Date
July 6, 2025, 11:09 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.023316] ================================================================== [ 19.023474] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.023551] Write of size 8 at addr fff00000c1376c68 by task kunit_try_catch/262 [ 19.023604] [ 19.023887] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.024186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.024226] Hardware name: linux,dummy-virt (DT) [ 19.024413] Call trace: [ 19.024455] show_stack+0x20/0x38 (C) [ 19.024509] dump_stack_lvl+0x8c/0xd0 [ 19.024594] print_report+0x118/0x608 [ 19.024643] kasan_report+0xdc/0x128 [ 19.024690] kasan_check_range+0x100/0x1a8 [ 19.025035] __kasan_check_write+0x20/0x30 [ 19.025135] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.025198] kasan_bitops_generic+0x110/0x1c8 [ 19.025247] kunit_try_run_case+0x170/0x3f0 [ 19.025431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.025625] kthread+0x328/0x630 [ 19.025762] ret_from_fork+0x10/0x20 [ 19.025817] [ 19.025838] Allocated by task 262: [ 19.025868] kasan_save_stack+0x3c/0x68 [ 19.026033] kasan_save_track+0x20/0x40 [ 19.026087] kasan_save_alloc_info+0x40/0x58 [ 19.026151] __kasan_kmalloc+0xd4/0xd8 [ 19.026307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.026359] kasan_bitops_generic+0xa0/0x1c8 [ 19.026514] kunit_try_run_case+0x170/0x3f0 [ 19.026569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.026615] kthread+0x328/0x630 [ 19.026648] ret_from_fork+0x10/0x20 [ 19.026873] [ 19.027038] The buggy address belongs to the object at fff00000c1376c60 [ 19.027038] which belongs to the cache kmalloc-16 of size 16 [ 19.027156] The buggy address is located 8 bytes inside of [ 19.027156] allocated 9-byte region [fff00000c1376c60, fff00000c1376c69) [ 19.027512] [ 19.027593] The buggy address belongs to the physical page: [ 19.027727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 19.027786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.027887] page_type: f5(slab) [ 19.028388] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.028458] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.028502] page dumped because: kasan: bad access detected [ 19.029722] [ 19.029764] Memory state around the buggy address: [ 19.029803] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 19.029862] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.030325] >fff00000c1376c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.030389] ^ [ 19.030432] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.030512] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.031004] ================================================================== [ 19.007440] ================================================================== [ 19.007503] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.007564] Write of size 8 at addr fff00000c1376c68 by task kunit_try_catch/262 [ 19.007617] [ 19.007693] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.007780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.007807] Hardware name: linux,dummy-virt (DT) [ 19.008244] Call trace: [ 19.008287] show_stack+0x20/0x38 (C) [ 19.008343] dump_stack_lvl+0x8c/0xd0 [ 19.008437] print_report+0x118/0x608 [ 19.008514] kasan_report+0xdc/0x128 [ 19.008632] kasan_check_range+0x100/0x1a8 [ 19.008690] __kasan_check_write+0x20/0x30 [ 19.008765] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.008827] kasan_bitops_generic+0x110/0x1c8 [ 19.008876] kunit_try_run_case+0x170/0x3f0 [ 19.009240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.009344] kthread+0x328/0x630 [ 19.009508] ret_from_fork+0x10/0x20 [ 19.009580] [ 19.009602] Allocated by task 262: [ 19.009794] kasan_save_stack+0x3c/0x68 [ 19.009851] kasan_save_track+0x20/0x40 [ 19.010237] kasan_save_alloc_info+0x40/0x58 [ 19.010490] __kasan_kmalloc+0xd4/0xd8 [ 19.010565] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.010616] kasan_bitops_generic+0xa0/0x1c8 [ 19.010658] kunit_try_run_case+0x170/0x3f0 [ 19.010698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.011057] kthread+0x328/0x630 [ 19.011195] ret_from_fork+0x10/0x20 [ 19.011339] [ 19.011399] The buggy address belongs to the object at fff00000c1376c60 [ 19.011399] which belongs to the cache kmalloc-16 of size 16 [ 19.011574] The buggy address is located 8 bytes inside of [ 19.011574] allocated 9-byte region [fff00000c1376c60, fff00000c1376c69) [ 19.011892] [ 19.012035] The buggy address belongs to the physical page: [ 19.012154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 19.012335] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.012541] page_type: f5(slab) [ 19.012634] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.012850] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.013055] page dumped because: kasan: bad access detected [ 19.013240] [ 19.013306] Memory state around the buggy address: [ 19.013402] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 19.013522] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.013583] >fff00000c1376c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.013656] ^ [ 19.014032] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.014194] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.014260] ================================================================== [ 19.037978] ================================================================== [ 19.038779] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.038861] Read of size 8 at addr fff00000c1376c68 by task kunit_try_catch/262 [ 19.040995] [ 19.042333] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.043012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.043087] Hardware name: linux,dummy-virt (DT) [ 19.043297] Call trace: [ 19.043354] show_stack+0x20/0x38 (C) [ 19.043570] dump_stack_lvl+0x8c/0xd0 [ 19.043827] print_report+0x118/0x608 [ 19.043949] kasan_report+0xdc/0x128 [ 19.044121] __asan_report_load8_noabort+0x20/0x30 [ 19.044294] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.044354] kasan_bitops_generic+0x110/0x1c8 [ 19.044647] kunit_try_run_case+0x170/0x3f0 [ 19.044855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.045099] kthread+0x328/0x630 [ 19.045258] ret_from_fork+0x10/0x20 [ 19.045347] [ 19.045512] Allocated by task 262: [ 19.045723] kasan_save_stack+0x3c/0x68 [ 19.045804] kasan_save_track+0x20/0x40 [ 19.045959] kasan_save_alloc_info+0x40/0x58 [ 19.046111] __kasan_kmalloc+0xd4/0xd8 [ 19.046241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.046289] kasan_bitops_generic+0xa0/0x1c8 [ 19.046750] kunit_try_run_case+0x170/0x3f0 [ 19.047003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.047170] kthread+0x328/0x630 [ 19.047288] ret_from_fork+0x10/0x20 [ 19.048896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 19.049468] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.050529] ================================================================== [ 19.016868] ================================================================== [ 19.017091] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.017164] Read of size 8 at addr fff00000c1376c68 by task kunit_try_catch/262 [ 19.017385] [ 19.017447] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.017542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.017569] Hardware name: linux,dummy-virt (DT) [ 19.017927] Call trace: [ 19.017983] show_stack+0x20/0x38 (C) [ 19.018141] dump_stack_lvl+0x8c/0xd0 [ 19.018475] print_report+0x118/0x608 [ 19.018534] kasan_report+0xdc/0x128 [ 19.018583] __asan_report_load8_noabort+0x20/0x30 [ 19.018639] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.018710] kasan_bitops_generic+0x110/0x1c8 [ 19.018759] kunit_try_run_case+0x170/0x3f0 [ 19.018809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.018871] kthread+0x328/0x630 [ 19.018928] ret_from_fork+0x10/0x20 [ 19.018978] [ 19.019008] Allocated by task 262: [ 19.019042] kasan_save_stack+0x3c/0x68 [ 19.019100] kasan_save_track+0x20/0x40 [ 19.019141] kasan_save_alloc_info+0x40/0x58 [ 19.019183] __kasan_kmalloc+0xd4/0xd8 [ 19.019220] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.019261] kasan_bitops_generic+0xa0/0x1c8 [ 19.019309] kunit_try_run_case+0x170/0x3f0 [ 19.019349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.019403] kthread+0x328/0x630 [ 19.019442] ret_from_fork+0x10/0x20 [ 19.019500] [ 19.019520] The buggy address belongs to the object at fff00000c1376c60 [ 19.019520] which belongs to the cache kmalloc-16 of size 16 [ 19.019588] The buggy address is located 8 bytes inside of [ 19.019588] allocated 9-byte region [fff00000c1376c60, fff00000c1376c69) [ 19.019652] [ 19.019691] The buggy address belongs to the physical page: [ 19.019725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 19.019779] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.019829] page_type: f5(slab) [ 19.019881] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.019945] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.020131] page dumped because: kasan: bad access detected [ 19.020446] [ 19.020814] Memory state around the buggy address: [ 19.020887] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 19.020981] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.021055] >fff00000c1376c00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.021117] ^ [ 19.021186] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.021979] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.022033] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.229353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 19.196877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 19.256979] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 19.180488] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.072628] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.823484] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.833007] Modules linked in: [ 94.834047] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 94.835229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.835673] Hardware name: linux,dummy-virt (DT) [ 94.836256] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.837049] pc : kunit_test_null_dereference+0x70/0x170 [ 94.837614] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.837860] sp : ffff800080f27d30 [ 94.838140] x29: ffff800080f27d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.839150] x26: 1ffe000018c84621 x25: 0000000000000000 x24: 0000000000000004 [ 94.839908] x23: fff00000c642310c x22: ffff9c72c1e235b8 x21: fff00000c1201188 [ 94.840661] x20: 1ffff000101e4fa6 x19: ffff800080087990 x18: 00000000325f88a7 [ 94.841328] x17: 0000000000000000 x16: fff00000da474d28 x15: 000000004b822400 [ 94.841670] x14: 00000000a7242ee8 x13: 1ffe00001b48e989 x12: fffd800018d898b4 [ 94.842071] x11: 1ffe000018d898b3 x10: fffd800018d898b3 x9 : ffff9c72c1e1aa20 [ 94.843007] x8 : ffff800080f27c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.843743] x5 : ffff7000101e4fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.844473] x2 : dfff800000000000 x1 : fff00000c6c4bcc0 x0 : ffff800080087990 [ 94.845260] Call trace: [ 94.845559] kunit_test_null_dereference+0x70/0x170 (P) [ 94.846187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.846826] kthread+0x328/0x630 [ 94.847205] ret_from_fork+0x10/0x20 [ 94.847672] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.848196] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.463841] ================================================================== [ 50.463906] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.463906] [ 50.464010] Use-after-free read at 0x0000000047e70d9c (in kfence-#143): [ 50.464063] test_krealloc+0x51c/0x830 [ 50.464109] kunit_try_run_case+0x170/0x3f0 [ 50.464155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.464200] kthread+0x328/0x630 [ 50.464238] ret_from_fork+0x10/0x20 [ 50.464279] [ 50.464303] kfence-#143: 0x0000000047e70d9c-0x00000000dd1e0409, size=32, cache=kmalloc-32 [ 50.464303] [ 50.464357] allocated by task 338 on cpu 1 at 50.463208s (0.001145s ago): [ 50.464426] test_alloc+0x29c/0x628 [ 50.464465] test_krealloc+0xc0/0x830 [ 50.464505] kunit_try_run_case+0x170/0x3f0 [ 50.464545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.464590] kthread+0x328/0x630 [ 50.464626] ret_from_fork+0x10/0x20 [ 50.464665] [ 50.464688] freed by task 338 on cpu 1 at 50.463462s (0.001221s ago): [ 50.464749] krealloc_noprof+0x148/0x360 [ 50.464787] test_krealloc+0x1dc/0x830 [ 50.464825] kunit_try_run_case+0x170/0x3f0 [ 50.464865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.464907] kthread+0x328/0x630 [ 50.464953] ret_from_fork+0x10/0x20 [ 50.464992] [ 50.465040] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.465123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.465153] Hardware name: linux,dummy-virt (DT) [ 50.465187] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.390478] ================================================================== [ 50.390578] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.390578] [ 50.390674] Use-after-free read at 0x000000009a51ceaf (in kfence-#142): [ 50.390728] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.390776] kunit_try_run_case+0x170/0x3f0 [ 50.390821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.390865] kthread+0x328/0x630 [ 50.390904] ret_from_fork+0x10/0x20 [ 50.390963] [ 50.390987] kfence-#142: 0x000000009a51ceaf-0x0000000045f4ae10, size=32, cache=test [ 50.390987] [ 50.391039] allocated by task 336 on cpu 0 at 50.356107s (0.034928s ago): [ 50.391109] test_alloc+0x230/0x628 [ 50.391148] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.391191] kunit_try_run_case+0x170/0x3f0 [ 50.391230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.391274] kthread+0x328/0x630 [ 50.391310] ret_from_fork+0x10/0x20 [ 50.391350] [ 50.391373] freed by task 336 on cpu 0 at 50.356203s (0.035165s ago): [ 50.391429] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.391470] kunit_try_run_case+0x170/0x3f0 [ 50.391509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.391552] kthread+0x328/0x630 [ 50.391587] ret_from_fork+0x10/0x20 [ 50.391627] [ 50.391671] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 50.391749] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.391779] Hardware name: linux,dummy-virt (DT) [ 50.391814] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.973935] ================================================================== [ 26.974294] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.974294] [ 26.974432] Invalid read at 0x00000000028c070e: [ 26.974522] test_invalid_access+0xdc/0x1f0 [ 26.974604] kunit_try_run_case+0x170/0x3f0 [ 26.974681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.974753] kthread+0x328/0x630 [ 26.974820] ret_from_fork+0x10/0x20 [ 26.974894] [ 26.974985] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.975097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.975154] Hardware name: linux,dummy-virt (DT) [ 26.975215] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.746605] ================================================================== [ 26.746700] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.746700] [ 26.746764] Corrupted memory at 0x0000000060810cbb [ ! . . . . . . . . . . . . . . . ] (in kfence-#138): [ 26.747088] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.747139] kunit_try_run_case+0x170/0x3f0 [ 26.747182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.747226] kthread+0x328/0x630 [ 26.747263] ret_from_fork+0x10/0x20 [ 26.747302] [ 26.747326] kfence-#138: 0x00000000dcef31e7-0x000000004edf54cd, size=73, cache=kmalloc-96 [ 26.747326] [ 26.747382] allocated by task 326 on cpu 0 at 26.746370s (0.001008s ago): [ 26.747444] test_alloc+0x29c/0x628 [ 26.747484] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.747526] kunit_try_run_case+0x170/0x3f0 [ 26.747566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.747609] kthread+0x328/0x630 [ 26.747644] ret_from_fork+0x10/0x20 [ 26.747683] [ 26.747706] freed by task 326 on cpu 0 at 26.746513s (0.001188s ago): [ 26.747767] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.747810] kunit_try_run_case+0x170/0x3f0 [ 26.747849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.747892] kthread+0x328/0x630 [ 26.747938] ret_from_fork+0x10/0x20 [ 26.747977] [ 26.748021] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.748100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.748129] Hardware name: linux,dummy-virt (DT) [ 26.748162] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.434719] ================================================================== [ 26.434818] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.434818] [ 26.434937] Out-of-bounds read at 0x00000000a5ef1ceb (105B right of kfence-#135): [ 26.434999] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.435048] kunit_try_run_case+0x170/0x3f0 [ 26.435094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.435139] kthread+0x328/0x630 [ 26.435176] ret_from_fork+0x10/0x20 [ 26.435216] [ 26.435242] kfence-#135: 0x00000000d0a07ef1-0x00000000efefaaa1, size=73, cache=kmalloc-96 [ 26.435242] [ 26.435296] allocated by task 324 on cpu 0 at 26.434462s (0.000829s ago): [ 26.435367] test_alloc+0x29c/0x628 [ 26.435409] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.435454] kunit_try_run_case+0x170/0x3f0 [ 26.435494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.435538] kthread+0x328/0x630 [ 26.435574] ret_from_fork+0x10/0x20 [ 26.435614] [ 26.435662] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.435745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.435774] Hardware name: linux,dummy-virt (DT) [ 26.435809] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.066738] ================================================================== [ 22.066842] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.066842] [ 22.066926] Corrupted memory at 0x0000000015c8c534 [ ! . . . . . . . . . . . . . . . ] (in kfence-#93): [ 22.068047] test_corruption+0x278/0x378 [ 22.068100] kunit_try_run_case+0x170/0x3f0 [ 22.068145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.068190] kthread+0x328/0x630 [ 22.068229] ret_from_fork+0x10/0x20 [ 22.068268] [ 22.068292] kfence-#93: 0x00000000a4578130-0x0000000083281bf0, size=32, cache=kmalloc-32 [ 22.068292] [ 22.068350] allocated by task 312 on cpu 0 at 22.066449s (0.001897s ago): [ 22.068413] test_alloc+0x29c/0x628 [ 22.068454] test_corruption+0xdc/0x378 [ 22.068494] kunit_try_run_case+0x170/0x3f0 [ 22.068535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.068578] kthread+0x328/0x630 [ 22.068612] ret_from_fork+0x10/0x20 [ 22.068652] [ 22.068676] freed by task 312 on cpu 0 at 22.066558s (0.002114s ago): [ 22.068736] test_corruption+0x278/0x378 [ 22.068776] kunit_try_run_case+0x170/0x3f0 [ 22.068816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.068860] kthread+0x328/0x630 [ 22.068896] ret_from_fork+0x10/0x20 [ 22.068948] [ 22.068996] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.069082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.069112] Hardware name: linux,dummy-virt (DT) [ 22.069148] ================================================================== [ 22.274706] ================================================================== [ 22.274797] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.274797] [ 22.274859] Corrupted memory at 0x00000000e0e48a62 [ ! ] (in kfence-#95): [ 22.275003] test_corruption+0x284/0x378 [ 22.275052] kunit_try_run_case+0x170/0x3f0 [ 22.275094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.275138] kthread+0x328/0x630 [ 22.275176] ret_from_fork+0x10/0x20 [ 22.275216] [ 22.275240] kfence-#95: 0x00000000e5f3cedd-0x00000000f448a675, size=32, cache=kmalloc-32 [ 22.275240] [ 22.275296] allocated by task 312 on cpu 0 at 22.274426s (0.000866s ago): [ 22.275357] test_alloc+0x29c/0x628 [ 22.275397] test_corruption+0x198/0x378 [ 22.275437] kunit_try_run_case+0x170/0x3f0 [ 22.275475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.275519] kthread+0x328/0x630 [ 22.275556] ret_from_fork+0x10/0x20 [ 22.275593] [ 22.275615] freed by task 312 on cpu 0 at 22.274537s (0.001075s ago): [ 22.275675] test_corruption+0x284/0x378 [ 22.275715] kunit_try_run_case+0x170/0x3f0 [ 22.275753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.275796] kthread+0x328/0x630 [ 22.275831] ret_from_fork+0x10/0x20 [ 22.275869] [ 22.275920] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.275999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.276027] Hardware name: linux,dummy-virt (DT) [ 22.276061] ================================================================== [ 22.586647] ================================================================== [ 22.586732] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.586732] [ 22.586793] Corrupted memory at 0x00000000d6df8f61 [ ! ] (in kfence-#98): [ 22.586906] test_corruption+0x1d8/0x378 [ 22.586969] kunit_try_run_case+0x170/0x3f0 [ 22.587010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.587055] kthread+0x328/0x630 [ 22.587094] ret_from_fork+0x10/0x20 [ 22.587133] [ 22.587157] kfence-#98: 0x000000004c9011d7-0x0000000058073912, size=32, cache=test [ 22.587157] [ 22.587209] allocated by task 314 on cpu 1 at 22.586508s (0.000698s ago): [ 22.587270] test_alloc+0x230/0x628 [ 22.587310] test_corruption+0x198/0x378 [ 22.587350] kunit_try_run_case+0x170/0x3f0 [ 22.587389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.587431] kthread+0x328/0x630 [ 22.587466] ret_from_fork+0x10/0x20 [ 22.587505] [ 22.587527] freed by task 314 on cpu 1 at 22.586564s (0.000959s ago): [ 22.587588] test_corruption+0x1d8/0x378 [ 22.587626] kunit_try_run_case+0x170/0x3f0 [ 22.587665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.587708] kthread+0x328/0x630 [ 22.587742] ret_from_fork+0x10/0x20 [ 22.587781] [ 22.587824] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.587898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.587937] Hardware name: linux,dummy-virt (DT) [ 22.587971] ================================================================== [ 22.482625] ================================================================== [ 22.482711] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.482711] [ 22.482775] Corrupted memory at 0x000000002ca0a18f [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 22.483100] test_corruption+0x120/0x378 [ 22.483147] kunit_try_run_case+0x170/0x3f0 [ 22.483192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.483238] kthread+0x328/0x630 [ 22.483278] ret_from_fork+0x10/0x20 [ 22.483321] [ 22.483348] kfence-#97: 0x00000000183309ec-0x0000000057e97891, size=32, cache=test [ 22.483348] [ 22.483407] allocated by task 314 on cpu 1 at 22.482477s (0.000926s ago): [ 22.483469] test_alloc+0x230/0x628 [ 22.483509] test_corruption+0xdc/0x378 [ 22.483549] kunit_try_run_case+0x170/0x3f0 [ 22.483589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.483632] kthread+0x328/0x630 [ 22.483668] ret_from_fork+0x10/0x20 [ 22.483707] [ 22.483729] freed by task 314 on cpu 1 at 22.482533s (0.001193s ago): [ 22.483791] test_corruption+0x120/0x378 [ 22.483829] kunit_try_run_case+0x170/0x3f0 [ 22.483869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.483921] kthread+0x328/0x630 [ 22.483958] ret_from_fork+0x10/0x20 [ 22.483997] [ 22.484045] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.484123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.484151] Hardware name: linux,dummy-virt (DT) [ 22.484185] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.858504] ================================================================== [ 21.858590] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.858590] [ 21.858652] Invalid free of 0x00000000c846b2cc (in kfence-#91): [ 21.858704] test_invalid_addr_free+0x1ac/0x238 [ 21.858752] kunit_try_run_case+0x170/0x3f0 [ 21.858794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.858838] kthread+0x328/0x630 [ 21.858876] ret_from_fork+0x10/0x20 [ 21.858935] [ 21.858959] kfence-#91: 0x00000000345cd49d-0x00000000a7e1ed4e, size=32, cache=kmalloc-32 [ 21.858959] [ 21.859015] allocated by task 308 on cpu 1 at 21.858362s (0.000650s ago): [ 21.859079] test_alloc+0x29c/0x628 [ 21.859120] test_invalid_addr_free+0xd4/0x238 [ 21.859162] kunit_try_run_case+0x170/0x3f0 [ 21.859202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.859245] kthread+0x328/0x630 [ 21.859282] ret_from_fork+0x10/0x20 [ 21.859321] [ 21.859366] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.859446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.859476] Hardware name: linux,dummy-virt (DT) [ 21.859511] ================================================================== [ 21.962498] ================================================================== [ 21.962589] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.962589] [ 21.962649] Invalid free of 0x000000004a485706 (in kfence-#92): [ 21.962703] test_invalid_addr_free+0xec/0x238 [ 21.962747] kunit_try_run_case+0x170/0x3f0 [ 21.962790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.962835] kthread+0x328/0x630 [ 21.962871] ret_from_fork+0x10/0x20 [ 21.962926] [ 21.962950] kfence-#92: 0x00000000b9a6fd19-0x000000002011ed04, size=32, cache=test [ 21.962950] [ 21.963002] allocated by task 310 on cpu 1 at 21.962378s (0.000620s ago): [ 21.963065] test_alloc+0x230/0x628 [ 21.963104] test_invalid_addr_free+0xd4/0x238 [ 21.963147] kunit_try_run_case+0x170/0x3f0 [ 21.963185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.963228] kthread+0x328/0x630 [ 21.963262] ret_from_fork+0x10/0x20 [ 21.963304] [ 21.963349] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.963427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.963456] Hardware name: linux,dummy-virt (DT) [ 21.963491] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.651235] ================================================================== [ 21.651354] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.651354] [ 21.651422] Invalid free of 0x0000000061d1c8cb (in kfence-#89): [ 21.651487] test_double_free+0x1bc/0x238 [ 21.651533] kunit_try_run_case+0x170/0x3f0 [ 21.651577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.651620] kthread+0x328/0x630 [ 21.651660] ret_from_fork+0x10/0x20 [ 21.651699] [ 21.651724] kfence-#89: 0x0000000061d1c8cb-0x00000000ff7f02b7, size=32, cache=kmalloc-32 [ 21.651724] [ 21.651780] allocated by task 304 on cpu 1 at 21.650431s (0.001345s ago): [ 21.651841] test_alloc+0x29c/0x628 [ 21.651882] test_double_free+0xd4/0x238 [ 21.651950] kunit_try_run_case+0x170/0x3f0 [ 21.651992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.652035] kthread+0x328/0x630 [ 21.652072] ret_from_fork+0x10/0x20 [ 21.652110] [ 21.652134] freed by task 304 on cpu 1 at 21.650923s (0.001208s ago): [ 21.652198] test_double_free+0x1ac/0x238 [ 21.652240] kunit_try_run_case+0x170/0x3f0 [ 21.652280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.652323] kthread+0x328/0x630 [ 21.652359] ret_from_fork+0x10/0x20 [ 21.652400] [ 21.652448] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.652529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.652558] Hardware name: linux,dummy-virt (DT) [ 21.652594] ================================================================== [ 21.754652] ================================================================== [ 21.754741] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.754741] [ 21.754803] Invalid free of 0x0000000051839fe7 (in kfence-#90): [ 21.754857] test_double_free+0x100/0x238 [ 21.754904] kunit_try_run_case+0x170/0x3f0 [ 21.754963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.755006] kthread+0x328/0x630 [ 21.755044] ret_from_fork+0x10/0x20 [ 21.755083] [ 21.755108] kfence-#90: 0x0000000051839fe7-0x00000000cbe12fd2, size=32, cache=test [ 21.755108] [ 21.755161] allocated by task 306 on cpu 1 at 21.754437s (0.000720s ago): [ 21.755223] test_alloc+0x230/0x628 [ 21.755262] test_double_free+0xd4/0x238 [ 21.755303] kunit_try_run_case+0x170/0x3f0 [ 21.755341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.755386] kthread+0x328/0x630 [ 21.755420] ret_from_fork+0x10/0x20 [ 21.755460] [ 21.755483] freed by task 306 on cpu 1 at 21.754513s (0.000966s ago): [ 21.755545] test_double_free+0xf0/0x238 [ 21.755584] kunit_try_run_case+0x170/0x3f0 [ 21.755627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.755670] kthread+0x328/0x630 [ 21.755704] ret_from_fork+0x10/0x20 [ 21.755744] [ 21.755789] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.755867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.755896] Hardware name: linux,dummy-virt (DT) [ 21.755942] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.236128] ================================================================== [ 21.236384] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.236384] [ 21.236567] Use-after-free read at 0x000000009b1ac8fd (in kfence-#85): [ 21.236617] test_use_after_free_read+0x114/0x248 [ 21.237108] kunit_try_run_case+0x170/0x3f0 [ 21.237294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.237353] kthread+0x328/0x630 [ 21.237491] ret_from_fork+0x10/0x20 [ 21.237532] [ 21.237557] kfence-#85: 0x000000009b1ac8fd-0x000000003cc7fc8b, size=32, cache=kmalloc-32 [ 21.237557] [ 21.237853] allocated by task 296 on cpu 1 at 21.235536s (0.002298s ago): [ 21.237939] test_alloc+0x29c/0x628 [ 21.237982] test_use_after_free_read+0xd0/0x248 [ 21.238034] kunit_try_run_case+0x170/0x3f0 [ 21.238194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.238274] kthread+0x328/0x630 [ 21.238348] ret_from_fork+0x10/0x20 [ 21.238405] [ 21.238688] freed by task 296 on cpu 1 at 21.235774s (0.002683s ago): [ 21.238955] test_use_after_free_read+0x1c0/0x248 [ 21.239015] kunit_try_run_case+0x170/0x3f0 [ 21.239167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.239219] kthread+0x328/0x630 [ 21.239320] ret_from_fork+0x10/0x20 [ 21.239374] [ 21.239422] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.239769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.239799] Hardware name: linux,dummy-virt (DT) [ 21.239835] ================================================================== [ 21.339712] ================================================================== [ 21.340284] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.340284] [ 21.340381] Use-after-free read at 0x00000000088152b0 (in kfence-#86): [ 21.340510] test_use_after_free_read+0x114/0x248 [ 21.340662] kunit_try_run_case+0x170/0x3f0 [ 21.340711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.340821] kthread+0x328/0x630 [ 21.340891] ret_from_fork+0x10/0x20 [ 21.340943] [ 21.340967] kfence-#86: 0x00000000088152b0-0x00000000557cb7bb, size=32, cache=test [ 21.340967] [ 21.341023] allocated by task 298 on cpu 1 at 21.339101s (0.001912s ago): [ 21.341343] test_alloc+0x230/0x628 [ 21.341407] test_use_after_free_read+0xd0/0x248 [ 21.341449] kunit_try_run_case+0x170/0x3f0 [ 21.341488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.341537] kthread+0x328/0x630 [ 21.341696] ret_from_fork+0x10/0x20 [ 21.341764] [ 21.341836] freed by task 298 on cpu 1 at 21.339161s (0.002657s ago): [ 21.342351] test_use_after_free_read+0xf0/0x248 [ 21.342685] kunit_try_run_case+0x170/0x3f0 [ 21.342764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.342810] kthread+0x328/0x630 [ 21.342847] ret_from_fork+0x10/0x20 [ 21.342905] [ 21.343272] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.343862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.343898] Hardware name: linux,dummy-virt (DT) [ 21.344007] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.131794] ================================================================== [ 21.131887] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.131887] [ 21.132038] Out-of-bounds write at 0x0000000088299e97 (1B left of kfence-#84): [ 21.132095] test_out_of_bounds_write+0x100/0x240 [ 21.132219] kunit_try_run_case+0x170/0x3f0 [ 21.132266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.132316] kthread+0x328/0x630 [ 21.132512] ret_from_fork+0x10/0x20 [ 21.132559] [ 21.132584] kfence-#84: 0x000000004e60de87-0x00000000eb3dfaf4, size=32, cache=test [ 21.132584] [ 21.132636] allocated by task 294 on cpu 1 at 21.131707s (0.000925s ago): [ 21.132704] test_alloc+0x230/0x628 [ 21.132744] test_out_of_bounds_write+0xc8/0x240 [ 21.134180] kunit_try_run_case+0x170/0x3f0 [ 21.134324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.134375] kthread+0x328/0x630 [ 21.134423] ret_from_fork+0x10/0x20 [ 21.134463] [ 21.134523] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.134657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.134687] Hardware name: linux,dummy-virt (DT) [ 21.134724] ================================================================== [ 20.819111] ================================================================== [ 20.819186] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.819186] [ 20.819348] Out-of-bounds write at 0x00000000562bc866 (1B left of kfence-#81): [ 20.819410] test_out_of_bounds_write+0x100/0x240 [ 20.819605] kunit_try_run_case+0x170/0x3f0 [ 20.819651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.819694] kthread+0x328/0x630 [ 20.819732] ret_from_fork+0x10/0x20 [ 20.819770] [ 20.819794] kfence-#81: 0x00000000cd7ec6dc-0x000000004b537f98, size=32, cache=kmalloc-32 [ 20.819794] [ 20.819857] allocated by task 292 on cpu 1 at 20.818758s (0.001085s ago): [ 20.819938] test_alloc+0x29c/0x628 [ 20.819977] test_out_of_bounds_write+0xc8/0x240 [ 20.820285] kunit_try_run_case+0x170/0x3f0 [ 20.820404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.820449] kthread+0x328/0x630 [ 20.820485] ret_from_fork+0x10/0x20 [ 20.820523] [ 20.820572] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.820651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.820689] Hardware name: linux,dummy-virt (DT) [ 20.820723] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.993194] ================================================================== [ 19.993318] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.993318] [ 19.993450] Out-of-bounds read at 0x0000000030bc34c5 (1B left of kfence-#73): [ 19.993661] test_out_of_bounds_read+0x114/0x3e0 [ 19.993715] kunit_try_run_case+0x170/0x3f0 [ 19.993761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.993803] kthread+0x328/0x630 [ 19.998165] ret_from_fork+0x10/0x20 [ 19.999351] [ 20.000271] kfence-#73: 0x000000008b023349-0x00000000819b624b, size=32, cache=kmalloc-32 [ 20.000271] [ 20.001243] allocated by task 288 on cpu 1 at 19.988573s (0.012605s ago): [ 20.003609] test_alloc+0x29c/0x628 [ 20.004469] test_out_of_bounds_read+0xdc/0x3e0 [ 20.004907] kunit_try_run_case+0x170/0x3f0 [ 20.005221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.005619] kthread+0x328/0x630 [ 20.005854] ret_from_fork+0x10/0x20 [ 20.006397] [ 20.006794] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.007535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.008066] Hardware name: linux,dummy-virt (DT) [ 20.008366] ================================================================== [ 20.612619] ================================================================== [ 20.614284] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.614284] [ 20.614406] Out-of-bounds read at 0x0000000052ee559c (32B right of kfence-#79): [ 20.614463] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.614511] kunit_try_run_case+0x170/0x3f0 [ 20.615125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.615178] kthread+0x328/0x630 [ 20.615218] ret_from_fork+0x10/0x20 [ 20.615257] [ 20.616974] kfence-#79: 0x00000000db84363d-0x00000000bf0a1103, size=32, cache=test [ 20.616974] [ 20.617054] allocated by task 290 on cpu 1 at 20.612301s (0.004743s ago): [ 20.617126] test_alloc+0x230/0x628 [ 20.618349] test_out_of_bounds_read+0x198/0x3e0 [ 20.618986] kunit_try_run_case+0x170/0x3f0 [ 20.619035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.619131] kthread+0x328/0x630 [ 20.619177] ret_from_fork+0x10/0x20 [ 20.619218] [ 20.619262] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.619530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.619703] Hardware name: linux,dummy-virt (DT) [ 20.619754] ================================================================== [ 20.299404] ================================================================== [ 20.299494] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.299494] [ 20.299632] Out-of-bounds read at 0x000000005b067227 (32B right of kfence-#76): [ 20.299941] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.300166] kunit_try_run_case+0x170/0x3f0 [ 20.300259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.300342] kthread+0x328/0x630 [ 20.300655] ret_from_fork+0x10/0x20 [ 20.300765] [ 20.300848] kfence-#76: 0x00000000b9ebfc58-0x00000000d781162d, size=32, cache=kmalloc-32 [ 20.300848] [ 20.300925] allocated by task 288 on cpu 1 at 20.298585s (0.002322s ago): [ 20.301118] test_alloc+0x29c/0x628 [ 20.301176] test_out_of_bounds_read+0x198/0x3e0 [ 20.301264] kunit_try_run_case+0x170/0x3f0 [ 20.301305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.301348] kthread+0x328/0x630 [ 20.301575] ret_from_fork+0x10/0x20 [ 20.301634] [ 20.301767] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.301855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.301972] Hardware name: linux,dummy-virt (DT) [ 20.302010] ================================================================== [ 20.507241] ================================================================== [ 20.507376] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.507376] [ 20.507465] Out-of-bounds read at 0x00000000f775e953 (1B left of kfence-#78): [ 20.507533] test_out_of_bounds_read+0x114/0x3e0 [ 20.507686] kunit_try_run_case+0x170/0x3f0 [ 20.507731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.507773] kthread+0x328/0x630 [ 20.507835] ret_from_fork+0x10/0x20 [ 20.507874] [ 20.507897] kfence-#78: 0x00000000f3c6d5af-0x000000005c1daa82, size=32, cache=test [ 20.507897] [ 20.508053] allocated by task 290 on cpu 1 at 20.507031s (0.001017s ago): [ 20.508161] test_alloc+0x230/0x628 [ 20.508203] test_out_of_bounds_read+0xdc/0x3e0 [ 20.508245] kunit_try_run_case+0x170/0x3f0 [ 20.508283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.508327] kthread+0x328/0x630 [ 20.508363] ret_from_fork+0x10/0x20 [ 20.508403] [ 20.508446] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.508525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.508552] Hardware name: linux,dummy-virt (DT) [ 20.508587] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.847384] ================================================================== [ 19.847457] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.847516] Write of size 1 at addr fff00000c76c9378 by task kunit_try_catch/286 [ 19.847718] [ 19.847857] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.847970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.847999] Hardware name: linux,dummy-virt (DT) [ 19.848035] Call trace: [ 19.848299] show_stack+0x20/0x38 (C) [ 19.848418] dump_stack_lvl+0x8c/0xd0 [ 19.848469] print_report+0x118/0x608 [ 19.848696] kasan_report+0xdc/0x128 [ 19.848947] __asan_report_store1_noabort+0x20/0x30 [ 19.849148] strncpy_from_user+0x270/0x2a0 [ 19.849254] copy_user_test_oob+0x5c0/0xec8 [ 19.849363] kunit_try_run_case+0x170/0x3f0 [ 19.849490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.849562] kthread+0x328/0x630 [ 19.849631] ret_from_fork+0x10/0x20 [ 19.849705] [ 19.849856] Allocated by task 286: [ 19.850067] kasan_save_stack+0x3c/0x68 [ 19.850140] kasan_save_track+0x20/0x40 [ 19.850454] kasan_save_alloc_info+0x40/0x58 [ 19.850541] __kasan_kmalloc+0xd4/0xd8 [ 19.850603] __kmalloc_noprof+0x198/0x4c8 [ 19.850719] kunit_kmalloc_array+0x34/0x88 [ 19.850787] copy_user_test_oob+0xac/0xec8 [ 19.850924] kunit_try_run_case+0x170/0x3f0 [ 19.850977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.851053] kthread+0x328/0x630 [ 19.851169] ret_from_fork+0x10/0x20 [ 19.851212] [ 19.851234] The buggy address belongs to the object at fff00000c76c9300 [ 19.851234] which belongs to the cache kmalloc-128 of size 128 [ 19.851308] The buggy address is located 0 bytes to the right of [ 19.851308] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.851579] [ 19.851743] The buggy address belongs to the physical page: [ 19.851826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.852137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.852350] page_type: f5(slab) [ 19.852420] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.852492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.852725] page dumped because: kasan: bad access detected [ 19.852841] [ 19.852881] Memory state around the buggy address: [ 19.852929] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.853257] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853473] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.853566] ^ [ 19.853686] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853741] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853881] ================================================================== [ 19.841739] ================================================================== [ 19.841788] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.841851] Write of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.841907] [ 19.841950] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.842031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.842059] Hardware name: linux,dummy-virt (DT) [ 19.842090] Call trace: [ 19.842125] show_stack+0x20/0x38 (C) [ 19.842175] dump_stack_lvl+0x8c/0xd0 [ 19.842223] print_report+0x118/0x608 [ 19.842278] kasan_report+0xdc/0x128 [ 19.842326] kasan_check_range+0x100/0x1a8 [ 19.842374] __kasan_check_write+0x20/0x30 [ 19.842423] strncpy_from_user+0x3c/0x2a0 [ 19.842483] copy_user_test_oob+0x5c0/0xec8 [ 19.842532] kunit_try_run_case+0x170/0x3f0 [ 19.842587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.842642] kthread+0x328/0x630 [ 19.842686] ret_from_fork+0x10/0x20 [ 19.842734] [ 19.842754] Allocated by task 286: [ 19.842784] kasan_save_stack+0x3c/0x68 [ 19.842823] kasan_save_track+0x20/0x40 [ 19.842869] kasan_save_alloc_info+0x40/0x58 [ 19.842920] __kasan_kmalloc+0xd4/0xd8 [ 19.843450] __kmalloc_noprof+0x198/0x4c8 [ 19.843490] kunit_kmalloc_array+0x34/0x88 [ 19.843537] copy_user_test_oob+0xac/0xec8 [ 19.843577] kunit_try_run_case+0x170/0x3f0 [ 19.843615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.843660] kthread+0x328/0x630 [ 19.843693] ret_from_fork+0x10/0x20 [ 19.843731] [ 19.843752] The buggy address belongs to the object at fff00000c76c9300 [ 19.843752] which belongs to the cache kmalloc-128 of size 128 [ 19.843923] The buggy address is located 0 bytes inside of [ 19.843923] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.844033] [ 19.844124] The buggy address belongs to the physical page: [ 19.844206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.844395] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.844471] page_type: f5(slab) [ 19.844618] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.844797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.844886] page dumped because: kasan: bad access detected [ 19.845159] [ 19.845198] Memory state around the buggy address: [ 19.845329] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.845396] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.845462] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.845511] ^ [ 19.845773] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.845827] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.845963] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.816740] ================================================================== [ 19.816831] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.816895] Read of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.816957] [ 19.816989] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.817076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.817105] Hardware name: linux,dummy-virt (DT) [ 19.817136] Call trace: [ 19.817160] show_stack+0x20/0x38 (C) [ 19.817207] dump_stack_lvl+0x8c/0xd0 [ 19.817255] print_report+0x118/0x608 [ 19.817301] kasan_report+0xdc/0x128 [ 19.817348] kasan_check_range+0x100/0x1a8 [ 19.817402] __kasan_check_read+0x20/0x30 [ 19.817447] copy_user_test_oob+0x3c8/0xec8 [ 19.817495] kunit_try_run_case+0x170/0x3f0 [ 19.817543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.817597] kthread+0x328/0x630 [ 19.817638] ret_from_fork+0x10/0x20 [ 19.817685] [ 19.817706] Allocated by task 286: [ 19.817735] kasan_save_stack+0x3c/0x68 [ 19.817778] kasan_save_track+0x20/0x40 [ 19.817816] kasan_save_alloc_info+0x40/0x58 [ 19.817865] __kasan_kmalloc+0xd4/0xd8 [ 19.817904] __kmalloc_noprof+0x198/0x4c8 [ 19.817952] kunit_kmalloc_array+0x34/0x88 [ 19.817992] copy_user_test_oob+0xac/0xec8 [ 19.818030] kunit_try_run_case+0x170/0x3f0 [ 19.818069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.818115] kthread+0x328/0x630 [ 19.818148] ret_from_fork+0x10/0x20 [ 19.818186] [ 19.818206] The buggy address belongs to the object at fff00000c76c9300 [ 19.818206] which belongs to the cache kmalloc-128 of size 128 [ 19.820961] The buggy address is located 0 bytes inside of [ 19.820961] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.821032] [ 19.821058] The buggy address belongs to the physical page: [ 19.821091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.821145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.821191] page_type: f5(slab) [ 19.821230] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.821282] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.821325] page dumped because: kasan: bad access detected [ 19.821359] [ 19.821379] Memory state around the buggy address: [ 19.821420] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.821464] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821508] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.821548] ^ [ 19.821592] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821636] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821676] ================================================================== [ 19.835060] ================================================================== [ 19.835225] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.835280] Read of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.835361] [ 19.835574] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.835761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.835808] Hardware name: linux,dummy-virt (DT) [ 19.835839] Call trace: [ 19.835863] show_stack+0x20/0x38 (C) [ 19.836032] dump_stack_lvl+0x8c/0xd0 [ 19.836088] print_report+0x118/0x608 [ 19.836136] kasan_report+0xdc/0x128 [ 19.836182] kasan_check_range+0x100/0x1a8 [ 19.836232] __kasan_check_read+0x20/0x30 [ 19.836291] copy_user_test_oob+0x4a0/0xec8 [ 19.836342] kunit_try_run_case+0x170/0x3f0 [ 19.836410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.836464] kthread+0x328/0x630 [ 19.836505] ret_from_fork+0x10/0x20 [ 19.836556] [ 19.836819] Allocated by task 286: [ 19.836863] kasan_save_stack+0x3c/0x68 [ 19.836908] kasan_save_track+0x20/0x40 [ 19.836963] kasan_save_alloc_info+0x40/0x58 [ 19.837005] __kasan_kmalloc+0xd4/0xd8 [ 19.837042] __kmalloc_noprof+0x198/0x4c8 [ 19.838345] kunit_kmalloc_array+0x34/0x88 [ 19.838530] copy_user_test_oob+0xac/0xec8 [ 19.838731] kunit_try_run_case+0x170/0x3f0 [ 19.838933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.839064] kthread+0x328/0x630 [ 19.839122] ret_from_fork+0x10/0x20 [ 19.839204] [ 19.839319] The buggy address belongs to the object at fff00000c76c9300 [ 19.839319] which belongs to the cache kmalloc-128 of size 128 [ 19.839402] The buggy address is located 0 bytes inside of [ 19.839402] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.839550] [ 19.839622] The buggy address belongs to the physical page: [ 19.839690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.839774] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.839823] page_type: f5(slab) [ 19.839887] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.840245] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.840321] page dumped because: kasan: bad access detected [ 19.840483] [ 19.840643] Memory state around the buggy address: [ 19.840699] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.840874] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.840938] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.841026] ^ [ 19.841126] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.841289] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.841338] ================================================================== [ 19.795992] ================================================================== [ 19.796057] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.796112] Read of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.796167] [ 19.796201] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.796314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.796351] Hardware name: linux,dummy-virt (DT) [ 19.796399] Call trace: [ 19.796438] show_stack+0x20/0x38 (C) [ 19.796706] dump_stack_lvl+0x8c/0xd0 [ 19.797154] print_report+0x118/0x608 [ 19.797223] kasan_report+0xdc/0x128 [ 19.797346] kasan_check_range+0x100/0x1a8 [ 19.797399] __kasan_check_read+0x20/0x30 [ 19.797446] copy_user_test_oob+0x728/0xec8 [ 19.797525] kunit_try_run_case+0x170/0x3f0 [ 19.797604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.797676] kthread+0x328/0x630 [ 19.797718] ret_from_fork+0x10/0x20 [ 19.797952] [ 19.798022] Allocated by task 286: [ 19.798119] kasan_save_stack+0x3c/0x68 [ 19.798185] kasan_save_track+0x20/0x40 [ 19.798242] kasan_save_alloc_info+0x40/0x58 [ 19.798437] __kasan_kmalloc+0xd4/0xd8 [ 19.798553] __kmalloc_noprof+0x198/0x4c8 [ 19.798631] kunit_kmalloc_array+0x34/0x88 [ 19.798705] copy_user_test_oob+0xac/0xec8 [ 19.798777] kunit_try_run_case+0x170/0x3f0 [ 19.798819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.798864] kthread+0x328/0x630 [ 19.798919] ret_from_fork+0x10/0x20 [ 19.798961] [ 19.798985] The buggy address belongs to the object at fff00000c76c9300 [ 19.798985] which belongs to the cache kmalloc-128 of size 128 [ 19.799168] The buggy address is located 0 bytes inside of [ 19.799168] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.799302] [ 19.799341] The buggy address belongs to the physical page: [ 19.799459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.799533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.799620] page_type: f5(slab) [ 19.799799] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.799906] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.799986] page dumped because: kasan: bad access detected [ 19.800099] [ 19.800151] Memory state around the buggy address: [ 19.800223] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.800335] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.800423] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.800520] ^ [ 19.800565] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.800610] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.800879] ================================================================== [ 19.828288] ================================================================== [ 19.828665] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.828761] Write of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.828869] [ 19.828905] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.829101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.829150] Hardware name: linux,dummy-virt (DT) [ 19.829198] Call trace: [ 19.829276] show_stack+0x20/0x38 (C) [ 19.829349] dump_stack_lvl+0x8c/0xd0 [ 19.829404] print_report+0x118/0x608 [ 19.829650] kasan_report+0xdc/0x128 [ 19.829718] kasan_check_range+0x100/0x1a8 [ 19.829769] __kasan_check_write+0x20/0x30 [ 19.829814] copy_user_test_oob+0x434/0xec8 [ 19.829924] kunit_try_run_case+0x170/0x3f0 [ 19.829977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.830095] kthread+0x328/0x630 [ 19.830147] ret_from_fork+0x10/0x20 [ 19.830200] [ 19.830222] Allocated by task 286: [ 19.830530] kasan_save_stack+0x3c/0x68 [ 19.830620] kasan_save_track+0x20/0x40 [ 19.830730] kasan_save_alloc_info+0x40/0x58 [ 19.830807] __kasan_kmalloc+0xd4/0xd8 [ 19.831088] __kmalloc_noprof+0x198/0x4c8 [ 19.831186] kunit_kmalloc_array+0x34/0x88 [ 19.831314] copy_user_test_oob+0xac/0xec8 [ 19.831390] kunit_try_run_case+0x170/0x3f0 [ 19.831496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831545] kthread+0x328/0x630 [ 19.831579] ret_from_fork+0x10/0x20 [ 19.831850] [ 19.831903] The buggy address belongs to the object at fff00000c76c9300 [ 19.831903] which belongs to the cache kmalloc-128 of size 128 [ 19.832046] The buggy address is located 0 bytes inside of [ 19.832046] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.832140] [ 19.832375] The buggy address belongs to the physical page: [ 19.832439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.832496] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.832570] page_type: f5(slab) [ 19.832610] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.832675] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.832719] page dumped because: kasan: bad access detected [ 19.832753] [ 19.832775] Memory state around the buggy address: [ 19.832819] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.832864] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.833284] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.833506] ^ [ 19.833557] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.833767] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.833884] ================================================================== [ 19.784188] ================================================================== [ 19.784300] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.784391] Write of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.784447] [ 19.784490] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.784578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.784608] Hardware name: linux,dummy-virt (DT) [ 19.784642] Call trace: [ 19.784668] show_stack+0x20/0x38 (C) [ 19.784720] dump_stack_lvl+0x8c/0xd0 [ 19.784784] print_report+0x118/0x608 [ 19.784832] kasan_report+0xdc/0x128 [ 19.784879] kasan_check_range+0x100/0x1a8 [ 19.784941] __kasan_check_write+0x20/0x30 [ 19.785287] copy_user_test_oob+0x234/0xec8 [ 19.785377] kunit_try_run_case+0x170/0x3f0 [ 19.785448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.785502] kthread+0x328/0x630 [ 19.785559] ret_from_fork+0x10/0x20 [ 19.785762] [ 19.785828] Allocated by task 286: [ 19.785865] kasan_save_stack+0x3c/0x68 [ 19.785929] kasan_save_track+0x20/0x40 [ 19.786264] kasan_save_alloc_info+0x40/0x58 [ 19.786494] __kasan_kmalloc+0xd4/0xd8 [ 19.786621] __kmalloc_noprof+0x198/0x4c8 [ 19.786694] kunit_kmalloc_array+0x34/0x88 [ 19.786741] copy_user_test_oob+0xac/0xec8 [ 19.786789] kunit_try_run_case+0x170/0x3f0 [ 19.787086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.787182] kthread+0x328/0x630 [ 19.787243] ret_from_fork+0x10/0x20 [ 19.787322] [ 19.787387] The buggy address belongs to the object at fff00000c76c9300 [ 19.787387] which belongs to the cache kmalloc-128 of size 128 [ 19.787463] The buggy address is located 0 bytes inside of [ 19.787463] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.787756] [ 19.787802] The buggy address belongs to the physical page: [ 19.787907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.788005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.788278] page_type: f5(slab) [ 19.788356] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.788475] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.788519] page dumped because: kasan: bad access detected [ 19.788673] [ 19.788826] Memory state around the buggy address: [ 19.788893] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.789010] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789089] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.789419] ^ [ 19.789482] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789646] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789837] ================================================================== [ 19.808780] ================================================================== [ 19.808966] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.809042] Write of size 121 at addr fff00000c76c9300 by task kunit_try_catch/286 [ 19.809156] [ 19.809193] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.809413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.809468] Hardware name: linux,dummy-virt (DT) [ 19.809540] Call trace: [ 19.809568] show_stack+0x20/0x38 (C) [ 19.809875] dump_stack_lvl+0x8c/0xd0 [ 19.809947] print_report+0x118/0x608 [ 19.810135] kasan_report+0xdc/0x128 [ 19.810220] kasan_check_range+0x100/0x1a8 [ 19.810335] __kasan_check_write+0x20/0x30 [ 19.810384] copy_user_test_oob+0x35c/0xec8 [ 19.810432] kunit_try_run_case+0x170/0x3f0 [ 19.810623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.810770] kthread+0x328/0x630 [ 19.810845] ret_from_fork+0x10/0x20 [ 19.810985] [ 19.811032] Allocated by task 286: [ 19.811088] kasan_save_stack+0x3c/0x68 [ 19.811368] kasan_save_track+0x20/0x40 [ 19.811547] kasan_save_alloc_info+0x40/0x58 [ 19.811694] __kasan_kmalloc+0xd4/0xd8 [ 19.811762] __kmalloc_noprof+0x198/0x4c8 [ 19.811940] kunit_kmalloc_array+0x34/0x88 [ 19.812017] copy_user_test_oob+0xac/0xec8 [ 19.812274] kunit_try_run_case+0x170/0x3f0 [ 19.812332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.812412] kthread+0x328/0x630 [ 19.812503] ret_from_fork+0x10/0x20 [ 19.812603] [ 19.812842] The buggy address belongs to the object at fff00000c76c9300 [ 19.812842] which belongs to the cache kmalloc-128 of size 128 [ 19.813020] The buggy address is located 0 bytes inside of [ 19.813020] allocated 120-byte region [fff00000c76c9300, fff00000c76c9378) [ 19.813126] [ 19.813281] The buggy address belongs to the physical page: [ 19.813401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.813504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.813635] page_type: f5(slab) [ 19.813703] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.813812] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.813889] page dumped because: kasan: bad access detected [ 19.813967] [ 19.814005] Memory state around the buggy address: [ 19.814101] fff00000c76c9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.814147] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814192] >fff00000c76c9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.814238] ^ [ 19.814281] fff00000c76c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814564] fff00000c76c9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.814688] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.753649] ================================================================== [ 19.753945] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.754143] Write of size 8 at addr fff00000c76c9278 by task kunit_try_catch/282 [ 19.754210] [ 19.754318] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.754434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.754519] Hardware name: linux,dummy-virt (DT) [ 19.754568] Call trace: [ 19.754594] show_stack+0x20/0x38 (C) [ 19.754661] dump_stack_lvl+0x8c/0xd0 [ 19.754713] print_report+0x118/0x608 [ 19.754760] kasan_report+0xdc/0x128 [ 19.754806] kasan_check_range+0x100/0x1a8 [ 19.754856] __kasan_check_write+0x20/0x30 [ 19.754901] copy_to_kernel_nofault+0x8c/0x250 [ 19.754974] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.755027] kunit_try_run_case+0x170/0x3f0 [ 19.755085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.755153] kthread+0x328/0x630 [ 19.755198] ret_from_fork+0x10/0x20 [ 19.755465] [ 19.755490] Allocated by task 282: [ 19.755709] kasan_save_stack+0x3c/0x68 [ 19.756054] kasan_save_track+0x20/0x40 [ 19.756178] kasan_save_alloc_info+0x40/0x58 [ 19.756260] __kasan_kmalloc+0xd4/0xd8 [ 19.756404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.756542] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.756611] kunit_try_run_case+0x170/0x3f0 [ 19.756659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756819] kthread+0x328/0x630 [ 19.756972] ret_from_fork+0x10/0x20 [ 19.757184] [ 19.757246] The buggy address belongs to the object at fff00000c76c9200 [ 19.757246] which belongs to the cache kmalloc-128 of size 128 [ 19.757447] The buggy address is located 0 bytes to the right of [ 19.757447] allocated 120-byte region [fff00000c76c9200, fff00000c76c9278) [ 19.757674] [ 19.757714] The buggy address belongs to the physical page: [ 19.757771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.757882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.757971] page_type: f5(slab) [ 19.758159] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.758387] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.758470] page dumped because: kasan: bad access detected [ 19.758582] [ 19.758650] Memory state around the buggy address: [ 19.758696] fff00000c76c9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.758943] fff00000c76c9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.759092] >fff00000c76c9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.759161] ^ [ 19.759296] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.759393] fff00000c76c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.759450] ================================================================== [ 19.747082] ================================================================== [ 19.747155] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.747296] Read of size 8 at addr fff00000c76c9278 by task kunit_try_catch/282 [ 19.747360] [ 19.747406] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.747499] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.747734] Hardware name: linux,dummy-virt (DT) [ 19.747790] Call trace: [ 19.747824] show_stack+0x20/0x38 (C) [ 19.748085] dump_stack_lvl+0x8c/0xd0 [ 19.748214] print_report+0x118/0x608 [ 19.748286] kasan_report+0xdc/0x128 [ 19.748365] __asan_report_load8_noabort+0x20/0x30 [ 19.748428] copy_to_kernel_nofault+0x204/0x250 [ 19.748707] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.748771] kunit_try_run_case+0x170/0x3f0 [ 19.748871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.748945] kthread+0x328/0x630 [ 19.748988] ret_from_fork+0x10/0x20 [ 19.749083] [ 19.749103] Allocated by task 282: [ 19.749324] kasan_save_stack+0x3c/0x68 [ 19.749394] kasan_save_track+0x20/0x40 [ 19.749501] kasan_save_alloc_info+0x40/0x58 [ 19.749547] __kasan_kmalloc+0xd4/0xd8 [ 19.749613] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.749834] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.749907] kunit_try_run_case+0x170/0x3f0 [ 19.749961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.750007] kthread+0x328/0x630 [ 19.750097] ret_from_fork+0x10/0x20 [ 19.750175] [ 19.750317] The buggy address belongs to the object at fff00000c76c9200 [ 19.750317] which belongs to the cache kmalloc-128 of size 128 [ 19.750391] The buggy address is located 0 bytes to the right of [ 19.750391] allocated 120-byte region [fff00000c76c9200, fff00000c76c9278) [ 19.750606] [ 19.750656] The buggy address belongs to the physical page: [ 19.750782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c9 [ 19.750857] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.751002] page_type: f5(slab) [ 19.751065] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.751651] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.751729] page dumped because: kasan: bad access detected [ 19.751879] [ 19.751963] Memory state around the buggy address: [ 19.752042] fff00000c76c9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.752105] fff00000c76c9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.752414] >fff00000c76c9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.752521] ^ [ 19.752576] fff00000c76c9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.752640] fff00000c76c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.752716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.705478] ================================================================== [ 19.705541] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.705592] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 19.705847] [ 19.706114] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.706305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.706372] Hardware name: linux,dummy-virt (DT) [ 19.706634] Call trace: [ 19.706690] show_stack+0x20/0x38 (C) [ 19.706862] dump_stack_lvl+0x8c/0xd0 [ 19.706947] print_report+0x310/0x608 [ 19.707108] kasan_report+0xdc/0x128 [ 19.707157] __asan_report_load1_noabort+0x20/0x30 [ 19.707380] vmalloc_oob+0x51c/0x5d0 [ 19.708062] kunit_try_run_case+0x170/0x3f0 [ 19.708225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.708332] kthread+0x328/0x630 [ 19.708467] ret_from_fork+0x10/0x20 [ 19.708543] [ 19.708713] The buggy address belongs to the virtual mapping at [ 19.708713] [ffff8000800fe000, ffff800080100000) created by: [ 19.708713] vmalloc_oob+0x98/0x5d0 [ 19.708879] [ 19.708929] The buggy address belongs to the physical page: [ 19.708997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 19.709105] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.709177] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.709401] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.709487] page dumped because: kasan: bad access detected [ 19.709619] [ 19.709658] Memory state around the buggy address: [ 19.709728] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.709843] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.709888] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.710154] ^ [ 19.710209] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.710325] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.710393] ================================================================== [ 19.699980] ================================================================== [ 19.700052] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.700459] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 19.700528] [ 19.700564] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.700826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.700854] Hardware name: linux,dummy-virt (DT) [ 19.701005] Call trace: [ 19.701032] show_stack+0x20/0x38 (C) [ 19.701199] dump_stack_lvl+0x8c/0xd0 [ 19.701272] print_report+0x310/0x608 [ 19.701327] kasan_report+0xdc/0x128 [ 19.701381] __asan_report_load1_noabort+0x20/0x30 [ 19.701433] vmalloc_oob+0x578/0x5d0 [ 19.701625] kunit_try_run_case+0x170/0x3f0 [ 19.701712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701804] kthread+0x328/0x630 [ 19.701855] ret_from_fork+0x10/0x20 [ 19.701903] [ 19.701943] The buggy address belongs to the virtual mapping at [ 19.701943] [ffff8000800fe000, ffff800080100000) created by: [ 19.701943] vmalloc_oob+0x98/0x5d0 [ 19.702077] [ 19.702145] The buggy address belongs to the physical page: [ 19.702433] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 19.702751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.702961] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.703272] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.703373] page dumped because: kasan: bad access detected [ 19.703411] [ 19.703431] Memory state around the buggy address: [ 19.703678] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.703772] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.703848] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.703938] ^ [ 19.704173] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.704235] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.704283] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.440256] ================================================================== [ 19.440413] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.440486] Read of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.440539] [ 19.440599] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.440764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.440801] Hardware name: linux,dummy-virt (DT) [ 19.441123] Call trace: [ 19.441178] show_stack+0x20/0x38 (C) [ 19.441257] dump_stack_lvl+0x8c/0xd0 [ 19.441458] print_report+0x118/0x608 [ 19.441622] kasan_report+0xdc/0x128 [ 19.441702] __asan_report_load4_noabort+0x20/0x30 [ 19.441857] kasan_atomics_helper+0x3e04/0x4858 [ 19.441929] kasan_atomics+0x198/0x2e0 [ 19.441975] kunit_try_run_case+0x170/0x3f0 [ 19.442086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.442170] kthread+0x328/0x630 [ 19.442534] ret_from_fork+0x10/0x20 [ 19.443083] [ 19.443136] Allocated by task 266: [ 19.443199] kasan_save_stack+0x3c/0x68 [ 19.443415] kasan_save_track+0x20/0x40 [ 19.443470] kasan_save_alloc_info+0x40/0x58 [ 19.443813] __kasan_kmalloc+0xd4/0xd8 [ 19.443948] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.444275] kasan_atomics+0xb8/0x2e0 [ 19.444412] kunit_try_run_case+0x170/0x3f0 [ 19.444458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.444847] kthread+0x328/0x630 [ 19.444952] ret_from_fork+0x10/0x20 [ 19.445215] [ 19.445246] The buggy address belongs to the object at fff00000c76cc400 [ 19.445246] which belongs to the cache kmalloc-64 of size 64 [ 19.445580] The buggy address is located 0 bytes to the right of [ 19.445580] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.445684] [ 19.445821] The buggy address belongs to the physical page: [ 19.445887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.445961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.446013] page_type: f5(slab) [ 19.446061] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.446111] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.446154] page dumped because: kasan: bad access detected [ 19.446193] [ 19.446222] Memory state around the buggy address: [ 19.446265] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.446310] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.446354] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.446394] ^ [ 19.446435] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.446479] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.446520] ================================================================== [ 19.591721] ================================================================== [ 19.591776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.591827] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.591966] [ 19.592013] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.592158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.592204] Hardware name: linux,dummy-virt (DT) [ 19.592239] Call trace: [ 19.592267] show_stack+0x20/0x38 (C) [ 19.592364] dump_stack_lvl+0x8c/0xd0 [ 19.592413] print_report+0x118/0x608 [ 19.592622] kasan_report+0xdc/0x128 [ 19.592729] kasan_check_range+0x100/0x1a8 [ 19.592820] __kasan_check_write+0x20/0x30 [ 19.592882] kasan_atomics_helper+0x147c/0x4858 [ 19.593107] kasan_atomics+0x198/0x2e0 [ 19.593503] kunit_try_run_case+0x170/0x3f0 [ 19.593586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.593649] kthread+0x328/0x630 [ 19.593692] ret_from_fork+0x10/0x20 [ 19.593788] [ 19.593828] Allocated by task 266: [ 19.593862] kasan_save_stack+0x3c/0x68 [ 19.593984] kasan_save_track+0x20/0x40 [ 19.594050] kasan_save_alloc_info+0x40/0x58 [ 19.594101] __kasan_kmalloc+0xd4/0xd8 [ 19.594263] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.594314] kasan_atomics+0xb8/0x2e0 [ 19.594352] kunit_try_run_case+0x170/0x3f0 [ 19.594421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594523] kthread+0x328/0x630 [ 19.594694] ret_from_fork+0x10/0x20 [ 19.594768] [ 19.594935] The buggy address belongs to the object at fff00000c76cc400 [ 19.594935] which belongs to the cache kmalloc-64 of size 64 [ 19.595265] The buggy address is located 0 bytes to the right of [ 19.595265] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.595417] [ 19.595481] The buggy address belongs to the physical page: [ 19.595547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.595812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.595987] page_type: f5(slab) [ 19.596053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.596108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.596151] page dumped because: kasan: bad access detected [ 19.596305] [ 19.596328] Memory state around the buggy address: [ 19.596409] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.596475] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.596682] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.596730] ^ [ 19.596793] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.596873] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.596994] ================================================================== [ 19.361380] ================================================================== [ 19.361435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.361487] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.361540] [ 19.361692] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.362485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.362533] Hardware name: linux,dummy-virt (DT) [ 19.362573] Call trace: [ 19.362597] show_stack+0x20/0x38 (C) [ 19.362979] dump_stack_lvl+0x8c/0xd0 [ 19.364158] kunit_try_run_case+0x170/0x3f0 [ 19.365499] kasan_save_alloc_info+0x40/0x58 [ 19.365610] __kasan_kmalloc+0xd4/0xd8 [ 19.365692] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.365770] kasan_atomics+0xb8/0x2e0 [ 19.366225] kunit_try_run_case+0x170/0x3f0 [ 19.366281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.366352] kthread+0x328/0x630 [ 19.366751] ret_from_fork+0x10/0x20 [ 19.366933] [ 19.366982] The buggy address belongs to the object at fff00000c76cc400 [ 19.366982] which belongs to the cache kmalloc-64 of size 64 [ 19.368240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.369501] ================================================================== [ 19.579299] ================================================================== [ 19.579351] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.579436] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.579515] [ 19.579556] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.579650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.579691] Hardware name: linux,dummy-virt (DT) [ 19.579725] Call trace: [ 19.579757] show_stack+0x20/0x38 (C) [ 19.579817] dump_stack_lvl+0x8c/0xd0 [ 19.579932] print_report+0x118/0x608 [ 19.579990] kasan_report+0xdc/0x128 [ 19.580244] __asan_report_load8_noabort+0x20/0x30 [ 19.580394] kasan_atomics_helper+0x3f04/0x4858 [ 19.580466] kasan_atomics+0x198/0x2e0 [ 19.580635] kunit_try_run_case+0x170/0x3f0 [ 19.580716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.580831] kthread+0x328/0x630 [ 19.580878] ret_from_fork+0x10/0x20 [ 19.581058] [ 19.581124] Allocated by task 266: [ 19.581198] kasan_save_stack+0x3c/0x68 [ 19.581310] kasan_save_track+0x20/0x40 [ 19.581354] kasan_save_alloc_info+0x40/0x58 [ 19.581396] __kasan_kmalloc+0xd4/0xd8 [ 19.581434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.581617] kasan_atomics+0xb8/0x2e0 [ 19.581727] kunit_try_run_case+0x170/0x3f0 [ 19.581848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.581892] kthread+0x328/0x630 [ 19.581999] ret_from_fork+0x10/0x20 [ 19.582102] [ 19.582164] The buggy address belongs to the object at fff00000c76cc400 [ 19.582164] which belongs to the cache kmalloc-64 of size 64 [ 19.582321] The buggy address is located 0 bytes to the right of [ 19.582321] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.582397] [ 19.582531] The buggy address belongs to the physical page: [ 19.582569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.582625] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.582674] page_type: f5(slab) [ 19.582788] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.582871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.583371] page dumped because: kasan: bad access detected [ 19.583443] [ 19.583478] Memory state around the buggy address: [ 19.583669] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.583776] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.583843] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.583884] ^ [ 19.584198] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.584312] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.584411] ================================================================== [ 19.584994] ================================================================== [ 19.585074] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.585125] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.585227] [ 19.585261] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.585349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.585378] Hardware name: linux,dummy-virt (DT) [ 19.585616] Call trace: [ 19.585654] show_stack+0x20/0x38 (C) [ 19.585783] dump_stack_lvl+0x8c/0xd0 [ 19.585847] print_report+0x118/0x608 [ 19.585902] kasan_report+0xdc/0x128 [ 19.586009] kasan_check_range+0x100/0x1a8 [ 19.586088] __kasan_check_write+0x20/0x30 [ 19.586136] kasan_atomics_helper+0x1414/0x4858 [ 19.586451] kasan_atomics+0x198/0x2e0 [ 19.586570] kunit_try_run_case+0x170/0x3f0 [ 19.586636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.586749] kthread+0x328/0x630 [ 19.586818] ret_from_fork+0x10/0x20 [ 19.586997] [ 19.587134] Allocated by task 266: [ 19.587183] kasan_save_stack+0x3c/0x68 [ 19.587330] kasan_save_track+0x20/0x40 [ 19.587387] kasan_save_alloc_info+0x40/0x58 [ 19.587431] __kasan_kmalloc+0xd4/0xd8 [ 19.587618] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.587766] kasan_atomics+0xb8/0x2e0 [ 19.587822] kunit_try_run_case+0x170/0x3f0 [ 19.587992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.588058] kthread+0x328/0x630 [ 19.588317] ret_from_fork+0x10/0x20 [ 19.588394] [ 19.588502] The buggy address belongs to the object at fff00000c76cc400 [ 19.588502] which belongs to the cache kmalloc-64 of size 64 [ 19.588585] The buggy address is located 0 bytes to the right of [ 19.588585] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.588714] [ 19.588775] The buggy address belongs to the physical page: [ 19.588866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.588933] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.588981] page_type: f5(slab) [ 19.589173] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.589314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.589381] page dumped because: kasan: bad access detected [ 19.589725] [ 19.589803] Memory state around the buggy address: [ 19.589882] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.590039] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.590086] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.590127] ^ [ 19.590317] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590589] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.590695] ================================================================== [ 19.637313] ================================================================== [ 19.637479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.637552] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.637606] [ 19.637645] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.637726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638030] Hardware name: linux,dummy-virt (DT) [ 19.638828] Call trace: [ 19.638877] show_stack+0x20/0x38 (C) [ 19.638958] dump_stack_lvl+0x8c/0xd0 [ 19.639009] print_report+0x118/0x608 [ 19.639056] kasan_report+0xdc/0x128 [ 19.639105] __asan_report_load8_noabort+0x20/0x30 [ 19.639156] kasan_atomics_helper+0x3df4/0x4858 [ 19.639206] kasan_atomics+0x198/0x2e0 [ 19.639254] kunit_try_run_case+0x170/0x3f0 [ 19.639302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.640004] kthread+0x328/0x630 [ 19.640076] ret_from_fork+0x10/0x20 [ 19.640191] [ 19.640262] Allocated by task 266: [ 19.640330] kasan_save_stack+0x3c/0x68 [ 19.640451] kasan_save_track+0x20/0x40 [ 19.640535] kasan_save_alloc_info+0x40/0x58 [ 19.640585] __kasan_kmalloc+0xd4/0xd8 [ 19.640789] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.641094] kasan_atomics+0xb8/0x2e0 [ 19.641247] kunit_try_run_case+0x170/0x3f0 [ 19.641380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.641480] kthread+0x328/0x630 [ 19.641810] ret_from_fork+0x10/0x20 [ 19.641865] [ 19.642042] The buggy address belongs to the object at fff00000c76cc400 [ 19.642042] which belongs to the cache kmalloc-64 of size 64 [ 19.642156] The buggy address is located 0 bytes to the right of [ 19.642156] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.642582] [ 19.642647] The buggy address belongs to the physical page: [ 19.642791] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.642852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.642904] page_type: f5(slab) [ 19.642953] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.643327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.643712] page dumped because: kasan: bad access detected [ 19.643932] [ 19.644089] Memory state around the buggy address: [ 19.644220] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.644284] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.644356] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.644688] ^ [ 19.644744] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.644923] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.645158] ================================================================== [ 19.447067] ================================================================== [ 19.447136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.447190] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.447245] [ 19.447316] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.447399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.447427] Hardware name: linux,dummy-virt (DT) [ 19.447471] Call trace: [ 19.447503] show_stack+0x20/0x38 (C) [ 19.447553] dump_stack_lvl+0x8c/0xd0 [ 19.447599] print_report+0x118/0x608 [ 19.447646] kasan_report+0xdc/0x128 [ 19.447700] kasan_check_range+0x100/0x1a8 [ 19.447749] __kasan_check_read+0x20/0x30 [ 19.447801] kasan_atomics_helper+0xdd4/0x4858 [ 19.447861] kasan_atomics+0x198/0x2e0 [ 19.447905] kunit_try_run_case+0x170/0x3f0 [ 19.447964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.448543] kthread+0x328/0x630 [ 19.449052] ret_from_fork+0x10/0x20 [ 19.449143] [ 19.449183] Allocated by task 266: [ 19.449218] kasan_save_stack+0x3c/0x68 [ 19.449273] kasan_save_track+0x20/0x40 [ 19.449317] kasan_save_alloc_info+0x40/0x58 [ 19.449377] __kasan_kmalloc+0xd4/0xd8 [ 19.449427] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.449477] kasan_atomics+0xb8/0x2e0 [ 19.449752] kunit_try_run_case+0x170/0x3f0 [ 19.449832] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.449931] kthread+0x328/0x630 [ 19.449983] ret_from_fork+0x10/0x20 [ 19.450290] [ 19.450627] The buggy address belongs to the object at fff00000c76cc400 [ 19.450627] which belongs to the cache kmalloc-64 of size 64 [ 19.450796] The buggy address is located 0 bytes to the right of [ 19.450796] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.450887] [ 19.451187] The buggy address belongs to the physical page: [ 19.451247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.451623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.451744] page_type: f5(slab) [ 19.451835] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.451894] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.452229] page dumped because: kasan: bad access detected [ 19.452338] [ 19.452577] Memory state around the buggy address: [ 19.452888] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.452974] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.453329] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.453426] ^ [ 19.453515] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.453643] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.453712] ================================================================== [ 19.571251] ================================================================== [ 19.571311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.571411] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.571476] [ 19.571525] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.571668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.571716] Hardware name: linux,dummy-virt (DT) [ 19.571764] Call trace: [ 19.571790] show_stack+0x20/0x38 (C) [ 19.571897] dump_stack_lvl+0x8c/0xd0 [ 19.571974] print_report+0x118/0x608 [ 19.572021] kasan_report+0xdc/0x128 [ 19.572068] kasan_check_range+0x100/0x1a8 [ 19.572115] __kasan_check_write+0x20/0x30 [ 19.572160] kasan_atomics_helper+0x12d8/0x4858 [ 19.572209] kasan_atomics+0x198/0x2e0 [ 19.572281] kunit_try_run_case+0x170/0x3f0 [ 19.572340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.572394] kthread+0x328/0x630 [ 19.572441] ret_from_fork+0x10/0x20 [ 19.572491] [ 19.572519] Allocated by task 266: [ 19.572549] kasan_save_stack+0x3c/0x68 [ 19.572600] kasan_save_track+0x20/0x40 [ 19.572639] kasan_save_alloc_info+0x40/0x58 [ 19.572682] __kasan_kmalloc+0xd4/0xd8 [ 19.572719] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.572760] kasan_atomics+0xb8/0x2e0 [ 19.572797] kunit_try_run_case+0x170/0x3f0 [ 19.572837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.572881] kthread+0x328/0x630 [ 19.573311] ret_from_fork+0x10/0x20 [ 19.573618] [ 19.573674] The buggy address belongs to the object at fff00000c76cc400 [ 19.573674] which belongs to the cache kmalloc-64 of size 64 [ 19.573881] The buggy address is located 0 bytes to the right of [ 19.573881] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.573964] [ 19.574033] The buggy address belongs to the physical page: [ 19.574086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.574155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.574212] page_type: f5(slab) [ 19.574257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.574311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.574530] page dumped because: kasan: bad access detected [ 19.574591] [ 19.574731] Memory state around the buggy address: [ 19.574897] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.575059] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.575128] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.575237] ^ [ 19.575301] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.575374] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.575417] ================================================================== [ 19.575702] ================================================================== [ 19.575752] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.575801] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.575852] [ 19.575882] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.575985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.576014] Hardware name: linux,dummy-virt (DT) [ 19.576045] Call trace: [ 19.576070] show_stack+0x20/0x38 (C) [ 19.576135] dump_stack_lvl+0x8c/0xd0 [ 19.576185] print_report+0x118/0x608 [ 19.576230] kasan_report+0xdc/0x128 [ 19.576276] kasan_check_range+0x100/0x1a8 [ 19.576324] __kasan_check_write+0x20/0x30 [ 19.576378] kasan_atomics_helper+0x1384/0x4858 [ 19.576428] kasan_atomics+0x198/0x2e0 [ 19.576478] kunit_try_run_case+0x170/0x3f0 [ 19.576526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.576587] kthread+0x328/0x630 [ 19.576634] ret_from_fork+0x10/0x20 [ 19.576683] [ 19.576703] Allocated by task 266: [ 19.576731] kasan_save_stack+0x3c/0x68 [ 19.576773] kasan_save_track+0x20/0x40 [ 19.576819] kasan_save_alloc_info+0x40/0x58 [ 19.576862] __kasan_kmalloc+0xd4/0xd8 [ 19.576899] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.576949] kasan_atomics+0xb8/0x2e0 [ 19.576988] kunit_try_run_case+0x170/0x3f0 [ 19.577027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577083] kthread+0x328/0x630 [ 19.577126] ret_from_fork+0x10/0x20 [ 19.577172] [ 19.577193] The buggy address belongs to the object at fff00000c76cc400 [ 19.577193] which belongs to the cache kmalloc-64 of size 64 [ 19.577253] The buggy address is located 0 bytes to the right of [ 19.577253] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.577327] [ 19.577350] The buggy address belongs to the physical page: [ 19.577382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.577433] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.577488] page_type: f5(slab) [ 19.577527] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.577580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.577631] page dumped because: kasan: bad access detected [ 19.577674] [ 19.577695] Memory state around the buggy address: [ 19.577729] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.577774] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.577827] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.577869] ^ [ 19.577901] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.578090] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.578131] ================================================================== [ 19.679479] ================================================================== [ 19.679547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.679610] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.679671] [ 19.679714] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.679797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.679824] Hardware name: linux,dummy-virt (DT) [ 19.679857] Call trace: [ 19.679879] show_stack+0x20/0x38 (C) [ 19.679940] dump_stack_lvl+0x8c/0xd0 [ 19.679990] print_report+0x118/0x608 [ 19.680037] kasan_report+0xdc/0x128 [ 19.680083] kasan_check_range+0x100/0x1a8 [ 19.680132] __kasan_check_write+0x20/0x30 [ 19.680176] kasan_atomics_helper+0x17ec/0x4858 [ 19.680237] kasan_atomics+0x198/0x2e0 [ 19.680283] kunit_try_run_case+0x170/0x3f0 [ 19.680329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.680391] kthread+0x328/0x630 [ 19.680443] ret_from_fork+0x10/0x20 [ 19.680503] [ 19.680523] Allocated by task 266: [ 19.680559] kasan_save_stack+0x3c/0x68 [ 19.680600] kasan_save_track+0x20/0x40 [ 19.680640] kasan_save_alloc_info+0x40/0x58 [ 19.680688] __kasan_kmalloc+0xd4/0xd8 [ 19.680727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.680768] kasan_atomics+0xb8/0x2e0 [ 19.680812] kunit_try_run_case+0x170/0x3f0 [ 19.680853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.680896] kthread+0x328/0x630 [ 19.681500] ret_from_fork+0x10/0x20 [ 19.681553] [ 19.681992] The buggy address belongs to the object at fff00000c76cc400 [ 19.681992] which belongs to the cache kmalloc-64 of size 64 [ 19.682338] The buggy address is located 0 bytes to the right of [ 19.682338] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.682793] [ 19.682843] The buggy address belongs to the physical page: [ 19.682934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.682990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.683040] page_type: f5(slab) [ 19.683228] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.683507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.683583] page dumped because: kasan: bad access detected [ 19.683765] [ 19.683960] Memory state around the buggy address: [ 19.684027] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.684199] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.684428] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.685387] ^ [ 19.685873] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.685953] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686115] ================================================================== [ 19.488338] ================================================================== [ 19.488400] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.488808] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.488969] [ 19.489053] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.489218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.489267] Hardware name: linux,dummy-virt (DT) [ 19.489305] Call trace: [ 19.489339] show_stack+0x20/0x38 (C) [ 19.489397] dump_stack_lvl+0x8c/0xd0 [ 19.489597] print_report+0x118/0x608 [ 19.489658] kasan_report+0xdc/0x128 [ 19.489719] kasan_check_range+0x100/0x1a8 [ 19.490111] __kasan_check_write+0x20/0x30 [ 19.490228] kasan_atomics_helper+0xf20/0x4858 [ 19.490300] kasan_atomics+0x198/0x2e0 [ 19.490474] kunit_try_run_case+0x170/0x3f0 [ 19.490558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.490761] kthread+0x328/0x630 [ 19.490939] ret_from_fork+0x10/0x20 [ 19.491037] [ 19.491134] Allocated by task 266: [ 19.491447] kasan_save_stack+0x3c/0x68 [ 19.491598] kasan_save_track+0x20/0x40 [ 19.491687] kasan_save_alloc_info+0x40/0x58 [ 19.491766] __kasan_kmalloc+0xd4/0xd8 [ 19.491947] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.492023] kasan_atomics+0xb8/0x2e0 [ 19.492305] kunit_try_run_case+0x170/0x3f0 [ 19.492445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.492743] kthread+0x328/0x630 [ 19.492876] ret_from_fork+0x10/0x20 [ 19.492946] [ 19.492970] The buggy address belongs to the object at fff00000c76cc400 [ 19.492970] which belongs to the cache kmalloc-64 of size 64 [ 19.493055] The buggy address is located 0 bytes to the right of [ 19.493055] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.493131] [ 19.493162] The buggy address belongs to the physical page: [ 19.493200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.493257] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.493313] page_type: f5(slab) [ 19.493353] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.493407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.493449] page dumped because: kasan: bad access detected [ 19.493493] [ 19.493527] Memory state around the buggy address: [ 19.493563] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.493609] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.493662] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.493700] ^ [ 19.493735] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.493788] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.493829] ================================================================== [ 19.327077] ================================================================== [ 19.327342] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.327493] [ 19.328238] print_report+0x118/0x608 [ 19.332278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.332564] kasan_atomics+0xb8/0x2e0 [ 19.332643] kunit_try_run_case+0x170/0x3f0 [ 19.333161] ret_from_fork+0x10/0x20 [ 19.333892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.334502] page dumped because: kasan: bad access detected [ 19.337442] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.337767] dump_stack_lvl+0x8c/0xd0 [ 19.337815] print_report+0x118/0x608 [ 19.337862] kasan_report+0xdc/0x128 [ 19.337923] kasan_check_range+0x100/0x1a8 [ 19.337971] __kasan_check_write+0x20/0x30 [ 19.338521] kasan_atomics_helper+0x934/0x4858 [ 19.338585] kasan_atomics+0x198/0x2e0 [ 19.338661] kunit_try_run_case+0x170/0x3f0 [ 19.338757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.339005] kthread+0x328/0x630 [ 19.339177] ret_from_fork+0x10/0x20 [ 19.339496] [ 19.339549] Allocated by task 266: [ 19.339661] kasan_save_stack+0x3c/0x68 [ 19.339757] kasan_save_track+0x20/0x40 [ 19.339887] kasan_save_alloc_info+0x40/0x58 [ 19.340017] __kasan_kmalloc+0xd4/0xd8 [ 19.340354] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.340432] kasan_atomics+0xb8/0x2e0 [ 19.340611] kunit_try_run_case+0x170/0x3f0 [ 19.340776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.340824] kthread+0x328/0x630 [ 19.341093] ret_from_fork+0x10/0x20 [ 19.341243] [ 19.341287] The buggy address belongs to the object at fff00000c76cc400 [ 19.341287] which belongs to the cache kmalloc-64 of size 64 [ 19.341653] The buggy address is located 0 bytes to the right of [ 19.341653] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.341757] [ 19.342138] The buggy address belongs to the physical page: [ 19.342187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.342374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.342555] page_type: f5(slab) [ 19.342664] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.342803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.342874] page dumped because: kasan: bad access detected [ 19.342986] [ 19.343012] Memory state around the buggy address: [ 19.343276] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.343428] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.343521] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.343637] ^ [ 19.343737] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.344136] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.344244] ================================================================== [ 19.514376] ================================================================== [ 19.514430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.514746] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.514986] [ 19.515218] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.515322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.515351] Hardware name: linux,dummy-virt (DT) [ 19.515390] Call trace: [ 19.515414] show_stack+0x20/0x38 (C) [ 19.515476] dump_stack_lvl+0x8c/0xd0 [ 19.515544] print_report+0x118/0x608 [ 19.515602] kasan_report+0xdc/0x128 [ 19.515648] kasan_check_range+0x100/0x1a8 [ 19.515698] __kasan_check_write+0x20/0x30 [ 19.515754] kasan_atomics_helper+0x1058/0x4858 [ 19.515804] kasan_atomics+0x198/0x2e0 [ 19.515851] kunit_try_run_case+0x170/0x3f0 [ 19.515935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.515990] kthread+0x328/0x630 [ 19.516040] ret_from_fork+0x10/0x20 [ 19.516103] [ 19.516133] Allocated by task 266: [ 19.516174] kasan_save_stack+0x3c/0x68 [ 19.516215] kasan_save_track+0x20/0x40 [ 19.516257] kasan_save_alloc_info+0x40/0x58 [ 19.516299] __kasan_kmalloc+0xd4/0xd8 [ 19.516339] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.516380] kasan_atomics+0xb8/0x2e0 [ 19.516417] kunit_try_run_case+0x170/0x3f0 [ 19.516458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.516505] kthread+0x328/0x630 [ 19.516540] ret_from_fork+0x10/0x20 [ 19.516589] [ 19.516611] The buggy address belongs to the object at fff00000c76cc400 [ 19.516611] which belongs to the cache kmalloc-64 of size 64 [ 19.516672] The buggy address is located 0 bytes to the right of [ 19.516672] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.516747] [ 19.516777] The buggy address belongs to the physical page: [ 19.516823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.516885] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.516965] page_type: f5(slab) [ 19.517931] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.518058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.518132] page dumped because: kasan: bad access detected [ 19.518196] [ 19.518225] Memory state around the buggy address: [ 19.518262] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.518541] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.518595] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.518634] ^ [ 19.518678] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.518721] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.518761] ================================================================== [ 19.549710] ================================================================== [ 19.549984] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.550179] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.550363] [ 19.550448] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.550567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.550755] Hardware name: linux,dummy-virt (DT) [ 19.550972] Call trace: [ 19.551313] show_stack+0x20/0x38 (C) [ 19.551677] dump_stack_lvl+0x8c/0xd0 [ 19.551754] print_report+0x118/0x608 [ 19.551927] kasan_report+0xdc/0x128 [ 19.552364] kasan_check_range+0x100/0x1a8 [ 19.552792] __kasan_check_write+0x20/0x30 [ 19.552947] kasan_atomics_helper+0x11f8/0x4858 [ 19.553033] kasan_atomics+0x198/0x2e0 [ 19.553154] kunit_try_run_case+0x170/0x3f0 [ 19.553360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.553573] kthread+0x328/0x630 [ 19.553966] ret_from_fork+0x10/0x20 [ 19.554150] [ 19.554231] Allocated by task 266: [ 19.554447] kasan_save_stack+0x3c/0x68 [ 19.555202] kasan_save_track+0x20/0x40 [ 19.555251] kasan_save_alloc_info+0x40/0x58 [ 19.555321] __kasan_kmalloc+0xd4/0xd8 [ 19.555513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.555558] kasan_atomics+0xb8/0x2e0 [ 19.555597] kunit_try_run_case+0x170/0x3f0 [ 19.556488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.557113] kthread+0x328/0x630 [ 19.557268] ret_from_fork+0x10/0x20 [ 19.558606] [ 19.558647] The buggy address belongs to the object at fff00000c76cc400 [ 19.558647] which belongs to the cache kmalloc-64 of size 64 [ 19.558712] The buggy address is located 0 bytes to the right of [ 19.558712] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.558779] [ 19.558801] The buggy address belongs to the physical page: [ 19.558833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.558888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.558948] page_type: f5(slab) [ 19.558988] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.559042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.559086] page dumped because: kasan: bad access detected [ 19.559121] [ 19.559141] Memory state around the buggy address: [ 19.559175] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.559221] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.559265] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.559305] ^ [ 19.559340] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.559383] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.559421] ================================================================== [ 19.607348] ================================================================== [ 19.607410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.607461] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.607674] [ 19.607718] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.607972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.608121] Hardware name: linux,dummy-virt (DT) [ 19.608212] Call trace: [ 19.608238] show_stack+0x20/0x38 (C) [ 19.608291] dump_stack_lvl+0x8c/0xd0 [ 19.608366] print_report+0x118/0x608 [ 19.608475] kasan_report+0xdc/0x128 [ 19.608527] kasan_check_range+0x100/0x1a8 [ 19.608577] __kasan_check_write+0x20/0x30 [ 19.608663] kasan_atomics_helper+0x154c/0x4858 [ 19.608714] kasan_atomics+0x198/0x2e0 [ 19.608759] kunit_try_run_case+0x170/0x3f0 [ 19.608805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.608858] kthread+0x328/0x630 [ 19.608901] ret_from_fork+0x10/0x20 [ 19.608960] [ 19.609086] Allocated by task 266: [ 19.609133] kasan_save_stack+0x3c/0x68 [ 19.609179] kasan_save_track+0x20/0x40 [ 19.609481] kasan_save_alloc_info+0x40/0x58 [ 19.609731] __kasan_kmalloc+0xd4/0xd8 [ 19.609791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.609987] kasan_atomics+0xb8/0x2e0 [ 19.610190] kunit_try_run_case+0x170/0x3f0 [ 19.610268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.610582] kthread+0x328/0x630 [ 19.610675] ret_from_fork+0x10/0x20 [ 19.610990] [ 19.611047] The buggy address belongs to the object at fff00000c76cc400 [ 19.611047] which belongs to the cache kmalloc-64 of size 64 [ 19.611142] The buggy address is located 0 bytes to the right of [ 19.611142] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.611450] [ 19.611570] The buggy address belongs to the physical page: [ 19.611633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.611690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.611923] page_type: f5(slab) [ 19.612108] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.612193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.612513] page dumped because: kasan: bad access detected [ 19.612587] [ 19.612891] Memory state around the buggy address: [ 19.612971] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.613367] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.613431] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.613473] ^ [ 19.613557] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.613618] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.613680] ================================================================== [ 19.480430] ================================================================== [ 19.480485] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.480546] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.480879] [ 19.481110] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.481202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.481230] Hardware name: linux,dummy-virt (DT) [ 19.481263] Call trace: [ 19.481308] show_stack+0x20/0x38 (C) [ 19.481361] dump_stack_lvl+0x8c/0xd0 [ 19.481413] print_report+0x118/0x608 [ 19.481467] kasan_report+0xdc/0x128 [ 19.481513] kasan_check_range+0x100/0x1a8 [ 19.481562] __kasan_check_write+0x20/0x30 [ 19.481615] kasan_atomics_helper+0xeb8/0x4858 [ 19.481664] kasan_atomics+0x198/0x2e0 [ 19.481709] kunit_try_run_case+0x170/0x3f0 [ 19.481756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.481817] kthread+0x328/0x630 [ 19.481858] ret_from_fork+0x10/0x20 [ 19.481925] [ 19.482242] Allocated by task 266: [ 19.482327] kasan_save_stack+0x3c/0x68 [ 19.482599] kasan_save_track+0x20/0x40 [ 19.482683] kasan_save_alloc_info+0x40/0x58 [ 19.482800] __kasan_kmalloc+0xd4/0xd8 [ 19.482905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.482979] kasan_atomics+0xb8/0x2e0 [ 19.483258] kunit_try_run_case+0x170/0x3f0 [ 19.483487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.483837] kthread+0x328/0x630 [ 19.483933] ret_from_fork+0x10/0x20 [ 19.483976] [ 19.483998] The buggy address belongs to the object at fff00000c76cc400 [ 19.483998] which belongs to