] kunit_kmalloc_array+0x34/0x88 [ 22.304964] copy_user_test_oob+0xac/0xec8 [ 22.305054] kunit_try_run_case+0x170/0x3f0 [ 22.305141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.305243] kthread+0x328/0x630 [ 22.305313] ret_from_fork+0x10/0x20 [ 22.305420] [ 22.305520] The buggy address belongs to the object at fff00000c63b9300 [ 22.305520] which belongs to the cache kmalloc-128 of size 128 [ 22.305621] The buggy address is located 0 bytes inside of [ 22.305621] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.305733] [ 22.305818] The buggy address belongs to the physical page: [ 22.305894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.305963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.306015] page_type: f5(slab) [ 22.306421] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.306505] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.306598] page dumped because: kasan: bad access detected [ 22.306633] [ 22.306654] Memory state around the buggy address: [ 22.306691] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.306739] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.306787] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.306830] ^ [ 22.306875] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.306934] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.306981] ================================================================== [ 22.276792] ================================================================== [ 22.277303] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 22.277401] Write of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.277581] [ 22.277630] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.278037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.278341] Hardware name: linux,dummy-virt (DT) [ 22.278414] Call trace: [ 22.278471] show_stack+0x20/0x38 (C) [ 22.278554] dump_stack_lvl+0x8c/0xd0 [ 22.278692] print_report+0x118/0x608 [ 22.278747] kasan_report+0xdc/0x128 [ 22.278932] kasan_check_range+0x100/0x1a8 [ 22.278986] __kasan_check_write+0x20/0x30 [ 22.279355] copy_user_test_oob+0x234/0xec8 [ 22.279428] kunit_try_run_case+0x170/0x3f0 [ 22.279535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.279733] kthread+0x328/0x630 [ 22.279787] ret_from_fork+0x10/0x20 [ 22.279866] [ 22.279894] Allocated by task 285: [ 22.280180] kasan_save_stack+0x3c/0x68 [ 22.280262] kasan_save_track+0x20/0x40 [ 22.280422] kasan_save_alloc_info+0x40/0x58 [ 22.280565] __kasan_kmalloc+0xd4/0xd8 [ 22.280630] __kmalloc_noprof+0x198/0x4c8 [ 22.280947] kunit_kmalloc_array+0x34/0x88 [ 22.281078] copy_user_test_oob+0xac/0xec8 [ 22.281449] kunit_try_run_case+0x170/0x3f0 [ 22.281823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.281913] kthread+0x328/0x630 [ 22.282350] ret_from_fork+0x10/0x20 [ 22.282458] [ 22.282538] The buggy address belongs to the object at fff00000c63b9300 [ 22.282538] which belongs to the cache kmalloc-128 of size 128 [ 22.282677] The buggy address is located 0 bytes inside of [ 22.282677] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.282778] [ 22.283178] The buggy address belongs to the physical page: [ 22.283240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.283363] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.283435] page_type: f5(slab) [ 22.283491] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.283672] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.283864] page dumped because: kasan: bad access detected [ 22.283979] [ 22.284103] Memory state around the buggy address: [ 22.284411] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.284668] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.284842] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.285000] ^ [ 22.285049] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.285120] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.285179] ================================================================== [ 22.313415] ================================================================== [ 22.313594] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 22.313688] Write of size 121 at addr fff00000c63b9300 by task kunit_try_catch/285 [ 22.313746] [ 22.313797] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.313937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.313984] Hardware name: linux,dummy-virt (DT) [ 22.314064] Call trace: [ 22.314103] show_stack+0x20/0x38 (C) [ 22.314175] dump_stack_lvl+0x8c/0xd0 [ 22.314282] print_report+0x118/0x608 [ 22.314369] kasan_report+0xdc/0x128 [ 22.314419] kasan_check_range+0x100/0x1a8 [ 22.314470] __kasan_check_write+0x20/0x30 [ 22.314516] copy_user_test_oob+0x35c/0xec8 [ 22.314565] kunit_try_run_case+0x170/0x3f0 [ 22.314618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.314674] kthread+0x328/0x630 [ 22.314726] ret_from_fork+0x10/0x20 [ 22.314776] [ 22.314797] Allocated by task 285: [ 22.314825] kasan_save_stack+0x3c/0x68 [ 22.314880] kasan_save_track+0x20/0x40 [ 22.314926] kasan_save_alloc_info+0x40/0x58 [ 22.314972] __kasan_kmalloc+0xd4/0xd8 [ 22.315015] __kmalloc_noprof+0x198/0x4c8 [ 22.315059] kunit_kmalloc_array+0x34/0x88 [ 22.315101] copy_user_test_oob+0xac/0xec8 [ 22.315151] kunit_try_run_case+0x170/0x3f0 [ 22.315502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.315641] kthread+0x328/0x630 [ 22.315754] ret_from_fork+0x10/0x20 [ 22.315815] [ 22.315837] The buggy address belongs to the object at fff00000c63b9300 [ 22.315837] which belongs to the cache kmalloc-128 of size 128 [ 22.315902] The buggy address is located 0 bytes inside of [ 22.315902] allocated 120-byte region [fff00000c63b9300, fff00000c63b9378) [ 22.315969] [ 22.316105] The buggy address belongs to the physical page: [ 22.316144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.316270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.316374] page_type: f5(slab) [ 22.316481] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.316600] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.316942] page dumped because: kasan: bad access detected [ 22.317081] [ 22.317201] Memory state around the buggy address: [ 22.317473] fff00000c63b9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.317665] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.317771] >fff00000c63b9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.317862] ^ [ 22.317920] fff00000c63b9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.317967] fff00000c63b9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.318042] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 22.225252] ================================================================== [ 22.225483] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 22.225554] Read of size 8 at addr fff00000c63b9278 by task kunit_try_catch/281 [ 22.225684] [ 22.225726] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.226003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.226177] Hardware name: linux,dummy-virt (DT) [ 22.226233] Call trace: [ 22.226362] show_stack+0x20/0x38 (C) [ 22.226423] dump_stack_lvl+0x8c/0xd0 [ 22.226519] print_report+0x118/0x608 [ 22.226572] kasan_report+0xdc/0x128 [ 22.226657] __asan_report_load8_noabort+0x20/0x30 [ 22.227137] copy_to_kernel_nofault+0x204/0x250 [ 22.227420] copy_to_kernel_nofault_oob+0x158/0x418 [ 22.227540] kunit_try_run_case+0x170/0x3f0 [ 22.227703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.227893] kthread+0x328/0x630 [ 22.227977] ret_from_fork+0x10/0x20 [ 22.228028] [ 22.228268] Allocated by task 281: [ 22.228445] kasan_save_stack+0x3c/0x68 [ 22.228646] kasan_save_track+0x20/0x40 [ 22.228805] kasan_save_alloc_info+0x40/0x58 [ 22.229004] __kasan_kmalloc+0xd4/0xd8 [ 22.229074] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.229459] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.229689] kunit_try_run_case+0x170/0x3f0 [ 22.230045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.230107] kthread+0x328/0x630 [ 22.230458] ret_from_fork+0x10/0x20 [ 22.230594] [ 22.230712] The buggy address belongs to the object at fff00000c63b9200 [ 22.230712] which belongs to the cache kmalloc-128 of size 128 [ 22.231026] The buggy address is located 0 bytes to the right of [ 22.231026] allocated 120-byte region [fff00000c63b9200, fff00000c63b9278) [ 22.231348] [ 22.231408] The buggy address belongs to the physical page: [ 22.231523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.231645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.231724] page_type: f5(slab) [ 22.232234] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.232325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.232434] page dumped because: kasan: bad access detected [ 22.232614] [ 22.232729] Memory state around the buggy address: [ 22.232767] fff00000c63b9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.232838] fff00000c63b9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.233254] >fff00000c63b9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.233494] ^ [ 22.233572] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.233635] fff00000c63b9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.233677] ================================================================== [ 22.235519] ================================================================== [ 22.235745] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 22.235835] Write of size 8 at addr fff00000c63b9278 by task kunit_try_catch/281 [ 22.236003] [ 22.236177] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.236295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.236332] Hardware name: linux,dummy-virt (DT) [ 22.236382] Call trace: [ 22.236769] show_stack+0x20/0x38 (C) [ 22.236908] dump_stack_lvl+0x8c/0xd0 [ 22.237053] print_report+0x118/0x608 [ 22.237211] kasan_report+0xdc/0x128 [ 22.237327] kasan_check_range+0x100/0x1a8 [ 22.237667] __kasan_check_write+0x20/0x30 [ 22.237839] copy_to_kernel_nofault+0x8c/0x250 [ 22.238381] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 22.238825] kunit_try_run_case+0x170/0x3f0 [ 22.238944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.239034] kthread+0x328/0x630 [ 22.239117] ret_from_fork+0x10/0x20 [ 22.239507] [ 22.239765] Allocated by task 281: [ 22.239942] kasan_save_stack+0x3c/0x68 [ 22.240022] kasan_save_track+0x20/0x40 [ 22.240061] kasan_save_alloc_info+0x40/0x58 [ 22.240111] __kasan_kmalloc+0xd4/0xd8 [ 22.240352] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.240417] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.240603] kunit_try_run_case+0x170/0x3f0 [ 22.240916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.241037] kthread+0x328/0x630 [ 22.241147] ret_from_fork+0x10/0x20 [ 22.241210] [ 22.241267] The buggy address belongs to the object at fff00000c63b9200 [ 22.241267] which belongs to the cache kmalloc-128 of size 128 [ 22.241350] The buggy address is located 0 bytes to the right of [ 22.241350] allocated 120-byte region [fff00000c63b9200, fff00000c63b9278) [ 22.241418] [ 22.241439] The buggy address belongs to the physical page: [ 22.241482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b9 [ 22.241553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.241611] page_type: f5(slab) [ 22.241652] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.241705] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.241758] page dumped because: kasan: bad access detected [ 22.241801] [ 22.241820] Memory state around the buggy address: [ 22.241862] fff00000c63b9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.241909] fff00000c63b9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.241953] >fff00000c63b9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.241995] ^ [ 22.242037] fff00000c63b9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242082] fff00000c63b9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 22.159256] ================================================================== [ 22.159676] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 22.159803] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 22.159946] [ 22.160023] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.160420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.160512] Hardware name: linux,dummy-virt (DT) [ 22.160550] Call trace: [ 22.160630] show_stack+0x20/0x38 (C) [ 22.160835] dump_stack_lvl+0x8c/0xd0 [ 22.161204] print_report+0x310/0x608 [ 22.161339] kasan_report+0xdc/0x128 [ 22.161494] __asan_report_load1_noabort+0x20/0x30 [ 22.161825] vmalloc_oob+0x578/0x5d0 [ 22.161922] kunit_try_run_case+0x170/0x3f0 [ 22.162007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.162227] kthread+0x328/0x630 [ 22.162443] ret_from_fork+0x10/0x20 [ 22.162505] [ 22.162571] The buggy address belongs to the virtual mapping at [ 22.162571] [ffff8000800fe000, ffff800080100000) created by: [ 22.162571] vmalloc_oob+0x98/0x5d0 [ 22.163000] [ 22.163120] The buggy address belongs to the physical page: [ 22.163340] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.163545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.163647] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.163734] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.163780] page dumped because: kasan: bad access detected [ 22.163815] [ 22.163837] Memory state around the buggy address: [ 22.164173] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.164354] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.164426] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.164601] ^ [ 22.164827] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.165225] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.165586] ================================================================== [ 22.170145] ================================================================== [ 22.170216] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 22.170269] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 22.170501] [ 22.170584] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.171086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.171132] Hardware name: linux,dummy-virt (DT) [ 22.171318] Call trace: [ 22.171515] show_stack+0x20/0x38 (C) [ 22.171618] dump_stack_lvl+0x8c/0xd0 [ 22.171920] print_report+0x310/0x608 [ 22.172257] kasan_report+0xdc/0x128 [ 22.172415] __asan_report_load1_noabort+0x20/0x30 [ 22.172604] vmalloc_oob+0x51c/0x5d0 [ 22.172671] kunit_try_run_case+0x170/0x3f0 [ 22.172931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.173416] kthread+0x328/0x630 [ 22.173571] ret_from_fork+0x10/0x20 [ 22.173758] [ 22.173836] The buggy address belongs to the virtual mapping at [ 22.173836] [ffff8000800fe000, ffff800080100000) created by: [ 22.173836] vmalloc_oob+0x98/0x5d0 [ 22.173936] [ 22.174283] The buggy address belongs to the physical page: [ 22.174520] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.174967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.175047] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.175252] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.175304] page dumped because: kasan: bad access detected [ 22.175339] [ 22.175360] Memory state around the buggy address: [ 22.175399] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.175849] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.176072] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.176258] ^ [ 22.176353] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.176547] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.176629] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.007909] ================================================================== [ 22.007972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 22.008060] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.008426] [ 22.008519] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.008649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.008712] Hardware name: linux,dummy-virt (DT) [ 22.008749] Call trace: [ 22.008818] show_stack+0x20/0x38 (C) [ 22.008879] dump_stack_lvl+0x8c/0xd0 [ 22.009078] print_report+0x118/0x608 [ 22.009146] kasan_report+0xdc/0x128 [ 22.009207] kasan_check_range+0x100/0x1a8 [ 22.009264] __kasan_check_write+0x20/0x30 [ 22.009310] kasan_atomics_helper+0x1058/0x4858 [ 22.009544] kasan_atomics+0x198/0x2e0 [ 22.009919] kunit_try_run_case+0x170/0x3f0 [ 22.010113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.010212] kthread+0x328/0x630 [ 22.010297] ret_from_fork+0x10/0x20 [ 22.010395] [ 22.010454] Allocated by task 265: [ 22.010487] kasan_save_stack+0x3c/0x68 [ 22.010530] kasan_save_track+0x20/0x40 [ 22.010743] kasan_save_alloc_info+0x40/0x58 [ 22.010856] __kasan_kmalloc+0xd4/0xd8 [ 22.010907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.010983] kasan_atomics+0xb8/0x2e0 [ 22.011181] kunit_try_run_case+0x170/0x3f0 [ 22.011365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.011419] kthread+0x328/0x630 [ 22.011461] ret_from_fork+0x10/0x20 [ 22.011527] [ 22.011598] The buggy address belongs to the object at fff00000c63cef80 [ 22.011598] which belongs to the cache kmalloc-64 of size 64 [ 22.011785] The buggy address is located 0 bytes to the right of [ 22.011785] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.011934] [ 22.012014] The buggy address belongs to the physical page: [ 22.012215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.012287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.012518] page_type: f5(slab) [ 22.012685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.012760] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.012812] page dumped because: kasan: bad access detected [ 22.012883] [ 22.012914] Memory state around the buggy address: [ 22.012950] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.012997] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.013042] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.013084] ^ [ 22.013129] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.013185] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.013234] ================================================================== [ 21.937530] ================================================================== [ 21.937581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 21.937632] Read of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.937686] [ 21.937718] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.938331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.938375] Hardware name: linux,dummy-virt (DT) [ 21.938407] Call trace: [ 21.938686] show_stack+0x20/0x38 (C) [ 21.938802] dump_stack_lvl+0x8c/0xd0 [ 21.938993] print_report+0x118/0x608 [ 21.939042] kasan_report+0xdc/0x128 [ 21.939280] __asan_report_load4_noabort+0x20/0x30 [ 21.939426] kasan_atomics_helper+0x3e04/0x4858 [ 21.939475] kasan_atomics+0x198/0x2e0 [ 21.939536] kunit_try_run_case+0x170/0x3f0 [ 21.939693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.939899] kthread+0x328/0x630 [ 21.940030] ret_from_fork+0x10/0x20 [ 21.940124] [ 21.940486] Allocated by task 265: [ 21.940525] kasan_save_stack+0x3c/0x68 [ 21.940573] kasan_save_track+0x20/0x40 [ 21.940613] kasan_save_alloc_info+0x40/0x58 [ 21.940656] __kasan_kmalloc+0xd4/0xd8 [ 21.940693] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.940931] kasan_atomics+0xb8/0x2e0 [ 21.941050] kunit_try_run_case+0x170/0x3f0 [ 21.941097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.941143] kthread+0x328/0x630 [ 21.941192] ret_from_fork+0x10/0x20 [ 21.941231] [ 21.941329] The buggy address belongs to the object at fff00000c63cef80 [ 21.941329] which belongs to the cache kmalloc-64 of size 64 [ 21.941419] The buggy address is located 0 bytes to the right of [ 21.941419] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.941853] [ 21.941909] The buggy address belongs to the physical page: [ 21.941946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.942005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.942056] page_type: f5(slab) [ 21.942108] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.942173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.942274] page dumped because: kasan: bad access detected [ 21.942681] [ 21.942993] Memory state around the buggy address: [ 21.943032] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.943109] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.943241] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.943318] ^ [ 21.943355] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.943465] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.943793] ================================================================== [ 22.050995] ================================================================== [ 22.051045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 22.051247] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.051374] [ 22.051408] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.051518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.051547] Hardware name: linux,dummy-virt (DT) [ 22.051580] Call trace: [ 22.051820] show_stack+0x20/0x38 (C) [ 22.051973] dump_stack_lvl+0x8c/0xd0 [ 22.052080] print_report+0x118/0x608 [ 22.052226] kasan_report+0xdc/0x128 [ 22.052341] kasan_check_range+0x100/0x1a8 [ 22.052426] __kasan_check_write+0x20/0x30 [ 22.052530] kasan_atomics_helper+0x12d8/0x4858 [ 22.052599] kasan_atomics+0x198/0x2e0 [ 22.052647] kunit_try_run_case+0x170/0x3f0 [ 22.052697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.052778] kthread+0x328/0x630 [ 22.052926] ret_from_fork+0x10/0x20 [ 22.053051] [ 22.053178] Allocated by task 265: [ 22.053242] kasan_save_stack+0x3c/0x68 [ 22.053324] kasan_save_track+0x20/0x40 [ 22.053401] kasan_save_alloc_info+0x40/0x58 [ 22.053489] __kasan_kmalloc+0xd4/0xd8 [ 22.053538] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.053580] kasan_atomics+0xb8/0x2e0 [ 22.053833] kunit_try_run_case+0x170/0x3f0 [ 22.053919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.054003] kthread+0x328/0x630 [ 22.054100] ret_from_fork+0x10/0x20 [ 22.054272] [ 22.054397] The buggy address belongs to the object at fff00000c63cef80 [ 22.054397] which belongs to the cache kmalloc-64 of size 64 [ 22.054536] The buggy address is located 0 bytes to the right of [ 22.054536] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.054605] [ 22.054629] The buggy address belongs to the physical page: [ 22.054897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.055050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.055170] page_type: f5(slab) [ 22.055438] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.055593] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.055662] page dumped because: kasan: bad access detected [ 22.055768] [ 22.055892] Memory state around the buggy address: [ 22.055946] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.056007] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.056053] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.056095] ^ [ 22.056531] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.056683] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.057026] ================================================================== [ 21.957587] ================================================================== [ 21.957830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 21.957889] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.958077] [ 21.958108] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.958222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.958249] Hardware name: linux,dummy-virt (DT) [ 21.958282] Call trace: [ 21.958305] show_stack+0x20/0x38 (C) [ 21.958354] dump_stack_lvl+0x8c/0xd0 [ 21.958963] print_report+0x118/0x608 [ 21.959021] kasan_report+0xdc/0x128 [ 21.959244] kasan_check_range+0x100/0x1a8 [ 21.959303] __kasan_check_write+0x20/0x30 [ 21.959408] kasan_atomics_helper+0xe44/0x4858 [ 21.959673] kasan_atomics+0x198/0x2e0 [ 21.959903] kunit_try_run_case+0x170/0x3f0 [ 21.960076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.960143] kthread+0x328/0x630 [ 21.960276] ret_from_fork+0x10/0x20 [ 21.960324] [ 21.960345] Allocated by task 265: [ 21.960375] kasan_save_stack+0x3c/0x68 [ 21.960417] kasan_save_track+0x20/0x40 [ 21.960557] kasan_save_alloc_info+0x40/0x58 [ 21.960615] __kasan_kmalloc+0xd4/0xd8 [ 21.960654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.960748] kasan_atomics+0xb8/0x2e0 [ 21.960788] kunit_try_run_case+0x170/0x3f0 [ 21.960828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.960914] kthread+0x328/0x630 [ 21.961088] ret_from_fork+0x10/0x20 [ 21.961225] [ 21.961249] The buggy address belongs to the object at fff00000c63cef80 [ 21.961249] which belongs to the cache kmalloc-64 of size 64 [ 21.961450] The buggy address is located 0 bytes to the right of [ 21.961450] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.961529] [ 21.961594] The buggy address belongs to the physical page: [ 21.961712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.961794] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.961878] page_type: f5(slab) [ 21.961958] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.962136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.962756] page dumped because: kasan: bad access detected [ 21.962804] [ 21.962847] Memory state around the buggy address: [ 21.962883] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.962937] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.963152] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.963358] ^ [ 21.963398] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.963682] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.963880] ================================================================== [ 22.030413] ================================================================== [ 22.030464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 22.030513] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.030565] [ 22.030597] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.030679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.030732] Hardware name: linux,dummy-virt (DT) [ 22.030775] Call trace: [ 22.030798] show_stack+0x20/0x38 (C) [ 22.030847] dump_stack_lvl+0x8c/0xd0 [ 22.030905] print_report+0x118/0x608 [ 22.030954] kasan_report+0xdc/0x128 [ 22.031014] kasan_check_range+0x100/0x1a8 [ 22.031072] __kasan_check_write+0x20/0x30 [ 22.031118] kasan_atomics_helper+0x1190/0x4858 [ 22.031983] kasan_atomics+0x198/0x2e0 [ 22.032095] kunit_try_run_case+0x170/0x3f0 [ 22.032484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.032561] kthread+0x328/0x630 [ 22.032710] ret_from_fork+0x10/0x20 [ 22.032958] [ 22.033366] Allocated by task 265: [ 22.033998] kasan_save_stack+0x3c/0x68 [ 22.036437] kasan_save_track+0x20/0x40 [ 22.036495] kasan_save_alloc_info+0x40/0x58 [ 22.036538] __kasan_kmalloc+0xd4/0xd8 [ 22.036579] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.036622] kasan_atomics+0xb8/0x2e0 [ 22.036661] kunit_try_run_case+0x170/0x3f0 [ 22.036702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.036751] kthread+0x328/0x630 [ 22.036786] ret_from_fork+0x10/0x20 [ 22.036825] [ 22.036847] The buggy address belongs to the object at fff00000c63cef80 [ 22.036847] which belongs to the cache kmalloc-64 of size 64 [ 22.036909] The buggy address is located 0 bytes to the right of [ 22.036909] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.036979] [ 22.037003] The buggy address belongs to the physical page: [ 22.037037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.037093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.037143] page_type: f5(slab) [ 22.037198] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.037252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.037295] page dumped because: kasan: bad access detected [ 22.037329] [ 22.037350] Memory state around the buggy address: [ 22.037384] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.037429] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.038812] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.039270] ^ [ 22.039546] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.039593] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.039635] ================================================================== [ 21.856016] ================================================================== [ 21.856095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 21.856242] Read of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.856303] [ 21.856333] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.856452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.856481] Hardware name: linux,dummy-virt (DT) [ 21.856549] Call trace: [ 21.856574] show_stack+0x20/0x38 (C) [ 21.856636] dump_stack_lvl+0x8c/0xd0 [ 21.856691] print_report+0x118/0x608 [ 21.856768] kasan_report+0xdc/0x128 [ 21.856826] __asan_report_load4_noabort+0x20/0x30 [ 21.856878] kasan_atomics_helper+0x42d8/0x4858 [ 21.856933] kasan_atomics+0x198/0x2e0 [ 21.856980] kunit_try_run_case+0x170/0x3f0 [ 21.857444] kasan_save_stack+0x3c/0x68 [ 21.857671] __kasan_kmalloc+0xd4/0xd8 [ 21.857756] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.857798] kasan_atomics+0xb8/0x2e0 [ 21.857835] kunit_try_run_case+0x170/0x3f0 [ 21.857994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.858147] kthread+0x328/0x630 [ 21.858281] ret_from_fork+0x10/0x20 [ 21.858388] [ 21.858438] The buggy address belongs to the object at fff00000c63cef80 [ 21.858438] which belongs to the cache kmalloc-64 of size 64 [ 21.858593] [ 21.858652] The buggy address belongs to the physical page: [ 21.858741] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.859267] [ 21.859350] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.860772] ================================================================== [ 22.098365] ================================================================== [ 22.098448] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 22.098501] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.098572] [ 22.098818] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.098945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.098982] Hardware name: linux,dummy-virt (DT) [ 22.099017] Call trace: [ 22.099074] show_stack+0x20/0x38 (C) [ 22.099127] dump_stack_lvl+0x8c/0xd0 [ 22.099254] print_report+0x118/0x608 [ 22.099330] kasan_report+0xdc/0x128 [ 22.099382] kasan_check_range+0x100/0x1a8 [ 22.099433] __kasan_check_write+0x20/0x30 [ 22.099478] kasan_atomics_helper+0x15b4/0x4858 [ 22.099527] kasan_atomics+0x198/0x2e0 [ 22.099584] kunit_try_run_case+0x170/0x3f0 [ 22.099634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.099815] kthread+0x328/0x630 [ 22.099928] ret_from_fork+0x10/0x20 [ 22.100017] [ 22.100048] Allocated by task 265: [ 22.100126] kasan_save_stack+0x3c/0x68 [ 22.100456] kasan_save_track+0x20/0x40 [ 22.100556] kasan_save_alloc_info+0x40/0x58 [ 22.100640] __kasan_kmalloc+0xd4/0xd8 [ 22.100681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.100749] kasan_atomics+0xb8/0x2e0 [ 22.100789] kunit_try_run_case+0x170/0x3f0 [ 22.100837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.100883] kthread+0x328/0x630 [ 22.100917] ret_from_fork+0x10/0x20 [ 22.100956] [ 22.100979] The buggy address belongs to the object at fff00000c63cef80 [ 22.100979] which belongs to the cache kmalloc-64 of size 64 [ 22.101050] The buggy address is located 0 bytes to the right of [ 22.101050] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.101133] [ 22.101177] The buggy address belongs to the physical page: [ 22.101222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.101278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.101346] page_type: f5(slab) [ 22.101415] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.101469] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.101527] page dumped because: kasan: bad access detected [ 22.101566] [ 22.101588] Memory state around the buggy address: [ 22.101621] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.101681] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.101732] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.101774] ^ [ 22.101816] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.101869] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.101907] ================================================================== [ 22.013507] ================================================================== [ 22.013558] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 22.013620] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.013673] [ 22.013703] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.013784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.013823] Hardware name: linux,dummy-virt (DT) [ 22.013856] Call trace: [ 22.013879] show_stack+0x20/0x38 (C) [ 22.013929] dump_stack_lvl+0x8c/0xd0 [ 22.013975] print_report+0x118/0x608 [ 22.014023] kasan_report+0xdc/0x128 [ 22.014070] kasan_check_range+0x100/0x1a8 [ 22.014119] __kasan_check_write+0x20/0x30 [ 22.014595] kasan_atomics_helper+0x10c0/0x4858 [ 22.014983] kasan_atomics+0x198/0x2e0 [ 22.015042] kunit_try_run_case+0x170/0x3f0 [ 22.015093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.015252] kthread+0x328/0x630 [ 22.015304] ret_from_fork+0x10/0x20 [ 22.015393] [ 22.015450] Allocated by task 265: [ 22.015483] kasan_save_stack+0x3c/0x68 [ 22.016137] kasan_save_track+0x20/0x40 [ 22.016456] kasan_save_alloc_info+0x40/0x58 [ 22.016610] __kasan_kmalloc+0xd4/0xd8 [ 22.016794] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.016938] kasan_atomics+0xb8/0x2e0 [ 22.016984] kunit_try_run_case+0x170/0x3f0 [ 22.017048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.017101] kthread+0x328/0x630 [ 22.017265] ret_from_fork+0x10/0x20 [ 22.017531] [ 22.017575] The buggy address belongs to the object at fff00000c63cef80 [ 22.017575] which belongs to the cache kmalloc-64 of size 64 [ 22.017997] The buggy address is located 0 bytes to the right of [ 22.017997] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.018220] [ 22.018436] The buggy address belongs to the physical page: [ 22.018770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.018846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.019471] page_type: f5(slab) [ 22.019636] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.019698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.019742] page dumped because: kasan: bad access detected [ 22.019959] [ 22.020470] Memory state around the buggy address: [ 22.020532] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020582] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020896] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.021035] ^ [ 22.021094] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.021334] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.021726] ================================================================== [ 21.878632] ================================================================== [ 21.878687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 21.878738] Write of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.878788] [ 21.878820] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.878921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.878951] Hardware name: linux,dummy-virt (DT) [ 21.878984] Call trace: [ 21.879009] show_stack+0x20/0x38 (C) [ 21.879056] dump_stack_lvl+0x8c/0xd0 [ 21.879114] print_report+0x118/0x608 [ 21.879463] kasan_report+0xdc/0x128 [ 21.879740] kasan_check_range+0x100/0x1a8 [ 21.879818] __kasan_check_write+0x20/0x30 [ 21.879998] kasan_atomics_helper+0xa6c/0x4858 [ 21.880050] kasan_atomics+0x198/0x2e0 [ 21.880369] kunit_try_run_case+0x170/0x3f0 [ 21.880531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.880795] kthread+0x328/0x630 [ 21.880931] ret_from_fork+0x10/0x20 [ 21.881114] [ 21.881194] Allocated by task 265: [ 21.881225] kasan_save_stack+0x3c/0x68 [ 21.881269] kasan_save_track+0x20/0x40 [ 21.881529] kasan_save_alloc_info+0x40/0x58 [ 21.881651] __kasan_kmalloc+0xd4/0xd8 [ 21.881759] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.882021] kasan_atomics+0xb8/0x2e0 [ 21.882180] kunit_try_run_case+0x170/0x3f0 [ 21.882330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.882465] kthread+0x328/0x630 [ 21.882526] ret_from_fork+0x10/0x20 [ 21.882565] [ 21.882586] The buggy address belongs to the object at fff00000c63cef80 [ 21.882586] which belongs to the cache kmalloc-64 of size 64 [ 21.882856] The buggy address is located 0 bytes to the right of [ 21.882856] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.883037] [ 21.883145] The buggy address belongs to the physical page: [ 21.883523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.883603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.883828] page_type: f5(slab) [ 21.883898] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.883949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.883991] page dumped because: kasan: bad access detected [ 21.884026] [ 21.884046] Memory state around the buggy address: [ 21.884078] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.884146] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.884203] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.884372] ^ [ 21.884486] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.884581] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.884675] ================================================================== [ 22.130744] ================================================================== [ 22.130793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 22.130860] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.130922] [ 22.130953] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.131034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.131063] Hardware name: linux,dummy-virt (DT) [ 22.131094] Call trace: [ 22.131116] show_stack+0x20/0x38 (C) [ 22.131179] dump_stack_lvl+0x8c/0xd0 [ 22.131228] print_report+0x118/0x608 [ 22.131277] kasan_report+0xdc/0x128 [ 22.131351] __asan_report_load8_noabort+0x20/0x30 [ 22.131402] kasan_atomics_helper+0x3e20/0x4858 [ 22.131771] kasan_atomics+0x198/0x2e0 [ 22.131841] kunit_try_run_case+0x170/0x3f0 [ 22.132083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.132245] kthread+0x328/0x630 [ 22.132341] ret_from_fork+0x10/0x20 [ 22.132460] [ 22.132548] Allocated by task 265: [ 22.132693] kasan_save_stack+0x3c/0x68 [ 22.132736] kasan_save_track+0x20/0x40 [ 22.132777] kasan_save_alloc_info+0x40/0x58 [ 22.132817] __kasan_kmalloc+0xd4/0xd8 [ 22.132857] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.133025] kasan_atomics+0xb8/0x2e0 [ 22.133065] kunit_try_run_case+0x170/0x3f0 [ 22.133175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.133266] kthread+0x328/0x630 [ 22.133304] ret_from_fork+0x10/0x20 [ 22.133380] [ 22.133459] The buggy address belongs to the object at fff00000c63cef80 [ 22.133459] which belongs to the cache kmalloc-64 of size 64 [ 22.133576] The buggy address is located 0 bytes to the right of [ 22.133576] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.133946] [ 22.134024] The buggy address belongs to the physical page: [ 22.134189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.134307] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.134423] page_type: f5(slab) [ 22.134506] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.134634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.134709] page dumped because: kasan: bad access detected [ 22.134744] [ 22.134764] Memory state around the buggy address: [ 22.134797] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.135214] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.135383] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.135466] ^ [ 22.135541] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.135926] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.136034] ================================================================== [ 21.964497] ================================================================== [ 21.964551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 21.964604] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.964656] [ 21.964687] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.964772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.964844] Hardware name: linux,dummy-virt (DT) [ 21.964929] Call trace: [ 21.964993] show_stack+0x20/0x38 (C) [ 21.965044] dump_stack_lvl+0x8c/0xd0 [ 21.965144] print_report+0x118/0x608 [ 21.965207] kasan_report+0xdc/0x128 [ 21.965255] __asan_report_store8_noabort+0x20/0x30 [ 21.965308] kasan_atomics_helper+0x3e5c/0x4858 [ 21.965378] kasan_atomics+0x198/0x2e0 [ 21.965501] kunit_try_run_case+0x170/0x3f0 [ 21.965618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.965888] kthread+0x328/0x630 [ 21.966091] ret_from_fork+0x10/0x20 [ 21.966595] [ 21.966617] Allocated by task 265: [ 21.966647] kasan_save_stack+0x3c/0x68 [ 21.966732] kasan_save_track+0x20/0x40 [ 21.967069] kasan_save_alloc_info+0x40/0x58 [ 21.967115] __kasan_kmalloc+0xd4/0xd8 [ 21.967152] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.967201] kasan_atomics+0xb8/0x2e0 [ 21.967239] kunit_try_run_case+0x170/0x3f0 [ 21.967279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.967325] kthread+0x328/0x630 [ 21.967358] ret_from_fork+0x10/0x20 [ 21.967396] [ 21.967418] The buggy address belongs to the object at fff00000c63cef80 [ 21.967418] which belongs to the cache kmalloc-64 of size 64 [ 21.967479] The buggy address is located 0 bytes to the right of [ 21.967479] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.967591] [ 21.967613] The buggy address belongs to the physical page: [ 21.967648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.967919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.967978] page_type: f5(slab) [ 21.968019] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.968263] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.968311] page dumped because: kasan: bad access detected [ 21.968344] [ 21.968394] Memory state around the buggy address: [ 21.968518] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.968662] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.968779] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.968819] ^ [ 21.968853] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.968913] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.968954] ================================================================== [ 22.065592] ================================================================== [ 22.065642] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 22.065693] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.065747] [ 22.065777] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.065858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.065887] Hardware name: linux,dummy-virt (DT) [ 22.065932] Call trace: [ 22.065955] show_stack+0x20/0x38 (C) [ 22.066006] dump_stack_lvl+0x8c/0xd0 [ 22.066055] print_report+0x118/0x608 [ 22.066103] kasan_report+0xdc/0x128 [ 22.066150] __asan_report_load8_noabort+0x20/0x30 [ 22.066218] kasan_atomics_helper+0x3f04/0x4858 [ 22.066581] kasan_atomics+0x198/0x2e0 [ 22.066870] kunit_try_run_case+0x170/0x3f0 [ 22.066948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.067069] kthread+0x328/0x630 [ 22.067137] ret_from_fork+0x10/0x20 [ 22.067205] [ 22.067436] Allocated by task 265: [ 22.067503] kasan_save_stack+0x3c/0x68 [ 22.067690] kasan_save_track+0x20/0x40 [ 22.068124] kasan_save_alloc_info+0x40/0x58 [ 22.068270] __kasan_kmalloc+0xd4/0xd8 [ 22.068365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.068516] kasan_atomics+0xb8/0x2e0 [ 22.068589] kunit_try_run_case+0x170/0x3f0 [ 22.068631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.069068] kthread+0x328/0x630 [ 22.069377] ret_from_fork+0x10/0x20 [ 22.069626] [ 22.069654] The buggy address belongs to the object at fff00000c63cef80 [ 22.069654] which belongs to the cache kmalloc-64 of size 64 [ 22.069882] The buggy address is located 0 bytes to the right of [ 22.069882] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.070242] [ 22.070375] The buggy address belongs to the physical page: [ 22.070437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.070651] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.071000] page_type: f5(slab) [ 22.071211] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.071354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.071646] page dumped because: kasan: bad access detected [ 22.071973] [ 22.072183] Memory state around the buggy address: [ 22.072258] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.072628] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.072694] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.073036] ^ [ 22.073153] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.073317] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.073609] ================================================================== [ 22.082963] ================================================================== [ 22.083014] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 22.083064] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.083116] [ 22.083169] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.083263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.083299] Hardware name: linux,dummy-virt (DT) [ 22.083340] Call trace: [ 22.083363] show_stack+0x20/0x38 (C) [ 22.083417] dump_stack_lvl+0x8c/0xd0 [ 22.083466] print_report+0x118/0x608 [ 22.084351] kasan_report+0xdc/0x128 [ 22.084422] kasan_check_range+0x100/0x1a8 [ 22.084495] __kasan_check_write+0x20/0x30 [ 22.084626] kasan_atomics_helper+0x147c/0x4858 [ 22.084682] kasan_atomics+0x198/0x2e0 [ 22.084750] kunit_try_run_case+0x170/0x3f0 [ 22.085073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.085193] kthread+0x328/0x630 [ 22.085635] ret_from_fork+0x10/0x20 [ 22.085818] [ 22.085887] Allocated by task 265: [ 22.086037] kasan_save_stack+0x3c/0x68 [ 22.086083] kasan_save_track+0x20/0x40 [ 22.086482] kasan_save_alloc_info+0x40/0x58 [ 22.086718] __kasan_kmalloc+0xd4/0xd8 [ 22.086883] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.087000] kasan_atomics+0xb8/0x2e0 [ 22.087801] kunit_try_run_case+0x170/0x3f0 [ 22.087867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.087916] kthread+0x328/0x630 [ 22.087950] ret_from_fork+0x10/0x20 [ 22.087990] [ 22.088013] The buggy address belongs to the object at fff00000c63cef80 [ 22.088013] which belongs to the cache kmalloc-64 of size 64 [ 22.088076] The buggy address is located 0 bytes to the right of [ 22.088076] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.088143] [ 22.088176] The buggy address belongs to the physical page: [ 22.088212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.088271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.088320] page_type: f5(slab) [ 22.088363] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.088418] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.088461] page dumped because: kasan: bad access detected [ 22.088496] [ 22.088517] Memory state around the buggy address: [ 22.088551] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.088597] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.088642] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.088683] ^ [ 22.088716] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.088761] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.088799] ================================================================== [ 22.041866] ================================================================== [ 22.041924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 22.041978] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.042029] [ 22.042064] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.042147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.042202] Hardware name: linux,dummy-virt (DT) [ 22.042236] Call trace: [ 22.042262] show_stack+0x20/0x38 (C) [ 22.042313] dump_stack_lvl+0x8c/0xd0 [ 22.042362] print_report+0x118/0x608 [ 22.042408] kasan_report+0xdc/0x128 [ 22.042455] kasan_check_range+0x100/0x1a8 [ 22.042503] __kasan_check_write+0x20/0x30 [ 22.042549] kasan_atomics_helper+0x11f8/0x4858 [ 22.042598] kasan_atomics+0x198/0x2e0 [ 22.042644] kunit_try_run_case+0x170/0x3f0 [ 22.042693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.042747] kthread+0x328/0x630 [ 22.042789] ret_from_fork+0x10/0x20 [ 22.042839] [ 22.042859] Allocated by task 265: [ 22.042887] kasan_save_stack+0x3c/0x68 [ 22.042935] kasan_save_track+0x20/0x40 [ 22.042974] kasan_save_alloc_info+0x40/0x58 [ 22.043016] __kasan_kmalloc+0xd4/0xd8 [ 22.043054] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.043096] kasan_atomics+0xb8/0x2e0 [ 22.043132] kunit_try_run_case+0x170/0x3f0 [ 22.043188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.045237] kthread+0x328/0x630 [ 22.045295] ret_from_fork+0x10/0x20 [ 22.045335] [ 22.045358] The buggy address belongs to the object at fff00000c63cef80 [ 22.045358] which belongs to the cache kmalloc-64 of size 64 [ 22.045419] The buggy address is located 0 bytes to the right of [ 22.045419] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.045486] [ 22.045509] The buggy address belongs to the physical page: [ 22.045543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.045599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.045649] page_type: f5(slab) [ 22.045689] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.045743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.045786] page dumped because: kasan: bad access detected [ 22.045820] [ 22.045841] Memory state around the buggy address: [ 22.045875] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.045919] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.045963] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.046005] ^ [ 22.046039] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.046081] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.046121] ================================================================== [ 22.117122] ================================================================== [ 22.117191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 22.117415] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.117474] [ 22.117615] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.117702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.117732] Hardware name: linux,dummy-virt (DT) [ 22.117764] Call trace: [ 22.117885] show_stack+0x20/0x38 (C) [ 22.117980] dump_stack_lvl+0x8c/0xd0 [ 22.118032] print_report+0x118/0x608 [ 22.118258] kasan_report+0xdc/0x128 [ 22.118321] kasan_check_range+0x100/0x1a8 [ 22.118413] __kasan_check_write+0x20/0x30 [ 22.118460] kasan_atomics_helper+0x16d0/0x4858 [ 22.118511] kasan_atomics+0x198/0x2e0 [ 22.118668] kunit_try_run_case+0x170/0x3f0 [ 22.118770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.118854] kthread+0x328/0x630 [ 22.118907] ret_from_fork+0x10/0x20 [ 22.118955] [ 22.118976] Allocated by task 265: [ 22.119005] kasan_save_stack+0x3c/0x68 [ 22.119047] kasan_save_track+0x20/0x40 [ 22.119087] kasan_save_alloc_info+0x40/0x58 [ 22.119128] __kasan_kmalloc+0xd4/0xd8 [ 22.119179] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.119416] kasan_atomics+0xb8/0x2e0 [ 22.119559] kunit_try_run_case+0x170/0x3f0 [ 22.119672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.119851] kthread+0x328/0x630 [ 22.119885] ret_from_fork+0x10/0x20 [ 22.119925] [ 22.119946] The buggy address belongs to the object at fff00000c63cef80 [ 22.119946] which belongs to the cache kmalloc-64 of size 64 [ 22.120008] The buggy address is located 0 bytes to the right of [ 22.120008] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.120172] [ 22.120220] The buggy address belongs to the physical page: [ 22.120354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.120474] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.120749] page_type: f5(slab) [ 22.120811] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.120865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.120909] page dumped because: kasan: bad access detected [ 22.120944] [ 22.120964] Memory state around the buggy address: [ 22.121018] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.121063] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.121123] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.121175] ^ [ 22.121211] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.121254] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.121295] ================================================================== [ 22.121495] ================================================================== [ 22.121543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 22.121593] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.121645] [ 22.121676] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.121757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.122021] Hardware name: linux,dummy-virt (DT) [ 22.122077] Call trace: [ 22.122146] show_stack+0x20/0x38 (C) [ 22.122213] dump_stack_lvl+0x8c/0xd0 [ 22.122270] print_report+0x118/0x608 [ 22.122541] kasan_report+0xdc/0x128 [ 22.122631] __asan_report_load8_noabort+0x20/0x30 [ 22.122716] kasan_atomics_helper+0x3e10/0x4858 [ 22.122778] kasan_atomics+0x198/0x2e0 [ 22.122833] kunit_try_run_case+0x170/0x3f0 [ 22.122884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.122968] kthread+0x328/0x630 [ 22.123012] ret_from_fork+0x10/0x20 [ 22.123067] [ 22.123175] Allocated by task 265: [ 22.123242] kasan_save_stack+0x3c/0x68 [ 22.123287] kasan_save_track+0x20/0x40 [ 22.123348] kasan_save_alloc_info+0x40/0x58 [ 22.123392] __kasan_kmalloc+0xd4/0xd8 [ 22.123429] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.123471] kasan_atomics+0xb8/0x2e0 [ 22.123518] kunit_try_run_case+0x170/0x3f0 [ 22.123559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.123605] kthread+0x328/0x630 [ 22.123639] ret_from_fork+0x10/0x20 [ 22.123842] [ 22.123965] The buggy address belongs to the object at fff00000c63cef80 [ 22.123965] which belongs to the cache kmalloc-64 of size 64 [ 22.124119] The buggy address is located 0 bytes to the right of [ 22.124119] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.124421] [ 22.124448] The buggy address belongs to the physical page: [ 22.124531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.124689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.124799] page_type: f5(slab) [ 22.124857] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.124963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.125019] page dumped because: kasan: bad access detected [ 22.125112] [ 22.125222] Memory state around the buggy address: [ 22.125297] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.125357] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.125403] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.125444] ^ [ 22.125480] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.125685] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.125731] ================================================================== [ 22.136470] ================================================================== [ 22.136520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 22.136723] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.136785] [ 22.136890] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.136981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.137029] Hardware name: linux,dummy-virt (DT) [ 22.137103] Call trace: [ 22.137174] show_stack+0x20/0x38 (C) [ 22.137225] dump_stack_lvl+0x8c/0xd0 [ 22.137592] print_report+0x118/0x608 [ 22.137755] kasan_report+0xdc/0x128 [ 22.137807] kasan_check_range+0x100/0x1a8 [ 22.137859] __kasan_check_write+0x20/0x30 [ 22.137904] kasan_atomics_helper+0x17ec/0x4858 [ 22.137993] kasan_atomics+0x198/0x2e0 [ 22.138048] kunit_try_run_case+0x170/0x3f0 [ 22.138100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.138418] kthread+0x328/0x630 [ 22.138512] ret_from_fork+0x10/0x20 [ 22.138571] [ 22.138610] Allocated by task 265: [ 22.138642] kasan_save_stack+0x3c/0x68 [ 22.138684] kasan_save_track+0x20/0x40 [ 22.138724] kasan_save_alloc_info+0x40/0x58 [ 22.139060] __kasan_kmalloc+0xd4/0xd8 [ 22.139134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.139221] kasan_atomics+0xb8/0x2e0 [ 22.139289] kunit_try_run_case+0x170/0x3f0 [ 22.139332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.139979] kthread+0x328/0x630 [ 22.140136] ret_from_fork+0x10/0x20 [ 22.140285] [ 22.140425] The buggy address belongs to the object at fff00000c63cef80 [ 22.140425] which belongs to the cache kmalloc-64 of size 64 [ 22.140546] The buggy address is located 0 bytes to the right of [ 22.140546] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.140612] [ 22.140635] The buggy address belongs to the physical page: [ 22.140670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.141060] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.141548] page_type: f5(slab) [ 22.141635] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.141699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.141744] page dumped because: kasan: bad access detected [ 22.141781] [ 22.141802] Memory state around the buggy address: [ 22.141836] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.141882] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.141976] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.142021] ^ [ 22.142057] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.142104] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.142183] ================================================================== [ 22.089009] ================================================================== [ 22.089057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 22.089105] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.089172] [ 22.089201] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.089285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.089314] Hardware name: linux,dummy-virt (DT) [ 22.089346] Call trace: [ 22.089369] show_stack+0x20/0x38 (C) [ 22.089417] dump_stack_lvl+0x8c/0xd0 [ 22.089464] print_report+0x118/0x608 [ 22.089512] kasan_report+0xdc/0x128 [ 22.089557] kasan_check_range+0x100/0x1a8 [ 22.089609] __kasan_check_write+0x20/0x30 [ 22.089655] kasan_atomics_helper+0x14e4/0x4858 [ 22.089705] kasan_atomics+0x198/0x2e0 [ 22.089752] kunit_try_run_case+0x170/0x3f0 [ 22.089799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.089853] kthread+0x328/0x630 [ 22.089896] ret_from_fork+0x10/0x20 [ 22.089942] [ 22.089962] Allocated by task 265: [ 22.089991] kasan_save_stack+0x3c/0x68 [ 22.090032] kasan_save_track+0x20/0x40 [ 22.090072] kasan_save_alloc_info+0x40/0x58 [ 22.090115] __kasan_kmalloc+0xd4/0xd8 [ 22.090185] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.090228] kasan_atomics+0xb8/0x2e0 [ 22.090447] kunit_try_run_case+0x170/0x3f0 [ 22.090500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.090578] kthread+0x328/0x630 [ 22.090613] ret_from_fork+0x10/0x20 [ 22.090670] [ 22.090720] The buggy address belongs to the object at fff00000c63cef80 [ 22.090720] which belongs to the cache kmalloc-64 of size 64 [ 22.090783] The buggy address is located 0 bytes to the right of [ 22.090783] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.090850] [ 22.090871] The buggy address belongs to the physical page: [ 22.090910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.090965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.091013] page_type: f5(slab) [ 22.091054] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.091107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.091150] page dumped because: kasan: bad access detected [ 22.091196] [ 22.091218] Memory state around the buggy address: [ 22.091252] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.091297] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.091342] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.091540] ^ [ 22.091768] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.092132] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.092200] ================================================================== [ 22.102715] ================================================================== [ 22.102823] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 22.102875] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.102936] [ 22.103083] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.103177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.103214] Hardware name: linux,dummy-virt (DT) [ 22.103248] Call trace: [ 22.103288] show_stack+0x20/0x38 (C) [ 22.103340] dump_stack_lvl+0x8c/0xd0 [ 22.103387] print_report+0x118/0x608 [ 22.103453] kasan_report+0xdc/0x128 [ 22.103534] __asan_report_load8_noabort+0x20/0x30 [ 22.103609] kasan_atomics_helper+0x3db0/0x4858 [ 22.103658] kasan_atomics+0x198/0x2e0 [ 22.103901] kunit_try_run_case+0x170/0x3f0 [ 22.104024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.104154] kthread+0x328/0x630 [ 22.104279] ret_from_fork+0x10/0x20 [ 22.104347] [ 22.104385] Allocated by task 265: [ 22.104462] kasan_save_stack+0x3c/0x68 [ 22.104743] kasan_save_track+0x20/0x40 [ 22.104971] kasan_save_alloc_info+0x40/0x58 [ 22.105099] __kasan_kmalloc+0xd4/0xd8 [ 22.105211] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.105357] kasan_atomics+0xb8/0x2e0 [ 22.105504] kunit_try_run_case+0x170/0x3f0 [ 22.105564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.105637] kthread+0x328/0x630 [ 22.105683] ret_from_fork+0x10/0x20 [ 22.105720] [ 22.105742] The buggy address belongs to the object at fff00000c63cef80 [ 22.105742] which belongs to the cache kmalloc-64 of size 64 [ 22.106017] The buggy address is located 0 bytes to the right of [ 22.106017] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.106106] [ 22.106129] The buggy address belongs to the physical page: [ 22.106289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.106462] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.106586] page_type: f5(slab) [ 22.106734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.106807] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.106851] page dumped because: kasan: bad access detected [ 22.106884] [ 22.106911] Memory state around the buggy address: [ 22.107091] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.107250] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.107334] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.107430] ^ [ 22.107488] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.107559] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.107903] ================================================================== [ 21.951395] ================================================================== [ 21.951731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 21.951879] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.951984] [ 21.952023] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.952142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.952181] Hardware name: linux,dummy-virt (DT) [ 21.952215] Call trace: [ 21.952341] show_stack+0x20/0x38 (C) [ 21.952400] dump_stack_lvl+0x8c/0xd0 [ 21.952451] print_report+0x118/0x608 [ 21.952499] kasan_report+0xdc/0x128 [ 21.952565] __asan_report_load8_noabort+0x20/0x30 [ 21.952616] kasan_atomics_helper+0x3f58/0x4858 [ 21.952688] kasan_atomics+0x198/0x2e0 [ 21.952809] kunit_try_run_case+0x170/0x3f0 [ 21.952908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.952962] kthread+0x328/0x630 [ 21.953348] ret_from_fork+0x10/0x20 [ 21.953452] [ 21.953492] Allocated by task 265: [ 21.953522] kasan_save_stack+0x3c/0x68 [ 21.953567] kasan_save_track+0x20/0x40 [ 21.953607] kasan_save_alloc_info+0x40/0x58 [ 21.953647] __kasan_kmalloc+0xd4/0xd8 [ 21.953686] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.953728] kasan_atomics+0xb8/0x2e0 [ 21.953766] kunit_try_run_case+0x170/0x3f0 [ 21.953827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.953874] kthread+0x328/0x630 [ 21.953930] ret_from_fork+0x10/0x20 [ 21.954093] [ 21.954128] The buggy address belongs to the object at fff00000c63cef80 [ 21.954128] which belongs to the cache kmalloc-64 of size 64 [ 21.954198] The buggy address is located 0 bytes to the right of [ 21.954198] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.954304] [ 21.954330] The buggy address belongs to the physical page: [ 21.954502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.954684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.954772] page_type: f5(slab) [ 21.954813] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.954866] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.954913] page dumped because: kasan: bad access detected [ 21.955086] [ 21.955915] Memory state around the buggy address: [ 21.955959] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.956008] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.956051] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.956274] ^ [ 21.956390] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.956436] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.956477] ================================================================== [ 21.970433] ================================================================== [ 21.971314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 21.971438] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.971948] [ 21.971987] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.972103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.972134] Hardware name: linux,dummy-virt (DT) [ 21.972337] Call trace: [ 21.972564] show_stack+0x20/0x38 (C) [ 21.972624] dump_stack_lvl+0x8c/0xd0 [ 21.972934] print_report+0x118/0x608 [ 21.973034] kasan_report+0xdc/0x128 [ 21.973122] kasan_check_range+0x100/0x1a8 [ 21.973349] __kasan_check_write+0x20/0x30 [ 21.973419] kasan_atomics_helper+0xeb8/0x4858 [ 21.973782] kasan_atomics+0x198/0x2e0 [ 21.973839] kunit_try_run_case+0x170/0x3f0 [ 21.974060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.974206] kthread+0x328/0x630 [ 21.974298] ret_from_fork+0x10/0x20 [ 21.974690] [ 21.974716] Allocated by task 265: [ 21.974836] kasan_save_stack+0x3c/0x68 [ 21.975017] kasan_save_track+0x20/0x40 [ 21.975346] kasan_save_alloc_info+0x40/0x58 [ 21.975723] __kasan_kmalloc+0xd4/0xd8 [ 21.975778] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.975819] kasan_atomics+0xb8/0x2e0 [ 21.975856] kunit_try_run_case+0x170/0x3f0 [ 21.976058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.976124] kthread+0x328/0x630 [ 21.976422] ret_from_fork+0x10/0x20 [ 21.976795] [ 21.976824] The buggy address belongs to the object at fff00000c63cef80 [ 21.976824] which belongs to the cache kmalloc-64 of size 64 [ 21.977036] The buggy address is located 0 bytes to the right of [ 21.977036] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.977219] [ 21.977475] The buggy address belongs to the physical page: [ 21.977520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.977695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.977939] page_type: f5(slab) [ 21.977989] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.978153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.978395] page dumped because: kasan: bad access detected [ 21.978476] [ 21.978497] Memory state around the buggy address: [ 21.978533] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.978978] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.979116] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.979394] ^ [ 21.979478] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.979835] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.979903] ================================================================== [ 22.000855] ================================================================== [ 22.001015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 22.001114] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.001180] [ 22.001212] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.001295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.001661] Hardware name: linux,dummy-virt (DT) [ 22.001806] Call trace: [ 22.001833] show_stack+0x20/0x38 (C) [ 22.001884] dump_stack_lvl+0x8c/0xd0 [ 22.001951] print_report+0x118/0x608 [ 22.001999] kasan_report+0xdc/0x128 [ 22.002272] kasan_check_range+0x100/0x1a8 [ 22.002354] __kasan_check_write+0x20/0x30 [ 22.002428] kasan_atomics_helper+0xff0/0x4858 [ 22.002490] kasan_atomics+0x198/0x2e0 [ 22.002546] kunit_try_run_case+0x170/0x3f0 [ 22.002597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.002651] kthread+0x328/0x630 [ 22.002693] ret_from_fork+0x10/0x20 [ 22.002741] [ 22.002762] Allocated by task 265: [ 22.002791] kasan_save_stack+0x3c/0x68 [ 22.002844] kasan_save_track+0x20/0x40 [ 22.003105] kasan_save_alloc_info+0x40/0x58 [ 22.003271] __kasan_kmalloc+0xd4/0xd8 [ 22.003322] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.003408] kasan_atomics+0xb8/0x2e0 [ 22.003450] kunit_try_run_case+0x170/0x3f0 [ 22.003490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.003549] kthread+0x328/0x630 [ 22.003613] ret_from_fork+0x10/0x20 [ 22.003654] [ 22.003677] The buggy address belongs to the object at fff00000c63cef80 [ 22.003677] which belongs to the cache kmalloc-64 of size 64 [ 22.004296] The buggy address is located 0 bytes to the right of [ 22.004296] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.004479] [ 22.004625] The buggy address belongs to the physical page: [ 22.004772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.004848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.004927] page_type: f5(slab) [ 22.005033] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.005430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.005482] page dumped because: kasan: bad access detected [ 22.005526] [ 22.005548] Memory state around the buggy address: [ 22.005625] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.005686] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.005750] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.006138] ^ [ 22.006481] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.006736] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.006786] ================================================================== [ 21.945716] ================================================================== [ 21.945770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 21.945823] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.946230] [ 21.946265] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.946437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.946702] Hardware name: linux,dummy-virt (DT) [ 21.946964] Call trace: [ 21.947058] show_stack+0x20/0x38 (C) [ 21.947184] dump_stack_lvl+0x8c/0xd0 [ 21.947236] print_report+0x118/0x608 [ 21.947284] kasan_report+0xdc/0x128 [ 21.947331] kasan_check_range+0x100/0x1a8 [ 21.947380] __kasan_check_read+0x20/0x30 [ 21.947425] kasan_atomics_helper+0xdd4/0x4858 [ 21.947474] kasan_atomics+0x198/0x2e0 [ 21.947530] kunit_try_run_case+0x170/0x3f0 [ 21.947578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.947786] kthread+0x328/0x630 [ 21.947949] ret_from_fork+0x10/0x20 [ 21.948001] [ 21.948313] Allocated by task 265: [ 21.948427] kasan_save_stack+0x3c/0x68 [ 21.948478] kasan_save_track+0x20/0x40 [ 21.948567] kasan_save_alloc_info+0x40/0x58 [ 21.948609] __kasan_kmalloc+0xd4/0xd8 [ 21.948648] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.948918] kasan_atomics+0xb8/0x2e0 [ 21.948969] kunit_try_run_case+0x170/0x3f0 [ 21.949011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.949057] kthread+0x328/0x630 [ 21.949093] ret_from_fork+0x10/0x20 [ 21.949132] [ 21.949152] The buggy address belongs to the object at fff00000c63cef80 [ 21.949152] which belongs to the cache kmalloc-64 of size 64 [ 21.949223] The buggy address is located 0 bytes to the right of [ 21.949223] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.949566] [ 21.949655] The buggy address belongs to the physical page: [ 21.949698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.949768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.949817] page_type: f5(slab) [ 21.949941] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.950177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.950220] page dumped because: kasan: bad access detected [ 21.950254] [ 21.950275] Memory state around the buggy address: [ 21.950310] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.950353] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.950397] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.950437] ^ [ 21.950472] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.950809] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.950853] ================================================================== [ 22.046387] ================================================================== [ 22.046438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 22.046510] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.046561] [ 22.046634] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.046877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.046930] Hardware name: linux,dummy-virt (DT) [ 22.046964] Call trace: [ 22.047064] show_stack+0x20/0x38 (C) [ 22.047170] dump_stack_lvl+0x8c/0xd0 [ 22.047436] print_report+0x118/0x608 [ 22.047717] kasan_report+0xdc/0x128 [ 22.047840] kasan_check_range+0x100/0x1a8 [ 22.047946] __kasan_check_write+0x20/0x30 [ 22.048016] kasan_atomics_helper+0x126c/0x4858 [ 22.048065] kasan_atomics+0x198/0x2e0 [ 22.048127] kunit_try_run_case+0x170/0x3f0 [ 22.048190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.048245] kthread+0x328/0x630 [ 22.048287] ret_from_fork+0x10/0x20 [ 22.048361] [ 22.048389] Allocated by task 265: [ 22.048418] kasan_save_stack+0x3c/0x68 [ 22.048477] kasan_save_track+0x20/0x40 [ 22.048517] kasan_save_alloc_info+0x40/0x58 [ 22.048565] __kasan_kmalloc+0xd4/0xd8 [ 22.048612] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.048654] kasan_atomics+0xb8/0x2e0 [ 22.048691] kunit_try_run_case+0x170/0x3f0 [ 22.048741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.048786] kthread+0x328/0x630 [ 22.048822] ret_from_fork+0x10/0x20 [ 22.048860] [ 22.048890] The buggy address belongs to the object at fff00000c63cef80 [ 22.048890] which belongs to the cache kmalloc-64 of size 64 [ 22.048951] The buggy address is located 0 bytes to the right of [ 22.048951] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.049017] [ 22.049048] The buggy address belongs to the physical page: [ 22.049090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.049168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.049217] page_type: f5(slab) [ 22.049257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.049310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.049353] page dumped because: kasan: bad access detected [ 22.049387] [ 22.049658] Memory state around the buggy address: [ 22.049702] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.049763] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.050046] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.050191] ^ [ 22.050260] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.050528] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.050656] ================================================================== [ 22.126369] ================================================================== [ 22.126606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 22.126666] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.126855] [ 22.126979] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.127067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.127115] Hardware name: linux,dummy-virt (DT) [ 22.127214] Call trace: [ 22.127272] show_stack+0x20/0x38 (C) [ 22.127325] dump_stack_lvl+0x8c/0xd0 [ 22.127374] print_report+0x118/0x608 [ 22.127422] kasan_report+0xdc/0x128 [ 22.127584] kasan_check_range+0x100/0x1a8 [ 22.127677] __kasan_check_write+0x20/0x30 [ 22.127763] kasan_atomics_helper+0x175c/0x4858 [ 22.127822] kasan_atomics+0x198/0x2e0 [ 22.127928] kunit_try_run_case+0x170/0x3f0 [ 22.127999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128089] kthread+0x328/0x630 [ 22.128223] ret_from_fork+0x10/0x20 [ 22.128329] [ 22.128350] Allocated by task 265: [ 22.128379] kasan_save_stack+0x3c/0x68 [ 22.128560] kasan_save_track+0x20/0x40 [ 22.128600] kasan_save_alloc_info+0x40/0x58 [ 22.128643] __kasan_kmalloc+0xd4/0xd8 [ 22.128681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.128814] kasan_atomics+0xb8/0x2e0 [ 22.128876] kunit_try_run_case+0x170/0x3f0 [ 22.128918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128993] kthread+0x328/0x630 [ 22.129081] ret_from_fork+0x10/0x20 [ 22.129130] [ 22.129151] The buggy address belongs to the object at fff00000c63cef80 [ 22.129151] which belongs to the cache kmalloc-64 of size 64 [ 22.129342] The buggy address is located 0 bytes to the right of [ 22.129342] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.129467] [ 22.129546] The buggy address belongs to the physical page: [ 22.129662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.129799] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.129893] page_type: f5(slab) [ 22.130028] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.130134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.130192] page dumped because: kasan: bad access detected [ 22.130227] [ 22.130247] Memory state around the buggy address: [ 22.130290] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.130336] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.130387] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.130432] ^ [ 22.130467] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.130520] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.130559] ================================================================== [ 22.074556] ================================================================== [ 22.074609] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 22.074886] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.075098] [ 22.075138] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.075291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.075336] Hardware name: linux,dummy-virt (DT) [ 22.075370] Call trace: [ 22.075404] show_stack+0x20/0x38 (C) [ 22.075456] dump_stack_lvl+0x8c/0xd0 [ 22.075967] print_report+0x118/0x608 [ 22.076031] kasan_report+0xdc/0x128 [ 22.076170] kasan_check_range+0x100/0x1a8 [ 22.076369] __kasan_check_write+0x20/0x30 [ 22.076686] kasan_atomics_helper+0x1414/0x4858 [ 22.076877] kasan_atomics+0x198/0x2e0 [ 22.076954] kunit_try_run_case+0x170/0x3f0 [ 22.077128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.077291] kthread+0x328/0x630 [ 22.077614] ret_from_fork+0x10/0x20 [ 22.077773] [ 22.077981] Allocated by task 265: [ 22.078226] kasan_save_stack+0x3c/0x68 [ 22.078347] kasan_save_track+0x20/0x40 [ 22.078520] kasan_save_alloc_info+0x40/0x58 [ 22.078638] __kasan_kmalloc+0xd4/0xd8 [ 22.078706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.079054] kasan_atomics+0xb8/0x2e0 [ 22.079130] kunit_try_run_case+0x170/0x3f0 [ 22.079475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.079621] kthread+0x328/0x630 [ 22.079689] ret_from_fork+0x10/0x20 [ 22.079779] [ 22.079823] The buggy address belongs to the object at fff00000c63cef80 [ 22.079823] which belongs to the cache kmalloc-64 of size 64 [ 22.080339] The buggy address is located 0 bytes to the right of [ 22.080339] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.080689] [ 22.081063] The buggy address belongs to the physical page: [ 22.081266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.081534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.081681] page_type: f5(slab) [ 22.082035] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.082218] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.082267] page dumped because: kasan: bad access detected [ 22.082302] [ 22.082372] Memory state around the buggy address: [ 22.082426] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.082488] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.082534] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.082575] ^ [ 22.082619] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.082672] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.082720] ================================================================== [ 21.925740] ================================================================== [ 21.925790] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 21.926095] Read of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.926173] [ 21.926205] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.926286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.926316] Hardware name: linux,dummy-virt (DT) [ 21.926350] Call trace: [ 21.926373] show_stack+0x20/0x38 (C) [ 21.926444] dump_stack_lvl+0x8c/0xd0 [ 21.926493] print_report+0x118/0x608 [ 21.926543] kasan_report+0xdc/0x128 [ 21.926590] __asan_report_load4_noabort+0x20/0x30 [ 21.926643] kasan_atomics_helper+0x3dd8/0x4858 [ 21.926693] kasan_atomics+0x198/0x2e0 [ 21.926740] kunit_try_run_case+0x170/0x3f0 [ 21.926790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.926856] kthread+0x328/0x630 [ 21.926908] ret_from_fork+0x10/0x20 [ 21.926955] [ 21.926981] Allocated by task 265: [ 21.927142] kasan_save_stack+0x3c/0x68 [ 21.927314] kasan_save_track+0x20/0x40 [ 21.927353] kasan_save_alloc_info+0x40/0x58 [ 21.927482] __kasan_kmalloc+0xd4/0xd8 [ 21.927523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.927565] kasan_atomics+0xb8/0x2e0 [ 21.927605] kunit_try_run_case+0x170/0x3f0 [ 21.927645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.927691] kthread+0x328/0x630 [ 21.927726] ret_from_fork+0x10/0x20 [ 21.928041] [ 21.928184] The buggy address belongs to the object at fff00000c63cef80 [ 21.928184] which belongs to the cache kmalloc-64 of size 64 [ 21.928569] The buggy address is located 0 bytes to the right of [ 21.928569] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.928642] [ 21.928664] The buggy address belongs to the physical page: [ 21.928782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.928853] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.928950] page_type: f5(slab) [ 21.928990] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.929085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.929296] page dumped because: kasan: bad access detected [ 21.929465] [ 21.929486] Memory state around the buggy address: [ 21.929519] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.929587] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.929692] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.929884] ^ [ 21.929920] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.929998] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.930040] ================================================================== [ 21.980945] ================================================================== [ 21.981000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 21.981052] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.981105] [ 21.981774] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.982511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.982542] Hardware name: linux,dummy-virt (DT) [ 21.982575] Call trace: [ 21.982600] show_stack+0x20/0x38 (C) [ 21.982653] dump_stack_lvl+0x8c/0xd0 [ 21.982701] print_report+0x118/0x608 [ 21.982748] kasan_report+0xdc/0x128 [ 21.982794] kasan_check_range+0x100/0x1a8 [ 21.982843] __kasan_check_write+0x20/0x30 [ 21.982897] kasan_atomics_helper+0xf20/0x4858 [ 21.982946] kasan_atomics+0x198/0x2e0 [ 21.982993] kunit_try_run_case+0x170/0x3f0 [ 21.983042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.983096] kthread+0x328/0x630 [ 21.983140] ret_from_fork+0x10/0x20 [ 21.983198] [ 21.983218] Allocated by task 265: [ 21.983249] kasan_save_stack+0x3c/0x68 [ 21.983291] kasan_save_track+0x20/0x40 [ 21.983332] kasan_save_alloc_info+0x40/0x58 [ 21.983373] __kasan_kmalloc+0xd4/0xd8 [ 21.983413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.983453] kasan_atomics+0xb8/0x2e0 [ 21.983490] kunit_try_run_case+0x170/0x3f0 [ 21.984707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.984816] kthread+0x328/0x630 [ 21.985058] ret_from_fork+0x10/0x20 [ 21.985326] [ 21.985460] The buggy address belongs to the object at fff00000c63cef80 [ 21.985460] which belongs to the cache kmalloc-64 of size 64 [ 21.985683] The buggy address is located 0 bytes to the right of [ 21.985683] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.985804] [ 21.986200] The buggy address belongs to the physical page: [ 21.986244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.986300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.986352] page_type: f5(slab) [ 21.986626] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.986938] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.987123] page dumped because: kasan: bad access detected [ 21.987169] [ 21.987191] Memory state around the buggy address: [ 21.987376] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.987504] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.987968] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.988040] ^ [ 21.988082] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.988127] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.988593] ================================================================== [ 22.108407] ================================================================== [ 22.108457] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 22.108506] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.108605] [ 22.108637] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.108719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.108746] Hardware name: linux,dummy-virt (DT) [ 22.108914] Call trace: [ 22.108948] show_stack+0x20/0x38 (C) [ 22.109001] dump_stack_lvl+0x8c/0xd0 [ 22.109080] print_report+0x118/0x608 [ 22.109175] kasan_report+0xdc/0x128 [ 22.109405] kasan_check_range+0x100/0x1a8 [ 22.109465] __kasan_check_write+0x20/0x30 [ 22.109514] kasan_atomics_helper+0x1644/0x4858 [ 22.109573] kasan_atomics+0x198/0x2e0 [ 22.109635] kunit_try_run_case+0x170/0x3f0 [ 22.109733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.109834] kthread+0x328/0x630 [ 22.109878] ret_from_fork+0x10/0x20 [ 22.109967] [ 22.110016] Allocated by task 265: [ 22.110063] kasan_save_stack+0x3c/0x68 [ 22.110107] kasan_save_track+0x20/0x40 [ 22.110145] kasan_save_alloc_info+0x40/0x58 [ 22.110220] __kasan_kmalloc+0xd4/0xd8 [ 22.110259] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.110301] kasan_atomics+0xb8/0x2e0 [ 22.110338] kunit_try_run_case+0x170/0x3f0 [ 22.110379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.110540] kthread+0x328/0x630 [ 22.110578] ret_from_fork+0x10/0x20 [ 22.110615] [ 22.110675] The buggy address belongs to the object at fff00000c63cef80 [ 22.110675] which belongs to the cache kmalloc-64 of size 64 [ 22.110764] The buggy address is located 0 bytes to the right of [ 22.110764] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.110857] [ 22.110881] The buggy address belongs to the physical page: [ 22.111020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.111231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.111346] page_type: f5(slab) [ 22.111409] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.111483] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.111566] page dumped because: kasan: bad access detected [ 22.111638] [ 22.111660] Memory state around the buggy address: [ 22.111693] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.111739] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.111817] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.111859] ^ [ 22.111982] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.112027] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.112123] ================================================================== [ 21.990565] ================================================================== [ 21.990773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 21.990827] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.990880] [ 21.991358] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.991463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.991633] Hardware name: linux,dummy-virt (DT) [ 21.991699] Call trace: [ 21.991726] show_stack+0x20/0x38 (C) [ 21.992353] dump_stack_lvl+0x8c/0xd0 [ 21.992585] print_report+0x118/0x608 [ 21.992702] kasan_report+0xdc/0x128 [ 21.992903] kasan_check_range+0x100/0x1a8 [ 21.992952] __kasan_check_write+0x20/0x30 [ 21.993319] kasan_atomics_helper+0xf88/0x4858 [ 21.993505] kasan_atomics+0x198/0x2e0 [ 21.993930] kunit_try_run_case+0x170/0x3f0 [ 21.994319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.994375] kthread+0x328/0x630 [ 21.994913] ret_from_fork+0x10/0x20 [ 21.995101] [ 21.995275] Allocated by task 265: [ 21.995409] kasan_save_stack+0x3c/0x68 [ 21.995458] kasan_save_track+0x20/0x40 [ 21.995507] kasan_save_alloc_info+0x40/0x58 [ 21.996361] __kasan_kmalloc+0xd4/0xd8 [ 21.996484] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.996668] kasan_atomics+0xb8/0x2e0 [ 21.996717] kunit_try_run_case+0x170/0x3f0 [ 21.996907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.997261] kthread+0x328/0x630 [ 21.997370] ret_from_fork+0x10/0x20 [ 21.997411] [ 21.997623] The buggy address belongs to the object at fff00000c63cef80 [ 21.997623] which belongs to the cache kmalloc-64 of size 64 [ 21.998057] The buggy address is located 0 bytes to the right of [ 21.998057] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.998374] [ 21.998398] The buggy address belongs to the physical page: [ 21.998687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.998750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.998802] page_type: f5(slab) [ 21.998843] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.998901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.998944] page dumped because: kasan: bad access detected [ 21.999867] [ 21.999896] Memory state around the buggy address: [ 21.999933] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.999980] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.000025] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.000067] ^ [ 22.000101] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.000145] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.000363] ================================================================== [ 21.863439] ================================================================== [ 21.863832] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 21.863930] Write of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.864018] [ 21.864145] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.864306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.864367] Hardware name: linux,dummy-virt (DT) [ 21.864437] Call trace: [ 21.864518] show_stack+0x20/0x38 (C) [ 21.864698] dump_stack_lvl+0x8c/0xd0 [ 21.864824] print_report+0x118/0x608 [ 21.864973] kasan_report+0xdc/0x128 [ 21.865042] kasan_check_range+0x100/0x1a8 [ 21.865126] __kasan_check_write+0x20/0x30 [ 21.865182] kasan_atomics_helper+0x99c/0x4858 [ 21.865232] kasan_atomics+0x198/0x2e0 [ 21.865549] kunit_try_run_case+0x170/0x3f0 [ 21.865626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.865756] kthread+0x328/0x630 [ 21.865899] ret_from_fork+0x10/0x20 [ 21.866152] [ 21.866273] Allocated by task 265: [ 21.866304] kasan_save_stack+0x3c/0x68 [ 21.866365] kasan_save_track+0x20/0x40 [ 21.866404] kasan_save_alloc_info+0x40/0x58 [ 21.866446] __kasan_kmalloc+0xd4/0xd8 [ 21.866611] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.866679] kasan_atomics+0xb8/0x2e0 [ 21.866797] kunit_try_run_case+0x170/0x3f0 [ 21.866869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.866969] kthread+0x328/0x630 [ 21.867005] ret_from_fork+0x10/0x20 [ 21.867214] [ 21.867475] The buggy address belongs to the object at fff00000c63cef80 [ 21.867475] which belongs to the cache kmalloc-64 of size 64 [ 21.867742] The buggy address is located 0 bytes to the right of [ 21.867742] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.867885] [ 21.867907] The buggy address belongs to the physical page: [ 21.867947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.868050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.868289] page_type: f5(slab) [ 21.868347] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.868398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.868635] page dumped because: kasan: bad access detected [ 21.868735] [ 21.868846] Memory state around the buggy address: [ 21.868972] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.869084] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.869179] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.869332] ^ [ 21.869485] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.869602] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.869701] ================================================================== [ 21.886399] ================================================================== [ 21.886541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 21.886594] Write of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.886776] [ 21.886857] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.886985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.887302] kasan_report+0xdc/0x128 [ 21.888667] __kasan_kmalloc+0xd4/0xd8 [ 21.888782] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.888895] kasan_atomics+0xb8/0x2e0 [ 21.889071] kunit_try_run_case+0x170/0x3f0 [ 21.889504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.889584] kthread+0x328/0x630 [ 21.889636] ret_from_fork+0x10/0x20 [ 21.889676] [ 21.889699] The buggy address belongs to the object at fff00000c63cef80 [ 21.889699] which belongs to the cache kmalloc-64 of size 64 [ 21.890208] page dumped because: kasan: bad access detected [ 21.890946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 21.893597] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.894978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.896411] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.898920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.900723] kthread+0x328/0x630 [ 21.901517] kasan_atomics+0xb8/0x2e0 [ 21.901981] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.903267] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.906901] kunit_try_run_case+0x170/0x3f0 [ 21.907289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.907832] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.909492] Call trace: [ 21.911016] kasan_save_stack+0x3c/0x68 [ 21.911578] kunit_try_run_case+0x170/0x3f0 [ 21.913079] page dumped because: kasan: bad access detected [ 21.914324] ================================================================== [ 21.723985] ================================================================== [ 21.744021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 21.747270] kthread+0x328/0x630 [ 21.747378] [ 21.748319] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.749484] [ 21.751202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.752061] ^ [ 21.752306] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.753460] ================================================================== [ 22.057486] ================================================================== [ 22.057537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 22.057908] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.057977] [ 22.058084] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.058184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.058229] Hardware name: linux,dummy-virt (DT) [ 22.058262] Call trace: [ 22.058322] show_stack+0x20/0x38 (C) [ 22.058387] dump_stack_lvl+0x8c/0xd0 [ 22.058450] print_report+0x118/0x608 [ 22.058497] kasan_report+0xdc/0x128 [ 22.058544] kasan_check_range+0x100/0x1a8 [ 22.058830] __kasan_check_write+0x20/0x30 [ 22.058904] kasan_atomics_helper+0x1384/0x4858 [ 22.058963] kasan_atomics+0x198/0x2e0 [ 22.059020] kunit_try_run_case+0x170/0x3f0 [ 22.059073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.059127] kthread+0x328/0x630 [ 22.059180] ret_from_fork+0x10/0x20 [ 22.059229] [ 22.059249] Allocated by task 265: [ 22.059277] kasan_save_stack+0x3c/0x68 [ 22.059329] kasan_save_track+0x20/0x40 [ 22.059427] kasan_save_alloc_info+0x40/0x58 [ 22.059478] __kasan_kmalloc+0xd4/0xd8 [ 22.060145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.060699] kasan_atomics+0xb8/0x2e0 [ 22.060782] kunit_try_run_case+0x170/0x3f0 [ 22.060855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.060931] kthread+0x328/0x630 [ 22.061248] ret_from_fork+0x10/0x20 [ 22.061759] [ 22.062127] The buggy address belongs to the object at fff00000c63cef80 [ 22.062127] which belongs to the cache kmalloc-64 of size 64 [ 22.062233] The buggy address is located 0 bytes to the right of [ 22.062233] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.062312] [ 22.062334] The buggy address belongs to the physical page: [ 22.062371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.062650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.063066] page_type: f5(slab) [ 22.063192] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.063788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.063887] page dumped because: kasan: bad access detected [ 22.063925] [ 22.063946] Memory state around the buggy address: [ 22.064318] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.064514] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.064606] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.064809] ^ [ 22.065035] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.065222] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.065325] ================================================================== [ 21.870904] ================================================================== [ 21.871066] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 21.871298] Write of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.871363] [ 21.871555] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.871754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.871853] Hardware name: linux,dummy-virt (DT) [ 21.872854] __kasan_check_write+0x20/0x30 [ 21.873886] [ 21.874021] Allocated by task 265: [ 21.874188] kasan_save_stack+0x3c/0x68 [ 21.874295] kasan_save_track+0x20/0x40 [ 21.874473] kasan_save_alloc_info+0x40/0x58 [ 21.874617] __kasan_kmalloc+0xd4/0xd8 [ 21.874765] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.874838] kasan_atomics+0xb8/0x2e0 [ 21.874902] kunit_try_run_case+0x170/0x3f0 [ 21.875227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.875365] kthread+0x328/0x630 [ 21.875591] ret_from_fork+0x10/0x20 [ 21.875749] [ 21.875868] The buggy address belongs to the object at fff00000c63cef80 [ 21.875868] which belongs to the cache kmalloc-64 of size 64 [ 21.876051] The buggy address is located 0 bytes to the right of [ 21.876051] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.876222] [ 21.876254] The buggy address belongs to the physical page: [ 21.876289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.876345] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.876630] page_type: f5(slab) [ 21.876830] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.876979] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.877057] page dumped because: kasan: bad access detected [ 21.877100] [ 21.877122] Memory state around the buggy address: [ 21.877303] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.877489] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.877591] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.877714] ^ [ 21.877827] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.877937] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.878079] ================================================================== [ 22.093056] ================================================================== [ 22.093146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 22.093218] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.093274] [ 22.093334] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.093418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.093476] Hardware name: linux,dummy-virt (DT) [ 22.093510] Call trace: [ 22.093591] show_stack+0x20/0x38 (C) [ 22.093643] dump_stack_lvl+0x8c/0xd0 [ 22.093691] print_report+0x118/0x608 [ 22.093738] kasan_report+0xdc/0x128 [ 22.093783] kasan_check_range+0x100/0x1a8 [ 22.093839] __kasan_check_write+0x20/0x30 [ 22.093904] kasan_atomics_helper+0x154c/0x4858 [ 22.093959] kasan_atomics+0x198/0x2e0 [ 22.094006] kunit_try_run_case+0x170/0x3f0 [ 22.094065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.094339] kthread+0x328/0x630 [ 22.094453] ret_from_fork+0x10/0x20 [ 22.094525] [ 22.094561] Allocated by task 265: [ 22.094794] kasan_save_stack+0x3c/0x68 [ 22.094849] kasan_save_track+0x20/0x40 [ 22.094976] kasan_save_alloc_info+0x40/0x58 [ 22.095020] __kasan_kmalloc+0xd4/0xd8 [ 22.095060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.095107] kasan_atomics+0xb8/0x2e0 [ 22.095153] kunit_try_run_case+0x170/0x3f0 [ 22.095221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.095286] kthread+0x328/0x630 [ 22.095322] ret_from_fork+0x10/0x20 [ 22.095361] [ 22.095430] The buggy address belongs to the object at fff00000c63cef80 [ 22.095430] which belongs to the cache kmalloc-64 of size 64 [ 22.095543] The buggy address is located 0 bytes to the right of [ 22.095543] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.095628] [ 22.095661] The buggy address belongs to the physical page: [ 22.095696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.095753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.095803] page_type: f5(slab) [ 22.096077] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.096234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.096346] page dumped because: kasan: bad access detected [ 22.096702] [ 22.096746] Memory state around the buggy address: [ 22.096822] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.096934] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.096981] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.097021] ^ [ 22.097346] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.097467] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.097558] ================================================================== [ 21.931175] ================================================================== [ 21.931243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 21.931443] Write of size 4 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 21.931690] [ 21.931876] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.932244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.932276] Hardware name: linux,dummy-virt (DT) [ 21.932307] Call trace: [ 21.932333] show_stack+0x20/0x38 (C) [ 21.932545] dump_stack_lvl+0x8c/0xd0 [ 21.932596] print_report+0x118/0x608 [ 21.932740] kasan_report+0xdc/0x128 [ 21.933001] kasan_check_range+0x100/0x1a8 [ 21.933052] __kasan_check_write+0x20/0x30 [ 21.933098] kasan_atomics_helper+0xd3c/0x4858 [ 21.933148] kasan_atomics+0x198/0x2e0 [ 21.933404] kunit_try_run_case+0x170/0x3f0 [ 21.933579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.933636] kthread+0x328/0x630 [ 21.933677] ret_from_fork+0x10/0x20 [ 21.933726] [ 21.933748] Allocated by task 265: [ 21.933803] kasan_save_stack+0x3c/0x68 [ 21.933989] kasan_save_track+0x20/0x40 [ 21.934364] kasan_save_alloc_info+0x40/0x58 [ 21.934415] __kasan_kmalloc+0xd4/0xd8 [ 21.934456] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.934815] kasan_atomics+0xb8/0x2e0 [ 21.935007] kunit_try_run_case+0x170/0x3f0 [ 21.935057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.935382] kthread+0x328/0x630 [ 21.935424] ret_from_fork+0x10/0x20 [ 21.935476] [ 21.935499] The buggy address belongs to the object at fff00000c63cef80 [ 21.935499] which belongs to the cache kmalloc-64 of size 64 [ 21.935561] The buggy address is located 0 bytes to the right of [ 21.935561] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 21.935750] [ 21.935934] The buggy address belongs to the physical page: [ 21.936112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 21.936231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.936421] page_type: f5(slab) [ 21.936462] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.936514] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.936556] page dumped because: kasan: bad access detected [ 21.936633] [ 21.936654] Memory state around the buggy address: [ 21.936688] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.936733] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.936778] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.936820] ^ [ 21.936888] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.936980] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.937020] ================================================================== [ 22.023078] ================================================================== [ 22.023142] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 22.023375] Write of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.023685] [ 22.024090] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.024442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.024587] Hardware name: linux,dummy-virt (DT) [ 22.025016] Call trace: [ 22.025112] show_stack+0x20/0x38 (C) [ 22.025290] dump_stack_lvl+0x8c/0xd0 [ 22.025575] print_report+0x118/0x608 [ 22.025757] kasan_report+0xdc/0x128 [ 22.026305] kasan_check_range+0x100/0x1a8 [ 22.026485] __kasan_check_write+0x20/0x30 [ 22.026555] kasan_atomics_helper+0x1128/0x4858 [ 22.026743] kasan_atomics+0x198/0x2e0 [ 22.026851] kunit_try_run_case+0x170/0x3f0 [ 22.027036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.027294] kthread+0x328/0x630 [ 22.027593] ret_from_fork+0x10/0x20 [ 22.028111] [ 22.028235] Allocated by task 265: [ 22.028274] kasan_save_stack+0x3c/0x68 [ 22.028331] kasan_save_track+0x20/0x40 [ 22.028372] kasan_save_alloc_info+0x40/0x58 [ 22.028426] __kasan_kmalloc+0xd4/0xd8 [ 22.028466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.028508] kasan_atomics+0xb8/0x2e0 [ 22.028546] kunit_try_run_case+0x170/0x3f0 [ 22.028587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.028644] kthread+0x328/0x630 [ 22.028693] ret_from_fork+0x10/0x20 [ 22.028731] [ 22.028760] The buggy address belongs to the object at fff00000c63cef80 [ 22.028760] which belongs to the cache kmalloc-64 of size 64 [ 22.028822] The buggy address is located 0 bytes to the right of [ 22.028822] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.028902] [ 22.028937] The buggy address belongs to the physical page: [ 22.028973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.029031] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.029081] page_type: f5(slab) [ 22.029120] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.029543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.029596] page dumped because: kasan: bad access detected [ 22.029632] [ 22.029801] Memory state around the buggy address: [ 22.029840] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.029889] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.029935] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.029976] ^ [ 22.030029] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.030101] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.030167] ================================================================== [ 22.112918] ================================================================== [ 22.113057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 22.113110] Read of size 8 at addr fff00000c63cefb0 by task kunit_try_catch/265 [ 22.113256] [ 22.113290] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.113419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.113465] Hardware name: linux,dummy-virt (DT) [ 22.113498] Call trace: [ 22.113538] show_stack+0x20/0x38 (C) [ 22.113589] dump_stack_lvl+0x8c/0xd0 [ 22.113779] print_report+0x118/0x608 [ 22.113960] kasan_report+0xdc/0x128 [ 22.114045] __asan_report_load8_noabort+0x20/0x30 [ 22.114119] kasan_atomics_helper+0x3df4/0x4858 [ 22.114195] kasan_atomics+0x198/0x2e0 [ 22.114260] kunit_try_run_case+0x170/0x3f0 [ 22.114312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.114380] kthread+0x328/0x630 [ 22.114425] ret_from_fork+0x10/0x20 [ 22.114490] [ 22.114511] Allocated by task 265: [ 22.114541] kasan_save_stack+0x3c/0x68 [ 22.114582] kasan_save_track+0x20/0x40 [ 22.114734] kasan_save_alloc_info+0x40/0x58 [ 22.114782] __kasan_kmalloc+0xd4/0xd8 [ 22.114822] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.114873] kasan_atomics+0xb8/0x2e0 [ 22.114919] kunit_try_run_case+0x170/0x3f0 [ 22.114994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.115060] kthread+0x328/0x630 [ 22.115094] ret_from_fork+0x10/0x20 [ 22.115206] [ 22.115234] The buggy address belongs to the object at fff00000c63cef80 [ 22.115234] which belongs to the cache kmalloc-64 of size 64 [ 22.115296] The buggy address is located 0 bytes to the right of [ 22.115296] allocated 48-byte region [fff00000c63cef80, fff00000c63cefb0) [ 22.115536] [ 22.115624] The buggy address belongs to the physical page: [ 22.115699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063ce [ 22.115758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.115835] page_type: f5(slab) [ 22.115900] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.115954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.116106] page dumped because: kasan: bad access detected [ 22.116246] [ 22.116309] Memory state around the buggy address: [ 22.116360] fff00000c63cee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.116408] fff00000c63cef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.116470] >fff00000c63cef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.116512] ^ [ 22.116548] fff00000c63cf000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.116591] fff00000c63cf080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.116632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.506583] ================================================================== [ 21.506732] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 21.506815] Read of size 1 at addr fff00000c63c9810 by task kunit_try_catch/259 [ 21.506867] [ 21.507037] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.507126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.507169] Hardware name: linux,dummy-virt (DT) [ 21.507395] Call trace: [ 21.507438] show_stack+0x20/0x38 (C) [ 21.507556] dump_stack_lvl+0x8c/0xd0 [ 21.507661] print_report+0x118/0x608 [ 21.507787] kasan_report+0xdc/0x128 [ 21.507893] __asan_report_load1_noabort+0x20/0x30 [ 21.507955] kasan_strings+0x95c/0xb00 [ 21.508001] kunit_try_run_case+0x170/0x3f0 [ 21.508455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.508567] kthread+0x328/0x630 [ 21.508717] ret_from_fork+0x10/0x20 [ 21.508883] [ 21.508969] Allocated by task 259: [ 21.509015] kasan_save_stack+0x3c/0x68 [ 21.509104] kasan_save_track+0x20/0x40 [ 21.509176] kasan_save_alloc_info+0x40/0x58 [ 21.509221] __kasan_kmalloc+0xd4/0xd8 [ 21.509270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.509312] kasan_strings+0xc8/0xb00 [ 21.509350] kunit_try_run_case+0x170/0x3f0 [ 21.509391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.509453] kthread+0x328/0x630 [ 21.509488] ret_from_fork+0x10/0x20 [ 21.509527] [ 21.509557] Freed by task 259: [ 21.509585] kasan_save_stack+0x3c/0x68 [ 21.509626] kasan_save_track+0x20/0x40 [ 21.509674] kasan_save_free_info+0x4c/0x78 [ 21.509716] __kasan_slab_free+0x6c/0x98 [ 21.509755] kfree+0x214/0x3c8 [ 21.509794] kasan_strings+0x24c/0xb00 [ 21.509842] kunit_try_run_case+0x170/0x3f0 [ 21.509890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.509936] kthread+0x328/0x630 [ 21.509979] ret_from_fork+0x10/0x20 [ 21.510017] [ 21.510047] The buggy address belongs to the object at fff00000c63c9800 [ 21.510047] which belongs to the cache kmalloc-32 of size 32 [ 21.510119] The buggy address is located 16 bytes inside of [ 21.510119] freed 32-byte region [fff00000c63c9800, fff00000c63c9820) [ 21.510422] [ 21.510601] The buggy address belongs to the physical page: [ 21.510968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c9 [ 21.511240] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.511306] page_type: f5(slab) [ 21.511518] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.511859] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.511975] page dumped because: kasan: bad access detected [ 21.512072] [ 21.512236] Memory state around the buggy address: [ 21.512319] fff00000c63c9700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.512366] fff00000c63c9780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.512412] >fff00000c63c9800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.512871] ^ [ 21.513024] fff00000c63c9880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.514922] [ 21.515430] print_report+0x118/0x608 [ 21.516968] Allocated by task 259: [ 21.517981] kunit_try_run_case+0x170/0x3f0 [ 21.521563] kasan_strings+0x24c/0xb00 [ 21.522459] Memory state around the buggy address: [ 21.522703] fff00000c63c9900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.524201] Call trace: [ 21.524704] ret_from_fork+0x10/0x20 [ 21.526375] kthread+0x328/0x630 [ 21.529984] The buggy address is located 16 bytes inside of [ 21.529984] freed 32-byte region [fff00000c63c9800, fff00000c63c9820) [ 21.532144] fff00000c63c9900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.543855] kasan_check_range+0x100/0x1a8 [ 21.546439] __kasan_kmalloc+0xd4/0xd8 [ 21.548437] [ 21.549752] page dumped because: kasan: bad access detected [ 21.550778] fff00000c6096900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.553575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.555168] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.557848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.497416] ================================================================== [ 21.497472] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 21.498040] Read of size 1 at addr fff00000c63c9810 by task kunit_try_catch/259 [ 21.498123] [ 21.498190] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.498280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.498332] Hardware name: linux,dummy-virt (DT) [ 21.498367] Call trace: [ 21.498394] show_stack+0x20/0x38 (C) [ 21.498483] dump_stack_lvl+0x8c/0xd0 [ 21.498543] print_report+0x118/0x608 [ 21.498595] kasan_report+0xdc/0x128 [ 21.498641] __asan_report_load1_noabort+0x20/0x30 [ 21.498693] strcmp+0xc0/0xc8 [ 21.498736] kasan_strings+0x340/0xb00 [ 21.498782] kunit_try_run_case+0x170/0x3f0 [ 21.498832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.498886] kthread+0x328/0x630 [ 21.498933] ret_from_fork+0x10/0x20 [ 21.499519] [ 21.499586] Allocated by task 259: [ 21.499703] kasan_save_stack+0x3c/0x68 [ 21.499938] kasan_save_track+0x20/0x40 [ 21.500124] kasan_save_alloc_info+0x40/0x58 [ 21.500241] __kasan_kmalloc+0xd4/0xd8 [ 21.500361] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.500427] kasan_strings+0xc8/0xb00 [ 21.500768] kunit_try_run_case+0x170/0x3f0 [ 21.500874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.500983] kthread+0x328/0x630 [ 21.501100] ret_from_fork+0x10/0x20 [ 21.501144] [ 