Date
July 9, 2025, 11:07 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.134218] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 19.193905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 19.279922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.935791] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.942273] Modules linked in: [ 94.943384] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 94.944600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.945167] Hardware name: linux,dummy-virt (DT) [ 94.946090] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.946920] pc : kunit_test_null_dereference+0x70/0x170 [ 94.947783] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.948054] sp : ffff800082047d30 [ 94.948727] x29: ffff800082047d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.949639] x26: 1ffe000018ae18e1 x25: 0000000000000000 x24: 0000000000000004 [ 94.950204] x23: fff00000c570c70c x22: ffffb06b6e023e38 x21: fff00000c1201388 [ 94.950810] x20: 1ffff00010408fa6 x19: ffff800080087990 x18: 00000000ce0c543b [ 94.951246] x17: 00000000b709b002 x16: 0000000000000100 x15: 000000006ac55326 [ 94.951645] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e989 x12: fffd800018222b3c [ 94.952105] x11: 1ffe000018222b3b x10: fffd800018222b3b x9 : ffffb06b6e01b2a0 [ 94.952580] x8 : ffff800082047c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.953002] x5 : ffff700010408fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.953447] x2 : dfff800000000000 x1 : fff00000c1115100 x0 : ffff800080087990 [ 94.953912] Call trace: [ 94.954094] kunit_test_null_dereference+0x70/0x170 (P) [ 94.954402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.954705] kthread+0x328/0x630 [ 94.954891] ret_from_fork+0x10/0x20 [ 94.955371] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.955948] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.940914] ================================================================== [ 50.940986] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.940986] [ 50.941078] Use-after-free read at 0x0000000050c404f4 (in kfence-#159): [ 50.941156] test_krealloc+0x51c/0x830 [ 50.941207] kunit_try_run_case+0x170/0x3f0 [ 50.941259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.941304] kthread+0x328/0x630 [ 50.941343] ret_from_fork+0x10/0x20 [ 50.941386] [ 50.941410] kfence-#159: 0x0000000050c404f4-0x00000000e680bbe0, size=32, cache=kmalloc-32 [ 50.941410] [ 50.941465] allocated by task 337 on cpu 0 at 50.940284s (0.001177s ago): [ 50.941539] test_alloc+0x29c/0x628 [ 50.941580] test_krealloc+0xc0/0x830 [ 50.941620] kunit_try_run_case+0x170/0x3f0 [ 50.941661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.941705] kthread+0x328/0x630 [ 50.941740] ret_from_fork+0x10/0x20 [ 50.941780] [ 50.941804] freed by task 337 on cpu 0 at 50.940513s (0.001287s ago): [ 50.941866] krealloc_noprof+0x148/0x360 [ 50.941906] test_krealloc+0x1dc/0x830 [ 50.941945] kunit_try_run_case+0x170/0x3f0 [ 50.941984] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.942029] kthread+0x328/0x630 [ 50.942063] ret_from_fork+0x10/0x20 [ 50.942102] [ 50.942174] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.942254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.942285] Hardware name: linux,dummy-virt (DT) [ 50.942321] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.850271] ================================================================== [ 50.850373] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.850373] [ 50.850475] Use-after-free read at 0x00000000d7fd5fbb (in kfence-#158): [ 50.850531] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.850583] kunit_try_run_case+0x170/0x3f0 [ 50.850627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.850673] kthread+0x328/0x630 [ 50.850712] ret_from_fork+0x10/0x20 [ 50.850751] [ 50.850776] kfence-#158: 0x00000000d7fd5fbb-0x00000000528413bb, size=32, cache=test [ 50.850776] [ 50.850829] allocated by task 335 on cpu 1 at 50.837886s (0.012939s ago): [ 50.850899] test_alloc+0x230/0x628 [ 50.850939] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.850981] kunit_try_run_case+0x170/0x3f0 [ 50.851021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.851062] kthread+0x328/0x630 [ 50.851099] ret_from_fork+0x10/0x20 [ 50.851150] [ 50.851173] freed by task 335 on cpu 1 at 50.838012s (0.013158s ago): [ 50.851230] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.851274] kunit_try_run_case+0x170/0x3f0 [ 50.851313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.851354] kthread+0x328/0x630 [ 50.851390] ret_from_fork+0x10/0x20 [ 50.851429] [ 50.851477] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.851557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.851587] Hardware name: linux,dummy-virt (DT) [ 50.851621] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.772426] ================================================================== [ 27.772583] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.772583] [ 27.772685] Invalid read at 0x000000003a7d500b: [ 27.772848] test_invalid_access+0xdc/0x1f0 [ 27.772912] kunit_try_run_case+0x170/0x3f0 [ 27.772966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.773055] kthread+0x328/0x630 [ 27.773145] ret_from_fork+0x10/0x20 [ 27.773217] [ 27.773271] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.773375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.773412] Hardware name: linux,dummy-virt (DT) [ 27.773451] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.536368] ================================================================== [ 27.536463] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.536463] [ 27.536530] Corrupted memory at 0x00000000bec8d943 [ ! . . . . . . . . . . . . . . . ] (in kfence-#153): [ 27.536840] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.536890] kunit_try_run_case+0x170/0x3f0 [ 27.536935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.536980] kthread+0x328/0x630 [ 27.537021] ret_from_fork+0x10/0x20 [ 27.537060] [ 27.537084] kfence-#153: 0x00000000234de302-0x000000002275fca9, size=73, cache=kmalloc-96 [ 27.537084] [ 27.537153] allocated by task 325 on cpu 0 at 27.536102s (0.001047s ago): [ 27.537217] test_alloc+0x29c/0x628 [ 27.537259] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.537302] kunit_try_run_case+0x170/0x3f0 [ 27.537341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.537384] kthread+0x328/0x630 [ 27.537421] ret_from_fork+0x10/0x20 [ 27.537459] [ 27.537482] freed by task 325 on cpu 0 at 27.536268s (0.001210s ago): [ 27.537547] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.537591] kunit_try_run_case+0x170/0x3f0 [ 27.537630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.537673] kthread+0x328/0x630 [ 27.537709] ret_from_fork+0x10/0x20 [ 27.537749] [ 27.537792] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.537871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.537902] Hardware name: linux,dummy-virt (DT) [ 27.537936] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.432297] ================================================================== [ 27.432399] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.432399] [ 27.432509] Out-of-bounds read at 0x0000000089f25eb5 (105B right of kfence-#152): [ 27.432571] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.432622] kunit_try_run_case+0x170/0x3f0 [ 27.432668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.432712] kthread+0x328/0x630 [ 27.432753] ret_from_fork+0x10/0x20 [ 27.432795] [ 27.432819] kfence-#152: 0x0000000019ab6fca-0x00000000cf760768, size=73, cache=kmalloc-96 [ 27.432819] [ 27.432873] allocated by task 323 on cpu 0 at 27.432024s (0.000845s ago): [ 27.432946] test_alloc+0x29c/0x628 [ 27.432986] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.433029] kunit_try_run_case+0x170/0x3f0 [ 27.433068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.433111] kthread+0x328/0x630 [ 27.433158] ret_from_fork+0x10/0x20 [ 27.433197] [ 27.433247] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 27.433330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.433358] Hardware name: linux,dummy-virt (DT) [ 27.433393] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.436467] ================================================================== [ 22.436561] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.436561] [ 22.436621] Corrupted memory at 0x00000000f83c2a2f [ ! ] (in kfence-#104): [ 22.436752] test_corruption+0x284/0x378 [ 22.436801] kunit_try_run_case+0x170/0x3f0 [ 22.436844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.436888] kthread+0x328/0x630 [ 22.436925] ret_from_fork+0x10/0x20 [ 22.436967] [ 22.436990] kfence-#104: 0x00000000d38f4968-0x00000000e4ecd08c, size=32, cache=kmalloc-32 [ 22.436990] [ 22.437046] allocated by task 311 on cpu 1 at 22.436178s (0.000865s ago): [ 22.437109] test_alloc+0x29c/0x628 [ 22.437163] test_corruption+0x198/0x378 [ 22.437205] kunit_try_run_case+0x170/0x3f0 [ 22.437242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.437285] kthread+0x328/0x630 [ 22.437321] ret_from_fork+0x10/0x20 [ 22.437359] [ 22.437382] freed by task 311 on cpu 1 at 22.436292s (0.001087s ago): [ 22.437442] test_corruption+0x284/0x378 [ 22.437483] kunit_try_run_case+0x170/0x3f0 [ 22.437529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.437570] kthread+0x328/0x630 [ 22.437606] ret_from_fork+0x10/0x20 [ 22.437644] [ 22.437685] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.437761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.437789] Hardware name: linux,dummy-virt (DT) [ 22.437823] ================================================================== [ 22.332466] ================================================================== [ 22.332581] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.332581] [ 22.332650] Corrupted memory at 0x000000002558b43a [ ! . . . . . . . . . . . . . . . ] (in kfence-#103): [ 22.333762] test_corruption+0x278/0x378 [ 22.333818] kunit_try_run_case+0x170/0x3f0 [ 22.333865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.333908] kthread+0x328/0x630 [ 22.333949] ret_from_fork+0x10/0x20 [ 22.333990] [ 22.334014] kfence-#103: 0x00000000c1552790-0x00000000d0ea5d58, size=32, cache=kmalloc-32 [ 22.334014] [ 22.334075] allocated by task 311 on cpu 1 at 22.332163s (0.001908s ago): [ 22.334150] test_alloc+0x29c/0x628 [ 22.334191] test_corruption+0xdc/0x378 [ 22.334231] kunit_try_run_case+0x170/0x3f0 [ 22.334271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.334314] kthread+0x328/0x630 [ 22.334350] ret_from_fork+0x10/0x20 [ 22.334390] [ 22.334413] freed by task 311 on cpu 1 at 22.332278s (0.002131s ago): [ 22.334476] test_corruption+0x278/0x378 [ 22.334517] kunit_try_run_case+0x170/0x3f0 [ 22.334557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.334600] kthread+0x328/0x630 [ 22.334636] ret_from_fork+0x10/0x20 [ 22.334676] [ 22.334725] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.334805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.334835] Hardware name: linux,dummy-virt (DT) [ 22.334870] ================================================================== [ 22.748340] ================================================================== [ 22.748433] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.748433] [ 22.748495] Corrupted memory at 0x00000000d869b97b [ ! ] (in kfence-#107): [ 22.748610] test_corruption+0x1d8/0x378 [ 22.748659] kunit_try_run_case+0x170/0x3f0 [ 22.748701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.748745] kthread+0x328/0x630 [ 22.748784] ret_from_fork+0x10/0x20 [ 22.748823] [ 22.748846] kfence-#107: 0x00000000c178b0a4-0x00000000f60e5792, size=32, cache=test [ 22.748846] [ 22.748900] allocated by task 313 on cpu 1 at 22.748168s (0.000728s ago): [ 22.748963] test_alloc+0x230/0x628 [ 22.749001] test_corruption+0x198/0x378 [ 22.749042] kunit_try_run_case+0x170/0x3f0 [ 22.749080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.749136] kthread+0x328/0x630 [ 22.749171] ret_from_fork+0x10/0x20 [ 22.749211] [ 22.749234] freed by task 313 on cpu 1 at 22.748247s (0.000984s ago): [ 22.749294] test_corruption+0x1d8/0x378 [ 22.749333] kunit_try_run_case+0x170/0x3f0 [ 22.749372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.749415] kthread+0x328/0x630 [ 22.749451] ret_from_fork+0x10/0x20 [ 22.749489] [ 22.749534] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.749611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.749641] Hardware name: linux,dummy-virt (DT) [ 22.749675] ================================================================== [ 22.644299] ================================================================== [ 22.644406] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.644406] [ 22.644471] Corrupted memory at 0x00000000ae7ffa92 [ ! . . . . . . . . . . . . . . . ] (in kfence-#106): [ 22.644781] test_corruption+0x120/0x378 [ 22.644829] kunit_try_run_case+0x170/0x3f0 [ 22.644874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.644919] kthread+0x328/0x630 [ 22.644958] ret_from_fork+0x10/0x20 [ 22.644999] [ 22.645023] kfence-#106: 0x00000000a5efed03-0x000000007bbf17a3, size=32, cache=test [ 22.645023] [ 22.645079] allocated by task 313 on cpu 1 at 22.644142s (0.000933s ago): [ 22.645154] test_alloc+0x230/0x628 [ 22.645195] test_corruption+0xdc/0x378 [ 22.645235] kunit_try_run_case+0x170/0x3f0 [ 22.645275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.645320] kthread+0x328/0x630 [ 22.645354] ret_from_fork+0x10/0x20 [ 22.645394] [ 22.645419] freed by task 313 on cpu 1 at 22.644207s (0.001208s ago): [ 22.645479] test_corruption+0x120/0x378 [ 22.645523] kunit_try_run_case+0x170/0x3f0 [ 22.645562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.645606] kthread+0x328/0x630 [ 22.645641] ret_from_fork+0x10/0x20 [ 22.645679] [ 22.645722] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.645800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.645830] Hardware name: linux,dummy-virt (DT) [ 22.645864] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.020353] ================================================================== [ 22.020451] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.020451] [ 22.020514] Invalid free of 0x000000000d5fe8e8 (in kfence-#100): [ 22.020567] test_invalid_addr_free+0xec/0x238 [ 22.020616] kunit_try_run_case+0x170/0x3f0 [ 22.020660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.020704] kthread+0x328/0x630 [ 22.020743] ret_from_fork+0x10/0x20 [ 22.020784] [ 22.020808] kfence-#100: 0x00000000a818be61-0x00000000ca1a1cea, size=32, cache=test [ 22.020808] [ 22.020863] allocated by task 309 on cpu 0 at 22.020217s (0.000642s ago): [ 22.020924] test_alloc+0x230/0x628 [ 22.020966] test_invalid_addr_free+0xd4/0x238 [ 22.021006] kunit_try_run_case+0x170/0x3f0 [ 22.021046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.021090] kthread+0x328/0x630 [ 22.021140] ret_from_fork+0x10/0x20 [ 22.021182] [ 22.021227] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.021309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.021336] Hardware name: linux,dummy-virt (DT) [ 22.021371] ================================================================== [ 21.916330] ================================================================== [ 21.916424] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.916424] [ 21.916488] Invalid free of 0x000000006532ea9e (in kfence-#99): [ 21.916543] test_invalid_addr_free+0x1ac/0x238 [ 21.916591] kunit_try_run_case+0x170/0x3f0 [ 21.916637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.916681] kthread+0x328/0x630 [ 21.916722] ret_from_fork+0x10/0x20 [ 21.916764] [ 21.916789] kfence-#99: 0x00000000300c3cff-0x00000000efe7d755, size=32, cache=kmalloc-32 [ 21.916789] [ 21.916845] allocated by task 307 on cpu 0 at 21.916176s (0.000665s ago): [ 21.916909] test_alloc+0x29c/0x628 [ 21.916949] test_invalid_addr_free+0xd4/0x238 [ 21.916991] kunit_try_run_case+0x170/0x3f0 [ 21.917032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.917075] kthread+0x328/0x630 [ 21.917110] ret_from_fork+0x10/0x20 [ 21.917163] [ 21.917211] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.917292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.917321] Hardware name: linux,dummy-virt (DT) [ 21.917356] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.812293] ================================================================== [ 21.812391] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.812391] [ 21.812455] Invalid free of 0x0000000007108442 (in kfence-#98): [ 21.812508] test_double_free+0x100/0x238 [ 21.812555] kunit_try_run_case+0x170/0x3f0 [ 21.812601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.812644] kthread+0x328/0x630 [ 21.812683] ret_from_fork+0x10/0x20 [ 21.812723] [ 21.812749] kfence-#98: 0x0000000007108442-0x00000000b00cf1e8, size=32, cache=test [ 21.812749] [ 21.812802] allocated by task 305 on cpu 0 at 21.812057s (0.000741s ago): [ 21.812866] test_alloc+0x230/0x628 [ 21.812905] test_double_free+0xd4/0x238 [ 21.812946] kunit_try_run_case+0x170/0x3f0 [ 21.812986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.813029] kthread+0x328/0x630 [ 21.813064] ret_from_fork+0x10/0x20 [ 21.813101] [ 21.813142] freed by task 305 on cpu 0 at 21.812139s (0.000999s ago): [ 21.813207] test_double_free+0xf0/0x238 [ 21.813246] kunit_try_run_case+0x170/0x3f0 [ 21.813286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.813329] kthread+0x328/0x630 [ 21.813363] ret_from_fork+0x10/0x20 [ 21.813403] [ 21.813448] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.813531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.813561] Hardware name: linux,dummy-virt (DT) [ 21.813596] ================================================================== [ 21.708465] ================================================================== [ 21.708586] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.708586] [ 21.708657] Invalid free of 0x00000000ae8d2d1d (in kfence-#97): [ 21.708721] test_double_free+0x1bc/0x238 [ 21.708768] kunit_try_run_case+0x170/0x3f0 [ 21.708815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.708857] kthread+0x328/0x630 [ 21.708897] ret_from_fork+0x10/0x20 [ 21.708937] [ 21.708961] kfence-#97: 0x00000000ae8d2d1d-0x0000000052c75f31, size=32, cache=kmalloc-32 [ 21.708961] [ 21.709017] allocated by task 303 on cpu 0 at 21.708169s (0.000845s ago): [ 21.709079] test_alloc+0x29c/0x628 [ 21.709136] test_double_free+0xd4/0x238 [ 21.709176] kunit_try_run_case+0x170/0x3f0 [ 21.709215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.709260] kthread+0x328/0x630 [ 21.709296] ret_from_fork+0x10/0x20 [ 21.709338] [ 21.709361] freed by task 303 on cpu 0 at 21.708249s (0.001108s ago): [ 21.709423] test_double_free+0x1ac/0x238 [ 21.709464] kunit_try_run_case+0x170/0x3f0 [ 21.709503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.709551] kthread+0x328/0x630 [ 21.709587] ret_from_fork+0x10/0x20 [ 21.709627] [ 21.709673] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.709754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.709784] Hardware name: linux,dummy-virt (DT) [ 21.709819] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.293683] ================================================================== [ 21.293969] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.293969] [ 21.294212] Use-after-free read at 0x000000007e6fe073 (in kfence-#93): [ 21.294309] test_use_after_free_read+0x114/0x248 [ 21.294362] kunit_try_run_case+0x170/0x3f0 [ 21.294464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.294551] kthread+0x328/0x630 [ 21.294616] ret_from_fork+0x10/0x20 [ 21.294659] [ 21.294683] kfence-#93: 0x000000007e6fe073-0x000000001e6f4785, size=32, cache=kmalloc-32 [ 21.294683] [ 21.294735] allocated by task 295 on cpu 0 at 21.293213s (0.001519s ago): [ 21.295036] test_alloc+0x29c/0x628 [ 21.295092] test_use_after_free_read+0xd0/0x248 [ 21.295147] kunit_try_run_case+0x170/0x3f0 [ 21.295335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.295380] kthread+0x328/0x630 [ 21.295414] ret_from_fork+0x10/0x20 [ 21.295651] [ 21.296387] freed by task 295 on cpu 0 at 21.293355s (0.002643s ago): [ 21.296750] test_use_after_free_read+0x1c0/0x248 [ 21.296797] kunit_try_run_case+0x170/0x3f0 [ 21.296860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.297211] kthread+0x328/0x630 [ 21.297573] ret_from_fork+0x10/0x20 [ 21.297714] [ 21.297929] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.298099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.298199] Hardware name: linux,dummy-virt (DT) [ 21.298234] ================================================================== [ 21.401281] ================================================================== [ 21.401361] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.401361] [ 21.401447] Use-after-free read at 0x00000000ea0486a0 (in kfence-#94): [ 21.401501] test_use_after_free_read+0x114/0x248 [ 21.401560] kunit_try_run_case+0x170/0x3f0 [ 21.401603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.401647] kthread+0x328/0x630 [ 21.401688] ret_from_fork+0x10/0x20 [ 21.401729] [ 21.401754] kfence-#94: 0x00000000ea0486a0-0x000000008a6dc20d, size=32, cache=test [ 21.401754] [ 21.403166] allocated by task 297 on cpu 0 at 21.400454s (0.002703s ago): [ 21.403255] test_alloc+0x230/0x628 [ 21.403298] test_use_after_free_read+0xd0/0x248 [ 21.403390] kunit_try_run_case+0x170/0x3f0 [ 21.403571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.404170] kthread+0x328/0x630 [ 21.404275] ret_from_fork+0x10/0x20 [ 21.404737] [ 21.404813] freed by task 297 on cpu 0 at 21.400937s (0.003835s ago): [ 21.405240] test_use_after_free_read+0xf0/0x248 [ 21.405291] kunit_try_run_case+0x170/0x3f0 [ 21.405332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.405376] kthread+0x328/0x630 [ 21.405412] ret_from_fork+0x10/0x20 [ 21.405840] [ 21.406745] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.407011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.407436] Hardware name: linux,dummy-virt (DT) [ 21.407567] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.184748] ================================================================== [ 21.184844] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.184844] [ 21.184932] Out-of-bounds write at 0x00000000e3610671 (1B left of kfence-#92): [ 21.184989] test_out_of_bounds_write+0x100/0x240 [ 21.185040] kunit_try_run_case+0x170/0x3f0 [ 21.185087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.185146] kthread+0x328/0x630 [ 21.185188] ret_from_fork+0x10/0x20 [ 21.185245] [ 21.185269] kfence-#92: 0x00000000683c64ec-0x00000000d2232868, size=32, cache=test [ 21.185269] [ 21.185327] allocated by task 293 on cpu 0 at 21.184613s (0.000710s ago): [ 21.185407] test_alloc+0x230/0x628 [ 21.185449] test_out_of_bounds_write+0xc8/0x240 [ 21.185490] kunit_try_run_case+0x170/0x3f0 [ 21.185544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.185589] kthread+0x328/0x630 [ 21.185631] ret_from_fork+0x10/0x20 [ 21.185677] [ 21.185725] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.185808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.185848] Hardware name: linux,dummy-virt (DT) [ 21.185885] ================================================================== [ 20.870139] ================================================================== [ 20.870233] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.870233] [ 20.870548] Out-of-bounds write at 0x00000000f1afe0d0 (1B left of kfence-#89): [ 20.870692] test_out_of_bounds_write+0x100/0x240 [ 20.870765] kunit_try_run_case+0x170/0x3f0 [ 20.870851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.871214] kthread+0x328/0x630 [ 20.871302] ret_from_fork+0x10/0x20 [ 20.871348] [ 20.871373] kfence-#89: 0x000000000feb966a-0x0000000086bd7ab5, size=32, cache=kmalloc-32 [ 20.871373] [ 20.871525] allocated by task 291 on cpu 0 at 20.869404s (0.002060s ago): [ 20.871839] test_alloc+0x29c/0x628 [ 20.871992] test_out_of_bounds_write+0xc8/0x240 [ 20.872086] kunit_try_run_case+0x170/0x3f0 [ 20.872488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.872567] kthread+0x328/0x630 [ 20.872628] ret_from_fork+0x10/0x20 [ 20.872675] [ 20.872739] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.872822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.872851] Hardware name: linux,dummy-virt (DT) [ 20.872894] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.234733] ================================================================== [ 20.234879] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.234879] [ 20.235017] Out-of-bounds read at 0x00000000c305fe78 (1B left of kfence-#83): [ 20.235260] test_out_of_bounds_read+0x114/0x3e0 [ 20.235315] kunit_try_run_case+0x170/0x3f0 [ 20.235362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.235406] kthread+0x328/0x630 [ 20.235448] ret_from_fork+0x10/0x20 [ 20.235522] [ 20.236377] kfence-#83: 0x0000000093d59fe9-0x00000000ca9386fd, size=32, cache=kmalloc-32 [ 20.236377] [ 20.237324] allocated by task 287 on cpu 0 at 20.233481s (0.003676s ago): [ 20.239477] test_alloc+0x29c/0x628 [ 20.239638] test_out_of_bounds_read+0xdc/0x3e0 [ 20.239691] kunit_try_run_case+0x170/0x3f0 [ 20.239732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.239775] kthread+0x328/0x630 [ 20.239811] ret_from_fork+0x10/0x20 [ 20.240597] [ 20.241032] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.241240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.241329] Hardware name: linux,dummy-virt (DT) [ 20.241642] ================================================================== [ 20.444878] ================================================================== [ 20.445072] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.445072] [ 20.445266] Out-of-bounds read at 0x0000000023b36285 (32B right of kfence-#85): [ 20.445328] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.445378] kunit_try_run_case+0x170/0x3f0 [ 20.445540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.445725] kthread+0x328/0x630 [ 20.445801] ret_from_fork+0x10/0x20 [ 20.445902] [ 20.445934] kfence-#85: 0x00000000f6ca56a0-0x0000000022365920, size=32, cache=kmalloc-32 [ 20.445934] [ 20.445998] allocated by task 287 on cpu 0 at 20.444561s (0.001422s ago): [ 20.446069] test_alloc+0x29c/0x628 [ 20.446110] test_out_of_bounds_read+0x198/0x3e0 [ 20.446165] kunit_try_run_case+0x170/0x3f0 [ 20.446205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.446249] kthread+0x328/0x630 [ 20.446285] ret_from_fork+0x10/0x20 [ 20.446325] [ 20.446379] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.446461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.446500] Hardware name: linux,dummy-virt (DT) [ 20.446534] ================================================================== [ 20.656910] ================================================================== [ 20.656990] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.656990] [ 20.657071] Out-of-bounds read at 0x0000000083f0a4ab (1B left of kfence-#87): [ 20.657142] test_out_of_bounds_read+0x114/0x3e0 [ 20.657190] kunit_try_run_case+0x170/0x3f0 [ 20.657234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.657387] kthread+0x328/0x630 [ 20.657443] ret_from_fork+0x10/0x20 [ 20.657483] [ 20.657509] kfence-#87: 0x00000000d97d08e8-0x000000004a2f5006, size=32, cache=test [ 20.657509] [ 20.657570] allocated by task 289 on cpu 0 at 20.656817s (0.000749s ago): [ 20.657736] test_alloc+0x230/0x628 [ 20.657781] test_out_of_bounds_read+0xdc/0x3e0 [ 20.657824] kunit_try_run_case+0x170/0x3f0 [ 20.657869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.657912] kthread+0x328/0x630 [ 20.657957] ret_from_fork+0x10/0x20 [ 20.657996] [ 20.658049] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.658153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.658192] Hardware name: linux,dummy-virt (DT) [ 20.658233] ================================================================== [ 20.765742] ================================================================== [ 20.766082] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.766082] [ 20.766181] Out-of-bounds read at 0x0000000053fab272 (32B right of kfence-#88): [ 20.766305] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.766380] kunit_try_run_case+0x170/0x3f0 [ 20.766515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.766805] kthread+0x328/0x630 [ 20.766924] ret_from_fork+0x10/0x20 [ 20.767000] [ 20.767026] kfence-#88: 0x00000000fdddf76a-0x00000000d56ee74c, size=32, cache=test [ 20.767026] [ 20.767194] allocated by task 289 on cpu 0 at 20.765650s (0.001492s ago): [ 20.767393] test_alloc+0x230/0x628 [ 20.767496] test_out_of_bounds_read+0x198/0x3e0 [ 20.767542] kunit_try_run_case+0x170/0x3f0 [ 20.767583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.767628] kthread+0x328/0x630 [ 20.768417] ret_from_fork+0x10/0x20 [ 20.768474] [ 20.768521] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.768603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.769352] Hardware name: linux,dummy-virt (DT) [ 20.769418] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.709319] ================================================================== [ 19.710106] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.710315] Write of size 1 at addr fff00000c76aff78 by task kunit_try_catch/285 [ 19.710638] [ 19.710776] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.710866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.710893] Hardware name: linux,dummy-virt (DT) [ 19.710929] Call trace: [ 19.711180] show_stack+0x20/0x38 (C) [ 19.711248] dump_stack_lvl+0x8c/0xd0 [ 19.711300] print_report+0x118/0x608 [ 19.711715] kasan_report+0xdc/0x128 [ 19.711772] __asan_report_store1_noabort+0x20/0x30 [ 19.711824] strncpy_from_user+0x270/0x2a0 [ 19.712321] copy_user_test_oob+0x5c0/0xec8 [ 19.712513] kunit_try_run_case+0x170/0x3f0 [ 19.712713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.713042] kthread+0x328/0x630 [ 19.713393] ret_from_fork+0x10/0x20 [ 19.713459] [ 19.713788] Allocated by task 285: [ 19.713919] kasan_save_stack+0x3c/0x68 [ 19.714040] kasan_save_track+0x20/0x40 [ 19.714081] kasan_save_alloc_info+0x40/0x58 [ 19.714134] __kasan_kmalloc+0xd4/0xd8 [ 19.714172] __kmalloc_noprof+0x198/0x4c8 [ 19.714212] kunit_kmalloc_array+0x34/0x88 [ 19.714251] copy_user_test_oob+0xac/0xec8 [ 19.714291] kunit_try_run_case+0x170/0x3f0 [ 19.714330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714376] kthread+0x328/0x630 [ 19.714699] ret_from_fork+0x10/0x20 [ 19.714750] [ 19.715480] The buggy address belongs to the object at fff00000c76aff00 [ 19.715480] which belongs to the cache kmalloc-128 of size 128 [ 19.715676] The buggy address is located 0 bytes to the right of [ 19.715676] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.715743] [ 19.716181] The buggy address belongs to the physical page: [ 19.716231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.716676] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.716741] page_type: f5(slab) [ 19.717188] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.717263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.717307] page dumped because: kasan: bad access detected [ 19.717343] [ 19.717363] Memory state around the buggy address: [ 19.717581] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.717855] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717942] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.718062] ^ [ 19.718337] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.718404] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.718678] ================================================================== [ 19.697270] ================================================================== [ 19.697325] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.697386] Write of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.697438] [ 19.697472] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.698062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.698107] Hardware name: linux,dummy-virt (DT) [ 19.698152] Call trace: [ 19.698178] show_stack+0x20/0x38 (C) [ 19.698933] dump_stack_lvl+0x8c/0xd0 [ 19.698987] print_report+0x118/0x608 [ 19.699384] kasan_report+0xdc/0x128 [ 19.699844] kasan_check_range+0x100/0x1a8 [ 19.699899] __kasan_check_write+0x20/0x30 [ 19.699974] strncpy_from_user+0x3c/0x2a0 [ 19.700278] copy_user_test_oob+0x5c0/0xec8 [ 19.700875] kunit_try_run_case+0x170/0x3f0 [ 19.701182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701250] kthread+0x328/0x630 [ 19.701296] ret_from_fork+0x10/0x20 [ 19.701382] [ 19.701422] Allocated by task 285: [ 19.701832] kasan_save_stack+0x3c/0x68 [ 19.702180] kasan_save_track+0x20/0x40 [ 19.702228] kasan_save_alloc_info+0x40/0x58 [ 19.702268] __kasan_kmalloc+0xd4/0xd8 [ 19.702308] __kmalloc_noprof+0x198/0x4c8 [ 19.702349] kunit_kmalloc_array+0x34/0x88 [ 19.703003] copy_user_test_oob+0xac/0xec8 [ 19.703053] kunit_try_run_case+0x170/0x3f0 [ 19.703092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703152] kthread+0x328/0x630 [ 19.703186] ret_from_fork+0x10/0x20 [ 19.703227] [ 19.703745] The buggy address belongs to the object at fff00000c76aff00 [ 19.703745] which belongs to the cache kmalloc-128 of size 128 [ 19.704111] The buggy address is located 0 bytes inside of [ 19.704111] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.704188] [ 19.704318] The buggy address belongs to the physical page: [ 19.704357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.704414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.704503] page_type: f5(slab) [ 19.704544] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.704896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.704942] page dumped because: kasan: bad access detected [ 19.704976] [ 19.704995] Memory state around the buggy address: [ 19.705504] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.705564] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705611] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.705680] ^ [ 19.705932] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705981] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.706288] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.687492] ================================================================== [ 19.687546] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.687812] Read of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.687969] [ 19.688003] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.688086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.688136] Hardware name: linux,dummy-virt (DT) [ 19.688169] Call trace: [ 19.688400] show_stack+0x20/0x38 (C) [ 19.688582] dump_stack_lvl+0x8c/0xd0 [ 19.688631] print_report+0x118/0x608 [ 19.688749] kasan_report+0xdc/0x128 [ 19.688796] kasan_check_range+0x100/0x1a8 [ 19.688847] __kasan_check_read+0x20/0x30 [ 19.688891] copy_user_test_oob+0x4a0/0xec8 [ 19.688940] kunit_try_run_case+0x170/0x3f0 [ 19.689204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.689284] kthread+0x328/0x630 [ 19.689330] ret_from_fork+0x10/0x20 [ 19.689390] [ 19.689486] Allocated by task 285: [ 19.689901] kasan_save_stack+0x3c/0x68 [ 19.689960] kasan_save_track+0x20/0x40 [ 19.690126] kasan_save_alloc_info+0x40/0x58 [ 19.690170] __kasan_kmalloc+0xd4/0xd8 [ 19.690208] __kmalloc_noprof+0x198/0x4c8 [ 19.690249] kunit_kmalloc_array+0x34/0x88 [ 19.690287] copy_user_test_oob+0xac/0xec8 [ 19.690492] kunit_try_run_case+0x170/0x3f0 [ 19.690590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.690766] kthread+0x328/0x630 [ 19.690803] ret_from_fork+0x10/0x20 [ 19.690840] [ 19.690896] The buggy address belongs to the object at fff00000c76aff00 [ 19.690896] which belongs to the cache kmalloc-128 of size 128 [ 19.690960] The buggy address is located 0 bytes inside of [ 19.690960] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.691024] [ 19.691364] The buggy address belongs to the physical page: [ 19.691717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.691801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.691951] page_type: f5(slab) [ 19.691992] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.692045] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.692484] page dumped because: kasan: bad access detected [ 19.692527] [ 19.692547] Memory state around the buggy address: [ 19.692588] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.692895] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.693026] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.693101] ^ [ 19.693406] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.693618] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.693895] ================================================================== [ 19.674824] ================================================================== [ 19.674878] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.675201] Read of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.675466] [ 19.675629] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.675953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.676204] Hardware name: linux,dummy-virt (DT) [ 19.676242] Call trace: [ 19.676266] show_stack+0x20/0x38 (C) [ 19.676319] dump_stack_lvl+0x8c/0xd0 [ 19.676373] print_report+0x118/0x608 [ 19.676495] kasan_report+0xdc/0x128 [ 19.676808] kasan_check_range+0x100/0x1a8 [ 19.676861] __kasan_check_read+0x20/0x30 [ 19.676908] copy_user_test_oob+0x3c8/0xec8 [ 19.676957] kunit_try_run_case+0x170/0x3f0 [ 19.677338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.677432] kthread+0x328/0x630 [ 19.677477] ret_from_fork+0x10/0x20 [ 19.677536] [ 19.677781] Allocated by task 285: [ 19.677831] kasan_save_stack+0x3c/0x68 [ 19.677909] kasan_save_track+0x20/0x40 [ 19.677992] kasan_save_alloc_info+0x40/0x58 [ 19.678192] __kasan_kmalloc+0xd4/0xd8 [ 19.678233] __kmalloc_noprof+0x198/0x4c8 [ 19.678274] kunit_kmalloc_array+0x34/0x88 [ 19.678312] copy_user_test_oob+0xac/0xec8 [ 19.678352] kunit_try_run_case+0x170/0x3f0 [ 19.678393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.678440] kthread+0x328/0x630 [ 19.678485] ret_from_fork+0x10/0x20 [ 19.678522] [ 19.678617] The buggy address belongs to the object at fff00000c76aff00 [ 19.678617] which belongs to the cache kmalloc-128 of size 128 [ 19.679165] The buggy address is located 0 bytes inside of [ 19.679165] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.679400] [ 19.679431] The buggy address belongs to the physical page: [ 19.679610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.679710] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.679759] page_type: f5(slab) [ 19.679798] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.679886] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.680250] page dumped because: kasan: bad access detected [ 19.680290] [ 19.680421] Memory state around the buggy address: [ 19.680482] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.680529] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680574] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.680721] ^ [ 19.680770] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680818] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.680875] ================================================================== [ 19.638505] ================================================================== [ 19.638617] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.638710] Write of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.638766] [ 19.638815] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.638906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638936] Hardware name: linux,dummy-virt (DT) [ 19.638974] Call trace: [ 19.639000] show_stack+0x20/0x38 (C) [ 19.639056] dump_stack_lvl+0x8c/0xd0 [ 19.639110] print_report+0x118/0x608 [ 19.639184] kasan_report+0xdc/0x128 [ 19.639424] kasan_check_range+0x100/0x1a8 [ 19.639604] __kasan_check_write+0x20/0x30 [ 19.639896] copy_user_test_oob+0x234/0xec8 [ 19.639951] kunit_try_run_case+0x170/0x3f0 [ 19.640011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.640456] kthread+0x328/0x630 [ 19.640506] ret_from_fork+0x10/0x20 [ 19.640565] [ 19.640636] Allocated by task 285: [ 19.640744] kasan_save_stack+0x3c/0x68 [ 19.640791] kasan_save_track+0x20/0x40 [ 19.640832] kasan_save_alloc_info+0x40/0x58 [ 19.640873] __kasan_kmalloc+0xd4/0xd8 [ 19.640913] __kmalloc_noprof+0x198/0x4c8 [ 19.640991] kunit_kmalloc_array+0x34/0x88 [ 19.641050] copy_user_test_oob+0xac/0xec8 [ 19.641151] kunit_try_run_case+0x170/0x3f0 [ 19.641189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.641234] kthread+0x328/0x630 [ 19.641495] ret_from_fork+0x10/0x20 [ 19.641637] [ 19.641684] The buggy address belongs to the object at fff00000c76aff00 [ 19.641684] which belongs to the cache kmalloc-128 of size 128 [ 19.641748] The buggy address is located 0 bytes inside of [ 19.641748] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.642047] [ 19.642111] The buggy address belongs to the physical page: [ 19.642158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.642238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.642523] page_type: f5(slab) [ 19.642702] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.642792] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.642860] page dumped because: kasan: bad access detected [ 19.642957] [ 19.642977] Memory state around the buggy address: [ 19.643015] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.643326] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.643910] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.644213] ^ [ 19.644267] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.644338] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.644381] ================================================================== [ 19.681918] ================================================================== [ 19.681973] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.682023] Write of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.682076] [ 19.682204] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.682467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.682497] Hardware name: linux,dummy-virt (DT) [ 19.682528] Call trace: [ 19.682552] show_stack+0x20/0x38 (C) [ 19.683046] dump_stack_lvl+0x8c/0xd0 [ 19.683358] print_report+0x118/0x608 [ 19.683409] kasan_report+0xdc/0x128 [ 19.683481] kasan_check_range+0x100/0x1a8 [ 19.683749] __kasan_check_write+0x20/0x30 [ 19.683799] copy_user_test_oob+0x434/0xec8 [ 19.683851] kunit_try_run_case+0x170/0x3f0 [ 19.683898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.683952] kthread+0x328/0x630 [ 19.683994] ret_from_fork+0x10/0x20 [ 19.684044] [ 19.684065] Allocated by task 285: [ 19.684096] kasan_save_stack+0x3c/0x68 [ 19.684150] kasan_save_track+0x20/0x40 [ 19.684190] kasan_save_alloc_info+0x40/0x58 [ 19.684232] __kasan_kmalloc+0xd4/0xd8 [ 19.684272] __kmalloc_noprof+0x198/0x4c8 [ 19.684311] kunit_kmalloc_array+0x34/0x88 [ 19.684351] copy_user_test_oob+0xac/0xec8 [ 19.684391] kunit_try_run_case+0x170/0x3f0 [ 19.684750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.685015] kthread+0x328/0x630 [ 19.685111] ret_from_fork+0x10/0x20 [ 19.685163] [ 19.685194] The buggy address belongs to the object at fff00000c76aff00 [ 19.685194] which belongs to the cache kmalloc-128 of size 128 [ 19.685326] The buggy address is located 0 bytes inside of [ 19.685326] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.685471] [ 19.685529] The buggy address belongs to the physical page: [ 19.685562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.685613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.685662] page_type: f5(slab) [ 19.685726] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.685781] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.685948] page dumped because: kasan: bad access detected [ 19.686132] [ 19.686232] Memory state around the buggy address: [ 19.686357] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.686404] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686449] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.686490] ^ [ 19.686589] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686766] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.686809] ================================================================== [ 19.667938] ================================================================== [ 19.668000] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.668055] Write of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.668147] [ 19.668188] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.668817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.668849] Hardware name: linux,dummy-virt (DT) [ 19.668882] Call trace: [ 19.668908] show_stack+0x20/0x38 (C) [ 19.669073] dump_stack_lvl+0x8c/0xd0 [ 19.669137] print_report+0x118/0x608 [ 19.669234] kasan_report+0xdc/0x128 [ 19.669315] kasan_check_range+0x100/0x1a8 [ 19.669372] __kasan_check_write+0x20/0x30 [ 19.669566] copy_user_test_oob+0x35c/0xec8 [ 19.669615] kunit_try_run_case+0x170/0x3f0 [ 19.669708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.669763] kthread+0x328/0x630 [ 19.669812] ret_from_fork+0x10/0x20 [ 19.670048] [ 19.670069] Allocated by task 285: [ 19.670099] kasan_save_stack+0x3c/0x68 [ 19.670230] kasan_save_track+0x20/0x40 [ 19.670319] kasan_save_alloc_info+0x40/0x58 [ 19.670363] __kasan_kmalloc+0xd4/0xd8 [ 19.670402] __kmalloc_noprof+0x198/0x4c8 [ 19.670447] kunit_kmalloc_array+0x34/0x88 [ 19.670644] copy_user_test_oob+0xac/0xec8 [ 19.670737] kunit_try_run_case+0x170/0x3f0 [ 19.670810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.670860] kthread+0x328/0x630 [ 19.670989] ret_from_fork+0x10/0x20 [ 19.671050] [ 19.671072] The buggy address belongs to the