the cache kmalloc-64 of size 64 [ 19.484343] The buggy address is located 0 bytes to the right of [ 19.484343] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.484757] [ 19.484804] The buggy address belongs to the physical page: [ 19.484907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.484979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.485031] page_type: f5(slab) [ 19.485391] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.485744] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.485883] page dumped because: kasan: bad access detected [ 19.485954] [ 19.486004] Memory state around the buggy address: [ 19.486059] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.486392] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.486458] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.486802] ^ [ 19.487129] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.487568] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.487642] ================================================================== [ 19.532566] ================================================================== [ 19.532622] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.532676] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.533096] [ 19.533203] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.533370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.533419] Hardware name: linux,dummy-virt (DT) [ 19.533453] Call trace: [ 19.533485] show_stack+0x20/0x38 (C) [ 19.533693] dump_stack_lvl+0x8c/0xd0 [ 19.533931] print_report+0x118/0x608 [ 19.534002] kasan_report+0xdc/0x128 [ 19.534252] kasan_check_range+0x100/0x1a8 [ 19.534513] __kasan_check_write+0x20/0x30 [ 19.534715] kasan_atomics_helper+0x1128/0x4858 [ 19.534941] kasan_atomics+0x198/0x2e0 [ 19.535093] kunit_try_run_case+0x170/0x3f0 [ 19.535155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535216] kthread+0x328/0x630 [ 19.535269] ret_from_fork+0x10/0x20 [ 19.535331] [ 19.535364] Allocated by task 266: [ 19.535411] kasan_save_stack+0x3c/0x68 [ 19.535465] kasan_save_track+0x20/0x40 [ 19.535503] kasan_save_alloc_info+0x40/0x58 [ 19.535553] __kasan_kmalloc+0xd4/0xd8 [ 19.535602] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.535654] kasan_atomics+0xb8/0x2e0 [ 19.535693] kunit_try_run_case+0x170/0x3f0 [ 19.535732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535789] kthread+0x328/0x630 [ 19.535832] ret_from_fork+0x10/0x20 [ 19.535869] [ 19.535889] The buggy address belongs to the object at fff00000c76cc400 [ 19.535889] which belongs to the cache kmalloc-64 of size 64 [ 19.535970] The buggy address is located 0 bytes to the right of [ 19.535970] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.536038] [ 19.536065] The buggy address belongs to the physical page: [ 19.536108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.536164] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.536213] page_type: f5(slab) [ 19.536257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.536315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.536359] page dumped because: kasan: bad access detected [ 19.536399] [ 19.536434] Memory state around the buggy address: [ 19.536468] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.536513] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.536572] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.536613] ^ [ 19.536647] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536699] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536753] ================================================================== [ 19.630517] ================================================================== [ 19.630572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.630624] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.630675] [ 19.630744] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.630831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.630879] Hardware name: linux,dummy-virt (DT) [ 19.630926] Call trace: [ 19.630951] show_stack+0x20/0x38 (C) [ 19.631001] dump_stack_lvl+0x8c/0xd0 [ 19.631056] print_report+0x118/0x608 [ 19.631112] kasan_report+0xdc/0x128 [ 19.631163] kasan_check_range+0x100/0x1a8 [ 19.631215] __kasan_check_write+0x20/0x30 [ 19.631262] kasan_atomics_helper+0x1644/0x4858 [ 19.631310] kasan_atomics+0x198/0x2e0 [ 19.631369] kunit_try_run_case+0x170/0x3f0 [ 19.631426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.631480] kthread+0x328/0x630 [ 19.631521] ret_from_fork+0x10/0x20 [ 19.631579] [ 19.631600] Allocated by task 266: [ 19.631629] kasan_save_stack+0x3c/0x68 [ 19.631672] kasan_save_track+0x20/0x40 [ 19.631710] kasan_save_alloc_info+0x40/0x58 [ 19.631753] __kasan_kmalloc+0xd4/0xd8 [ 19.631791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.631837] kasan_atomics+0xb8/0x2e0 [ 19.631876] kunit_try_run_case+0x170/0x3f0 [ 19.632423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.632560] kthread+0x328/0x630 [ 19.632609] ret_from_fork+0x10/0x20 [ 19.632649] [ 19.633111] The buggy address belongs to the object at fff00000c76cc400 [ 19.633111] which belongs to the cache kmalloc-64 of size 64 [ 19.633379] The buggy address is located 0 bytes to the right of [ 19.633379] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.633460] [ 19.633484] The buggy address belongs to the physical page: [ 19.633515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.633569] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.633862] page_type: f5(slab) [ 19.634246] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.634322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.634389] page dumped because: kasan: bad access detected [ 19.634573] [ 19.634598] Memory state around the buggy address: [ 19.634635] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.634906] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.635024] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.635115] ^ [ 19.635436] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635547] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635587] ================================================================== [ 19.661992] ================================================================== [ 19.662476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.662547] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.662610] [ 19.663028] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.663148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.663518] Hardware name: linux,dummy-virt (DT) [ 19.663689] Call trace: [ 19.663900] show_stack+0x20/0x38 (C) [ 19.664198] dump_stack_lvl+0x8c/0xd0 [ 19.664324] print_report+0x118/0x608 [ 19.664427] kasan_report+0xdc/0x128 [ 19.664577] kasan_check_range+0x100/0x1a8 [ 19.664631] __kasan_check_write+0x20/0x30 [ 19.664693] kasan_atomics_helper+0x175c/0x4858 [ 19.664984] kasan_atomics+0x198/0x2e0 [ 19.665395] kunit_try_run_case+0x170/0x3f0 [ 19.665584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.665660] kthread+0x328/0x630 [ 19.665776] ret_from_fork+0x10/0x20 [ 19.665889] [ 19.666041] Allocated by task 266: [ 19.666231] kasan_save_stack+0x3c/0x68 [ 19.666324] kasan_save_track+0x20/0x40 [ 19.666659] kasan_save_alloc_info+0x40/0x58 [ 19.666769] __kasan_kmalloc+0xd4/0xd8 [ 19.666867] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.666991] kasan_atomics+0xb8/0x2e0 [ 19.667103] kunit_try_run_case+0x170/0x3f0 [ 19.667166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667355] kthread+0x328/0x630 [ 19.667396] ret_from_fork+0x10/0x20 [ 19.667800] [ 19.667851] The buggy address belongs to the object at fff00000c76cc400 [ 19.667851] which belongs to the cache kmalloc-64 of size 64 [ 19.668529] The buggy address is located 0 bytes to the right of [ 19.668529] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.668640] [ 19.668759] The buggy address belongs to the physical page: [ 19.668973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.669059] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.669366] page_type: f5(slab) [ 19.669439] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.669947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.670123] page dumped because: kasan: bad access detected [ 19.670186] [ 19.670262] Memory state around the buggy address: [ 19.670327] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.670392] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.670542] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.670587] ^ [ 19.670623] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670845] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670952] ================================================================== [ 19.537855] ================================================================== [ 19.537928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.537981] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.538070] [ 19.538415] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.538519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.538547] Hardware name: linux,dummy-virt (DT) [ 19.539003] Call trace: [ 19.539250] show_stack+0x20/0x38 (C) [ 19.539524] dump_stack_lvl+0x8c/0xd0 [ 19.539611] print_report+0x118/0x608 [ 19.539688] kasan_report+0xdc/0x128 [ 19.540126] kasan_check_range+0x100/0x1a8 [ 19.540577] __kasan_check_write+0x20/0x30 [ 19.540672] kasan_atomics_helper+0x1190/0x4858 [ 19.540812] kasan_atomics+0x198/0x2e0 [ 19.540926] kunit_try_run_case+0x170/0x3f0 [ 19.540978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.541437] kthread+0x328/0x630 [ 19.541722] ret_from_fork+0x10/0x20 [ 19.541944] [ 19.542165] Allocated by task 266: [ 19.542219] kasan_save_stack+0x3c/0x68 [ 19.542265] kasan_save_track+0x20/0x40 [ 19.542314] kasan_save_alloc_info+0x40/0x58 [ 19.542758] __kasan_kmalloc+0xd4/0xd8 [ 19.542828] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.543018] kasan_atomics+0xb8/0x2e0 [ 19.543232] kunit_try_run_case+0x170/0x3f0 [ 19.543629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.543709] kthread+0x328/0x630 [ 19.543889] ret_from_fork+0x10/0x20 [ 19.543974] [ 19.544196] The buggy address belongs to the object at fff00000c76cc400 [ 19.544196] which belongs to the cache kmalloc-64 of size 64 [ 19.544553] The buggy address is located 0 bytes to the right of [ 19.544553] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.544638] [ 19.545434] The buggy address belongs to the physical page: [ 19.545484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.546018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.546392] page_type: f5(slab) [ 19.546507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.546680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.546727] page dumped because: kasan: bad access detected [ 19.546782] [ 19.546809] Memory state around the buggy address: [ 19.546844] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.547343] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.547560] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.547626] ^ [ 19.547675] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.547956] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.548123] ================================================================== [ 19.657241] ================================================================== [ 19.657479] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.657677] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.657748] [ 19.657783] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.657865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.657892] Hardware name: linux,dummy-virt (DT) [ 19.657937] Call trace: [ 19.658249] show_stack+0x20/0x38 (C) [ 19.658352] dump_stack_lvl+0x8c/0xd0 [ 19.658433] print_report+0x118/0x608 [ 19.658858] kasan_report+0xdc/0x128 [ 19.658944] __asan_report_load8_noabort+0x20/0x30 [ 19.658998] kasan_atomics_helper+0x3e10/0x4858 [ 19.659049] kasan_atomics+0x198/0x2e0 [ 19.659095] kunit_try_run_case+0x170/0x3f0 [ 19.659145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.659200] kthread+0x328/0x630 [ 19.659246] ret_from_fork+0x10/0x20 [ 19.659301] [ 19.659345] Allocated by task 266: [ 19.659386] kasan_save_stack+0x3c/0x68 [ 19.659462] kasan_save_track+0x20/0x40 [ 19.659500] kasan_save_alloc_info+0x40/0x58 [ 19.659548] __kasan_kmalloc+0xd4/0xd8 [ 19.659594] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.659635] kasan_atomics+0xb8/0x2e0 [ 19.659673] kunit_try_run_case+0x170/0x3f0 [ 19.659720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.659774] kthread+0x328/0x630 [ 19.659808] ret_from_fork+0x10/0x20 [ 19.659845] [ 19.659864] The buggy address belongs to the object at fff00000c76cc400 [ 19.659864] which belongs to the cache kmalloc-64 of size 64 [ 19.659935] The buggy address is located 0 bytes to the right of [ 19.659935] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.660003] [ 19.660024] The buggy address belongs to the physical page: [ 19.660074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.660128] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.660178] page_type: f5(slab) [ 19.660217] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.660276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.660326] page dumped because: kasan: bad access detected [ 19.660369] [ 19.660397] Memory state around the buggy address: [ 19.660430] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.660475] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.660520] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.660578] ^ [ 19.660613] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660666] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660715] ================================================================== [ 19.472310] ================================================================== [ 19.472369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.472429] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.472809] [ 19.472865] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.473042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.473081] Hardware name: linux,dummy-virt (DT) [ 19.473128] Call trace: [ 19.473170] show_stack+0x20/0x38 (C) [ 19.473223] dump_stack_lvl+0x8c/0xd0 [ 19.473272] print_report+0x118/0x608 [ 19.473578] kasan_report+0xdc/0x128 [ 19.473692] __asan_report_store8_noabort+0x20/0x30 [ 19.473846] kasan_atomics_helper+0x3e5c/0x4858 [ 19.474080] kasan_atomics+0x198/0x2e0 [ 19.474196] kunit_try_run_case+0x170/0x3f0 [ 19.474264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.474384] kthread+0x328/0x630 [ 19.474460] ret_from_fork+0x10/0x20 [ 19.474585] [ 19.474790] Allocated by task 266: [ 19.474873] kasan_save_stack+0x3c/0x68 [ 19.475041] kasan_save_track+0x20/0x40 [ 19.475108] kasan_save_alloc_info+0x40/0x58 [ 19.475446] __kasan_kmalloc+0xd4/0xd8 [ 19.475517] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.475653] kasan_atomics+0xb8/0x2e0 [ 19.475696] kunit_try_run_case+0x170/0x3f0 [ 19.475753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476097] kthread+0x328/0x630 [ 19.476182] ret_from_fork+0x10/0x20 [ 19.476244] [ 19.476558] The buggy address belongs to the object at fff00000c76cc400 [ 19.476558] which belongs to the cache kmalloc-64 of size 64 [ 19.476841] The buggy address is located 0 bytes to the right of [ 19.476841] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.477011] [ 19.477318] The buggy address belongs to the physical page: [ 19.477370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.477451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.477503] page_type: f5(slab) [ 19.477543] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.477863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.478134] page dumped because: kasan: bad access detected [ 19.478316] [ 19.478500] Memory state around the buggy address: [ 19.478645] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.478708] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.478885] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.478967] ^ [ 19.479013] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.479338] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.479413] ================================================================== [ 19.384100] ================================================================== [ 19.384173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 19.384307] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.384517] [ 19.384597] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.387653] kasan_atomics+0xb8/0x2e0 [ 19.387798] kunit_try_run_case+0x170/0x3f0 [ 19.389547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.390174] kthread+0x328/0x630 [ 19.390546] ret_from_fork+0x10/0x20 [ 19.390595] [ 19.390619] The buggy address belongs to the object at fff00000c76cc400 [ 19.390619] which belongs to the cache kmalloc-64 of size 64 [ 19.391966] Memory state around the buggy address: [ 19.392740] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.395934] print_report+0x118/0x608 [ 19.396475] kasan_save_stack+0x3c/0x68 [ 19.396688] kasan_atomics+0xb8/0x2e0 [ 19.397870] [ 19.398122] page_type: f5(slab) [ 19.399084] [ 19.399605] ^ [ 19.399832] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.401743] Hardware name: linux,dummy-virt (DT) [ 19.403135] kunit_try_run_case+0x170/0x3f0 [ 19.404887] kunit_try_run_case+0x170/0x3f0 [ 19.406100] [ 19.406268] page_type: f5(slab) [ 19.407203] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.409997] show_stack+0x20/0x38 (C) [ 19.411593] kasan_save_track+0x20/0x40 [ 19.411981] kthread+0x328/0x630 [ 19.412274] [ 19.412398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.412772] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.417361] [ 19.417835] Call trace: [ 19.419136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.421254] ret_from_fork+0x10/0x20 [ 19.421432] [ 19.421483] The buggy address belongs to the object at fff00000c76cc400 [ 19.421483] which belongs to the cache kmalloc-64 of size 64 [ 19.421649] The buggy address is located 0 bytes to the right of [ 19.421649] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.421729] [ 19.421786] The buggy address belongs to the physical page: [ 19.422113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.422368] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.422530] page_type: f5(slab) [ 19.422604] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.422956] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.423184] page dumped because: kasan: bad access detected [ 19.423339] [ 19.423426] Memory state around the buggy address: [ 19.423540] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.423956] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.424018] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.424091] ^ [ 19.424181] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.424272] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.424358] ================================================================== [ 19.620429] ================================================================== [ 19.620540] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.620592] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.620659] [ 19.620759] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.620852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.620890] Hardware name: linux,dummy-virt (DT) [ 19.621061] Call trace: [ 19.621121] show_stack+0x20/0x38 (C) [ 19.621303] dump_stack_lvl+0x8c/0xd0 [ 19.621365] print_report+0x118/0x608 [ 19.621539] kasan_report+0xdc/0x128 [ 19.621643] __asan_report_load8_noabort+0x20/0x30 [ 19.622000] kasan_atomics_helper+0x3db0/0x4858 [ 19.622202] kasan_atomics+0x198/0x2e0 [ 19.622285] kunit_try_run_case+0x170/0x3f0 [ 19.622617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.622718] kthread+0x328/0x630 [ 19.622858] ret_from_fork+0x10/0x20 [ 19.622925] [ 19.622946] Allocated by task 266: [ 19.623180] kasan_save_stack+0x3c/0x68 [ 19.623383] kasan_save_track+0x20/0x40 [ 19.623469] kasan_save_alloc_info+0x40/0x58 [ 19.623537] __kasan_kmalloc+0xd4/0xd8 [ 19.624384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.624481] kasan_atomics+0xb8/0x2e0 [ 19.624632] kunit_try_run_case+0x170/0x3f0 [ 19.624707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.624768] kthread+0x328/0x630 [ 19.624804] ret_from_fork+0x10/0x20 [ 19.624977] [ 19.625139] The buggy address belongs to the object at fff00000c76cc400 [ 19.625139] which belongs to the cache kmalloc-64 of size 64 [ 19.625966] The buggy address is located 0 bytes to the right of [ 19.625966] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.626077] [ 19.626125] The buggy address belongs to the physical page: [ 19.626199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.626491] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.626731] page_type: f5(slab) [ 19.627105] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.627183] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.627503] page dumped because: kasan: bad access detected [ 19.627636] [ 19.627684] Memory state around the buggy address: [ 19.627722] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.627959] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.628157] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.628498] ^ [ 19.628576] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.628750] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.629014] ================================================================== [ 19.615121] ================================================================== [ 19.615243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.615299] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.615350] [ 19.615383] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.615465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.615493] Hardware name: linux,dummy-virt (DT) [ 19.615527] Call trace: [ 19.615800] show_stack+0x20/0x38 (C) [ 19.616080] dump_stack_lvl+0x8c/0xd0 [ 19.616294] print_report+0x118/0x608 [ 19.616350] kasan_report+0xdc/0x128 [ 19.616404] kasan_check_range+0x100/0x1a8 [ 19.616507] __kasan_check_write+0x20/0x30 [ 19.616574] kasan_atomics_helper+0x15b4/0x4858 [ 19.616624] kasan_atomics+0x198/0x2e0 [ 19.616697] kunit_try_run_case+0x170/0x3f0 [ 19.616743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.616797] kthread+0x328/0x630 [ 19.616842] ret_from_fork+0x10/0x20 [ 19.616891] [ 19.616923] Allocated by task 266: [ 19.616966] kasan_save_stack+0x3c/0x68 [ 19.617009] kasan_save_track+0x20/0x40 [ 19.617059] kasan_save_alloc_info+0x40/0x58 [ 19.617109] __kasan_kmalloc+0xd4/0xd8 [ 19.617156] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.617198] kasan_atomics+0xb8/0x2e0 [ 19.617245] kunit_try_run_case+0x170/0x3f0 [ 19.617284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.617329] kthread+0x328/0x630 [ 19.617369] ret_from_fork+0x10/0x20 [ 19.617405] [ 19.617427] The buggy address belongs to the object at fff00000c76cc400 [ 19.617427] which belongs to the cache kmalloc-64 of size 64 [ 19.617492] The buggy address is located 0 bytes to the right of [ 19.617492] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.617559] [ 19.617582] The buggy address belongs to the physical page: [ 19.617614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.617675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.617724] page_type: f5(slab) [ 19.617764] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.617818] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.617884] page dumped because: kasan: bad access detected [ 19.617930] [ 19.617958] Memory state around the buggy address: [ 19.617993] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.618572] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.618636] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.618683] ^ [ 19.618717] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619422] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619531] ================================================================== [ 19.645955] ================================================================== [ 19.646418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.646481] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.646696] [ 19.646766] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.647149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.647238] Hardware name: linux,dummy-virt (DT) [ 19.647285] Call trace: [ 19.647330] show_stack+0x20/0x38 (C) [ 19.647432] dump_stack_lvl+0x8c/0xd0 [ 19.647509] print_report+0x118/0x608 [ 19.647633] kasan_report+0xdc/0x128 [ 19.647682] kasan_check_range+0x100/0x1a8 [ 19.647903] __kasan_check_write+0x20/0x30 [ 19.648450] kasan_atomics_helper+0x16d0/0x4858 [ 19.648613] kasan_atomics+0x198/0x2e0 [ 19.648699] kunit_try_run_case+0x170/0x3f0 [ 19.648836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.648925] kthread+0x328/0x630 [ 19.648969] ret_from_fork+0x10/0x20 [ 19.649017] [ 19.649217] Allocated by task 266: [ 19.649408] kasan_save_stack+0x3c/0x68 [ 19.649765] kasan_save_track+0x20/0x40 [ 19.650781] kasan_save_alloc_info+0x40/0x58 [ 19.650997] __kasan_kmalloc+0xd4/0xd8 [ 19.651082] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.651144] kasan_atomics+0xb8/0x2e0 [ 19.651730] kunit_try_run_case+0x170/0x3f0 [ 19.651811] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.652559] kthread+0x328/0x630 [ 19.652894] ret_from_fork+0x10/0x20 [ 19.653196] [ 19.653255] The buggy address belongs to the object at fff00000c76cc400 [ 19.653255] which belongs to the cache kmalloc-64 of size 64 [ 19.653406] The buggy address is located 0 bytes to the right of [ 19.653406] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.653522] [ 19.653737] The buggy address belongs to the physical page: [ 19.653930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.654262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.654538] page_type: f5(slab) [ 19.654734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.654815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.655146] page dumped because: kasan: bad access detected [ 19.655194] [ 19.655360] Memory state around the buggy address: [ 19.655587] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.655751] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.655802] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.655843] ^ [ 19.656215] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.656481] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.656696] ================================================================== [ 