21.501217] Freed by task 259: [ 21.501532] kasan_save_stack+0x3c/0x68 [ 21.501676] kasan_save_track+0x20/0x40 [ 21.501762] kasan_save_free_info+0x4c/0x78 [ 21.501880] __kasan_slab_free+0x6c/0x98 [ 21.501925] kfree+0x214/0x3c8 [ 21.502250] kasan_strings+0x24c/0xb00 [ 21.502386] kunit_try_run_case+0x170/0x3f0 [ 21.502484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.502709] kthread+0x328/0x630 [ 21.502875] ret_from_fork+0x10/0x20 [ 21.502977] [ 21.503038] The buggy address belongs to the object at fff00000c63c9800 [ 21.503038] which belongs to the cache kmalloc-32 of size 32 [ 21.503247] The buggy address is located 16 bytes inside of [ 21.503247] freed 32-byte region [fff00000c63c9800, fff00000c63c9820) [ 21.503461] [ 21.503613] The buggy address belongs to the physical page: [ 21.503686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c9 [ 21.503793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.503846] page_type: f5(slab) [ 21.503888] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.503948] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.504277] page dumped because: kasan: bad access detected [ 21.504446] [ 21.504510] Memory state around the buggy address: [ 21.504659] fff00000c63c9700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.504749] fff00000c63c9780: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.504817] >fff00000c63c9800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.504859] ^ [ 21.504901] fff00000c63c9880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.504956] fff00000c63c9900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.504999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.474570] ================================================================== [ 21.474637] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 21.474697] Read of size 1 at addr fff00000c63c9658 by task kunit_try_catch/257 [ 21.474749] [ 21.474786] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.474870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.474907] Hardware name: linux,dummy-virt (DT) [ 21.474941] Call trace: [ 21.474967] show_stack+0x20/0x38 (C) [ 21.475019] dump_stack_lvl+0x8c/0xd0 [ 21.475069] print_report+0x118/0x608 [ 21.475116] kasan_report+0xdc/0x128 [ 21.475179] __asan_report_load1_noabort+0x20/0x30 [ 21.475233] memcmp+0x198/0x1d8 [ 21.475276] kasan_memcmp+0x16c/0x300 [ 21.475331] kunit_try_run_case+0x170/0x3f0 [ 21.475383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.475436] kthread+0x328/0x630 [ 21.475486] ret_from_fork+0x10/0x20 [ 21.475675] [ 21.475939] Allocated by task 257: [ 21.476202] kasan_save_stack+0x3c/0x68 [ 21.476267] kasan_save_track+0x20/0x40 [ 21.476312] kasan_save_alloc_info+0x40/0x58 [ 21.476353] __kasan_kmalloc+0xd4/0xd8 [ 21.476860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.476939] kasan_memcmp+0xbc/0x300 [ 21.477188] kunit_try_run_case+0x170/0x3f0 [ 21.477466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.477703] kthread+0x328/0x630 [ 21.477855] ret_from_fork+0x10/0x20 [ 21.477937] [ 21.477985] The buggy address belongs to the object at fff00000c63c9640 [ 21.477985] which belongs to the cache kmalloc-32 of size 32 [ 21.478189] The buggy address is located 0 bytes to the right of [ 21.478189] allocated 24-byte region [fff00000c63c9640, fff00000c63c9658) [ 21.478270] [ 21.478294] The buggy address belongs to the physical page: [ 21.478631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c9 [ 21.478767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.478883] page_type: f5(slab) [ 21.479095] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.479372] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.479508] page dumped because: kasan: bad access detected [ 21.479614] [ 21.479775] Memory state around the buggy address: [ 21.479826] fff00000c63c9500: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.479881] fff00000c63c9580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.479949] >fff00000c63c9600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.480332] ^ [ 21.480416] fff00000c63c9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.480692] fff00000c63c9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.480870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.446517] ================================================================== [ 21.446579] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 21.446655] Read of size 1 at addr ffff800080a37b4a by task kunit_try_catch/253 [ 21.446709] [ 21.446742] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.446826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.446853] Hardware name: linux,dummy-virt (DT) [ 21.446899] Call trace: [ 21.446923] show_stack+0x20/0x38 (C) [ 21.446974] dump_stack_lvl+0x8c/0xd0 [ 21.447024] print_report+0x310/0x608 [ 21.447070] kasan_report+0xdc/0x128 [ 21.447128] __asan_report_load1_noabort+0x20/0x30 [ 21.447495] kasan_alloca_oob_right+0x2dc/0x340 [ 21.447787] kunit_try_run_case+0x170/0x3f0 [ 21.447848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.447935] kthread+0x328/0x630 [ 21.448008] ret_from_fork+0x10/0x20 [ 21.448382] [ 21.449149] The buggy address belongs to stack of task kunit_try_catch/253 [ 21.449319] [ 21.449387] The buggy address belongs to the virtual mapping at [ 21.449387] [ffff800080a30000, ffff800080a39000) created by: [ 21.449387] kernel_clone+0x150/0x7a8 [ 21.449480] [ 21.449516] The buggy address belongs to the physical page: [ 21.449569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 21.449819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.449998] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.450205] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.450341] page dumped because: kasan: bad access detected [ 21.450551] [ 21.450977] Memory state around the buggy address: [ 21.451557] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.451634] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.451683] >ffff800080a37b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.451725] ^ [ 21.451764] ffff800080a37b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.452014] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.452076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.429635] ================================================================== [ 21.430014] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 21.430093] Read of size 1 at addr ffff800080a37b5f by task kunit_try_catch/251 [ 21.430144] [ 21.430188] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.430494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.430594] Hardware name: linux,dummy-virt (DT) [ 21.430634] Call trace: [ 21.430658] show_stack+0x20/0x38 (C) [ 21.430807] dump_stack_lvl+0x8c/0xd0 [ 21.430860] print_report+0x310/0x608 [ 21.430945] kasan_report+0xdc/0x128 [ 21.430994] __asan_report_load1_noabort+0x20/0x30 [ 21.431047] kasan_alloca_oob_left+0x2b8/0x310 [ 21.431096] kunit_try_run_case+0x170/0x3f0 [ 21.431147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.431215] kthread+0x328/0x630 [ 21.431269] ret_from_fork+0x10/0x20 [ 21.431320] [ 21.431344] The buggy address belongs to stack of task kunit_try_catch/251 [ 21.431412] [ 21.431437] The buggy address belongs to the virtual mapping at [ 21.431437] [ffff800080a30000, ffff800080a39000) created by: [ 21.431437] kernel_clone+0x150/0x7a8 [ 21.431754] [ 21.431784] The buggy address belongs to the physical page: [ 21.431819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 21.431879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.432403] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.432463] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.433001] page dumped because: kasan: bad access detected [ 21.433077] [ 21.433147] Memory state around the buggy address: [ 21.433307] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.433588] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.433664] >ffff800080a37b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 21.433722] ^ [ 21.433780] ffff800080a37b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.434142] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.434274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.414301] ================================================================== [ 21.414414] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 21.414477] Read of size 1 at addr ffff800080a37c2a by task kunit_try_catch/249 [ 21.414778] [ 21.415052] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.415186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.415236] Hardware name: linux,dummy-virt (DT) [ 21.415271] Call trace: [ 21.415312] show_stack+0x20/0x38 (C) [ 21.415436] dump_stack_lvl+0x8c/0xd0 [ 21.415520] print_report+0x310/0x608 [ 21.415657] kasan_report+0xdc/0x128 [ 21.415774] __asan_report_load1_noabort+0x20/0x30 [ 21.415827] kasan_stack_oob+0x238/0x270 [ 21.415871] kunit_try_run_case+0x170/0x3f0 [ 21.416227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.416300] kthread+0x328/0x630 [ 21.416379] ret_from_fork+0x10/0x20 [ 21.416453] [ 21.416565] The buggy address belongs to stack of task kunit_try_catch/249 [ 21.416908] and is located at offset 138 in frame: [ 21.416958] kasan_stack_oob+0x0/0x270 [ 21.417654] [ 21.417696] This frame has 4 objects: [ 21.418178] [48, 49) '__assertion' [ 21.418512] [64, 72) 'array' [ 21.418594] [96, 112) '__assertion' [ 21.418655] [128, 138) 'stack_array' [ 21.419153] [ 21.419309] The buggy address belongs to the virtual mapping at [ 21.419309] [ffff800080a30000, ffff800080a39000) created by: [ 21.419309] kernel_clone+0x150/0x7a8 [ 21.419573] [ 21.419623] The buggy address belongs to the physical page: [ 21.419663] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106357 [ 21.419716] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.420061] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.420255] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.420365] page dumped because: kasan: bad access detected [ 21.420545] [ 21.420586] Memory state around the buggy address: [ 21.420623] ffff800080a37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.420675] ffff800080a37b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 21.420948] >ffff800080a37c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 21.421077] ^ [ 21.421210] ffff800080a37c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 21.421278] ffff800080a37d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.421319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.392594] ================================================================== [ 21.392874] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 21.393264] Read of size 1 at addr ffffabf27014f58d by task kunit_try_catch/245 [ 21.393332] [ 21.393400] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.393542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.393689] Hardware name: linux,dummy-virt (DT) [ 21.393727] Call trace: [ 21.393751] show_stack+0x20/0x38 (C) [ 21.394094] dump_stack_lvl+0x8c/0xd0 [ 21.394210] print_report+0x310/0x608 [ 21.394262] kasan_report+0xdc/0x128 [ 21.394446] __asan_report_load1_noabort+0x20/0x30 [ 21.394604] kasan_global_oob_right+0x230/0x270 [ 21.394664] kunit_try_run_case+0x170/0x3f0 [ 21.394977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.395066] kthread+0x328/0x630 [ 21.395340] ret_from_fork+0x10/0x20 [ 21.395485] [ 21.395562] The buggy address belongs to the variable: [ 21.395611] global_array+0xd/0x40 [ 21.395675] [ 21.396495] The buggy address belongs to the virtual mapping at [ 21.396495] [ffffabf26e300000, ffffabf270201000) created by: [ 21.396495] paging_init+0x66c/0x7d0 [ 21.397040] [ 21.397436] The buggy address belongs to the physical page: [ 21.397500] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 21.397642] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 21.397725] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 21.398056] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.398138] page dumped because: kasan: bad access detected [ 21.398253] [ 21.398343] Memory state around the buggy address: [ 21.398449] ffffabf27014f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.398792] ffffabf27014f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 21.398852] >ffffabf27014f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 21.398907] ^ [ 21.398946] ffffabf27014f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 21.398990] ffffabf27014f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.399040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.363611] ================================================================== [ 21.363773] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.363834] Free of addr fff00000c7706e01 by task kunit_try_catch/241 [ 21.364176] [ 21.364271] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.364395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.364441] Hardware name: linux,dummy-virt (DT) [ 21.364758] Call trace: [ 21.364823] show_stack+0x20/0x38 (C) [ 21.364960] dump_stack_lvl+0x8c/0xd0 [ 21.365076] print_report+0x118/0x608 [ 21.365521] kasan_report_invalid_free+0xc0/0xe8 [ 21.365595] check_slab_allocation+0xfc/0x108 [ 21.365734] __kasan_mempool_poison_object+0x78/0x150 [ 21.365846] mempool_free+0x28c/0x328 [ 21.365931] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.365993] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.366043] kunit_try_run_case+0x170/0x3f0 [ 21.366105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.366178] kthread+0x328/0x630 [ 21.366229] ret_from_fork+0x10/0x20 [ 21.366285] [ 21.366305] Allocated by task 241: [ 21.366333] kasan_save_stack+0x3c/0x68 [ 21.366384] kasan_save_track+0x20/0x40 [ 21.366422] kasan_save_alloc_info+0x40/0x58 [ 21.366472] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.366530] remove_element+0x130/0x1f8 [ 21.366579] mempool_alloc_preallocated+0x58/0xc0 [ 21.366627] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 21.366669] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.366709] kunit_try_run_case+0x170/0x3f0 [ 21.366746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.366798] kthread+0x328/0x630 [ 21.366831] ret_from_fork+0x10/0x20 [ 21.366879] [ 21.366902] The buggy address belongs to the object at fff00000c7706e00 [ 21.366902] which belongs to the cache kmalloc-128 of size 128 [ 21.366963] The buggy address is located 1 bytes inside of [ 21.366963] 128-byte region [fff00000c7706e00, fff00000c7706e80) [ 21.367034] [ 21.367053] The buggy address belongs to the physical page: [ 21.367085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706 [ 21.367171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.367687] page_type: f5(slab) [ 21.367736] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.367788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.368231] page dumped because: kasan: bad access detected [ 21.368295] [ 21.368314] Memory state around the buggy address: [ 21.368348] fff00000c7706d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.368717] fff00000c7706d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.368904] >fff00000c7706e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.369057] ^ [ 21.369148] fff00000c7706e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.369323] fff00000c7706f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.369383] ================================================================== [ 21.378602] ================================================================== [ 21.378664] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.378718] Free of addr fff00000c7818001 by task kunit_try_catch/243 [ 21.378760] [ 21.378803] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.378885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.378916] Hardware name: linux,dummy-virt (DT) [ 21.378947] Call trace: [ 21.378970] show_stack+0x20/0x38 (C) [ 21.379024] dump_stack_lvl+0x8c/0xd0 [ 21.379072] print_report+0x118/0x608 [ 21.379125] kasan_report_invalid_free+0xc0/0xe8 [ 21.379188] __kasan_mempool_poison_object+0xfc/0x150 [ 21.379657] mempool_free+0x28c/0x328 [ 21.379749] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.379821] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 21.379963] kunit_try_run_case+0x170/0x3f0 [ 21.380020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.380074] kthread+0x328/0x630 [ 21.380434] ret_from_fork+0x10/0x20 [ 21.380530] [ 21.380610] The buggy address belongs to the physical page: [ 21.380676] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 21.380836] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.380941] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.381026] page_type: f8(unknown) [ 21.381355] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.381434] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.381568] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.381666] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.381856] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 21.381970] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.382019] page dumped because: kasan: bad access detected [ 21.382420] [ 21.382568] Memory state around the buggy address: [ 21.382646] fff00000c7817f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383020] fff00000c7817f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383173] >fff00000c7818000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.383296] ^ [ 21.383468] fff00000c7818080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.383546] fff00000c7818100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.383634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.334644] ================================================================== [ 21.335082] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.335274] Free of addr fff00000c7818000 by task kunit_try_catch/237 [ 21.335323] [ 21.335362] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.335780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.335973] Hardware name: linux,dummy-virt (DT) [ 21.336041] Call trace: [ 21.336148] show_stack+0x20/0x38 (C) [ 21.336304] dump_stack_lvl+0x8c/0xd0 [ 21.336473] print_report+0x118/0x608 [ 21.336744] kasan_report_invalid_free+0xc0/0xe8 [ 21.336906] __kasan_mempool_poison_object+0x14c/0x150 [ 21.336993] mempool_free+0x28c/0x328 [ 21.337166] mempool_double_free_helper+0x150/0x2e8 [ 21.337264] mempool_kmalloc_large_double_free+0xc0/0x118 [ 21.337360] kunit_try_run_case+0x170/0x3f0 [ 21.337562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.337614] kthread+0x328/0x630 [ 21.337665] ret_from_fork+0x10/0x20 [ 21.337817] [ 21.337849] The buggy address belongs to the physical page: [ 21.337904] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 21.337960] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.338060] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.338125] page_type: f8(unknown) [ 21.338183] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.338245] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.338309] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.338380] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.338438] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 21.338504] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.338545] page dumped because: kasan: bad access detected [ 21.338584] [ 21.338610] Memory state around the buggy address: [ 21.338649] fff00000c7817f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.338692] fff00000c7817f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.338735] >fff00000c7818000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.338773] ^ [ 21.338824] fff00000c7818080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.338879] fff00000c7818100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.338924] ================================================================== [ 21.349607] ================================================================== [ 21.349667] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.349725] Free of addr fff00000c7818000 by task kunit_try_catch/239 [ 21.349768] [ 21.349799] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.349881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.350027] Hardware name: linux,dummy-virt (DT) [ 21.350072] Call trace: [ 21.350095] show_stack+0x20/0x38 (C) [ 21.350148] dump_stack_lvl+0x8c/0xd0 [ 21.350208] print_report+0x118/0x608 [ 21.350254] kasan_report_invalid_free+0xc0/0xe8 [ 21.350321] __kasan_mempool_poison_pages+0xe0/0xe8 [ 21.350378] mempool_free+0x24c/0x328 [ 21.350422] mempool_double_free_helper+0x150/0x2e8 [ 21.350471] mempool_page_alloc_double_free+0xbc/0x118 [ 21.350523] kunit_try_run_case+0x170/0x3f0 [ 21.350573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.350633] kthread+0x328/0x630 [ 21.350676] ret_from_fork+0x10/0x20 [ 21.350732] [ 21.350751] The buggy address belongs to the physical page: [ 21.350782] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 21.350842] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.350907] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.350957] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.351004] page dumped because: kasan: bad access detected [ 21.351035] [ 21.351052] Memory state around the buggy address: [ 21.351094] fff00000c7817f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.351145] fff00000c7817f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.351966] >fff00000c7818000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.352011] ^ [ 21.352041] fff00000c7818080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.352494] fff00000c7818100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.352562] ================================================================== [ 21.322478] ================================================================== [ 21.322536] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.322589] Free of addr fff00000c7706a00 by task kunit_try_catch/235 [ 21.322632] [ 21.323089] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.323196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.323248] Hardware name: linux,dummy-virt (DT) [ 21.323352] Call trace: [ 21.323377] show_stack+0x20/0x38 (C) [ 21.323428] dump_stack_lvl+0x8c/0xd0 [ 21.323474] print_report+0x118/0x608 [ 21.323549] kasan_report_invalid_free+0xc0/0xe8 [ 21.323598] check_slab_allocation+0xd4/0x108 [ 21.323834] __kasan_mempool_poison_object+0x78/0x150 [ 21.323907] mempool_free+0x28c/0x328 [ 21.324013] mempool_double_free_helper+0x150/0x2e8 [ 21.324136] mempool_kmalloc_double_free+0xc0/0x118 [ 21.324195] kunit_try_run_case+0x170/0x3f0 [ 21.324244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.324319] kthread+0x328/0x630 [ 21.324393] ret_from_fork+0x10/0x20 [ 21.324447] [ 21.324528] Allocated by task 235: [ 21.324584] kasan_save_stack+0x3c/0x68 [ 21.324691] kasan_save_track+0x20/0x40 [ 21.324756] kasan_save_alloc_info+0x40/0x58 [ 21.324855] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.324949] remove_element+0x130/0x1f8 [ 21.325021] mempool_alloc_preallocated+0x58/0xc0 [ 21.325104] mempool_double_free_helper+0x94/0x2e8 [ 21.325394] mempool_kmalloc_double_free+0xc0/0x118 [ 21.325438] kunit_try_run_case+0x170/0x3f0 [ 21.325476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.325519] kthread+0x328/0x630 [ 21.325550] ret_from_fork+0x10/0x20 [ 21.325587] [ 21.325605] Freed by task 235: [ 21.325644] kasan_save_stack+0x3c/0x68 [ 21.325795] kasan_save_track+0x20/0x40 [ 21.325831] kasan_save_free_info+0x4c/0x78 [ 21.325888] __kasan_mempool_poison_object+0xc0/0x150 [ 21.325930] mempool_free+0x28c/0x328 [ 21.325964] mempool_double_free_helper+0x100/0x2e8 [ 21.326003] mempool_kmalloc_double_free+0xc0/0x118 [ 21.326043] kunit_try_run_case+0x170/0x3f0 [ 21.326079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.326131] kthread+0x328/0x630 [ 21.326172] ret_from_fork+0x10/0x20 [ 21.326208] [ 21.326225] The buggy address belongs to the object at fff00000c7706a00 [ 21.326225] which belongs to the cache kmalloc-128 of size 128 [ 21.326487] The buggy address is located 0 bytes inside of [ 21.326487] 128-byte region [fff00000c7706a00, fff00000c7706a80) [ 21.326702] [ 21.326729] The buggy address belongs to the physical page: [ 21.326759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706 [ 21.326813] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.326878] page_type: f5(slab) [ 21.326921] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.326974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.327014] page dumped because: kasan: bad access detected [ 21.327096] [ 21.327114] Memory state around the buggy address: [ 21.327256] fff00000c7706900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.327451] fff00000c7706980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.327541] >fff00000c7706a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.327580] ^ [ 21.327609] fff00000c7706a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.327670] fff00000c7706b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.327710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.312813] ================================================================== [ 21.312884] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.313094] Read of size 1 at addr fff00000c76c4000 by task kunit_try_catch/233 [ 21.313214] [ 21.313247] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.313333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.313359] Hardware name: linux,dummy-virt (DT) [ 21.313391] Call trace: [ 21.313413] show_stack+0x20/0x38 (C) [ 21.313464] dump_stack_lvl+0x8c/0xd0 [ 21.313513] print_report+0x118/0x608 [ 21.313559] kasan_report+0xdc/0x128 [ 21.313604] __asan_report_load1_noabort+0x20/0x30 [ 21.313655] mempool_uaf_helper+0x314/0x340 [ 21.313700] mempool_page_alloc_uaf+0xc0/0x118 [ 21.313745] kunit_try_run_case+0x170/0x3f0 [ 21.313794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.313845] kthread+0x328/0x630 [ 21.313885] ret_from_fork+0x10/0x20 [ 21.313944] [ 21.313966] The buggy address belongs to the physical page: [ 21.313997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 21.314074] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.314137] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.314195] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.314236] page dumped because: kasan: bad access detected [ 21.314268] [ 21.314285] Memory state around the buggy address: [ 21.314316] fff00000c76c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.314393] fff00000c76c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.314433] >fff00000c76c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.314471] ^ [ 21.314498] fff00000c76c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.314565] fff00000c76c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.314628] ================================================================== [ 21.269815] ================================================================== [ 21.269885] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.269946] Read of size 1 at addr fff00000c76c4000 by task kunit_try_catch/229 [ 21.269996] [ 21.270035] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.270121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.270148] Hardware name: linux,dummy-virt (DT) [ 21.270313] Call trace: [ 21.270462] show_stack+0x20/0x38 (C) [ 21.270734] dump_stack_lvl+0x8c/0xd0 [ 21.270944] print_report+0x118/0x608 [ 21.271013] kasan_report+0xdc/0x128 [ 21.271063] __asan_report_load1_noabort+0x20/0x30 [ 21.271527] mempool_uaf_helper+0x314/0x340 [ 21.271592] mempool_kmalloc_large_uaf+0xc4/0x120 [ 21.271973] kunit_try_run_case+0x170/0x3f0 [ 21.272038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.272092] kthread+0x328/0x630 [ 21.272280] ret_from_fork+0x10/0x20 [ 21.272333] [ 21.272537] The buggy address belongs to the physical page: [ 21.272693] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c4 [ 21.272846] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.272950] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.273054] page_type: f8(unknown) [ 21.273103] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.273214] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.273264] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.273500] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.273701] head: 0bfffe0000000002 ffffc1ffc31db101 00000000ffffffff 00000000ffffffff [ 21.273966] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.274029] page dumped because: kasan: bad access detected [ 21.274062] [ 21.274080] Memory state around the buggy address: [ 21.274116] fff00000c76c3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.274170] fff00000c76c3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.274224] >fff00000c76c4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.274260] ^ [ 21.274324] fff00000c76c4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.274632] fff00000c76c4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.274754] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.250290] ================================================================== [ 21.250420] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.250479] Read of size 1 at addr fff00000c7706600 by task kunit_try_catch/227 [ 21.250530] [ 21.250563] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.250645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.250670] Hardware name: linux,dummy-virt (DT) [ 21.250702] Call trace: [ 21.250726] show_stack+0x20/0x38 (C) [ 21.250780] dump_stack_lvl+0x8c/0xd0 [ 21.251000] print_report+0x118/0x608 [ 21.251095] kasan_report+0xdc/0x128 [ 21.251353] __asan_report_load1_noabort+0x20/0x30 [ 21.251555] mempool_uaf_helper+0x314/0x340 [ 21.251603] mempool_kmalloc_uaf+0xc4/0x120 [ 21.251652] kunit_try_run_case+0x170/0x3f0 [ 21.251802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.252062] kthread+0x328/0x630 [ 21.252135] ret_from_fork+0x10/0x20 [ 21.252216] [ 21.252236] Allocated by task 227: [ 21.252265] kasan_save_stack+0x3c/0x68 [ 21.252306] kasan_save_track+0x20/0x40 [ 21.252344] kasan_save_alloc_info+0x40/0x58 [ 21.252629] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.252675] remove_element+0x130/0x1f8 [ 21.252721] mempool_alloc_preallocated+0x58/0xc0 [ 21.252813] mempool_uaf_helper+0xa4/0x340 [ 21.252974] mempool_kmalloc_uaf+0xc4/0x120 [ 21.253028] kunit_try_run_case+0x170/0x3f0 [ 21.253136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.253225] kthread+0x328/0x630 [ 21.253257] ret_from_fork+0x10/0x20 [ 21.253294] [ 21.253313] Freed by task 227: [ 21.253339] kasan_save_stack+0x3c/0x68 [ 21.253384] kasan_save_track+0x20/0x40 [ 21.253546] kasan_save_free_info+0x4c/0x78 [ 21.253735] __kasan_mempool_poison_object+0xc0/0x150 [ 21.253842] mempool_free+0x28c/0x328 [ 21.253876] mempool_uaf_helper+0x104/0x340 [ 21.253913] mempool_kmalloc_uaf+0xc4/0x120 [ 21.253950] kunit_try_run_case+0x170/0x3f0 [ 21.253988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.254031] kthread+0x328/0x630 [ 21.254064] ret_from_fork+0x10/0x20 [ 21.254102] [ 21.254122] The buggy address belongs to the object at fff00000c7706600 [ 21.254122] which belongs to the cache kmalloc-128 of size 128 [ 21.254190] The buggy address is located 0 bytes inside of [ 21.254190] freed 128-byte region [fff00000c7706600, fff00000c7706680) [ 21.254253] [ 21.254272] The buggy address belongs to the physical page: [ 21.254304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706 [ 21.254356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.257859] page_type: f5(slab) [ 21.257920] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.257972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.258013] page dumped because: kasan: bad access detected [ 21.258045] [ 21.258063] Memory state around the buggy address: [ 21.258420] fff00000c7706500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.258471] fff00000c7706580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.258542] >fff00000c7706600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.258582] ^ [ 21.258612] fff00000c7706680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.258745] fff00000c7706700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.258787] ================================================================== [ 21.288149] ================================================================== [ 21.288232] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.288292] Read of size 1 at addr fff00000c63d1240 by task kunit_try_catch/231 [ 21.288343] [ 21.288381] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.288555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.288582] Hardware name: linux,dummy-virt (DT) [ 21.288672] Call trace: [ 21.288780] show_stack+0x20/0x38 (C) [ 21.288831] dump_stack_lvl+0x8c/0xd0 [ 21.288924] print_report+0x118/0x608 [ 21.288988] kasan_report+0xdc/0x128 [ 21.289126] __asan_report_load1_noabort+0x20/0x30 [ 21.289299] mempool_uaf_helper+0x314/0x340 [ 21.289345] mempool_slab_uaf+0xc0/0x118 [ 21.289434] kunit_try_run_case+0x170/0x3f0 [ 21.289484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.289567] kthread+0x328/0x630 [ 21.289609] ret_from_fork+0x10/0x20 [ 21.289715] [ 21.289793] Allocated by task 231: [ 21.289846] kasan_save_stack+0x3c/0x68 [ 21.289948] kasan_save_track+0x20/0x40 [ 21.290018] kasan_save_alloc_info+0x40/0x58 [ 21.290059] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.290141] remove_element+0x16c/0x1f8 [ 21.290199] mempool_alloc_preallocated+0x58/0xc0 [ 21.290238] mempool_uaf_helper+0xa4/0x340 [ 21.290275] mempool_slab_uaf+0xc0/0x118 [ 21.290312] kunit_try_run_case+0x170/0x3f0 [ 21.290349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.290394] kthread+0x328/0x630 [ 21.290425] ret_from_fork+0x10/0x20 [ 21.290460] [ 21.290480] Freed by task 231: [ 21.290532] kasan_save_stack+0x3c/0x68 [ 21.290569] kasan_save_track+0x20/0x40 [ 21.290606] kasan_save_free_info+0x4c/0x78 [ 21.290645] __kasan_mempool_poison_object+0xc0/0x150 [ 21.290687] mempool_free+0x28c/0x328 [ 21.290722] mempool_uaf_helper+0x104/0x340 [ 21.290758] mempool_slab_uaf+0xc0/0x118 [ 21.290809] kunit_try_run_case+0x170/0x3f0 [ 21.290900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.290946] kthread+0x328/0x630 [ 21.291254] ret_from_fork+0x10/0x20 [ 21.291296] [ 21.291322] The buggy address belongs to the object at fff00000c63d1240 [ 21.291322] which belongs to the cache test_cache of size 123 [ 21.291389] The buggy address is located 0 bytes inside of [ 21.291389] freed 123-byte region [fff00000c63d1240, fff00000c63d12bb) [ 21.291596] [ 21.291653] The buggy address belongs to the physical page: [ 21.291692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063d1 [ 21.291822] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.292100] page_type: f5(slab) [ 21.292184] raw: 0bfffe0000000000 fff00000c1757c80 dead000000000122 0000000000000000 [ 21.292300] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.292360] page dumped because: kasan: bad access detected [ 21.292392] [ 21.292449] Memory state around the buggy address: [ 21.292489] fff00000c63d1100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.292638] fff00000c63d1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.292681] >fff00000c63d1200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.292720] ^ [ 21.292755] fff00000c63d1280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.292821] fff00000c63d1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.292859] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.209749] ================================================================== [ 21.209812] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.209866] Read of size 1 at addr fff00000c653e001 by task kunit_try_catch/223 [ 21.209915] [ 21.209947] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.210030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.210056] Hardware name: linux,dummy-virt (DT) [ 21.210101] Call trace: [ 21.210124] show_stack+0x20/0x38 (C) [ 21.210680] dump_stack_lvl+0x8c/0xd0 [ 21.210976] print_report+0x118/0x608 [ 21.211097] kasan_report+0xdc/0x128 [ 21.211236] __asan_report_load1_noabort+0x20/0x30 [ 21.211473] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.211586] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 21.211839] kunit_try_run_case+0x170/0x3f0 [ 21.211895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.211949] kthread+0x328/0x630 [ 21.212241] ret_from_fork+0x10/0x20 [ 21.212342] [ 21.212363] The buggy address belongs to the physical page: [ 21.212403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c [ 21.212495] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.212791] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.213010] page_type: f8(unknown) [ 21.213056] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.213337] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.213561] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.213613] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.213664] head: 0bfffe0000000002 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff [ 21.214031] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.214077] page dumped because: kasan: bad access detected [ 21.214232] [ 21.214251] Memory state around the buggy address: [ 21.214343] fff00000c653df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.214560] fff00000c653df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.214834] >fff00000c653e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.214940] ^ [ 21.215112] fff00000c653e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.215323] fff00000c653e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.215451] ================================================================== [ 21.198463] ================================================================== [ 21.198534] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.198608] Read of size 1 at addr fff00000c7706273 by task kunit_try_catch/221 [ 21.198659] [ 21.198702] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.198791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.198817] Hardware name: linux,dummy-virt (DT) [ 21.198851] Call trace: [ 21.198876] show_stack+0x20/0x38 (C) [ 21.198935] dump_stack_lvl+0x8c/0xd0 [ 21.198985] print_report+0x118/0x608 [ 21.199032] kasan_report+0xdc/0x128 [ 21.199075] __asan_report_load1_noabort+0x20/0x30 [ 