object at fff00000c76aff00 [ 19.671072] which belongs to the cache kmalloc-128 of size 128 [ 19.671513] The buggy address is located 0 bytes inside of [ 19.671513] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.671640] [ 19.671671] The buggy address belongs to the physical page: [ 19.671705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.671769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.672381] page_type: f5(slab) [ 19.672754] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.672822] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.672866] page dumped because: kasan: bad access detected [ 19.672901] [ 19.672934] Memory state around the buggy address: [ 19.672970] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.673293] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.673346] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.673387] ^ [ 19.673431] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.673679] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.673762] ================================================================== [ 19.655088] ================================================================== [ 19.655452] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.655589] Read of size 121 at addr fff00000c76aff00 by task kunit_try_catch/285 [ 19.655731] [ 19.655809] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.656296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.656395] Hardware name: linux,dummy-virt (DT) [ 19.656490] Call trace: [ 19.656516] show_stack+0x20/0x38 (C) [ 19.656609] dump_stack_lvl+0x8c/0xd0 [ 19.656663] print_report+0x118/0x608 [ 19.656866] kasan_report+0xdc/0x128 [ 19.656932] kasan_check_range+0x100/0x1a8 [ 19.656981] __kasan_check_read+0x20/0x30 [ 19.657028] copy_user_test_oob+0x728/0xec8 [ 19.657075] kunit_try_run_case+0x170/0x3f0 [ 19.657136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.657192] kthread+0x328/0x630 [ 19.657234] ret_from_fork+0x10/0x20 [ 19.657285] [ 19.657317] Allocated by task 285: [ 19.657349] kasan_save_stack+0x3c/0x68 [ 19.657569] kasan_save_track+0x20/0x40 [ 19.657651] kasan_save_alloc_info+0x40/0x58 [ 19.657920] __kasan_kmalloc+0xd4/0xd8 [ 19.658047] __kmalloc_noprof+0x198/0x4c8 [ 19.658219] kunit_kmalloc_array+0x34/0x88 [ 19.658258] copy_user_test_oob+0xac/0xec8 [ 19.658442] kunit_try_run_case+0x170/0x3f0 [ 19.658626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658671] kthread+0x328/0x630 [ 19.658708] ret_from_fork+0x10/0x20 [ 19.658746] [ 19.658769] The buggy address belongs to the object at fff00000c76aff00 [ 19.658769] which belongs to the cache kmalloc-128 of size 128 [ 19.658831] The buggy address is located 0 bytes inside of [ 19.658831] allocated 120-byte region [fff00000c76aff00, fff00000c76aff78) [ 19.658895] [ 19.658949] The buggy address belongs to the physical page: [ 19.658991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.659429] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.659799] page_type: f5(slab) [ 19.660029] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.660148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.660202] page dumped because: kasan: bad access detected [ 19.660331] [ 19.660351] Memory state around the buggy address: [ 19.660387] fff00000c76afe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.660433] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660478] >fff00000c76aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.660545] ^ [ 19.660626] fff00000c76aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660674] fff00000c76b0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.660716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.601973] ================================================================== [ 19.602143] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.602484] Read of size 8 at addr fff00000c76afe78 by task kunit_try_catch/281 [ 19.602561] [ 19.602605] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.603050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.603214] Hardware name: linux,dummy-virt (DT) [ 19.603252] Call trace: [ 19.603287] show_stack+0x20/0x38 (C) [ 19.603427] dump_stack_lvl+0x8c/0xd0 [ 19.603541] print_report+0x118/0x608 [ 19.603653] kasan_report+0xdc/0x128 [ 19.603700] __asan_report_load8_noabort+0x20/0x30 [ 19.603759] copy_to_kernel_nofault+0x204/0x250 [ 19.604009] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.604348] kunit_try_run_case+0x170/0x3f0 [ 19.604631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.604896] kthread+0x328/0x630 [ 19.604985] ret_from_fork+0x10/0x20 [ 19.605039] [ 19.605061] Allocated by task 281: [ 19.605094] kasan_save_stack+0x3c/0x68 [ 19.605237] kasan_save_track+0x20/0x40 [ 19.605446] kasan_save_alloc_info+0x40/0x58 [ 19.605489] __kasan_kmalloc+0xd4/0xd8 [ 19.605547] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.605693] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.605736] kunit_try_run_case+0x170/0x3f0 [ 19.605777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.605823] kthread+0x328/0x630 [ 19.606110] ret_from_fork+0x10/0x20 [ 19.606250] [ 19.606302] The buggy address belongs to the object at fff00000c76afe00 [ 19.606302] which belongs to the cache kmalloc-128 of size 128 [ 19.606422] The buggy address is located 0 bytes to the right of [ 19.606422] allocated 120-byte region [fff00000c76afe00, fff00000c76afe78) [ 19.606488] [ 19.606512] The buggy address belongs to the physical page: [ 19.606558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.606699] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.606981] page_type: f5(slab) [ 19.607063] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.607369] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.607439] page dumped because: kasan: bad access detected [ 19.607472] [ 19.607492] Memory state around the buggy address: [ 19.607528] fff00000c76afd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.607575] fff00000c76afd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.607621] >fff00000c76afe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.607671] ^ [ 19.607772] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608221] fff00000c76aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608339] ================================================================== [ 19.609504] ================================================================== [ 19.609809] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.610134] Write of size 8 at addr fff00000c76afe78 by task kunit_try_catch/281 [ 19.610523] [ 19.610647] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.610734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.610763] Hardware name: linux,dummy-virt (DT) [ 19.610808] Call trace: [ 19.610893] show_stack+0x20/0x38 (C) [ 19.610949] dump_stack_lvl+0x8c/0xd0 [ 19.611002] print_report+0x118/0x608 [ 19.611049] kasan_report+0xdc/0x128 [ 19.611096] kasan_check_range+0x100/0x1a8 [ 19.611158] __kasan_check_write+0x20/0x30 [ 19.611203] copy_to_kernel_nofault+0x8c/0x250 [ 19.611252] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.611304] kunit_try_run_case+0x170/0x3f0 [ 19.611361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.611416] kthread+0x328/0x630 [ 19.611550] ret_from_fork+0x10/0x20 [ 19.611738] [ 19.611759] Allocated by task 281: [ 19.611793] kasan_save_stack+0x3c/0x68 [ 19.612461] kasan_save_track+0x20/0x40 [ 19.612525] kasan_save_alloc_info+0x40/0x58 [ 19.612588] __kasan_kmalloc+0xd4/0xd8 [ 19.612740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.612782] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.612824] kunit_try_run_case+0x170/0x3f0 [ 19.612883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.613094] kthread+0x328/0x630 [ 19.613168] ret_from_fork+0x10/0x20 [ 19.613238] [ 19.613345] The buggy address belongs to the object at fff00000c76afe00 [ 19.613345] which belongs to the cache kmalloc-128 of size 128 [ 19.613481] The buggy address is located 0 bytes to the right of [ 19.613481] allocated 120-byte region [fff00000c76afe00, fff00000c76afe78) [ 19.613646] [ 19.613670] The buggy address belongs to the physical page: [ 19.613741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 19.613884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.613949] page_type: f5(slab) [ 19.613988] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.614720] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.614944] page dumped because: kasan: bad access detected [ 19.614982] [ 19.615175] Memory state around the buggy address: [ 19.615225] fff00000c76afd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.615442] fff00000c76afd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.615496] >fff00000c76afe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.615538] ^ [ 19.615595] fff00000c76afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.615941] fff00000c76aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.616040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.548029] ================================================================== [ 19.548105] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.549129] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.549370] [ 19.549421] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.549640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.549670] Hardware name: linux,dummy-virt (DT) [ 19.549707] Call trace: [ 19.549733] show_stack+0x20/0x38 (C) [ 19.550175] dump_stack_lvl+0x8c/0xd0 [ 19.550664] print_report+0x310/0x608 [ 19.550837] kasan_report+0xdc/0x128 [ 19.550884] __asan_report_load1_noabort+0x20/0x30 [ 19.550937] vmalloc_oob+0x578/0x5d0 [ 19.551035] kunit_try_run_case+0x170/0x3f0 [ 19.551701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.551778] kthread+0x328/0x630 [ 19.551824] ret_from_fork+0x10/0x20 [ 19.551883] [ 19.551917] The buggy address belongs to the virtual mapping at [ 19.551917] [ffff8000800fe000, ffff800080100000) created by: [ 19.551917] vmalloc_oob+0x98/0x5d0 [ 19.552072] [ 19.552097] The buggy address belongs to the physical page: [ 19.552166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769e [ 19.552350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.552621] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.552794] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.552936] page dumped because: kasan: bad access detected [ 19.552972] [ 19.553447] Memory state around the buggy address: [ 19.553630] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.553765] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.553962] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.554329] ^ [ 19.554378] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.554597] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.554855] ================================================================== [ 19.556164] ================================================================== [ 19.556463] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.556631] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.556682] [ 19.556721] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.557344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.557377] Hardware name: linux,dummy-virt (DT) [ 19.557412] Call trace: [ 19.557437] show_stack+0x20/0x38 (C) [ 19.557488] dump_stack_lvl+0x8c/0xd0 [ 19.557553] print_report+0x310/0x608 [ 19.557778] kasan_report+0xdc/0x128 [ 19.558007] __asan_report_load1_noabort+0x20/0x30 [ 19.558154] vmalloc_oob+0x51c/0x5d0 [ 19.558198] kunit_try_run_case+0x170/0x3f0 [ 19.558304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.558775] kthread+0x328/0x630 [ 19.558899] ret_from_fork+0x10/0x20 [ 19.558951] [ 19.558980] The buggy address belongs to the virtual mapping at [ 19.558980] [ffff8000800fe000, ffff800080100000) created by: [ 19.558980] vmalloc_oob+0x98/0x5d0 [ 19.559055] [ 19.559078] The buggy address belongs to the physical page: [ 19.559122] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10769e [ 19.559879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.560134] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.560244] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.560287] page dumped because: kasan: bad access detected [ 19.560330] [ 19.560350] Memory state around the buggy address: [ 19.560384] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.560429] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.560605] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.560651] ^ [ 19.560695] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.560974] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.561019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.356985] ================================================================== [ 19.357041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.357102] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.357358] [ 19.357539] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.357719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.357856] Hardware name: linux,dummy-virt (DT) [ 19.358021] Call trace: [ 19.358046] show_stack+0x20/0x38 (C) [ 19.358101] dump_stack_lvl+0x8c/0xd0 [ 19.358160] print_report+0x118/0x608 [ 19.358207] kasan_report+0xdc/0x128 [ 19.358256] kasan_check_range+0x100/0x1a8 [ 19.358305] __kasan_check_write+0x20/0x30 [ 19.358350] kasan_atomics_helper+0xff0/0x4858 [ 19.358407] kasan_atomics+0x198/0x2e0 [ 19.358623] kunit_try_run_case+0x170/0x3f0 [ 19.358862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.359125] kthread+0x328/0x630 [ 19.359168] ret_from_fork+0x10/0x20 [ 19.359218] [ 19.359239] Allocated by task 265: [ 19.359268] kasan_save_stack+0x3c/0x68 [ 19.359311] kasan_save_track+0x20/0x40 [ 19.359349] kasan_save_alloc_info+0x40/0x58 [ 19.359391] __kasan_kmalloc+0xd4/0xd8 [ 19.359430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.360271] kasan_atomics+0xb8/0x2e0 [ 19.360454] kunit_try_run_case+0x170/0x3f0 [ 19.360643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.360693] kthread+0x328/0x630 [ 19.360729] ret_from_fork+0x10/0x20 [ 19.360768] [ 19.360792] The buggy address belongs to the object at fff00000c7692100 [ 19.360792] which belongs to the cache kmalloc-64 of size 64 [ 19.360951] The buggy address is located 0 bytes to the right of [ 19.360951] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.361162] [ 19.361201] The buggy address belongs to the physical page: [ 19.361235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.361383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.361437] page_type: f5(slab) [ 19.361475] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.361549] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.361592] page dumped because: kasan: bad access detected [ 19.361840] [ 19.361910] Memory state around the buggy address: [ 19.362026] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.362071] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.362126] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.362164] ^ [ 19.362199] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362241] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.362282] ================================================================== [ 19.426491] ================================================================== [ 19.426554] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.427027] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.427181] [ 19.427218] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.427301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.427328] Hardware name: linux,dummy-virt (DT) [ 19.427361] Call trace: [ 19.427386] show_stack+0x20/0x38 (C) [ 19.427440] dump_stack_lvl+0x8c/0xd0 [ 19.427492] print_report+0x118/0x608 [ 19.427540] kasan_report+0xdc/0x128 [ 19.427588] kasan_check_range+0x100/0x1a8 [ 19.427636] __kasan_check_write+0x20/0x30 [ 19.427691] kasan_atomics_helper+0x12d8/0x4858 [ 19.427740] kasan_atomics+0x198/0x2e0 [ 19.427787] kunit_try_run_case+0x170/0x3f0 [ 19.427835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427889] kthread+0x328/0x630 [ 19.427931] ret_from_fork+0x10/0x20 [ 19.427979] [ 19.427999] Allocated by task 265: [ 19.428029] kasan_save_stack+0x3c/0x68 [ 19.428071] kasan_save_track+0x20/0x40 [ 19.428110] kasan_save_alloc_info+0x40/0x58 [ 19.428185] __kasan_kmalloc+0xd4/0xd8 [ 19.428395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.428508] kasan_atomics+0xb8/0x2e0 [ 19.428546] kunit_try_run_case+0x170/0x3f0 [ 19.428588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.428632] kthread+0x328/0x630 [ 19.428667] ret_from_fork+0x10/0x20 [ 19.428720] [ 19.428742] The buggy address belongs to the object at fff00000c7692100 [ 19.428742] which belongs to the cache kmalloc-64 of size 64 [ 19.428809] The buggy address is located 0 bytes to the right of [ 19.428809] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.428892] [ 19.428916] The buggy address belongs to the physical page: [ 19.428966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.429028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.429077] page_type: f5(slab) [ 19.429128] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.429183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.429235] page dumped because: kasan: bad access detected [ 19.429277] [ 19.429314] Memory state around the buggy address: [ 19.429348] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.429402] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.429455] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.429497] ^ [ 19.429536] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429593] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429633] ================================================================== [ 19.452390] ================================================================== [ 19.452464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.452513] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.452564] [ 19.452594] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.452675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.452704] Hardware name: linux,dummy-virt (DT) [ 19.452737] Call trace: [ 19.452793] show_stack+0x20/0x38 (C) [ 19.452849] dump_stack_lvl+0x8c/0xd0 [ 19.452924] print_report+0x118/0x608 [ 19.453000] kasan_report+0xdc/0x128 [ 19.453085] kasan_check_range+0x100/0x1a8 [ 19.453149] __kasan_check_write+0x20/0x30 [ 19.453195] kasan_atomics_helper+0x14e4/0x4858 [ 19.453250] kasan_atomics+0x198/0x2e0 [ 19.453408] kunit_try_run_case+0x170/0x3f0 [ 19.453461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.453521] kthread+0x328/0x630 [ 19.453565] ret_from_fork+0x10/0x20 [ 19.453630] [ 19.453669] Allocated by task 265: [ 19.453700] kasan_save_stack+0x3c/0x68 [ 19.453757] kasan_save_track+0x20/0x40 [ 19.453804] kasan_save_alloc_info+0x40/0x58 [ 19.453845] __kasan_kmalloc+0xd4/0xd8 [ 19.453959] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.454036] kasan_atomics+0xb8/0x2e0 [ 19.454151] kunit_try_run_case+0x170/0x3f0 [ 19.454191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.454245] kthread+0x328/0x630 [ 19.454280] ret_from_fork+0x10/0x20 [ 19.454319] [ 19.454341] The buggy address belongs to the object at fff00000c7692100 [ 19.454341] which belongs to the cache kmalloc-64 of size 64 [ 19.454401] The buggy address is located 0 bytes to the right of [ 19.454401] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.454472] [ 19.454494] The buggy address belongs to the physical page: [ 19.454527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.454589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.454660] page_type: f5(slab) [ 19.454701] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.454753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.454796] page dumped because: kasan: bad access detected [ 19.454829] [ 19.454858] Memory state around the buggy address: [ 19.454892] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.454939] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.454992] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.455033] ^ [ 19.455067] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.455110] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.455157] ================================================================== [ 19.504959] ================================================================== [ 19.505229] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.505285] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.505336] [ 19.505372] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.505455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.505484] Hardware name: linux,dummy-virt (DT) [ 19.506874] Call trace: [ 19.507385] show_stack+0x20/0x38 (C) [ 19.507656] dump_stack_lvl+0x8c/0xd0 [ 19.508148] print_report+0x118/0x608 [ 19.508427] kasan_report+0xdc/0x128 [ 19.508551] __asan_report_load8_noabort+0x20/0x30 [ 19.508611] kasan_atomics_helper+0x3e20/0x4858 [ 19.509469] kasan_atomics+0x198/0x2e0 [ 19.509536] kunit_try_run_case+0x170/0x3f0 [ 19.510577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.510741] kthread+0x328/0x630 [ 19.511454] ret_from_fork+0x10/0x20 [ 19.512007] [ 19.512159] Allocated by task 265: [ 19.512293] kasan_save_stack+0x3c/0x68 [ 19.512798] kasan_save_track+0x20/0x40 [ 19.513048] kasan_save_alloc_info+0x40/0x58 [ 19.513537] __kasan_kmalloc+0xd4/0xd8 [ 19.514003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.514317] kasan_atomics+0xb8/0x2e0 [ 19.514615] kunit_try_run_case+0x170/0x3f0 [ 19.514672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.514716] kthread+0x328/0x630 [ 19.514751] ret_from_fork+0x10/0x20 [ 19.514790] [ 19.515718] The buggy address belongs to the object at fff00000c7692100 [ 19.515718] which belongs to the cache kmalloc-64 of size 64 [ 19.516320] The buggy address is located 0 bytes to the right of [ 19.516320] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.516389] [ 19.517039] The buggy address belongs to the physical page: [ 19.517844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.517931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.517985] page_type: f5(slab) [ 19.518029] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.518081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.518635] page dumped because: kasan: bad access detected [ 19.518828] [ 19.518849] Memory state around the buggy address: [ 19.518885] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.518932] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.519041] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.519218] ^ [ 19.519254] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.519343] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.519477] ================================================================== [ 19.308667] ================================================================== [ 19.308722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.308772] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.308823] [ 19.308856] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.308940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.308967] Hardware name: linux,dummy-virt (DT) [ 19.309000] Call trace: [ 19.309561] show_stack+0x20/0x38 (C) [ 19.309720] dump_stack_lvl+0x8c/0xd0 [ 19.309832] print_report+0x118/0x608 [ 19.309881] kasan_report+0xdc/0x128 [ 19.309927] kasan_check_range+0x100/0x1a8 [ 19.309976] __kasan_check_read+0x20/0x30 [ 19.310021] kasan_atomics_helper+0xdd4/0x4858 [ 19.310078] kasan_atomics+0x198/0x2e0 [ 19.310163] kunit_try_run_case+0x170/0x3f0 [ 19.310218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.310878] kthread+0x328/0x630 [ 19.311062] ret_from_fork+0x10/0x20 [ 19.311125] [ 19.311187] Allocated by task 265: [ 19.311220] kasan_save_stack+0x3c/0x68 [ 19.311264] kasan_save_track+0x20/0x40 [ 19.311304] kasan_save_alloc_info+0x40/0x58 [ 19.311354] __kasan_kmalloc+0xd4/0xd8 [ 19.311394] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.311435] kasan_atomics+0xb8/0x2e0 [ 19.311479] kunit_try_run_case+0x170/0x3f0 [ 19.311602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.311649] kthread+0x328/0x630 [ 19.311741] ret_from_fork+0x10/0x20 [ 19.311778] [ 19.311799] The buggy address belongs to the object at fff00000c7692100 [ 19.311799] which belongs to the cache kmalloc-64 of size 64 [ 19.311861] The buggy address is located 0 bytes to the right of [ 19.311861] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.312613] [ 19.312640] The buggy address belongs to the physical page: [ 19.312684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.312803] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.312853] page_type: f5(slab) [ 19.312893] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.313065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.313181] page dumped because: kasan: bad access detected [ 19.313277] [ 19.313327] Memory state around the buggy address: [ 19.313405] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.313548] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.313643] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.313685] ^ [ 19.313782] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.313968] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.314061] ================================================================== [ 19.436516] ================================================================== [ 19.436561] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.436607] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.436659] [ 19.436690] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.436770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.436800] Hardware name: linux,dummy-virt (DT) [ 19.436834] Call trace: [ 19.436856] show_stack+0x20/0x38 (C) [ 19.436906] dump_stack_lvl+0x8c/0xd0 [ 19.436953] print_report+0x118/0x608 [ 19.437001] kasan_report+0xdc/0x128 [ 19.437047] __asan_report_load8_noabort+0x20/0x30 [ 19.437100] kasan_atomics_helper+0x3f04/0x4858 [ 19.437167] kasan_atomics+0x198/0x2e0 [ 19.437215] kunit_try_run_case+0x170/0x3f0 [ 19.437264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437319] kthread+0x328/0x630 [ 19.437361] ret_from_fork+0x10/0x20 [ 19.437410] [ 19.437430] Allocated by task 265: [ 19.437459] kasan_save_stack+0x3c/0x68 [ 19.437501] kasan_save_track+0x20/0x40 [ 19.437543] kasan_save_alloc_info+0x40/0x58 [ 19.437585] __kasan_kmalloc+0xd4/0xd8 [ 19.437623] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.437664] kasan_atomics+0xb8/0x2e0 [ 19.437700] kunit_try_run_case+0x170/0x3f0 [ 19.437741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437784] kthread+0x328/0x630 [ 19.437819] ret_from_fork+0x10/0x20 [ 19.437855] [ 19.437876] The buggy address belongs to the object at fff00000c7692100 [ 19.437876] which belongs to the cache kmalloc-64 of size 64 [ 19.437935] The buggy address is located 0 bytes to the right of [ 19.437935] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.438001] [ 19.438023] The buggy address belongs to the physical page: [ 19.438054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.438107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.439858] page_type: f5(slab) [ 19.439901] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.439955] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.439998] page dumped because: kasan: bad access detected [ 19.440031] [ 19.440052] Memory state around the buggy address: [ 19.440085] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.440141] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.440186] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.440229] ^ [ 19.440265] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440308] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440348] ================================================================== [ 19.470012] ================================================================== [ 19.470109] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.470544] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.470605] [ 19.470642] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.470831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.470918] Hardware name: linux,dummy-virt (DT) [ 19.471019] Call trace: [ 19.471068] show_stack+0x20/0x38 (C) [ 19.471134] dump_stack_lvl+0x8c/0xd0 [ 19.471239] print_report+0x118/0x608 [ 19.471319] kasan_report+0xdc/0x128 [ 19.471394] kasan_check_range+0x100/0x1a8 [ 19.471492] __kasan_check_write+0x20/0x30 [ 19.471558] kasan_atomics_helper+0x1644/0x4858 [ 19.471691] kasan_atomics+0x198/0x2e0 [ 19.471766] kunit_try_run_case+0x170/0x3f0 [ 19.471816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.471869] kthread+0x328/0x630 [ 19.471961] ret_from_fork+0x10/0x20 [ 19.472221] [ 19.472295] Allocated by task 265: [ 19.472370] kasan_save_stack+0x3c/0x68 [ 19.472467] kasan_save_track+0x20/0x40 [ 19.472528] kasan_save_alloc_info+0x40/0x58 [ 19.472880] __kasan_kmalloc+0xd4/0xd8 [ 19.473026] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.473198] kasan_atomics+0xb8/0x2e0 [ 19.473400] kunit_try_run_case+0x170/0x3f0 [ 19.473530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.473624] kthread+0x328/0x630 [ 19.473660] ret_from_fork+0x10/0x20 [ 19.473882] [ 19.474034] The buggy address belongs to the object at fff00000c7692100 [ 19.474034] which belongs to the cache kmalloc-64 of size 64 [ 19.474278] The buggy address is located 0 bytes to the right of [ 19.474278] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.474540] [ 19.474615] The buggy address belongs to the physical page: [ 19.474732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.474823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.474874] page_type: f5(slab) [ 19.475122] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.475386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.475573] page dumped because: kasan: bad access detected [ 19.475812] [ 19.475911] Memory state around the buggy address: [ 19.475947] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.476253] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.476439] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.476781] ^ [ 19.476942] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.477018] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.477057] ================================================================== [ 19.321414] ================================================================== [ 19.321504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.321561] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.321611] [ 19.321643] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.321943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.322073] Hardware name: linux,dummy-virt (DT) [ 19.322437] Call trace: [ 19.322609] show_stack+0x20/0x38 (C) [ 19.322676] dump_stack_lvl+0x8c/0xd0 [ 19.322853] print_report+0x118/0x608 [ 19.322908] kasan_report+0xdc/0x128 [ 19.322960] kasan_check_range+0x100/0x1a8 [ 19.323218] __kasan_check_write+0x20/0x30 [ 19.323292] kasan_atomics_helper+0xe44/0x4858 [ 19.323342] kasan_atomics+0x198/0x2e0 [ 19.323387] kunit_try_run_case+0x170/0x3f0 [ 19.323436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.323495] kthread+0x328/0x630 [ 19.323714] ret_from_fork+0x10/0x20 [ 19.323765] [ 19.323785] Allocated by task 265: [ 19.323816] kasan_save_stack+0x3c/0x68 [ 19.323859] kasan_save_track+0x20/0x40 [ 19.323899] kasan_save_alloc_info+0x40/0x58 [ 19.323942] __kasan_kmalloc+0xd4/0xd8 [ 19.324228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.324762] kasan_atomics+0xb8/0x2e0 [ 19.324811] kunit_try_run_case+0x170/0x3f0 [ 19.324974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.325020] kthread+0x328/0x630 [ 19.325074] ret_from_fork+0x10/0x20 [ 19.325884] [ 19.325921] The buggy address belongs to the object at fff00000c7692100 [ 19.325921] which belongs to the cache kmalloc-64 of size 64 [ 19.326203] The buggy address is located 0 bytes to the right of [ 19.326203] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.326456] [ 19.326642] The buggy address belongs to the physical page: [ 19.326779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.326935] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.326985] page_type: f5(slab) [ 19.327025] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.327110] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.327407] page dumped because: kasan: bad access detected [ 19.327698] [ 19.327763] Memory state around the buggy address: [ 19.327971] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.328048] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.328097] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.328241] ^ [ 19.328314] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.328416] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.328457] ================================================================== [ 19.344160] ================================================================== [ 19.344245] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.344588] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.344641] [ 19.344672] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.344755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.344810] Hardware name: linux,dummy-virt (DT) [ 19.344843] Call trace: [ 19.344866] show_stack+0x20/0x38 (C) [ 19.345384] dump_stack_lvl+0x8c/0xd0 [ 19.345440] print_report+0x118/0x608 [ 19.345555] kasan_report+0xdc/0x128 [ 19.345670] kasan_check_range+0x100/0x1a8 [ 19.345811] __kasan_check_write+0x20/0x30 [ 19.345857] kasan_atomics_helper+0xf20/0x4858 [ 19.345927] kasan_atomics+0x198/0x2e0 [ 19.346122] kunit_try_run_case+0x170/0x3f0 [ 19.346173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346227] kthread+0x328/0x630 [ 19.346269] ret_from_fork+0x10/0x20 [ 19.346485] [ 19.346509] Allocated by task 265: [ 19.346541] kasan_save_stack+0x3c/0x68 [ 19.346874] kasan_save_track+0x20/0x40 [ 19.346915] kasan_save_alloc_info+0x40/0x58 [ 19.346956] __kasan_kmalloc+0xd4/0xd8 [ 19.346995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.347037] kasan_atomics+0xb8/0x2e0 [ 19.347075] kunit_try_run_case+0x170/0x3f0 [ 19.347449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.347499] kthread+0x328/0x630 [ 19.347533] ret_from_fork+0x10/0x20 [ 19.347753] [ 19.347785] The buggy address belongs to the object at fff00000c7692100 [ 19.347785] which belongs to the cache kmalloc-64 of size 64 [ 19.347989] The buggy address is located 0 bytes to the right of [ 19.347989] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.348059] [ 19.348080] The buggy address belongs to the physical page: [ 19.348241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.348298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.348349] page_type: f5(slab) [ 19.348389] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.348510] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.348553] page dumped because: kasan: bad access detected [ 19.348685] [ 19.348739] Memory state around the buggy address: [ 19.348779] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.348860] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.348902] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.348942] ^ [ 19.348975] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.349250] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.349294] ================================================================== [ 19.521724] ================================================================== [ 19.521909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.521960] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.522058] [ 19.522094] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.522376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.522404] Hardware name: linux,dummy-virt (DT) [ 19.522438] Call trace: [ 19.522462] show_stack+0x20/0x38 (C) [ 19.522511] dump_stack_lvl+0x8c/0xd0 [ 19.522562] print_report+0x118/0x608 [ 19.522610] kasan_report+0xdc/0x128 [ 19.522665] kasan_check_range+0x100/0x1a8 [ 19.522906] __kasan_check_write+0x20/0x30 [ 19.523128] kasan_atomics_helper+0x17ec/0x4858 [ 19.523182] kasan_atomics+0x198/0x2e0 [ 19.523574] kunit_try_run_case+0x170/0x3f0 [ 19.524048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.524274] kthread+0x328/0x630 [ 19.524410] ret_from_fork+0x10/0x20 [ 19.524536] [ 19.524610] Allocated by task 265: [ 19.524710] kasan_save_stack+0x3c/0x68 [ 19.524755] kasan_save_track+0x20/0x40 [ 19.524830] kasan_save_alloc_info+0x40/0x58 [ 19.524874] __kasan_kmalloc+0xd4/0xd8 [ 19.524915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.525174] kasan_atomics+0xb8/0x2e0 [ 19.525279] kunit_try_run_case+0x170/0x3f0 [ 19.525320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.525374] kthread+0x328/0x630 [ 19.525411] ret_from_fork+0x10/0x20 [ 19.525695] [ 19.525801] The buggy address belongs to the object at fff00000c7692100 [ 19.525801] which belongs to the cache kmalloc-64 of size 64 [ 19.526031] The buggy address is located 0 bytes to the right of [ 19.526031] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.526126] [ 19.526151] The buggy address belongs to the physical page: [ 19.526183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.526237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.526290] page_type: f5(slab) [ 19.526591] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.526650] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.526878] page dumped because: kasan: bad access detected [ 19.527080] [ 19.527106] Memory state around the buggy address: [ 19.527382] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.527504] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.527550] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.527593] ^ [ 19.527629] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.527675] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.528083] ================================================================== [ 19.387936] ================================================================== [ 19.388564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.388623] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.388674] [ 19.388760] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.389903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.390055] Hardware name: linux,dummy-virt (DT) [ 19.390141] Call trace: [ 19.390167] show_stack+0x20/0x38 (C) [ 19.390221] dump_stack_lvl+0x8c/0xd0 [ 19.390272] print_report+0x118/0x608 [ 19.390322] kasan_report+0xdc/0x128 [ 19.390684] kasan_check_range+0x100/0x1a8 [ 19.390903] __kasan_check_write+0x20/0x30 [ 19.390954] kasan_atomics_helper+0x1128/0x4858 [ 19.391166] kasan_atomics+0x198/0x2e0 [ 19.391540] kunit_try_run_case+0x170/0x3f0 [ 19.391684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.391807] kthread+0x328/0x630 [ 19.391960] ret_from_fork+0x10/0x20 [ 19.392012] [ 19.392032] Allocated by task 265: [ 19.392073] kasan_save_stack+0x3c/0x68 [ 19.392301] kasan_save_track+0x20/0x40 [ 19.392553] kasan_save_alloc_info+0x40/0x58 [ 19.392606] __kasan_kmalloc+0xd4/0xd8 [ 19.392644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.392825] kasan_atomics+0xb8/0x2e0 [ 19.392864] kunit_try_run_case+0x170/0x3f0 [ 19.393148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393197] kthread+0x328/0x630 [ 19.393231] ret_from_fork+0x10/0x20 [ 19.393354] [ 19.393463] The buggy address belongs to the object at fff00000c7692100 [ 19.393463] which belongs to the cache kmalloc-64 of size 64 [ 19.393644] The buggy address is located 0 bytes to the right of [ 19.393644] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.393903] [ 19.394134] The buggy address belongs to the physical page: [ 19.394259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.394317] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.394378] page_type: f5(slab) [ 19.394419] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.394473] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.394849] page dumped because: kasan: bad access detected [ 19.394891] [ 19.394911] Memory state around the buggy address: [ 19.395061] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.395418] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.395510] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.395968] ^ [ 19.396021] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.396257] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.396298] ================================================================== [ 19.314872] ================================================================== [ 19.314933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.315193] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.315295] [ 19.315390] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.315734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.315762] Hardware name: linux,dummy-virt (DT) [ 19.315795] Call trace: [ 19.315818] show_stack+0x20/0x38 (C) [ 19.315870] dump_stack_lvl+0x8c/0xd0 [ 19.316147] print_report+0x118/0x608 [ 19.316329] kasan_report+0xdc/0x128 [ 19.316383] __asan_report_load8_noabort+0x20/0x30 [ 19.316437] kasan_atomics_helper+0x3f58/0x4858 [ 19.316486] kasan_atomics+0x198/0x2e0 [ 19.316534] kunit_try_run_case+0x170/0x3f0 [ 19.316582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316638] kthread+0x328/0x630 [ 19.317197] ret_from_fork+0x10/0x20 [ 19.317364] [ 19.317548] Allocated by task 265: [ 19.317616] kasan_save_stack+0x3c/0x68 [ 19.317734] kasan_save_track+0x20/0x40 [ 19.317814] kasan_save_alloc_info+0x40/0x58 [ 19.317856] __kasan_kmalloc+0xd4/0xd8 [ 19.317952] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.318064] kasan_atomics+0xb8/0x2e0 [ 19.318169] kunit_try_run_case+0x170/0x3f0 [ 19.318210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.318255] kthread+0x328/0x630 [ 19.318297] ret_from_fork+0x10/0x20 [ 19.318333] [ 19.318405] The buggy address belongs to the object at fff00000c7692100 [ 19.318405] which belongs to the cache kmalloc-64 of size 64 [ 19.318465] The buggy address is located 0 bytes to the right of [ 19.318465] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.318581] [ 19.318659] The buggy address belongs to the physical page: [ 19.318709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.318835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.318899] page_type: f5(slab) [ 19.318982] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.319128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.319172] page dumped because: kasan: bad access detected [ 19.319203] [ 19.319223] Memory state around the buggy address: [ 19.319256] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.319299] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.319344] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.319383] ^ [ 19.319615] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320043] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320090] ================================================================== [ 19.455263] ================================================================== [ 19.455303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.455722] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.455785] [ 19.455890] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.456004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.456168] Hardware name: linux,dummy-virt (DT) [ 19.456209] Call trace: [ 19.456233] show_stack+0x20/0x38 (C) [ 19.456286] dump_stack_lvl+0x8c/0xd0 [ 19.456333] print_report+0x118/0x608 [ 19.456382] kasan_report+0xdc/0x128 [ 19.456491] kasan_check_range+0x100/0x1a8 [ 19.456590] __kasan_check_write+0x20/0x30 [ 19.456675] kasan_atomics_helper+0x154c/0x4858 [ 19.456766] kasan_atomics+0x198/0x2e0 [ 19.456904] kunit_try_run_case+0x170/0x3f0 [ 19.456989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457246] kthread+0x328/0x630 [ 19.457365] ret_from_fork+0x10/0x20 [ 19.457556] [ 19.457666] Allocated by task 265: [ 19.457758] kasan_save_stack+0x3c/0x68 [ 19.457876] kasan_save_track+0x20/0x40 [ 19.457950] kasan_save_alloc_info+0x40/0x58 [ 19.458046] __kasan_kmalloc+0xd4/0xd8 [ 19.458086] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.458137] kasan_atomics+0xb8/0x2e0 [ 19.458197] kunit_try_run_case+0x170/0x3f0 [ 19.458235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.458300] kthread+0x328/0x630 [ 19.458335] ret_from_fork+0x10/0x20 [ 19.458373] [ 19.458395] The buggy address belongs to the object at fff00000c7692100 [ 19.458395] which belongs to the cache kmalloc-64 of size 64 [ 19.458540] The buggy address is located 0 bytes to the right of [ 19.458540] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.458685] [ 19.458859] The buggy address belongs to the physical page: [ 19.458894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.458946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.459044] page_type: f5(slab) [ 19.459171] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.459293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.459404] page dumped because: kasan: bad access detected [ 19.459474] [ 19.459580] Memory state around the buggy address: [ 19.459614] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.459666] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.459825] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.459871] ^ [ 19.459905] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.459974] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.460079] ================================================================== [ 19.440883] ================================================================== [ 