19.425491] ================================================================== [ 19.425576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.425630] Read of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.425931] [ 19.425968] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.426351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.426429] Hardware name: linux,dummy-virt (DT) [ 19.426480] Call trace: [ 19.426532] show_stack+0x20/0x38 (C) [ 19.426665] dump_stack_lvl+0x8c/0xd0 [ 19.426752] print_report+0x118/0x608 [ 19.426891] kasan_report+0xdc/0x128 [ 19.426970] __asan_report_load4_noabort+0x20/0x30 [ 19.427324] kasan_atomics_helper+0x3dd8/0x4858 [ 19.427615] kasan_atomics+0x198/0x2e0 [ 19.427739] kunit_try_run_case+0x170/0x3f0 [ 19.427883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427956] kthread+0x328/0x630 [ 19.428006] ret_from_fork+0x10/0x20 [ 19.428331] [ 19.428393] Allocated by task 266: [ 19.428727] kasan_save_stack+0x3c/0x68 [ 19.428953] kasan_save_track+0x20/0x40 [ 19.429176] kasan_save_alloc_info+0x40/0x58 [ 19.429318] __kasan_kmalloc+0xd4/0xd8 [ 19.429387] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.429799] kasan_atomics+0xb8/0x2e0 [ 19.429867] kunit_try_run_case+0x170/0x3f0 [ 19.430150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.430364] kthread+0x328/0x630 [ 19.430428] ret_from_fork+0x10/0x20 [ 19.430672] [ 19.430928] The buggy address belongs to the object at fff00000c76cc400 [ 19.430928] which belongs to the cache kmalloc-64 of size 64 [ 19.431268] The buggy address is located 0 bytes to the right of [ 19.431268] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.431418] [ 19.431450] The buggy address belongs to the physical page: [ 19.431485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.431543] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.431664] page_type: f5(slab) [ 19.431714] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.431782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.431839] page dumped because: kasan: bad access detected [ 19.431870] [ 19.431900] Memory state around the buggy address: [ 19.431973] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.432036] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.432089] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.432129] ^ [ 19.432165] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.432210] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.432259] ================================================================== [ 19.495751] ================================================================== [ 19.495950] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.496014] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.496075] [ 19.496187] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.496289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.496327] Hardware name: linux,dummy-virt (DT) [ 19.496963] Call trace: [ 19.497007] show_stack+0x20/0x38 (C) [ 19.497064] dump_stack_lvl+0x8c/0xd0 [ 19.497115] print_report+0x118/0x608 [ 19.497161] kasan_report+0xdc/0x128 [ 19.497208] kasan_check_range+0x100/0x1a8 [ 19.497256] __kasan_check_write+0x20/0x30 [ 19.497303] kasan_atomics_helper+0xf88/0x4858 [ 19.497352] kasan_atomics+0x198/0x2e0 [ 19.497396] kunit_try_run_case+0x170/0x3f0 [ 19.497443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.497496] kthread+0x328/0x630 [ 19.497537] ret_from_fork+0x10/0x20 [ 19.497584] [ 19.497604] Allocated by task 266: [ 19.497635] kasan_save_stack+0x3c/0x68 [ 19.497676] kasan_save_track+0x20/0x40 [ 19.497716] kasan_save_alloc_info+0x40/0x58 [ 19.497757] __kasan_kmalloc+0xd4/0xd8 [ 19.497795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.497836] kasan_atomics+0xb8/0x2e0 [ 19.497873] kunit_try_run_case+0x170/0x3f0 [ 19.497926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.497972] kthread+0x328/0x630 [ 19.498985] ret_from_fork+0x10/0x20 [ 19.499257] [ 19.499331] The buggy address belongs to the object at fff00000c76cc400 [ 19.499331] which belongs to the cache kmalloc-64 of size 64 [ 19.499510] The buggy address is located 0 bytes to the right of [ 19.499510] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.499582] [ 19.499925] The buggy address belongs to the physical page: [ 19.500394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.500612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.500834] page_type: f5(slab) [ 19.501254] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.501348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.501680] page dumped because: kasan: bad access detected [ 19.501804] [ 19.501848] Memory state around the buggy address: [ 19.502205] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.502415] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.502867] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.503043] ^ [ 19.503223] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.503402] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.503446] ================================================================== [ 19.565471] ================================================================== [ 19.565532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.565587] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.565638] [ 19.565670] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.565752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.565781] Hardware name: linux,dummy-virt (DT) [ 19.565812] Call trace: [ 19.565838] show_stack+0x20/0x38 (C) [ 19.565887] dump_stack_lvl+0x8c/0xd0 [ 19.565950] print_report+0x118/0x608 [ 19.566004] kasan_report+0xdc/0x128 [ 19.566051] kasan_check_range+0x100/0x1a8 [ 19.566098] __kasan_check_write+0x20/0x30 [ 19.566144] kasan_atomics_helper+0x126c/0x4858 [ 19.566193] kasan_atomics+0x198/0x2e0 [ 19.566237] kunit_try_run_case+0x170/0x3f0 [ 19.566285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566338] kthread+0x328/0x630 [ 19.566379] ret_from_fork+0x10/0x20 [ 19.566427] [ 19.566447] Allocated by task 266: [ 19.566476] kasan_save_stack+0x3c/0x68 [ 19.566519] kasan_save_track+0x20/0x40 [ 19.566557] kasan_save_alloc_info+0x40/0x58 [ 19.566599] __kasan_kmalloc+0xd4/0xd8 [ 19.566636] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.566677] kasan_atomics+0xb8/0x2e0 [ 19.566716] kunit_try_run_case+0x170/0x3f0 [ 19.566757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566801] kthread+0x328/0x630 [ 19.566835] ret_from_fork+0x10/0x20 [ 19.566873] [ 19.566893] The buggy address belongs to the object at fff00000c76cc400 [ 19.566893] which belongs to the cache kmalloc-64 of size 64 [ 19.567801] The buggy address is located 0 bytes to the right of [ 19.567801] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.568069] [ 19.568100] The buggy address belongs to the physical page: [ 19.568134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.568200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.568250] page_type: f5(slab) [ 19.568464] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.568525] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.568663] page dumped because: kasan: bad access detected [ 19.568799] [ 19.569080] Memory state around the buggy address: [ 19.569202] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.569250] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.569569] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.569635] ^ [ 19.569774] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569989] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.570035] ================================================================== [ 19.276176] ================================================================== [ 19.279296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 19.279404] [ 19.279520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.279549] Hardware name: linux,dummy-virt (DT) [ 19.279848] __kasan_check_write+0x20/0x30 [ 19.280273] kthread+0x328/0x630 [ 19.282394] __kasan_kmalloc+0xd4/0xd8 [ 19.285465] [ 19.285977] [ 19.286000] The buggy address belongs to the physical page: [ 19.287978] page dumped because: kasan: bad access detected [ 19.291496] ^ [ 19.294382] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 19.295183] kthread+0x328/0x630 [ 19.295722] [ 19.295865] [ 19.295885] The buggy address belongs to the physical page: [ 19.299538] page_type: f5(slab) [ 19.300225] page dumped because: kasan: bad access detected [ 19.303368] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.303678] ================================================================== [ 19.464822] ================================================================== [ 19.464876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.464941] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.465281] [ 19.465379] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.465482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.465744] Hardware name: linux,dummy-virt (DT) [ 19.465801] Call trace: [ 19.465826] show_stack+0x20/0x38 (C) [ 19.466137] dump_stack_lvl+0x8c/0xd0 [ 19.466291] print_report+0x118/0x608 [ 19.466351] kasan_report+0xdc/0x128 [ 19.466414] kasan_check_range+0x100/0x1a8 [ 19.466481] __kasan_check_write+0x20/0x30 [ 19.466561] kasan_atomics_helper+0xe44/0x4858 [ 19.466785] kasan_atomics+0x198/0x2e0 [ 19.466993] kunit_try_run_case+0x170/0x3f0 [ 19.467075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.467177] kthread+0x328/0x630 [ 19.467460] ret_from_fork+0x10/0x20 [ 19.467634] [ 19.467673] Allocated by task 266: [ 19.467731] kasan_save_stack+0x3c/0x68 [ 19.467879] kasan_save_track+0x20/0x40 [ 19.467943] kasan_save_alloc_info+0x40/0x58 [ 19.468327] __kasan_kmalloc+0xd4/0xd8 [ 19.468450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.468537] kasan_atomics+0xb8/0x2e0 [ 19.468600] kunit_try_run_case+0x170/0x3f0 [ 19.468940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.469139] kthread+0x328/0x630 [ 19.469218] ret_from_fork+0x10/0x20 [ 19.469264] [ 19.469288] The buggy address belongs to the object at fff00000c76cc400 [ 19.469288] which belongs to the cache kmalloc-64 of size 64 [ 19.469355] The buggy address is located 0 bytes to the right of [ 19.469355] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.469422] [ 19.469455] The buggy address belongs to the physical page: [ 19.469488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.469544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.469604] page_type: f5(slab) [ 19.469648] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.469701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.469753] page dumped because: kasan: bad access detected [ 19.469815] [ 19.469850] Memory state around the buggy address: [ 19.469890] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.469948] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.470100] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.470654] ^ [ 19.470737] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.470814] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.470896] ================================================================== [ 19.597691] ================================================================== [ 19.597763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.597827] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.598030] [ 19.598176] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.598280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.598346] Hardware name: linux,dummy-virt (DT) [ 19.598391] Call trace: [ 19.598416] show_stack+0x20/0x38 (C) [ 19.598476] dump_stack_lvl+0x8c/0xd0 [ 19.598525] print_report+0x118/0x608 [ 19.598934] kasan_report+0xdc/0x128 [ 19.599059] kasan_check_range+0x100/0x1a8 [ 19.599282] __kasan_check_write+0x20/0x30 [ 19.599441] kasan_atomics_helper+0x14e4/0x4858 [ 19.599625] kasan_atomics+0x198/0x2e0 [ 19.599700] kunit_try_run_case+0x170/0x3f0 [ 19.599846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.599908] kthread+0x328/0x630 [ 19.599963] ret_from_fork+0x10/0x20 [ 19.600290] [ 19.600343] Allocated by task 266: [ 19.600516] kasan_save_stack+0x3c/0x68 [ 19.600736] kasan_save_track+0x20/0x40 [ 19.600886] kasan_save_alloc_info+0x40/0x58 [ 19.600985] __kasan_kmalloc+0xd4/0xd8 [ 19.601134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.601199] kasan_atomics+0xb8/0x2e0 [ 19.601245] kunit_try_run_case+0x170/0x3f0 [ 19.601284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.601602] kthread+0x328/0x630 [ 19.601660] ret_from_fork+0x10/0x20 [ 19.601837] [ 19.601898] The buggy address belongs to the object at fff00000c76cc400 [ 19.601898] which belongs to the cache kmalloc-64 of size 64 [ 19.601976] The buggy address is located 0 bytes to the right of [ 19.601976] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.602042] [ 19.602066] The buggy address belongs to the physical page: [ 19.602098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.602159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.602243] page_type: f5(slab) [ 19.602292] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.602359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.603708] page dumped because: kasan: bad access detected [ 19.603801] [ 19.603997] Memory state around the buggy address: [ 19.604282] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.604894] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.605009] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.605078] ^ [ 19.605270] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.605436] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.605552] ================================================================== [ 19.345226] ================================================================== [ 19.345335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.345610] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.345805] [ 19.345863] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.346088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.346167] Hardware name: linux,dummy-virt (DT) [ 19.346278] Call trace: [ 19.346336] show_stack+0x20/0x38 (C) [ 19.346388] dump_stack_lvl+0x8c/0xd0 [ 19.346770] print_report+0x118/0x608 [ 19.347007] kasan_report+0xdc/0x128 [ 19.347063] kasan_check_range+0x100/0x1a8 [ 19.347133] __kasan_check_write+0x20/0x30 [ 19.347181] kasan_atomics_helper+0x99c/0x4858 [ 19.347446] ret_from_fork+0x10/0x20 [ 19.347496] [ 19.347773] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.348202] The buggy address is located 0 bytes to the right of [ 19.348202] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.348753] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.351653] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.355187] [ 19.355497] Allocated by task 266: [ 19.355586] kasan_save_stack+0x3c/0x68 [ 19.355741] kasan_save_track+0x20/0x40 [ 19.355849] kasan_save_alloc_info+0x40/0x58 [ 19.355984] __kasan_kmalloc+0xd4/0xd8 [ 19.356027] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.356603] kasan_atomics+0xb8/0x2e0 [ 19.356703] kunit_try_run_case+0x170/0x3f0 [ 19.356846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.356999] kthread+0x328/0x630 [ 19.357132] ret_from_fork+0x10/0x20 [ 19.357234] [ 19.357305] The buggy address belongs to the object at fff00000c76cc400 [ 19.357305] which belongs to the cache kmalloc-64 of size 64 [ 19.357459] The buggy address is located 0 bytes to the right of [ 19.357459] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.357556] [ 19.357822] The buggy address belongs to the physical page: [ 19.357889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.358031] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.358138] page_type: f5(slab) [ 19.358467] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.358558] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.358677] page dumped because: kasan: bad access detected [ 19.358770] [ 19.358851] Memory state around the buggy address: [ 19.358888] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.359155] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.359246] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.359619] ^ [ 19.359757] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.360047] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.360116] ================================================================== [ 19.504957] ================================================================== [ 19.505223] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.505291] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.505344] [ 19.505376] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.505459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.505631] Hardware name: linux,dummy-virt (DT) [ 19.505864] Call trace: [ 19.505903] show_stack+0x20/0x38 (C) [ 19.506215] dump_stack_lvl+0x8c/0xd0 [ 19.506369] print_report+0x118/0x608 [ 19.506533] kasan_report+0xdc/0x128 [ 19.506665] kasan_check_range+0x100/0x1a8 [ 19.506723] __kasan_check_write+0x20/0x30 [ 19.506770] kasan_atomics_helper+0xff0/0x4858 [ 19.507163] kasan_atomics+0x198/0x2e0 [ 19.507326] kunit_try_run_case+0x170/0x3f0 [ 19.507516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.507671] kthread+0x328/0x630 [ 19.507826] ret_from_fork+0x10/0x20 [ 19.508005] [ 19.508028] Allocated by task 266: [ 19.508060] kasan_save_stack+0x3c/0x68 [ 19.508412] kasan_save_track+0x20/0x40 [ 19.508490] kasan_save_alloc_info+0x40/0x58 [ 19.508699] __kasan_kmalloc+0xd4/0xd8 [ 19.508933] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.509077] kasan_atomics+0xb8/0x2e0 [ 19.509195] kunit_try_run_case+0x170/0x3f0 [ 19.509295] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.509343] kthread+0x328/0x630 [ 19.509656] ret_from_fork+0x10/0x20 [ 19.509707] [ 19.509771] The buggy address belongs to the object at fff00000c76cc400 [ 19.509771] which belongs to the cache kmalloc-64 of size 64 [ 19.509833] The buggy address is located 0 bytes to the right of [ 19.509833] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.509899] [ 19.509952] The buggy address belongs to the physical page: [ 19.510219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.510723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.510787] page_type: f5(slab) [ 19.511256] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.511341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.511654] page dumped because: kasan: bad access detected [ 19.511711] [ 19.511764] Memory state around the buggy address: [ 19.512118] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.512564] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.512752] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.512805] ^ [ 19.512841] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.513130] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.513305] ================================================================== [ 19.455127] ================================================================== [ 19.455180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.455290] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.455379] [ 19.455415] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.455509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.455640] Hardware name: linux,dummy-virt (DT) [ 19.455779] Call trace: [ 19.455963] show_stack+0x20/0x38 (C) [ 19.456315] dump_stack_lvl+0x8c/0xd0 [ 19.456454] print_report+0x118/0x608 [ 19.456529] kasan_report+0xdc/0x128 [ 19.456585] __asan_report_load8_noabort+0x20/0x30 [ 19.456647] kasan_atomics_helper+0x3f58/0x4858 [ 19.456745] kasan_atomics+0x198/0x2e0 [ 19.456796] kunit_try_run_case+0x170/0x3f0 [ 19.456844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457164] kthread+0x328/0x630 [ 19.457229] ret_from_fork+0x10/0x20 [ 19.457629] [ 19.457663] Allocated by task 266: [ 19.457699] kasan_save_stack+0x3c/0x68 [ 19.458017] kasan_save_track+0x20/0x40 [ 19.458105] kasan_save_alloc_info+0x40/0x58 [ 19.458193] __kasan_kmalloc+0xd4/0xd8 [ 19.458383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.458713] kasan_atomics+0xb8/0x2e0 [ 19.458770] kunit_try_run_case+0x170/0x3f0 [ 19.458810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.458856] kthread+0x328/0x630 [ 19.459175] ret_from_fork+0x10/0x20 [ 19.460779] [ 19.460852] The buggy address belongs to the object at fff00000c76cc400 [ 19.460852] which belongs to the cache kmalloc-64 of size 64 [ 19.461203] The buggy address is located 0 bytes to the right of [ 19.461203] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.461651] [ 19.461857] The buggy address belongs to the physical page: [ 19.461904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.461975] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.462027] page_type: f5(slab) [ 19.462071] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.462570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.462752] page dumped because: kasan: bad access detected [ 19.462840] [ 19.462861] Memory state around the buggy address: [ 19.462902] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.463119] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.463312] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.463616] ^ [ 19.463697] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.463805] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.463875] ================================================================== [ 19.434233] ================================================================== [ 19.434286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.434336] Write of size 4 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.434386] [ 19.434417] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.434500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.434527] Hardware name: linux,dummy-virt (DT) [ 19.434559] Call trace: [ 19.434582] show_stack+0x20/0x38 (C) [ 19.434628] dump_stack_lvl+0x8c/0xd0 [ 19.434676] print_report+0x118/0x608 [ 19.434721] kasan_report+0xdc/0x128 [ 19.434769] kasan_check_range+0x100/0x1a8 [ 19.434816] __kasan_check_write+0x20/0x30 [ 19.434860] kasan_atomics_helper+0xd3c/0x4858 [ 19.434922] kasan_atomics+0x198/0x2e0 [ 19.434969] kunit_try_run_case+0x170/0x3f0 [ 19.435018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.435071] kthread+0x328/0x630 [ 19.435114] ret_from_fork+0x10/0x20 [ 19.435162] [ 19.435185] Allocated by task 266: [ 19.435214] kasan_save_stack+0x3c/0x68 [ 19.435267] kasan_save_track+0x20/0x40 [ 19.435311] kasan_save_alloc_info+0x40/0x58 [ 19.435440] __kasan_kmalloc+0xd4/0xd8 [ 19.435485] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.435548] kasan_atomics+0xb8/0x2e0 [ 19.435586] kunit_try_run_case+0x170/0x3f0 [ 19.435627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.435692] kthread+0x328/0x630 [ 19.435726] ret_from_fork+0x10/0x20 [ 19.435765] [ 19.435788] The buggy address belongs to the object at fff00000c76cc400 [ 19.435788] which belongs to the cache kmalloc-64 of size 64 [ 19.436486] The buggy address is located 0 bytes to the right of [ 19.436486] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.436679] [ 19.436704] The buggy address belongs to the physical page: [ 19.436996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.437176] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.437477] page_type: f5(slab) [ 19.437772] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.437834] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.437887] page dumped because: kasan: bad access detected [ 19.437943] [ 19.437974] Memory state around the buggy address: [ 19.438055] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.438394] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.438510] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.438640] ^ [ 19.438701] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.439003] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.439078] ================================================================== [ 19.672485] ================================================================== [ 19.672653] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.672714] Read of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.672851] [ 19.672905] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.673150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.673297] Hardware name: linux,dummy-virt (DT) [ 19.673339] Call trace: [ 19.673371] show_stack+0x20/0x38 (C) [ 19.673585] dump_stack_lvl+0x8c/0xd0 [ 19.673803] print_report+0x118/0x608 [ 19.673940] kasan_report+0xdc/0x128 [ 19.673994] __asan_report_load8_noabort+0x20/0x30 [ 19.674142] kasan_atomics_helper+0x3e20/0x4858 [ 19.674216] kasan_atomics+0x198/0x2e0 [ 19.674401] kunit_try_run_case+0x170/0x3f0 [ 19.674656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.674820] kthread+0x328/0x630 [ 19.675166] ret_from_fork+0x10/0x20 [ 19.675308] [ 19.675359] Allocated by task 266: [ 19.675541] kasan_save_stack+0x3c/0x68 [ 19.675787] kasan_save_track+0x20/0x40 [ 19.675858] kasan_save_alloc_info+0x40/0x58 [ 19.676205] __kasan_kmalloc+0xd4/0xd8 [ 19.676246] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.676287] kasan_atomics+0xb8/0x2e0 [ 19.676323] kunit_try_run_case+0x170/0x3f0 [ 19.676362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.676406] kthread+0x328/0x630 [ 19.676442] ret_from_fork+0x10/0x20 [ 19.676479] [ 19.676500] The buggy address belongs to the object at fff00000c76cc400 [ 19.676500] which belongs to the cache kmalloc-64 of size 64 [ 19.676561] The buggy address is located 0 bytes to the right of [ 19.676561] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.676674] [ 19.676722] The buggy address belongs to the physical page: [ 19.676779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.676997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.677066] page_type: f5(slab) [ 19.677219] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.677356] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.677414] page dumped because: kasan: bad access detected [ 19.677448] [ 19.677468] Memory state around the buggy address: [ 19.677765] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.678192] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.678266] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.678330] ^ [ 19.678366] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.678773] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.678862] ================================================================== [ 19.520094] ================================================================== [ 