21.199126] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.199186] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.199233] kunit_try_run_case+0x170/0x3f0 [ 21.199284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.199335] kthread+0x328/0x630 [ 21.199376] ret_from_fork+0x10/0x20 [ 21.199426] [ 21.199446] Allocated by task 221: [ 21.199475] kasan_save_stack+0x3c/0x68 [ 21.199623] kasan_save_track+0x20/0x40 [ 21.199666] kasan_save_alloc_info+0x40/0x58 [ 21.199707] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.199752] remove_element+0x130/0x1f8 [ 21.199791] mempool_alloc_preallocated+0x58/0xc0 [ 21.199829] mempool_oob_right_helper+0x98/0x2f0 [ 21.199869] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.199909] kunit_try_run_case+0x170/0x3f0 [ 21.199947] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.199991] kthread+0x328/0x630 [ 21.200024] ret_from_fork+0x10/0x20 [ 21.200062] [ 21.200082] The buggy address belongs to the object at fff00000c7706200 [ 21.200082] which belongs to the cache kmalloc-128 of size 128 [ 21.200142] The buggy address is located 0 bytes to the right of [ 21.200142] allocated 115-byte region [fff00000c7706200, fff00000c7706273) [ 21.200222] [ 21.200244] The buggy address belongs to the physical page: [ 21.200279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706 [ 21.200336] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.200390] page_type: f5(slab) [ 21.200434] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.200483] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.200524] page dumped because: kasan: bad access detected [ 21.200556] [ 21.200575] Memory state around the buggy address: [ 21.200607] fff00000c7706100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.200650] fff00000c7706180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200693] >fff00000c7706200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.200730] ^ [ 21.200771] fff00000c7706280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.200813] fff00000c7706300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.200852] ================================================================== [ 21.226687] ================================================================== [ 21.226752] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.226960] Read of size 1 at addr fff00000c76e52bb by task kunit_try_catch/225 [ 21.227182] [ 21.227215] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.228025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.228068] Hardware name: linux,dummy-virt (DT) [ 21.228121] Call trace: [ 21.228146] show_stack+0x20/0x38 (C) [ 21.228231] dump_stack_lvl+0x8c/0xd0 [ 21.228278] print_report+0x118/0x608 [ 21.228324] kasan_report+0xdc/0x128 [ 21.228502] __asan_report_load1_noabort+0x20/0x30 [ 21.228555] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.228706] mempool_slab_oob_right+0xc0/0x118 [ 21.228752] kunit_try_run_case+0x170/0x3f0 [ 21.228812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.229037] kthread+0x328/0x630 [ 21.229108] ret_from_fork+0x10/0x20 [ 21.229258] [ 21.229278] Allocated by task 225: [ 21.229309] kasan_save_stack+0x3c/0x68 [ 21.229353] kasan_save_track+0x20/0x40 [ 21.229392] kasan_save_alloc_info+0x40/0x58 [ 21.229443] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.229488] remove_element+0x16c/0x1f8 [ 21.229765] mempool_alloc_preallocated+0x58/0xc0 [ 21.229824] mempool_oob_right_helper+0x98/0x2f0 [ 21.229863] mempool_slab_oob_right+0xc0/0x118 [ 21.229913] kunit_try_run_case+0x170/0x3f0 [ 21.230138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.230193] kthread+0x328/0x630 [ 21.230227] ret_from_fork+0x10/0x20 [ 21.230272] [ 21.230291] The buggy address belongs to the object at fff00000c76e5240 [ 21.230291] which belongs to the cache test_cache of size 123 [ 21.230351] The buggy address is located 0 bytes to the right of [ 21.230351] allocated 123-byte region [fff00000c76e5240, fff00000c76e52bb) [ 21.230591] [ 21.230614] The buggy address belongs to the physical page: [ 21.230873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e5 [ 21.230980] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.231072] page_type: f5(slab) [ 21.231177] raw: 0bfffe0000000000 fff00000c1757b40 dead000000000122 0000000000000000 [ 21.231241] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.231283] page dumped because: kasan: bad access detected [ 21.231315] [ 21.231333] Memory state around the buggy address: [ 21.231781] fff00000c76e5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.231934] fff00000c76e5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.231983] >fff00000c76e5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.232024] ^ [ 21.232059] fff00000c76e5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.232103] fff00000c76e5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.232142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 20.638030] ================================================================== [ 20.638715] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 20.639260] Read of size 1 at addr fff00000c63df500 by task kunit_try_catch/215 [ 20.639345] [ 20.639389] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.639477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.639530] Hardware name: linux,dummy-virt (DT) [ 20.639564] Call trace: [ 20.639590] show_stack+0x20/0x38 (C) [ 20.639643] dump_stack_lvl+0x8c/0xd0 [ 20.639693] print_report+0x118/0x608 [ 20.639739] kasan_report+0xdc/0x128 [ 20.639784] __kasan_check_byte+0x54/0x70 [ 20.639831] kmem_cache_destroy+0x34/0x218 [ 20.639878] kmem_cache_double_destroy+0x174/0x300 [ 20.639925] kunit_try_run_case+0x170/0x3f0 [ 20.639974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.640025] kthread+0x328/0x630 [ 20.640069] ret_from_fork+0x10/0x20 [ 20.640116] [ 20.640135] Allocated by task 215: [ 20.640176] kasan_save_stack+0x3c/0x68 [ 20.640217] kasan_save_track+0x20/0x40 [ 20.640255] kasan_save_alloc_info+0x40/0x58 [ 20.640294] __kasan_slab_alloc+0xa8/0xb0 [ 20.640333] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.640373] __kmem_cache_create_args+0x178/0x280 [ 20.640411] kmem_cache_double_destroy+0xc0/0x300 [ 20.640451] kunit_try_run_case+0x170/0x3f0 [ 20.640488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.640533] kthread+0x328/0x630 [ 20.640566] ret_from_fork+0x10/0x20 [ 20.640604] [ 20.640623] Freed by task 215: [ 20.640650] kasan_save_stack+0x3c/0x68 [ 20.640717] kasan_save_track+0x20/0x40 [ 20.640756] kasan_save_free_info+0x4c/0x78 [ 20.640875] __kasan_slab_free+0x6c/0x98 [ 20.640917] kmem_cache_free+0x260/0x468 [ 20.640954] slab_kmem_cache_release+0x38/0x50 [ 20.641202] kmem_cache_release+0x1c/0x30 [ 20.641314] kobject_put+0x17c/0x420 [ 20.641359] sysfs_slab_release+0x1c/0x30 [ 20.641567] kmem_cache_destroy+0x118/0x218 [ 20.642275] kmem_cache_double_destroy+0x128/0x300 [ 20.642411] kunit_try_run_case+0x170/0x3f0 [ 20.642731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.643039] kthread+0x328/0x630 [ 20.643358] ret_from_fork+0x10/0x20 [ 20.643551] [ 20.643587] The buggy address belongs to the object at fff00000c63df500 [ 20.643587] which belongs to the cache kmem_cache of size 208 [ 20.643650] The buggy address is located 0 bytes inside of [ 20.643650] freed 208-byte region [fff00000c63df500, fff00000c63df5d0) [ 20.643716] [ 20.644107] The buggy address belongs to the physical page: [ 20.644453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063df [ 20.644674] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.644927] page_type: f5(slab) [ 20.645372] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 20.645921] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 20.646024] page dumped because: kasan: bad access detected [ 20.646304] [ 20.646332] Memory state around the buggy address: [ 20.646451] fff00000c63df400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.646702] fff00000c63df480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.646755] >fff00000c63df500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.646794] ^ [ 20.646917] fff00000c63df580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 20.646964] fff00000c63df600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.647349] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 20.381303] ================================================================== [ 20.381400] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 20.381478] Read of size 1 at addr fff00000c7730000 by task kunit_try_catch/213 [ 20.382868] [ 20.382932] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.383360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.383724] Hardware name: linux,dummy-virt (DT) [ 20.383891] Call trace: [ 20.383956] show_stack+0x20/0x38 (C) [ 20.384015] dump_stack_lvl+0x8c/0xd0 [ 20.384069] print_report+0x118/0x608 [ 20.384367] kasan_report+0xdc/0x128 [ 20.384605] __asan_report_load1_noabort+0x20/0x30 [ 20.384658] kmem_cache_rcu_uaf+0x388/0x468 [ 20.385069] kunit_try_run_case+0x170/0x3f0 [ 20.385152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.385800] kthread+0x328/0x630 [ 20.386149] ret_from_fork+0x10/0x20 [ 20.386454] [ 20.386542] Allocated by task 213: [ 20.386574] kasan_save_stack+0x3c/0x68 [ 20.386854] kasan_save_track+0x20/0x40 [ 20.387003] kasan_save_alloc_info+0x40/0x58 [ 20.387071] __kasan_slab_alloc+0xa8/0xb0 [ 20.387319] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.387815] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.387904] kunit_try_run_case+0x170/0x3f0 [ 20.387941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.387985] kthread+0x328/0x630 [ 20.388505] ret_from_fork+0x10/0x20 [ 20.388555] [ 20.388589] Freed by task 0: [ 20.388617] kasan_save_stack+0x3c/0x68 [ 20.388792] kasan_save_track+0x20/0x40 [ 20.388829] kasan_save_free_info+0x4c/0x78 [ 20.388869] __kasan_slab_free+0x6c/0x98 [ 20.389284] slab_free_after_rcu_debug+0xd4/0x2f8 [ 20.389512] rcu_core+0x9f4/0x1e20 [ 20.389643] rcu_core_si+0x18/0x30 [ 20.389882] handle_softirqs+0x374/0xb28 [ 20.390052] __do_softirq+0x1c/0x28 [ 20.390088] [ 20.390281] Last potentially related work creation: [ 20.390315] kasan_save_stack+0x3c/0x68 [ 20.390631] kasan_record_aux_stack+0xb4/0xc8 [ 20.390676] kmem_cache_free+0x120/0x468 [ 20.390714] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.391177] kunit_try_run_case+0x170/0x3f0 [ 20.391228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.391354] kthread+0x328/0x630 [ 20.391388] ret_from_fork+0x10/0x20 [ 20.391663] [ 20.391844] The buggy address belongs to the object at fff00000c7730000 [ 20.391844] which belongs to the cache test_cache of size 200 [ 20.391924] The buggy address is located 0 bytes inside of [ 20.391924] freed 200-byte region [fff00000c7730000, fff00000c77300c8) [ 20.392282] [ 20.392307] The buggy address belongs to the physical page: [ 20.392342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107730 [ 20.392401] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.392454] page_type: f5(slab) [ 20.392497] raw: 0bfffe0000000000 fff00000c63df3c0 dead000000000122 0000000000000000 [ 20.392550] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.392591] page dumped because: kasan: bad access detected [ 20.392623] [ 20.392641] Memory state around the buggy address: [ 20.392675] fff00000c772ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.392719] fff00000c772ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.393371] >fff00000c7730000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.393456] ^ [ 20.393486] fff00000c7730080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.393690] fff00000c7730100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.394073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.033283] ================================================================== [ 20.033348] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.033410] Free of addr fff00000c772d001 by task kunit_try_catch/211 [ 20.033452] [ 20.033495] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.033775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.033863] Hardware name: linux,dummy-virt (DT) [ 20.034025] Call trace: [ 20.034098] show_stack+0x20/0x38 (C) [ 20.034220] dump_stack_lvl+0x8c/0xd0 [ 20.034663] print_report+0x118/0x608 [ 20.035279] kasan_report_invalid_free+0xc0/0xe8 [ 20.035485] check_slab_allocation+0xfc/0x108 [ 20.035563] __kasan_slab_pre_free+0x2c/0x48 [ 20.035612] kmem_cache_free+0xf0/0x468 [ 20.035661] kmem_cache_invalid_free+0x184/0x3c8 [ 20.035711] kunit_try_run_case+0x170/0x3f0 [ 20.035759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.035812] kthread+0x328/0x630 [ 20.035854] ret_from_fork+0x10/0x20 [ 20.036569] [ 20.036597] Allocated by task 211: [ 20.036651] kasan_save_stack+0x3c/0x68 [ 20.036699] kasan_save_track+0x20/0x40 [ 20.037212] kasan_save_alloc_info+0x40/0x58 [ 20.037272] __kasan_slab_alloc+0xa8/0xb0 [ 20.037610] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.037681] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.038023] kunit_try_run_case+0x170/0x3f0 [ 20.038328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.038556] kthread+0x328/0x630 [ 20.038593] ret_from_fork+0x10/0x20 [ 20.038630] [ 20.039105] The buggy address belongs to the object at fff00000c772d000 [ 20.039105] which belongs to the cache test_cache of size 200 [ 20.039476] The buggy address is located 1 bytes inside of [ 20.039476] 200-byte region [fff00000c772d000, fff00000c772d0c8) [ 20.039604] [ 20.039626] The buggy address belongs to the physical page: [ 20.039659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10772d [ 20.039990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.040368] page_type: f5(slab) [ 20.040758] raw: 0bfffe0000000000 fff00000c63df280 dead000000000122 0000000000000000 [ 20.041074] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.041261] page dumped because: kasan: bad access detected [ 20.041298] [ 20.041397] Memory state around the buggy address: [ 20.041579] fff00000c772cf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.041625] fff00000c772cf80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 20.041671] >fff00000c772d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.041709] ^ [ 20.041737] fff00000c772d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.042434] fff00000c772d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042493] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 19.997465] ================================================================== [ 19.997624] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 19.997792] Free of addr fff00000c7716000 by task kunit_try_catch/209 [ 19.997884] [ 19.997927] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.998013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.998052] Hardware name: linux,dummy-virt (DT) [ 19.998096] Call trace: [ 19.998121] show_stack+0x20/0x38 (C) [ 19.998398] dump_stack_lvl+0x8c/0xd0 [ 19.998475] print_report+0x118/0x608 [ 19.998594] kasan_report_invalid_free+0xc0/0xe8 [ 19.998658] check_slab_allocation+0xd4/0x108 [ 19.998706] __kasan_slab_pre_free+0x2c/0x48 [ 19.998754] kmem_cache_free+0xf0/0x468 [ 19.999000] kmem_cache_double_free+0x190/0x3c8 [ 19.999065] kunit_try_run_case+0x170/0x3f0 [ 19.999155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.999239] kthread+0x328/0x630 [ 19.999312] ret_from_fork+0x10/0x20 [ 19.999369] [ 19.999397] Allocated by task 209: [ 19.999426] kasan_save_stack+0x3c/0x68 [ 19.999469] kasan_save_track+0x20/0x40 [ 19.999820] kasan_save_alloc_info+0x40/0x58 [ 19.999933] __kasan_slab_alloc+0xa8/0xb0 [ 20.000000] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.000113] kmem_cache_double_free+0x12c/0x3c8 [ 20.000165] kunit_try_run_case+0x170/0x3f0 [ 20.000204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.000272] kthread+0x328/0x630 [ 20.000306] ret_from_fork+0x10/0x20 [ 20.000341] [ 20.000686] Freed by task 209: [ 20.000747] kasan_save_stack+0x3c/0x68 [ 20.000802] kasan_save_track+0x20/0x40 [ 20.000840] kasan_save_free_info+0x4c/0x78 [ 20.000880] __kasan_slab_free+0x6c/0x98 [ 20.000917] kmem_cache_free+0x260/0x468 [ 20.000954] kmem_cache_double_free+0x140/0x3c8 [ 20.000991] kunit_try_run_case+0x170/0x3f0 [ 20.001029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.001071] kthread+0x328/0x630 [ 20.001110] ret_from_fork+0x10/0x20 [ 20.001147] [ 20.001177] The buggy address belongs to the object at fff00000c7716000 [ 20.001177] which belongs to the cache test_cache of size 200 [ 20.001240] The buggy address is located 0 bytes inside of [ 20.001240] 200-byte region [fff00000c7716000, fff00000c77160c8) [ 20.001335] [ 20.001362] The buggy address belongs to the physical page: [ 20.001481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107716 [ 20.001539] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.001592] page_type: f5(slab) [ 20.001637] raw: 0bfffe0000000000 fff00000c63df140 dead000000000122 0000000000000000 [ 20.001689] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.001731] page dumped because: kasan: bad access detected [ 20.001762] [ 20.001821] Memory state around the buggy address: [ 20.001955] fff00000c7715f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.002028] fff00000c7715f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.002179] >fff00000c7716000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.002219] ^ [ 20.002247] fff00000c7716080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.002289] fff00000c7716100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.002334] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.819084] ================================================================== [ 19.819148] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 19.819744] Read of size 1 at addr fff00000c63e50c8 by task kunit_try_catch/207 [ 19.820487] [ 19.820538] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.820798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.820862] Hardware name: linux,dummy-virt (DT) [ 19.820930] Call trace: [ 19.821032] show_stack+0x20/0x38 (C) [ 19.821089] dump_stack_lvl+0x8c/0xd0 [ 19.821587] print_report+0x118/0x608 [ 19.821808] kasan_report+0xdc/0x128 [ 19.821857] __asan_report_load1_noabort+0x20/0x30 [ 19.822441] kmem_cache_oob+0x344/0x430 [ 19.822767] kunit_try_run_case+0x170/0x3f0 [ 19.823203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.823694] kthread+0x328/0x630 [ 19.824022] ret_from_fork+0x10/0x20 [ 19.824101] [ 19.824120] Allocated by task 207: [ 19.824502] kasan_save_stack+0x3c/0x68 [ 19.824559] kasan_save_track+0x20/0x40 [ 19.824925] kasan_save_alloc_info+0x40/0x58 [ 19.824969] __kasan_slab_alloc+0xa8/0xb0 [ 19.825528] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.825701] kmem_cache_oob+0x12c/0x430 [ 19.825812] kunit_try_run_case+0x170/0x3f0 [ 19.826087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.826387] kthread+0x328/0x630 [ 19.826439] ret_from_fork+0x10/0x20 [ 19.826787] [ 19.826814] The buggy address belongs to the object at fff00000c63e5000 [ 19.826814] which belongs to the cache test_cache of size 200 [ 19.827124] The buggy address is located 0 bytes to the right of [ 19.827124] allocated 200-byte region [fff00000c63e5000, fff00000c63e50c8) [ 19.827642] [ 19.827664] The buggy address belongs to the physical page: [ 19.827697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063e5 [ 19.827796] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.827852] page_type: f5(slab) [ 19.827897] raw: 0bfffe0000000000 fff00000c63df000 dead000000000122 0000000000000000 [ 19.828114] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.828167] page dumped because: kasan: bad access detected [ 19.828604] [ 19.828628] Memory state around the buggy address: [ 19.828673] fff00000c63e4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.828720] fff00000c63e5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.828763] >fff00000c63e5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.829245] ^ [ 19.829532] fff00000c63e5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.829984] fff00000c63e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.830502] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.749383] ================================================================== [ 19.749776] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.749962] Read of size 4 at addr fff00000c63d9600 by task swapper/1/0 [ 19.750128] [ 19.750548] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.750741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.750767] Hardware name: linux,dummy-virt (DT) [ 19.751003] Call trace: [ 19.751095] show_stack+0x20/0x38 (C) [ 19.751225] dump_stack_lvl+0x8c/0xd0 [ 19.751275] print_report+0x118/0x608 [ 19.751321] kasan_report+0xdc/0x128 [ 19.751367] __asan_report_load4_noabort+0x20/0x30 [ 19.751419] rcu_uaf_reclaim+0x64/0x70 [ 19.751462] rcu_core+0x9f4/0x1e20 [ 19.751714] rcu_core_si+0x18/0x30 [ 19.752012] handle_softirqs+0x374/0xb28 [ 19.752389] __do_softirq+0x1c/0x28 [ 19.752434] ____do_softirq+0x18/0x30 [ 19.752479] call_on_irq_stack+0x24/0x30 [ 19.752523] do_softirq_own_stack+0x24/0x38 [ 19.752569] __irq_exit_rcu+0x1fc/0x318 [ 19.752614] irq_exit_rcu+0x1c/0x80 [ 19.753258] el1_interrupt+0x38/0x58 [ 19.753572] el1h_64_irq_handler+0x18/0x28 [ 19.753734] el1h_64_irq+0x6c/0x70 [ 19.754174] finish_task_switch.isra.0+0x120/0x5e8 (P) [ 19.754252] __schedule+0xab4/0x2840 [ 19.754603] schedule_idle+0x60/0xa8 [ 19.754648] do_idle+0x2c4/0x4e8 [ 19.754861] cpu_startup_entry+0x64/0x80 [ 19.754918] secondary_start_kernel+0x288/0x340 [ 19.755005] __secondary_switched+0xc0/0xc8 [ 19.755060] [ 19.755078] Allocated by task 198: [ 19.755143] kasan_save_stack+0x3c/0x68 [ 19.755196] kasan_save_track+0x20/0x40 [ 19.755233] kasan_save_alloc_info+0x40/0x58 [ 19.755352] __kasan_kmalloc+0xd4/0xd8 [ 19.755520] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.755794] rcu_uaf+0xb0/0x2d8 [ 19.755958] kunit_try_run_case+0x170/0x3f0 [ 19.756073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756129] kthread+0x328/0x630 [ 19.756279] ret_from_fork+0x10/0x20 [ 19.756314] [ 19.756335] Freed by task 0: [ 19.756360] kasan_save_stack+0x3c/0x68 [ 19.756533] kasan_save_track+0x20/0x40 [ 19.756573] kasan_save_free_info+0x4c/0x78 [ 19.756697] __kasan_slab_free+0x6c/0x98 [ 19.756759] kfree+0x214/0x3c8 [ 19.756819] rcu_uaf_reclaim+0x28/0x70 [ 19.756926] rcu_core+0x9f4/0x1e20 [ 19.756962] rcu_core_si+0x18/0x30 [ 19.757057] handle_softirqs+0x374/0xb28 [ 19.757265] __do_softirq+0x1c/0x28 [ 19.757300] [ 19.757349] Last potentially related work creation: [ 19.757384] kasan_save_stack+0x3c/0x68 [ 19.757425] kasan_record_aux_stack+0xb4/0xc8 [ 19.757482] __call_rcu_common.constprop.0+0x74/0x8c8 [ 19.757525] call_rcu+0x18/0x30 [ 19.757557] rcu_uaf+0x14c/0x2d8 [ 19.757866] kunit_try_run_case+0x170/0x3f0 [ 19.757925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.757970] kthread+0x328/0x630 [ 19.758002] ret_from_fork+0x10/0x20 [ 19.758134] [ 19.758173] The buggy address belongs to the object at fff00000c63d9600 [ 19.758173] which belongs to the cache kmalloc-32 of size 32 [ 19.758391] The buggy address is located 0 bytes inside of [ 19.758391] freed 32-byte region [fff00000c63d9600, fff00000c63d9620) [ 19.758681] [ 19.758707] The buggy address belongs to the physical page: [ 19.758821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063d9 [ 19.758878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.758931] page_type: f5(slab) [ 19.759083] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.759206] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.759248] page dumped because: kasan: bad access detected [ 19.759279] [ 19.759297] Memory state around the buggy address: [ 19.759545] fff00000c63d9500: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.759682] fff00000c63d9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.759898] >fff00000c63d9600: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 19.759940] ^ [ 19.760006] fff00000c63d9680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760079] fff00000c63d9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.610591] ================================================================== [ 19.610678] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 19.610727] Read of size 1 at addr fff00000c6343f00 by task kunit_try_catch/196 [ 19.610777] [ 19.610805] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.610885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.610916] Hardware name: linux,dummy-virt (DT) [ 19.610949] Call trace: [ 19.610971] show_stack+0x20/0x38 (C) [ 19.611018] dump_stack_lvl+0x8c/0xd0 [ 19.611062] print_report+0x118/0x608 [ 19.611117] kasan_report+0xdc/0x128 [ 19.611174] __asan_report_load1_noabort+0x20/0x30 [ 19.611289] ksize_uaf+0x598/0x5f8 [ 19.611335] kunit_try_run_case+0x170/0x3f0 [ 19.611380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.611578] kthread+0x328/0x630 [ 19.612005] ret_from_fork+0x10/0x20 [ 19.612112] [ 19.612130] Allocated by task 196: [ 19.612195] kasan_save_stack+0x3c/0x68 [ 19.612316] kasan_save_track+0x20/0x40 [ 19.612355] kasan_save_alloc_info+0x40/0x58 [ 19.612415] __kasan_kmalloc+0xd4/0xd8 [ 19.612451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.612492] ksize_uaf+0xb8/0x5f8 [ 19.612525] kunit_try_run_case+0x170/0x3f0 [ 19.612564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.612608] kthread+0x328/0x630 [ 19.612688] ret_from_fork+0x10/0x20 [ 19.612761] [ 19.612852] Freed by task 196: [ 19.612897] kasan_save_stack+0x3c/0x68 [ 19.612937] kasan_save_track+0x20/0x40 [ 19.612973] kasan_save_free_info+0x4c/0x78 [ 19.613014] __kasan_slab_free+0x6c/0x98 [ 19.613051] kfree+0x214/0x3c8 [ 19.613082] ksize_uaf+0x11c/0x5f8 [ 19.613117] kunit_try_run_case+0x170/0x3f0 [ 19.613153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.613250] kthread+0x328/0x630 [ 19.613343] ret_from_fork+0x10/0x20 [ 19.613381] [ 19.613452] The buggy address belongs to the object at fff00000c6343f00 [ 19.613452] which belongs to the cache kmalloc-128 of size 128 [ 19.613555] The buggy address is located 0 bytes inside of [ 19.613555] freed 128-byte region [fff00000c6343f00, fff00000c6343f80) [ 19.613726] [ 19.613744] The buggy address belongs to the physical page: [ 19.613776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.613895] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.613978] page_type: f5(slab) [ 19.614386] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.614513] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.614722] page dumped because: kasan: bad access detected [ 19.614755] [ 19.614794] Memory state around the buggy address: [ 19.614932] fff00000c6343e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.615037] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.615135] >fff00000c6343f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.615239] ^ [ 19.615267] fff00000c6343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.615457] fff00000c6344000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.615505] ================================================================== [ 19.604415] ================================================================== [ 19.604473] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 19.604556] Read of size 1 at addr fff00000c6343f00 by task kunit_try_catch/196 [ 19.604606] [ 19.604637] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.604721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.604747] Hardware name: linux,dummy-virt (DT) [ 19.604778] Call trace: [ 19.604799] show_stack+0x20/0x38 (C) [ 19.604969] dump_stack_lvl+0x8c/0xd0 [ 19.605016] print_report+0x118/0x608 [ 19.605171] kasan_report+0xdc/0x128 [ 19.605217] __kasan_check_byte+0x54/0x70 [ 19.605380] ksize+0x30/0x88 [ 19.605431] ksize_uaf+0x168/0x5f8 [ 19.605644] kunit_try_run_case+0x170/0x3f0 [ 19.605691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.605743] kthread+0x328/0x630 [ 19.605784] ret_from_fork+0x10/0x20 [ 19.605886] [ 19.605906] Allocated by task 196: [ 19.605934] kasan_save_stack+0x3c/0x68 [ 19.605975] kasan_save_track+0x20/0x40 [ 19.606033] kasan_save_alloc_info+0x40/0x58 [ 19.606320] __kasan_kmalloc+0xd4/0xd8 [ 19.606359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.606398] ksize_uaf+0xb8/0x5f8 [ 19.606527] kunit_try_run_case+0x170/0x3f0 [ 19.606566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.606659] kthread+0x328/0x630 [ 19.606692] ret_from_fork+0x10/0x20 [ 19.606728] [ 19.606746] Freed by task 196: [ 19.606919] kasan_save_stack+0x3c/0x68 [ 19.607037] kasan_save_track+0x20/0x40 [ 19.607253] kasan_save_free_info+0x4c/0x78 [ 19.607324] __kasan_slab_free+0x6c/0x98 [ 19.607361] kfree+0x214/0x3c8 [ 19.607405] ksize_uaf+0x11c/0x5f8 [ 19.607564] kunit_try_run_case+0x170/0x3f0 [ 19.607604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.607714] kthread+0x328/0x630 [ 19.607750] ret_from_fork+0x10/0x20 [ 19.607785] [ 19.607806] The buggy address belongs to the object at fff00000c6343f00 [ 19.607806] which belongs to the cache kmalloc-128 of size 128 [ 19.607865] The buggy address is located 0 bytes inside of [ 19.607865] freed 128-byte region [fff00000c6343f00, fff00000c6343f80) [ 19.607958] [ 19.607978] The buggy address belongs to the physical page: [ 19.608009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.608061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.608177] page_type: f5(slab) [ 19.608238] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.608344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.608430] page dumped because: kasan: bad access detected [ 19.608569] [ 19.608587] Memory state around the buggy address: [ 19.608686] fff00000c6343e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.608779] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608853] >fff00000c6343f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.608894] ^ [ 19.608975] fff00000c6343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.609173] fff00000c6344000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.609268] ================================================================== [ 19.616848] ================================================================== [ 19.616900] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 19.616997] Read of size 1 at addr fff00000c6343f78 by task kunit_try_catch/196 [ 19.617046] [ 19.617132] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.617225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.617252] Hardware name: linux,dummy-virt (DT) [ 19.617280] Call trace: [ 19.617301] show_stack+0x20/0x38 (C) [ 19.617348] dump_stack_lvl+0x8c/0xd0 [ 19.617393] print_report+0x118/0x608 [ 19.617439] kasan_report+0xdc/0x128 [ 19.617482] __asan_report_load1_noabort+0x20/0x30 [ 19.617544] ksize_uaf+0x544/0x5f8 [ 19.617589] kunit_try_run_case+0x170/0x3f0 [ 19.617759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.617815] kthread+0x328/0x630 [ 19.617856] ret_from_fork+0x10/0x20 [ 19.617934] [ 19.617951] Allocated by task 196: [ 19.617979] kasan_save_stack+0x3c/0x68 [ 19.618019] kasan_save_track+0x20/0x40 [ 19.618062] kasan_save_alloc_info+0x40/0x58 [ 19.618137] __kasan_kmalloc+0xd4/0xd8 [ 19.618183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.618229] ksize_uaf+0xb8/0x5f8 [ 19.618328] kunit_try_run_case+0x170/0x3f0 [ 19.618391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.618581] kthread+0x328/0x630 [ 19.618689] ret_from_fork+0x10/0x20 [ 19.618745] [ 19.618779] Freed by task 196: [ 19.618806] kasan_save_stack+0x3c/0x68 [ 19.618843] kasan_save_track+0x20/0x40 [ 19.618881] kasan_save_free_info+0x4c/0x78 [ 19.618925] __kasan_slab_free+0x6c/0x98 [ 19.618962] kfree+0x214/0x3c8 [ 19.618995] ksize_uaf+0x11c/0x5f8 [ 19.619030] kunit_try_run_case+0x170/0x3f0 [ 19.619068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.619113] kthread+0x328/0x630 [ 19.619146] ret_from_fork+0x10/0x20 [ 19.619190] [ 19.619208] The buggy address belongs to the object at fff00000c6343f00 [ 19.619208] which belongs to the cache kmalloc-128 of size 128 [ 19.619303] The buggy address is located 120 bytes inside of [ 19.619303] freed 128-byte region [fff00000c6343f00, fff00000c6343f80) [ 19.619409] [ 19.619428] The buggy address belongs to the physical page: [ 19.619460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.619521] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.619569] page_type: f5(slab) [ 19.619605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.619772] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.619868] page dumped because: kasan: bad access detected [ 19.619900] [ 19.619917] Memory state around the buggy address: [ 19.619970] fff00000c6343e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.620014] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.620056] >fff00000c6343f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.620130] ^ [ 19.620182] fff00000c6343f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.620224] fff00000c6344000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.620261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.596287] ================================================================== [ 19.596336] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.596403] Read of size 1 at addr fff00000c6343e7f by task kunit_try_catch/194 [ 19.596453] [ 19.596480] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.596604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.596631] Hardware name: linux,dummy-virt (DT) [ 19.596661] Call trace: [ 19.596681] show_stack+0x20/0x38 (C) [ 19.596730] dump_stack_lvl+0x8c/0xd0 [ 19.596844] print_report+0x118/0x608 [ 19.596890] kasan_report+0xdc/0x128 [ 19.596934] __asan_report_load1_noabort+0x20/0x30 [ 19.596984] ksize_unpoisons_memory+0x690/0x740 [ 19.597031] kunit_try_run_case+0x170/0x3f0 [ 19.597076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.597129] kthread+0x328/0x630 [ 19.597180] ret_from_fork+0x10/0x20 [ 19.597226] [ 19.597243] Allocated by task 194: [ 19.597269] kasan_save_stack+0x3c/0x68 [ 19.597309] kasan_save_track+0x20/0x40 [ 19.597344] kasan_save_alloc_info+0x40/0x58 [ 19.597386] __kasan_kmalloc+0xd4/0xd8 [ 19.597431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.597471] ksize_unpoisons_memory+0xc0/0x740 [ 19.597507] kunit_try_run_case+0x170/0x3f0 [ 19.597582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.597625] kthread+0x328/0x630 [ 19.597743] ret_from_fork+0x10/0x20 [ 19.597780] [ 19.597798] The buggy address belongs to the object at fff00000c6343e00 [ 19.597798] which belongs to the cache kmalloc-128 of size 128 [ 19.597854] The buggy address is located 12 bytes to the right of [ 19.597854] allocated 115-byte region [fff00000c6343e00, fff00000c6343e73) [ 19.597928] [ 19.597977] The buggy address belongs to the physical page: [ 19.598093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.598212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.598282] page_type: f5(slab) [ 19.598320] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.598369] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.598440] page dumped because: kasan: bad access detected [ 19.598471] [ 19.598487] Memory state around the buggy address: [ 19.598519] fff00000c6343d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.598573] fff00000c6343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.598673] >fff00000c6343e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.598819] ^ [ 19.598861] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.598907] fff00000c6343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.599118] ================================================================== [ 19.592558] ================================================================== [ 19.592608] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.592657] Read of size 1 at addr fff00000c6343e78 by task kunit_try_catch/194 [ 19.592890] [ 19.593139] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.593235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.593268] Hardware name: linux,dummy-virt (DT) [ 19.593395] Call trace: [ 19.593479] show_stack+0x20/0x38 (C) [ 19.593542] dump_stack_lvl+0x8c/0xd0 [ 19.593589] print_report+0x118/0x608 [ 19.593638] kasan_report+0xdc/0x128 [ 19.593684] __asan_report_load1_noabort+0x20/0x30 [ 19.593735] ksize_unpoisons_memory+0x618/0x740 [ 19.593789] kunit_try_run_case+0x170/0x3f0 [ 19.593992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594091] kthread+0x328/0x630 [ 19.594295] ret_from_fork+0x10/0x20 [ 19.594369] [ 19.594387] Allocated by task 194: [ 19.594415] kasan_save_stack+0x3c/0x68 [ 19.594456] kasan_save_track+0x20/0x40 [ 19.594493] kasan_save_alloc_info+0x40/0x58 [ 19.594534] __kasan_kmalloc+0xd4/0xd8 [ 19.594570] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.594607] ksize_unpoisons_memory+0xc0/0x740 [ 19.594646] kunit_try_run_case+0x170/0x3f0 [ 19.594684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594725] kthread+0x328/0x630 [ 19.594757] ret_from_fork+0x10/0x20 [ 19.594791] [ 19.594810] The buggy address belongs to the object at fff00000c6343e00 [ 19.594810] which belongs to the cache kmalloc-128 of size 128 [ 19.594873] The buggy address is located 5 bytes to the right of [ 19.594873] allocated 115-byte region [fff00000c6343e00, fff00000c6343e73) [ 19.595170] [ 19.595190] The buggy address belongs to the physical page: [ 19.595220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.595273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.595322] page_type: f5(slab) [ 19.595359] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.595538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.595584] page dumped because: kasan: bad access detected [ 19.595676] [ 19.595694] Memory state around the buggy address: [ 19.595744] fff00000c6343d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.595786] fff00000c6343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.595828] >fff00000c6343e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.595868] ^ [ 19.595909] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.595950] fff00000c6343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.596001] ================================================================== [ 19.586683] ================================================================== [ 19.586743] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.586794] Read of size 1 at addr fff00000c6343e73 by task kunit_try_catch/194 [ 19.586844] [ 19.586877] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.586964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.586992] Hardware