19.440934] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.440986] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.441036] [ 19.441068] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.441192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.441221] Hardware name: linux,dummy-virt (DT) [ 19.441254] Call trace: [ 19.441280] show_stack+0x20/0x38 (C) [ 19.441331] dump_stack_lvl+0x8c/0xd0 [ 19.441381] print_report+0x118/0x608 [ 19.441427] kasan_report+0xdc/0x128 [ 19.441475] kasan_check_range+0x100/0x1a8 [ 19.441798] __kasan_check_write+0x20/0x30 [ 19.441892] kasan_atomics_helper+0x1414/0x4858 [ 19.441951] kasan_atomics+0x198/0x2e0 [ 19.442003] kunit_try_run_case+0x170/0x3f0 [ 19.442052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.442124] kthread+0x328/0x630 [ 19.442169] ret_from_fork+0x10/0x20 [ 19.442226] [ 19.442256] Allocated by task 265: [ 19.442294] kasan_save_stack+0x3c/0x68 [ 19.442347] kasan_save_track+0x20/0x40 [ 19.442417] kasan_save_alloc_info+0x40/0x58 [ 19.442467] __kasan_kmalloc+0xd4/0xd8 [ 19.442505] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.442546] kasan_atomics+0xb8/0x2e0 [ 19.442584] kunit_try_run_case+0x170/0x3f0 [ 19.442625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.442675] kthread+0x328/0x630 [ 19.442841] ret_from_fork+0x10/0x20 [ 19.442906] [ 19.442928] The buggy address belongs to the object at fff00000c7692100 [ 19.442928] which belongs to the cache kmalloc-64 of size 64 [ 19.443137] The buggy address is located 0 bytes to the right of [ 19.443137] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.443202] [ 19.443223] The buggy address belongs to the physical page: [ 19.443257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.443311] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.443359] page_type: f5(slab) [ 19.443398] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.443450] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.443493] page dumped because: kasan: bad access detected [ 19.443526] [ 19.443547] Memory state around the buggy address: [ 19.443580] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.443948] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.444018] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.444060] ^ [ 19.444306] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444742] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444895] ================================================================== [ 19.300072] ================================================================== [ 19.300294] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.300496] Read of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.300743] [ 19.300826] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.300988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301035] Hardware name: linux,dummy-virt (DT) [ 19.301081] Call trace: [ 19.301105] show_stack+0x20/0x38 (C) [ 19.301172] dump_stack_lvl+0x8c/0xd0 [ 19.301538] print_report+0x118/0x608 [ 19.301845] kasan_report+0xdc/0x128 [ 19.301906] __asan_report_load4_noabort+0x20/0x30 [ 19.301961] kasan_atomics_helper+0x3e04/0x4858 [ 19.302010] kasan_atomics+0x198/0x2e0 [ 19.302059] kunit_try_run_case+0x170/0x3f0 [ 19.302106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302182] kthread+0x328/0x630 [ 19.302228] ret_from_fork+0x10/0x20 [ 19.302540] [ 19.302891] Allocated by task 265: [ 19.302932] kasan_save_stack+0x3c/0x68 [ 19.303246] kasan_save_track+0x20/0x40 [ 19.303352] kasan_save_alloc_info+0x40/0x58 [ 19.303395] __kasan_kmalloc+0xd4/0xd8 [ 19.303434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.303476] kasan_atomics+0xb8/0x2e0 [ 19.303514] kunit_try_run_case+0x170/0x3f0 [ 19.303553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.303599] kthread+0x328/0x630 [ 19.303641] ret_from_fork+0x10/0x20 [ 19.303735] [ 19.303756] The buggy address belongs to the object at fff00000c7692100 [ 19.303756] which belongs to the cache kmalloc-64 of size 64 [ 19.303819] The buggy address is located 0 bytes to the right of [ 19.303819] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.303886] [ 19.303908] The buggy address belongs to the physical page: [ 19.303940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.303996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.304046] page_type: f5(slab) [ 19.304225] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.304600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.304645] page dumped because: kasan: bad access detected [ 19.304679] [ 19.304984] Memory state around the buggy address: [ 19.305267] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305394] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305812] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.306058] ^ [ 19.306173] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306240] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306281] ================================================================== [ 19.460671] ================================================================== [ 19.460781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.460897] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.460969] [ 19.461006] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.461087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.461128] Hardware name: linux,dummy-virt (DT) [ 19.461161] Call trace: [ 19.461184] show_stack+0x20/0x38 (C) [ 19.461234] dump_stack_lvl+0x8c/0xd0 [ 19.461414] print_report+0x118/0x608 [ 19.461467] kasan_report+0xdc/0x128 [ 19.461519] kasan_check_range+0x100/0x1a8 [ 19.461596] __kasan_check_write+0x20/0x30 [ 19.461760] kasan_atomics_helper+0x15b4/0x4858 [ 19.461819] kasan_atomics+0x198/0x2e0 [ 19.461918] kunit_try_run_case+0x170/0x3f0 [ 19.462049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462106] kthread+0x328/0x630 [ 19.462173] ret_from_fork+0x10/0x20 [ 19.462289] [ 19.462361] Allocated by task 265: [ 19.462398] kasan_save_stack+0x3c/0x68 [ 19.462466] kasan_save_track+0x20/0x40 [ 19.462507] kasan_save_alloc_info+0x40/0x58 [ 19.462589] __kasan_kmalloc+0xd4/0xd8 [ 19.462635] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.462702] kasan_atomics+0xb8/0x2e0 [ 19.462768] kunit_try_run_case+0x170/0x3f0 [ 19.462825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462871] kthread+0x328/0x630 [ 19.462905] ret_from_fork+0x10/0x20 [ 19.462971] [ 19.463000] The buggy address belongs to the object at fff00000c7692100 [ 19.463000] which belongs to the cache kmalloc-64 of size 64 [ 19.463061] The buggy address is located 0 bytes to the right of [ 19.463061] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.463135] [ 19.463156] The buggy address belongs to the physical page: [ 19.463313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.463369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.463417] page_type: f5(slab) [ 19.463458] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.463512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.463586] page dumped because: kasan: bad access detected [ 19.463620] [ 19.463788] Memory state around the buggy address: [ 19.464197] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.464291] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.464337] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.464387] ^ [ 19.464430] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464474] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464512] ================================================================== [ 19.292993] ================================================================== [ 19.293238] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.293372] Write of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.293426] [ 19.293458] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.293558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.293588] Hardware name: linux,dummy-virt (DT) [ 19.293619] Call trace: [ 19.293644] show_stack+0x20/0x38 (C) [ 19.293694] dump_stack_lvl+0x8c/0xd0 [ 19.293752] print_report+0x118/0x608 [ 19.293799] kasan_report+0xdc/0x128 [ 19.293847] kasan_check_range+0x100/0x1a8 [ 19.293910] __kasan_check_write+0x20/0x30 [ 19.293959] kasan_atomics_helper+0xd3c/0x4858 [ 19.294007] kasan_atomics+0x198/0x2e0 [ 19.294071] kunit_try_run_case+0x170/0x3f0 [ 19.294131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.294373] kthread+0x328/0x630 [ 19.294871] ret_from_fork+0x10/0x20 [ 19.294938] [ 19.295002] Allocated by task 265: [ 19.295053] kasan_save_stack+0x3c/0x68 [ 19.295227] kasan_save_track+0x20/0x40 [ 19.295275] kasan_save_alloc_info+0x40/0x58 [ 19.295464] __kasan_kmalloc+0xd4/0xd8 [ 19.295504] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.295552] kasan_atomics+0xb8/0x2e0 [ 19.295589] kunit_try_run_case+0x170/0x3f0 [ 19.295629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.295713] kthread+0x328/0x630 [ 19.295751] ret_from_fork+0x10/0x20 [ 19.295790] [ 19.295813] The buggy address belongs to the object at fff00000c7692100 [ 19.295813] which belongs to the cache kmalloc-64 of size 64 [ 19.295874] The buggy address is located 0 bytes to the right of [ 19.295874] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.296069] [ 19.296208] The buggy address belongs to the physical page: [ 19.296553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.296611] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.296662] page_type: f5(slab) [ 19.296702] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.296752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.297084] page dumped because: kasan: bad access detected [ 19.297150] [ 19.297172] Memory state around the buggy address: [ 19.297207] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.297584] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.297697] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.297765] ^ [ 19.297802] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.298135] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.298209] ================================================================== [ 19.329382] ================================================================== [ 19.329435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.329738] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.330124] [ 19.330174] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.330285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.330565] Hardware name: linux,dummy-virt (DT) [ 19.330599] Call trace: [ 19.330625] show_stack+0x20/0x38 (C) [ 19.330677] dump_stack_lvl+0x8c/0xd0 [ 19.330737] print_report+0x118/0x608 [ 19.330895] kasan_report+0xdc/0x128 [ 19.330976] __asan_report_store8_noabort+0x20/0x30 [ 19.331026] kasan_atomics_helper+0x3e5c/0x4858 [ 19.331077] kasan_atomics+0x198/0x2e0 [ 19.331135] kunit_try_run_case+0x170/0x3f0 [ 19.331183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.331288] kthread+0x328/0x630 [ 19.331805] ret_from_fork+0x10/0x20 [ 19.332247] [ 19.332282] Allocated by task 265: [ 19.332314] kasan_save_stack+0x3c/0x68 [ 19.332358] kasan_save_track+0x20/0x40 [ 19.332399] kasan_save_alloc_info+0x40/0x58 [ 19.332440] __kasan_kmalloc+0xd4/0xd8 [ 19.332479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.332771] kasan_atomics+0xb8/0x2e0 [ 19.332816] kunit_try_run_case+0x170/0x3f0 [ 19.332857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.332903] kthread+0x328/0x630 [ 19.332948] ret_from_fork+0x10/0x20 [ 19.332986] [ 19.333297] The buggy address belongs to the object at fff00000c7692100 [ 19.333297] which belongs to the cache kmalloc-64 of size 64 [ 19.333391] The buggy address is located 0 bytes to the right of [ 19.333391] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.333469] [ 19.333492] The buggy address belongs to the physical page: [ 19.333537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.333590] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.333662] page_type: f5(slab) [ 19.333771] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.333921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.333965] page dumped because: kasan: bad access detected [ 19.334000] [ 19.334019] Memory state around the buggy address: [ 19.334101] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.334755] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.334809] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.334852] ^ [ 19.334886] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.334931] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.335449] ================================================================== [ 19.336161] ================================================================== [ 19.336213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.336261] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.336313] [ 19.336345] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.336453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.336482] Hardware name: linux,dummy-virt (DT) [ 19.336514] Call trace: [ 19.336537] show_stack+0x20/0x38 (C) [ 19.336586] dump_stack_lvl+0x8c/0xd0 [ 19.336634] print_report+0x118/0x608 [ 19.336981] kasan_report+0xdc/0x128 [ 19.337458] kasan_check_range+0x100/0x1a8 [ 19.337790] __kasan_check_write+0x20/0x30 [ 19.337892] kasan_atomics_helper+0xeb8/0x4858 [ 19.338009] kasan_atomics+0x198/0x2e0 [ 19.338063] kunit_try_run_case+0x170/0x3f0 [ 19.338287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.338353] kthread+0x328/0x630 [ 19.338516] ret_from_fork+0x10/0x20 [ 19.338565] [ 19.338591] Allocated by task 265: [ 19.338670] kasan_save_stack+0x3c/0x68 [ 19.338750] kasan_save_track+0x20/0x40 [ 19.338898] kasan_save_alloc_info+0x40/0x58 [ 19.338945] __kasan_kmalloc+0xd4/0xd8 [ 19.339061] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.339413] kasan_atomics+0xb8/0x2e0 [ 19.339498] kunit_try_run_case+0x170/0x3f0 [ 19.339567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.339786] kthread+0x328/0x630 [ 19.339843] ret_from_fork+0x10/0x20 [ 19.339883] [ 19.340281] The buggy address belongs to the object at fff00000c7692100 [ 19.340281] which belongs to the cache kmalloc-64 of size 64 [ 19.340378] The buggy address is located 0 bytes to the right of [ 19.340378] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.340446] [ 19.340467] The buggy address belongs to the physical page: [ 19.340500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.340720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.340774] page_type: f5(slab) [ 19.340986] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.341340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.341578] page dumped because: kasan: bad access detected [ 19.341652] [ 19.341674] Memory state around the buggy address: [ 19.341709] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.341753] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.341813] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.341851] ^ [ 19.342088] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342238] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342492] ================================================================== [ 19.477526] ================================================================== [ 19.477575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.477624] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.477675] [ 19.477709] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.477790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.477817] Hardware name: linux,dummy-virt (DT) [ 19.477851] Call trace: [ 19.477875] show_stack+0x20/0x38 (C) [ 19.477926] dump_stack_lvl+0x8c/0xd0 [ 19.477977] print_report+0x118/0x608 [ 19.478027] kasan_report+0xdc/0x128 [ 19.478075] __asan_report_load8_noabort+0x20/0x30 [ 19.478142] kasan_atomics_helper+0x3df4/0x4858 [ 19.478193] kasan_atomics+0x198/0x2e0 [ 19.478238] kunit_try_run_case+0x170/0x3f0 [ 19.478287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.478341] kthread+0x328/0x630 [ 19.478386] ret_from_fork+0x10/0x20 [ 19.478528] [ 19.478554] Allocated by task 265: [ 19.478622] kasan_save_stack+0x3c/0x68 [ 19.478666] kasan_save_track+0x20/0x40 [ 19.478967] kasan_save_alloc_info+0x40/0x58 [ 19.479092] __kasan_kmalloc+0xd4/0xd8 [ 19.479158] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.479226] kasan_atomics+0xb8/0x2e0 [ 19.479306] kunit_try_run_case+0x170/0x3f0 [ 19.479398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.479451] kthread+0x328/0x630 [ 19.479508] ret_from_fork+0x10/0x20 [ 19.479548] [ 19.479570] The buggy address belongs to the object at fff00000c7692100 [ 19.479570] which belongs to the cache kmalloc-64 of size 64 [ 19.479635] The buggy address is located 0 bytes to the right of [ 19.479635] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.479715] [ 19.479739] The buggy address belongs to the physical page: [ 19.479771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.479947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.480041] page_type: f5(slab) [ 19.480142] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.480260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.480577] page dumped because: kasan: bad access detected [ 19.480705] [ 19.480782] Memory state around the buggy address: [ 19.480817] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.480863] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.481082] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.481243] ^ [ 19.481388] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.481444] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.481493] ================================================================== [ 19.445269] ================================================================== [ 19.445320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.445595] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.445714] [ 19.445749] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.445830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.445859] Hardware name: linux,dummy-virt (DT) [ 19.446039] Call trace: [ 19.446071] show_stack+0x20/0x38 (C) [ 19.446173] dump_stack_lvl+0x8c/0xd0 [ 19.446341] print_report+0x118/0x608 [ 19.446447] kasan_report+0xdc/0x128 [ 19.446494] kasan_check_range+0x100/0x1a8 [ 19.446620] __kasan_check_write+0x20/0x30 [ 19.446763] kasan_atomics_helper+0x147c/0x4858 [ 19.446867] kasan_atomics+0x198/0x2e0 [ 19.446972] kunit_try_run_case+0x170/0x3f0 [ 19.447021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.447075] kthread+0x328/0x630 [ 19.447179] ret_from_fork+0x10/0x20 [ 19.447228] [ 19.447248] Allocated by task 265: [ 19.447279] kasan_save_stack+0x3c/0x68 [ 19.447320] kasan_save_track+0x20/0x40 [ 19.447697] kasan_save_alloc_info+0x40/0x58 [ 19.448391] __kasan_kmalloc+0xd4/0xd8 [ 19.448643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.448873] kasan_atomics+0xb8/0x2e0 [ 19.448967] kunit_try_run_case+0x170/0x3f0 [ 19.449594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.449780] kthread+0x328/0x630 [ 19.449823] ret_from_fork+0x10/0x20 [ 19.449862] [ 19.449895] The buggy address belongs to the object at fff00000c7692100 [ 19.449895] which belongs to the cache kmalloc-64 of size 64 [ 19.449960] The buggy address is located 0 bytes to the right of [ 19.449960] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.450108] [ 19.450140] The buggy address belongs to the physical page: [ 19.450371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.450455] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.450506] page_type: f5(slab) [ 19.450549] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.450601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.450666] page dumped because: kasan: bad access detected [ 19.450781] [ 19.451000] Memory state around the buggy address: [ 19.451148] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.451223] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.451268] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.451309] ^ [ 19.451342] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.451404] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.451442] ================================================================== [ 19.350433] ================================================================== [ 19.350692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.350742] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.350792] [ 19.350823] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.350907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.350934] Hardware name: linux,dummy-virt (DT) [ 19.350968] Call trace: [ 19.351030] show_stack+0x20/0x38 (C) [ 19.351085] dump_stack_lvl+0x8c/0xd0 [ 19.351638] print_report+0x118/0x608 [ 19.351784] kasan_report+0xdc/0x128 [ 19.351831] kasan_check_range+0x100/0x1a8 [ 19.351891] __kasan_check_write+0x20/0x30 [ 19.351939] kasan_atomics_helper+0xf88/0x4858 [ 19.351987] kasan_atomics+0x198/0x2e0 [ 19.352034] kunit_try_run_case+0x170/0x3f0 [ 19.352082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.352454] kthread+0x328/0x630 [ 19.352694] ret_from_fork+0x10/0x20 [ 19.352764] [ 19.352830] Allocated by task 265: [ 19.352894] kasan_save_stack+0x3c/0x68 [ 19.352939] kasan_save_track+0x20/0x40 [ 19.352987] kasan_save_alloc_info+0x40/0x58 [ 19.353234] __kasan_kmalloc+0xd4/0xd8 [ 19.353307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.353348] kasan_atomics+0xb8/0x2e0 [ 19.353387] kunit_try_run_case+0x170/0x3f0 [ 19.353427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.353473] kthread+0x328/0x630 [ 19.353526] ret_from_fork+0x10/0x20 [ 19.353566] [ 19.353587] The buggy address belongs to the object at fff00000c7692100 [ 19.353587] which belongs to the cache kmalloc-64 of size 64 [ 19.354139] The buggy address is located 0 bytes to the right of [ 19.354139] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.354360] [ 19.354446] The buggy address belongs to the physical page: [ 19.354490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.354596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.354795] page_type: f5(slab) [ 19.354840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.354930] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.355003] page dumped because: kasan: bad access detected [ 19.355109] [ 19.355400] Memory state around the buggy address: [ 19.355605] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.355862] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.355911] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.355951] ^ [ 19.355985] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356030] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356071] ================================================================== [ 19.362694] ================================================================== [ 19.362744] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.362800] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.363032] [ 19.366623] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.366990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.367061] Hardware name: linux,dummy-virt (DT) [ 19.367096] Call trace: [ 19.367136] show_stack+0x20/0x38 (C) [ 19.367191] dump_stack_lvl+0x8c/0xd0 [ 19.367242] print_report+0x118/0x608 [ 19.367291] kasan_report+0xdc/0x128 [ 19.370075] kasan_check_range+0x100/0x1a8 [ 19.371695] __kasan_check_write+0x20/0x30 [ 19.371752] kasan_atomics_helper+0x1058/0x4858 [ 19.371804] kasan_atomics+0x198/0x2e0 [ 19.371852] kunit_try_run_case+0x170/0x3f0 [ 19.371900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371954] kthread+0x328/0x630 [ 19.371997] ret_from_fork+0x10/0x20 [ 19.372102] [ 19.372139] Allocated by task 265: [ 19.372172] kasan_save_stack+0x3c/0x68 [ 19.372216] kasan_save_track+0x20/0x40 [ 19.372255] kasan_save_alloc_info+0x40/0x58 [ 19.372298] __kasan_kmalloc+0xd4/0xd8 [ 19.372335] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.372378] kasan_atomics+0xb8/0x2e0 [ 19.372415] kunit_try_run_case+0x170/0x3f0 [ 19.372453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.372501] kthread+0x328/0x630 [ 19.372536] ret_from_fork+0x10/0x20 [ 19.372576] [ 19.372597] The buggy address belongs to the object at fff00000c7692100 [ 19.372597] which belongs to the cache kmalloc-64 of size 64 [ 19.372657] The buggy address is located 0 bytes to the right of [ 19.372657] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.372722] [ 19.372745] The buggy address belongs to the physical page: [ 19.372778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.372831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.372881] page_type: f5(slab) [ 19.372924] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.372976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.373019] page dumped because: kasan: bad access detected [ 19.373053] [ 19.373075] Memory state around the buggy address: [ 19.373110] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.374211] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.374260] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.374301] ^ [ 19.374336] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.374380] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.374421] ================================================================== [ 19.285600] ================================================================== [ 19.285707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.285891] Read of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.286008] [ 19.286091] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.286235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.286364] Hardware name: linux,dummy-virt (DT) [ 19.286450] Call trace: [ 19.286713] show_stack+0x20/0x38 (C) [ 19.286936] dump_stack_lvl+0x8c/0xd0 [ 19.287055] print_report+0x118/0x608 [ 19.287123] kasan_report+0xdc/0x128 [ 19.287178] __asan_report_load4_noabort+0x20/0x30 [ 19.287233] kasan_atomics_helper+0x3dd8/0x4858 [ 19.287282] kasan_atomics+0x198/0x2e0 [ 19.287328] kunit_try_run_case+0x170/0x3f0 [ 19.287388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.287444] kthread+0x328/0x630 [ 19.287490] ret_from_fork+0x10/0x20 [ 19.287563] [ 19.287593] Allocated by task 265: [ 19.287625] kasan_save_stack+0x3c/0x68 [ 19.287676] kasan_save_track+0x20/0x40 [ 19.287739] kasan_save_alloc_info+0x40/0x58 [ 19.287782] __kasan_kmalloc+0xd4/0xd8 [ 19.287819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.287860] kasan_atomics+0xb8/0x2e0 [ 19.288052] kunit_try_run_case+0x170/0x3f0 [ 19.288101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.288158] kthread+0x328/0x630 [ 19.288196] ret_from_fork+0x10/0x20 [ 19.288236] [ 19.288257] The buggy address belongs to the object at fff00000c7692100 [ 19.288257] which belongs to the cache kmalloc-64 of size 64 [ 19.288496] The buggy address is located 0 bytes to the right of [ 19.288496] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.288646] [ 19.288724] The buggy address belongs to the physical page: [ 19.288820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.289146] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.289345] page_type: f5(slab) [ 19.289547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.289886] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.289977] page dumped because: kasan: bad access detected [ 19.290324] [ 19.290378] Memory state around the buggy address: [ 19.290414] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.290497] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.290670] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.290848] ^ [ 19.290942] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.291124] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.291268] ================================================================== [ 19.410955] ================================================================== [ 19.411012] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.411062] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.411127] [ 19.411166] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.411251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.411279] Hardware name: linux,dummy-virt (DT) [ 19.411312] Call trace: [ 19.411338] show_stack+0x20/0x38 (C) [ 19.411389] dump_stack_lvl+0x8c/0xd0 [ 19.411439] print_report+0x118/0x608 [ 19.411486] kasan_report+0xdc/0x128 [ 19.411533] kasan_check_range+0x100/0x1a8 [ 19.412718] __kasan_check_write+0x20/0x30 [ 19.412966] kasan_atomics_helper+0x11f8/0x4858 [ 19.413021] kasan_atomics+0x198/0x2e0 [ 19.413076] kunit_try_run_case+0x170/0x3f0 [ 19.413484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.413977] kthread+0x328/0x630 [ 19.414032] ret_from_fork+0x10/0x20 [ 19.414396] [ 19.414423] Allocated by task 265: [ 19.414457] kasan_save_stack+0x3c/0x68 [ 19.414862] kasan_save_track+0x20/0x40 [ 19.415129] kasan_save_alloc_info+0x40/0x58 [ 19.415510] __kasan_kmalloc+0xd4/0xd8 [ 19.415595] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.415639] kasan_atomics+0xb8/0x2e0 [ 19.416171] kunit_try_run_case+0x170/0x3f0 [ 19.416227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.416442] kthread+0x328/0x630 [ 19.416489] ret_from_fork+0x10/0x20 [ 19.416527] [ 19.416551] The buggy address belongs to the object at fff00000c7692100 [ 19.416551] which belongs to the cache kmalloc-64 of size 64 [ 19.417078] The buggy address is located 0 bytes to the right of [ 19.417078] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.417369] [ 19.417829] The buggy address belongs to the physical page: [ 19.417875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.418525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.418594] page_type: f5(slab) [ 19.418638] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.418692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.419558] page dumped because: kasan: bad access detected [ 19.419694] [ 19.419903] Memory state around the buggy address: [ 19.419958] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.420149] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.420201] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.420514] ^ [ 19.420733] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420784] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.420895] ================================================================== [ 19.465107] ================================================================== [ 19.465171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.465543] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.465601] [ 19.465639] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.465793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.465898] Hardware name: linux,dummy-virt (DT) [ 19.465949] Call trace: [ 19.465990] show_stack+0x20/0x38 (C) [ 19.466042] dump_stack_lvl+0x8c/0xd0 [ 19.466155] print_report+0x118/0x608 [ 19.466261] kasan_report+0xdc/0x128 [ 19.466310] __asan_report_load8_noabort+0x20/0x30 [ 19.466381] kasan_atomics_helper+0x3db0/0x4858 [ 19.466464] kasan_atomics+0x198/0x2e0 [ 19.466513] kunit_try_run_case+0x170/0x3f0 [ 19.466562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.466617] kthread+0x328/0x630 [ 19.466887] ret_from_fork+0x10/0x20 [ 19.467064] [ 19.467087] Allocated by task 265: [ 19.467151] kasan_save_stack+0x3c/0x68 [ 19.467212] kasan_save_track+0x20/0x40 [ 19.467261] kasan_save_alloc_info+0x40/0x58 [ 19.467572] __kasan_kmalloc+0xd4/0xd8 [ 19.467697] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.467804] kasan_atomics+0xb8/0x2e0 [ 19.468014] kunit_try_run_case+0x170/0x3f0 [ 19.468134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.468178] kthread+0x328/0x630 [ 19.468238] ret_from_fork+0x10/0x20 [ 19.468276] [ 19.468299] The buggy address belongs to the object at fff00000c7692100 [ 19.468299] which belongs to the cache kmalloc-64 of size 64 [ 19.468731] The buggy address is located 0 bytes to the right of [ 19.468731] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.468948] [ 19.468984] The buggy address belongs to the physical page: [ 19.469034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.469101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.469166] page_type: f5(slab) [ 19.469215] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.469279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.469342] page dumped because: kasan: bad access detected [ 19.469382] [ 19.469413] Memory state around the buggy address: [ 19.469456] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.469518] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.469563] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.469605] ^ [ 19.469641] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.469683] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.469739] ================================================================== [ 19.223062] ================================================================== [ 19.223179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.223234] Write of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.223286] [ 19.223328] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.223415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.223444] Hardware name: linux,dummy-virt (DT) [ 19.223515] Call trace: [ 19.223684] show_stack+0x20/0x38 (C) [ 19.223737] dump_stack_lvl+0x8c/0xd0 [ 19.223989] print_report+0x118/0x608 [ 19.224106] kasan_report+0xdc/0x128 [ 19.224237] kasan_check_range+0x100/0x1a8 [ 19.224287] __kasan_check_write+0x20/0x30 [ 19.224355] kasan_atomics_helper+0x99c/0x4858 [ 19.224406] kasan_atomics+0x198/0x2e0 [ 19.224653] kunit_try_run_case+0x170/0x3f0 [ 19.224831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.225085] kthread+0x328/0x630 [ 19.225215] ret_from_fork+0x10/0x20 [ 19.225293] [ 19.225314] Allocated by task 265: [ 19.225568] kasan_save_stack+0x3c/0x68 [ 19.225665] kasan_save_track+0x20/0x40 [ 19.225787] kasan_save_alloc_info+0x40/0x58 [ 19.225921] __kasan_kmalloc+0xd4/0xd8 [ 19.225974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.226014] kasan_atomics+0xb8/0x2e0 [ 19.226058] kunit_try_run_case+0x170/0x3f0 [ 19.226097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.226166] kthread+0x328/0x630 [ 19.226201] ret_from_fork+0x10/0x20 [ 19.226238] [ 19.226270] The buggy address belongs to the object at fff00000c7692100 [ 19.226270] which belongs to the cache kmalloc-64 of size 64 [ 19.226335] The buggy address is located 0 bytes to the right of [ 19.226335] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.226417] [ 19.226448] The buggy address belongs to the physical page: [ 19.226643] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.226786] [ 19.226947] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.227420] Write of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.228785] __kasan_check_write+0x20/0x30 [ 19.230021] [ 19.230110] Allocated by task 265: [ 19.230172] kasan_save_stack+0x3c/0x68 [ 19.230462] kasan_save_track+0x20/0x40 [ 19.230614] kasan_save_alloc_info+0x40/0x58 [ 19.230735] __kasan_kmalloc+0xd4/0xd8 [ 19.230916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.230979] kasan_atomics+0xb8/0x2e0 [ 19.231019] kunit_try_run_case+0x170/0x3f0 [ 19.231309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.231408] kthread+0x328/0x630 [ 19.231576] ret_from_fork+0x10/0x20 [ 19.231695] [ 19.231716] The buggy address belongs to the object at fff00000c7692100 [ 19.231716] which belongs to the cache kmalloc-64 of size 64 [ 19.231953] The buggy address is located 0 bytes to the right of [ 19.231953] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.232269] [ 19.232326] The buggy address belongs to the physical page: [ 19.232472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.232546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.232595] page_type: f5(slab) [ 19.232657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.232925] page dumped because: kasan: bad access detected [ 19.234871] ================================================================== [ 19.377836] ================================================================== [ 19.377945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.378000] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.378049] [ 19.378088] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.378343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.378765] Hardware name: linux,dummy-virt (DT) [ 19.378799] Call trace: [ 19.379262] show_stack+0x20/0x38 (C) [ 19.379431] dump_stack_lvl+0x8c/0xd0 [ 19.379485] print_report+0x118/0x608 [ 19.379532] kasan_report+0xdc/0x128 [ 19.379778] kasan_check_range+0x100/0x1a8 [ 19.379858] __kasan_check_write+0x20/0x30 [ 19.379929] kasan_atomics_helper+0x10c0/0x4858 [ 19.379980] kasan_atomics+0x198/0x2e0 [ 19.380412] kunit_try_run_case+0x170/0x3f0 [ 19.380835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.380962] kthread+0x328/0x630 [ 19.381005] ret_from_fork+0x10/0x20 [ 19.381057] [ 19.381688] Allocated by task 265: [ 19.381801] kasan_save_stack+0x3c/0x68 [ 19.382147] kasan_save_track+0x20/0x40 [ 19.382196] kasan_save_alloc_info+0x40/0x58 [ 19.382240] __kasan_kmalloc+0xd4/0xd8 [ 19.382278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.382328] kasan_atomics+0xb8/0x2e0 [ 19.382815] kunit_try_run_case+0x170/0x3f0 [ 19.382974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383428] kthread+0x328/0x630 [ 19.383498] ret_from_fork+0x10/0x20 [ 19.383810] [ 19.383837] The buggy address belongs to the object at fff00000c7692100 [ 19.383837] which belongs to the cache kmalloc-64 of size 64 [ 19.383941] The buggy address is located 0 bytes to the right of [ 19.383941] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.384028] [ 19.384413] The buggy address belongs to the physical page: [ 19.384453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.384509] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.384561] page_type: f5(slab) [ 19.384605] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.384986] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.385050] page dumped because: kasan: bad access detected [ 19.385188] [ 19.385281] Memory state around the buggy address: [ 19.385473] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.385542] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.385657] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.385698] ^ [ 19.386080] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386183] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386228] ================================================================== [ 19.208811] ================================================================== [ 19.208855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.209028] Read of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.209220] [ 19.209255] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.209405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.209454] Hardware name: linux,dummy-virt (DT) [ 19.209488] Call trace: [ 19.209556] show_stack+0x20/0x38 (C) [ 19.209653] dump_stack_lvl+0x8c/0xd0 [ 19.209740] print_report+0x118/0x608 [ 19.209791] kasan_report+0xdc/0x128 [ 19.209906] __asan_report_load4_noabort+0x20/0x30 [ 19.209989] kasan_atomics_helper+0x42d8/0x4858 [ 19.210039] kasan_atomics+0x198/0x2e0 [ 19.210092] kunit_try_run_case+0x170/0x3f0 [ 19.210433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.210551] kthread+0x328/0x630 [ 19.210677] ret_from_fork+0x10/0x20 [ 19.210755] [ 19.210802] Allocated by task 265: [ 19.210835] kasan_save_stack+0x3c/0x68 [ 19.210879] kasan_save_track+0x20/0x40 [ 19.210971] kasan_save_alloc_info+0x40/0x58 [ 19.211065] __kasan_kmalloc+0xd4/0xd8 [ 19.211107] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.211218] kasan_atomics+0xb8/0x2e0 [ 19.211260] kunit_try_run_case+0x170/0x3f0 [ 19.211306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211380] kthread+0x328/0x630 [ 19.211700] ret_from_fork+0x10/0x20 [ 19.211861] [ 19.212203] The buggy address is located 0 bytes to the right of [ 19.212203] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.212660] page_type: f5(slab) [ 19.214331] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.216052] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.216889] dump_stack_lvl+0x8c/0xd0 [ 19.216939] print_report+0x118/0x608 [ 19.217179] kasan_report+0xdc/0x128 [ 19.217284] kasan_check_range+0x100/0x1a8 [ 19.217334] __kasan_check_write+0x20/0x30 [ 19.217603] kasan_atomics_helper+0x934/0x4858 [ 19.217745] kasan_atomics+0x198/0x2e0 [ 19.217887] kunit_try_run_case+0x170/0x3f0 [ 19.218085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.218264] kthread+0x328/0x630 [ 19.218394] ret_from_fork+0x10/0x20 [ 19.218690] [ 19.218785] Allocated by task 265: [ 19.218821] kasan_save_stack+0x3c/0x68 [ 19.219138] kasan_save_track+0x20/0x40 [ 19.219274] kasan_save_alloc_info+0x40/0x58 [ 19.219421] __kasan_kmalloc+0xd4/0xd8 [ 19.219554] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.219617] kasan_atomics+0xb8/0x2e0 [ 19.219695] kunit_try_run_case+0x170/0x3f0 [ 19.220078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.220192] kthread+0x328/0x630 [ 19.220351] ret_from_fork+0x10/0x20 [ 19.220410] [ 19.220432] The buggy address belongs to the object at fff00000c7692100 [ 19.220432] which belongs to the cache kmalloc-64 of size 64 [ 19.220525] The buggy address is located 0 bytes to the right of [ 19.220525] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.220805] [ 19.220883] The buggy address belongs to the physical page: [ 19.221012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.221086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.221360] page_type: f5(slab) [ 19.221461] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.221633] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.221789] page dumped because: kasan: bad access detected [ 19.221842] [ 19.221863] Memory state around the buggy address: [ 19.221929] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.221976] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.222021] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.222062] ^ [ 19.222099] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.222165] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.222205] ================================================================== [ 19.422671] ================================================================== [ 19.422727] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.422777] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.422828] [ 19.422865] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.423761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.423971] Hardware name: linux,dummy-virt (DT) [ 19.424007] Call trace: [ 19.424034] show_stack+0x20/0x38 (C) [ 19.424089] dump_stack_lvl+0x8c/0xd0 [ 19.424156] print_report+0x118/0x608 [ 19.424203] kasan_report+0xdc/0x128 [ 19.424251] kasan_check_range+0x100/0x1a8 [ 19.424299] __kasan_check_write+0x20/0x30 [ 19.424346] kasan_atomics_helper+0x126c/0x4858 [ 19.424394] kasan_atomics+0x198/0x2e0 [ 19.424441] kunit_try_run_case+0x170/0x3f0 [ 19.424490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.424544] kthread+0x328/0x630 [ 19.424586] ret_from_fork+0x10/0x20 [ 19.424635] [ 19.424656] Allocated by task 265: [ 19.424685] kasan_save_stack+0x3c/0x68 [ 19.424729] kasan_save_track+0x20/0x40 [ 19.424767] kasan_save_alloc_info+0x40/0x58 [ 19.424809] __kasan_kmalloc+0xd4/0xd8 [ 19.424847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.424889] kasan_atomics+0xb8/0x2e0 [ 19.424926] kunit_try_run_case+0x170/0x3f0 [ 19.424966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.425010] kthread+0x328/0x630 [ 19.425045] ret_from_fork+0x10/0x20 [ 19.425082] [ 19.425104] The buggy address belongs to the object at fff00000c7692100 [ 19.425104] which belongs to the cache kmalloc-64 of size 64 [ 19.425172] The buggy address is located 0 bytes to the right of [ 19.425172] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.425238] [ 19.425261] The buggy address belongs to the physical page: [ 19.425293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.425347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.425395] page_type: f5(slab) [ 19.425434] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.425487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.425534] page dumped because: kasan: bad access detected [ 19.425567] [ 19.425588] Memory state around the buggy address: [ 19.425622] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.425667] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.425711] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.425752] ^ [ 19.425787] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.425830] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.425869] ================================================================== [ 19.397135] ================================================================== [ 19.397190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.397239] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.399049] [ 19.399104] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.400071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.400190] Hardware name: linux,dummy-virt (DT) [ 19.400255] Call trace: [ 19.400281] show_stack+0x20/0x38 (C) [ 19.400701] dump_stack_lvl+0x8c/0xd0 [ 19.400800] print_report+0x118/0x608 [ 19.401039] kasan_report+0xdc/0x128 [ 19.401089] kasan_check_range+0x100/0x1a8 [ 19.401565] __kasan_check_write+0x20/0x30 [ 19.401690] kasan_atomics_helper+0x1190/0x4858 [ 19.402016] kasan_atomics+0x198/0x2e0 [ 19.402067] kunit_try_run_case+0x170/0x3f0 [ 19.402129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.402185] kthread+0x328/0x630 [ 19.402982] ret_from_fork+0x10/0x20 [ 19.403187] [ 19.403593] Allocated by task 265: [ 19.403663] kasan_save_stack+0x3c/0x68 [ 19.403893] kasan_save_track+0x20/0x40 [ 19.403946] kasan_save_alloc_info+0x40/0x58 [ 19.403988] __kasan_kmalloc+0xd4/0xd8 [ 19.404036] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.404078] kasan_atomics+0xb8/0x2e0 [ 19.404125] kunit_try_run_case+0x170/0x3f0 [ 19.404767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404828] kthread+0x328/0x630 [ 19.405080] ret_from_fork+0x10/0x20 [ 19.405494] [ 19.405529] The buggy address belongs to the object at fff00000c7692100 [ 19.405529] which belongs to the cache kmalloc-64 of size 64 [ 19.405942] The buggy address is located 0 bytes to the right of [ 19.405942] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.406241] [ 19.406562] The buggy address belongs to the physical page: [ 19.406666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.406737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.406789] page_type: f5(slab) [ 19.406829] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.407675] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.407738] page dumped because: kasan: bad access detected [ 19.407806] [ 19.407827] Memory state around the buggy address: [ 19.408041] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.408176] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.408239] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.408282] ^ [ 19.408409] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.408596] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.408862] ================================================================== [ 19.430129] ================================================================== [ 19.430184] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.430833] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.430896] [ 19.430930] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.431013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.431040] Hardware name: linux,dummy-virt (DT) [ 19.431072] Call trace: [ 19.431097] show_stack+0x20/0x38 (C) [ 19.431160] dump_stack_lvl+0x8c/0xd0 [ 19.431209] print_report+0x118/0x608 [ 19.431256] kasan_report+0xdc/0x128 [ 19.431481] kasan_check_range+0x100/0x1a8 [ 19.431556] __kasan_check_write+0x20/0x30 [ 19.431621] kasan_atomics_helper+0x1384/0x4858 [ 19.431815] kasan_atomics+0x198/0x2e0 [ 19.432003] kunit_try_run_case+0x170/0x3f0 [ 19.432179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.432419] kthread+0x328/0x630 [ 19.432506] ret_from_fork+0x10/0x20 [ 19.432649] [ 19.432681] Allocated by task 265: [ 19.432750] kasan_save_stack+0x3c/0x68 [ 19.432814] kasan_save_track+0x20/0x40 [ 19.432853] kasan_save_alloc_info+0x40/0x58 [ 19.433068] __kasan_kmalloc+0xd4/0xd8 [ 19.433109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.433166] kasan_atomics+0xb8/0x2e0 [ 19.433203] kunit_try_run_case+0x170/0x3f0 [ 19.433469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.433561] kthread+0x328/0x630 [ 19.433617] ret_from_fork+0x10/0x20 [ 19.433655] [ 19.433756] The buggy address belongs to the object at fff00000c7692100 [ 19.433756] which belongs to the cache kmalloc-64 of size 64 [ 19.433853] The buggy address is located 0 bytes to the right of [ 19.433853] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.433918] [ 19.433940] The buggy address belongs to the physical page: [ 19.434050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.434110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.434171] page_type: f5(slab) [ 19.434512] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.435961] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.436005] page dumped because: kasan: bad access detected [ 19.436039] [ 19.436061] Memory state around the buggy address: [ 19.436096] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.436153] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.436199] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.436239] ^ [ 19.436273] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.436317] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.436355] ================================================================== [ 19.481900] ================================================================== [ 19.481970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.482036] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.482335] [ 19.482394] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.482480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.482588] Hardware name: linux,dummy-virt (DT) [ 19.482623] Call trace: [ 19.482739] show_stack+0x20/0x38 (C) [ 19.482825] dump_stack_lvl+0x8c/0xd0 [ 19.482876] print_report+0x118/0x608 [ 19.482934] kasan_report+0xdc/0x128 [ 19.482981] kasan_check_range+0x100/0x1a8 [ 19.483031] __kasan_check_write+0x20/0x30 [ 19.483076] kasan_atomics_helper+0x16d0/0x4858 [ 19.483135] kasan_atomics+0x198/0x2e0 [ 19.483181] kunit_try_run_case+0x170/0x3f0 [ 19.483231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.483402] kthread+0x328/0x630 [ 19.483479] ret_from_fork+0x10/0x20 [ 19.483589] [ 19.483656] Allocated by task 265: [ 19.483733] kasan_save_stack+0x3c/0x68 [ 19.483777] kasan_save_track+0x20/0x40 [ 19.483818] kasan_save_alloc_info+0x40/0x58 [ 19.484089] __kasan_kmalloc+0xd4/0xd8 [ 19.484295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.484469] kasan_atomics+0xb8/0x2e0 [ 19.484611] kunit_try_run_case+0x170/0x3f0 [ 19.484704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.484803] kthread+0x328/0x630 [ 19.484856] ret_from_fork+0x10/0x20 [ 19.484895] [ 19.484916] The buggy address belongs to the object at fff00000c7692100 [ 19.484916] which belongs to the cache kmalloc-64 of size 64 [ 19.484978] The buggy address is located 0 bytes to the right of [ 19.484978] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.485377] [ 19.485559] The buggy address belongs to the physical page: [ 19.485729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.486215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.486278] page_type: f5(slab) [ 19.486319] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.486706] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.486757] page dumped because: kasan: bad access detected [ 19.486792] [ 19.486818] Memory state around the buggy address: [ 19.486862] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.486923] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.486968] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.487010] ^ [ 19.487046] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.487098] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.487147] ================================================================== [ 19.487936] ================================================================== [ 19.487989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.488426] Read of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.488509] [ 19.488580] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.488866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.488975] Hardware name: linux,dummy-virt (DT) [ 19.489068] Call trace: [ 19.489156] show_stack+0x20/0x38 (C) [ 19.489262] dump_stack_lvl+0x8c/0xd0 [ 19.489315] print_report+0x118/0x608 [ 19.489371] kasan_report+0xdc/0x128 [ 19.489445] __asan_report_load8_noabort+0x20/0x30 [ 19.489564] kasan_atomics_helper+0x3e10/0x4858 [ 19.489615] kasan_atomics+0x198/0x2e0 [ 19.489687] kunit_try_run_case+0x170/0x3f0 [ 19.489738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.490173] kthread+0x328/0x630 [ 19.490248] ret_from_fork+0x10/0x20 [ 19.490405] [ 19.490451] Allocated by task 265: [ 19.490667] kasan_save_stack+0x3c/0x68 [ 19.490722] kasan_save_track+0x20/0x40 [ 19.490809] kasan_save_alloc_info+0x40/0x58 [ 19.490853] __kasan_kmalloc+0xd4/0xd8 [ 19.490964] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.491007] kasan_atomics+0xb8/0x2e0 [ 19.491044] kunit_try_run_case+0x170/0x3f0 [ 19.491090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.491204] kthread+0x328/0x630 [ 19.491239] ret_from_fork+0x10/0x20 [ 19.491276] [ 19.491332] The buggy address belongs to the object at fff00000c7692100 [ 19.491332] which belongs to the cache kmalloc-64 of size 64 [ 19.491395] The buggy address is located 0 bytes to the right of [ 19.491395] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.491738] [ 19.491811] The buggy address belongs to the physical page: [ 19.491854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.491945] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.492273] page_type: f5(slab) [ 19.492368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.492432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.492477] page dumped because: kasan: bad access detected [ 19.492511] [ 19.492530] Memory state around the buggy address: [ 19.492563] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.492609] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.492654] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.492694] ^ [ 19.492730] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.492776] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.492815] ================================================================== [ 19.199531] ================================================================== [ 19.199940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 19.200015] Write of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.200068] [ 19.200102] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.200203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.200232] Hardware name: linux,dummy-virt (DT) [ 19.200265] Call trace: [ 19.200291] show_stack+0x20/0x38 (C) [ 19.200572] dump_stack_lvl+0x8c/0xd0 [ 19.200784] print_report+0x118/0x608 [ 19.200846] kasan_report+0xdc/0x128 [ 19.200971] kasan_check_range+0x100/0x1a8 [ 19.201091] __kasan_check_write+0x20/0x30 [ 19.201173] kasan_atomics_helper+0x7cc/0x4858 [ 19.201263] kasan_atomics+0x198/0x2e0 [ 19.201408] kunit_try_run_case+0x170/0x3f0 [ 19.201458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.201752] kthread+0x328/0x630 [ 19.201817] ret_from_fork+0x10/0x20 [ 19.201867] [ 19.201889] Allocated by task 265: [ 19.202288] kasan_save_alloc_info+0x40/0x58 [ 19.202988] [ 19.203011] The buggy address belongs to the physical page: [ 19.203204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.203422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.204068] Memory state around the buggy address: [ 19.204226] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.205309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 19.206184] kunit_try_run_case+0x170/0x3f0 [ 19.206497] kasan_save_track+0x20/0x40 [ 19.207004] [ 19.207027] The buggy address belongs to the physical page: [ 19.207058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.207405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.207458] page_type: f5(slab) [ 19.207497] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.207578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.207781] page dumped because: kasan: bad access detected [ 19.207818] [ 19.207838] Memory state around the buggy address: [ 19.207872] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.207917] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.208084] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.208352] ^ [ 19.208388] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.208456] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.208608] ================================================================== [ 19.494072] ================================================================== [ 19.494361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.494424] Write of size 8 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.494475] [ 19.494507] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.494591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.494621] Hardware name: linux,dummy-virt (DT) [ 19.494652] Call trace: [ 19.494690] show_stack+0x20/0x38 (C) [ 19.494741] dump_stack_lvl+0x8c/0xd0 [ 19.494790] print_report+0x118/0x608 [ 19.494838] kasan_report+0xdc/0x128 [ 19.494885] kasan_check_range+0x100/0x1a8 [ 19.494934] __kasan_check_write+0x20/0x30 [ 19.494987] kasan_atomics_helper+0x175c/0x4858 [ 19.495148] kasan_atomics+0x198/0x2e0 [ 19.495196] kunit_try_run_case+0x170/0x3f0 [ 19.495824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.496276] kthread+0x328/0x630 [ 19.496335] ret_from_fork+0x10/0x20 [ 19.496387] [ 19.496407] Allocated by task 265: [ 19.496438] kasan_save_stack+0x3c/0x68 [ 19.496483] kasan_save_track+0x20/0x40 [ 19.496522] kasan_save_alloc_info+0x40/0x58 [ 19.496564] __kasan_kmalloc+0xd4/0xd8 [ 19.496601] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.496643] kasan_atomics+0xb8/0x2e0 [ 19.496680] kunit_try_run_case+0x170/0x3f0 [ 19.496722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.496770] kthread+0x328/0x630 [ 19.496804] ret_from_fork+0x10/0x20 [ 19.496841] [ 19.496876] The buggy address belongs to the object at fff00000c7692100 [ 19.496876] which belongs to the cache kmalloc-64 of size 64 [ 19.496937] The buggy address is located 0 bytes to the right of [ 19.496937] allocated 48-byte region [fff00000c7692100, fff00000c7692130) [ 19.497720] [ 19.497746] The buggy address belongs to the physical page: [ 19.497789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107692 [ 19.498313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.498756] page_type: f5(slab) [ 19.498812] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.498865] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.499379] page dumped because: kasan: bad access detected [ 19.499472] [ 19.499492] Memory state around the buggy address: [ 19.499562] fff00000c7692000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.499609] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.499706] >fff00000c7692100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.500068] ^ [ 19.500111] fff00000c7692180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.500900] fff00000c7692200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.500995] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.040655] ================================================================== [ 19.040708] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 19.041403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.041834] show_stack+0x20/0x38 (C) [ 19.043463] Allocated by task 261: [ 19.044165] kunit_try_run_case+0x170/0x3f0 [ 19.044631] The buggy address belongs to the physical page: [ 19.044744] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.044797] page_type: f5(slab) [ 19.044901] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.044978] [ 19.044997] Memory state around the buggy address: [ 19.045991] ^ [ 19.065560] ok 64 kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 19.069391] Read of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.071211] kthread+0x328/0x630 [ 19.071798] __kasan_kmalloc+0xd4/0xd8 [ 19.073022] kthread+0x328/0x630 [ 19.073956] [ 19.073983] The buggy address belongs to the physical page: [ 19.074816] page_type: f5(slab) [ 19.074926] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.075674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.075757] page dumped because: kasan: bad access detected [ 19.075881] [ 19.075906] Memory state around the buggy address: [ 19.075990] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.076137] ^ [ 19.076274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.887407] ================================================================== [ 18.887538] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.887655] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.887787] [ 18.887830] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.887919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.888281] Hardware name: linux,dummy-virt (DT) [ 18.888352] Call trace: [ 18.888665] show_stack+0x20/0x38 (C) [ 18.888788] dump_stack_lvl+0x8c/0xd0 [ 18.888876] print_report+0x118/0x608 [ 18.889062] kasan_report+0xdc/0x128 [ 18.889132] kasan_check_range+0x100/0x1a8 [ 18.889186] __kasan_check_write+0x20/0x30 [ 18.889581] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.889924] kasan_bitops_generic+0x110/0x1c8 [ 18.890086] kunit_try_run_case+0x170/0x3f0 [ 18.890436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.890607] kthread+0x328/0x630 [ 18.890819] ret_from_fork+0x10/0x20 [ 18.891086] [ 18.891157] Allocated by task 261: [ 18.891222] kasan_save_stack+0x3c/0x68 [ 18.891309] kasan_save_track+0x20/0x40 [ 18.891512] kasan_save_alloc_info+0x40/0x58 [ 18.891753] __kasan_kmalloc+0xd4/0xd8 [ 18.891963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.892032] kasan_bitops_generic+0xa0/0x1c8 [ 18.892073] kunit_try_run_case+0x170/0x3f0 [ 18.892126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.892173] kthread+0x328/0x630 [ 18.892430] ret_from_fork+0x10/0x20 [ 18.892567] [ 18.892592] The buggy address belongs to the object at fff00000c4352f40 [ 18.892592] which belongs to the cache kmalloc-16 of size 16 [ 18.892919] The buggy address is located 8 bytes inside of [ 18.892919] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.893154] [ 18.893348] The buggy address belongs to the physical page: [ 18.893442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104352 [ 18.893767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.894175] page_type: f5(slab) [ 18.894290] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.894480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.894579] page dumped because: kasan: bad access detected [ 18.894615] [ 18.894702] Memory state around the buggy address: [ 18.895096] fff00000c4352e00: 00 03 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.895216] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.895264] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.895305] ^ [ 18.895374] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.895421] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.895464] ================================================================== [ 18.905141] ================================================================== [ 18.905370] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.905438] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.905491] [ 18.905532] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.906834] __kasan_check_write+0x20/0x30 [ 18.909682] The buggy address is located 8 bytes inside of [ 18.909682] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.912334] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.914691] Call trace: [ 18.916060] kasan_bitops_generic+0x110/0x1c8 [ 18.918424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.918913] ^ [ 18.920561] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.922556] kasan_check_range+0x100/0x1a8 [ 18.923504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.926244] The buggy address is located 8 bytes inside of [ 18.926244] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.928041] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.930491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.931484] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 18.934336] The buggy address belongs to the object at fff00000c4352f40 [ 18.934336] which belongs to the cache kmalloc-16 of size 16 [ 18.936622] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.938430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.942013] kasan_save_stack+0x3c/0x68 [ 18.943417] [ 18.943554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.945133] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.947392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 18.948556] print_report+0x118/0x608 [ 18.949503] kasan_bitops_generic+0x110/0x1c8 [ 18.953455] The buggy address is located 8 bytes inside of [ 18.953455] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.955219] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.955265] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.955304] ^ [ 18.955428] ================================================================== [ 18.897486] ================================================================== [ 18.897984] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.898086] Read of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.898422] [ 18.898595] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.898692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.898874] Hardware name: linux,dummy-virt (DT) [ 18.898969] Call trace: [ 18.898994] show_stack+0x20/0x38 (C) [ 18.899151] dump_stack_lvl+0x8c/0xd0 [ 18.899342] print_report+0x118/0x608 [ 18.899408] kasan_report+0xdc/0x128 [ 18.899574] __asan_report_load8_noabort+0x20/0x30 [ 18.899761] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.900061] kasan_bitops_generic+0x110/0x1c8 [ 18.900238] kunit_try_run_case+0x170/0x3f0 [ 18.900392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.900815] kthread+0x328/0x630 [ 18.900896] ret_from_fork+0x10/0x20 [ 18.901207] [ 18.901279] Allocated by task 261: [ 18.901319] kasan_save_stack+0x3c/0x68 [ 18.901544] kasan_save_track+0x20/0x40 [ 18.901787] kasan_save_alloc_info+0x40/0x58 [ 18.901916] __kasan_kmalloc+0xd4/0xd8 [ 18.902035] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.902077] kasan_bitops_generic+0xa0/0x1c8 [ 18.902127] kunit_try_run_case+0x170/0x3f0 [ 18.902169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.902222] kthread+0x328/0x630 [ 18.902259] ret_from_fork+0x10/0x20 [ 18.902297] [ 18.902319] The buggy address belongs to the object at fff00000c4352f40 [ 18.902319] which belongs to the cache kmalloc-16 of size 16 [ 18.902391] The buggy address is located 8 bytes inside of [ 18.902391] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.902454] [ 18.902484] The buggy address belongs to the physical page: [ 18.902535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104352 [ 18.902610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.902662] page_type: f5(slab) [ 18.902702] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.902754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.902796] page dumped because: kasan: bad access detected [ 18.902839] [ 18.902869] Memory state around the buggy address: [ 18.902903] fff00000c4352e00: 00 03 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.902960] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.903013] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.903064] ^ [ 18.903111] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.903165] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.903220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.864053] ================================================================== [ 18.864129] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.864178] Read of size 1 at addr fff00000c6460590 by task kunit_try_catch/259 [ 18.864547] [ 18.864638] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.865100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.865180] Hardware name: linux,dummy-virt (DT) [ 18.865319] Call trace: [ 18.865367] show_stack+0x20/0x38 (C) [ 18.865421] dump_stack_lvl+0x8c/0xd0 [ 18.865555] print_report+0x118/0x608 [ 18.865629] kasan_report+0xdc/0x128 [ 18.865983] __asan_report_load1_noabort+0x20/0x30 [ 18.866059] strnlen+0x80/0x88 [ 18.866123] kasan_strings+0x478/0xb00 [ 18.866168] kunit_try_run_case+0x170/0x3f0 [ 18.866625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.866705] kthread+0x328/0x630 [ 18.866796] ret_from_fork+0x10/0x20 [ 18.866850] [ 18.866908] Allocated by task 259: [ 18.866978] kasan_save_stack+0x3c/0x68 [ 18.867072] kasan_save_track+0x20/0x40 [ 18.867312] kasan_save_alloc_info+0x40/0x58 [ 18.867485] __kasan_kmalloc+0xd4/0xd8 [ 18.867602] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.867663] kasan_strings+0xc8/0xb00 [ 18.867752] kunit_try_run_case+0x170/0x3f0 [ 18.868105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.868292] kthread+0x328/0x630 [ 18.868478] ret_from_fork+0x10/0x20 [ 18.868561] [ 18.868585] Freed by task 259: [ 18.868933] kasan_save_stack+0x3c/0x68 [ 18.869171] kasan_save_track+0x20/0x40 [ 18.869321] kasan_save_free_info+0x4c/0x78 [ 18.869424] __kasan_slab_free+0x6c/0x98 [ 18.869847] kfree+0x214/0x3c8 [ 18.870010] kasan_strings+0x24c/0xb00 [ 18.870158] kunit_try_run_case+0x170/0x3f0 [ 18.870268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.870344] kthread+0x328/0x630 [ 18.870379] ret_from_fork+0x10/0x20 [ 18.870538] [ 18.870732] The buggy address belongs to the object at fff00000c6460580 [ 18.870732] which belongs to the cache kmalloc-32 of size 32 [ 18.870894] The buggy address is located 16 bytes inside of [ 18.870894] freed 32-byte region [fff00000c6460580, fff00000c64605a0) [ 18.871095] [ 18.871150] The buggy address belongs to the physical page: [ 18.871565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 18.871649] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.871812] page_type: f5(slab) [ 18.872019] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.872190] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.872277] page dumped because: kasan: bad access detected [ 18.872332] [ 18.872352] Memory state around the buggy address: [ 18.872388] fff00000c6460480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.872801] fff00000c6460500: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.873003] >fff00000c6460580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.873136] ^ [ 18.873182] fff00000c6460600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.873399] fff00000c6460680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.873690] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.858786] ================================================================== [ 18.858846] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.858901] Read of size 1 at addr fff00000c6460590 by task kunit_try_catch/259 [ 18.858992] [ 18.859039] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.859148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.859179] Hardware name: linux,dummy-virt (DT) [ 18.859213] Call trace: [ 18.859248] show_stack+0x20/0x38 (C) [ 18.859302] dump_stack_lvl+0x8c/0xd0 [ 18.859352] print_report+0x118/0x608 [ 18.859402] kasan_report+0xdc/0x128 [ 18.859452] __asan_report_load1_noabort+0x20/0x30 [ 18.859509] strlen+0xa8/0xb0 [ 18.859553] kasan_strings+0x418/0xb00 [ 18.859600] kunit_try_run_case+0x170/0x3f0 [ 18.859657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.859711] kthread+0x328/0x630 [ 18.859766] ret_from_fork+0x10/0x20 [ 18.859817] [ 18.859838] Allocated by task 259: [ 18.859868] kasan_save_stack+0x3c/0x68 [ 18.859909] kasan_save_track+0x20/0x40 [ 18.859949] kasan_save_alloc_info+0x40/0x58 [ 18.860000] __kasan_kmalloc+0xd4/0xd8 [ 18.860047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.860087] kasan_strings+0xc8/0xb00 [ 18.860142] kunit_try_run_case+0x170/0x3f0 [ 18.860181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.860227] kthread+0x328/0x630 [ 18.860262] ret_from_fork+0x10/0x20 [ 18.860300] [ 18.860320] Freed by task 259: [ 18.860357] kasan_save_stack+0x3c/0x68 [ 18.860405] kasan_save_track+0x20/0x40 [ 18.860450] kasan_save_free_info+0x4c/0x78 [ 18.860491] __kasan_slab_free+0x6c/0x98 [ 18.860530] kfree+0x214/0x3c8 [ 18.860565] kasan_strings+0x24c/0xb00 [ 18.860603] kunit_try_run_case+0x170/0x3f0 [ 18.860641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.860686] kthread+0x328/0x630 [ 18.860719] ret_from_fork+0x10/0x20 [ 18.860757] [ 18.860778] The buggy address belongs to the object at fff00000c6460580 [ 18.860778] which belongs to the cache kmalloc-32 of size 32 [ 18.860837] The buggy address is located 16 bytes inside of [ 18.860837] freed 32-byte region [fff00000c6460580, fff00000c64605a0) [ 18.860909] [ 18.860936] The buggy address belongs to the physical page: [ 18.860970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 18.861026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.861080] page_type: f5(slab) [ 18.861599] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.862082] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.862182] page dumped because: kasan: bad access detected [ 18.862218] [ 18.862270] Memory state around the buggy address: [ 18.862344] fff00000c6460480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.862415] fff00000c6460500: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.862484] >fff00000c6460580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.862641] ^ [ 18.862789] fff00000c6460600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.863192] fff00000c6460680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.863276] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.848809] ================================================================== [ 18.848868] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.848921] Read of size 1 at addr fff00000c6460590 by task kunit_try_catch/259 [ 18.848971] [ 18.849007] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.849092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.849135] Hardware name: linux,dummy-virt (DT) [ 18.850162] Call trace: [ 18.850193] show_stack+0x20/0x38 (C) [ 18.850259] dump_stack_lvl+0x8c/0xd0 [ 18.850312] print_report+0x118/0x608 [ 18.850371] kasan_report+0xdc/0x128 [ 18.850419] __asan_report_load1_noabort+0x20/0x30 [ 18.850473] kasan_strings+0x95c/0xb00 [ 18.850517] kunit_try_run_case+0x170/0x3f0 [ 18.850568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850622] kthread+0x328/0x630 [ 18.850667] ret_from_fork+0x10/0x20 [ 18.850717] [ 18.850740] Allocated by task 259: [ 18.850769] kasan_save_stack+0x3c/0x68 [ 18.851176] kasan_save_track+0x20/0x40 [ 18.851219] kasan_save_alloc_info+0x40/0x58 [ 18.851262] __kasan_kmalloc+0xd4/0xd8 [ 18.851300] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.851343] kasan_strings+0xc8/0xb00 [ 18.851381] kunit_try_run_case+0x170/0x3f0 [ 18.851425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.851470] kthread+0x328/0x630 [ 18.851506] ret_from_fork+0x10/0x20 [ 18.851544] [ 18.851564] Freed by task 259: [ 18.851594] kasan_save_stack+0x3c/0x68 [ 18.851633] kasan_save_track+0x20/0x40 [ 18.852413] kasan_save_free_info+0x4c/0x78 [ 18.852479] __kasan_slab_free+0x6c/0x98 [ 18.852690] kfree+0x214/0x3c8 [ 18.853012] kasan_strings+0x24c/0xb00 [ 18.853179] kunit_try_run_case+0x170/0x3f0 [ 18.853277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.853479] kthread+0x328/0x630 [ 18.853882] ret_from_fork+0x10/0x20 [ 18.853958] [ 18.854105] The buggy address belongs to the object at fff00000c6460580 [ 18.854105] which belongs to the cache kmalloc-32 of size 32 [ 18.854292] The buggy address is located 16 bytes inside of [ 18.854292] freed 32-byte region [fff00000c6460580, fff00000c64605a0) [ 18.854392] [ 18.854474] The buggy address belongs to the physical page: [ 18.854652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 18.854911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.855820] page_type: f5(slab) [ 18.855913] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.855986] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.856065] page dumped because: kasan: bad access detected [ 18.856109] [ 18.856151] Memory state around the buggy address: [ 18.856203] fff00000c6460480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.856252] fff00000c6460500: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.856460] >fff00000c6460580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.856785] ^ [ 18.857079] fff00000c6460600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.857310] fff00000c6460680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.857458] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.839311] ================================================================== [ 18.839436] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.839652] Read of size 1 at addr fff00000c6460590 by task kunit_try_catch/259 [ 18.839725] [ 18.840236] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.840353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.840383] Hardware name: linux,dummy-virt (DT) [ 18.840418] Call trace: [ 18.840448] show_stack+0x20/0x38 (C) [ 18.840505] dump_stack_lvl+0x8c/0xd0 [ 18.840555] print_report+0x118/0x608 [ 18.840605] kasan_report+0xdc/0x128 [ 18.840652] __asan_report_load1_noabort+0x20/0x30 [ 18.840705] strcmp+0xc0/0xc8 [ 18.840748] kasan_strings+0x340/0xb00 [ 18.840795] kunit_try_run_case+0x170/0x3f0 [ 18.840847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.840903] kthread+0x328/0x630 [ 18.840946] ret_from_fork+0x10/0x20 [ 18.840997] [ 18.841019] Allocated by task 259: [ 18.841050] kasan_save_stack+0x3c/0x68 [ 18.841095] kasan_save_track+0x20/0x40 [ 18.841148] kasan_save_alloc_info+0x40/0x58 [ 18.841191] __kasan_kmalloc+0xd4/0xd8 [ 18.841230] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.841272] kasan_strings+0xc8/0xb00 [ 18.841310] kunit_try_run_case+0x170/0x3f0 [ 18.841351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.841395] kthread+0x328/0x630 [ 18.841429] ret_from_fork+0x10/0x20 [ 18.841467] [ 18.841488] Freed by task 259: [ 18.841519] kasan_save_stack+0x3c/0x68 [ 18.841559] kasan_save_track+0x20/0x40 [ 18.841599] kasan_save_free_info+0x4c/0x78 [ 18.841641] __kasan_slab_free+0x6c/0x98 [ 18.841681] kfree+0x214/0x3c8 [ 18.841715] kasan_strings+0x24c/0xb00 [ 18.841753] kunit_try_run_case+0x170/0x3f0 [ 18.841791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.841837] kthread+0x328/0x630 [ 18.841872] ret_from_fork+0x10/0x20 [ 18.841910] [ 18.841932] The buggy address belongs to the object at fff00000c6460580 [ 18.841932] which belongs to the cache kmalloc-32 of size 32 [ 18.841992] The buggy address is located 16 bytes inside of [ 18.841992] freed 32-byte region [fff00000c6460580, fff00000c64605a0) [ 18.842057] [ 18.842081] The buggy address belongs to the physical page: [ 18.844964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 18.845032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.845296] page_type: f5(slab) [ 18.845342] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.845393] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.845436] page dumped because: kasan: bad access detected [ 18.845470] [ 18.845490] Memory state around the buggy address: [ 18.845533] fff00000c6460480: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.845578] fff00000c6460500: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.845623] >fff00000c6460580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.845664] ^ [ 18.845696] fff00000c6460600: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.845739] fff00000c6460680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.845781] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.815533] ================================================================== [ 18.815601] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.815705] Read of size 1 at addr fff00000c64603d8 by task kunit_try_catch/257 [ 18.815862] [ 18.815909] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.815997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.816345] Hardware name: linux,dummy-virt (DT) [ 18.816464] Call trace: [ 18.816497] show_stack+0x20/0x38 (C) [ 18.816720] dump_stack_lvl+0x8c/0xd0 [ 18.816877] print_report+0x118/0x608 [ 18.817028] kasan_report+0xdc/0x128 [ 18.817212] __asan_report_load1_noabort+0x20/0x30 [ 18.817335] memcmp+0x198/0x1d8 [ 18.817695] kasan_memcmp+0x16c/0x300 [ 18.817889] kunit_try_run_case+0x170/0x3f0 [ 18.817969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818130] kthread+0x328/0x630 [ 18.818237] ret_from_fork+0x10/0x20 [ 18.818491] [ 18.818982] Allocated by task 257: [ 18.819089] kasan_save_stack+0x3c/0x68 [ 18.819256] kasan_save_track+0x20/0x40 [ 18.819341] kasan_save_alloc_info+0x40/0x58 [ 18.819388] __kasan_kmalloc+0xd4/0xd8 [ 18.820012] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.820084] kasan_memcmp+0xbc/0x300 [ 18.820136] kunit_try_run_case+0x170/0x3f0 [ 18.820176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.820787] kthread+0x328/0x630 [ 18.820871] ret_from_fork+0x10/0x20 [ 18.821008] [ 18.821086] The buggy address belongs to the object at fff00000c64603c0 [ 18.821086] which belongs to the cache kmalloc-32 of size 32 [ 18.821301] The buggy address is located 0 bytes to the right of [ 18.821301] allocated 24-byte region [fff00000c64603c0, fff00000c64603d8) [ 18.821378] [ 18.821424] The buggy address belongs to the physical page: [ 18.821461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 18.821535] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.821603] page_type: f5(slab) [ 18.821648] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.821701] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.821744] page dumped because: kasan: bad access detected [ 18.821780] [ 18.821799] Memory state around the buggy address: [ 18.821834] fff00000c6460280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.821889] fff00000c6460300: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.821934] >fff00000c6460380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.821982] ^ [ 18.822024] fff00000c6460400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.822068] fff00000c6460480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.822241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.787626] ================================================================== [ 18.788036] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.788126] Read of size 1 at addr ffff800080a17b4a by task kunit_try_catch/253 [ 18.788183] [ 18.788222] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.788670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.788761] Hardware name: linux,dummy-virt (DT) [ 18.788934] Call trace: [ 18.789024] show_stack+0x20/0x38 (C) [ 18.789085] dump_stack_lvl+0x8c/0xd0 [ 18.789151] print_report+0x310/0x608 [ 18.789207] kasan_report+0xdc/0x128 [ 18.789371] __asan_report_load1_noabort+0x20/0x30 [ 18.789462] kasan_alloca_oob_right+0x2dc/0x340 [ 18.789528] kunit_try_run_case+0x170/0x3f0 [ 18.789579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.789634] kthread+0x328/0x630 [ 18.789696] ret_from_fork+0x10/0x20 [ 18.789748] [ 18.789783] The buggy address belongs to stack of task kunit_try_catch/253 [ 18.789838] [ 18.789878] The buggy address belongs to the virtual mapping at [ 18.789878] [ffff800080a10000, ffff800080a19000) created by: [ 18.789878] kernel_clone+0x150/0x7a8 [ 18.789964] [ 18.789995] The buggy address belongs to the physical page: [ 18.790028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ce9 [ 18.790094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.790534] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.790599] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.791104] page dumped because: kasan: bad access detected [ 18.791541] [ 18.791623] Memory state around the buggy address: [ 18.791837] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.791915] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.791961] >ffff800080a17b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.792003] ^ [ 18.792040] ffff800080a17b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.792445] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.792593] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.769856] ================================================================== [ 18.769995] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.770064] Read of size 1 at addr ffff800080a17b5f by task kunit_try_catch/251 [ 18.770408] [ 18.770548] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.770795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.770864] Hardware name: linux,dummy-virt (DT) [ 18.770902] Call trace: [ 18.771196] show_stack+0x20/0x38 (C) [ 18.771283] dump_stack_lvl+0x8c/0xd0 [ 18.771335] print_report+0x310/0x608 [ 18.771529] kasan_report+0xdc/0x128 [ 18.771592] __asan_report_load1_noabort+0x20/0x30 [ 18.771661] kasan_alloca_oob_left+0x2b8/0x310 [ 18.771825] kunit_try_run_case+0x170/0x3f0 [ 18.771877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.772199] kthread+0x328/0x630 [ 18.772335] ret_from_fork+0x10/0x20 [ 18.772556] [ 18.772583] The buggy address belongs to stack of task kunit_try_catch/251 [ 18.772711] [ 18.772815] The buggy address belongs to the virtual mapping at [ 18.772815] [ffff800080a10000, ffff800080a19000) created by: [ 18.772815] kernel_clone+0x150/0x7a8 [ 18.773199] [ 18.773253] The buggy address belongs to the physical page: [ 18.773365] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ce9 [ 18.773575] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.773707] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.774181] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.774257] page dumped because: kasan: bad access detected [ 18.774319] [ 18.774426] Memory state around the buggy address: [ 18.774474] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.774523] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.774614] >ffff800080a17b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.774677] ^ [ 18.774723] ffff800080a17b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.774770] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.774827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.747070] ================================================================== [ 18.747696] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.747786] Read of size 1 at addr ffff800080a17c2a by task kunit_try_catch/249 [ 18.748039] [ 18.748084] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.748526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.748689] Hardware name: linux,dummy-virt (DT) [ 18.748785] Call trace: [ 18.748820] show_stack+0x20/0x38 (C) [ 18.749178] dump_stack_lvl+0x8c/0xd0 [ 18.749310] print_report+0x310/0x608 [ 18.749466] kasan_report+0xdc/0x128 [ 18.749599] __asan_report_load1_noabort+0x20/0x30 [ 18.749720] kasan_stack_oob+0x238/0x270 [ 18.750531] kunit_try_run_case+0x170/0x3f0 [ 18.750663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.750894] kthread+0x328/0x630 [ 18.751235] ret_from_fork+0x10/0x20 [ 18.751366] [ 18.751507] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.751683] and is located at offset 138 in frame: [ 18.751734] kasan_stack_oob+0x0/0x270 [ 18.752548] [ 18.752664] This frame has 4 objects: [ 18.752809] [48, 49) '__assertion' [ 18.753061] [64, 72) 'array' [ 18.753137] [96, 112) '__assertion' [ 18.753475] [128, 138) 'stack_array' [ 18.753681] [ 18.753747] The buggy address belongs to the virtual mapping at [ 18.753747] [ffff800080a10000, ffff800080a19000) created by: [ 18.753747] kernel_clone+0x150/0x7a8 [ 18.754299] [ 18.754411] The buggy address belongs to the physical page: [ 18.754460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ce9 [ 18.754603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.754867] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.755002] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.755291] page dumped because: kasan: bad access detected [ 18.755410] [ 18.755471] Memory state around the buggy address: [ 18.755534] ffff800080a17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.755925] ffff800080a17b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.756067] >ffff800080a17c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.756185] ^ [ 18.756284] ffff800080a17c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.756411] ffff800080a17d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.756453] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.722093] ================================================================== [ 18.722179] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.722254] Read of size 1 at addr ffffb06b7494f58d by task kunit_try_catch/245 [ 18.722306] [ 18.722360] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.722447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.722474] Hardware name: linux,dummy-virt (DT) [ 18.722507] Call trace: [ 18.722530] show_stack+0x20/0x38 (C) [ 18.722582] dump_stack_lvl+0x8c/0xd0 [ 18.722632] print_report+0x310/0x608 [ 18.722678] kasan_report+0xdc/0x128 [ 18.722737] __asan_report_load1_noabort+0x20/0x30 [ 18.722803] kasan_global_oob_right+0x230/0x270 [ 18.722851] kunit_try_run_case+0x170/0x3f0 [ 18.722900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.722956] kthread+0x328/0x630 [ 18.722999] ret_from_fork+0x10/0x20 [ 18.723059] [ 18.723130] The buggy address belongs to the variable: [ 18.723168] global_array+0xd/0x40 [ 18.723220] [ 18.723291] The buggy address belongs to the virtual mapping at [ 18.723291] [ffffb06b72b00000, ffffb06b74a01000) created by: [ 18.723291] paging_init+0x66c/0x7d0 [ 18.723385] [ 18.723446] The buggy address belongs to the physical page: [ 18.723479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.723543] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.723616] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.723666] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.724511] page dumped because: kasan: bad access detected [ 18.724584] [ 18.724620] Memory state around the buggy address: [ 18.724684] ffffb06b7494f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.724740] ffffb06b7494f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.724816] >ffffb06b7494f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.725991] ^ [ 18.726041] ffffb06b7494f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.726556] ffffb06b7494f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.726625] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.702060] ================================================================== [ 