name: linux,dummy-virt (DT) [ 19.587025] Call trace: [ 19.587049] show_stack+0x20/0x38 (C) [ 19.587097] dump_stack_lvl+0x8c/0xd0 [ 19.587143] print_report+0x118/0x608 [ 19.587202] kasan_report+0xdc/0x128 [ 19.587649] __asan_report_load1_noabort+0x20/0x30 [ 19.587723] ksize_unpoisons_memory+0x628/0x740 [ 19.587858] kunit_try_run_case+0x170/0x3f0 [ 19.588117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.588330] kthread+0x328/0x630 [ 19.588404] ret_from_fork+0x10/0x20 [ 19.588520] [ 19.588539] Allocated by task 194: [ 19.588569] kasan_save_stack+0x3c/0x68 [ 19.588640] kasan_save_track+0x20/0x40 [ 19.588697] kasan_save_alloc_info+0x40/0x58 [ 19.588925] __kasan_kmalloc+0xd4/0xd8 [ 19.589203] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.589364] ksize_unpoisons_memory+0xc0/0x740 [ 19.589403] kunit_try_run_case+0x170/0x3f0 [ 19.589441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.589495] kthread+0x328/0x630 [ 19.589526] ret_from_fork+0x10/0x20 [ 19.589722] [ 19.589743] The buggy address belongs to the object at fff00000c6343e00 [ 19.589743] which belongs to the cache kmalloc-128 of size 128 [ 19.589988] The buggy address is located 0 bytes to the right of [ 19.589988] allocated 115-byte region [fff00000c6343e00, fff00000c6343e73) [ 19.590054] [ 19.590074] The buggy address belongs to the physical page: [ 19.590233] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.590289] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.590336] page_type: f5(slab) [ 19.590374] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.590734] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.590807] page dumped because: kasan: bad access detected [ 19.590876] [ 19.590920] Memory state around the buggy address: [ 19.590952] fff00000c6343d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.591037] fff00000c6343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.591111] >fff00000c6343e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.591205] ^ [ 19.591363] fff00000c6343e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.591418] fff00000c6343f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.591458] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.572252] ================================================================== [ 19.572322] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.572556] Free of addr fff00000c58c2b60 by task kunit_try_catch/192 [ 19.572880] [ 19.572934] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.573079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.573181] Hardware name: linux,dummy-virt (DT) [ 19.573314] Call trace: [ 19.573339] show_stack+0x20/0x38 (C) [ 19.573389] dump_stack_lvl+0x8c/0xd0 [ 19.573443] print_report+0x118/0x608 [ 19.573555] kasan_report_invalid_free+0xc0/0xe8 [ 19.573902] check_slab_allocation+0xd4/0x108 [ 19.574007] __kasan_slab_pre_free+0x2c/0x48 [ 19.574095] kfree+0xe8/0x3c8 [ 19.574140] kfree_sensitive+0x3c/0xb0 [ 19.574523] kmalloc_double_kzfree+0x168/0x308 [ 19.574704] kunit_try_run_case+0x170/0x3f0 [ 19.574761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.574835] kthread+0x328/0x630 [ 19.574877] ret_from_fork+0x10/0x20 [ 19.574985] [ 19.575119] Allocated by task 192: [ 19.575250] kasan_save_stack+0x3c/0x68 [ 19.575300] kasan_save_track+0x20/0x40 [ 19.575339] kasan_save_alloc_info+0x40/0x58 [ 19.575583] __kasan_kmalloc+0xd4/0xd8 [ 19.575631] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.575672] kmalloc_double_kzfree+0xb8/0x308 [ 19.575711] kunit_try_run_case+0x170/0x3f0 [ 19.575749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.575795] kthread+0x328/0x630 [ 19.575828] ret_from_fork+0x10/0x20 [ 19.575894] [ 19.575916] Freed by task 192: [ 19.576046] kasan_save_stack+0x3c/0x68 [ 19.576249] kasan_save_track+0x20/0x40 [ 19.576295] kasan_save_free_info+0x4c/0x78 [ 19.576334] __kasan_slab_free+0x6c/0x98 [ 19.576372] kfree+0x214/0x3c8 [ 19.576492] kfree_sensitive+0x80/0xb0 [ 19.576813] kmalloc_double_kzfree+0x11c/0x308 [ 19.576857] kunit_try_run_case+0x170/0x3f0 [ 19.576895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.576939] kthread+0x328/0x630 [ 19.577147] ret_from_fork+0x10/0x20 [ 19.577254] [ 19.577283] The buggy address belongs to the object at fff00000c58c2b60 [ 19.577283] which belongs to the cache kmalloc-16 of size 16 [ 19.577345] The buggy address is located 0 bytes inside of [ 19.577345] 16-byte region [fff00000c58c2b60, fff00000c58c2b70) [ 19.577403] [ 19.577422] The buggy address belongs to the physical page: [ 19.577453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.577504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.577563] page_type: f5(slab) [ 19.577601] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.577930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.577975] page dumped because: kasan: bad access detected [ 19.578007] [ 19.578025] Memory state around the buggy address: [ 19.578060] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.578102] fff00000c58c2a80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.578146] >fff00000c58c2b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.578197] ^ [ 19.578237] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.578289] fff00000c58c2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.578328] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.565356] ================================================================== [ 19.565418] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.565471] Read of size 1 at addr fff00000c58c2b60 by task kunit_try_catch/192 [ 19.565520] [ 19.565551] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.565634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.565933] Hardware name: linux,dummy-virt (DT) [ 19.566077] Call trace: [ 19.566101] show_stack+0x20/0x38 (C) [ 19.566285] dump_stack_lvl+0x8c/0xd0 [ 19.566335] print_report+0x118/0x608 [ 19.566383] kasan_report+0xdc/0x128 [ 19.566790] __kasan_check_byte+0x54/0x70 [ 19.566850] kfree_sensitive+0x30/0xb0 [ 19.566904] kmalloc_double_kzfree+0x168/0x308 [ 19.566951] kunit_try_run_case+0x170/0x3f0 [ 19.567000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567053] kthread+0x328/0x630 [ 19.567094] ret_from_fork+0x10/0x20 [ 19.567140] [ 19.567169] Allocated by task 192: [ 19.567198] kasan_save_stack+0x3c/0x68 [ 19.567238] kasan_save_track+0x20/0x40 [ 19.567277] kasan_save_alloc_info+0x40/0x58 [ 19.567317] __kasan_kmalloc+0xd4/0xd8 [ 19.567354] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.567392] kmalloc_double_kzfree+0xb8/0x308 [ 19.567430] kunit_try_run_case+0x170/0x3f0 [ 19.567468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567771] kthread+0x328/0x630 [ 19.567823] ret_from_fork+0x10/0x20 [ 19.567893] [ 19.567914] Freed by task 192: [ 19.567940] kasan_save_stack+0x3c/0x68 [ 19.567980] kasan_save_track+0x20/0x40 [ 19.568018] kasan_save_free_info+0x4c/0x78 [ 19.568122] __kasan_slab_free+0x6c/0x98 [ 19.568372] kfree+0x214/0x3c8 [ 19.568406] kfree_sensitive+0x80/0xb0 [ 19.568637] kmalloc_double_kzfree+0x11c/0x308 [ 19.568724] kunit_try_run_case+0x170/0x3f0 [ 19.568776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.568819] kthread+0x328/0x630 [ 19.568913] ret_from_fork+0x10/0x20 [ 19.568948] [ 19.568969] The buggy address belongs to the object at fff00000c58c2b60 [ 19.568969] which belongs to the cache kmalloc-16 of size 16 [ 19.569029] The buggy address is located 0 bytes inside of [ 19.569029] freed 16-byte region [fff00000c58c2b60, fff00000c58c2b70) [ 19.569088] [ 19.569117] The buggy address belongs to the physical page: [ 19.569148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.569377] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.569429] page_type: f5(slab) [ 19.569469] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.569519] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.569559] page dumped because: kasan: bad access detected [ 19.569590] [ 19.569607] Memory state around the buggy address: [ 19.570182] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.570477] fff00000c58c2a80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.570626] >fff00000c58c2b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.570693] ^ [ 19.571106] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.571254] fff00000c58c2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.571440] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.542208] ================================================================== [ 19.542267] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.542318] Read of size 1 at addr fff00000c771c328 by task kunit_try_catch/188 [ 19.542640] [ 19.542897] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.543373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.543474] Hardware name: linux,dummy-virt (DT) [ 19.543563] Call trace: [ 19.543585] show_stack+0x20/0x38 (C) [ 19.543639] dump_stack_lvl+0x8c/0xd0 [ 19.544033] print_report+0x118/0x608 [ 19.544114] kasan_report+0xdc/0x128 [ 19.544196] __asan_report_load1_noabort+0x20/0x30 [ 19.544253] kmalloc_uaf2+0x3f4/0x468 [ 19.544298] kunit_try_run_case+0x170/0x3f0 [ 19.544346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.544528] kthread+0x328/0x630 [ 19.544635] ret_from_fork+0x10/0x20 [ 19.544786] [ 19.544842] Allocated by task 188: [ 19.544909] kasan_save_stack+0x3c/0x68 [ 19.544951] kasan_save_track+0x20/0x40 [ 19.544989] kasan_save_alloc_info+0x40/0x58 [ 19.545052] __kasan_kmalloc+0xd4/0xd8 [ 19.545090] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.545131] kmalloc_uaf2+0xc4/0x468 [ 19.545177] kunit_try_run_case+0x170/0x3f0 [ 19.545218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.545261] kthread+0x328/0x630 [ 19.545347] ret_from_fork+0x10/0x20 [ 19.545500] [ 19.545540] Freed by task 188: [ 19.545702] kasan_save_stack+0x3c/0x68 [ 19.545754] kasan_save_track+0x20/0x40 [ 19.545791] kasan_save_free_info+0x4c/0x78 [ 19.545939] __kasan_slab_free+0x6c/0x98 [ 19.545978] kfree+0x214/0x3c8 [ 19.546014] kmalloc_uaf2+0x134/0x468 [ 19.546048] kunit_try_run_case+0x170/0x3f0 [ 19.546097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.546239] kthread+0x328/0x630 [ 19.546312] ret_from_fork+0x10/0x20 [ 19.546386] [ 19.546434] The buggy address belongs to the object at fff00000c771c300 [ 19.546434] which belongs to the cache kmalloc-64 of size 64 [ 19.546521] The buggy address is located 40 bytes inside of [ 19.546521] freed 64-byte region [fff00000c771c300, fff00000c771c340) [ 19.546693] [ 19.546786] The buggy address belongs to the physical page: [ 19.546844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771c [ 19.546960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.547043] page_type: f5(slab) [ 19.547141] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.547202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.547242] page dumped because: kasan: bad access detected [ 19.547273] [ 19.547290] Memory state around the buggy address: [ 19.547321] fff00000c771c200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.547365] fff00000c771c280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.547434] >fff00000c771c300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.547473] ^ [ 19.547525] fff00000c771c380: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.547569] fff00000c771c400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.547608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.526147] ================================================================== [ 19.526223] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.526282] Write of size 33 at addr fff00000c771c180 by task kunit_try_catch/186 [ 19.526333] [ 19.526502] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.526784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.526816] Hardware name: linux,dummy-virt (DT) [ 19.526849] Call trace: [ 19.527114] show_stack+0x20/0x38 (C) [ 19.527294] dump_stack_lvl+0x8c/0xd0 [ 19.527347] print_report+0x118/0x608 [ 19.527394] kasan_report+0xdc/0x128 [ 19.527441] kasan_check_range+0x100/0x1a8 [ 19.527541] __asan_memset+0x34/0x78 [ 19.527596] kmalloc_uaf_memset+0x170/0x310 [ 19.527677] kunit_try_run_case+0x170/0x3f0 [ 19.527727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.527923] kthread+0x328/0x630 [ 19.527975] ret_from_fork+0x10/0x20 [ 19.528076] [ 19.528150] Allocated by task 186: [ 19.528192] kasan_save_stack+0x3c/0x68 [ 19.528245] kasan_save_track+0x20/0x40 [ 19.528465] kasan_save_alloc_info+0x40/0x58 [ 19.528506] __kasan_kmalloc+0xd4/0xd8 [ 19.528583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.528660] kmalloc_uaf_memset+0xb8/0x310 [ 19.528697] kunit_try_run_case+0x170/0x3f0 [ 19.528775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.528954] kthread+0x328/0x630 [ 19.528991] ret_from_fork+0x10/0x20 [ 19.529076] [ 19.529095] Freed by task 186: [ 19.529291] kasan_save_stack+0x3c/0x68 [ 19.529414] kasan_save_track+0x20/0x40 [ 19.529528] kasan_save_free_info+0x4c/0x78 [ 19.529586] __kasan_slab_free+0x6c/0x98 [ 19.529645] kfree+0x214/0x3c8 [ 19.529727] kmalloc_uaf_memset+0x11c/0x310 [ 19.529786] kunit_try_run_case+0x170/0x3f0 [ 19.529929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.529993] kthread+0x328/0x630 [ 19.530167] ret_from_fork+0x10/0x20 [ 19.530203] [ 19.530222] The buggy address belongs to the object at fff00000c771c180 [ 19.530222] which belongs to the cache kmalloc-64 of size 64 [ 19.530329] The buggy address is located 0 bytes inside of [ 19.530329] freed 64-byte region [fff00000c771c180, fff00000c771c1c0) [ 19.530877] [ 19.530977] The buggy address belongs to the physical page: [ 19.531066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771c [ 19.531179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.531331] page_type: f5(slab) [ 19.531423] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.531565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.531609] page dumped because: kasan: bad access detected [ 19.531673] [ 19.531691] Memory state around the buggy address: [ 19.531961] fff00000c771c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.532129] fff00000c771c100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.532446] >fff00000c771c180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.532490] ^ [ 19.532518] fff00000c771c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.532583] fff00000c771c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.532623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.510575] ================================================================== [ 19.510639] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.510691] Read of size 1 at addr fff00000c58c2b48 by task kunit_try_catch/184 [ 19.510741] [ 19.510954] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.511592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.511901] Hardware name: linux,dummy-virt (DT) [ 19.511992] Call trace: [ 19.512062] show_stack+0x20/0x38 (C) [ 19.512118] dump_stack_lvl+0x8c/0xd0 [ 19.512178] print_report+0x118/0x608 [ 19.512256] kasan_report+0xdc/0x128 [ 19.512301] __asan_report_load1_noabort+0x20/0x30 [ 19.512375] kmalloc_uaf+0x300/0x338 [ 19.512633] kunit_try_run_case+0x170/0x3f0 [ 19.512748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.512987] kthread+0x328/0x630 [ 19.513030] ret_from_fork+0x10/0x20 [ 19.513125] [ 19.513144] Allocated by task 184: [ 19.513184] kasan_save_stack+0x3c/0x68 [ 19.513226] kasan_save_track+0x20/0x40 [ 19.513265] kasan_save_alloc_info+0x40/0x58 [ 19.513305] __kasan_kmalloc+0xd4/0xd8 [ 19.513342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.513422] kmalloc_uaf+0xb8/0x338 [ 19.513603] kunit_try_run_case+0x170/0x3f0 [ 19.513640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513690] kthread+0x328/0x630 [ 19.513751] ret_from_fork+0x10/0x20 [ 19.514134] [ 19.514170] Freed by task 184: [ 19.514502] kasan_save_stack+0x3c/0x68 [ 19.514579] kasan_save_track+0x20/0x40 [ 19.514777] kasan_save_free_info+0x4c/0x78 [ 19.514817] __kasan_slab_free+0x6c/0x98 [ 19.514856] kfree+0x214/0x3c8 [ 19.514894] kmalloc_uaf+0x11c/0x338 [ 19.515174] kunit_try_run_case+0x170/0x3f0 [ 19.515369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.515418] kthread+0x328/0x630 [ 19.515450] ret_from_fork+0x10/0x20 [ 19.515593] [ 19.515667] The buggy address belongs to the object at fff00000c58c2b40 [ 19.515667] which belongs to the cache kmalloc-16 of size 16 [ 19.515728] The buggy address is located 8 bytes inside of [ 19.515728] freed 16-byte region [fff00000c58c2b40, fff00000c58c2b50) [ 19.515787] [ 19.515808] The buggy address belongs to the physical page: [ 19.515858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.515949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.516252] page_type: f5(slab) [ 19.516299] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.516393] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.516434] page dumped because: kasan: bad access detected [ 19.516635] [ 19.516655] Memory state around the buggy address: [ 19.516892] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.517028] fff00000c58c2a80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.517086] >fff00000c58c2b00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 19.517123] ^ [ 19.517170] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517213] fff00000c58c2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517251] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.493953] ================================================================== [ 19.494013] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.494066] Read of size 64 at addr fff00000c63b0e84 by task kunit_try_catch/182 [ 19.494116] [ 19.494205] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.494291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.494317] Hardware name: linux,dummy-virt (DT) [ 19.494363] Call trace: [ 19.494387] show_stack+0x20/0x38 (C) [ 19.494436] dump_stack_lvl+0x8c/0xd0 [ 19.494483] print_report+0x118/0x608 [ 19.494530] kasan_report+0xdc/0x128 [ 19.494580] kasan_check_range+0x100/0x1a8 [ 19.494735] __asan_memmove+0x3c/0x98 [ 19.494841] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.494998] kunit_try_run_case+0x170/0x3f0 [ 19.495131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.495609] kthread+0x328/0x630 [ 19.495917] ret_from_fork+0x10/0x20 [ 19.496153] [ 19.496198] Allocated by task 182: [ 19.496290] kasan_save_stack+0x3c/0x68 [ 19.496492] kasan_save_track+0x20/0x40 [ 19.496579] kasan_save_alloc_info+0x40/0x58 [ 19.496621] __kasan_kmalloc+0xd4/0xd8 [ 19.496692] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.496887] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.496999] kunit_try_run_case+0x170/0x3f0 [ 19.497103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.497178] kthread+0x328/0x630 [ 19.497210] ret_from_fork+0x10/0x20 [ 19.497284] [ 19.497411] The buggy address belongs to the object at fff00000c63b0e80 [ 19.497411] which belongs to the cache kmalloc-64 of size 64 [ 19.497635] The buggy address is located 4 bytes inside of [ 19.497635] allocated 64-byte region [fff00000c63b0e80, fff00000c63b0ec0) [ 19.497710] [ 19.497866] The buggy address belongs to the physical page: [ 19.498053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b0 [ 19.498312] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.498365] page_type: f5(slab) [ 19.498406] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.498618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.498716] page dumped because: kasan: bad access detected [ 19.498869] [ 19.498888] Memory state around the buggy address: [ 19.498926] fff00000c63b0d80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.498969] fff00000c63b0e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.499022] >fff00000c63b0e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.499061] ^ [ 19.499256] fff00000c63b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.499523] fff00000c63b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.499632] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.473429] ================================================================== [ 19.473499] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.473552] Read of size 18446744073709551614 at addr fff00000c63b0c84 by task kunit_try_catch/180 [ 19.473630] [ 19.474305] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.474956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.474983] Hardware name: linux,dummy-virt (DT) [ 19.475014] Call trace: [ 19.475037] show_stack+0x20/0x38 (C) [ 19.475087] dump_stack_lvl+0x8c/0xd0 [ 19.475135] print_report+0x118/0x608 [ 19.475192] kasan_report+0xdc/0x128 [ 19.475687] kasan_check_range+0x100/0x1a8 [ 19.475756] __asan_memmove+0x3c/0x98 [ 19.475801] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.475905] kunit_try_run_case+0x170/0x3f0 [ 19.475979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476060] kthread+0x328/0x630 [ 19.476102] ret_from_fork+0x10/0x20 [ 19.476149] [ 19.476265] Allocated by task 180: [ 19.476752] kasan_save_stack+0x3c/0x68 [ 19.476940] kasan_save_track+0x20/0x40 [ 19.477294] kasan_save_alloc_info+0x40/0x58 [ 19.477339] __kasan_kmalloc+0xd4/0xd8 [ 19.477375] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.479383] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.479431] kunit_try_run_case+0x170/0x3f0 [ 19.479713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.479760] kthread+0x328/0x630 [ 19.479792] ret_from_fork+0x10/0x20 [ 19.479830] [ 19.480115] The buggy address belongs to the object at fff00000c63b0c80 [ 19.480115] which belongs to the cache kmalloc-64 of size 64 [ 19.480209] The buggy address is located 4 bytes inside of [ 19.480209] 64-byte region [fff00000c63b0c80, fff00000c63b0cc0) [ 19.480460] [ 19.480642] The buggy address belongs to the physical page: [ 19.480939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b0 [ 19.481388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.481609] page_type: f5(slab) [ 19.482005] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.482312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.482544] page dumped because: kasan: bad access detected [ 19.482578] [ 19.482596] Memory state around the buggy address: [ 19.482970] fff00000c63b0b80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.483022] fff00000c63b0c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.483065] >fff00000c63b0c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.483869] ^ [ 19.483910] fff00000c63b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.483954] fff00000c63b0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.484053] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.446696] ================================================================== [ 19.446760] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.446816] Write of size 16 at addr fff00000c6343d69 by task kunit_try_catch/178 [ 19.447383] [ 19.447833] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.448144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.448209] Hardware name: linux,dummy-virt (DT) [ 19.448242] Call trace: [ 19.448273] show_stack+0x20/0x38 (C) [ 19.448850] dump_stack_lvl+0x8c/0xd0 [ 19.448908] print_report+0x118/0x608 [ 19.449370] kasan_report+0xdc/0x128 [ 19.449618] kasan_check_range+0x100/0x1a8 [ 19.449670] __asan_memset+0x34/0x78 [ 19.449711] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.449756] kunit_try_run_case+0x170/0x3f0 [ 19.450418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.450481] kthread+0x328/0x630 [ 19.450532] ret_from_fork+0x10/0x20 [ 19.450582] [ 19.450602] Allocated by task 178: [ 19.451246] kasan_save_stack+0x3c/0x68 [ 19.451300] kasan_save_track+0x20/0x40 [ 19.451458] kasan_save_alloc_info+0x40/0x58 [ 19.451729] __kasan_kmalloc+0xd4/0xd8 [ 19.451776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.451815] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.452114] kunit_try_run_case+0x170/0x3f0 [ 19.452301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.452522] kthread+0x328/0x630 [ 19.452688] ret_from_fork+0x10/0x20 [ 19.453251] [ 19.453298] The buggy address belongs to the object at fff00000c6343d00 [ 19.453298] which belongs to the cache kmalloc-128 of size 128 [ 19.453680] The buggy address is located 105 bytes inside of [ 19.453680] allocated 120-byte region [fff00000c6343d00, fff00000c6343d78) [ 19.453789] [ 19.454126] The buggy address belongs to the physical page: [ 19.454221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.454277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.454332] page_type: f5(slab) [ 19.454373] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.454654] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.454695] page dumped because: kasan: bad access detected [ 19.454725] [ 19.455288] Memory state around the buggy address: [ 19.455694] fff00000c6343c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.455945] fff00000c6343c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456184] >fff00000c6343d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.456226] ^ [ 19.456290] fff00000c6343d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456377] fff00000c6343e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456642] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.416303] ================================================================== [ 19.416364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.416418] Write of size 8 at addr fff00000c6343c71 by task kunit_try_catch/176 [ 19.416466] [ 19.416798] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.417094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.417325] Hardware name: linux,dummy-virt (DT) [ 19.417382] Call trace: [ 19.417406] show_stack+0x20/0x38 (C) [ 19.417723] dump_stack_lvl+0x8c/0xd0 [ 19.417879] print_report+0x118/0x608 [ 19.418470] kasan_report+0xdc/0x128 [ 19.418794] kasan_check_range+0x100/0x1a8 [ 19.418880] __asan_memset+0x34/0x78 [ 19.418978] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.419272] kunit_try_run_case+0x170/0x3f0 [ 19.419764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.419985] kthread+0x328/0x630 [ 19.420175] ret_from_fork+0x10/0x20 [ 19.420231] [ 19.420250] Allocated by task 176: [ 19.420569] kasan_save_stack+0x3c/0x68 [ 19.420929] kasan_save_track+0x20/0x40 [ 19.421214] kasan_save_alloc_info+0x40/0x58 [ 19.421329] __kasan_kmalloc+0xd4/0xd8 [ 19.421514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.421657] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.421781] kunit_try_run_case+0x170/0x3f0 [ 19.421827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.422307] kthread+0x328/0x630 [ 19.422475] ret_from_fork+0x10/0x20 [ 19.422651] [ 19.422707] The buggy address belongs to the object at fff00000c6343c00 [ 19.422707] which belongs to the cache kmalloc-128 of size 128 [ 19.422999] The buggy address is located 113 bytes inside of [ 19.422999] allocated 120-byte region [fff00000c6343c00, fff00000c6343c78) [ 19.423240] [ 19.423308] The buggy address belongs to the physical page: [ 19.423471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.423913] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.423971] page_type: f5(slab) [ 19.424011] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.424060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.424425] page dumped because: kasan: bad access detected [ 19.424526] [ 19.424544] Memory state around the buggy address: [ 19.424696] fff00000c6343b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.424907] fff00000c6343b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.424977] >fff00000c6343c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.425016] ^ [ 19.425221] fff00000c6343c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.425432] fff00000c6343d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.425479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.401113] ================================================================== [ 19.401180] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.401531] Write of size 4 at addr fff00000c6343b75 by task kunit_try_catch/174 [ 19.401729] [ 19.401827] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.401963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.401991] Hardware name: linux,dummy-virt (DT) [ 19.402036] Call trace: [ 19.402058] show_stack+0x20/0x38 (C) [ 19.402108] dump_stack_lvl+0x8c/0xd0 [ 19.402171] print_report+0x118/0x608 [ 19.402216] kasan_report+0xdc/0x128 [ 19.402259] kasan_check_range+0x100/0x1a8 [ 19.402781] __asan_memset+0x34/0x78 [ 19.402848] kmalloc_oob_memset_4+0x150/0x300 [ 19.402924] kunit_try_run_case+0x170/0x3f0 [ 19.402977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.403029] kthread+0x328/0x630 [ 19.403069] ret_from_fork+0x10/0x20 [ 19.403408] [ 19.403512] Allocated by task 174: [ 19.403591] kasan_save_stack+0x3c/0x68 [ 19.403746] kasan_save_track+0x20/0x40 [ 19.403947] kasan_save_alloc_info+0x40/0x58 [ 19.403991] __kasan_kmalloc+0xd4/0xd8 [ 19.404027] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.404072] kmalloc_oob_memset_4+0xb0/0x300 [ 19.404109] kunit_try_run_case+0x170/0x3f0 [ 19.404396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404527] kthread+0x328/0x630 [ 19.404737] ret_from_fork+0x10/0x20 [ 19.404871] [ 19.404963] The buggy address belongs to the object at fff00000c6343b00 [ 19.404963] which belongs to the cache kmalloc-128 of size 128 [ 19.405200] The buggy address is located 117 bytes inside of [ 19.405200] allocated 120-byte region [fff00000c6343b00, fff00000c6343b78) [ 19.405279] [ 19.405299] The buggy address belongs to the physical page: [ 19.405519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.405836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.405981] page_type: f5(slab) [ 19.406114] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.406226] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.406267] page dumped because: kasan: bad access detected [ 19.406668] [ 19.406869] Memory state around the buggy address: [ 19.406993] fff00000c6343a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.407068] fff00000c6343a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.407109] >fff00000c6343b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.407145] ^ [ 19.407246] fff00000c6343b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.407298] fff00000c6343c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.407335] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.382546] ================================================================== [ 19.382611] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.382662] Write of size 2 at addr fff00000c6343a77 by task kunit_try_catch/172 [ 19.382710] [ 19.382740] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.382821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.383211] Hardware name: linux,dummy-virt (DT) [ 19.383332] Call trace: [ 19.383357] show_stack+0x20/0x38 (C) [ 19.383605] dump_stack_lvl+0x8c/0xd0 [ 19.383679] print_report+0x118/0x608 [ 19.383903] kasan_report+0xdc/0x128 [ 19.384078] kasan_check_range+0x100/0x1a8 [ 19.384296] __asan_memset+0x34/0x78 [ 19.384345] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.384700] kunit_try_run_case+0x170/0x3f0 [ 19.384852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.384909] kthread+0x328/0x630 [ 19.385012] ret_from_fork+0x10/0x20 [ 19.385291] [ 19.385399] Allocated by task 172: [ 19.385513] kasan_save_stack+0x3c/0x68 [ 19.385592] kasan_save_track+0x20/0x40 [ 19.385767] kasan_save_alloc_info+0x40/0x58 [ 19.386069] __kasan_kmalloc+0xd4/0xd8 [ 19.386196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.386385] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.386433] kunit_try_run_case+0x170/0x3f0 [ 19.386657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.386857] kthread+0x328/0x630 [ 19.386905] ret_from_fork+0x10/0x20 [ 19.386940] [ 19.387014] The buggy address belongs to the object at fff00000c6343a00 [ 19.387014] which belongs to the cache kmalloc-128 of size 128 [ 19.387439] The buggy address is located 119 bytes inside of [ 19.387439] allocated 120-byte region [fff00000c6343a00, fff00000c6343a78) [ 19.387742] [ 19.387784] The buggy address belongs to the physical page: [ 19.387827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.387880] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.387928] page_type: f5(slab) [ 19.387967] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.388484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.388927] page dumped because: kasan: bad access detected [ 19.389009] [ 19.389101] Memory state around the buggy address: [ 19.389203] fff00000c6343900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.389299] fff00000c6343980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.389793] >fff00000c6343a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.389842] ^ [ 19.389950] fff00000c6343a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390103] fff00000c6343b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390189] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.364523] ================================================================== [ 19.364940] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 19.365171] Write of size 128 at addr fff00000c6343900 by task kunit_try_catch/170 [ 19.365243] [ 19.365277] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.365358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.365383] Hardware name: linux,dummy-virt (DT) [ 19.365576] Call trace: [ 19.365610] show_stack+0x20/0x38 (C) [ 19.365696] dump_stack_lvl+0x8c/0xd0 [ 19.366124] print_report+0x118/0x608 [ 19.366193] kasan_report+0xdc/0x128 [ 19.366276] kasan_check_range+0x100/0x1a8 [ 19.366352] __asan_memset+0x34/0x78 [ 19.366399] kmalloc_oob_in_memset+0x144/0x2d0 [ 19.366451] kunit_try_run_case+0x170/0x3f0 [ 19.366705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.367032] kthread+0x328/0x630 [ 19.367109] ret_from_fork+0x10/0x20 [ 19.367468] [ 19.367514] Allocated by task 170: [ 19.367585] kasan_save_stack+0x3c/0x68 [ 19.367915] kasan_save_track+0x20/0x40 [ 19.368119] kasan_save_alloc_info+0x40/0x58 [ 19.368229] __kasan_kmalloc+0xd4/0xd8 [ 19.368270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.368333] kmalloc_oob_in_memset+0xb0/0x2d0 [ 19.368377] kunit_try_run_case+0x170/0x3f0 [ 19.368670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.368886] kthread+0x328/0x630 [ 19.368971] ret_from_fork+0x10/0x20 [ 19.369128] [ 19.369265] The buggy address belongs to the object at fff00000c6343900 [ 19.369265] which belongs to the cache kmalloc-128 of size 128 [ 19.369476] The buggy address is located 0 bytes inside of [ 19.369476] allocated 120-byte region [fff00000c6343900, fff00000c6343978) [ 19.369685] [ 19.369859] The buggy address belongs to the physical page: [ 19.369999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.370149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.370378] page_type: f5(slab) [ 19.370565] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.370625] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.370667] page dumped because: kasan: bad access detected [ 19.370698] [ 19.370716] Memory state around the buggy address: [ 19.370780] fff00000c6343800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.370844] fff00000c6343880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.370885] >fff00000c6343900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.370925] ^ [ 19.370974] fff00000c6343980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371020] fff00000c6343a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371073] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.346840] ================================================================== [ 19.347091] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 19.347204] Read of size 16 at addr fff00000c58c2b20 by task kunit_try_catch/168 [ 19.347260] [ 19.347297] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.347383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.347408] Hardware name: linux,dummy-virt (DT) [ 19.347670] Call trace: [ 19.347793] show_stack+0x20/0x38 (C) [ 19.347963] dump_stack_lvl+0x8c/0xd0 [ 19.348068] print_report+0x118/0x608 [ 19.348117] kasan_report+0xdc/0x128 [ 19.348450] __asan_report_load16_noabort+0x20/0x30 [ 19.348811] kmalloc_uaf_16+0x3bc/0x438 [ 19.348935] kunit_try_run_case+0x170/0x3f0 [ 19.349179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.349380] kthread+0x328/0x630 [ 19.349518] ret_from_fork+0x10/0x20 [ 19.349654] [ 19.349779] Allocated by task 168: [ 19.349919] kasan_save_stack+0x3c/0x68 [ 19.349977] kasan_save_track+0x20/0x40 [ 19.350023] kasan_save_alloc_info+0x40/0x58 [ 19.350099] __kasan_kmalloc+0xd4/0xd8 [ 19.350273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.350456] kmalloc_uaf_16+0x140/0x438 [ 19.350531] kunit_try_run_case+0x170/0x3f0 [ 19.350744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.350896] kthread+0x328/0x630 [ 19.350931] ret_from_fork+0x10/0x20 [ 19.350977] [ 19.351324] Freed by task 168: [ 19.351424] kasan_save_stack+0x3c/0x68 [ 19.351677] kasan_save_track+0x20/0x40 [ 19.351762] kasan_save_free_info+0x4c/0x78 [ 19.351852] __kasan_slab_free+0x6c/0x98 [ 19.351890] kfree+0x214/0x3c8 [ 19.351923] kmalloc_uaf_16+0x190/0x438 [ 19.351957] kunit_try_run_case+0x170/0x3f0 [ 19.352365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.352756] kthread+0x328/0x630 [ 19.352866] ret_from_fork+0x10/0x20 [ 19.352964] [ 19.353048] The buggy address belongs to the object at fff00000c58c2b20 [ 19.353048] which belongs to the cache kmalloc-16 of size 16 [ 19.353182] The buggy address is located 0 bytes inside of [ 19.353182] freed 16-byte region [fff00000c58c2b20, fff00000c58c2b30) [ 19.353423] [ 19.353730] The buggy address belongs to the physical page: [ 19.353836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.354079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.354188] page_type: f5(slab) [ 19.354303] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.354541] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.354712] page dumped because: kasan: bad access detected [ 19.354759] [ 19.354807] Memory state around the buggy address: [ 19.354907] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.355063] fff00000c58c2a80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.355224] >fff00000c58c2b00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.355291] ^ [ 19.355570] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.355768] fff00000c58c2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356210] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.333825] ================================================================== [ 19.333904] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 19.333957] Write of size 16 at addr fff00000c58c2ac0 by task kunit_try_catch/166 [ 19.334172] [ 19.334509] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.334748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.334784] Hardware name: linux,dummy-virt (DT) [ 19.334842] Call trace: [ 19.334867] show_stack+0x20/0x38 (C) [ 19.334933] dump_stack_lvl+0x8c/0xd0 [ 19.334980] print_report+0x118/0x608 [ 19.335181] kasan_report+0xdc/0x128 [ 19.335255] __asan_report_store16_noabort+0x20/0x30 [ 19.335448] kmalloc_oob_16+0x3a0/0x3f8 [ 19.335650] kunit_try_run_case+0x170/0x3f0 [ 19.335858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.336027] kthread+0x328/0x630 [ 19.336092] ret_from_fork+0x10/0x20 [ 19.336279] [ 19.336320] Allocated by task 166: [ 19.336438] kasan_save_stack+0x3c/0x68 [ 19.336709] kasan_save_track+0x20/0x40 [ 19.336810] kasan_save_alloc_info+0x40/0x58 [ 19.336850] __kasan_kmalloc+0xd4/0xd8 [ 19.337031] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.337263] kmalloc_oob_16+0xb4/0x3f8 [ 19.337381] kunit_try_run_case+0x170/0x3f0 [ 19.337528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.337574] kthread+0x328/0x630 [ 19.337766] ret_from_fork+0x10/0x20 [ 19.337942] [ 19.337975] The buggy address belongs to the object at fff00000c58c2ac0 [ 19.337975] which belongs to the cache kmalloc-16 of size 16 [ 19.338193] The buggy address is located 0 bytes inside of [ 19.338193] allocated 13-byte region [fff00000c58c2ac0, fff00000c58c2acd) [ 19.338376] [ 19.338427] The buggy address belongs to the physical page: [ 19.338469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.338999] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.339216] page_type: f5(slab) [ 19.339372] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.339508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.339907] page dumped because: kasan: bad access detected [ 19.339980] [ 19.339999] Memory state around the buggy address: [ 19.340044] fff00000c58c2980: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.340097] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.340195] >fff00000c58c2a80: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 19.340249] ^ [ 19.340284] fff00000c58c2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.340450] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.340616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.312413] ================================================================== [ 19.312983] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 19.313046] Read of size 1 at addr fff00000c454d000 by task kunit_try_catch/164 [ 19.313168] [ 19.313216] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.313298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.313323] Hardware name: linux,dummy-virt (DT) [ 19.313526] Call trace: [ 19.313563] show_stack+0x20/0x38 (C) [ 19.313717] dump_stack_lvl+0x8c/0xd0 [ 19.313988] print_report+0x118/0x608 [ 19.314204] kasan_report+0xdc/0x128 [ 19.314265] __asan_report_load1_noabort+0x20/0x30 [ 19.314912] krealloc_uaf+0x4c8/0x520 [ 19.314983] kunit_try_run_case+0x170/0x3f0 [ 19.315108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.315178] kthread+0x328/0x630 [ 19.315226] ret_from_fork+0x10/0x20 [ 19.315416] [ 19.315510] Allocated by task 164: [ 19.315635] kasan_save_stack+0x3c/0x68 [ 19.315763] kasan_save_track+0x20/0x40 [ 19.315924] kasan_save_alloc_info+0x40/0x58 [ 19.316073] __kasan_kmalloc+0xd4/0xd8 [ 19.316225] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.316268] krealloc_uaf+0xc8/0x520 [ 19.316707] kunit_try_run_case+0x170/0x3f0 [ 19.316871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316986] kthread+0x328/0x630 [ 19.317133] ret_from_fork+0x10/0x20 [ 19.317659] [ 19.317726] Freed by task 164: [ 19.317813] kasan_save_stack+0x3c/0x68 [ 19.317936] kasan_save_track+0x20/0x40 [ 19.318077] kasan_save_free_info+0x4c/0x78 [ 19.318218] __kasan_slab_free+0x6c/0x98 [ 19.318258] kfree+0x214/0x3c8 [ 19.318617] krealloc_uaf+0x12c/0x520 [ 19.318813] kunit_try_run_case+0x170/0x3f0 [ 19.318926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.319058] kthread+0x328/0x630 [ 19.319176] ret_from_fork+0x10/0x20 [ 19.319483] [ 19.319541] The buggy address belongs to the object at fff00000c454d000 [ 19.319541] which belongs to the cache kmalloc-256 of size 256 [ 19.319694] The buggy address is located 0 bytes inside of [ 19.319694] freed 256-byte region [fff00000c454d000, fff00000c454d100) [ 19.319878] [ 19.320070] The buggy address belongs to the physical page: [ 19.320257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.320367] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.320512] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.320708] page_type: f5(slab) [ 19.320929] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.321121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.321376] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.321603] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.321711] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.321773] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.321821] page dumped because: kasan: bad access detected [ 19.321857] [ 19.321875] Memory state around the buggy address: [ 19.321906] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.321984] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.322036] >fff00000c454d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.322072] ^ [ 19.322105] fff00000c454d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.322167] fff00000c454d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.322203] ================================================================== [ 19.298832] ================================================================== [ 19.299398] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 19.299798] Read of size 1 at addr fff00000c454d000 by task kunit_try_catch/164 [ 19.299975] [ 19.300199] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.300437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.300647] Hardware name: linux,dummy-virt (DT) [ 19.300754] Call trace: [ 19.300856] show_stack+0x20/0x38 (C) [ 19.301066] dump_stack_lvl+0x8c/0xd0 [ 19.301218] print_report+0x118/0x608 [ 19.301428] kasan_report+0xdc/0x128 [ 19.301593] __kasan_check_byte+0x54/0x70 [ 19.301760] krealloc_noprof+0x44/0x360 [ 19.302218] krealloc_uaf+0x180/0x520 [ 19.302330] kunit_try_run_case+0x170/0x3f0 [ 19.302438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302650] kthread+0x328/0x630 [ 19.302712] ret_from_fork+0x10/0x20 [ 19.302979] [ 19.303250] Allocated by task 164: [ 19.303362] kasan_save_stack+0x3c/0x68 [ 19.303448] kasan_save_track+0x20/0x40 [ 19.303596] kasan_save_alloc_info+0x40/0x58 [ 19.303636] __kasan_kmalloc+0xd4/0xd8 [ 19.303688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.303728] krealloc_uaf+0xc8/0x520 [ 19.304072] kunit_try_run_case+0x170/0x3f0 [ 19.304837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304929] kthread+0x328/0x630 [ 19.305088] ret_from_fork+0x10/0x20 [ 19.305147] [ 19.305197] Freed by task 164: [ 19.305764] kasan_save_stack+0x3c/0x68 [ 19.305968] kasan_save_track+0x20/0x40 [ 19.306264] kasan_save_free_info+0x4c/0x78 [ 19.306498] __kasan_slab_free+0x6c/0x98 [ 19.306787] kfree+0x214/0x3c8 [ 19.307012] krealloc_uaf+0x12c/0x520 [ 19.307072] kunit_try_run_case+0x170/0x3f0 [ 19.307267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307473] kthread+0x328/0x630 [ 19.307565] ret_from_fork+0x10/0x20 [ 19.307867] [ 19.307997] The buggy address belongs to the object at fff00000c454d000 [ 19.307997] which belongs to the cache kmalloc-256 of size 256 [ 19.308280] The buggy address is located 0 bytes inside of [ 19.308280] freed 256-byte region [fff00000c454d000, fff00000c454d100) [ 19.308465] [ 19.308597] The buggy address belongs to the physical page: [ 19.308718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.309039] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.309171] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.309229] page_type: f5(slab) [ 19.309278] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.309335] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.309384] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.309432] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.309495] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.309542] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.309592] page dumped because: kasan: bad access detected [ 19.309621] [ 19.309639] Memory state around the buggy address: [ 19.309669] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309720] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309762] >fff00000c454d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.309814] ^ [ 19.309841] fff00000c454d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.309881] fff00000c454d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309933] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 19.286550] ================================================================== [ 19.286601] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.286689] Write of size 1 at addr fff00000c64c60eb by task kunit_try_catch/162 [ 19.286750] [ 19.286779] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.286856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.286881] Hardware name: linux,dummy-virt (DT) [ 19.286919] Call trace: [ 19.286939] show_stack+0x20/0x38 (C) [ 19.286987] dump_stack_lvl+0x8c/0xd0 [ 19.287032] print_report+0x118/0x608 [ 19.287085] kasan_report+0xdc/0x128 [ 19.287131] __asan_report_store1_noabort+0x20/0x30 [ 19.287193] krealloc_less_oob_helper+0xa58/0xc50 [ 19.287248] krealloc_large_less_oob+0x20/0x38 [ 19.287295] kunit_try_run_case+0x170/0x3f0 [ 19.287341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.287397] kthread+0x328/0x630 [ 19.287438] ret_from_fork+0x10/0x20 [ 19.287483] [ 19.288142] The buggy address belongs to the physical page: [ 19.288196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.288252] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.288536] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.288793] page_type: f8(unknown) [ 19.288868] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.288944] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.289116] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.289367] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.289547] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.289650] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.289859] page dumped because: kasan: bad access detected [ 19.289977] [ 19.290020] Memory state around the buggy address: [ 19.290051] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.290263] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.290384] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.290503] ^ [ 19.290659] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.290895] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.291248] ================================================================== [ 19.196771] ================================================================== [ 19.196817] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.196864] Write of size 1 at addr fff00000c454ced0 by task kunit_try_catch/158 [ 19.196912] [ 19.196970] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.197388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.197725] Hardware name: linux,dummy-virt (DT) [ 19.197768] Call trace: [ 19.197828] show_stack+0x20/0x38 (C) [ 19.197896] dump_stack_lvl+0x8c/0xd0 [ 19.198000] print_report+0x118/0x608 [ 19.198088] kasan_report+0xdc/0x128 [ 19.198182] __asan_report_store1_noabort+0x20/0x30 [ 19.198234] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.198486] krealloc_less_oob+0x20/0x38 [ 19.198546] kunit_try_run_case+0x170/0x3f0 [ 19.198635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.198688] kthread+0x328/0x630 [ 19.198731] ret_from_fork+0x10/0x20 [ 19.199175] [ 19.199213] Allocated by task 158: [ 19.199250] kasan_save_stack+0x3c/0x68 [ 19.199301] kasan_save_track+0x20/0x40 [ 19.199348] kasan_save_alloc_info+0x40/0x58 [ 19.199424] __kasan_krealloc+0x118/0x178 [ 19.199501] krealloc_noprof+0x128/0x360 [ 19.199569] krealloc_less_oob_helper+0x168/0xc50 [ 19.199607] krealloc_less_oob+0x20/0x38 [ 19.199642] kunit_try_run_case+0x170/0x3f0 [ 19.199922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.200019] kthread+0x328/0x630 [ 19.200587] ret_from_fork+0x10/0x20 [ 19.200683] [ 19.200775] The buggy address belongs to the object at fff00000c454ce00 [ 19.200775] which belongs to the cache kmalloc-256 of size 256 [ 19.200912] The buggy address is located 7 bytes to the right of [ 19.200912] allocated 201-byte region [fff00000c454ce00, fff00000c454cec9) [ 19.201045] [ 19.201063] The buggy address belongs to the physical page: [ 19.201093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.201433] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.201493] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.201790] page_type: f5(slab) [ 19.201944] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.202043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.202183] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.202314] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.202427] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.202540] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.202678] page dumped because: kasan: bad access detected [ 19.202755] [ 19.202837] Memory state around the buggy address: [ 19.202901] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.202982] fff00000c454ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.203348] >fff00000c454ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.203438] ^ [ 19.203591] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.203654] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.203692] ================================================================== [ 19.190466] ================================================================== [ 19.190520] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.190570] Write of size 1 at addr fff00000c454cec9 by task kunit_try_catch/158 [ 19.190618] [ 19.190651] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.190728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.190755] Hardware name: linux,dummy-virt (DT) [ 19.190785] Call trace: [ 19.190806] show_stack+0x20/0x38 (C) [ 19.190853] dump_stack_lvl+0x8c/0xd0 [ 19.190903] print_report+0x118/0x608 [ 19.190948] kasan_report+0xdc/0x128 [ 19.191014] __asan_report_store1_noabort+0x20/0x30 [ 19.191065] krealloc_less_oob_helper+0xa48/0xc50 [ 19.191121] krealloc_less_oob+0x20/0x38 [ 19.191177] kunit_try_run_case+0x170/0x3f0 [ 19.191224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.191275] kthread+0x328/0x630 [ 19.191380] ret_from_fork+0x10/0x20 [ 19.191972] [ 19.192027] Allocated by task 158: [ 19.192055] kasan_save_stack+0x3c/0x68 [ 19.192138] kasan_save_track+0x20/0x40 [ 19.192209] kasan_save_alloc_info+0x40/0x58 [ 19.192305] __kasan_krealloc+0x118/0x178 [ 19.192373] krealloc_noprof+0x128/0x360 [ 19.192479] krealloc_less_oob_helper+0x168/0xc50 [ 19.192529] krealloc_less_oob+0x20/0x38 [ 19.192565] kunit_try_run_case+0x170/0x3f0 [ 19.192601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.192642] kthread+0x328/0x630 [ 19.192881] ret_from_fork+0x10/0x20 [ 19.192924] [ 19.193022] The buggy address belongs to the object at fff00000c454ce00 [ 19.193022] which belongs to the cache kmalloc-256 of size 256 [ 19.193230] The buggy address is located 0 bytes to the right of [ 19.193230] allocated 201-byte region [fff00000c454ce00, fff00000c454cec9) [ 19.193402] [ 19.193462] The buggy address belongs to the physical page: [ 19.193578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.193668] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.193770] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.193886] page_type: f5(slab) [ 19.193944] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.194037] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.194087] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.194493] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.194637] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.194755] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.194864] page dumped because: kasan: bad access detected [ 19.194958] [ 19.195075] Memory state around the buggy address: [ 19.195273] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.195343] fff00000c454ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.195385] >fff00000c454ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.195421] ^ [ 19.195454] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.195672] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.195753] ================================================================== [ 19.274949] ================================================================== [ 19.274995] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.275243] Write of size 1 at addr fff00000c64c60ea by task kunit_try_catch/162 [ 19.275304] [ 19.275335] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.275880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.275918] Hardware name: linux,dummy-virt (DT) [ 19.276369] Call trace: [ 19.276942] show_stack+0x20/0x38 (C) [ 19.277014] dump_stack_lvl+0x8c/0xd0 [ 19.277446] print_report+0x118/0x608 [ 19.277573] kasan_report+0xdc/0x128 [ 19.277743] __asan_report_store1_noabort+0x20/0x30 [ 19.278026] krealloc_less_oob_helper+0xae4/0xc50 [ 19.278373] krealloc_large_less_oob+0x20/0x38 [ 19.278650] kunit_try_run_case+0x170/0x3f0 [ 19.278807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.279030] kthread+0x328/0x630 [ 19.279376] ret_from_fork+0x10/0x20 [ 19.279679] [ 19.279754] The buggy address belongs to the physical page: [ 19.279868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.280035] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.280152] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.280304] page_type: f8(unknown) [ 19.280374] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.280644] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.280743] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.280928] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.281027] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.281244] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.281479] page dumped because: kasan: bad access detected [ 19.281675] [ 19.281799] Memory state around the buggy address: [ 19.281972] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.282026] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.282067] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.282104] ^ [ 19.282143] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.282512] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.282904] ================================================================== [ 19.262151] ================================================================== [ 19.262253] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.262313] Write of size 1 at addr fff00000c64c60d0 by task kunit_try_catch/162 [ 19.262637] [ 19.262781] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.262869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.262899] Hardware name: linux,dummy-virt (DT) [ 19.262928] Call trace: [ 19.263094] show_stack+0x20/0x38 (C) [ 19.263218] dump_stack_lvl+0x8c/0xd0 [ 19.263271] print_report+0x118/0x608 [ 19.263317] kasan_report+0xdc/0x128 [ 19.263401] __asan_report_store1_noabort+0x20/0x30 [ 19.263453] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.263501] krealloc_large_less_oob+0x20/0x38 [ 19.264003] kunit_try_run_case+0x170/0x3f0 [ 19.264226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.264424] kthread+0x328/0x630 [ 19.264473] ret_from_fork+0x10/0x20 [ 19.264520] [ 19.264692] The buggy address belongs to the physical page: [ 19.264836] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.265055] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.265150] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.265325] page_type: f8(unknown) [ 19.265411] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.265854] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.265934] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.266081] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.266238] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.266345] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.266765] page dumped because: kasan: bad access detected [ 19.266826] [ 19.266906] Memory state around the buggy address: [ 19.267057] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.267240] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.267425] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.267468] ^ [ 19.267895] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.268068] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.268197] ================================================================== [ 19.211469] ================================================================== [ 19.211512] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.212122] Write of size 1 at addr fff00000c454ceea by task kunit_try_catch/158 [ 19.212231] [ 19.212383] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.212499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.212525] Hardware name: linux,dummy-virt (DT) [ 19.212554] Call trace: [ 19.212574] show_stack+0x20/0x38 (C) [ 19.212787] dump_stack_lvl+0x8c/0xd0 [ 19.212952] print_report+0x118/0x608 [ 19.213113] kasan_report+0xdc/0x128 [ 19.213258] __asan_report_store1_noabort+0x20/0x30 [ 19.213343] krealloc_less_oob_helper+0xae4/0xc50 [ 19.213392] krealloc_less_oob+0x20/0x38 [ 19.213636] kunit_try_run_case+0x170/0x3f0 [ 19.213806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.213902] kthread+0x328/0x630 [ 19.213964] ret_from_fork+0x10/0x20 [ 19.214044] [ 19.214062] Allocated by task 158: [ 19.214089] kasan_save_stack+0x3c/0x68 [ 19.214139] kasan_save_track+0x20/0x40 [ 19.214189] kasan_save_alloc_info+0x40/0x58 [ 19.214228] __kasan_krealloc+0x118/0x178 [ 19.214391] krealloc_noprof+0x128/0x360 [ 19.214534] krealloc_less_oob_helper+0x168/0xc50 [ 19.214578] krealloc_less_oob+0x20/0x38 [ 19.214625] kunit_try_run_case+0x170/0x3f0 [ 19.214739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.214782] kthread+0x328/0x630 [ 19.214814] ret_from_fork+0x10/0x20 [ 19.215044] [ 19.215143] The buggy address belongs to the object at fff00000c454ce00 [ 19.215143] which belongs to the cache kmalloc-256 of size 256 [ 19.215330] The buggy address is located 33 bytes to the right of [ 19.215330] allocated 201-byte region [fff00000c454ce00, fff00000c454cec9) [ 19.215551] [ 19.215608] The buggy address belongs to the physical page: [ 19.215723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.215827] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.215888] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.215937] page_type: f5(slab) [ 19.216405] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.216499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.216647] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.216737] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.216820] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.216998] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.217215] page dumped because: kasan: bad access detected [ 19.217344] [ 19.217462] Memory state around the buggy address: [ 19.217557] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.217601] fff00000c454ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.218049] >fff00000c454ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.218238] ^ [ 19.218345] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.218478] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.218528] ================================================================== [ 19.268865] ================================================================== [ 19.268912] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.269293] Write of size 1 at addr fff00000c64c60da by task kunit_try_catch/162 [ 19.269385] [ 19.269417] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.269891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.270027] Hardware name: linux,dummy-virt (DT) [ 19.270065] Call trace: [ 19.270172] show_stack+0x20/0x38 (C) [ 19.270229] dump_stack_lvl+0x8c/0xd0 [ 19.270275] print_report+0x118/0x608 [ 19.270327] kasan_report+0xdc/0x128 [ 19.270372] __asan_report_store1_noabort+0x20/0x30 [ 19.270422] krealloc_less_oob_helper+0xa80/0xc50 [ 19.270469] krealloc_large_less_oob+0x20/0x38 [ 19.270515] kunit_try_run_case+0x170/0x3f0 [ 19.270608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270661] kthread+0x328/0x630 [ 19.270701] ret_from_fork+0x10/0x20 [ 19.270747] [ 19.270766] The buggy address belongs to the physical page: [ 19.270805] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.270868] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.270918] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.270967] page_type: f8(unknown) [ 19.271004] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.271061] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.271110] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.271512] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.271579] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.271941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.271994] page dumped because: kasan: bad access detected [ 19.272298] [ 19.272450] Memory state around the buggy address: [ 19.272697] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.272975] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.273130] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.273340] ^ [ 19.273418] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.273552] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.273612] ================================================================== [ 19.219695] ================================================================== [ 19.219798] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.219860] Write of size 1 at addr fff00000c454ceeb by task kunit_try_catch/158 [ 19.220146] [ 19.220333] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.220427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.220750] Hardware name: linux,dummy-virt (DT) [ 19.220874] Call trace: [ 19.220984] show_stack+0x20/0x38 (C) [ 19.221081] dump_stack_lvl+0x8c/0xd0 [ 19.221256] print_report+0x118/0x608 [ 19.221347] kasan_report+0xdc/0x128 [ 19.221456] __asan_report_store1_noabort+0x20/0x30 [ 19.221541] krealloc_less_oob_helper+0xa58/0xc50 [ 19.221769] krealloc_less_oob+0x20/0x38 [ 19.221965] kunit_try_run_case+0x170/0x3f0 [ 19.222095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.222265] kthread+0x328/0x630 [ 19.222341] ret_from_fork+0x10/0x20 [ 19.222388] [ 19.222572] Allocated by task 158: [ 19.222698] kasan_save_stack+0x3c/0x68 [ 19.222822] kasan_save_track+0x20/0x40 [ 19.222984] kasan_save_alloc_info+0x40/0x58 [ 19.223104] __kasan_krealloc+0x118/0x178 [ 19.223181] krealloc_noprof+0x128/0x360 [ 19.223217] krealloc_less_oob_helper+0x168/0xc50 [ 19.223264] krealloc_less_oob+0x20/0x38 [ 19.223308] kunit_try_run_case+0x170/0x3f0 [ 19.223344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.223386] kthread+0x328/0x630 [ 19.223444] ret_from_fork+0x10/0x20 [ 19.223485] [ 19.223505] The buggy address belongs to the object at fff00000c454ce00 [ 19.223505] which belongs to the cache kmalloc-256 of size 256 [ 19.223561] The buggy address is located 34 bytes to the right of [ 19.223561] allocated 201-byte region [fff00000c454ce00, fff00000c454cec9) [ 19.223712] [ 19.223822] The buggy address belongs to the physical page: [ 19.223887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.223940] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.223985] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.224034] page_type: f5(slab) [ 19.224071] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.224121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.224365] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.224519] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.224602] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.224977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.225129] page dumped because: kasan: bad access detected [ 19.225321] [ 19.225392] Memory state around the buggy address: [ 19.225453] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.225495] fff00000c454ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.225854] >fff00000c454ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.225994] ^ [ 19.226110] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.226230] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.226329] ================================================================== [ 19.206791] ================================================================== [ 19.206842] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.206991] Write of size 1 at addr fff00000c454ceda by task kunit_try_catch/158 [ 19.207043] [ 19.207262] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.207379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.207405] Hardware name: linux,dummy-virt (DT) [ 19.207436] Call trace: [ 19.207457] show_stack+0x20/0x38 (C) [ 19.207581] dump_stack_lvl+0x8c/0xd0 [ 19.207641] print_report+0x118/0x608 [ 19.207711] kasan_report+0xdc/0x128 [ 19.207983] __asan_report_store1_noabort+0x20/0x30 [ 19.208101] krealloc_less_oob_helper+0xa80/0xc50 [ 19.208274] krealloc_less_oob+0x20/0x38 [ 19.208351] kunit_try_run_case+0x170/0x3f0 [ 19.208400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.208549] kthread+0x328/0x630 [ 19.208591] ret_from_fork+0x10/0x20 [ 19.208887] [ 19.208937] Allocated by task 158: [ 19.209087] kasan_save_stack+0x3c/0x68 [ 19.209230] kasan_save_track+0x20/0x40 [ 19.209354] kasan_save_alloc_info+0x40/0x58 [ 19.209396] __kasan_krealloc+0x118/0x178 [ 19.209651] krealloc_noprof+0x128/0x360 [ 19.209800] krealloc_less_oob_helper+0x168/0xc50 [ 19.209881] krealloc_less_oob+0x20/0x38 [ 19.209939] kunit_try_run_case+0x170/0x3f0 [ 19.209975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.210017] kthread+0x328/0x630 [ 19.210057] ret_from_fork+0x10/0x20 [ 19.210102] [ 19.210120] The buggy address belongs to the object at fff00000c454ce00 [ 19.210120] which belongs to the cache kmalloc-256 of size 256 [ 19.210197] The buggy address is located 17 bytes to the right of [ 19.210197] allocated 201-byte region [fff00000c454ce00, fff00000c454cec9) [ 19.210261] [ 19.210289] The buggy address belongs to the physical page: [ 19.210326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.210380] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.210428] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.210484] page_type: f5(slab) [ 19.210522] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.210579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.210628] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.210685] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.210733] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.210802] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.210841] page dumped because: kasan: bad access detected [ 19.210870] [ 19.210899] Memory state around the buggy address: [ 19.210929] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.210970] fff00000c454ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.211011] >fff00000c454ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.211056] ^ [ 19.211092] fff00000c454cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211165] fff00000c454cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.211201] ================================================================== [ 19.254228] ================================================================== [ 19.254283] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.254529] Write of size 1 at addr fff00000c64c60c9 by task kunit_try_catch/162 [ 19.254917] [ 19.255021] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.255109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.255291] Hardware name: linux,dummy-virt (DT) [ 19.255345] Call trace: [ 19.255406] show_stack+0x20/0x38 (C) [ 19.255579] dump_stack_lvl+0x8c/0xd0 [ 19.255628] print_report+0x118/0x608 [ 19.256073] kasan_report+0xdc/0x128 [ 19.256203] __asan_report_store1_noabort+0x20/0x30 [ 19.256410] krealloc_less_oob_helper+0xa48/0xc50 [ 19.256617] krealloc_large_less_oob+0x20/0x38 [ 19.256710] kunit_try_run_case+0x170/0x3f0 [ 19.256858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.256971] kthread+0x328/0x630 [ 19.257133] ret_from_fork+0x10/0x20 [ 19.257438] [ 19.257501] The buggy address belongs to the physical page: [ 19.257669] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.257803] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.257986] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.258038] page_type: f8(unknown) [ 19.258272] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.258582] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.258804] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.259091] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.259313] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.259470] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.259609] page dumped because: kasan: bad access detected [ 19.259902] [ 19.259976] Memory state around the buggy address: [ 19.260008] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.260056] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.260098] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.260373] ^ [ 19.260485] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.260656] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.260814] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.233384] ================================================================== [ 19.233498] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.233979] Write of size 1 at addr fff00000c64c60eb by task kunit_try_catch/160 [ 19.234049] [ 19.234138] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.234247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.234275] Hardware name: linux,dummy-virt (DT) [ 19.234351] Call trace: [ 19.234380] show_stack+0x20/0x38 (C) [ 19.234554] dump_stack_lvl+0x8c/0xd0 [ 19.234602] print_report+0x118/0x608 [ 19.234797] kasan_report+0xdc/0x128 [ 19.234842] __asan_report_store1_noabort+0x20/0x30 [ 19.234897] krealloc_more_oob_helper+0x60c/0x678 [ 19.235242] krealloc_large_more_oob+0x20/0x38 [ 19.235323] kunit_try_run_case+0x170/0x3f0 [ 19.235461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235872] kthread+0x328/0x630 [ 19.236066] ret_from_fork+0x10/0x20 [ 19.236241] [ 19.236284] The buggy address belongs to the physical page: [ 19.236314] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.236403] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.236451] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.236502] page_type: f8(unknown) [ 19.236540] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.237042] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.237147] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.237383] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.237609] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.237799] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.237887] page dumped because: kasan: bad access detected [ 19.237943] [ 19.237961] Memory state around the buggy address: [ 19.237993] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.238046] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.238095] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.238141] ^ [ 19.238190] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.238231] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.238276] ================================================================== [ 19.240594] ================================================================== [ 19.240794] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.240880] Write of size 1 at addr fff00000c64c60f0 by task kunit_try_catch/160 [ 19.241262] [ 19.241307] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.241387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.241413] Hardware name: linux,dummy-virt (DT) [ 19.241611] Call trace: [ 19.241645] show_stack+0x20/0x38 (C) [ 19.241879] dump_stack_lvl+0x8c/0xd0 [ 19.242025] print_report+0x118/0x608 [ 19.242103] kasan_report+0xdc/0x128 [ 19.242302] __asan_report_store1_noabort+0x20/0x30 [ 19.242471] krealloc_more_oob_helper+0x5c0/0x678 [ 19.242736] krealloc_large_more_oob+0x20/0x38 [ 19.242887] kunit_try_run_case+0x170/0x3f0 [ 19.243074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.243212] kthread+0x328/0x630 [ 19.243265] ret_from_fork+0x10/0x20 [ 19.243330] [ 19.243379] The buggy address belongs to the physical page: [ 19.243416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c4 [ 19.243472] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.243832] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.243999] page_type: f8(unknown) [ 19.244041] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.244243] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.244412] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.244674] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.244768] head: 0bfffe0000000002 ffffc1ffc3193101 00000000ffffffff 00000000ffffffff [ 19.244819] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.245007] page dumped because: kasan: bad access detected [ 19.245140] [ 19.245174] Memory state around the buggy address: [ 19.245207] fff00000c64c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.245251] fff00000c64c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.245293] >fff00000c64c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.245352] ^ [ 19.245401] fff00000c64c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.245452] fff00000c64c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.245489] ================================================================== [ 19.162602] ================================================================== [ 19.163169] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.163240] Write of size 1 at addr fff00000c454cceb by task kunit_try_catch/156 [ 19.163290] [ 19.163324] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.163403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.163481] Hardware name: linux,dummy-virt (DT) [ 19.163773] Call trace: [ 19.163862] show_stack+0x20/0x38 (C) [ 19.163916] dump_stack_lvl+0x8c/0xd0 [ 19.163963] print_report+0x118/0x608 [ 19.164009] kasan_report+0xdc/0x128 [ 19.164054] __asan_report_store1_noabort+0x20/0x30 [ 19.164408] krealloc_more_oob_helper+0x60c/0x678 [ 19.164562] krealloc_more_oob+0x20/0x38 [ 19.164712] kunit_try_run_case+0x170/0x3f0 [ 19.164767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.165170] kthread+0x328/0x630 [ 19.165251] ret_from_fork+0x10/0x20 [ 19.165687] [ 19.165774] Allocated by task 156: [ 19.165807] kasan_save_stack+0x3c/0x68 [ 19.166044] kasan_save_track+0x20/0x40 [ 19.166145] kasan_save_alloc_info+0x40/0x58 [ 19.166548] __kasan_krealloc+0x118/0x178 [ 19.166743] krealloc_noprof+0x128/0x360 [ 19.166959] krealloc_more_oob_helper+0x168/0x678 [ 19.167134] krealloc_more_oob+0x20/0x38 [ 19.167451] kunit_try_run_case+0x170/0x3f0 [ 19.167506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.167557] kthread+0x328/0x630 [ 19.167591] ret_from_fork+0x10/0x20 [ 19.167639] [ 19.167668] The buggy address belongs to the object at fff00000c454cc00 [ 19.167668] which belongs to the cache kmalloc-256 of size 256 [ 19.167734] The buggy address is located 0 bytes to the right of [ 19.167734] allocated 235-byte region [fff00000c454cc00, fff00000c454cceb) [ 19.167796] [ 19.167814] The buggy address belongs to the physical page: [ 19.167856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.167932] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.167979] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.168030] page_type: f5(slab) [ 19.168078] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.168127] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.168684] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.168752] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.168802] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.169065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.169255] page dumped because: kasan: bad access detected [ 19.169509] [ 19.169705] Memory state around the buggy address: [ 19.169933] fff00000c454cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.170036] fff00000c454cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.170130] >fff00000c454cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.170179] ^ [ 19.170461] fff00000c454cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.172214] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.172272] ================================================================== [ 19.175080] ================================================================== [ 19.175131] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.175256] Write of size 1 at addr fff00000c454ccf0 by task kunit_try_catch/156 [ 19.177999] [ 19.178224] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.178329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.178357] Hardware name: linux,dummy-virt (DT) [ 19.178395] Call trace: [ 19.178426] show_stack+0x20/0x38 (C) [ 19.178477] dump_stack_lvl+0x8c/0xd0 [ 19.178523] print_report+0x118/0x608 [ 19.178568] kasan_report+0xdc/0x128 [ 19.178661] __asan_report_store1_noabort+0x20/0x30 [ 19.179066] krealloc_more_oob_helper+0x5c0/0x678 [ 19.179125] krealloc_more_oob+0x20/0x38 [ 19.179184] kunit_try_run_case+0x170/0x3f0 [ 19.179234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.180947] kthread+0x328/0x630 [ 19.181085] ret_from_fork+0x10/0x20 [ 19.181224] [ 19.181242] Allocated by task 156: [ 19.181269] kasan_save_stack+0x3c/0x68 [ 19.181471] kasan_save_track+0x20/0x40 [ 19.181509] kasan_save_alloc_info+0x40/0x58 [ 19.181748] __kasan_krealloc+0x118/0x178 [ 19.181822] krealloc_noprof+0x128/0x360 [ 19.181859] krealloc_more_oob_helper+0x168/0x678 [ 19.182241] krealloc_more_oob+0x20/0x38 [ 19.182451] kunit_try_run_case+0x170/0x3f0 [ 19.182528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.182627] kthread+0x328/0x630 [ 19.182752] ret_from_fork+0x10/0x20 [ 19.182843] [ 19.182865] The buggy address belongs to the object at fff00000c454cc00 [ 19.182865] which belongs to the cache kmalloc-256 of size 256 [ 19.182942] The buggy address is located 5 bytes to the right of [ 19.182942] allocated 235-byte region [fff00000c454cc00, fff00000c454cceb) [ 19.183228] [ 19.183287] The buggy address belongs to the physical page: [ 19.183356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10454c [ 19.183522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.183607] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.183724] page_type: f5(slab) [ 19.183838] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.183975] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.184133] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.184196] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.184268] head: 0bfffe0000000001 ffffc1ffc3115301 00000000ffffffff 00000000ffffffff [ 19.184315] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.184581] page dumped because: kasan: bad access detected [ 19.184715] [ 19.184822] Memory state around the buggy address: [ 19.184892] fff00000c454cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.185025] fff00000c454cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.185083] >fff00000c454cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.185155] ^ [ 19.185292] fff00000c454cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.185362] fff00000c454cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.185398] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.145747] ================================================================== [ 19.145800] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.145849] Read of size 1 at addr fff00000c7790000 by task kunit_try_catch/154 [ 19.145898] [ 19.146210] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.146519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.146546] Hardware name: linux,dummy-virt (DT) [ 19.146576] Call trace: [ 19.146823] show_stack+0x20/0x38 (C) [ 19.147181] dump_stack_lvl+0x8c/0xd0 [ 19.147255] print_report+0x118/0x608 [ 19.147313] kasan_report+0xdc/0x128 [ 19.147516] __asan_report_load1_noabort+0x20/0x30 [ 19.147590] page_alloc_uaf+0x328/0x350 [ 19.147635] kunit_try_run_case+0x170/0x3f0 [ 19.147795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.148025] kthread+0x328/0x630 [ 19.148203] ret_from_fork+0x10/0x20 [ 19.148392] [ 19.148412] The buggy address belongs to the physical page: [ 19.148441] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 19.148494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.148854] page_type: f0(buddy) [ 19.149065] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 19.149244] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 19.149348] page dumped because: kasan: bad access detected [ 19.149541] [ 19.149679] Memory state around the buggy address: [ 19.149733] fff00000c778ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.150203] fff00000c778ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.150280] >fff00000c7790000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.150394] ^ [ 19.150425] fff00000c7790080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.150831] fff00000c7790100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.150896] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 19.126120] ================================================================== [ 19.126301] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 19.126420] Free of addr fff00000c64bc001 by task kunit_try_catch/150 [ 19.126807] [ 19.126853] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.127091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.127121] Hardware name: linux,dummy-virt (DT) [ 19.127150] Call trace: [ 19.127335] show_stack+0x20/0x38 (C) [ 19.127508] dump_stack_lvl+0x8c/0xd0 [ 19.127561] print_report+0x118/0x608 [ 19.127743] kasan_report_invalid_free+0xc0/0xe8 [ 19.127802] __kasan_kfree_large+0x5c/0xa8 [ 19.127868] free_large_kmalloc+0x64/0x190 [ 19.128022] kfree+0x270/0x3c8 [ 19.128194] kmalloc_large_invalid_free+0x108/0x270 [ 19.128288] kunit_try_run_case+0x170/0x3f0 [ 19.128479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.128541] kthread+0x328/0x630 [ 19.128733] ret_from_fork+0x10/0x20 [ 19.129024] [ 19.129070] The buggy address belongs to the physical page: [ 19.129442] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 19.129520] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.129567] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.129742] page_type: f8(unknown) [ 19.129896] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.130033] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.130103] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.130181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.130232] head: 0bfffe0000000002 ffffc1ffc3192f01 00000000ffffffff 00000000ffffffff [ 19.130289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.130336] page dumped because: kasan: bad access detected [ 19.130367] [ 19.130385] Memory state around the buggy address: [ 19.130424] fff00000c64bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.130466] fff00000c64bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.130511] >fff00000c64bc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.130549] ^ [ 19.130576] fff00000c64bc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.130618] fff00000c64bc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.130679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.111937] ================================================================== [ 19.112149] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 19.112426] Read of size 1 at addr fff00000c64bc000 by task kunit_try_catch/148 [ 19.112484] [ 19.112726] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.112986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.113192] Hardware name: linux,dummy-virt (DT) [ 19.113247] Call trace: [ 19.113382] show_stack+0x20/0x38 (C) [ 19.113642] dump_stack_lvl+0x8c/0xd0 [ 19.113719] print_report+0x118/0x608 [ 19.113948] kasan_report+0xdc/0x128 [ 19.114196] __asan_report_load1_noabort+0x20/0x30 [ 19.114389] kmalloc_large_uaf+0x2cc/0x2f8 [ 19.114440] kunit_try_run_case+0x170/0x3f0 [ 19.114619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.114714] kthread+0x328/0x630 [ 19.114756] ret_from_fork+0x10/0x20 [ 19.114813] [ 19.114847] The buggy address belongs to the physical page: [ 19.114877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 19.114944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.115024] raw: 0bfffe0000000000 ffffc1ffc3193008 fff00000da478c40 0000000000000000 [ 19.115082] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.115121] page dumped because: kasan: bad access detected [ 19.115172] [ 19.115191] Memory state around the buggy address: [ 19.115229] fff00000c64bbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.115271] fff00000c64bbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.115312] >fff00000c64bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.115359] ^ [ 19.115398] fff00000c64bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.115438] fff00000c64bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.115475] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.093981] ================================================================== [ 19.094048] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 19.094097] Write of size 1 at addr fff00000c64be00a by task kunit_try_catch/146 [ 19.094144] [ 19.094636] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.094724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.095106] Hardware name: linux,dummy-virt (DT) [ 19.095148] Call trace: [ 19.095188] show_stack+0x20/0x38 (C) [ 19.095611] dump_stack_lvl+0x8c/0xd0 [ 19.095846] print_report+0x118/0x608 [ 19.095900] kasan_report+0xdc/0x128 [ 19.096036] __asan_report_store1_noabort+0x20/0x30 [ 19.096406] kmalloc_large_oob_right+0x278/0x2b8 [ 19.096464] kunit_try_run_case+0x170/0x3f0 [ 19.096897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.096979] kthread+0x328/0x630 [ 19.097047] ret_from_fork+0x10/0x20 [ 19.097120] [ 19.097248] The buggy address belongs to the physical page: [ 19.097316] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064bc [ 19.097670] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.097827] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.098224] page_type: f8(unknown) [ 19.098317] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.098369] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.098575] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.098682] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.098858] head: 0bfffe0000000002 ffffc1ffc3192f01 00000000ffffffff 00000000ffffffff [ 19.099298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.099453] page dumped because: kasan: bad access detected [ 19.099487] [ 19.099505] Memory state around the buggy address: [ 19.099793] fff00000c64bdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.099983] fff00000c64bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.100029] >fff00000c64be000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.100087] ^ [ 19.100123] fff00000c64be080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.100322] fff00000c64be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.100520] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.074536] ================================================================== [ 19.074733] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.074839] Write of size 1 at addr fff00000c64edf00 by task kunit_try_catch/144 [ 19.074942] [ 19.074982] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.075064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.075105] Hardware name: linux,dummy-virt (DT) [ 19.075385] Call trace: [ 19.075429] show_stack+0x20/0x38 (C) [ 19.075631] dump_stack_lvl+0x8c/0xd0 [ 19.075766] print_report+0x118/0x608 [ 19.075994] kasan_report+0xdc/0x128 [ 19.076061] __asan_report_store1_noabort+0x20/0x30 [ 19.076111] kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.076168] kunit_try_run_case+0x170/0x3f0 [ 19.076215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.076653] kthread+0x328/0x630 [ 19.076791] ret_from_fork+0x10/0x20 [ 19.076920] [ 19.076939] Allocated by task 144: [ 19.076966] kasan_save_stack+0x3c/0x68 [ 19.077246] kasan_save_track+0x20/0x40 [ 19.077498] kasan_save_alloc_info+0x40/0x58 [ 19.077682] __kasan_kmalloc+0xd4/0xd8 [ 19.077926] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.078139] kmalloc_big_oob_right+0xb8/0x2f0 [ 19.078207] kunit_try_run_case+0x170/0x3f0 [ 19.078414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.078547] kthread+0x328/0x630 [ 19.078696] ret_from_fork+0x10/0x20 [ 19.078886] [ 19.078913] The buggy address belongs to the object at fff00000c64ec000 [ 19.078913] which belongs to the cache kmalloc-8k of size 8192 [ 19.079080] The buggy address is located 0 bytes to the right of [ 19.079080] allocated 7936-byte region [fff00000c64ec000, fff00000c64edf00) [ 19.079240] [ 19.079262] The buggy address belongs to the physical page: [ 19.079309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064e8 [ 19.079364] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.079409] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.079460] page_type: f5(slab) [ 19.079665] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.079932] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.080088] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.080306] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.080518] head: 0bfffe0000000003 ffffc1ffc3193a01 00000000ffffffff 00000000ffffffff [ 19.080728] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.081209] page dumped because: kasan: bad access detected [ 19.081379] [ 19.081505] Memory state around the buggy address: [ 19.081539] fff00000c64ede00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.081587] fff00000c64ede80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.081818] >fff00000c64edf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.082208] ^ [ 19.082302] fff00000c64edf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.082464] fff00000c64ee000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.082523] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.049487] ================================================================== [ 19.049546] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.049599] Write of size 1 at addr fff00000c6343778 by task kunit_try_catch/142 [ 19.049646] [ 19.049676] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.049763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.049795] Hardware name: linux,dummy-virt (DT) [ 19.049825] Call trace: [ 19.049846] show_stack+0x20/0x38 (C) [ 19.049893] dump_stack_lvl+0x8c/0xd0 [ 19.049941] print_report+0x118/0x608 [ 19.049995] kasan_report+0xdc/0x128 [ 19.050041] __asan_report_store1_noabort+0x20/0x30 [ 19.050092] kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.050150] kunit_try_run_case+0x170/0x3f0 [ 19.050674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.051112] kthread+0x328/0x630 [ 19.051503] ret_from_fork+0x10/0x20 [ 19.051579] [ 19.051599] Allocated by task 142: [ 19.051657] kasan_save_stack+0x3c/0x68 [ 19.051701] kasan_save_track+0x20/0x40 [ 19.051756] kasan_save_alloc_info+0x40/0x58 [ 19.052206] __kasan_kmalloc+0xd4/0xd8 [ 19.052368] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.052633] kmalloc_track_caller_oob_right+0xa8/0x488 [ 19.052763] kunit_try_run_case+0x170/0x3f0 [ 19.053026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.053098] kthread+0x328/0x630 [ 19.053165] ret_from_fork+0x10/0x20 [ 19.053495] [ 19.053556] The buggy address belongs to the object at fff00000c6343700 [ 19.053556] which belongs to the cache kmalloc-128 of size 128 [ 19.053670] The buggy address is located 0 bytes to the right of [ 19.053670] allocated 120-byte region [fff00000c6343700, fff00000c6343778) [ 19.053791] [ 19.053870] The buggy address belongs to the physical page: [ 19.053983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.054086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.054242] page_type: f5(slab) [ 19.054325] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.054693] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.054768] page dumped because: kasan: bad access detected [ 19.054873] [ 19.054900] Memory state around the buggy address: [ 19.054932] fff00000c6343600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.055012] fff00000c6343680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.055233] >fff00000c6343700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.055312] ^ [ 19.055538] fff00000c6343780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.055891] fff00000c6343800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.055963] ================================================================== [ 19.057572] ================================================================== [ 19.058012] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 19.058077] Write of size 1 at addr fff00000c6343878 by task kunit_try_catch/142 [ 19.058342] [ 19.058510] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.058598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.058624] Hardware name: linux,dummy-virt (DT) [ 19.058847] Call trace: [ 19.058884] show_stack+0x20/0x38 (C) [ 19.058940] dump_stack_lvl+0x8c/0xd0 [ 19.058995] print_report+0x118/0x608 [ 19.059196] kasan_report+0xdc/0x128 [ 19.059526] __asan_report_store1_noabort+0x20/0x30 [ 19.059618] kmalloc_track_caller_oob_right+0x418/0x488 [ 19.059780] kunit_try_run_case+0x170/0x3f0 [ 19.059831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.059882] kthread+0x328/0x630 [ 19.060096] ret_from_fork+0x10/0x20 [ 19.060425] [ 19.060499] Allocated by task 142: [ 19.060601] kasan_save_stack+0x3c/0x68 [ 19.060681] kasan_save_track+0x20/0x40 [ 19.060886] kasan_save_alloc_info+0x40/0x58 [ 19.061051] __kasan_kmalloc+0xd4/0xd8 [ 19.061454] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.061790] kmalloc_track_caller_oob_right+0x184/0x488 [ 19.061847] kunit_try_run_case+0x170/0x3f0 [ 19.061988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.062622] kthread+0x328/0x630 [ 19.062772] ret_from_fork+0x10/0x20 [ 19.062965] [ 19.063143] The buggy address belongs to the object at fff00000c6343800 [ 19.063143] which belongs to the cache kmalloc-128 of size 128 [ 19.063349] The buggy address is located 0 bytes to the right of [ 19.063349] allocated 120-byte region [fff00000c6343800, fff00000c6343878) [ 19.063418] [ 19.063647] The buggy address belongs to the physical page: [ 19.063841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.063990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.064040] page_type: f5(slab) [ 19.064097] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.064363] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.064514] page dumped because: kasan: bad access detected [ 19.064598] [ 19.064618] Memory state around the buggy address: [ 19.064649] fff00000c6343700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.064867] fff00000c6343780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.065035] >fff00000c6343800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.065099] ^ [ 19.065202] fff00000c6343880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.065269] fff00000c6343900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.065306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 19.033862] ================================================================== [ 19.033943] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 19.033994] Read of size 1 at addr fff00000c641d000 by task kunit_try_catch/140 [ 19.034061] [ 19.034092] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.034356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.034390] Hardware name: linux,dummy-virt (DT) [ 19.034670] Call trace: [ 19.034741] show_stack+0x20/0x38 (C) [ 19.034832] dump_stack_lvl+0x8c/0xd0 [ 19.034883] print_report+0x118/0x608 [ 19.034934] kasan_report+0xdc/0x128 [ 19.034986] __asan_report_load1_noabort+0x20/0x30 [ 19.035112] kmalloc_node_oob_right+0x2f4/0x330 [ 19.035174] kunit_try_run_case+0x170/0x3f0 [ 19.035443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.035557] kthread+0x328/0x630 [ 19.035602] ret_from_fork+0x10/0x20 [ 19.035703] [ 19.035721] Allocated by task 140: [ 19.035749] kasan_save_stack+0x3c/0x68 [ 19.035804] kasan_save_track+0x20/0x40 [ 19.035841] kasan_save_alloc_info+0x40/0x58 [ 19.036181] __kasan_kmalloc+0xd4/0xd8 [ 19.036287] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 19.036412] kmalloc_node_oob_right+0xbc/0x330 [ 19.036652] kunit_try_run_case+0x170/0x3f0 [ 19.037004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.037105] kthread+0x328/0x630 [ 19.037212] ret_from_fork+0x10/0x20 [ 19.037304] [ 19.037475] The buggy address belongs to the object at fff00000c641c000 [ 19.037475] which belongs to the cache kmalloc-4k of size 4096 [ 19.037678] The buggy address is located 0 bytes to the right of [ 19.037678] allocated 4096-byte region [fff00000c641c000, fff00000c641d000) [ 19.037819] [ 19.038234] The buggy address belongs to the physical page: [ 19.038342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106418 [ 19.038622] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.038686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.038772] page_type: f5(slab) [ 19.038810] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.038876] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.038953] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.039002] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.039060] head: 0bfffe0000000003 ffffc1ffc3190601 00000000ffffffff 00000000ffffffff [ 19.039116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.039596] page dumped because: kasan: bad access detected [ 19.039656] [ 19.039784] Memory state around the buggy address: [ 19.039820] fff00000c641cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.039882] fff00000c641cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.040226] >fff00000c641d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.040292] ^ [ 19.040639] fff00000c641d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.040820] fff00000c641d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.041026] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 19.019047] ================================================================== [ 19.019124] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 19.019240] Read of size 1 at addr fff00000c58c2a9f by task kunit_try_catch/138 [ 19.019309] [ 19.019351] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.019430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.019466] Hardware name: linux,dummy-virt (DT) [ 19.019497] Call trace: [ 19.019519] show_stack+0x20/0x38 (C) [ 19.019566] dump_stack_lvl+0x8c/0xd0 [ 19.019612] print_report+0x118/0x608 [ 19.019656] kasan_report+0xdc/0x128 [ 19.019700] __asan_report_load1_noabort+0x20/0x30 [ 19.019750] kmalloc_oob_left+0x2ec/0x320 [ 19.019794] kunit_try_run_case+0x170/0x3f0 [ 19.019840] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.019891] kthread+0x328/0x630 [ 19.019932] ret_from_fork+0x10/0x20 [ 19.019980] [ 19.019998] Allocated by task 24: [ 19.020027] kasan_save_stack+0x3c/0x68 [ 19.020066] kasan_save_track+0x20/0x40 [ 19.020103] kasan_save_alloc_info+0x40/0x58 [ 19.020142] __kasan_kmalloc+0xd4/0xd8 [ 19.020187] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.020460] kvasprintf+0xe0/0x180 [ 19.020824] __kthread_create_on_node+0x16c/0x350 [ 19.020934] kthread_create_on_node+0xe4/0x130 [ 19.021197] create_worker+0x380/0x6b8 [ 19.021238] worker_thread+0x808/0xf38 [ 19.021273] kthread+0x328/0x630 [ 19.021337] ret_from_fork+0x10/0x20 [ 19.021676] [ 19.021736] The buggy address belongs to the object at fff00000c58c2a80 [ 19.021736] which belongs to the cache kmalloc-16 of size 16 [ 19.021971] The buggy address is located 19 bytes to the right of [ 19.021971] allocated 12-byte region [fff00000c58c2a80, fff00000c58c2a8c) [ 19.022241] [ 19.022319] The buggy address belongs to the physical page: [ 19.022444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058c2 [ 19.022537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.022585] page_type: f5(slab) [ 19.022624] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.022999] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.023147] page dumped because: kasan: bad access detected [ 19.023211] [ 19.023228] Memory state around the buggy address: [ 19.023262] fff00000c58c2980: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.023321] fff00000c58c2a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.023655] >fff00000c58c2a80: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 19.023809] ^ [ 19.023947] fff00000c58c2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.024027] fff00000c58c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.024072] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 18.998367] ================================================================== [ 18.998415] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.998460] Read of size 1 at addr fff00000c6343680 by task kunit_try_catch/136 [ 18.998508] [ 18.998535] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.998611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.998836] Hardware name: linux,dummy-virt (DT) [ 18.998962] Call trace: [ 18.999303] show_stack+0x20/0x38 (C) [ 18.999699] dump_stack_lvl+0x8c/0xd0 [ 18.999960] print_report+0x118/0x608 [ 19.000061] kasan_report+0xdc/0x128 [ 19.000188] __asan_report_load1_noabort+0x20/0x30 [ 19.000238] kmalloc_oob_right+0x5d0/0x660 [ 19.000282] kunit_try_run_case+0x170/0x3f0 [ 19.000327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.000650] kthread+0x328/0x630 [ 19.000718] ret_from_fork+0x10/0x20 [ 19.000766] [ 19.000783] Allocated by task 136: [ 19.000810] kasan_save_stack+0x3c/0x68 [ 19.000888] kasan_save_track+0x20/0x40 [ 19.000949] kasan_save_alloc_info+0x40/0x58 [ 19.000989] __kasan_kmalloc+0xd4/0xd8 [ 19.001118] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.001324] kmalloc_oob_right+0xb0/0x660 [ 19.001474] kunit_try_run_case+0x170/0x3f0 [ 19.001654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.001712] kthread+0x328/0x630 [ 19.001744] ret_from_fork+0x10/0x20 [ 19.001891] [ 19.002140] The buggy address belongs to the object at fff00000c6343600 [ 19.002140] which belongs to the cache kmalloc-128 of size 128 [ 19.002344] The buggy address is located 13 bytes to the right of [ 19.002344] allocated 115-byte region [fff00000c6343600, fff00000c6343673) [ 19.002409] [ 19.002427] The buggy address belongs to the physical page: [ 19.002466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 19.002584] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.002629] page_type: f5(slab) [ 19.002666] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.002715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.003090] page dumped because: kasan: bad access detected [ 19.003238] [ 19.003302] Memory state around the buggy address: [ 19.003339] fff00000c6343580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003480] fff00000c6343600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.003521] >fff00000c6343680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003557] ^ [ 19.003583] fff00000c6343700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003779] fff00000c6343780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.003965] ================================================================== [ 18.978665] ================================================================== [ 18.979007] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.979847] Write of size 1 at addr fff00000c6343673 by task kunit_try_catch/136 [ 18.979954] [ 18.980716] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 18.980858] Tainted: [N]=TEST [ 18.980890] Hardware name: linux,dummy-virt (DT) [ 18.981109] Call trace: [ 18.981288] show_stack+0x20/0x38 (C) [ 18.981422] dump_stack_lvl+0x8c/0xd0 [ 18.981482] print_report+0x118/0x608 [ 18.981530] kasan_report+0xdc/0x128 [ 18.981575] __asan_report_store1_noabort+0x20/0x30 [ 18.981626] kmalloc_oob_right+0x5a4/0x660 [ 18.981671] kunit_try_run_case+0x170/0x3f0 [ 18.981721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.981772] kthread+0x328/0x630 [ 18.981816] ret_from_fork+0x10/0x20 [ 18.981966] [ 18.982003] Allocated by task 136: [ 18.982120] kasan_save_stack+0x3c/0x68 [ 18.982198] kasan_save_track+0x20/0x40 [ 18.982236] kasan_save_alloc_info+0x40/0x58 [ 18.982276] __kasan_kmalloc+0xd4/0xd8 [ 18.982312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.982352] kmalloc_oob_right+0xb0/0x660 [ 18.982387] kunit_try_run_case+0x170/0x3f0 [ 18.982425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.982467] kthread+0x328/0x630 [ 18.982499] ret_from_fork+0x10/0x20 [ 18.982552] [ 18.982611] The buggy address belongs to the object at fff00000c6343600 [ 18.982611] which belongs to the cache kmalloc-128 of size 128 [ 18.982702] The buggy address is located 0 bytes to the right of [ 18.982702] allocated 115-byte region [fff00000c6343600, fff00000c6343673) [ 18.982768] [ 18.982846] The buggy address belongs to the physical page: [ 18.983021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 18.983296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.983692] page_type: f5(slab) [ 18.983990] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.984053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.984172] page dumped because: kasan: bad access detected [ 18.984213] [ 18.984238] Memory state around the buggy address: [ 18.984456] fff00000c6343500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.984520] fff00000c6343580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.984573] >fff00000c6343600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.984626] ^ [ 18.984706] fff00000c6343680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.984747] fff00000c6343700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.984810] ================================================================== [ 18.989531] ================================================================== [ 18.989694] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.989958] Write of size 1 at addr fff00000c6343678 by task kunit_try_catch/136 [ 18.990007] [ 18.990615] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.991049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.991088] Hardware name: linux,dummy-virt (DT) [ 18.991121] Call trace: [ 18.991142] show_stack+0x20/0x38 (C) [ 18.991763] dump_stack_lvl+0x8c/0xd0 [ 18.991930] print_report+0x118/0x608 [ 18.991980] kasan_report+0xdc/0x128 [ 18.992027] __asan_report_store1_noabort+0x20/0x30 [ 18.992534] kmalloc_oob_right+0x538/0x660 [ 18.992882] kunit_try_run_case+0x170/0x3f0 [ 18.992942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.993325] kthread+0x328/0x630 [ 18.993593] ret_from_fork+0x10/0x20 [ 18.993652] [ 18.993671] Allocated by task 136: [ 18.994027] kasan_save_stack+0x3c/0x68 [ 18.994078] kasan_save_track+0x20/0x40 [ 18.994115] kasan_save_alloc_info+0x40/0x58 [ 18.994262] __kasan_kmalloc+0xd4/0xd8 [ 18.994301] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.994683] kmalloc_oob_right+0xb0/0x660 [ 18.994727] kunit_try_run_case+0x170/0x3f0 [ 18.994936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.995277] kthread+0x328/0x630 [ 18.995326] ret_from_fork+0x10/0x20 [ 18.995894] [ 18.995927] The buggy address belongs to the object at fff00000c6343600 [ 18.995927] which belongs to the cache kmalloc-128 of size 128 [ 18.996090] The buggy address is located 5 bytes to the right of [ 18.996090] allocated 115-byte region [fff00000c6343600, fff00000c6343673) [ 18.996177] [ 18.996195] The buggy address belongs to the physical page: [ 18.996310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106343 [ 18.996494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.996542] page_type: f5(slab) [ 18.996822] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.996880] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.996921] page dumped because: kasan: bad access detected [ 18.996952] [ 18.997010] Memory state around the buggy address: [ 18.997155] fff00000c6343500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.997209] fff00000c6343580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.997353] >fff00000c6343600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.997467] ^ [ 18.997508] fff00000c6343680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.997644] fff00000c6343700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.997690] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.626674] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.627498] Modules linked in: [ 97.627903] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 97.628848] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.629309] Hardware name: linux,dummy-virt (DT) [ 97.629689] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.630176] pc : intlog10+0x38/0x48 [ 97.630525] lr : intlog10_test+0xe4/0x200 [ 97.630887] sp : ffff8000821b7c10 [ 97.631083] x29: ffff8000821b7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.631843] x26: 1ffe000018899e01 x25: 0000000000000000 x24: ffff8000821b7ce0 [ 97.632397] x23: ffff8000821b7d00 x22: 0000000000000000 x21: 1ffff00010436f82 [ 97.632786] x20: ffffabf26c289e80 x19: ffff800080087990 x18: 00000000edf7e12b [ 97.633199] x17: 00000000073521df x16: 00000000f07d6044 x15: 0000000054292b9d [ 97.633625] x14: 000000008a2719d7 x13: 1ffe00001b48a589 x12: ffff757e4e023379 [ 97.634062] x11: 1ffff57e4e023378 x10: ffff757e4e023378 x9 : ffffabf26983501c [ 97.634487] x8 : ffffabf270119bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.634913] x5 : ffff700010436f82 x4 : 1ffff00010010f3a x3 : 1ffff57e4d8513d0 [ 97.635343] x2 : 1ffff57e4d8513d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.636212] Call trace: [ 97.636400] intlog10+0x38/0x48 (P) [ 97.636625] kunit_try_run_case+0x170/0x3f0 [ 97.636870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.637171] kthread+0x328/0x630 [ 97.637368] ret_from_fork+0x10/0x20 [ 97.637611] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.581704] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.582552] Modules linked in: [ 97.582827] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 97.583351] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.583652] Hardware name: linux,dummy-virt (DT) [ 97.583957] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.584337] pc : intlog2+0xd8/0xf8 [ 97.584546] lr : intlog2_test+0xe4/0x200 [ 97.584767] sp : ffff8000821b7c10 [ 97.584968] x29: ffff8000821b7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.585518] x26: 1ffe000018c71b81 x25: 0000000000000000 x24: ffff8000821b7ce0 [ 97.587082] x23: ffff8000821b7d00 x22: 0000000000000000 x21: 1ffff00010436f82 [ 97.587552] x20: ffffabf26c289d80 x19: ffff800080087990 x18: 0000000013b00362 [ 97.587979] x17: 00000000ef8698b4 x16: fff00000c097543c x15: 00000000e597c46b [ 97.588414] x14: 000000004e1b4826 x13: 1ffe00001b48e9cd x12: ffff757e4e023379 [ 97.588847] x11: 1ffff57e4e023378 x10: ffff757e4e023378 x9 : ffffabf26983521c [ 97.589504] x8 : ffffabf270119bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.589941] x5 : ffff700010436f82 x4 : 1ffff00010010f3a x3 : 1ffff57e4d8513b0 [ 97.590649] x2 : 1ffff57e4d8513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.591108] Call trace: [ 97.591410] intlog2+0xd8/0xf8 (P) [ 97.592282] kunit_try_run_case+0x170/0x3f0 [ 97.592609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.592854] kthread+0x328/0x630 [ 97.593039] ret_from_fork+0x10/0x20 [ 97.593268] ---[ end trace 0000000000000000 ]---