18.702368] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.702560] Free of addr fff00000c640c001 by task kunit_try_catch/243 [ 18.702683] [ 18.702985] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.703172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.703249] Hardware name: linux,dummy-virt (DT) [ 18.703283] Call trace: [ 18.703309] show_stack+0x20/0x38 (C) [ 18.703625] dump_stack_lvl+0x8c/0xd0 [ 18.703816] print_report+0x118/0x608 [ 18.703985] kasan_report_invalid_free+0xc0/0xe8 [ 18.704218] __kasan_mempool_poison_object+0xfc/0x150 [ 18.704396] mempool_free+0x28c/0x328 [ 18.704597] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.705024] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.705254] kunit_try_run_case+0x170/0x3f0 [ 18.705364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.705855] kthread+0x328/0x630 [ 18.706052] ret_from_fork+0x10/0x20 [ 18.706538] [ 18.706592] The buggy address belongs to the physical page: [ 18.707001] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c [ 18.707197] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.707360] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.707449] page_type: f8(unknown) [ 18.707509] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.707989] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.708312] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.708391] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.708522] head: 0bfffe0000000002 ffffc1ffc3190301 00000000ffffffff 00000000ffffffff [ 18.708601] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.708803] page dumped because: kasan: bad access detected [ 18.708842] [ 18.708963] Memory state around the buggy address: [ 18.709470] fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.709538] fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.709779] >fff00000c640c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.709979] ^ [ 18.710162] fff00000c640c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.710311] fff00000c640c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.710494] ================================================================== [ 18.682730] ================================================================== [ 18.682790] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.682844] Free of addr fff00000c76afa01 by task kunit_try_catch/241 [ 18.683083] [ 18.683140] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.683228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.683255] Hardware name: linux,dummy-virt (DT) [ 18.683286] Call trace: [ 18.683310] show_stack+0x20/0x38 (C) [ 18.683361] dump_stack_lvl+0x8c/0xd0 [ 18.683412] print_report+0x118/0x608 [ 18.683458] kasan_report_invalid_free+0xc0/0xe8 [ 18.683509] check_slab_allocation+0xfc/0x108 [ 18.683556] __kasan_mempool_poison_object+0x78/0x150 [ 18.683610] mempool_free+0x28c/0x328 [ 18.683658] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.684272] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.684657] kunit_try_run_case+0x170/0x3f0 [ 18.684882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.685215] kthread+0x328/0x630 [ 18.685425] ret_from_fork+0x10/0x20 [ 18.685483] [ 18.685545] Allocated by task 241: [ 18.685759] kasan_save_stack+0x3c/0x68 [ 18.685952] kasan_save_track+0x20/0x40 [ 18.686062] kasan_save_alloc_info+0x40/0x58 [ 18.686254] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.686361] remove_element+0x130/0x1f8 [ 18.686630] mempool_alloc_preallocated+0x58/0xc0 [ 18.686828] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.687005] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.687319] kunit_try_run_case+0x170/0x3f0 [ 18.687483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.687537] kthread+0x328/0x630 [ 18.687771] ret_from_fork+0x10/0x20 [ 18.687908] [ 18.688008] The buggy address belongs to the object at fff00000c76afa00 [ 18.688008] which belongs to the cache kmalloc-128 of size 128 [ 18.688074] The buggy address is located 1 bytes inside of [ 18.688074] 128-byte region [fff00000c76afa00, fff00000c76afa80) [ 18.688145] [ 18.688166] The buggy address belongs to the physical page: [ 18.688198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 18.688485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.688659] page_type: f5(slab) [ 18.688759] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.689150] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.689282] page dumped because: kasan: bad access detected [ 18.689416] [ 18.689437] Memory state around the buggy address: [ 18.689502] fff00000c76af900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.689906] fff00000c76af980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.690093] >fff00000c76afa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.690528] ^ [ 18.690626] fff00000c76afa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.690682] fff00000c76afb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.691024] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.635473] ================================================================== [ 18.635552] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.635616] Free of addr fff00000c76af600 by task kunit_try_catch/235 [ 18.635976] [ 18.636125] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.636436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.636492] Hardware name: linux,dummy-virt (DT) [ 18.636625] Call trace: [ 18.636971] show_stack+0x20/0x38 (C) [ 18.637103] dump_stack_lvl+0x8c/0xd0 [ 18.637170] print_report+0x118/0x608 [ 18.637430] kasan_report_invalid_free+0xc0/0xe8 [ 18.637631] check_slab_allocation+0xd4/0x108 [ 18.637756] __kasan_mempool_poison_object+0x78/0x150 [ 18.638077] mempool_free+0x28c/0x328 [ 18.638168] mempool_double_free_helper+0x150/0x2e8 [ 18.638221] mempool_kmalloc_double_free+0xc0/0x118 [ 18.638272] kunit_try_run_case+0x170/0x3f0 [ 18.638342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638397] kthread+0x328/0x630 [ 18.638440] ret_from_fork+0x10/0x20 [ 18.638510] [ 18.638530] Allocated by task 235: [ 18.638562] kasan_save_stack+0x3c/0x68 [ 18.638604] kasan_save_track+0x20/0x40 [ 18.638641] kasan_save_alloc_info+0x40/0x58 [ 18.638687] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.638730] remove_element+0x130/0x1f8 [ 18.638774] mempool_alloc_preallocated+0x58/0xc0 [ 18.638822] mempool_double_free_helper+0x94/0x2e8 [ 18.638870] mempool_kmalloc_double_free+0xc0/0x118 [ 18.638912] kunit_try_run_case+0x170/0x3f0 [ 18.638949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638992] kthread+0x328/0x630 [ 18.639024] ret_from_fork+0x10/0x20 [ 18.639060] [ 18.639080] Freed by task 235: [ 18.639107] kasan_save_stack+0x3c/0x68 [ 18.639715] kasan_save_track+0x20/0x40 [ 18.639785] kasan_save_free_info+0x4c/0x78 [ 18.639863] __kasan_mempool_poison_object+0xc0/0x150 [ 18.640040] mempool_free+0x28c/0x328 [ 18.640090] mempool_double_free_helper+0x100/0x2e8 [ 18.640142] mempool_kmalloc_double_free+0xc0/0x118 [ 18.640488] kunit_try_run_case+0x170/0x3f0 [ 18.640682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.641032] kthread+0x328/0x630 [ 18.641189] ret_from_fork+0x10/0x20 [ 18.641264] [ 18.641634] The buggy address belongs to the object at fff00000c76af600 [ 18.641634] which belongs to the cache kmalloc-128 of size 128 [ 18.641766] The buggy address is located 0 bytes inside of [ 18.641766] 128-byte region [fff00000c76af600, fff00000c76af680) [ 18.641828] [ 18.642146] The buggy address belongs to the physical page: [ 18.642229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 18.642542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.642629] page_type: f5(slab) [ 18.642739] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.642836] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.643109] page dumped because: kasan: bad access detected [ 18.643276] [ 18.643323] Memory state around the buggy address: [ 18.643443] fff00000c76af500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.643510] fff00000c76af580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.643602] >fff00000c76af600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.643641] ^ [ 18.643668] fff00000c76af680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.643992] fff00000c76af700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.644140] ================================================================== [ 18.671321] ================================================================== [ 18.671383] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.671445] Free of addr fff00000c640c000 by task kunit_try_catch/239 [ 18.671488] [ 18.671526] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.671904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.672125] Hardware name: linux,dummy-virt (DT) [ 18.672162] Call trace: [ 18.672214] show_stack+0x20/0x38 (C) [ 18.672270] dump_stack_lvl+0x8c/0xd0 [ 18.672325] print_report+0x118/0x608 [ 18.672375] kasan_report_invalid_free+0xc0/0xe8 [ 18.672425] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.672489] mempool_free+0x24c/0x328 [ 18.672535] mempool_double_free_helper+0x150/0x2e8 [ 18.672598] mempool_page_alloc_double_free+0xbc/0x118 [ 18.672648] kunit_try_run_case+0x170/0x3f0 [ 18.672698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.672750] kthread+0x328/0x630 [ 18.672809] ret_from_fork+0x10/0x20 [ 18.672861] [ 18.672884] The buggy address belongs to the physical page: [ 18.672917] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c [ 18.672983] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.673049] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.673099] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.673151] page dumped because: kasan: bad access detected [ 18.673183] [ 18.673201] Memory state around the buggy address: [ 18.673241] fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.673294] fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.673336] >fff00000c640c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.673384] ^ [ 18.673423] fff00000c640c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.673465] fff00000c640c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.673510] ================================================================== [ 18.653880] ================================================================== [ 18.654037] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.654152] Free of addr fff00000c640c000 by task kunit_try_catch/237 [ 18.654258] [ 18.654294] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.654383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.654411] Hardware name: linux,dummy-virt (DT) [ 18.654629] Call trace: [ 18.654845] show_stack+0x20/0x38 (C) [ 18.654916] dump_stack_lvl+0x8c/0xd0 [ 18.654975] print_report+0x118/0x608 [ 18.655022] kasan_report_invalid_free+0xc0/0xe8 [ 18.655499] __kasan_mempool_poison_object+0x14c/0x150 [ 18.655698] mempool_free+0x28c/0x328 [ 18.655844] mempool_double_free_helper+0x150/0x2e8 [ 18.655932] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.655985] kunit_try_run_case+0x170/0x3f0 [ 18.656044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.656504] kthread+0x328/0x630 [ 18.656655] ret_from_fork+0x10/0x20 [ 18.656851] [ 18.656972] The buggy address belongs to the physical page: [ 18.657008] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c [ 18.657112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.657580] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.657785] page_type: f8(unknown) [ 18.658078] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.658335] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.658468] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.659320] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.659416] head: 0bfffe0000000002 ffffc1ffc3190301 00000000ffffffff 00000000ffffffff [ 18.659476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.659520] page dumped because: kasan: bad access detected [ 18.659551] [ 18.659580] Memory state around the buggy address: [ 18.659922] fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.659982] fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.660032] >fff00000c640c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.660074] ^ [ 18.660105] fff00000c640c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.660663] fff00000c640c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.660732] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.618486] ================================================================== [ 18.618562] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.618895] Read of size 1 at addr fff00000c640c000 by task kunit_try_catch/233 [ 18.618961] [ 18.619176] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.619482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.619562] Hardware name: linux,dummy-virt (DT) [ 18.619603] Call trace: [ 18.619645] show_stack+0x20/0x38 (C) [ 18.619824] dump_stack_lvl+0x8c/0xd0 [ 18.619879] print_report+0x118/0x608 [ 18.619934] kasan_report+0xdc/0x128 [ 18.619982] __asan_report_load1_noabort+0x20/0x30 [ 18.620032] mempool_uaf_helper+0x314/0x340 [ 18.620655] mempool_page_alloc_uaf+0xc0/0x118 [ 18.620843] kunit_try_run_case+0x170/0x3f0 [ 18.621001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.621218] kthread+0x328/0x630 [ 18.621357] ret_from_fork+0x10/0x20 [ 18.621540] [ 18.621566] The buggy address belongs to the physical page: [ 18.621728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c [ 18.621794] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.622346] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.622515] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.622592] page dumped because: kasan: bad access detected [ 18.622800] [ 18.623284] Memory state around the buggy address: [ 18.623405] fff00000c640bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.623458] fff00000c640bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.623510] >fff00000c640c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.623548] ^ [ 18.623586] fff00000c640c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.623627] fff00000c640c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.624058] ================================================================== [ 18.559049] ================================================================== [ 18.559465] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.559556] Read of size 1 at addr fff00000c6404000 by task kunit_try_catch/229 [ 18.559617] [ 18.559655] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.560200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.560246] Hardware name: linux,dummy-virt (DT) [ 18.560377] Call trace: [ 18.560455] show_stack+0x20/0x38 (C) [ 18.560566] dump_stack_lvl+0x8c/0xd0 [ 18.560703] print_report+0x118/0x608 [ 18.560754] kasan_report+0xdc/0x128 [ 18.561046] __asan_report_load1_noabort+0x20/0x30 [ 18.561270] mempool_uaf_helper+0x314/0x340 [ 18.561678] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.561839] kunit_try_run_case+0x170/0x3f0 [ 18.562222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.562377] kthread+0x328/0x630 [ 18.562630] ret_from_fork+0x10/0x20 [ 18.562830] [ 18.562942] The buggy address belongs to the physical page: [ 18.563279] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 18.563466] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.563549] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.563729] page_type: f8(unknown) [ 18.563818] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.563872] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.564248] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.564396] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.564474] head: 0bfffe0000000002 ffffc1ffc3190101 00000000ffffffff 00000000ffffffff [ 18.564849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.564917] page dumped because: kasan: bad access detected [ 18.565031] [ 18.565093] Memory state around the buggy address: [ 18.565140] fff00000c6403f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.565216] fff00000c6403f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.565547] >fff00000c6404000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.565659] ^ [ 18.565695] fff00000c6404080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.565755] fff00000c6404100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.565981] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.582362] ================================================================== [ 18.582435] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.584572] Read of size 1 at addr fff00000c6cff240 by task kunit_try_catch/231 [ 18.585953] [ 18.586020] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.586132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.586160] Hardware name: linux,dummy-virt (DT) [ 18.586192] Call trace: [ 18.586218] show_stack+0x20/0x38 (C) [ 18.586275] dump_stack_lvl+0x8c/0xd0 [ 18.586324] print_report+0x118/0x608 [ 18.586370] kasan_report+0xdc/0x128 [ 18.586416] __asan_report_load1_noabort+0x20/0x30 [ 18.586468] mempool_uaf_helper+0x314/0x340 [ 18.586516] mempool_slab_uaf+0xc0/0x118 [ 18.586561] kunit_try_run_case+0x170/0x3f0 [ 18.587432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.587489] kthread+0x328/0x630 [ 18.589481] ret_from_fork+0x10/0x20 [ 18.589584] [ 18.589605] Allocated by task 231: [ 18.589875] kasan_save_stack+0x3c/0x68 [ 18.590195] kasan_save_track+0x20/0x40 [ 18.590403] kasan_save_alloc_info+0x40/0x58 [ 18.590449] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.590672] remove_element+0x16c/0x1f8 [ 18.590834] mempool_alloc_preallocated+0x58/0xc0 [ 18.591198] mempool_uaf_helper+0xa4/0x340 [ 18.591291] mempool_slab_uaf+0xc0/0x118 [ 18.591491] kunit_try_run_case+0x170/0x3f0 [ 18.591625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.591800] kthread+0x328/0x630 [ 18.591915] ret_from_fork+0x10/0x20 [ 18.591956] [ 18.591976] Freed by task 231: [ 18.592004] kasan_save_stack+0x3c/0x68 [ 18.592367] kasan_save_track+0x20/0x40 [ 18.592540] kasan_save_free_info+0x4c/0x78 [ 18.592646] __kasan_mempool_poison_object+0xc0/0x150 [ 18.592892] mempool_free+0x28c/0x328 [ 18.593052] mempool_uaf_helper+0x104/0x340 [ 18.593220] mempool_slab_uaf+0xc0/0x118 [ 18.593277] kunit_try_run_case+0x170/0x3f0 [ 18.593521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.593973] kthread+0x328/0x630 [ 18.594082] ret_from_fork+0x10/0x20 [ 18.594209] [ 18.594236] The buggy address belongs to the object at fff00000c6cff240 [ 18.594236] which belongs to the cache test_cache of size 123 [ 18.594569] The buggy address is located 0 bytes inside of [ 18.594569] freed 123-byte region [fff00000c6cff240, fff00000c6cff2bb) [ 18.594700] [ 18.594724] The buggy address belongs to the physical page: [ 18.594974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cff [ 18.595189] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.595543] page_type: f5(slab) [ 18.595634] raw: 0bfffe0000000000 fff00000c59bf280 dead000000000122 0000000000000000 [ 18.595695] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.595738] page dumped because: kasan: bad access detected [ 18.595955] [ 18.595978] Memory state around the buggy address: [ 18.596019] fff00000c6cff100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.596269] fff00000c6cff180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.596502] >fff00000c6cff200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.596698] ^ [ 18.596776] fff00000c6cff280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.596927] fff00000c6cff300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.596980] ================================================================== [ 18.538101] ================================================================== [ 18.538201] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.538277] Read of size 1 at addr fff00000c76af200 by task kunit_try_catch/227 [ 18.538329] [ 18.538375] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.538468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.538494] Hardware name: linux,dummy-virt (DT) [ 18.538530] Call trace: [ 18.538557] show_stack+0x20/0x38 (C) [ 18.538610] dump_stack_lvl+0x8c/0xd0 [ 18.538663] print_report+0x118/0x608 [ 18.538712] kasan_report+0xdc/0x128 [ 18.538758] __asan_report_load1_noabort+0x20/0x30 [ 18.538809] mempool_uaf_helper+0x314/0x340 [ 18.538856] mempool_kmalloc_uaf+0xc4/0x120 [ 18.538902] kunit_try_run_case+0x170/0x3f0 [ 18.538953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539006] kthread+0x328/0x630 [ 18.539050] ret_from_fork+0x10/0x20 [ 18.539101] [ 18.539131] Allocated by task 227: [ 18.539162] kasan_save_stack+0x3c/0x68 [ 18.539206] kasan_save_track+0x20/0x40 [ 18.539246] kasan_save_alloc_info+0x40/0x58 [ 18.539287] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.539331] remove_element+0x130/0x1f8 [ 18.539371] mempool_alloc_preallocated+0x58/0xc0 [ 18.539410] mempool_uaf_helper+0xa4/0x340 [ 18.539448] mempool_kmalloc_uaf+0xc4/0x120 [ 18.539486] kunit_try_run_case+0x170/0x3f0 [ 18.539524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539568] kthread+0x328/0x630 [ 18.539602] ret_from_fork+0x10/0x20 [ 18.539639] [ 18.539660] Freed by task 227: [ 18.540068] kasan_save_stack+0x3c/0x68 [ 18.540137] kasan_save_track+0x20/0x40 [ 18.540176] kasan_save_free_info+0x4c/0x78 [ 18.540217] __kasan_mempool_poison_object+0xc0/0x150 [ 18.540259] mempool_free+0x28c/0x328 [ 18.540294] mempool_uaf_helper+0x104/0x340 [ 18.540333] mempool_kmalloc_uaf+0xc4/0x120 [ 18.540371] kunit_try_run_case+0x170/0x3f0 [ 18.540409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540453] kthread+0x328/0x630 [ 18.540486] ret_from_fork+0x10/0x20 [ 18.540524] [ 18.540544] The buggy address belongs to the object at fff00000c76af200 [ 18.540544] which belongs to the cache kmalloc-128 of size 128 [ 18.540605] The buggy address is located 0 bytes inside of [ 18.540605] freed 128-byte region [fff00000c76af200, fff00000c76af280) [ 18.540666] [ 18.540688] The buggy address belongs to the physical page: [ 18.540723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 18.540778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.540832] page_type: f5(slab) [ 18.540875] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.540926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.540967] page dumped because: kasan: bad access detected [ 18.541001] [ 18.541019] Memory state around the buggy address: [ 18.541051] fff00000c76af100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.541094] fff00000c76af180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541146] >fff00000c76af200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.541185] ^ [ 18.541213] fff00000c76af280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541254] fff00000c76af300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.541293] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.447958] ================================================================== [ 18.448043] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.448138] Read of size 1 at addr fff00000c6cb4173 by task kunit_try_catch/221 [ 18.448187] [ 18.448231] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.448320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.448348] Hardware name: linux,dummy-virt (DT) [ 18.448382] Call trace: [ 18.448408] show_stack+0x20/0x38 (C) [ 18.448461] dump_stack_lvl+0x8c/0xd0 [ 18.448512] print_report+0x118/0x608 [ 18.448562] kasan_report+0xdc/0x128 [ 18.448606] __asan_report_load1_noabort+0x20/0x30 [ 18.448657] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.448705] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.448754] kunit_try_run_case+0x170/0x3f0 [ 18.448804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.448857] kthread+0x328/0x630 [ 18.448900] ret_from_fork+0x10/0x20 [ 18.448949] [ 18.448967] Allocated by task 221: [ 18.448997] kasan_save_stack+0x3c/0x68 [ 18.449038] kasan_save_track+0x20/0x40 [ 18.449076] kasan_save_alloc_info+0x40/0x58 [ 18.449125] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.449169] remove_element+0x130/0x1f8 [ 18.449206] mempool_alloc_preallocated+0x58/0xc0 [ 18.449244] mempool_oob_right_helper+0x98/0x2f0 [ 18.449283] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.449324] kunit_try_run_case+0x170/0x3f0 [ 18.449362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.449405] kthread+0x328/0x630 [ 18.449437] ret_from_fork+0x10/0x20 [ 18.449472] [ 18.449493] The buggy address belongs to the object at fff00000c6cb4100 [ 18.449493] which belongs to the cache kmalloc-128 of size 128 [ 18.449554] The buggy address is located 0 bytes to the right of [ 18.449554] allocated 115-byte region [fff00000c6cb4100, fff00000c6cb4173) [ 18.449618] [ 18.449639] The buggy address belongs to the physical page: [ 18.449672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cb4 [ 18.449727] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.449779] page_type: f5(slab) [ 18.449823] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.449873] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.449914] page dumped because: kasan: bad access detected [ 18.449944] [ 18.449962] Memory state around the buggy address: [ 18.449996] fff00000c6cb4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.450040] fff00000c6cb4080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.450082] >fff00000c6cb4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.450130] ^ [ 18.450170] fff00000c6cb4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.450214] fff00000c6cb4200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.450252] ================================================================== [ 18.486808] ================================================================== [ 18.488862] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.489788] Read of size 1 at addr fff00000c76af2bb by task kunit_try_catch/225 [ 18.490044] [ 18.490110] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.490678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.490712] Hardware name: linux,dummy-virt (DT) [ 18.490749] Call trace: [ 18.491017] show_stack+0x20/0x38 (C) [ 18.491535] dump_stack_lvl+0x8c/0xd0 [ 18.492531] print_report+0x118/0x608 [ 18.493048] kasan_report+0xdc/0x128 [ 18.493607] __asan_report_load1_noabort+0x20/0x30 [ 18.493663] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.494614] mempool_slab_oob_right+0xc0/0x118 [ 18.494715] kunit_try_run_case+0x170/0x3f0 [ 18.494770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.494822] kthread+0x328/0x630 [ 18.495766] ret_from_fork+0x10/0x20 [ 18.496718] [ 18.496865] Allocated by task 225: [ 18.496899] kasan_save_stack+0x3c/0x68 [ 18.497430] kasan_save_track+0x20/0x40 [ 18.497639] kasan_save_alloc_info+0x40/0x58 [ 18.498348] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.498393] remove_element+0x16c/0x1f8 [ 18.498435] mempool_alloc_preallocated+0x58/0xc0 [ 18.499244] mempool_oob_right_helper+0x98/0x2f0 [ 18.500004] mempool_slab_oob_right+0xc0/0x118 [ 18.500064] kunit_try_run_case+0x170/0x3f0 [ 18.500105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.500987] kthread+0x328/0x630 [ 18.501033] ret_from_fork+0x10/0x20 [ 18.501070] [ 18.502315] The buggy address belongs to the object at fff00000c76af240 [ 18.502315] which belongs to the cache test_cache of size 123 [ 18.502917] The buggy address is located 0 bytes to the right of [ 18.502917] allocated 123-byte region [fff00000c76af240, fff00000c76af2bb) [ 18.503446] [ 18.503632] The buggy address belongs to the physical page: [ 18.503965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076af [ 18.504450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.504632] page_type: f5(slab) [ 18.504676] raw: 0bfffe0000000000 fff00000c6475140 dead000000000122 0000000000000000 [ 18.504727] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.505750] page dumped because: kasan: bad access detected [ 18.505868] [ 18.506159] Memory state around the buggy address: [ 18.506199] fff00000c76af180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.506245] fff00000c76af200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.507068] >fff00000c76af280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.507554] ^ [ 18.507939] fff00000c76af300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.508456] fff00000c76af380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.508740] ================================================================== [ 18.461759] ================================================================== [ 18.461821] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.461881] Read of size 1 at addr fff00000c77d2001 by task kunit_try_catch/223 [ 18.461931] [ 18.461966] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.462053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.462078] Hardware name: linux,dummy-virt (DT) [ 18.462111] Call trace: [ 18.462150] show_stack+0x20/0x38 (C) [ 18.462203] dump_stack_lvl+0x8c/0xd0 [ 18.462250] print_report+0x118/0x608 [ 18.462297] kasan_report+0xdc/0x128 [ 18.462343] __asan_report_load1_noabort+0x20/0x30 [ 18.462394] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.462818] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.462893] kunit_try_run_case+0x170/0x3f0 [ 18.463010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.463073] kthread+0x328/0x630 [ 18.463132] ret_from_fork+0x10/0x20 [ 18.463182] [ 18.463204] The buggy address belongs to the physical page: [ 18.463454] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d0 [ 18.463523] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.463641] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.463747] page_type: f8(unknown) [ 18.463787] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.463837] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.463886] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.464132] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.464257] head: 0bfffe0000000002 ffffc1ffc31df401 00000000ffffffff 00000000ffffffff [ 18.464400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.464461] page dumped because: kasan: bad access detected [ 18.464493] [ 18.464519] Memory state around the buggy address: [ 18.464588] fff00000c77d1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.464631] fff00000c77d1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.464673] >fff00000c77d2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.464711] ^ [ 18.464776] fff00000c77d2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.464853] fff00000c77d2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.464970] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.834149] ================================================================== [ 17.834232] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 17.834308] Read of size 1 at addr fff00000c56b2dc0 by task kunit_try_catch/215 [ 17.834359] [ 17.834403] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.834491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.834518] Hardware name: linux,dummy-virt (DT) [ 17.834553] Call trace: [ 17.834580] show_stack+0x20/0x38 (C) [ 17.834633] dump_stack_lvl+0x8c/0xd0 [ 17.834686] print_report+0x118/0x608 [ 17.834732] kasan_report+0xdc/0x128 [ 17.839506] __kasan_check_byte+0x54/0x70 [ 17.839957] kmem_cache_destroy+0x34/0x218 [ 17.840013] kmem_cache_double_destroy+0x174/0x300 [ 17.840866] kunit_try_run_case+0x170/0x3f0 [ 17.841048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.841102] kthread+0x328/0x630 [ 17.841157] ret_from_fork+0x10/0x20 [ 17.842110] [ 17.842323] Allocated by task 215: [ 17.842647] kasan_save_stack+0x3c/0x68 [ 17.842846] kasan_save_track+0x20/0x40 [ 17.842929] kasan_save_alloc_info+0x40/0x58 [ 17.842971] __kasan_slab_alloc+0xa8/0xb0 [ 17.843008] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.843980] __kmem_cache_create_args+0x178/0x280 [ 17.844663] kmem_cache_double_destroy+0xc0/0x300 [ 17.844847] kunit_try_run_case+0x170/0x3f0 [ 17.844885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.845919] kthread+0x328/0x630 [ 17.845998] ret_from_fork+0x10/0x20 [ 17.846164] [ 17.846183] Freed by task 215: [ 17.846794] kasan_save_stack+0x3c/0x68 [ 17.846893] kasan_save_track+0x20/0x40 [ 17.847035] kasan_save_free_info+0x4c/0x78 [ 17.847076] __kasan_slab_free+0x6c/0x98 [ 17.847838] kmem_cache_free+0x260/0x468 [ 17.847902] slab_kmem_cache_release+0x38/0x50 [ 17.848775] kmem_cache_release+0x1c/0x30 [ 17.848826] kobject_put+0x17c/0x420 [ 17.848870] sysfs_slab_release+0x1c/0x30 [ 17.848907] kmem_cache_destroy+0x118/0x218 [ 17.849675] kmem_cache_double_destroy+0x128/0x300 [ 17.849727] kunit_try_run_case+0x170/0x3f0 [ 17.849768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.849812] kthread+0x328/0x630 [ 17.850770] ret_from_fork+0x10/0x20 [ 17.851341] [ 17.851368] The buggy address belongs to the object at fff00000c56b2dc0 [ 17.851368] which belongs to the cache kmem_cache of size 208 [ 17.851877] The buggy address is located 0 bytes inside of [ 17.851877] freed 208-byte region [fff00000c56b2dc0, fff00000c56b2e90) [ 17.851977] [ 17.852002] The buggy address belongs to the physical page: [ 17.852825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b2 [ 17.853438] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.853796] page_type: f5(slab) [ 17.854084] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 17.854506] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.854804] page dumped because: kasan: bad access detected [ 17.855315] [ 17.855481] Memory state around the buggy address: [ 17.855723] fff00000c56b2c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.856053] fff00000c56b2d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.856736] >fff00000c56b2d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.857075] ^ [ 17.857426] fff00000c56b2e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.857688] fff00000c56b2e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.858163] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.772905] ================================================================== [ 17.773058] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.773156] Read of size 1 at addr fff00000c6cd9000 by task kunit_try_catch/213 [ 17.773571] [ 17.773674] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.773825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.773857] Hardware name: linux,dummy-virt (DT) [ 17.773897] Call trace: [ 17.773923] show_stack+0x20/0x38 (C) [ 17.773992] dump_stack_lvl+0x8c/0xd0 [ 17.774053] print_report+0x118/0x608 [ 17.774101] kasan_report+0xdc/0x128 [ 17.774158] __asan_report_load1_noabort+0x20/0x30 [ 17.774209] kmem_cache_rcu_uaf+0x388/0x468 [ 17.774254] kunit_try_run_case+0x170/0x3f0 [ 17.774304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.774358] kthread+0x328/0x630 [ 17.774410] ret_from_fork+0x10/0x20 [ 17.774460] [ 17.774478] Allocated by task 213: [ 17.774509] kasan_save_stack+0x3c/0x68 [ 17.774552] kasan_save_track+0x20/0x40 [ 17.774590] kasan_save_alloc_info+0x40/0x58 [ 17.774636] __kasan_slab_alloc+0xa8/0xb0 [ 17.774675] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.774717] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.774755] kunit_try_run_case+0x170/0x3f0 [ 17.774790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.774838] kthread+0x328/0x630 [ 17.774869] ret_from_fork+0x10/0x20 [ 17.774905] [ 17.774931] Freed by task 0: [ 17.774958] kasan_save_stack+0x3c/0x68 [ 17.774996] kasan_save_track+0x20/0x40 [ 17.775039] kasan_save_free_info+0x4c/0x78 [ 17.775091] __kasan_slab_free+0x6c/0x98 [ 17.775434] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.775813] rcu_core+0x9f4/0x1e20 [ 17.775884] rcu_core_si+0x18/0x30 [ 17.775943] handle_softirqs+0x374/0xb28 [ 17.776008] __do_softirq+0x1c/0x28 [ 17.776069] [ 17.776273] Last potentially related work creation: [ 17.776307] kasan_save_stack+0x3c/0x68 [ 17.776350] kasan_record_aux_stack+0xb4/0xc8 [ 17.776399] kmem_cache_free+0x120/0x468 [ 17.776435] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.776690] kunit_try_run_case+0x170/0x3f0 [ 17.776775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.776831] kthread+0x328/0x630 [ 17.777029] ret_from_fork+0x10/0x20 [ 17.777202] [ 17.777309] The buggy address belongs to the object at fff00000c6cd9000 [ 17.777309] which belongs to the cache test_cache of size 200 [ 17.777372] The buggy address is located 0 bytes inside of [ 17.777372] freed 200-byte region [fff00000c6cd9000, fff00000c6cd90c8) [ 17.777879] [ 17.778069] The buggy address belongs to the physical page: [ 17.778256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cd9 [ 17.778344] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.778531] page_type: f5(slab) [ 17.778719] raw: 0bfffe0000000000 fff00000c56b2c80 dead000000000122 0000000000000000 [ 17.778852] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.778954] page dumped because: kasan: bad access detected [ 17.779135] [ 17.779158] Memory state around the buggy address: [ 17.779343] fff00000c6cd8f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.779582] fff00000c6cd8f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.779652] >fff00000c6cd9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.779733] ^ [ 17.779849] fff00000c6cd9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.780051] fff00000c6cd9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.780092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.492191] ================================================================== [ 17.492693] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.492773] Free of addr fff00000c6cdb001 by task kunit_try_catch/211 [ 17.492818] [ 17.492861] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.492947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.492975] Hardware name: linux,dummy-virt (DT) [ 17.493009] Call trace: [ 17.493062] show_stack+0x20/0x38 (C) [ 17.493607] dump_stack_lvl+0x8c/0xd0 [ 17.493758] print_report+0x118/0x608 [ 17.493807] kasan_report_invalid_free+0xc0/0xe8 [ 17.493858] check_slab_allocation+0xfc/0x108 [ 17.495144] __kasan_slab_pre_free+0x2c/0x48 [ 17.495252] kmem_cache_free+0xf0/0x468 [ 17.495303] kmem_cache_invalid_free+0x184/0x3c8 [ 17.495352] kunit_try_run_case+0x170/0x3f0 [ 17.495403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.496485] kthread+0x328/0x630 [ 17.497359] ret_from_fork+0x10/0x20 [ 17.497858] [ 17.498185] Allocated by task 211: [ 17.498460] kasan_save_stack+0x3c/0x68 [ 17.499142] kasan_save_track+0x20/0x40 [ 17.499239] kasan_save_alloc_info+0x40/0x58 [ 17.499924] __kasan_slab_alloc+0xa8/0xb0 [ 17.500209] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.500612] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.501584] kunit_try_run_case+0x170/0x3f0 [ 17.501692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.501737] kthread+0x328/0x630 [ 17.502342] ret_from_fork+0x10/0x20 [ 17.502716] [ 17.502948] The buggy address belongs to the object at fff00000c6cdb000 [ 17.502948] which belongs to the cache test_cache of size 200 [ 17.503162] The buggy address is located 1 bytes inside of [ 17.503162] 200-byte region [fff00000c6cdb000, fff00000c6cdb0c8) [ 17.504023] [ 17.504385] The buggy address belongs to the physical page: [ 17.505061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cdb [ 17.505295] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.505997] page_type: f5(slab) [ 17.506536] raw: 0bfffe0000000000 fff00000c56b2b40 dead000000000122 0000000000000000 [ 17.506942] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.507404] page dumped because: kasan: bad access detected [ 17.507513] [ 17.508063] Memory state around the buggy address: [ 17.508506] fff00000c6cdaf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.509179] fff00000c6cdaf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.509388] >fff00000c6cdb000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.509430] ^ [ 17.509615] fff00000c6cdb080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.509662] fff00000c6cdb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510098] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.454171] ================================================================== [ 17.454281] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.454384] Free of addr fff00000c6cdc000 by task kunit_try_catch/209 [ 17.454496] [ 17.454540] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.454800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.454830] Hardware name: linux,dummy-virt (DT) [ 17.454918] Call trace: [ 17.455053] show_stack+0x20/0x38 (C) [ 17.455152] dump_stack_lvl+0x8c/0xd0 [ 17.455303] print_report+0x118/0x608 [ 17.455411] kasan_report_invalid_free+0xc0/0xe8 [ 17.455493] check_slab_allocation+0xd4/0x108 [ 17.455543] __kasan_slab_pre_free+0x2c/0x48 [ 17.455680] kmem_cache_free+0xf0/0x468 [ 17.455965] kmem_cache_double_free+0x190/0x3c8 [ 17.456209] kunit_try_run_case+0x170/0x3f0 [ 17.456346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.456496] kthread+0x328/0x630 [ 17.456561] ret_from_fork+0x10/0x20 [ 17.456620] [ 17.456640] Allocated by task 209: [ 17.456671] kasan_save_stack+0x3c/0x68 [ 17.457072] kasan_save_track+0x20/0x40 [ 17.457135] kasan_save_alloc_info+0x40/0x58 [ 17.457184] __kasan_slab_alloc+0xa8/0xb0 [ 17.457232] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.457280] kmem_cache_double_free+0x12c/0x3c8 [ 17.457320] kunit_try_run_case+0x170/0x3f0 [ 17.457357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.457410] kthread+0x328/0x630 [ 17.457442] ret_from_fork+0x10/0x20 [ 17.457479] [ 17.457497] Freed by task 209: [ 17.457531] kasan_save_stack+0x3c/0x68 [ 17.457579] kasan_save_track+0x20/0x40 [ 17.457617] kasan_save_free_info+0x4c/0x78 [ 17.457654] __kasan_slab_free+0x6c/0x98 [ 17.457702] kmem_cache_free+0x260/0x468 [ 17.457738] kmem_cache_double_free+0x140/0x3c8 [ 17.457787] kunit_try_run_case+0x170/0x3f0 [ 17.457823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.457876] kthread+0x328/0x630 [ 17.457907] ret_from_fork+0x10/0x20 [ 17.457945] [ 17.457965] The buggy address belongs to the object at fff00000c6cdc000 [ 17.457965] which belongs to the cache test_cache of size 200 [ 17.458028] The buggy address is located 0 bytes inside of [ 17.458028] 200-byte region [fff00000c6cdc000, fff00000c6cdc0c8) [ 17.458088] [ 17.458111] The buggy address belongs to the physical page: [ 17.458157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cdc [ 17.458223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.458293] page_type: f5(slab) [ 17.458334] raw: 0bfffe0000000000 fff00000c56b2a00 dead000000000122 0000000000000000 [ 17.458385] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.458426] page dumped because: kasan: bad access detected [ 17.458459] [ 17.458490] Memory state around the buggy address: [ 17.458529] fff00000c6cdbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.458575] fff00000c6cdbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.458619] >fff00000c6cdc000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.458656] ^ [ 17.458684] fff00000c6cdc080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.458740] fff00000c6cdc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.458795] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.285312] ================================================================== [ 17.285410] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.285577] Read of size 1 at addr fff00000c6ccd0c8 by task kunit_try_catch/207 [ 17.285652] [ 17.285694] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.285839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.285876] Hardware name: linux,dummy-virt (DT) [ 17.285912] Call trace: [ 17.286051] show_stack+0x20/0x38 (C) [ 17.286107] dump_stack_lvl+0x8c/0xd0 [ 17.286190] print_report+0x118/0x608 [ 17.286239] kasan_report+0xdc/0x128 [ 17.286286] __asan_report_load1_noabort+0x20/0x30 [ 17.286336] kmem_cache_oob+0x344/0x430 [ 17.286380] kunit_try_run_case+0x170/0x3f0 [ 17.286439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.286493] kthread+0x328/0x630 [ 17.286545] ret_from_fork+0x10/0x20 [ 17.286606] [ 17.286624] Allocated by task 207: [ 17.286651] kasan_save_stack+0x3c/0x68 [ 17.286692] kasan_save_track+0x20/0x40 [ 17.286729] kasan_save_alloc_info+0x40/0x58 [ 17.286768] __kasan_slab_alloc+0xa8/0xb0 [ 17.286804] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.286845] kmem_cache_oob+0x12c/0x430 [ 17.286879] kunit_try_run_case+0x170/0x3f0 [ 17.286917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.286958] kthread+0x328/0x630 [ 17.286990] ret_from_fork+0x10/0x20 [ 17.287024] [ 17.287043] The buggy address belongs to the object at fff00000c6ccd000 [ 17.287043] which belongs to the cache test_cache of size 200 [ 17.287112] The buggy address is located 0 bytes to the right of [ 17.287112] allocated 200-byte region [fff00000c6ccd000, fff00000c6ccd0c8) [ 17.287189] [ 17.287208] The buggy address belongs to the physical page: [ 17.287241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ccd [ 17.287296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.287349] page_type: f5(slab) [ 17.287390] raw: 0bfffe0000000000 fff00000c56b28c0 dead000000000122 0000000000000000 [ 17.287698] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.287776] page dumped because: kasan: bad access detected [ 17.287808] [ 17.287826] Memory state around the buggy address: [ 17.287860] fff00000c6cccf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.287904] fff00000c6ccd000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.287948] >fff00000c6ccd080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.288013] ^ [ 17.288047] fff00000c6ccd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288089] fff00000c6ccd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288141] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.207022] ================================================================== [ 17.207677] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.207766] Read of size 8 at addr fff00000c6cd36c0 by task kunit_try_catch/200 [ 17.207837] [ 17.208159] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.208597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.208626] Hardware name: linux,dummy-virt (DT) [ 17.208669] Call trace: [ 17.209025] show_stack+0x20/0x38 (C) [ 17.209598] dump_stack_lvl+0x8c/0xd0 [ 17.209877] print_report+0x118/0x608 [ 17.210577] kasan_report+0xdc/0x128 [ 17.210938] __asan_report_load8_noabort+0x20/0x30 [ 17.211349] workqueue_uaf+0x480/0x4a8 [ 17.211428] kunit_try_run_case+0x170/0x3f0 [ 17.211719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.211776] kthread+0x328/0x630 [ 17.211842] ret_from_fork+0x10/0x20 [ 17.212251] [ 17.212610] Allocated by task 200: [ 17.212649] kasan_save_stack+0x3c/0x68 [ 17.213155] kasan_save_track+0x20/0x40 [ 17.213203] kasan_save_alloc_info+0x40/0x58 [ 17.213246] __kasan_kmalloc+0xd4/0xd8 [ 17.213283] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.213895] workqueue_uaf+0x13c/0x4a8 [ 17.214209] kunit_try_run_case+0x170/0x3f0 [ 17.214259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.214304] kthread+0x328/0x630 [ 17.214339] ret_from_fork+0x10/0x20 [ 17.214377] [ 17.214739] Freed by task 48: [ 17.214800] kasan_save_stack+0x3c/0x68 [ 17.214845] kasan_save_track+0x20/0x40 [ 17.215162] kasan_save_free_info+0x4c/0x78 [ 17.215476] __kasan_slab_free+0x6c/0x98 [ 17.215525] kfree+0x214/0x3c8 [ 17.215569] workqueue_uaf_work+0x18/0x30 [ 17.215860] process_one_work+0x530/0xf98 [ 17.215905] worker_thread+0x618/0xf38 [ 17.216158] kthread+0x328/0x630 [ 17.216414] ret_from_fork+0x10/0x20 [ 17.216470] [ 17.216747] Last potentially related work creation: [ 17.216988] kasan_save_stack+0x3c/0x68 [ 17.217235] kasan_record_aux_stack+0xb4/0xc8 [ 17.217328] __queue_work+0x65c/0x1008 [ 17.217367] queue_work_on+0xbc/0xf8 [ 17.217448] workqueue_uaf+0x210/0x4a8 [ 17.217844] kunit_try_run_case+0x170/0x3f0 [ 17.218069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.218359] kthread+0x328/0x630 [ 17.218636] ret_from_fork+0x10/0x20 [ 17.218729] [ 17.218750] The buggy address belongs to the object at fff00000c6cd36c0 [ 17.218750] which belongs to the cache kmalloc-32 of size 32 [ 17.219761] The buggy address is located 0 bytes inside of [ 17.219761] freed 32-byte region [fff00000c6cd36c0, fff00000c6cd36e0) [ 17.220316] [ 17.220624] The buggy address belongs to the physical page: [ 17.221193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cd3 [ 17.221257] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.221691] page_type: f5(slab) [ 17.222049] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.222353] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.222639] page dumped because: kasan: bad access detected [ 17.222674] [ 17.222692] Memory state around the buggy address: [ 17.223127] fff00000c6cd3580: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 17.223362] fff00000c6cd3600: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.223578] >fff00000c6cd3680: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.223908] ^ [ 17.223988] fff00000c6cd3700: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224191] fff00000c6cd3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.126525] ================================================================== [ 17.126663] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.126737] Read of size 4 at addr fff00000c6cd34c0 by task swapper/1/0 [ 17.130794] [ 17.131679] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.131933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.132365] Hardware name: linux,dummy-virt (DT) [ 17.132413] Call trace: [ 17.133326] show_stack+0x20/0x38 (C) [ 17.133718] dump_stack_lvl+0x8c/0xd0 [ 17.134461] print_report+0x118/0x608 [ 17.134534] kasan_report+0xdc/0x128 [ 17.134583] __asan_report_load4_noabort+0x20/0x30 [ 17.134633] rcu_uaf_reclaim+0x64/0x70 [ 17.134678] rcu_core+0x9f4/0x1e20 [ 17.134728] rcu_core_si+0x18/0x30 [ 17.134773] handle_softirqs+0x374/0xb28 [ 17.136840] __do_softirq+0x1c/0x28 [ 17.137602] ____do_softirq+0x18/0x30 [ 17.137967] call_on_irq_stack+0x24/0x30 [ 17.139323] do_softirq_own_stack+0x24/0x38 [ 17.139508] __irq_exit_rcu+0x1fc/0x318 [ 17.139583] irq_exit_rcu+0x1c/0x80 [ 17.140182] el1_interrupt+0x38/0x58 [ 17.140370] el1h_64_irq_handler+0x18/0x28 [ 17.141297] el1h_64_irq+0x6c/0x70 [ 17.141868] arch_local_irq_enable+0x4/0x8 (P) [ 17.141937] do_idle+0x384/0x4e8 [ 17.141981] cpu_startup_entry+0x64/0x80 [ 17.143328] secondary_start_kernel+0x288/0x340 [ 17.143644] __secondary_switched+0xc0/0xc8 [ 17.144254] [ 17.144278] Allocated by task 198: [ 17.144459] kasan_save_stack+0x3c/0x68 [ 17.144614] kasan_save_track+0x20/0x40 [ 17.145058] kasan_save_alloc_info+0x40/0x58 [ 17.145105] __kasan_kmalloc+0xd4/0xd8 [ 17.145154] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.145194] rcu_uaf+0xb0/0x2d8 [ 17.145229] kunit_try_run_case+0x170/0x3f0 [ 17.145271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.146440] kthread+0x328/0x630 [ 17.146489] ret_from_fork+0x10/0x20 [ 17.146527] [ 17.147677] Freed by task 0: [ 17.148230] kasan_save_stack+0x3c/0x68 [ 17.148281] kasan_save_track+0x20/0x40 [ 17.148320] kasan_save_free_info+0x4c/0x78 [ 17.148359] __kasan_slab_free+0x6c/0x98 [ 17.148397] kfree+0x214/0x3c8 [ 17.148433] rcu_uaf_reclaim+0x28/0x70 [ 17.148469] rcu_core+0x9f4/0x1e20 [ 17.149587] rcu_core_si+0x18/0x30 [ 17.149668] handle_softirqs+0x374/0xb28 [ 17.149908] __do_softirq+0x1c/0x28 [ 17.150357] [ 17.150526] Last potentially related work creation: [ 17.151130] kasan_save_stack+0x3c/0x68 [ 17.151368] kasan_record_aux_stack+0xb4/0xc8 [ 17.152200] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.152307] call_rcu+0x18/0x30 [ 17.152605] rcu_uaf+0x14c/0x2d8 [ 17.153017] kunit_try_run_case+0x170/0x3f0 [ 17.153088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.153145] kthread+0x328/0x630 [ 17.153178] ret_from_fork+0x10/0x20 [ 17.153226] [ 17.154363] The buggy address belongs to the object at fff00000c6cd34c0 [ 17.154363] which belongs to the cache kmalloc-32 of size 32 [ 17.154857] The buggy address is located 0 bytes inside of [ 17.154857] freed 32-byte region [fff00000c6cd34c0, fff00000c6cd34e0) [ 17.154926] [ 17.154956] The buggy address belongs to the physical page: [ 17.156129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106cd3 [ 17.156254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.156984] page_type: f5(slab) [ 17.157510] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.157670] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.157720] page dumped because: kasan: bad access detected [ 17.157753] [ 17.157770] Memory state around the buggy address: [ 17.157805] fff00000c6cd3380: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.159857] fff00000c6cd3400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.160087] >fff00000c6cd3480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.160135] ^ [ 17.160905] fff00000c6cd3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161025] fff00000c6cd3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.993555] ================================================================== [ 16.993619] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.993680] Read of size 1 at addr fff00000c638be00 by task kunit_try_catch/196 [ 16.993731] [ 16.993776] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.993856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.993882] Hardware name: linux,dummy-virt (DT) [ 16.993920] Call trace: [ 16.993941] show_stack+0x20/0x38 (C) [ 16.994003] dump_stack_lvl+0x8c/0xd0 [ 16.994058] print_report+0x118/0x608 [ 16.994125] kasan_report+0xdc/0x128 [ 16.994171] __asan_report_load1_noabort+0x20/0x30 [ 16.994371] ksize_uaf+0x598/0x5f8 [ 16.994418] kunit_try_run_case+0x170/0x3f0 [ 16.994526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.994624] kthread+0x328/0x630 [ 16.994672] ret_from_fork+0x10/0x20 [ 16.994787] [ 16.994807] Allocated by task 196: [ 16.994845] kasan_save_stack+0x3c/0x68 [ 16.994885] kasan_save_track+0x20/0x40 [ 16.994940] kasan_save_alloc_info+0x40/0x58 [ 16.994987] __kasan_kmalloc+0xd4/0xd8 [ 16.995022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.995079] ksize_uaf+0xb8/0x5f8 [ 16.995133] kunit_try_run_case+0x170/0x3f0 [ 16.995172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.995221] kthread+0x328/0x630 [ 16.995254] ret_from_fork+0x10/0x20 [ 16.995289] [ 16.995306] Freed by task 196: [ 16.995342] kasan_save_stack+0x3c/0x68 [ 16.995402] kasan_save_track+0x20/0x40 [ 16.995448] kasan_save_free_info+0x4c/0x78 [ 16.995494] __kasan_slab_free+0x6c/0x98 [ 16.995539] kfree+0x214/0x3c8 [ 16.995581] ksize_uaf+0x11c/0x5f8 [ 16.995614] kunit_try_run_case+0x170/0x3f0 [ 16.995952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.996035] kthread+0x328/0x630 [ 16.996179] ret_from_fork+0x10/0x20 [ 16.996268] [ 16.996296] The buggy address belongs to the object at fff00000c638be00 [ 16.996296] which belongs to the cache kmalloc-128 of size 128 [ 16.996356] The buggy address is located 0 bytes inside of [ 16.996356] freed 128-byte region [fff00000c638be00, fff00000c638be80) [ 16.996423] [ 16.996453] The buggy address belongs to the physical page: [ 16.996485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.996557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.996635] page_type: f5(slab) [ 16.996709] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.996795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.996873] page dumped because: kasan: bad access detected [ 16.996906] [ 16.996924] Memory state around the buggy address: [ 16.996955] fff00000c638bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.996998] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997038] >fff00000c638be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.997369] ^ [ 16.997403] fff00000c638be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997547] fff00000c638bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997622] ================================================================== [ 16.987637] ================================================================== [ 16.987734] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.987902] Read of size 1 at addr fff00000c638be00 by task kunit_try_catch/196 [ 16.987961] [ 16.987997] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.988103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.988141] Hardware name: linux,dummy-virt (DT) [ 16.988174] Call trace: [ 16.988196] show_stack+0x20/0x38 (C) [ 16.988246] dump_stack_lvl+0x8c/0xd0 [ 16.988295] print_report+0x118/0x608 [ 16.988340] kasan_report+0xdc/0x128 [ 16.988386] __kasan_check_byte+0x54/0x70 [ 16.988432] ksize+0x30/0x88 [ 16.988474] ksize_uaf+0x168/0x5f8 [ 16.988515] kunit_try_run_case+0x170/0x3f0 [ 16.988563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.988691] kthread+0x328/0x630 [ 16.988779] ret_from_fork+0x10/0x20 [ 16.988876] [ 16.988982] Allocated by task 196: [ 16.989040] kasan_save_stack+0x3c/0x68 [ 16.989128] kasan_save_track+0x20/0x40 [ 16.989228] kasan_save_alloc_info+0x40/0x58 [ 16.989318] __kasan_kmalloc+0xd4/0xd8 [ 16.989434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.989507] ksize_uaf+0xb8/0x5f8 [ 16.989549] kunit_try_run_case+0x170/0x3f0 [ 16.989587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.989630] kthread+0x328/0x630 [ 16.989661] ret_from_fork+0x10/0x20 [ 16.989698] [ 16.989717] Freed by task 196: [ 16.989742] kasan_save_stack+0x3c/0x68 [ 16.989789] kasan_save_track+0x20/0x40 [ 16.989825] kasan_save_free_info+0x4c/0x78 [ 16.989864] __kasan_slab_free+0x6c/0x98 [ 16.989899] kfree+0x214/0x3c8 [ 16.989933] ksize_uaf+0x11c/0x5f8 [ 16.989966] kunit_try_run_case+0x170/0x3f0 [ 16.990005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.990049] kthread+0x328/0x630 [ 16.990081] ret_from_fork+0x10/0x20 [ 16.990563] [ 16.990654] The buggy address belongs to the object at fff00000c638be00 [ 16.990654] which belongs to the cache kmalloc-128 of size 128 [ 16.990802] The buggy address is located 0 bytes inside of [ 16.990802] freed 128-byte region [fff00000c638be00, fff00000c638be80) [ 16.990897] [ 16.990919] The buggy address belongs to the physical page: [ 16.990951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.991004] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.991051] page_type: f5(slab) [ 16.991090] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.991148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.991189] page dumped because: kasan: bad access detected [ 16.991261] [ 16.991290] Memory state around the buggy address: [ 16.991348] fff00000c638bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.991448] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991514] >fff00000c638be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.991569] ^ [ 16.991598] fff00000c638be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991646] fff00000c638bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991742] ================================================================== [ 16.998023] ================================================================== [ 16.998072] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.998135] Read of size 1 at addr fff00000c638be78 by task kunit_try_catch/196 [ 16.998185] [ 16.998224] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.998304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.998330] Hardware name: linux,dummy-virt (DT) [ 16.998360] Call trace: [ 16.998389] show_stack+0x20/0x38 (C) [ 16.998436] dump_stack_lvl+0x8c/0xd0 [ 16.998490] print_report+0x118/0x608 [ 16.998536] kasan_report+0xdc/0x128 [ 16.998580] __asan_report_load1_noabort+0x20/0x30 [ 16.998630] ksize_uaf+0x544/0x5f8 [ 16.998679] kunit_try_run_case+0x170/0x3f0 [ 16.998732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.998785] kthread+0x328/0x630 [ 16.998831] ret_from_fork+0x10/0x20 [ 16.998876] [ 16.998894] Allocated by task 196: [ 16.998921] kasan_save_stack+0x3c/0x68 [ 16.998958] kasan_save_track+0x20/0x40 [ 16.999005] kasan_save_alloc_info+0x40/0x58 [ 16.999046] __kasan_kmalloc+0xd4/0xd8 [ 16.999081] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.999129] ksize_uaf+0xb8/0x5f8 [ 16.999162] kunit_try_run_case+0x170/0x3f0 [ 16.999199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.999241] kthread+0x328/0x630 [ 16.999280] ret_from_fork+0x10/0x20 [ 16.999316] [ 16.999334] Freed by task 196: [ 16.999366] kasan_save_stack+0x3c/0x68 [ 16.999402] kasan_save_track+0x20/0x40 [ 16.999439] kasan_save_free_info+0x4c/0x78 [ 16.999491] __kasan_slab_free+0x6c/0x98 [ 16.999529] kfree+0x214/0x3c8 [ 16.999571] ksize_uaf+0x11c/0x5f8 [ 16.999605] kunit_try_run_case+0x170/0x3f0 [ 16.999640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.999691] kthread+0x328/0x630 [ 16.999722] ret_from_fork+0x10/0x20 [ 16.999758] [ 16.999777] The buggy address belongs to the object at fff00000c638be00 [ 16.999777] which belongs to the cache kmalloc-128 of size 128 [ 16.999856] The buggy address is located 120 bytes inside of [ 16.999856] freed 128-byte region [fff00000c638be00, fff00000c638be80) [ 16.999920] [ 16.999939] The buggy address belongs to the physical page: [ 16.999970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 17.000094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.000154] page_type: f5(slab) [ 17.000189] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.000239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.000280] page dumped because: kasan: bad access detected [ 17.000317] [ 17.000334] Memory state around the buggy address: [ 17.000364] fff00000c638bd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.002155] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002244] >fff00000c638be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.002287] ^ [ 17.002327] fff00000c638be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002387] fff00000c638bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.002480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.977625] ================================================================== [ 16.978203] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.978571] Read of size 1 at addr fff00000c638bd7f by task kunit_try_catch/194 [ 16.978656] [ 16.978774] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.978916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.979060] Hardware name: linux,dummy-virt (DT) [ 16.979260] Call trace: [ 16.979289] show_stack+0x20/0x38 (C) [ 16.979342] dump_stack_lvl+0x8c/0xd0 [ 16.979393] print_report+0x118/0x608 [ 16.979440] kasan_report+0xdc/0x128 [ 16.979618] __asan_report_load1_noabort+0x20/0x30 [ 16.979685] ksize_unpoisons_memory+0x690/0x740 [ 16.979754] kunit_try_run_case+0x170/0x3f0 [ 16.979802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.979853] kthread+0x328/0x630 [ 16.979894] ret_from_fork+0x10/0x20 [ 16.979943] [ 16.979961] Allocated by task 194: [ 16.979989] kasan_save_stack+0x3c/0x68 [ 16.980041] kasan_save_track+0x20/0x40 [ 16.980077] kasan_save_alloc_info+0x40/0x58 [ 16.980131] __kasan_kmalloc+0xd4/0xd8 [ 16.980167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.980207] ksize_unpoisons_memory+0xc0/0x740 [ 16.980245] kunit_try_run_case+0x170/0x3f0 [ 16.980282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.980324] kthread+0x328/0x630 [ 16.980355] ret_from_fork+0x10/0x20 [ 16.980390] [ 16.980409] The buggy address belongs to the object at fff00000c638bd00 [ 16.980409] which belongs to the cache kmalloc-128 of size 128 [ 16.980467] The buggy address is located 12 bytes to the right of [ 16.980467] allocated 115-byte region [fff00000c638bd00, fff00000c638bd73) [ 16.980540] [ 16.980569] The buggy address belongs to the physical page: [ 16.980601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.980660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.980718] page_type: f5(slab) [ 16.980758] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.980814] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.980854] page dumped because: kasan: bad access detected [ 16.980885] [ 16.980901] Memory state around the buggy address: [ 16.980933] fff00000c638bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.980975] fff00000c638bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.981015] >fff00000c638bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.981063] ^ [ 16.981104] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.982252] fff00000c638be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.982327] ================================================================== [ 16.958752] ================================================================== [ 16.959138] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.959217] Read of size 1 at addr fff00000c638bd73 by task kunit_try_catch/194 [ 16.959376] [ 16.959453] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.959655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.960095] Hardware name: linux,dummy-virt (DT) [ 16.960215] Call trace: [ 16.960373] show_stack+0x20/0x38 (C) [ 16.960631] dump_stack_lvl+0x8c/0xd0 [ 16.960721] print_report+0x118/0x608 [ 16.961035] kasan_report+0xdc/0x128 [ 16.961250] __asan_report_load1_noabort+0x20/0x30 [ 16.961434] ksize_unpoisons_memory+0x628/0x740 [ 16.961880] kunit_try_run_case+0x170/0x3f0 [ 16.961981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.962064] kthread+0x328/0x630 [ 16.962224] ret_from_fork+0x10/0x20 [ 16.962328] [ 16.962473] Allocated by task 194: [ 16.962514] kasan_save_stack+0x3c/0x68 [ 16.962603] kasan_save_track+0x20/0x40 [ 16.963150] kasan_save_alloc_info+0x40/0x58 [ 16.963244] __kasan_kmalloc+0xd4/0xd8 [ 16.963431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.963477] ksize_unpoisons_memory+0xc0/0x740 [ 16.963691] kunit_try_run_case+0x170/0x3f0 [ 16.963876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.964204] kthread+0x328/0x630 [ 16.964380] ret_from_fork+0x10/0x20 [ 16.964432] [ 16.964451] The buggy address belongs to the object at fff00000c638bd00 [ 16.964451] which belongs to the cache kmalloc-128 of size 128 [ 16.964520] The buggy address is located 0 bytes to the right of [ 16.964520] allocated 115-byte region [fff00000c638bd00, fff00000c638bd73) [ 16.964901] [ 16.964991] The buggy address belongs to the physical page: [ 16.965183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.965339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.965395] page_type: f5(slab) [ 16.965436] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.965507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.966002] page dumped because: kasan: bad access detected [ 16.966068] [ 16.966196] Memory state around the buggy address: [ 16.966264] fff00000c638bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.966732] fff00000c638bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.966801] >fff00000c638bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.966949] ^ [ 16.967097] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.967152] fff00000c638be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.967325] ================================================================== [ 16.969368] ================================================================== [ 16.969608] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.969672] Read of size 1 at addr fff00000c638bd78 by task kunit_try_catch/194 [ 16.969722] [ 16.969755] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.969880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.969910] Hardware name: linux,dummy-virt (DT) [ 16.969942] Call trace: [ 16.969964] show_stack+0x20/0x38 (C) [ 16.970015] dump_stack_lvl+0x8c/0xd0 [ 16.970086] print_report+0x118/0x608 [ 16.970147] kasan_report+0xdc/0x128 [ 16.970193] __asan_report_load1_noabort+0x20/0x30 [ 16.970245] ksize_unpoisons_memory+0x618/0x740 [ 16.970979] kunit_try_run_case+0x170/0x3f0 [ 16.971285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.971354] kthread+0x328/0x630 [ 16.971398] ret_from_fork+0x10/0x20 [ 16.971471] [ 16.971502] Allocated by task 194: [ 16.971541] kasan_save_stack+0x3c/0x68 [ 16.971584] kasan_save_track+0x20/0x40 [ 16.971621] kasan_save_alloc_info+0x40/0x58 [ 16.971662] __kasan_kmalloc+0xd4/0xd8 [ 16.971697] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.971736] ksize_unpoisons_memory+0xc0/0x740 [ 16.972305] kunit_try_run_case+0x170/0x3f0 [ 16.972364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.972700] kthread+0x328/0x630 [ 16.972861] ret_from_fork+0x10/0x20 [ 16.972959] [ 16.973089] The buggy address belongs to the object at fff00000c638bd00 [ 16.973089] which belongs to the cache kmalloc-128 of size 128 [ 16.973519] The buggy address is located 5 bytes to the right of [ 16.973519] allocated 115-byte region [fff00000c638bd00, fff00000c638bd73) [ 16.973596] [ 16.973616] The buggy address belongs to the physical page: [ 16.973947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.974048] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.974099] page_type: f5(slab) [ 16.974348] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.974446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.974596] page dumped because: kasan: bad access detected [ 16.974836] [ 16.975020] Memory state around the buggy address: [ 16.975224] fff00000c638bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.975298] fff00000c638bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.975473] >fff00000c638bd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.975557] ^ [ 16.975676] fff00000c638bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.976005] fff00000c638be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.976248] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.936770] ================================================================== [ 16.936843] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.937237] Free of addr fff00000c61bc480 by task kunit_try_catch/192 [ 16.937300] [ 16.937336] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.937454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.937482] Hardware name: linux,dummy-virt (DT) [ 16.937558] Call trace: [ 16.937918] show_stack+0x20/0x38 (C) [ 16.937990] dump_stack_lvl+0x8c/0xd0 [ 16.938309] print_report+0x118/0x608 [ 16.938379] kasan_report_invalid_free+0xc0/0xe8 [ 16.938438] check_slab_allocation+0xd4/0x108 [ 16.938484] __kasan_slab_pre_free+0x2c/0x48 [ 16.938802] kfree+0xe8/0x3c8 [ 16.938871] kfree_sensitive+0x3c/0xb0 [ 16.938917] kmalloc_double_kzfree+0x168/0x308 [ 16.939192] kunit_try_run_case+0x170/0x3f0 [ 16.939267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.939320] kthread+0x328/0x630 [ 16.939644] ret_from_fork+0x10/0x20 [ 16.939754] [ 16.939780] Allocated by task 192: [ 16.939946] kasan_save_stack+0x3c/0x68 [ 16.940129] kasan_save_track+0x20/0x40 [ 16.940267] kasan_save_alloc_info+0x40/0x58 [ 16.940373] __kasan_kmalloc+0xd4/0xd8 [ 16.941962] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.942081] kmalloc_double_kzfree+0xb8/0x308 [ 16.942256] kunit_try_run_case+0x170/0x3f0 [ 16.942300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.942344] kthread+0x328/0x630 [ 16.942586] ret_from_fork+0x10/0x20 [ 16.942785] [ 16.942902] Freed by task 192: [ 16.943072] kasan_save_stack+0x3c/0x68 [ 16.943303] kasan_save_track+0x20/0x40 [ 16.943551] kasan_save_free_info+0x4c/0x78 [ 16.943616] __kasan_slab_free+0x6c/0x98 [ 16.943676] kfree+0x214/0x3c8 [ 16.943923] kfree_sensitive+0x80/0xb0 [ 16.944080] kmalloc_double_kzfree+0x11c/0x308 [ 16.944135] kunit_try_run_case+0x170/0x3f0 [ 16.944173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.944386] kthread+0x328/0x630 [ 16.944547] ret_from_fork+0x10/0x20 [ 16.944622] [ 16.944726] The buggy address belongs to the object at fff00000c61bc480 [ 16.944726] which belongs to the cache kmalloc-16 of size 16 [ 16.944850] The buggy address is located 0 bytes inside of [ 16.944850] 16-byte region [fff00000c61bc480, fff00000c61bc490) [ 16.945091] [ 16.945323] The buggy address belongs to the physical page: [ 16.945506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.945734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.945865] page_type: f5(slab) [ 16.945952] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.946022] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.946239] page dumped because: kasan: bad access detected [ 16.946494] [ 16.946520] Memory state around the buggy address: [ 16.946863] fff00000c61bc380: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 16.947031] fff00000c61bc400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.947246] >fff00000c61bc480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947394] ^ [ 16.947615] fff00000c61bc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947773] fff00000c61bc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.947887] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.926589] ================================================================== [ 16.926787] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.926910] Read of size 1 at addr fff00000c61bc480 by task kunit_try_catch/192 [ 16.927171] [ 16.927214] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.927684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.928184] Hardware name: linux,dummy-virt (DT) [ 16.928240] Call trace: [ 16.928285] show_stack+0x20/0x38 (C) [ 16.928535] dump_stack_lvl+0x8c/0xd0 [ 16.928872] print_report+0x118/0x608 [ 16.929153] kasan_report+0xdc/0x128 [ 16.929534] __kasan_check_byte+0x54/0x70 [ 16.930127] kfree_sensitive+0x30/0xb0 [ 16.930220] kmalloc_double_kzfree+0x168/0x308 [ 16.930600] kunit_try_run_case+0x170/0x3f0 [ 16.930669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.931062] kthread+0x328/0x630 [ 16.931155] ret_from_fork+0x10/0x20 [ 16.931263] [ 16.931343] Allocated by task 192: [ 16.931437] kasan_save_stack+0x3c/0x68 [ 16.931501] kasan_save_track+0x20/0x40 [ 16.931572] kasan_save_alloc_info+0x40/0x58 [ 16.931613] __kasan_kmalloc+0xd4/0xd8 [ 16.931670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.931711] kmalloc_double_kzfree+0xb8/0x308 [ 16.931750] kunit_try_run_case+0x170/0x3f0 [ 16.931787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.931840] kthread+0x328/0x630 [ 16.931875] ret_from_fork+0x10/0x20 [ 16.931920] [ 16.931961] Freed by task 192: [ 16.931986] kasan_save_stack+0x3c/0x68 [ 16.932024] kasan_save_track+0x20/0x40 [ 16.932071] kasan_save_free_info+0x4c/0x78 [ 16.932128] __kasan_slab_free+0x6c/0x98 [ 16.932177] kfree+0x214/0x3c8 [ 16.932224] kfree_sensitive+0x80/0xb0 [ 16.932280] kmalloc_double_kzfree+0x11c/0x308 [ 16.932318] kunit_try_run_case+0x170/0x3f0 [ 16.932369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.932420] kthread+0x328/0x630 [ 16.932452] ret_from_fork+0x10/0x20 [ 16.932488] [ 16.932507] The buggy address belongs to the object at fff00000c61bc480 [ 16.932507] which belongs to the cache kmalloc-16 of size 16 [ 16.932574] The buggy address is located 0 bytes inside of [ 16.932574] freed 16-byte region [fff00000c61bc480, fff00000c61bc490) [ 16.932634] [ 16.932654] The buggy address belongs to the physical page: [ 16.932687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.932741] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.932793] page_type: f5(slab) [ 16.932855] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.932911] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.932953] page dumped because: kasan: bad access detected [ 16.932984] [ 16.933001] Memory state around the buggy address: [ 16.933035] fff00000c61bc380: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 16.933087] fff00000c61bc400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.933406] >fff00000c61bc480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.933458] ^ [ 16.933489] fff00000c61bc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.934151] fff00000c61bc580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.934233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.904962] ================================================================== [ 16.905023] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.905078] Read of size 1 at addr fff00000c63bfd28 by task kunit_try_catch/188 [ 16.905185] [ 16.905230] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.905326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.905351] Hardware name: linux,dummy-virt (DT) [ 16.905413] Call trace: [ 16.905443] show_stack+0x20/0x38 (C) [ 16.905494] dump_stack_lvl+0x8c/0xd0 [ 16.905558] print_report+0x118/0x608 [ 16.905640] kasan_report+0xdc/0x128 [ 16.905704] __asan_report_load1_noabort+0x20/0x30 [ 16.905767] kmalloc_uaf2+0x3f4/0x468 [ 16.905812] kunit_try_run_case+0x170/0x3f0 [ 16.905860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.905913] kthread+0x328/0x630 [ 16.905957] ret_from_fork+0x10/0x20 [ 16.906005] [ 16.906023] Allocated by task 188: [ 16.906217] kasan_save_stack+0x3c/0x68 [ 16.906266] kasan_save_track+0x20/0x40 [ 16.906306] kasan_save_alloc_info+0x40/0x58 [ 16.906493] __kasan_kmalloc+0xd4/0xd8 [ 16.906542] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.906613] kmalloc_uaf2+0xc4/0x468 [ 16.906648] kunit_try_run_case+0x170/0x3f0 [ 16.906717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.906760] kthread+0x328/0x630 [ 16.906793] ret_from_fork+0x10/0x20 [ 16.906974] [ 16.907021] Freed by task 188: [ 16.907081] kasan_save_stack+0x3c/0x68 [ 16.907203] kasan_save_track+0x20/0x40 [ 16.907272] kasan_save_free_info+0x4c/0x78 [ 16.907337] __kasan_slab_free+0x6c/0x98 [ 16.907428] kfree+0x214/0x3c8 [ 16.907506] kmalloc_uaf2+0x134/0x468 [ 16.907563] kunit_try_run_case+0x170/0x3f0 [ 16.907667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.907744] kthread+0x328/0x630 [ 16.907820] ret_from_fork+0x10/0x20 [ 16.907964] [ 16.907983] The buggy address belongs to the object at fff00000c63bfd00 [ 16.907983] which belongs to the cache kmalloc-64 of size 64 [ 16.908043] The buggy address is located 40 bytes inside of [ 16.908043] freed 64-byte region [fff00000c63bfd00, fff00000c63bfd40) [ 16.908161] [ 16.908217] The buggy address belongs to the physical page: [ 16.908297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bf [ 16.908360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.908428] page_type: f5(slab) [ 16.908533] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.908599] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.908666] page dumped because: kasan: bad access detected [ 16.908720] [ 16.908801] Memory state around the buggy address: [ 16.908859] fff00000c63bfc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.908921] fff00000c63bfc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.908962] >fff00000c63bfd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.909000] ^ [ 16.909041] fff00000c63bfd80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.909083] fff00000c63bfe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.909275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.893301] ================================================================== [ 16.893486] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.893675] Write of size 33 at addr fff00000c63bfb80 by task kunit_try_catch/186 [ 16.894259] [ 16.894293] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.894375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.894447] Hardware name: linux,dummy-virt (DT) [ 16.894484] Call trace: [ 16.894572] show_stack+0x20/0x38 (C) [ 16.894642] dump_stack_lvl+0x8c/0xd0 [ 16.894710] print_report+0x118/0x608 [ 16.894763] kasan_report+0xdc/0x128 [ 16.894853] kasan_check_range+0x100/0x1a8 [ 16.894903] __asan_memset+0x34/0x78 [ 16.894948] kmalloc_uaf_memset+0x170/0x310 [ 16.895001] kunit_try_run_case+0x170/0x3f0 [ 16.895187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.895244] kthread+0x328/0x630 [ 16.895287] ret_from_fork+0x10/0x20 [ 16.895356] [ 16.895375] Allocated by task 186: [ 16.895461] kasan_save_stack+0x3c/0x68 [ 16.895541] kasan_save_track+0x20/0x40 [ 16.895588] kasan_save_alloc_info+0x40/0x58 [ 16.895646] __kasan_kmalloc+0xd4/0xd8 [ 16.895689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.895750] kmalloc_uaf_memset+0xb8/0x310 [ 16.895818] kunit_try_run_case+0x170/0x3f0 [ 16.895856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.895923] kthread+0x328/0x630 [ 16.895955] ret_from_fork+0x10/0x20 [ 16.895991] [ 16.896010] Freed by task 186: [ 16.896035] kasan_save_stack+0x3c/0x68 [ 16.896073] kasan_save_track+0x20/0x40 [ 16.896172] kasan_save_free_info+0x4c/0x78 [ 16.896215] __kasan_slab_free+0x6c/0x98 [ 16.896252] kfree+0x214/0x3c8 [ 16.896350] kmalloc_uaf_memset+0x11c/0x310 [ 16.896426] kunit_try_run_case+0x170/0x3f0 [ 16.896483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.896550] kthread+0x328/0x630 [ 16.896644] ret_from_fork+0x10/0x20 [ 16.896702] [ 16.896756] The buggy address belongs to the object at fff00000c63bfb80 [ 16.896756] which belongs to the cache kmalloc-64 of size 64 [ 16.896851] The buggy address is located 0 bytes inside of [ 16.896851] freed 64-byte region [fff00000c63bfb80, fff00000c63bfbc0) [ 16.896926] [ 16.896945] The buggy address belongs to the physical page: [ 16.896976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bf [ 16.897299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.897371] page_type: f5(slab) [ 16.897464] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.897588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.897657] page dumped because: kasan: bad access detected [ 16.897702] [ 16.897781] Memory state around the buggy address: [ 16.897850] fff00000c63bfa80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.897894] fff00000c63bfb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.898078] >fff00000c63bfb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.898344] ^ [ 16.898471] fff00000c63bfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898538] fff00000c63bfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898613] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.882294] ================================================================== [ 16.882368] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.882423] Read of size 1 at addr fff00000c61bc468 by task kunit_try_catch/184 [ 16.882571] [ 16.882691] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.882803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.882839] Hardware name: linux,dummy-virt (DT) [ 16.882880] Call trace: [ 16.882919] show_stack+0x20/0x38 (C) [ 16.882986] dump_stack_lvl+0x8c/0xd0 [ 16.883070] print_report+0x118/0x608 [ 16.883168] kasan_report+0xdc/0x128 [ 16.883233] __asan_report_load1_noabort+0x20/0x30 [ 16.883294] kmalloc_uaf+0x300/0x338 [ 16.883360] kunit_try_run_case+0x170/0x3f0 [ 16.883408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.883460] kthread+0x328/0x630 [ 16.883501] ret_from_fork+0x10/0x20 [ 16.883550] [ 16.883568] Allocated by task 184: [ 16.883597] kasan_save_stack+0x3c/0x68 [ 16.883636] kasan_save_track+0x20/0x40 [ 16.883682] kasan_save_alloc_info+0x40/0x58 [ 16.883773] __kasan_kmalloc+0xd4/0xd8 [ 16.883820] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.883885] kmalloc_uaf+0xb8/0x338 [ 16.883951] kunit_try_run_case+0x170/0x3f0 [ 16.884029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.884124] kthread+0x328/0x630 [ 16.884206] ret_from_fork+0x10/0x20 [ 16.884292] [ 16.884335] Freed by task 184: [ 16.884373] kasan_save_stack+0x3c/0x68 [ 16.884409] kasan_save_track+0x20/0x40 [ 16.884446] kasan_save_free_info+0x4c/0x78 [ 16.884747] __kasan_slab_free+0x6c/0x98 [ 16.884893] kfree+0x214/0x3c8 [ 16.884973] kmalloc_uaf+0x11c/0x338 [ 16.885050] kunit_try_run_case+0x170/0x3f0 [ 16.885142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.885224] kthread+0x328/0x630 [ 16.885295] ret_from_fork+0x10/0x20 [ 16.885342] [ 16.885361] The buggy address belongs to the object at fff00000c61bc460 [ 16.885361] which belongs to the cache kmalloc-16 of size 16 [ 16.885692] The buggy address is located 8 bytes inside of [ 16.885692] freed 16-byte region [fff00000c61bc460, fff00000c61bc470) [ 16.885822] [ 16.885870] The buggy address belongs to the physical page: [ 16.885913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.885975] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.886041] page_type: f5(slab) [ 16.886096] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.886224] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.886266] page dumped because: kasan: bad access detected [ 16.886297] [ 16.886342] Memory state around the buggy address: [ 16.886615] fff00000c61bc300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.886748] fff00000c61bc380: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 16.886825] >fff00000c61bc400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.886878] ^ [ 16.886952] fff00000c61bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.887005] fff00000c61bc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.887070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.866068] ================================================================== [ 16.866149] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.866213] Read of size 64 at addr fff00000c63bf884 by task kunit_try_catch/182 [ 16.866263] [ 16.866301] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.866394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.866421] Hardware name: linux,dummy-virt (DT) [ 16.866452] Call trace: [ 16.866480] show_stack+0x20/0x38 (C) [ 16.866531] dump_stack_lvl+0x8c/0xd0 [ 16.866579] print_report+0x118/0x608 [ 16.866626] kasan_report+0xdc/0x128 [ 16.866670] kasan_check_range+0x100/0x1a8 [ 16.866719] __asan_memmove+0x3c/0x98 [ 16.867391] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.867919] kunit_try_run_case+0x170/0x3f0 [ 16.867975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.868029] kthread+0x328/0x630 [ 16.868074] ret_from_fork+0x10/0x20 [ 16.868137] [ 16.868156] Allocated by task 182: [ 16.870060] kasan_save_stack+0x3c/0x68 [ 16.870342] kasan_save_track+0x20/0x40 [ 16.870408] kasan_save_alloc_info+0x40/0x58 [ 16.871085] __kasan_kmalloc+0xd4/0xd8 [ 16.871648] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.871746] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.871788] kunit_try_run_case+0x170/0x3f0 [ 16.871826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.871901] kthread+0x328/0x630 [ 16.871935] ret_from_fork+0x10/0x20 [ 16.872161] [ 16.872295] The buggy address belongs to the object at fff00000c63bf880 [ 16.872295] which belongs to the cache kmalloc-64 of size 64 [ 16.872358] The buggy address is located 4 bytes inside of [ 16.872358] allocated 64-byte region [fff00000c63bf880, fff00000c63bf8c0) [ 16.872898] [ 16.872932] The buggy address belongs to the physical page: [ 16.872968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bf [ 16.873255] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.873439] page_type: f5(slab) [ 16.873723] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.873779] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.874211] page dumped because: kasan: bad access detected [ 16.874502] [ 16.874661] Memory state around the buggy address: [ 16.875372] fff00000c63bf780: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.875621] fff00000c63bf800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.875709] >fff00000c63bf880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.875787] ^ [ 16.875832] fff00000c63bf900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875925] fff00000c63bf980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.826845] ================================================================== [ 16.826915] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.826968] Read of size 18446744073709551614 at addr fff00000c63bf704 by task kunit_try_catch/180 [ 16.827048] [ 16.827094] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.827208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.827233] Hardware name: linux,dummy-virt (DT) [ 16.827262] Call trace: [ 16.827285] show_stack+0x20/0x38 (C) [ 16.827334] dump_stack_lvl+0x8c/0xd0 [ 16.827381] print_report+0x118/0x608 [ 16.827425] kasan_report+0xdc/0x128 [ 16.827469] kasan_check_range+0x100/0x1a8 [ 16.827516] __asan_memmove+0x3c/0x98 [ 16.827558] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.827606] kunit_try_run_case+0x170/0x3f0 [ 16.827652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.827717] kthread+0x328/0x630 [ 16.827759] ret_from_fork+0x10/0x20 [ 16.827806] [ 16.827824] Allocated by task 180: [ 16.828014] kasan_save_stack+0x3c/0x68 [ 16.828643] kasan_save_track+0x20/0x40 [ 16.830050] kasan_save_alloc_info+0x40/0x58 [ 16.830189] __kasan_kmalloc+0xd4/0xd8 [ 16.830225] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.831874] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.832193] kunit_try_run_case+0x170/0x3f0 [ 16.832312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.832379] kthread+0x328/0x630 [ 16.832604] ret_from_fork+0x10/0x20 [ 16.832644] [ 16.832891] The buggy address belongs to the object at fff00000c63bf700 [ 16.832891] which belongs to the cache kmalloc-64 of size 64 [ 16.833069] The buggy address is located 4 bytes inside of [ 16.833069] 64-byte region [fff00000c63bf700, fff00000c63bf740) [ 16.833616] [ 16.833676] The buggy address belongs to the physical page: [ 16.833711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bf [ 16.833959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.834017] page_type: f5(slab) [ 16.834058] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.835991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.836108] page dumped because: kasan: bad access detected [ 16.836151] [ 16.836169] Memory state around the buggy address: [ 16.836451] fff00000c63bf600: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.836579] fff00000c63bf680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.836909] >fff00000c63bf700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.837034] ^ [ 16.837510] fff00000c63bf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837900] fff00000c63bf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.813940] ================================================================== [ 16.814005] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.814502] Write of size 16 at addr fff00000c638bc69 by task kunit_try_catch/178 [ 16.814784] [ 16.814825] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.814908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.814933] Hardware name: linux,dummy-virt (DT) [ 16.814965] Call trace: [ 16.814988] show_stack+0x20/0x38 (C) [ 16.815039] dump_stack_lvl+0x8c/0xd0 [ 16.815085] print_report+0x118/0x608 [ 16.815143] kasan_report+0xdc/0x128 [ 16.815187] kasan_check_range+0x100/0x1a8 [ 16.815232] __asan_memset+0x34/0x78 [ 16.815273] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.815317] kunit_try_run_case+0x170/0x3f0 [ 16.815364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815414] kthread+0x328/0x630 [ 16.815455] ret_from_fork+0x10/0x20 [ 16.815503] [ 16.815521] Allocated by task 178: [ 16.815548] kasan_save_stack+0x3c/0x68 [ 16.815588] kasan_save_track+0x20/0x40 [ 16.815624] kasan_save_alloc_info+0x40/0x58 [ 16.815671] __kasan_kmalloc+0xd4/0xd8 [ 16.815706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.815745] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.815781] kunit_try_run_case+0x170/0x3f0 [ 16.816825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.817619] kthread+0x328/0x630 [ 16.817653] ret_from_fork+0x10/0x20 [ 16.817689] [ 16.817710] The buggy address belongs to the object at fff00000c638bc00 [ 16.817710] which belongs to the cache kmalloc-128 of size 128 [ 16.817767] The buggy address is located 105 bytes inside of [ 16.817767] allocated 120-byte region [fff00000c638bc00, fff00000c638bc78) [ 16.817826] [ 16.817853] The buggy address belongs to the physical page: [ 16.817885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.817938] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.817993] page_type: f5(slab) [ 16.818033] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.818081] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.818130] page dumped because: kasan: bad access detected [ 16.818160] [ 16.818177] Memory state around the buggy address: [ 16.818210] fff00000c638bb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.818251] fff00000c638bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.818292] >fff00000c638bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.818396] ^ [ 16.818496] fff00000c638bc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.818598] fff00000c638bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.818724] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.785997] ================================================================== [ 16.786061] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.786132] Write of size 8 at addr fff00000c638bb71 by task kunit_try_catch/176 [ 16.788202] [ 16.788346] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.788724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.788752] Hardware name: linux,dummy-virt (DT) [ 16.788782] Call trace: [ 16.789654] show_stack+0x20/0x38 (C) [ 16.790284] dump_stack_lvl+0x8c/0xd0 [ 16.790739] print_report+0x118/0x608 [ 16.790788] kasan_report+0xdc/0x128 [ 16.790833] kasan_check_range+0x100/0x1a8 [ 16.790880] __asan_memset+0x34/0x78 [ 16.791779] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.791841] kunit_try_run_case+0x170/0x3f0 [ 16.791891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.791942] kthread+0x328/0x630 [ 16.791984] ret_from_fork+0x10/0x20 [ 16.792034] [ 16.792052] Allocated by task 176: [ 16.792080] kasan_save_stack+0x3c/0x68 [ 16.792134] kasan_save_track+0x20/0x40 [ 16.792171] kasan_save_alloc_info+0x40/0x58 [ 16.792210] __kasan_kmalloc+0xd4/0xd8 [ 16.792246] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.792284] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.792319] kunit_try_run_case+0x170/0x3f0 [ 16.792355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.792396] kthread+0x328/0x630 [ 16.792429] ret_from_fork+0x10/0x20 [ 16.792465] [ 16.792483] The buggy address belongs to the object at fff00000c638bb00 [ 16.792483] which belongs to the cache kmalloc-128 of size 128 [ 16.792538] The buggy address is located 113 bytes inside of [ 16.792538] allocated 120-byte region [fff00000c638bb00, fff00000c638bb78) [ 16.792597] [ 16.792618] The buggy address belongs to the physical page: [ 16.792649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.792702] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.792750] page_type: f5(slab) [ 16.792788] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.796882] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.797877] page dumped because: kasan: bad access detected [ 16.797919] [ 16.797939] Memory state around the buggy address: [ 16.798621] fff00000c638ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.799105] fff00000c638ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.799253] >fff00000c638bb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.799290] ^ [ 16.799329] fff00000c638bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.799375] fff00000c638bc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.799412] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.773561] ================================================================== [ 16.773781] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.773858] Write of size 4 at addr fff00000c638ba75 by task kunit_try_catch/174 [ 16.773930] [ 16.773972] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.774065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.774091] Hardware name: linux,dummy-virt (DT) [ 16.774138] Call trace: [ 16.774162] show_stack+0x20/0x38 (C) [ 16.774228] dump_stack_lvl+0x8c/0xd0 [ 16.774644] print_report+0x118/0x608 [ 16.774695] kasan_report+0xdc/0x128 [ 16.774753] kasan_check_range+0x100/0x1a8 [ 16.774800] __asan_memset+0x34/0x78 [ 16.774855] kmalloc_oob_memset_4+0x150/0x300 [ 16.774906] kunit_try_run_case+0x170/0x3f0 [ 16.774979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.775047] kthread+0x328/0x630 [ 16.775797] ret_from_fork+0x10/0x20 [ 16.775872] [ 16.775892] Allocated by task 174: [ 16.775920] kasan_save_stack+0x3c/0x68 [ 16.775961] kasan_save_track+0x20/0x40 [ 16.776005] kasan_save_alloc_info+0x40/0x58 [ 16.776044] __kasan_kmalloc+0xd4/0xd8 [ 16.776083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.776134] kmalloc_oob_memset_4+0xb0/0x300 [ 16.776170] kunit_try_run_case+0x170/0x3f0 [ 16.776207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.776251] kthread+0x328/0x630 [ 16.776284] ret_from_fork+0x10/0x20 [ 16.776319] [ 16.776338] The buggy address belongs to the object at fff00000c638ba00 [ 16.776338] which belongs to the cache kmalloc-128 of size 128 [ 16.776395] The buggy address is located 117 bytes inside of [ 16.776395] allocated 120-byte region [fff00000c638ba00, fff00000c638ba78) [ 16.776454] [ 16.776475] The buggy address belongs to the physical page: [ 16.776506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.776560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.776610] page_type: f5(slab) [ 16.776650] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.776768] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.776835] page dumped because: kasan: bad access detected [ 16.776885] [ 16.776928] Memory state around the buggy address: [ 16.776960] fff00000c638b900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.777025] fff00000c638b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.777066] >fff00000c638ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.777102] ^ [ 16.777153] fff00000c638ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.777194] fff00000c638bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.777230] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.745590] ================================================================== [ 16.745659] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.745717] Write of size 2 at addr fff00000c638b977 by task kunit_try_catch/172 [ 16.745765] [ 16.745806] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.745889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.745915] Hardware name: linux,dummy-virt (DT) [ 16.745959] Call trace: [ 16.745982] show_stack+0x20/0x38 (C) [ 16.746057] dump_stack_lvl+0x8c/0xd0 [ 16.746151] print_report+0x118/0x608 [ 16.746197] kasan_report+0xdc/0x128 [ 16.746241] kasan_check_range+0x100/0x1a8 [ 16.746287] __asan_memset+0x34/0x78 [ 16.746327] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.746372] kunit_try_run_case+0x170/0x3f0 [ 16.746420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.746470] kthread+0x328/0x630 [ 16.746518] ret_from_fork+0x10/0x20 [ 16.746774] [ 16.746793] Allocated by task 172: [ 16.746820] kasan_save_stack+0x3c/0x68 [ 16.746859] kasan_save_track+0x20/0x40 [ 16.746901] kasan_save_alloc_info+0x40/0x58 [ 16.748037] __kasan_kmalloc+0xd4/0xd8 [ 16.748099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.748438] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.748492] kunit_try_run_case+0x170/0x3f0 [ 16.748529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.748571] kthread+0x328/0x630 [ 16.748602] ret_from_fork+0x10/0x20 [ 16.748638] [ 16.748658] The buggy address belongs to the object at fff00000c638b900 [ 16.748658] which belongs to the cache kmalloc-128 of size 128 [ 16.748715] The buggy address is located 119 bytes inside of [ 16.748715] allocated 120-byte region [fff00000c638b900, fff00000c638b978) [ 16.748776] [ 16.748797] The buggy address belongs to the physical page: [ 16.748828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.748880] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.748929] page_type: f5(slab) [ 16.748967] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.749018] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.749056] page dumped because: kasan: bad access detected [ 16.749089] [ 16.749106] Memory state around the buggy address: [ 16.749150] fff00000c638b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.749194] fff00000c638b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.749235] >fff00000c638b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.749272] ^ [ 16.749311] fff00000c638b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.749354] fff00000c638ba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.749392] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.730996] ================================================================== [ 16.731065] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.731761] Write of size 128 at addr fff00000c638b800 by task kunit_try_catch/170 [ 16.731811] [ 16.732043] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.732153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.732179] Hardware name: linux,dummy-virt (DT) [ 16.732210] Call trace: [ 16.732233] show_stack+0x20/0x38 (C) [ 16.732380] dump_stack_lvl+0x8c/0xd0 [ 16.732428] print_report+0x118/0x608 [ 16.732524] kasan_report+0xdc/0x128 [ 16.732651] kasan_check_range+0x100/0x1a8 [ 16.732823] __asan_memset+0x34/0x78 [ 16.732865] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.732910] kunit_try_run_case+0x170/0x3f0 [ 16.732957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.733010] kthread+0x328/0x630 [ 16.733079] ret_from_fork+0x10/0x20 [ 16.733139] [ 16.733158] Allocated by task 170: [ 16.733979] kasan_save_stack+0x3c/0x68 [ 16.734051] kasan_save_track+0x20/0x40 [ 16.734098] kasan_save_alloc_info+0x40/0x58 [ 16.734149] __kasan_kmalloc+0xd4/0xd8 [ 16.734210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.734502] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.734575] kunit_try_run_case+0x170/0x3f0 [ 16.734621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.734663] kthread+0x328/0x630 [ 16.734695] ret_from_fork+0x10/0x20 [ 16.734731] [ 16.734750] The buggy address belongs to the object at fff00000c638b800 [ 16.734750] which belongs to the cache kmalloc-128 of size 128 [ 16.734940] The buggy address is located 0 bytes inside of [ 16.734940] allocated 120-byte region [fff00000c638b800, fff00000c638b878) [ 16.735060] [ 16.735109] The buggy address belongs to the physical page: [ 16.735177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.735233] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.735321] page_type: f5(slab) [ 16.735427] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.735527] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.735631] page dumped because: kasan: bad access detected [ 16.735717] [ 16.736027] Memory state around the buggy address: [ 16.736604] fff00000c638b700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.736681] fff00000c638b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.736732] >fff00000c638b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.736769] ^ [ 16.736813] fff00000c638b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.736853] fff00000c638b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.736895] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.706096] ================================================================== [ 16.706540] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.706769] Read of size 16 at addr fff00000c61bc440 by task kunit_try_catch/168 [ 16.706830] [ 16.706869] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.706950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.706975] Hardware name: linux,dummy-virt (DT) [ 16.707006] Call trace: [ 16.707028] show_stack+0x20/0x38 (C) [ 16.707080] dump_stack_lvl+0x8c/0xd0 [ 16.707140] print_report+0x118/0x608 [ 16.707186] kasan_report+0xdc/0x128 [ 16.707230] __asan_report_load16_noabort+0x20/0x30 [ 16.707280] kmalloc_uaf_16+0x3bc/0x438 [ 16.707324] kunit_try_run_case+0x170/0x3f0 [ 16.707370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707421] kthread+0x328/0x630 [ 16.707463] ret_from_fork+0x10/0x20 [ 16.707513] [ 16.707530] Allocated by task 168: [ 16.707562] kasan_save_stack+0x3c/0x68 [ 16.707638] kasan_save_track+0x20/0x40 [ 16.708095] kasan_save_alloc_info+0x40/0x58 [ 16.708263] __kasan_kmalloc+0xd4/0xd8 [ 16.708310] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.708349] kmalloc_uaf_16+0x140/0x438 [ 16.708384] kunit_try_run_case+0x170/0x3f0 [ 16.708466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.708580] kthread+0x328/0x630 [ 16.708612] ret_from_fork+0x10/0x20 [ 16.708647] [ 16.708665] Freed by task 168: [ 16.708691] kasan_save_stack+0x3c/0x68 [ 16.708727] kasan_save_track+0x20/0x40 [ 16.708763] kasan_save_free_info+0x4c/0x78 [ 16.708800] __kasan_slab_free+0x6c/0x98 [ 16.708836] kfree+0x214/0x3c8 [ 16.708868] kmalloc_uaf_16+0x190/0x438 [ 16.708902] kunit_try_run_case+0x170/0x3f0 [ 16.708937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.709004] kthread+0x328/0x630 [ 16.709133] ret_from_fork+0x10/0x20 [ 16.709187] [ 16.709206] The buggy address belongs to the object at fff00000c61bc440 [ 16.709206] which belongs to the cache kmalloc-16 of size 16 [ 16.709270] The buggy address is located 0 bytes inside of [ 16.709270] freed 16-byte region [fff00000c61bc440, fff00000c61bc450) [ 16.709566] [ 16.709623] The buggy address belongs to the physical page: [ 16.709655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.709732] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.709887] page_type: f5(slab) [ 16.709971] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.710020] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.710059] page dumped because: kasan: bad access detected [ 16.710089] [ 16.710106] Memory state around the buggy address: [ 16.710147] fff00000c61bc300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.710189] fff00000c61bc380: fa fb fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 16.710774] >fff00000c61bc400: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 16.710929] ^ [ 16.710975] fff00000c61bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711071] fff00000c61bc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711152] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.686722] ================================================================== [ 16.687151] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.687225] Write of size 16 at addr fff00000c61bc3e0 by task kunit_try_catch/166 [ 16.687274] [ 16.687313] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.687694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.687780] Hardware name: linux,dummy-virt (DT) [ 16.687831] Call trace: [ 16.687854] show_stack+0x20/0x38 (C) [ 16.687997] dump_stack_lvl+0x8c/0xd0 [ 16.688046] print_report+0x118/0x608 [ 16.688092] kasan_report+0xdc/0x128 [ 16.688198] __asan_report_store16_noabort+0x20/0x30 [ 16.688246] kmalloc_oob_16+0x3a0/0x3f8 [ 16.688290] kunit_try_run_case+0x170/0x3f0 [ 16.688557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.688638] kthread+0x328/0x630 [ 16.688882] ret_from_fork+0x10/0x20 [ 16.688958] [ 16.689015] Allocated by task 166: [ 16.689135] kasan_save_stack+0x3c/0x68 [ 16.689206] kasan_save_track+0x20/0x40 [ 16.689253] kasan_save_alloc_info+0x40/0x58 [ 16.689292] __kasan_kmalloc+0xd4/0xd8 [ 16.689326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.689374] kmalloc_oob_16+0xb4/0x3f8 [ 16.689408] kunit_try_run_case+0x170/0x3f0 [ 16.689445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.689807] kthread+0x328/0x630 [ 16.690552] ret_from_fork+0x10/0x20 [ 16.690676] [ 16.690722] The buggy address belongs to the object at fff00000c61bc3e0 [ 16.690722] which belongs to the cache kmalloc-16 of size 16 [ 16.690814] The buggy address is located 0 bytes inside of [ 16.690814] allocated 13-byte region [fff00000c61bc3e0, fff00000c61bc3ed) [ 16.690884] [ 16.690978] The buggy address belongs to the physical page: [ 16.691048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.691102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.691164] page_type: f5(slab) [ 16.691263] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.691518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.691709] page dumped because: kasan: bad access detected [ 16.691803] [ 16.691822] Memory state around the buggy address: [ 16.691854] fff00000c61bc280: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 16.691895] fff00000c61bc300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.691935] >fff00000c61bc380: fa fb fc fc 00 04 fc fc fa fb fc fc 00 05 fc fc [ 16.691993] ^ [ 16.692031] fff00000c61bc400: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692092] fff00000c61bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.664196] ================================================================== [ 16.664291] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.664340] Read of size 1 at addr fff00000c461d000 by task kunit_try_catch/164 [ 16.664395] [ 16.664716] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.664800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.664865] Hardware name: linux,dummy-virt (DT) [ 16.664897] Call trace: [ 16.664924] show_stack+0x20/0x38 (C) [ 16.665035] dump_stack_lvl+0x8c/0xd0 [ 16.665128] print_report+0x118/0x608 [ 16.665201] kasan_report+0xdc/0x128 [ 16.665247] __asan_report_load1_noabort+0x20/0x30 [ 16.665546] krealloc_uaf+0x4c8/0x520 [ 16.666864] kunit_try_run_case+0x170/0x3f0 [ 16.666928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.666980] kthread+0x328/0x630 [ 16.667023] ret_from_fork+0x10/0x20 [ 16.667070] [ 16.667088] Allocated by task 164: [ 16.667128] kasan_save_stack+0x3c/0x68 [ 16.667167] kasan_save_track+0x20/0x40 [ 16.667203] kasan_save_alloc_info+0x40/0x58 [ 16.667362] __kasan_kmalloc+0xd4/0xd8 [ 16.668798] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.668843] krealloc_uaf+0xc8/0x520 [ 16.668877] kunit_try_run_case+0x170/0x3f0 [ 16.668914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669427] kthread+0x328/0x630 [ 16.669488] ret_from_fork+0x10/0x20 [ 16.669562] [ 16.669580] Freed by task 164: [ 16.669606] kasan_save_stack+0x3c/0x68 [ 16.669643] kasan_save_track+0x20/0x40 [ 16.669679] kasan_save_free_info+0x4c/0x78 [ 16.669717] __kasan_slab_free+0x6c/0x98 [ 16.669798] kfree+0x214/0x3c8 [ 16.669860] krealloc_uaf+0x12c/0x520 [ 16.669943] kunit_try_run_case+0x170/0x3f0 [ 16.670043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.670105] kthread+0x328/0x630 [ 16.670178] ret_from_fork+0x10/0x20 [ 16.670252] [ 16.670288] The buggy address belongs to the object at fff00000c461d000 [ 16.670288] which belongs to the cache kmalloc-256 of size 256 [ 16.670370] The buggy address is located 0 bytes inside of [ 16.670370] freed 256-byte region [fff00000c461d000, fff00000c461d100) [ 16.670563] [ 16.670593] The buggy address belongs to the physical page: [ 16.670625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.670680] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.670919] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.671017] page_type: f5(slab) [ 16.671123] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.671792] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.671960] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.672010] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.672080] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.672140] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.672344] page dumped because: kasan: bad access detected [ 16.672493] [ 16.672512] Memory state around the buggy address: [ 16.672544] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672591] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672631] >fff00000c461d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.672669] ^ [ 16.672695] fff00000c461d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.672748] fff00000c461d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672784] ================================================================== [ 16.653829] ================================================================== [ 16.653933] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.654008] Read of size 1 at addr fff00000c461d000 by task kunit_try_catch/164 [ 16.654057] [ 16.654100] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.654346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.654372] Hardware name: linux,dummy-virt (DT) [ 16.654402] Call trace: [ 16.654425] show_stack+0x20/0x38 (C) [ 16.654474] dump_stack_lvl+0x8c/0xd0 [ 16.654522] print_report+0x118/0x608 [ 16.654567] kasan_report+0xdc/0x128 [ 16.654610] __kasan_check_byte+0x54/0x70 [ 16.654656] krealloc_noprof+0x44/0x360 [ 16.654707] krealloc_uaf+0x180/0x520 [ 16.654749] kunit_try_run_case+0x170/0x3f0 [ 16.654796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.654846] kthread+0x328/0x630 [ 16.654887] ret_from_fork+0x10/0x20 [ 16.655174] [ 16.655284] Allocated by task 164: [ 16.655316] kasan_save_stack+0x3c/0x68 [ 16.655360] kasan_save_track+0x20/0x40 [ 16.655397] kasan_save_alloc_info+0x40/0x58 [ 16.655435] __kasan_kmalloc+0xd4/0xd8 [ 16.655477] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.656143] krealloc_uaf+0xc8/0x520 [ 16.656185] kunit_try_run_case+0x170/0x3f0 [ 16.656222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.656264] kthread+0x328/0x630 [ 16.656803] ret_from_fork+0x10/0x20 [ 16.656894] [ 16.656987] Freed by task 164: [ 16.657026] kasan_save_stack+0x3c/0x68 [ 16.657086] kasan_save_track+0x20/0x40 [ 16.657282] kasan_save_free_info+0x4c/0x78 [ 16.657439] __kasan_slab_free+0x6c/0x98 [ 16.657476] kfree+0x214/0x3c8 [ 16.657508] krealloc_uaf+0x12c/0x520 [ 16.657556] kunit_try_run_case+0x170/0x3f0 [ 16.657592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.657764] kthread+0x328/0x630 [ 16.657796] ret_from_fork+0x10/0x20 [ 16.657901] [ 16.658003] The buggy address belongs to the object at fff00000c461d000 [ 16.658003] which belongs to the cache kmalloc-256 of size 256 [ 16.658405] The buggy address is located 0 bytes inside of [ 16.658405] freed 256-byte region [fff00000c461d000, fff00000c461d100) [ 16.658475] [ 16.658496] The buggy address belongs to the physical page: [ 16.658530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.659267] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.659610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.659712] page_type: f5(slab) [ 16.659793] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.659958] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.660025] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.660089] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.660276] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.660750] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.660999] page dumped because: kasan: bad access detected [ 16.661097] [ 16.661128] Memory state around the buggy address: [ 16.661162] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661203] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661243] >fff00000c461d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.661575] ^ [ 16.661645] fff00000c461d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.661806] fff00000c461d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.661923] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.567611] ================================================================== [ 16.567662] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.567730] Write of size 1 at addr fff00000c461ceea by task kunit_try_catch/158 [ 16.567787] [ 16.567821] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.567900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.567934] Hardware name: linux,dummy-virt (DT) [ 16.567965] Call trace: [ 16.567987] show_stack+0x20/0x38 (C) [ 16.568043] dump_stack_lvl+0x8c/0xd0 [ 16.568105] print_report+0x118/0x608 [ 16.568165] kasan_report+0xdc/0x128 [ 16.568209] __asan_report_store1_noabort+0x20/0x30 [ 16.568259] krealloc_less_oob_helper+0xae4/0xc50 [ 16.568306] krealloc_less_oob+0x20/0x38 [ 16.568350] kunit_try_run_case+0x170/0x3f0 [ 16.568396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.568446] kthread+0x328/0x630 [ 16.568487] ret_from_fork+0x10/0x20 [ 16.568534] [ 16.568560] Allocated by task 158: [ 16.568587] kasan_save_stack+0x3c/0x68 [ 16.568627] kasan_save_track+0x20/0x40 [ 16.568663] kasan_save_alloc_info+0x40/0x58 [ 16.568701] __kasan_krealloc+0x118/0x178 [ 16.568737] krealloc_noprof+0x128/0x360 [ 16.568772] krealloc_less_oob_helper+0x168/0xc50 [ 16.568809] krealloc_less_oob+0x20/0x38 [ 16.568844] kunit_try_run_case+0x170/0x3f0 [ 16.568880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.568920] kthread+0x328/0x630 [ 16.568951] ret_from_fork+0x10/0x20 [ 16.568984] [ 16.569002] The buggy address belongs to the object at fff00000c461ce00 [ 16.569002] which belongs to the cache kmalloc-256 of size 256 [ 16.569055] The buggy address is located 33 bytes to the right of [ 16.569055] allocated 201-byte region [fff00000c461ce00, fff00000c461cec9) [ 16.569476] [ 16.569509] The buggy address belongs to the physical page: [ 16.569550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.569807] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.570081] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.570598] page_type: f5(slab) [ 16.570770] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.570855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.570998] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.571212] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.571349] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.571715] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.571784] page dumped because: kasan: bad access detected [ 16.571948] [ 16.572037] Memory state around the buggy address: [ 16.572311] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572395] fff00000c461ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.572436] >fff00000c461ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.572479] ^ [ 16.572517] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572796] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.573080] ================================================================== [ 16.630827] ================================================================== [ 16.631206] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.631461] Write of size 1 at addr fff00000c77220ea by task kunit_try_catch/162 [ 16.631524] [ 16.631721] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.631816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.631964] Hardware name: linux,dummy-virt (DT) [ 16.632043] Call trace: [ 16.632145] show_stack+0x20/0x38 (C) [ 16.632227] dump_stack_lvl+0x8c/0xd0 [ 16.632370] print_report+0x118/0x608 [ 16.632419] kasan_report+0xdc/0x128 [ 16.632463] __asan_report_store1_noabort+0x20/0x30 [ 16.632776] krealloc_less_oob_helper+0xae4/0xc50 [ 16.632907] krealloc_large_less_oob+0x20/0x38 [ 16.633032] kunit_try_run_case+0x170/0x3f0 [ 16.633220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.633390] kthread+0x328/0x630 [ 16.633847] ret_from_fork+0x10/0x20 [ 16.633934] [ 16.633963] The buggy address belongs to the physical page: [ 16.633995] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.634047] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.634093] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.634154] page_type: f8(unknown) [ 16.634202] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.634260] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.634317] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.634366] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.634413] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.634469] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.634507] page dumped because: kasan: bad access detected [ 16.634546] [ 16.634563] Memory state around the buggy address: [ 16.634592] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.634633] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.634673] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.634721] ^ [ 16.634757] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.634798] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.634849] ================================================================== [ 16.538510] ================================================================== [ 16.538659] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.538755] Write of size 1 at addr fff00000c461cec9 by task kunit_try_catch/158 [ 16.539085] [ 16.539361] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.539450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.539524] Hardware name: linux,dummy-virt (DT) [ 16.539571] Call trace: [ 16.539600] show_stack+0x20/0x38 (C) [ 16.539693] dump_stack_lvl+0x8c/0xd0 [ 16.539978] print_report+0x118/0x608 [ 16.540195] kasan_report+0xdc/0x128 [ 16.540341] __asan_report_store1_noabort+0x20/0x30 [ 16.540525] krealloc_less_oob_helper+0xa48/0xc50 [ 16.540684] krealloc_less_oob+0x20/0x38 [ 16.540773] kunit_try_run_case+0x170/0x3f0 [ 16.540841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.541110] kthread+0x328/0x630 [ 16.541356] ret_from_fork+0x10/0x20 [ 16.541466] [ 16.541530] Allocated by task 158: [ 16.541666] kasan_save_stack+0x3c/0x68 [ 16.541743] kasan_save_track+0x20/0x40 [ 16.542158] kasan_save_alloc_info+0x40/0x58 [ 16.542242] __kasan_krealloc+0x118/0x178 [ 16.542397] krealloc_noprof+0x128/0x360 [ 16.542468] krealloc_less_oob_helper+0x168/0xc50 [ 16.542521] krealloc_less_oob+0x20/0x38 [ 16.542559] kunit_try_run_case+0x170/0x3f0 [ 16.542596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.542638] kthread+0x328/0x630 [ 16.542670] ret_from_fork+0x10/0x20 [ 16.542759] [ 16.542780] The buggy address belongs to the object at fff00000c461ce00 [ 16.542780] which belongs to the cache kmalloc-256 of size 256 [ 16.542863] The buggy address is located 0 bytes to the right of [ 16.542863] allocated 201-byte region [fff00000c461ce00, fff00000c461cec9) [ 16.542926] [ 16.542947] The buggy address belongs to the physical page: [ 16.542985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.543041] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.543104] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.543190] page_type: f5(slab) [ 16.543248] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.543305] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.543353] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.543409] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.543457] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.543512] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.543550] page dumped because: kasan: bad access detected [ 16.543588] [ 16.543621] Memory state around the buggy address: [ 16.543653] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544234] fff00000c461ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.544294] >fff00000c461ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.544538] ^ [ 16.545274] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.545413] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.545475] ================================================================== [ 16.610237] ================================================================== [ 16.610299] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.610352] Write of size 1 at addr fff00000c77220c9 by task kunit_try_catch/162 [ 16.610626] [ 16.610670] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.610751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.610863] Hardware name: linux,dummy-virt (DT) [ 16.610909] Call trace: [ 16.610931] show_stack+0x20/0x38 (C) [ 16.610997] dump_stack_lvl+0x8c/0xd0 [ 16.611195] print_report+0x118/0x608 [ 16.611257] kasan_report+0xdc/0x128 [ 16.611471] __asan_report_store1_noabort+0x20/0x30 [ 16.611624] krealloc_less_oob_helper+0xa48/0xc50 [ 16.611676] krealloc_large_less_oob+0x20/0x38 [ 16.611741] kunit_try_run_case+0x170/0x3f0 [ 16.611885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.611937] kthread+0x328/0x630 [ 16.612308] ret_from_fork+0x10/0x20 [ 16.612463] [ 16.612487] The buggy address belongs to the physical page: [ 16.612751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.612910] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.613038] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.613272] page_type: f8(unknown) [ 16.613381] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.613829] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.613969] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.614042] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.614241] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.614597] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.614781] page dumped because: kasan: bad access detected [ 16.614898] [ 16.615001] Memory state around the buggy address: [ 16.615201] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.615852] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.615917] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.615955] ^ [ 16.616147] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.616512] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.616565] ================================================================== [ 16.622688] ================================================================== [ 16.622734] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.623381] Write of size 1 at addr fff00000c77220da by task kunit_try_catch/162 [ 16.623596] [ 16.623640] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.624148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.624208] Hardware name: linux,dummy-virt (DT) [ 16.624238] Call trace: [ 16.624466] show_stack+0x20/0x38 (C) [ 16.624670] dump_stack_lvl+0x8c/0xd0 [ 16.624826] print_report+0x118/0x608 [ 16.624941] kasan_report+0xdc/0x128 [ 16.625303] __asan_report_store1_noabort+0x20/0x30 [ 16.625406] krealloc_less_oob_helper+0xa80/0xc50 [ 16.625490] krealloc_large_less_oob+0x20/0x38 [ 16.625653] kunit_try_run_case+0x170/0x3f0 [ 16.625740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.625964] kthread+0x328/0x630 [ 16.626152] ret_from_fork+0x10/0x20 [ 16.626499] [ 16.626559] The buggy address belongs to the physical page: [ 16.626600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.626652] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.626937] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.627459] page_type: f8(unknown) [ 16.627637] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.627689] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.627752] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.627805] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.627852] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.628162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.628278] page dumped because: kasan: bad access detected [ 16.628417] [ 16.628480] Memory state around the buggy address: [ 16.628632] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.628866] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.628933] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.629469] ^ [ 16.629664] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.629751] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.629876] ================================================================== [ 16.618422] ================================================================== [ 16.618475] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.618527] Write of size 1 at addr fff00000c77220d0 by task kunit_try_catch/162 [ 16.618862] [ 16.619175] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.619290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.619329] Hardware name: linux,dummy-virt (DT) [ 16.619534] Call trace: [ 16.619567] show_stack+0x20/0x38 (C) [ 16.619639] dump_stack_lvl+0x8c/0xd0 [ 16.619691] print_report+0x118/0x608 [ 16.620043] kasan_report+0xdc/0x128 [ 16.620221] __asan_report_store1_noabort+0x20/0x30 [ 16.620367] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.620420] krealloc_large_less_oob+0x20/0x38 [ 16.620492] kunit_try_run_case+0x170/0x3f0 [ 16.620665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.620725] kthread+0x328/0x630 [ 16.620767] ret_from_fork+0x10/0x20 [ 16.620837] [ 16.620858] The buggy address belongs to the physical page: [ 16.620888] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.620965] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.621010] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.621062] page_type: f8(unknown) [ 16.621110] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.621170] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.621234] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.621291] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.621337] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.621392] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.621449] page dumped because: kasan: bad access detected [ 16.621486] [ 16.621503] Memory state around the buggy address: [ 16.621538] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621579] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621620] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.621655] ^ [ 16.621691] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.621746] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.621790] ================================================================== [ 16.547695] ================================================================== [ 16.547805] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.547898] Write of size 1 at addr fff00000c461ced0 by task kunit_try_catch/158 [ 16.547957] [ 16.547997] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.548483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.548560] Hardware name: linux,dummy-virt (DT) [ 16.548592] Call trace: [ 16.548621] show_stack+0x20/0x38 (C) [ 16.549062] dump_stack_lvl+0x8c/0xd0 [ 16.549303] print_report+0x118/0x608 [ 16.549494] kasan_report+0xdc/0x128 [ 16.549592] __asan_report_store1_noabort+0x20/0x30 [ 16.549953] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.550066] krealloc_less_oob+0x20/0x38 [ 16.550355] kunit_try_run_case+0x170/0x3f0 [ 16.550571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.550637] kthread+0x328/0x630 [ 16.550788] ret_from_fork+0x10/0x20 [ 16.551036] [ 16.551150] Allocated by task 158: [ 16.551180] kasan_save_stack+0x3c/0x68 [ 16.551590] kasan_save_track+0x20/0x40 [ 16.551678] kasan_save_alloc_info+0x40/0x58 [ 16.551829] __kasan_krealloc+0x118/0x178 [ 16.552104] krealloc_noprof+0x128/0x360 [ 16.552177] krealloc_less_oob_helper+0x168/0xc50 [ 16.552292] krealloc_less_oob+0x20/0x38 [ 16.552389] kunit_try_run_case+0x170/0x3f0 [ 16.552710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.552847] kthread+0x328/0x630 [ 16.552954] ret_from_fork+0x10/0x20 [ 16.553080] [ 16.553182] The buggy address belongs to the object at fff00000c461ce00 [ 16.553182] which belongs to the cache kmalloc-256 of size 256 [ 16.553561] The buggy address is located 7 bytes to the right of [ 16.553561] allocated 201-byte region [fff00000c461ce00, fff00000c461cec9) [ 16.553684] [ 16.553806] The buggy address belongs to the physical page: [ 16.553864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.554277] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.554370] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.554543] page_type: f5(slab) [ 16.554602] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.554971] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.555059] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.555405] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.555513] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.555611] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.555652] page dumped because: kasan: bad access detected [ 16.555826] [ 16.555885] Memory state around the buggy address: [ 16.555918] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.556086] fff00000c461ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.556376] >fff00000c461ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.556502] ^ [ 16.556542] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.556811] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.556920] ================================================================== [ 16.635062] ================================================================== [ 16.635111] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.635167] Write of size 1 at addr fff00000c77220eb by task kunit_try_catch/162 [ 16.635214] [ 16.635485] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.635847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.635907] Hardware name: linux,dummy-virt (DT) [ 16.636033] Call trace: [ 16.636272] show_stack+0x20/0x38 (C) [ 16.636559] dump_stack_lvl+0x8c/0xd0 [ 16.636795] print_report+0x118/0x608 [ 16.636936] kasan_report+0xdc/0x128 [ 16.637306] __asan_report_store1_noabort+0x20/0x30 [ 16.637741] krealloc_less_oob_helper+0xa58/0xc50 [ 16.637825] krealloc_large_less_oob+0x20/0x38 [ 16.637984] kunit_try_run_case+0x170/0x3f0 [ 16.638043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.639221] kthread+0x328/0x630 [ 16.639300] ret_from_fork+0x10/0x20 [ 16.639739] [ 16.639828] The buggy address belongs to the physical page: [ 16.639859] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.639916] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.640156] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.640336] page_type: f8(unknown) [ 16.640435] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.640484] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.640623] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.640691] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.640834] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.640924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.641159] page dumped because: kasan: bad access detected [ 16.641383] [ 16.641431] Memory state around the buggy address: [ 16.641487] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.641534] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.641806] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.642005] ^ [ 16.642081] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.642145] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.642292] ================================================================== [ 16.557919] ================================================================== [ 16.558310] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.558373] Write of size 1 at addr fff00000c461ceda by task kunit_try_catch/158 [ 16.558563] [ 16.558674] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.558878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.558905] Hardware name: linux,dummy-virt (DT) [ 16.558937] Call trace: [ 16.558959] show_stack+0x20/0x38 (C) [ 16.559017] dump_stack_lvl+0x8c/0xd0 [ 16.559064] print_report+0x118/0x608 [ 16.559110] kasan_report+0xdc/0x128 [ 16.559166] __asan_report_store1_noabort+0x20/0x30 [ 16.559216] krealloc_less_oob_helper+0xa80/0xc50 [ 16.559263] krealloc_less_oob+0x20/0x38 [ 16.559307] kunit_try_run_case+0x170/0x3f0 [ 16.559352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.559402] kthread+0x328/0x630 [ 16.559443] ret_from_fork+0x10/0x20 [ 16.559489] [ 16.559506] Allocated by task 158: [ 16.559533] kasan_save_stack+0x3c/0x68 [ 16.559571] kasan_save_track+0x20/0x40 [ 16.559782] kasan_save_alloc_info+0x40/0x58 [ 16.560093] __kasan_krealloc+0x118/0x178 [ 16.560316] krealloc_noprof+0x128/0x360 [ 16.560365] krealloc_less_oob_helper+0x168/0xc50 [ 16.560715] krealloc_less_oob+0x20/0x38 [ 16.560870] kunit_try_run_case+0x170/0x3f0 [ 16.561258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.561389] kthread+0x328/0x630 [ 16.561884] ret_from_fork+0x10/0x20 [ 16.562242] [ 16.562300] The buggy address belongs to the object at fff00000c461ce00 [ 16.562300] which belongs to the cache kmalloc-256 of size 256 [ 16.562463] The buggy address is located 17 bytes to the right of [ 16.562463] allocated 201-byte region [fff00000c461ce00, fff00000c461cec9) [ 16.562588] [ 16.562750] The buggy address belongs to the physical page: [ 16.562944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.563054] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.563163] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.563281] page_type: f5(slab) [ 16.563634] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.563722] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.563855] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.563973] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.564165] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.564395] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.564659] page dumped because: kasan: bad access detected [ 16.564742] [ 16.564860] Memory state around the buggy address: [ 16.564967] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565027] fff00000c461ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.565199] >fff00000c461ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.565412] ^ [ 16.565456] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.565910] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566033] ================================================================== [ 16.574592] ================================================================== [ 16.574791] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.574864] Write of size 1 at addr fff00000c461ceeb by task kunit_try_catch/158 [ 16.574958] [ 16.575103] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.575200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.575253] Hardware name: linux,dummy-virt (DT) [ 16.575403] Call trace: [ 16.575460] show_stack+0x20/0x38 (C) [ 16.575615] dump_stack_lvl+0x8c/0xd0 [ 16.575673] print_report+0x118/0x608 [ 16.575850] kasan_report+0xdc/0x128 [ 16.575964] __asan_report_store1_noabort+0x20/0x30 [ 16.576146] krealloc_less_oob_helper+0xa58/0xc50 [ 16.576378] krealloc_less_oob+0x20/0x38 [ 16.576602] kunit_try_run_case+0x170/0x3f0 [ 16.576673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.576875] kthread+0x328/0x630 [ 16.577032] ret_from_fork+0x10/0x20 [ 16.577324] [ 16.577345] Allocated by task 158: [ 16.577373] kasan_save_stack+0x3c/0x68 [ 16.577451] kasan_save_track+0x20/0x40 [ 16.577964] kasan_save_alloc_info+0x40/0x58 [ 16.578055] __kasan_krealloc+0x118/0x178 [ 16.578227] krealloc_noprof+0x128/0x360 [ 16.578723] krealloc_less_oob_helper+0x168/0xc50 [ 16.578834] krealloc_less_oob+0x20/0x38 [ 16.578930] kunit_try_run_case+0x170/0x3f0 [ 16.578969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.579196] kthread+0x328/0x630 [ 16.579755] ret_from_fork+0x10/0x20 [ 16.579815] [ 16.579977] The buggy address belongs to the object at fff00000c461ce00 [ 16.579977] which belongs to the cache kmalloc-256 of size 256 [ 16.580050] The buggy address is located 34 bytes to the right of [ 16.580050] allocated 201-byte region [fff00000c461ce00, fff00000c461cec9) [ 16.580349] [ 16.580570] The buggy address belongs to the physical page: [ 16.580712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.580866] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.580972] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.581066] page_type: f5(slab) [ 16.581105] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.581323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.581377] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.581757] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.581890] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.582006] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.582128] page dumped because: kasan: bad access detected [ 16.582259] [ 16.582339] Memory state around the buggy address: [ 16.582427] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.582552] fff00000c461ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.582593] >fff00000c461ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.582965] ^ [ 16.583099] fff00000c461cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.583204] fff00000c461cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.583274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.597709] ================================================================== [ 16.597761] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.597958] Write of size 1 at addr fff00000c77220f0 by task kunit_try_catch/160 [ 16.598034] [ 16.598067] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.598208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.598234] Hardware name: linux,dummy-virt (DT) [ 16.598290] Call trace: [ 16.598320] show_stack+0x20/0x38 (C) [ 16.598578] dump_stack_lvl+0x8c/0xd0 [ 16.598647] print_report+0x118/0x608 [ 16.599054] kasan_report+0xdc/0x128 [ 16.599180] __asan_report_store1_noabort+0x20/0x30 [ 16.599231] krealloc_more_oob_helper+0x5c0/0x678 [ 16.599285] krealloc_large_more_oob+0x20/0x38 [ 16.599331] kunit_try_run_case+0x170/0x3f0 [ 16.599634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.599812] kthread+0x328/0x630 [ 16.599900] ret_from_fork+0x10/0x20 [ 16.600053] [ 16.600167] The buggy address belongs to the physical page: [ 16.600232] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.600365] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.600413] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.600485] page_type: f8(unknown) [ 16.600530] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.601048] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.601185] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.601319] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.601525] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.601596] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.602063] page dumped because: kasan: bad access detected [ 16.602187] [ 16.602326] Memory state around the buggy address: [ 16.602454] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.602500] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.602593] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.602934] ^ [ 16.602980] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.603025] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.603299] ================================================================== [ 16.516591] ================================================================== [ 16.517353] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.517556] Write of size 1 at addr fff00000c461ccf0 by task kunit_try_catch/156 [ 16.517774] [ 16.517815] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.518035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.518073] Hardware name: linux,dummy-virt (DT) [ 16.518224] Call trace: [ 16.518346] show_stack+0x20/0x38 (C) [ 16.518459] dump_stack_lvl+0x8c/0xd0 [ 16.518549] print_report+0x118/0x608 [ 16.518726] kasan_report+0xdc/0x128 [ 16.518990] __asan_report_store1_noabort+0x20/0x30 [ 16.519059] krealloc_more_oob_helper+0x5c0/0x678 [ 16.519235] krealloc_more_oob+0x20/0x38 [ 16.519296] kunit_try_run_case+0x170/0x3f0 [ 16.519503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.519572] kthread+0x328/0x630 [ 16.519663] ret_from_fork+0x10/0x20 [ 16.519769] [ 16.519787] Allocated by task 156: [ 16.520032] kasan_save_stack+0x3c/0x68 [ 16.520236] kasan_save_track+0x20/0x40 [ 16.520351] kasan_save_alloc_info+0x40/0x58 [ 16.520508] __kasan_krealloc+0x118/0x178 [ 16.520732] krealloc_noprof+0x128/0x360 [ 16.520976] krealloc_more_oob_helper+0x168/0x678 [ 16.521191] krealloc_more_oob+0x20/0x38 [ 16.521364] kunit_try_run_case+0x170/0x3f0 [ 16.521455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.521675] kthread+0x328/0x630 [ 16.522081] ret_from_fork+0x10/0x20 [ 16.522428] [ 16.522595] The buggy address belongs to the object at fff00000c461cc00 [ 16.522595] which belongs to the cache kmalloc-256 of size 256 [ 16.522713] The buggy address is located 5 bytes to the right of [ 16.522713] allocated 235-byte region [fff00000c461cc00, fff00000c461cceb) [ 16.523133] [ 16.523263] The buggy address belongs to the physical page: [ 16.523375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.523431] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.523561] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.523950] page_type: f5(slab) [ 16.524001] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.524051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.524346] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.524588] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.524691] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.524850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.525036] page dumped because: kasan: bad access detected [ 16.525281] [ 16.525382] Memory state around the buggy address: [ 16.525517] fff00000c461cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525563] fff00000c461cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.525897] >fff00000c461cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.526151] ^ [ 16.526315] fff00000c461cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526595] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526691] ================================================================== [ 16.592880] ================================================================== [ 16.593198] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.593375] Write of size 1 at addr fff00000c77220eb by task kunit_try_catch/160 [ 16.593427] [ 16.593464] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.593705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.593910] Hardware name: linux,dummy-virt (DT) [ 16.593988] Call trace: [ 16.594035] show_stack+0x20/0x38 (C) [ 16.594098] dump_stack_lvl+0x8c/0xd0 [ 16.594425] print_report+0x118/0x608 [ 16.594503] kasan_report+0xdc/0x128 [ 16.594586] __asan_report_store1_noabort+0x20/0x30 [ 16.594639] krealloc_more_oob_helper+0x60c/0x678 [ 16.594698] krealloc_large_more_oob+0x20/0x38 [ 16.594753] kunit_try_run_case+0x170/0x3f0 [ 16.594802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.594854] kthread+0x328/0x630 [ 16.594895] ret_from_fork+0x10/0x20 [ 16.594943] [ 16.594964] The buggy address belongs to the physical page: [ 16.595005] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107720 [ 16.595066] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.595124] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.595178] page_type: f8(unknown) [ 16.595217] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.595266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.595314] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.595362] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.595410] head: 0bfffe0000000002 ffffc1ffc31dc801 00000000ffffffff 00000000ffffffff [ 16.595456] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.595502] page dumped because: kasan: bad access detected [ 16.595541] [ 16.595558] Memory state around the buggy address: [ 16.595597] fff00000c7721f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.595640] fff00000c7722000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.596289] >fff00000c7722080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.596441] ^ [ 16.596489] fff00000c7722100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.596532] fff00000c7722180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.596732] ================================================================== [ 16.507095] ================================================================== [ 16.507309] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.507411] Write of size 1 at addr fff00000c461cceb by task kunit_try_catch/156 [ 16.507526] [ 16.507613] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.507818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.507845] Hardware name: linux,dummy-virt (DT) [ 16.507899] Call trace: [ 16.507923] show_stack+0x20/0x38 (C) [ 16.507978] dump_stack_lvl+0x8c/0xd0 [ 16.508444] print_report+0x118/0x608 [ 16.508578] kasan_report+0xdc/0x128 [ 16.508741] __asan_report_store1_noabort+0x20/0x30 [ 16.508902] krealloc_more_oob_helper+0x60c/0x678 [ 16.509473] krealloc_more_oob+0x20/0x38 [ 16.509666] kunit_try_run_case+0x170/0x3f0 [ 16.510502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.510573] kthread+0x328/0x630 [ 16.511041] ret_from_fork+0x10/0x20 [ 16.511196] [ 16.511663] Allocated by task 156: [ 16.511727] kasan_save_stack+0x3c/0x68 [ 16.511775] kasan_save_track+0x20/0x40 [ 16.511811] kasan_save_alloc_info+0x40/0x58 [ 16.511849] __kasan_krealloc+0x118/0x178 [ 16.512197] krealloc_noprof+0x128/0x360 [ 16.512366] krealloc_more_oob_helper+0x168/0x678 [ 16.512446] krealloc_more_oob+0x20/0x38 [ 16.512656] kunit_try_run_case+0x170/0x3f0 [ 16.512822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.512869] kthread+0x328/0x630 [ 16.513083] ret_from_fork+0x10/0x20 [ 16.513516] [ 16.513612] The buggy address belongs to the object at fff00000c461cc00 [ 16.513612] which belongs to the cache kmalloc-256 of size 256 [ 16.513808] The buggy address is located 0 bytes to the right of [ 16.513808] allocated 235-byte region [fff00000c461cc00, fff00000c461cceb) [ 16.513953] [ 16.514025] The buggy address belongs to the physical page: [ 16.514211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10461c [ 16.514407] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.514480] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.514882] page_type: f5(slab) [ 16.514934] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.514983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.515075] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.515152] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.515209] head: 0bfffe0000000001 ffffc1ffc3118701 00000000ffffffff 00000000ffffffff [ 16.515256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.515305] page dumped because: kasan: bad access detected [ 16.515341] [ 16.515359] Memory state around the buggy address: [ 16.515392] fff00000c461cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515433] fff00000c461cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.515483] >fff00000c461cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.515521] ^ [ 16.515558] fff00000c461cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515599] fff00000c461cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515644] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.474452] ================================================================== [ 16.474508] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.474564] Read of size 1 at addr fff00000c7750000 by task kunit_try_catch/154 [ 16.474613] [ 16.474650] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.474731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.474756] Hardware name: linux,dummy-virt (DT) [ 16.474787] Call trace: [ 16.474809] show_stack+0x20/0x38 (C) [ 16.474858] dump_stack_lvl+0x8c/0xd0 [ 16.474907] print_report+0x118/0x608 [ 16.474987] kasan_report+0xdc/0x128 [ 16.475036] __asan_report_load1_noabort+0x20/0x30 [ 16.475086] page_alloc_uaf+0x328/0x350 [ 16.475621] kunit_try_run_case+0x170/0x3f0 [ 16.476467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.477339] kthread+0x328/0x630 [ 16.477663] ret_from_fork+0x10/0x20 [ 16.478071] [ 16.478157] The buggy address belongs to the physical page: [ 16.478568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 16.478690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.479077] page_type: f0(buddy) [ 16.479135] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 16.479612] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.479949] page dumped because: kasan: bad access detected [ 16.480082] [ 16.480201] Memory state around the buggy address: [ 16.480238] fff00000c774ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.480300] fff00000c774ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.480350] >fff00000c7750000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.480635] ^ [ 16.480740] fff00000c7750080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.480866] fff00000c7750100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.480906] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.452469] ================================================================== [ 16.452557] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.452622] Free of addr fff00000c7718001 by task kunit_try_catch/150 [ 16.452667] [ 16.452702] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.452784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.452810] Hardware name: linux,dummy-virt (DT) [ 16.452841] Call trace: [ 16.452863] show_stack+0x20/0x38 (C) [ 16.452912] dump_stack_lvl+0x8c/0xd0 [ 16.452960] print_report+0x118/0x608 [ 16.453005] kasan_report_invalid_free+0xc0/0xe8 [ 16.453052] __kasan_kfree_large+0x5c/0xa8 [ 16.453158] free_large_kmalloc+0x64/0x190 [ 16.453210] kfree+0x270/0x3c8 [ 16.453278] kmalloc_large_invalid_free+0x108/0x270 [ 16.453335] kunit_try_run_case+0x170/0x3f0 [ 16.453383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.453433] kthread+0x328/0x630 [ 16.453474] ret_from_fork+0x10/0x20 [ 16.453529] [ 16.453550] The buggy address belongs to the physical page: [ 16.453581] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107718 [ 16.453632] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.453678] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.453731] page_type: f8(unknown) [ 16.453770] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.453817] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.453864] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.453911] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.453958] head: 0bfffe0000000002 ffffc1ffc31dc601 00000000ffffffff 00000000ffffffff [ 16.454004] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.454042] page dumped because: kasan: bad access detected [ 16.454071] [ 16.454088] Memory state around the buggy address: [ 16.455074] fff00000c7717f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.455536] fff00000c7717f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.455595] >fff00000c7718000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.455648] ^ [ 16.455892] fff00000c7718080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.456231] fff00000c7718100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.456455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.433952] ================================================================== [ 16.434022] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.434624] Read of size 1 at addr fff00000c7718000 by task kunit_try_catch/148 [ 16.434693] [ 16.434885] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.435435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.435462] Hardware name: linux,dummy-virt (DT) [ 16.435675] Call trace: [ 16.435857] show_stack+0x20/0x38 (C) [ 16.436039] dump_stack_lvl+0x8c/0xd0 [ 16.436197] print_report+0x118/0x608 [ 16.436247] kasan_report+0xdc/0x128 [ 16.436292] __asan_report_load1_noabort+0x20/0x30 [ 16.436487] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.436887] kunit_try_run_case+0x170/0x3f0 [ 16.437023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.437320] kthread+0x328/0x630 [ 16.437429] ret_from_fork+0x10/0x20 [ 16.437601] [ 16.437732] The buggy address belongs to the physical page: [ 16.437788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107718 [ 16.438254] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.438399] raw: 0bfffe0000000000 ffffc1ffc31dc708 fff00000da478c40 0000000000000000 [ 16.438449] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.438488] page dumped because: kasan: bad access detected [ 16.438541] [ 16.438560] Memory state around the buggy address: [ 16.438608] fff00000c7717f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.438650] fff00000c7717f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.438691] >fff00000c7718000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.438734] ^ [ 16.438762] fff00000c7718080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.438803] fff00000c7718100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.438856] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.417850] ================================================================== [ 16.417919] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.417974] Write of size 1 at addr fff00000c76e600a by task kunit_try_catch/146 [ 16.418023] [ 16.418058] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.418155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.418200] Hardware name: linux,dummy-virt (DT) [ 16.418240] Call trace: [ 16.418270] show_stack+0x20/0x38 (C) [ 16.418331] dump_stack_lvl+0x8c/0xd0 [ 16.418395] print_report+0x118/0x608 [ 16.418441] kasan_report+0xdc/0x128 [ 16.418485] __asan_report_store1_noabort+0x20/0x30 [ 16.418534] kmalloc_large_oob_right+0x278/0x2b8 [ 16.418579] kunit_try_run_case+0x170/0x3f0 [ 16.418636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.418687] kthread+0x328/0x630 [ 16.418739] ret_from_fork+0x10/0x20 [ 16.418799] [ 16.418833] The buggy address belongs to the physical page: [ 16.418865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e4 [ 16.418925] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.418970] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.419033] page_type: f8(unknown) [ 16.419072] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.419953] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.420045] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.420174] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.420390] head: 0bfffe0000000002 ffffc1ffc31db901 00000000ffffffff 00000000ffffffff [ 16.420450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.420490] page dumped because: kasan: bad access detected [ 16.420520] [ 16.420538] Memory state around the buggy address: [ 16.420570] fff00000c76e5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.420613] fff00000c76e5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.420653] >fff00000c76e6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.420826] ^ [ 16.420998] fff00000c76e6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.421221] fff00000c76e6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.421348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.402071] ================================================================== [ 16.402540] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.402654] Write of size 1 at addr fff00000c7709f00 by task kunit_try_catch/144 [ 16.402752] [ 16.402790] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.403205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.403293] Hardware name: linux,dummy-virt (DT) [ 16.403339] Call trace: [ 16.403519] show_stack+0x20/0x38 (C) [ 16.403590] dump_stack_lvl+0x8c/0xd0 [ 16.403738] print_report+0x118/0x608 [ 16.403997] kasan_report+0xdc/0x128 [ 16.404072] __asan_report_store1_noabort+0x20/0x30 [ 16.404134] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.404180] kunit_try_run_case+0x170/0x3f0 [ 16.404227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.404278] kthread+0x328/0x630 [ 16.404319] ret_from_fork+0x10/0x20 [ 16.404367] [ 16.404385] Allocated by task 144: [ 16.404728] kasan_save_stack+0x3c/0x68 [ 16.404779] kasan_save_track+0x20/0x40 [ 16.404881] kasan_save_alloc_info+0x40/0x58 [ 16.405237] __kasan_kmalloc+0xd4/0xd8 [ 16.405325] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.405485] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.405728] kunit_try_run_case+0x170/0x3f0 [ 16.406206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.406308] kthread+0x328/0x630 [ 16.406437] ret_from_fork+0x10/0x20 [ 16.406505] [ 16.406753] The buggy address belongs to the object at fff00000c7708000 [ 16.406753] which belongs to the cache kmalloc-8k of size 8192 [ 16.406907] The buggy address is located 0 bytes to the right of [ 16.406907] allocated 7936-byte region [fff00000c7708000, fff00000c7709f00) [ 16.407023] [ 16.407054] The buggy address belongs to the physical page: [ 16.407102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107708 [ 16.407170] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.407216] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.407283] page_type: f5(slab) [ 16.407348] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.407418] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.407475] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.407521] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.407568] head: 0bfffe0000000003 ffffc1ffc31dc201 00000000ffffffff 00000000ffffffff [ 16.407614] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.407654] page dumped because: kasan: bad access detected [ 16.408010] [ 16.408034] Memory state around the buggy address: [ 16.408068] fff00000c7709e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.408110] fff00000c7709e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.408164] >fff00000c7709f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408200] ^ [ 16.408227] fff00000c7709f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408268] fff00000c770a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408304] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.376470] ================================================================== [ 16.376646] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.376971] Write of size 1 at addr fff00000c638b678 by task kunit_try_catch/142 [ 16.377425] [ 16.377589] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.377694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.377762] Hardware name: linux,dummy-virt (DT) [ 16.377795] Call trace: [ 16.378144] show_stack+0x20/0x38 (C) [ 16.378237] dump_stack_lvl+0x8c/0xd0 [ 16.378574] print_report+0x118/0x608 [ 16.378735] kasan_report+0xdc/0x128 [ 16.378926] __asan_report_store1_noabort+0x20/0x30 [ 16.379067] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.379373] kunit_try_run_case+0x170/0x3f0 [ 16.379593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.379741] kthread+0x328/0x630 [ 16.379799] ret_from_fork+0x10/0x20 [ 16.379852] [ 16.379870] Allocated by task 142: [ 16.380175] kasan_save_stack+0x3c/0x68 [ 16.380237] kasan_save_track+0x20/0x40 [ 16.380444] kasan_save_alloc_info+0x40/0x58 [ 16.380662] __kasan_kmalloc+0xd4/0xd8 [ 16.380816] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.380873] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.381140] kunit_try_run_case+0x170/0x3f0 [ 16.381516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.381637] kthread+0x328/0x630 [ 16.381718] ret_from_fork+0x10/0x20 [ 16.381940] [ 16.382145] The buggy address belongs to the object at fff00000c638b600 [ 16.382145] which belongs to the cache kmalloc-128 of size 128 [ 16.382408] The buggy address is located 0 bytes to the right of [ 16.382408] allocated 120-byte region [fff00000c638b600, fff00000c638b678) [ 16.382632] [ 16.382747] The buggy address belongs to the physical page: [ 16.382784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.383190] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.383288] page_type: f5(slab) [ 16.383365] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.383468] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.383532] page dumped because: kasan: bad access detected [ 16.383719] [ 16.383957] Memory state around the buggy address: [ 16.384078] fff00000c638b500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.384191] fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384325] >fff00000c638b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.384405] ^ [ 16.384688] fff00000c638b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.384862] fff00000c638b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.385165] ================================================================== [ 16.387079] ================================================================== [ 16.387195] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.387296] Write of size 1 at addr fff00000c638b778 by task kunit_try_catch/142 [ 16.387390] [ 16.387435] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.387515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.387671] Hardware name: linux,dummy-virt (DT) [ 16.387824] Call trace: [ 16.387941] show_stack+0x20/0x38 (C) [ 16.388137] dump_stack_lvl+0x8c/0xd0 [ 16.388384] print_report+0x118/0x608 [ 16.388486] kasan_report+0xdc/0x128 [ 16.388603] __asan_report_store1_noabort+0x20/0x30 [ 16.388785] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.388948] kunit_try_run_case+0x170/0x3f0 [ 16.389076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.389342] kthread+0x328/0x630 [ 16.389638] ret_from_fork+0x10/0x20 [ 16.389763] [ 16.389832] Allocated by task 142: [ 16.389961] kasan_save_stack+0x3c/0x68 [ 16.390104] kasan_save_track+0x20/0x40 [ 16.390183] kasan_save_alloc_info+0x40/0x58 [ 16.390222] __kasan_kmalloc+0xd4/0xd8 [ 16.390286] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.390625] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.390703] kunit_try_run_case+0x170/0x3f0 [ 16.390826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.390906] kthread+0x328/0x630 [ 16.390945] ret_from_fork+0x10/0x20 [ 16.391141] [ 16.391165] The buggy address belongs to the object at fff00000c638b700 [ 16.391165] which belongs to the cache kmalloc-128 of size 128 [ 16.391353] The buggy address is located 0 bytes to the right of [ 16.391353] allocated 120-byte region [fff00000c638b700, fff00000c638b778) [ 16.391715] [ 16.391771] The buggy address belongs to the physical page: [ 16.391930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.391987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.392035] page_type: f5(slab) [ 16.392283] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.392400] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.392532] page dumped because: kasan: bad access detected [ 16.392630] [ 16.392780] Memory state around the buggy address: [ 16.392886] fff00000c638b600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.392947] fff00000c638b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.392988] >fff00000c638b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.393322] ^ [ 16.393558] fff00000c638b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393732] fff00000c638b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.393866] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.358654] ================================================================== [ 16.358720] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.358776] Read of size 1 at addr fff00000c624d000 by task kunit_try_catch/140 [ 16.358823] [ 16.358856] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.358944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.358992] Hardware name: linux,dummy-virt (DT) [ 16.359028] Call trace: [ 16.359050] show_stack+0x20/0x38 (C) [ 16.359100] dump_stack_lvl+0x8c/0xd0 [ 16.359959] print_report+0x118/0x608 [ 16.360195] kasan_report+0xdc/0x128 [ 16.360284] __asan_report_load1_noabort+0x20/0x30 [ 16.360392] kmalloc_node_oob_right+0x2f4/0x330 [ 16.360552] kunit_try_run_case+0x170/0x3f0 [ 16.360602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.360660] kthread+0x328/0x630 [ 16.360703] ret_from_fork+0x10/0x20 [ 16.361162] [ 16.361304] Allocated by task 140: [ 16.361492] kasan_save_stack+0x3c/0x68 [ 16.361595] kasan_save_track+0x20/0x40 [ 16.362141] kasan_save_alloc_info+0x40/0x58 [ 16.362221] __kasan_kmalloc+0xd4/0xd8 [ 16.362403] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.362587] kmalloc_node_oob_right+0xbc/0x330 [ 16.362629] kunit_try_run_case+0x170/0x3f0 [ 16.362720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.363170] kthread+0x328/0x630 [ 16.363317] ret_from_fork+0x10/0x20 [ 16.363407] [ 16.363553] The buggy address belongs to the object at fff00000c624c000 [ 16.363553] which belongs to the cache kmalloc-4k of size 4096 [ 16.363781] The buggy address is located 0 bytes to the right of [ 16.363781] allocated 4096-byte region [fff00000c624c000, fff00000c624d000) [ 16.364186] [ 16.364285] The buggy address belongs to the physical page: [ 16.364417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106248 [ 16.365066] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.365229] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.365684] page_type: f5(slab) [ 16.365751] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.365912] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.366050] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.366703] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.366930] head: 0bfffe0000000003 ffffc1ffc3189201 00000000ffffffff 00000000ffffffff [ 16.367293] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.367408] page dumped because: kasan: bad access detected [ 16.367558] [ 16.367736] Memory state around the buggy address: [ 16.367936] fff00000c624cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.368109] fff00000c624cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.368246] >fff00000c624d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368459] ^ [ 16.368646] fff00000c624d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368729] fff00000c624d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.368836] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.344791] ================================================================== [ 16.344871] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.344969] Read of size 1 at addr fff00000c61bc3bf by task kunit_try_catch/138 [ 16.345066] [ 16.345103] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.345252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.345282] Hardware name: linux,dummy-virt (DT) [ 16.345341] Call trace: [ 16.345369] show_stack+0x20/0x38 (C) [ 16.345621] dump_stack_lvl+0x8c/0xd0 [ 16.345755] print_report+0x118/0x608 [ 16.345811] kasan_report+0xdc/0x128 [ 16.345856] __asan_report_load1_noabort+0x20/0x30 [ 16.346012] kmalloc_oob_left+0x2ec/0x320 [ 16.346072] kunit_try_run_case+0x170/0x3f0 [ 16.346228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.346289] kthread+0x328/0x630 [ 16.346389] ret_from_fork+0x10/0x20 [ 16.346441] [ 16.346464] Allocated by task 24: [ 16.346633] kasan_save_stack+0x3c/0x68 [ 16.346723] kasan_save_track+0x20/0x40 [ 16.346768] kasan_save_alloc_info+0x40/0x58 [ 16.346909] __kasan_kmalloc+0xd4/0xd8 [ 16.346990] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.347036] kvasprintf+0xe0/0x180 [ 16.347175] __kthread_create_on_node+0x16c/0x350 [ 16.347264] kthread_create_on_node+0xe4/0x130 [ 16.347468] create_worker+0x380/0x6b8 [ 16.347545] worker_thread+0x808/0xf38 [ 16.347587] kthread+0x328/0x630 [ 16.347734] ret_from_fork+0x10/0x20 [ 16.347944] [ 16.348015] The buggy address belongs to the object at fff00000c61bc3a0 [ 16.348015] which belongs to the cache kmalloc-16 of size 16 [ 16.348250] The buggy address is located 19 bytes to the right of [ 16.348250] allocated 12-byte region [fff00000c61bc3a0, fff00000c61bc3ac) [ 16.348439] [ 16.348536] The buggy address belongs to the physical page: [ 16.348577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061bc [ 16.348769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.348825] page_type: f5(slab) [ 16.348864] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.349018] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.349204] page dumped because: kasan: bad access detected [ 16.349283] [ 16.349430] Memory state around the buggy address: [ 16.349676] fff00000c61bc280: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 16.349770] fff00000c61bc300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.349989] >fff00000c61bc380: fa fb fc fc 00 04 fc fc 00 07 fc fc fc fc fc fc [ 16.350204] ^ [ 16.350378] fff00000c61bc400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.350481] fff00000c61bc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.350750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.319527] ================================================================== [ 16.319890] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.320727] Write of size 1 at addr fff00000c638b573 by task kunit_try_catch/136 [ 16.320834] [ 16.321603] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.321743] Tainted: [N]=TEST [ 16.321775] Hardware name: linux,dummy-virt (DT) [ 16.321995] Call trace: [ 16.322176] show_stack+0x20/0x38 (C) [ 16.322313] dump_stack_lvl+0x8c/0xd0 [ 16.322379] print_report+0x118/0x608 [ 16.322427] kasan_report+0xdc/0x128 [ 16.322472] __asan_report_store1_noabort+0x20/0x30 [ 16.322523] kmalloc_oob_right+0x5a4/0x660 [ 16.322568] kunit_try_run_case+0x170/0x3f0 [ 16.322618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.322671] kthread+0x328/0x630 [ 16.322716] ret_from_fork+0x10/0x20 [ 16.322873] [ 16.322911] Allocated by task 136: [ 16.323023] kasan_save_stack+0x3c/0x68 [ 16.323090] kasan_save_track+0x20/0x40 [ 16.323140] kasan_save_alloc_info+0x40/0x58 [ 16.323179] __kasan_kmalloc+0xd4/0xd8 [ 16.323215] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.323256] kmalloc_oob_right+0xb0/0x660 [ 16.323291] kunit_try_run_case+0x170/0x3f0 [ 16.323329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.323372] kthread+0x328/0x630 [ 16.323405] ret_from_fork+0x10/0x20 [ 16.323462] [ 16.323522] The buggy address belongs to the object at fff00000c638b500 [ 16.323522] which belongs to the cache kmalloc-128 of size 128 [ 16.323618] The buggy address is located 0 bytes to the right of [ 16.323618] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.323820] [ 16.323916] The buggy address belongs to the physical page: [ 16.324140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.324420] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.324708] page_type: f5(slab) [ 16.324997] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.325061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.325178] page dumped because: kasan: bad access detected [ 16.325218] [ 16.325243] Memory state around the buggy address: [ 16.325459] fff00000c638b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.325530] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325584] >fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.325636] ^ [ 16.325716] fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325757] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.325818] ================================================================== [ 16.333856] ================================================================== [ 16.333907] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.333952] Read of size 1 at addr fff00000c638b580 by task kunit_try_catch/136 [ 16.334007] [ 16.334087] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.334217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.334384] Hardware name: linux,dummy-virt (DT) [ 16.334420] Call trace: [ 16.334441] show_stack+0x20/0x38 (C) [ 16.334536] dump_stack_lvl+0x8c/0xd0 [ 16.334589] print_report+0x118/0x608 [ 16.334635] kasan_report+0xdc/0x128 [ 16.334679] __asan_report_load1_noabort+0x20/0x30 [ 16.334753] kmalloc_oob_right+0x5d0/0x660 [ 16.334820] kunit_try_run_case+0x170/0x3f0 [ 16.334868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.335072] kthread+0x328/0x630 [ 16.335133] ret_from_fork+0x10/0x20 [ 16.335247] [ 16.335285] Allocated by task 136: [ 16.335406] kasan_save_stack+0x3c/0x68 [ 16.335451] kasan_save_track+0x20/0x40 [ 16.335493] kasan_save_alloc_info+0x40/0x58 [ 16.335549] __kasan_kmalloc+0xd4/0xd8 [ 16.335586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.335724] kmalloc_oob_right+0xb0/0x660 [ 16.335894] kunit_try_run_case+0x170/0x3f0 [ 16.335943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.335992] kthread+0x328/0x630 [ 16.336023] ret_from_fork+0x10/0x20 [ 16.336176] [ 16.336198] The buggy address belongs to the object at fff00000c638b500 [ 16.336198] which belongs to the cache kmalloc-128 of size 128 [ 16.336281] The buggy address is located 13 bytes to the right of [ 16.336281] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.336466] [ 16.336505] The buggy address belongs to the physical page: [ 16.336564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.336740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.336902] page_type: f5(slab) [ 16.337000] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.337212] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.337284] page dumped because: kasan: bad access detected [ 16.337315] [ 16.337332] Memory state around the buggy address: [ 16.337400] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337464] fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.337553] >fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337601] ^ [ 16.337630] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337672] fff00000c638b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.337736] ================================================================== [ 16.326883] ================================================================== [ 16.326931] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.326979] Write of size 1 at addr fff00000c638b578 by task kunit_try_catch/136 [ 16.327367] [ 16.327421] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.327533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.327560] Hardware name: linux,dummy-virt (DT) [ 16.328108] Call trace: [ 16.328258] show_stack+0x20/0x38 (C) [ 16.328313] dump_stack_lvl+0x8c/0xd0 [ 16.328581] print_report+0x118/0x608 [ 16.328814] kasan_report+0xdc/0x128 [ 16.328869] __asan_report_store1_noabort+0x20/0x30 [ 16.328921] kmalloc_oob_right+0x538/0x660 [ 16.329101] kunit_try_run_case+0x170/0x3f0 [ 16.329257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.329439] kthread+0x328/0x630 [ 16.329542] ret_from_fork+0x10/0x20 [ 16.329720] [ 16.329758] Allocated by task 136: [ 16.329792] kasan_save_stack+0x3c/0x68 [ 16.330065] kasan_save_track+0x20/0x40 [ 16.330254] kasan_save_alloc_info+0x40/0x58 [ 16.330305] __kasan_kmalloc+0xd4/0xd8 [ 16.330431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.330554] kmalloc_oob_right+0xb0/0x660 [ 16.330642] kunit_try_run_case+0x170/0x3f0 [ 16.330759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.330931] kthread+0x328/0x630 [ 16.331044] ret_from_fork+0x10/0x20 [ 16.331146] [ 16.331176] The buggy address belongs to the object at fff00000c638b500 [ 16.331176] which belongs to the cache kmalloc-128 of size 128 [ 16.331327] The buggy address is located 5 bytes to the right of [ 16.331327] allocated 115-byte region [fff00000c638b500, fff00000c638b573) [ 16.331449] [ 16.331507] The buggy address belongs to the physical page: [ 16.331538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638b [ 16.331886] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.332071] page_type: f5(slab) [ 16.332125] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.332182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.332226] page dumped because: kasan: bad access detected [ 16.332256] [ 16.332273] Memory state around the buggy address: [ 16.332302] fff00000c638b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.332343] fff00000c638b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332508] >fff00000c638b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.332768] ^ [ 16.332952] fff00000c638b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.333056] fff00000c638b600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.333245] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.870667] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.872255] Modules linked in: [ 95.872475] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 95.873462] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.874197] Hardware name: linux,dummy-virt (DT) [ 95.874570] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.874856] pc : intlog10+0x38/0x48 [ 95.875038] lr : intlog10_test+0xe4/0x200 [ 95.875474] sp : ffff800082427c10 [ 95.875841] x29: ffff800082427c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.876738] x26: 1ffe000018dc24e1 x25: 0000000000000000 x24: ffff800082427ce0 [ 95.877653] x23: ffff800082427d00 x22: 0000000000000000 x21: 1ffff00010484f82 [ 95.878561] x20: ffffb06b70a89e80 x19: ffff800080087990 x18: 0000000028abadb7 [ 95.879325] x17: 00000000d635af6b x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.880139] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff760d6e923379 [ 95.880856] x11: 1ffff60d6e923378 x10: ffff760d6e923378 x9 : ffffb06b6e03685c [ 95.881208] x8 : ffffb06b74919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.881543] x5 : ffff700010484f82 x4 : 1ffff00010010f3a x3 : 1ffff60d6e1513d0 [ 95.881873] x2 : 1ffff60d6e1513d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.882215] Call trace: [ 95.882354] intlog10+0x38/0x48 (P) [ 95.882542] kunit_try_run_case+0x170/0x3f0 [ 95.882741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.882971] kthread+0x328/0x630 [ 95.883189] ret_from_fork+0x10/0x20 [ 95.883731] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.818963] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.822634] Modules linked in: [ 95.823254] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 95.824488] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.825158] Hardware name: linux,dummy-virt (DT) [ 95.825372] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.826420] pc : intlog2+0xd8/0xf8 [ 95.826964] lr : intlog2_test+0xe4/0x200 [ 95.827606] sp : ffff800082277c10 [ 95.828157] x29: ffff800082277c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.828981] x26: 1ffe000019013ec1 x25: 0000000000000000 x24: ffff800082277ce0 [ 95.829343] x23: ffff800082277d00 x22: 0000000000000000 x21: 1ffff0001044ef82 [ 95.829686] x20: ffffb06b70a89d80 x19: ffff800080087990 x18: 00000000bf8cd8f2 [ 95.830018] x17: 00000000272f94c8 x16: fff00000c0975c3c x15: 00000000e8898e4f [ 95.831126] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff760d6e923379 [ 95.832048] x11: 1ffff60d6e923378 x10: ffff760d6e923378 x9 : ffffb06b6e036a5c [ 95.832957] x8 : ffffb06b74919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.833763] x5 : ffff70001044ef82 x4 : 1ffff00010010f3a x3 : 1ffff60d6e1513b0 [ 95.834543] x2 : 1ffff60d6e1513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.835308] Call trace: [ 95.835624] intlog2+0xd8/0xf8 (P) [ 95.836096] kunit_try_run_case+0x170/0x3f0 [ 95.836691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.837286] kthread+0x328/0x630 [ 95.837686] ret_from_fork+0x10/0x20 [ 95.838163] ---[ end trace 0000000000000000 ]---