19.520159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.520211] Write of size 8 at addr fff00000c76cc430 by task kunit_try_catch/266 [ 19.520758] [ 19.520811] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.520896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.521225] Hardware name: linux,dummy-virt (DT) [ 19.521276] Call trace: [ 19.521356] show_stack+0x20/0x38 (C) [ 19.521498] dump_stack_lvl+0x8c/0xd0 [ 19.521546] print_report+0x118/0x608 [ 19.521594] kasan_report+0xdc/0x128 [ 19.521639] kasan_check_range+0x100/0x1a8 [ 19.522024] __kasan_check_write+0x20/0x30 [ 19.522094] kasan_atomics_helper+0x10c0/0x4858 [ 19.522146] kasan_atomics+0x198/0x2e0 [ 19.522193] kunit_try_run_case+0x170/0x3f0 [ 19.522532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.522863] kthread+0x328/0x630 [ 19.522927] ret_from_fork+0x10/0x20 [ 19.523130] [ 19.523205] Allocated by task 266: [ 19.523297] kasan_save_stack+0x3c/0x68 [ 19.523555] kasan_save_track+0x20/0x40 [ 19.523758] kasan_save_alloc_info+0x40/0x58 [ 19.523834] __kasan_kmalloc+0xd4/0xd8 [ 19.524037] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.524452] kasan_atomics+0xb8/0x2e0 [ 19.524524] kunit_try_run_case+0x170/0x3f0 [ 19.524704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.525098] kthread+0x328/0x630 [ 19.525170] ret_from_fork+0x10/0x20 [ 19.525241] [ 19.525322] The buggy address belongs to the object at fff00000c76cc400 [ 19.525322] which belongs to the cache kmalloc-64 of size 64 [ 19.525635] The buggy address is located 0 bytes to the right of [ 19.525635] allocated 48-byte region [fff00000c76cc400, fff00000c76cc430) [ 19.525850] [ 19.525875] The buggy address belongs to the physical page: [ 19.526281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076cc [ 19.526667] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.526794] page_type: f5(slab) [ 19.526839] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.526931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.526976] page dumped because: kasan: bad access detected [ 19.527433] [ 19.527518] Memory state around the buggy address: [ 19.527717] fff00000c76cc300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.528094] fff00000c76cc380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.528219] >fff00000c76cc400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.528585] ^ [ 19.528655] fff00000c76cc480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.529060] fff00000c76cc500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.529132] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.991145] ================================================================== [ 18.991264] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.991339] Read of size 1 at addr fff00000c76c8890 by task kunit_try_catch/260 [ 18.991652] [ 18.991749] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.991840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.991940] Hardware name: linux,dummy-virt (DT) [ 18.991975] Call trace: [ 18.992025] show_stack+0x20/0x38 (C) [ 18.992219] dump_stack_lvl+0x8c/0xd0 [ 18.992366] print_report+0x118/0x608 [ 18.992424] kasan_report+0xdc/0x128 [ 18.992472] __asan_report_load1_noabort+0x20/0x30 [ 18.992524] strnlen+0x80/0x88 [ 18.992835] kasan_strings+0x478/0xb00 [ 18.992907] kunit_try_run_case+0x170/0x3f0 [ 18.993224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.993293] kthread+0x328/0x630 [ 18.993337] ret_from_fork+0x10/0x20 [ 18.993522] [ 18.993675] Allocated by task 260: [ 18.993736] kasan_save_stack+0x3c/0x68 [ 18.993862] kasan_save_track+0x20/0x40 [ 18.993906] kasan_save_alloc_info+0x40/0x58 [ 18.993962] __kasan_kmalloc+0xd4/0xd8 [ 18.994362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.994449] kasan_strings+0xc8/0xb00 [ 18.994517] kunit_try_run_case+0x170/0x3f0 [ 18.994566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.994939] kthread+0x328/0x630 [ 18.995050] ret_from_fork+0x10/0x20 [ 18.995194] [ 18.995282] Freed by task 260: [ 18.995373] kasan_save_stack+0x3c/0x68 [ 18.995711] kasan_save_track+0x20/0x40 [ 18.995805] kasan_save_free_info+0x4c/0x78 [ 18.995850] __kasan_slab_free+0x6c/0x98 [ 18.995889] kfree+0x214/0x3c8 [ 18.995936] kasan_strings+0x24c/0xb00 [ 18.995972] kunit_try_run_case+0x170/0x3f0 [ 18.996011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.996069] kthread+0x328/0x630 [ 18.996104] ret_from_fork+0x10/0x20 [ 18.996144] [ 18.996165] The buggy address belongs to the object at fff00000c76c8880 [ 18.996165] which belongs to the cache kmalloc-32 of size 32 [ 18.996232] The buggy address is located 16 bytes inside of [ 18.996232] freed 32-byte region [fff00000c76c8880, fff00000c76c88a0) [ 18.996311] [ 18.996340] The buggy address belongs to the physical page: [ 18.996382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.996448] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.996507] page_type: f5(slab) [ 18.996547] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.996610] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.996657] page dumped because: kasan: bad access detected [ 18.996709] [ 18.996747] Memory state around the buggy address: [ 18.996783] fff00000c76c8780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.996843] fff00000c76c8800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.996888] >fff00000c76c8880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.996938] ^ [ 18.996970] fff00000c76c8900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.997013] fff00000c76c8980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.997067] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.981638] ================================================================== [ 18.981932] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.982058] Read of size 1 at addr fff00000c76c8890 by task kunit_try_catch/260 [ 18.982227] [ 18.982274] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.982470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.982608] Hardware name: linux,dummy-virt (DT) [ 18.982740] Call trace: [ 18.982764] show_stack+0x20/0x38 (C) [ 18.982823] dump_stack_lvl+0x8c/0xd0 [ 18.982873] print_report+0x118/0x608 [ 18.982932] kasan_report+0xdc/0x128 [ 18.982980] __asan_report_load1_noabort+0x20/0x30 [ 18.983034] strlen+0xa8/0xb0 [ 18.983075] kasan_strings+0x418/0xb00 [ 18.983120] kunit_try_run_case+0x170/0x3f0 [ 18.983529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.983651] kthread+0x328/0x630 [ 18.983859] ret_from_fork+0x10/0x20 [ 18.984036] [ 18.984058] Allocated by task 260: [ 18.984143] kasan_save_stack+0x3c/0x68 [ 18.984471] kasan_save_track+0x20/0x40 [ 18.984555] kasan_save_alloc_info+0x40/0x58 [ 18.984750] __kasan_kmalloc+0xd4/0xd8 [ 18.984922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.984968] kasan_strings+0xc8/0xb00 [ 18.985179] kunit_try_run_case+0x170/0x3f0 [ 18.986047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.986166] kthread+0x328/0x630 [ 18.986270] ret_from_fork+0x10/0x20 [ 18.986372] [ 18.986471] Freed by task 260: [ 18.986520] kasan_save_stack+0x3c/0x68 [ 18.986562] kasan_save_track+0x20/0x40 [ 18.986600] kasan_save_free_info+0x4c/0x78 [ 18.986641] __kasan_slab_free+0x6c/0x98 [ 18.986680] kfree+0x214/0x3c8 [ 18.986715] kasan_strings+0x24c/0xb00 [ 18.986751] kunit_try_run_case+0x170/0x3f0 [ 18.987002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.987122] kthread+0x328/0x630 [ 18.987305] ret_from_fork+0x10/0x20 [ 18.987447] [ 18.987536] The buggy address belongs to the object at fff00000c76c8880 [ 18.987536] which belongs to the cache kmalloc-32 of size 32 [ 18.987695] The buggy address is located 16 bytes inside of [ 18.987695] freed 32-byte region [fff00000c76c8880, fff00000c76c88a0) [ 18.987794] [ 18.988084] The buggy address belongs to the physical page: [ 18.988182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.988774] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.988857] page_type: f5(slab) [ 18.988978] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.989142] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.989325] page dumped because: kasan: bad access detected [ 18.989366] [ 18.989387] Memory state around the buggy address: [ 18.989458] fff00000c76c8780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.989513] fff00000c76c8800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.989559] >fff00000c76c8880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.989607] ^ [ 18.989639] fff00000c76c8900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.989685] fff00000c76c8980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.989726] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.972447] ================================================================== [ 18.972503] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.972556] Read of size 1 at addr fff00000c76c8890 by task kunit_try_catch/260 [ 18.972980] [ 18.973105] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.973320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.973405] Hardware name: linux,dummy-virt (DT) [ 18.973440] Call trace: [ 18.973471] show_stack+0x20/0x38 (C) [ 18.973524] dump_stack_lvl+0x8c/0xd0 [ 18.973739] print_report+0x118/0x608 [ 18.973963] kasan_report+0xdc/0x128 [ 18.974122] __asan_report_load1_noabort+0x20/0x30 [ 18.974293] kasan_strings+0x95c/0xb00 [ 18.974442] kunit_try_run_case+0x170/0x3f0 [ 18.974495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.974550] kthread+0x328/0x630 [ 18.974928] ret_from_fork+0x10/0x20 [ 18.975168] [ 18.975258] Allocated by task 260: [ 18.975363] kasan_save_stack+0x3c/0x68 [ 18.975462] kasan_save_track+0x20/0x40 [ 18.975515] kasan_save_alloc_info+0x40/0x58 [ 18.975861] __kasan_kmalloc+0xd4/0xd8 [ 18.976003] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.976106] kasan_strings+0xc8/0xb00 [ 18.976264] kunit_try_run_case+0x170/0x3f0 [ 18.976362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.976473] kthread+0x328/0x630 [ 18.976509] ret_from_fork+0x10/0x20 [ 18.976587] [ 18.976645] Freed by task 260: [ 18.976982] kasan_save_stack+0x3c/0x68 [ 18.977059] kasan_save_track+0x20/0x40 [ 18.977218] kasan_save_free_info+0x4c/0x78 [ 18.977359] __kasan_slab_free+0x6c/0x98 [ 18.977458] kfree+0x214/0x3c8 [ 18.977500] kasan_strings+0x24c/0xb00 [ 18.977693] kunit_try_run_case+0x170/0x3f0 [ 18.977953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.978089] kthread+0x328/0x630 [ 18.978169] ret_from_fork+0x10/0x20 [ 18.978226] [ 18.978254] The buggy address belongs to the object at fff00000c76c8880 [ 18.978254] which belongs to the cache kmalloc-32 of size 32 [ 18.978452] The buggy address is located 16 bytes inside of [ 18.978452] freed 32-byte region [fff00000c76c8880, fff00000c76c88a0) [ 18.978989] [ 18.979072] The buggy address belongs to the physical page: [ 18.979199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.979518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.979630] page_type: f5(slab) [ 18.979699] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.979751] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.979841] page dumped because: kasan: bad access detected [ 18.979884] [ 18.979903] Memory state around the buggy address: [ 18.979958] fff00000c76c8780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.980016] fff00000c76c8800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.980062] >fff00000c76c8880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.980104] ^ [ 18.980142] fff00000c76c8900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.980187] fff00000c76c8980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.980235] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.963752] ================================================================== [ 18.963820] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.964350] Read of size 1 at addr fff00000c76c8890 by task kunit_try_catch/260 [ 18.964497] [ 18.964540] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.964759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.964965] Hardware name: linux,dummy-virt (DT) [ 18.965017] Call trace: [ 18.965043] show_stack+0x20/0x38 (C) [ 18.965159] dump_stack_lvl+0x8c/0xd0 [ 18.965213] print_report+0x118/0x608 [ 18.965264] kasan_report+0xdc/0x128 [ 18.965428] __asan_report_load1_noabort+0x20/0x30 [ 18.965490] strcmp+0xc0/0xc8 [ 18.965533] kasan_strings+0x340/0xb00 [ 18.965578] kunit_try_run_case+0x170/0x3f0 [ 18.965630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.966008] kthread+0x328/0x630 [ 18.966106] ret_from_fork+0x10/0x20 [ 18.966428] [ 18.966555] Allocated by task 260: [ 18.966776] kasan_save_stack+0x3c/0x68 [ 18.966937] kasan_save_track+0x20/0x40 [ 18.966983] kasan_save_alloc_info+0x40/0x58 [ 18.967083] __kasan_kmalloc+0xd4/0xd8 [ 18.967263] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.967328] kasan_strings+0xc8/0xb00 [ 18.967484] kunit_try_run_case+0x170/0x3f0 [ 18.967571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.967621] kthread+0x328/0x630 [ 18.967656] ret_from_fork+0x10/0x20 [ 18.967694] [ 18.967735] Freed by task 260: [ 18.967764] kasan_save_stack+0x3c/0x68 [ 18.967807] kasan_save_track+0x20/0x40 [ 18.967863] kasan_save_free_info+0x4c/0x78 [ 18.967905] __kasan_slab_free+0x6c/0x98 [ 18.967957] kfree+0x214/0x3c8 [ 18.968007] kasan_strings+0x24c/0xb00 [ 18.968045] kunit_try_run_case+0x170/0x3f0 [ 18.968093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.968139] kthread+0x328/0x630 [ 18.968172] ret_from_fork+0x10/0x20 [ 18.968222] [ 18.968252] The buggy address belongs to the object at fff00000c76c8880 [ 18.968252] which belongs to the cache kmalloc-32 of size 32 [ 18.968313] The buggy address is located 16 bytes inside of [ 18.968313] freed 32-byte region [fff00000c76c8880, fff00000c76c88a0) [ 18.968378] [ 18.968401] The buggy address belongs to the physical page: [ 18.968435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.968508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.969168] page_type: f5(slab) [ 18.969247] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.969319] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.969395] page dumped because: kasan: bad access detected [ 18.969567] [ 18.969694] Memory state around the buggy address: [ 18.969739] fff00000c76c8780: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.970116] fff00000c76c8800: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.970267] >fff00000c76c8880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.970468] ^ [ 18.970639] fff00000c76c8900: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.971044] fff00000c76c8980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.971184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.938011] ================================================================== [ 18.938220] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.938360] Read of size 1 at addr fff00000c76c8718 by task kunit_try_catch/258 [ 18.938492] [ 18.938536] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.938623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.939001] Hardware name: linux,dummy-virt (DT) [ 18.939122] Call trace: [ 18.939183] show_stack+0x20/0x38 (C) [ 18.939379] dump_stack_lvl+0x8c/0xd0 [ 18.939623] print_report+0x118/0x608 [ 18.939728] kasan_report+0xdc/0x128 [ 18.939836] __asan_report_load1_noabort+0x20/0x30 [ 18.939930] memcmp+0x198/0x1d8 [ 18.940109] kasan_memcmp+0x16c/0x300 [ 18.940328] kunit_try_run_case+0x170/0x3f0 [ 18.940389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.940757] kthread+0x328/0x630 [ 18.940881] ret_from_fork+0x10/0x20 [ 18.941008] [ 18.941425] Allocated by task 258: [ 18.941540] kasan_save_stack+0x3c/0x68 [ 18.941627] kasan_save_track+0x20/0x40 [ 18.941841] kasan_save_alloc_info+0x40/0x58 [ 18.941885] __kasan_kmalloc+0xd4/0xd8 [ 18.942091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.942287] kasan_memcmp+0xbc/0x300 [ 18.942458] kunit_try_run_case+0x170/0x3f0 [ 18.942589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.942676] kthread+0x328/0x630 [ 18.942757] ret_from_fork+0x10/0x20 [ 18.942874] [ 18.942917] The buggy address belongs to the object at fff00000c76c8700 [ 18.942917] which belongs to the cache kmalloc-32 of size 32 [ 18.943114] The buggy address is located 0 bytes to the right of [ 18.943114] allocated 24-byte region [fff00000c76c8700, fff00000c76c8718) [ 18.943313] [ 18.943377] The buggy address belongs to the physical page: [ 18.943449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c8 [ 18.943554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.943677] page_type: f5(slab) [ 18.943753] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.943880] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.943945] page dumped because: kasan: bad access detected [ 18.943979] [ 18.944038] Memory state around the buggy address: [ 18.944228] fff00000c76c8600: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 18.944418] fff00000c76c8680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.944576] >fff00000c76c8700: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.944673] ^ [ 18.944797] fff00000c76c8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.944862] fff00000c76c8800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.945060] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.908882] ================================================================== [ 18.908959] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.909318] Read of size 1 at addr ffff800080a57b4a by task kunit_try_catch/254 [ 18.909530] [ 18.909571] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.909877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.909932] Hardware name: linux,dummy-virt (DT) [ 18.909967] Call trace: [ 18.910051] show_stack+0x20/0x38 (C) [ 18.910139] dump_stack_lvl+0x8c/0xd0 [ 18.910469] print_report+0x310/0x608 [ 18.910627] kasan_report+0xdc/0x128 [ 18.910735] __asan_report_load1_noabort+0x20/0x30 [ 18.911075] kasan_alloca_oob_right+0x2dc/0x340 [ 18.911231] kunit_try_run_case+0x170/0x3f0 [ 18.911414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.911574] kthread+0x328/0x630 [ 18.911620] ret_from_fork+0x10/0x20 [ 18.911977] [ 18.912021] The buggy address belongs to stack of task kunit_try_catch/254 [ 18.912079] [ 18.912447] The buggy address belongs to the virtual mapping at [ 18.912447] [ffff800080a50000, ffff800080a59000) created by: [ 18.912447] kernel_clone+0x150/0x7a8 [ 18.912549] [ 18.912581] The buggy address belongs to the physical page: [ 18.912899] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107767 [ 18.913300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.913401] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.913523] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.913761] page dumped because: kasan: bad access detected [ 18.913964] [ 18.914026] Memory state around the buggy address: [ 18.914129] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.914236] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.914387] >ffff800080a57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.914431] ^ [ 18.914470] ffff800080a57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.914812] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.914964] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.896015] ================================================================== [ 18.896125] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.896338] Read of size 1 at addr ffff800080a67b5f by task kunit_try_catch/252 [ 18.896543] [ 18.896749] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.896968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897034] Hardware name: linux,dummy-virt (DT) [ 18.897074] Call trace: [ 18.897122] show_stack+0x20/0x38 (C) [ 18.897234] dump_stack_lvl+0x8c/0xd0 [ 18.897312] print_report+0x310/0x608 [ 18.897367] kasan_report+0xdc/0x128 [ 18.897447] __asan_report_load1_noabort+0x20/0x30 [ 18.897501] kasan_alloca_oob_left+0x2b8/0x310 [ 18.897586] kunit_try_run_case+0x170/0x3f0 [ 18.897641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.897694] kthread+0x328/0x630 [ 18.897887] ret_from_fork+0x10/0x20 [ 18.897969] [ 18.897993] The buggy address belongs to stack of task kunit_try_catch/252 [ 18.898227] [ 18.898264] The buggy address belongs to the virtual mapping at [ 18.898264] [ffff800080a60000, ffff800080a69000) created by: [ 18.898264] kernel_clone+0x150/0x7a8 [ 18.898690] [ 18.898782] The buggy address belongs to the physical page: [ 18.898943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.899017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.899206] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.899266] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.899310] page dumped because: kasan: bad access detected [ 18.899698] [ 18.900009] Memory state around the buggy address: [ 18.900101] ffff800080a67a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.900153] ffff800080a67a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.900532] >ffff800080a67b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.900637] ^ [ 18.900977] ffff800080a67b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.901201] ffff800080a67c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.901289] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.876763] ================================================================== [ 18.876847] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.877164] Read of size 1 at addr ffff800080a67c2a by task kunit_try_catch/250 [ 18.877259] [ 18.877502] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.877605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.877632] Hardware name: linux,dummy-virt (DT) [ 18.878071] Call trace: [ 18.878468] show_stack+0x20/0x38 (C) [ 18.878607] dump_stack_lvl+0x8c/0xd0 [ 18.878662] print_report+0x310/0x608 [ 18.879006] kasan_report+0xdc/0x128 [ 18.879105] __asan_report_load1_noabort+0x20/0x30 [ 18.879274] kasan_stack_oob+0x238/0x270 [ 18.879878] kunit_try_run_case+0x170/0x3f0 [ 18.880122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.880411] kthread+0x328/0x630 [ 18.880584] ret_from_fork+0x10/0x20 [ 18.881084] [ 18.881315] The buggy address belongs to stack of task kunit_try_catch/250 [ 18.882080] and is located at offset 138 in frame: [ 18.882202] kasan_stack_oob+0x0/0x270 [ 18.882522] [ 18.882920] This frame has 4 objects: [ 18.883398] [48, 49) '__assertion' [ 18.883467] [64, 72) 'array' [ 18.883698] [96, 112) '__assertion' [ 18.883973] [128, 138) 'stack_array' [ 18.884202] [ 18.884260] The buggy address belongs to the virtual mapping at [ 18.884260] [ffff800080a60000, ffff800080a69000) created by: [ 18.884260] kernel_clone+0x150/0x7a8 [ 18.884428] [ 18.884463] The buggy address belongs to the physical page: [ 18.884524] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.884920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.885171] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.885283] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.885413] page dumped because: kasan: bad access detected [ 18.885450] [ 18.885523] Memory state around the buggy address: [ 18.885687] ffff800080a67b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.885778] ffff800080a67b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.885966] >ffff800080a67c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.886143] ^ [ 18.886184] ffff800080a67c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.886516] ffff800080a67d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.886568] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.847165] ================================================================== [ 18.847613] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.847684] Read of size 1 at addr ffff9c72c874f58d by task kunit_try_catch/246 [ 18.847793] [ 18.847871] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.847976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.848268] Hardware name: linux,dummy-virt (DT) [ 18.848339] Call trace: [ 18.848389] show_stack+0x20/0x38 (C) [ 18.848452] dump_stack_lvl+0x8c/0xd0 [ 18.848571] print_report+0x310/0x608 [ 18.848638] kasan_report+0xdc/0x128 [ 18.848684] __asan_report_load1_noabort+0x20/0x30 [ 18.849023] kasan_global_oob_right+0x230/0x270 [ 18.849125] kunit_try_run_case+0x170/0x3f0 [ 18.849179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.849231] kthread+0x328/0x630 [ 18.849273] ret_from_fork+0x10/0x20 [ 18.849635] [ 18.849713] The buggy address belongs to the variable: [ 18.849857] global_array+0xd/0x40 [ 18.849929] [ 18.850331] The buggy address belongs to the virtual mapping at [ 18.850331] [ffff9c72c6900000, ffff9c72c8801000) created by: [ 18.850331] paging_init+0x66c/0x7d0 [ 18.850740] [ 18.851042] The buggy address belongs to the physical page: [ 18.851096] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.851335] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.851759] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.851827] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.851954] page dumped because: kasan: bad access detected [ 18.852305] [ 18.852420] Memory state around the buggy address: [ 18.852525] ffff9c72c874f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.852670] ffff9c72c874f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.852852] >ffff9c72c874f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.853001] ^ [ 18.853092] ffff9c72c874f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.853213] ffff9c72c874f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.853454] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.815677] ================================================================== [ 18.815884] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.815996] Free of addr fff00000c7729e01 by task kunit_try_catch/242 [ 18.816314] [ 18.816358] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.816440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.816696] Hardware name: linux,dummy-virt (DT) [ 18.816792] Call trace: [ 18.816819] show_stack+0x20/0x38 (C) [ 18.816872] dump_stack_lvl+0x8c/0xd0 [ 18.816933] print_report+0x118/0x608 [ 18.817490] kasan_report_invalid_free+0xc0/0xe8 [ 18.817575] check_slab_allocation+0xfc/0x108 [ 18.817624] __kasan_mempool_poison_object+0x78/0x150 [ 18.817676] mempool_free+0x28c/0x328 [ 18.817721] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.818068] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.818143] kunit_try_run_case+0x170/0x3f0 [ 18.818194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818495] kthread+0x328/0x630 [ 18.818670] ret_from_fork+0x10/0x20 [ 18.818732] [ 18.818750] Allocated by task 242: [ 18.819149] kasan_save_stack+0x3c/0x68 [ 18.819253] kasan_save_track+0x20/0x40 [ 18.819434] kasan_save_alloc_info+0x40/0x58 [ 18.819633] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.819705] remove_element+0x130/0x1f8 [ 18.819879] mempool_alloc_preallocated+0x58/0xc0 [ 18.820193] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.820329] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.820434] kunit_try_run_case+0x170/0x3f0 [ 18.820490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.820827] kthread+0x328/0x630 [ 18.821028] ret_from_fork+0x10/0x20 [ 18.821134] [ 18.821473] The buggy address belongs to the object at fff00000c7729e00 [ 18.821473] which belongs to the cache kmalloc-128 of size 128 [ 18.821552] The buggy address is located 1 bytes inside of [ 18.821552] 128-byte region [fff00000c7729e00, fff00000c7729e80) [ 18.821710] [ 18.821750] The buggy address belongs to the physical page: [ 18.821811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107729 [ 18.822215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.822360] page_type: f5(slab) [ 18.822425] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.822488] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.822529] page dumped because: kasan: bad access detected [ 18.822881] [ 18.822954] Memory state around the buggy address: [ 18.823049] fff00000c7729d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.823143] fff00000c7729d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823223] >fff00000c7729e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.823262] ^ [ 18.823440] fff00000c7729e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823628] fff00000c7729f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.824013] ================================================================== [ 18.832683] ================================================================== [ 18.832808] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.832903] Free of addr fff00000c7858001 by task kunit_try_catch/244 [ 18.833135] [ 18.833276] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.833365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.833392] Hardware name: linux,dummy-virt (DT) [ 18.833458] Call trace: [ 18.833483] show_stack+0x20/0x38 (C) [ 18.833536] dump_stack_lvl+0x8c/0xd0 [ 18.833694] print_report+0x118/0x608 [ 18.833746] kasan_report_invalid_free+0xc0/0xe8 [ 18.833844] __kasan_mempool_poison_object+0xfc/0x150 [ 18.833897] mempool_free+0x28c/0x328 [ 18.834330] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.834512] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.834683] kunit_try_run_case+0x170/0x3f0 [ 18.834907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.835124] kthread+0x328/0x630 [ 18.835301] ret_from_fork+0x10/0x20 [ 18.835515] [ 18.835594] The buggy address belongs to the physical page: [ 18.835667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107858 [ 18.835834] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.835893] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.836281] page_type: f8(unknown) [ 18.836329] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.836654] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.836748] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.836902] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.837112] head: 0bfffe0000000002 ffffc1ffc31e1601 00000000ffffffff 00000000ffffffff [ 18.837189] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.837242] page dumped because: kasan: bad access detected [ 18.837462] [ 18.837674] Memory state around the buggy address: [ 18.837754] fff00000c7857f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.837908] fff00000c7857f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.838015] >fff00000c7858000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.838169] ^ [ 18.838200] fff00000c7858080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.838454] fff00000c7858100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.838566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.765156] ================================================================== [ 18.765422] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.765491] Free of addr fff00000c7729a00 by task kunit_try_catch/236 [ 18.765588] [ 18.765624] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.765826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.765856] Hardware name: linux,dummy-virt (DT) [ 18.765888] Call trace: [ 18.766074] show_stack+0x20/0x38 (C) [ 18.766259] dump_stack_lvl+0x8c/0xd0 [ 18.766395] print_report+0x118/0x608 [ 18.766571] kasan_report_invalid_free+0xc0/0xe8 [ 18.766738] check_slab_allocation+0xd4/0x108 [ 18.766961] __kasan_mempool_poison_object+0x78/0x150 [ 18.767355] mempool_free+0x28c/0x328 [ 18.767474] mempool_double_free_helper+0x150/0x2e8 [ 18.767679] mempool_kmalloc_double_free+0xc0/0x118 [ 18.767839] kunit_try_run_case+0x170/0x3f0 [ 18.767898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.768101] kthread+0x328/0x630 [ 18.768547] ret_from_fork+0x10/0x20 [ 18.768714] [ 18.768855] Allocated by task 236: [ 18.768973] kasan_save_stack+0x3c/0x68 [ 18.769103] kasan_save_track+0x20/0x40 [ 18.769198] kasan_save_alloc_info+0x40/0x58 [ 18.769237] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.769466] remove_element+0x130/0x1f8 [ 18.770998] mempool_alloc_preallocated+0x58/0xc0 [ 18.772564] mempool_double_free_helper+0x94/0x2e8 [ 18.773184] mempool_kmalloc_double_free+0xc0/0x118 [ 18.773232] kunit_try_run_case+0x170/0x3f0 [ 18.773270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.773315] kthread+0x328/0x630 [ 18.773348] ret_from_fork+0x10/0x20 [ 18.773385] [ 18.773405] Freed by task 236: [ 18.773434] kasan_save_stack+0x3c/0x68 [ 18.773472] kasan_save_track+0x20/0x40 [ 18.773510] kasan_save_free_info+0x4c/0x78 [ 18.773553] __kasan_mempool_poison_object+0xc0/0x150 [ 18.773596] mempool_free+0x28c/0x328 [ 18.773629] mempool_double_free_helper+0x100/0x2e8 [ 18.773670] mempool_kmalloc_double_free+0xc0/0x118 [ 18.773709] kunit_try_run_case+0x170/0x3f0 [ 18.773745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.773788] kthread+0x328/0x630 [ 18.773820] ret_from_fork+0x10/0x20 [ 18.773856] [ 18.773878] The buggy address belongs to the object at fff00000c7729a00 [ 18.773878] which belongs to the cache kmalloc-128 of size 128 [ 18.775357] The buggy address is located 0 bytes inside of [ 18.775357] 128-byte region [fff00000c7729a00, fff00000c7729a80) [ 18.775429] [ 18.775450] The buggy address belongs to the physical page: [ 18.775836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107729 [ 18.775905] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.775982] page_type: f5(slab) [ 18.776024] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.776075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.776116] page dumped because: kasan: bad access detected [ 18.776147] [ 18.776164] Memory state around the buggy address: [ 18.776196] fff00000c7729900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.776239] fff00000c7729980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.776283] >fff00000c7729a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.776320] ^ [ 18.776346] fff00000c7729a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.776387] fff00000c7729b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.776426] ================================================================== [ 18.801939] ================================================================== [ 18.802003] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.802054] Free of addr fff00000c7858000 by task kunit_try_catch/240 [ 18.802326] [ 18.802507] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.802714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.802743] Hardware name: linux,dummy-virt (DT) [ 18.803018] Call trace: [ 18.803112] show_stack+0x20/0x38 (C) [ 18.803414] dump_stack_lvl+0x8c/0xd0 [ 18.803505] print_report+0x118/0x608 [ 18.803595] kasan_report_invalid_free+0xc0/0xe8 [ 18.803938] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.804064] mempool_free+0x24c/0x328 [ 18.804113] mempool_double_free_helper+0x150/0x2e8 [ 18.804502] mempool_page_alloc_double_free+0xbc/0x118 [ 18.804696] kunit_try_run_case+0x170/0x3f0 [ 18.804980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.805110] kthread+0x328/0x630 [ 18.805238] ret_from_fork+0x10/0x20 [ 18.805339] [ 18.805534] The buggy address belongs to the physical page: [ 18.805730] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107858 [ 18.805817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.806040] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.806261] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.806346] page dumped because: kasan: bad access detected [ 18.806475] [ 18.806512] Memory state around the buggy address: [ 18.806547] fff00000c7857f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.806594] fff00000c7857f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.806817] >fff00000c7858000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.807011] ^ [ 18.807126] fff00000c7858080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.807236] fff00000c7858100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.807392] ================================================================== [ 18.788050] ================================================================== [ 18.788311] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.788414] Free of addr fff00000c783c000 by task kunit_try_catch/238 [ 18.788684] [ 18.788801] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.788889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.789017] Hardware name: linux,dummy-virt (DT) [ 18.789057] Call trace: [ 18.789106] show_stack+0x20/0x38 (C) [ 18.789318] dump_stack_lvl+0x8c/0xd0 [ 18.789370] print_report+0x118/0x608 [ 18.789423] kasan_report_invalid_free+0xc0/0xe8 [ 18.789743] __kasan_mempool_poison_object+0x14c/0x150 [ 18.789822] mempool_free+0x28c/0x328 [ 18.789867] mempool_double_free_helper+0x150/0x2e8 [ 18.789977] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.790085] kunit_try_run_case+0x170/0x3f0 [ 18.790257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.790377] kthread+0x328/0x630 [ 18.790419] ret_from_fork+0x10/0x20 [ 18.790468] [ 18.790490] The buggy address belongs to the physical page: [ 18.790836] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 18.791047] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.791162] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.791513] page_type: f8(unknown) [ 18.791603] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.792032] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.792227] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.792471] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.792549] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 18.792704] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.792791] page dumped because: kasan: bad access detected [ 18.792954] [ 18.793016] Memory state around the buggy address: [ 18.793103] fff00000c783bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.793254] fff00000c783bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.793461] >fff00000c783c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.793611] ^ [ 18.793699] fff00000c783c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.793861] fff00000c783c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.793943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.749308] ================================================================== [ 18.749404] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.749469] Read of size 1 at addr fff00000c783c000 by task kunit_try_catch/234 [ 18.749518] [ 18.749555] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.749648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.749675] Hardware name: linux,dummy-virt (DT) [ 18.749709] Call trace: [ 18.749737] show_stack+0x20/0x38 (C) [ 18.749787] dump_stack_lvl+0x8c/0xd0 [ 18.749832] print_report+0x118/0x608 [ 18.749878] kasan_report+0xdc/0x128 [ 18.750398] __asan_report_load1_noabort+0x20/0x30 [ 18.750851] mempool_uaf_helper+0x314/0x340 [ 18.750956] mempool_page_alloc_uaf+0xc0/0x118 [ 18.751028] kunit_try_run_case+0x170/0x3f0 [ 18.751505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.751662] kthread+0x328/0x630 [ 18.751835] ret_from_fork+0x10/0x20 [ 18.752006] [ 18.752029] The buggy address belongs to the physical page: [ 18.752118] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 18.752354] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.752843] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.752982] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.753096] page dumped because: kasan: bad access detected [ 18.753130] [ 18.753149] Memory state around the buggy address: [ 18.753379] fff00000c783bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.753573] fff00000c783bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.753701] >fff00000c783c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.753842] ^ [ 18.753946] fff00000c783c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.754167] fff00000c783c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.754411] ================================================================== [ 18.675805] ================================================================== [ 18.676236] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.676334] Read of size 1 at addr fff00000c783c000 by task kunit_try_catch/230 [ 18.676551] [ 18.676857] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.677117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.677162] Hardware name: linux,dummy-virt (DT) [ 18.677241] Call trace: [ 18.677368] show_stack+0x20/0x38 (C) [ 18.677449] dump_stack_lvl+0x8c/0xd0 [ 18.677496] print_report+0x118/0x608 [ 18.677541] kasan_report+0xdc/0x128 [ 18.677946] __asan_report_load1_noabort+0x20/0x30 [ 18.678360] mempool_uaf_helper+0x314/0x340 [ 18.678416] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.678572] kunit_try_run_case+0x170/0x3f0 [ 18.678630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.678752] kthread+0x328/0x630 [ 18.679058] ret_from_fork+0x10/0x20 [ 18.679223] [ 18.679290] The buggy address belongs to the physical page: [ 18.679517] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 18.679819] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.680100] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.680228] page_type: f8(unknown) [ 18.680735] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.681199] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.681290] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.681337] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.681387] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 18.681675] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.682095] page dumped because: kasan: bad access detected [ 18.682128] [ 18.682148] Memory state around the buggy address: [ 18.682347] fff00000c783bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.682581] fff00000c783bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.682655] >fff00000c783c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.682694] ^ [ 18.682721] fff00000c783c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.682764] fff00000c783c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.682802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.702513] ================================================================== [ 18.702578] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.702632] Read of size 1 at addr fff00000c6230240 by task kunit_try_catch/232 [ 18.702683] [ 18.702755] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.702838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.702880] Hardware name: linux,dummy-virt (DT) [ 18.702925] Call trace: [ 18.703076] show_stack+0x20/0x38 (C) [ 18.703129] dump_stack_lvl+0x8c/0xd0 [ 18.703176] print_report+0x118/0x608 [ 18.703219] kasan_report+0xdc/0x128 [ 18.703284] __asan_report_load1_noabort+0x20/0x30 [ 18.703339] mempool_uaf_helper+0x314/0x340 [ 18.703385] mempool_slab_uaf+0xc0/0x118 [ 18.703428] kunit_try_run_case+0x170/0x3f0 [ 18.703475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.703526] kthread+0x328/0x630 [ 18.703565] ret_from_fork+0x10/0x20 [ 18.703612] [ 18.703630] Allocated by task 232: [ 18.703657] kasan_save_stack+0x3c/0x68 [ 18.703715] kasan_save_track+0x20/0x40 [ 18.703795] kasan_save_alloc_info+0x40/0x58 [ 18.703865] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.703941] remove_element+0x16c/0x1f8 [ 18.704005] mempool_alloc_preallocated+0x58/0xc0 [ 18.704046] mempool_uaf_helper+0xa4/0x340 [ 18.704111] mempool_slab_uaf+0xc0/0x118 [ 18.704196] kunit_try_run_case+0x170/0x3f0 [ 18.704296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.704355] kthread+0x328/0x630 [ 18.704391] ret_from_fork+0x10/0x20 [ 18.704426] [ 18.704446] Freed by task 232: [ 18.704474] kasan_save_stack+0x3c/0x68 [ 18.704510] kasan_save_track+0x20/0x40 [ 18.704547] kasan_save_free_info+0x4c/0x78 [ 18.704588] __kasan_mempool_poison_object+0xc0/0x150 [ 18.704632] mempool_free+0x28c/0x328 [ 18.704666] mempool_uaf_helper+0x104/0x340 [ 18.704713] mempool_slab_uaf+0xc0/0x118 [ 18.704750] kunit_try_run_case+0x170/0x3f0 [ 18.704830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.704880] kthread+0x328/0x630 [ 18.704924] ret_from_fork+0x10/0x20 [ 18.704958] [ 18.704979] The buggy address belongs to the object at fff00000c6230240 [ 18.704979] which belongs to the cache test_cache of size 123 [ 18.705046] The buggy address is located 0 bytes inside of [ 18.705046] freed 123-byte region [fff00000c6230240, fff00000c62302bb) [ 18.705114] [ 18.705135] The buggy address belongs to the physical page: [ 18.705165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106230 [ 18.705216] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.705264] page_type: f5(slab) [ 18.705314] raw: 0bfffe0000000000 fff00000c77d9a00 dead000000000122 0000000000000000 [ 18.705363] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.705402] page dumped because: kasan: bad access detected [ 18.705433] [ 18.705450] Memory state around the buggy address: [ 18.705482] fff00000c6230100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.705523] fff00000c6230180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.705564] >fff00000c6230200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.705608] ^ [ 18.705642] fff00000c6230280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.705683] fff00000c6230300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.705718] ================================================================== [ 18.650521] ================================================================== [ 18.650586] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.651284] Read of size 1 at addr fff00000c7729600 by task kunit_try_catch/228 [ 18.651350] [ 18.651940] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.652181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.652942] Hardware name: linux,dummy-virt (DT) [ 18.653212] Call trace: [ 18.653239] show_stack+0x20/0x38 (C) [ 18.653596] dump_stack_lvl+0x8c/0xd0 [ 18.653774] print_report+0x118/0x608 [ 18.654068] kasan_report+0xdc/0x128 [ 18.654387] __asan_report_load1_noabort+0x20/0x30 [ 18.654460] mempool_uaf_helper+0x314/0x340 [ 18.654543] mempool_kmalloc_uaf+0xc4/0x120 [ 18.654591] kunit_try_run_case+0x170/0x3f0 [ 18.654934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.655391] kthread+0x328/0x630 [ 18.655477] ret_from_fork+0x10/0x20 [ 18.655715] [ 18.655751] Allocated by task 228: [ 18.656147] kasan_save_stack+0x3c/0x68 [ 18.656319] kasan_save_track+0x20/0x40 [ 18.656419] kasan_save_alloc_info+0x40/0x58 [ 18.656748] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.656800] remove_element+0x130/0x1f8 [ 18.656845] mempool_alloc_preallocated+0x58/0xc0 [ 18.657275] mempool_uaf_helper+0xa4/0x340 [ 18.657322] mempool_kmalloc_uaf+0xc4/0x120 [ 18.657360] kunit_try_run_case+0x170/0x3f0 [ 18.657810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.658168] kthread+0x328/0x630 [ 18.658232] ret_from_fork+0x10/0x20 [ 18.658268] [ 18.658526] Freed by task 228: [ 18.658559] kasan_save_stack+0x3c/0x68 [ 18.658600] kasan_save_track+0x20/0x40 [ 18.658754] kasan_save_free_info+0x4c/0x78 [ 18.658796] __kasan_mempool_poison_object+0xc0/0x150 [ 18.658839] mempool_free+0x28c/0x328 [ 18.659141] mempool_uaf_helper+0x104/0x340 [ 18.659309] mempool_kmalloc_uaf+0xc4/0x120 [ 18.659359] kunit_try_run_case+0x170/0x3f0 [ 18.659642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.659701] kthread+0x328/0x630 [ 18.659734] ret_from_fork+0x10/0x20 [ 18.659770] [ 18.659790] The buggy address belongs to the object at fff00000c7729600 [ 18.659790] which belongs to the cache kmalloc-128 of size 128 [ 18.659850] The buggy address is located 0 bytes inside of [ 18.659850] freed 128-byte region [fff00000c7729600, fff00000c7729680) [ 18.660844] [ 18.660892] The buggy address belongs to the physical page: [ 18.660933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107729 [ 18.660990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.661040] page_type: f5(slab) [ 18.661084] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.661133] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.661172] page dumped because: kasan: bad access detected [ 18.661815] [ 18.662217] Memory state around the buggy address: [ 18.662260] fff00000c7729500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.662331] fff00000c7729580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.662373] >fff00000c7729600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.662411] ^ [ 18.662445] fff00000c7729680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.662666] fff00000c7729700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.662715] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.617814] ================================================================== [ 18.618623] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.618749] Read of size 1 at addr fff00000c62332bb by task kunit_try_catch/226 [ 18.619021] [ 18.619057] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.619139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.619787] Hardware name: linux,dummy-virt (DT) [ 18.619826] Call trace: [ 18.619862] show_stack+0x20/0x38 (C) [ 18.620084] dump_stack_lvl+0x8c/0xd0 [ 18.620179] print_report+0x118/0x608 [ 18.620351] kasan_report+0xdc/0x128 [ 18.620584] __asan_report_load1_noabort+0x20/0x30 [ 18.620874] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.621019] mempool_slab_oob_right+0xc0/0x118 [ 18.621076] kunit_try_run_case+0x170/0x3f0 [ 18.621132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.621545] kthread+0x328/0x630 [ 18.621676] ret_from_fork+0x10/0x20 [ 18.621751] [ 18.622067] Allocated by task 226: [ 18.622343] kasan_save_stack+0x3c/0x68 [ 18.622395] kasan_save_track+0x20/0x40 [ 18.622485] kasan_save_alloc_info+0x40/0x58 [ 18.622529] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.622572] remove_element+0x16c/0x1f8 [ 18.622608] mempool_alloc_preallocated+0x58/0xc0 [ 18.622649] mempool_oob_right_helper+0x98/0x2f0 [ 18.622688] mempool_slab_oob_right+0xc0/0x118 [ 18.622725] kunit_try_run_case+0x170/0x3f0 [ 18.622764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622806] kthread+0x328/0x630 [ 18.622837] ret_from_fork+0x10/0x20 [ 18.622874] [ 18.623147] The buggy address belongs to the object at fff00000c6233240 [ 18.623147] which belongs to the cache test_cache of size 123 [ 18.623242] The buggy address is located 0 bytes to the right of [ 18.623242] allocated 123-byte region [fff00000c6233240, fff00000c62332bb) [ 18.623598] [ 18.624114] The buggy address belongs to the physical page: [ 18.624349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106233 [ 18.624697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.625149] page_type: f5(slab) [ 18.625340] raw: 0bfffe0000000000 fff00000c77d98c0 dead000000000122 0000000000000000 [ 18.625401] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.625753] page dumped because: kasan: bad access detected [ 18.625786] [ 18.625804] Memory state around the buggy address: [ 18.626058] fff00000c6233180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.626245] fff00000c6233200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.626317] >fff00000c6233280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.626362] ^ [ 18.626489] fff00000c6233300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626553] fff00000c6233380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626591] ================================================================== [ 18.598275] ================================================================== [ 18.598339] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.598394] Read of size 1 at addr fff00000c7836001 by task kunit_try_catch/224 [ 18.598444] [ 18.598477] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.598560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.600030] Hardware name: linux,dummy-virt (DT) [ 18.600082] Call trace: [ 18.600168] show_stack+0x20/0x38 (C) [ 18.600224] dump_stack_lvl+0x8c/0xd0 [ 18.600296] print_report+0x118/0x608 [ 18.600343] kasan_report+0xdc/0x128 [ 18.600387] __asan_report_load1_noabort+0x20/0x30 [ 18.600436] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.600483] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.600613] kunit_try_run_case+0x170/0x3f0 [ 18.600686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.600831] kthread+0x328/0x630 [ 18.601347] ret_from_fork+0x10/0x20 [ 18.601402] [ 18.601425] The buggy address belongs to the physical page: [ 18.601659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 18.601849] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.602039] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.602308] page_type: f8(unknown) [ 18.602417] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.602531] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.602631] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.602680] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.602801] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 18.603165] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.603372] page dumped because: kasan: bad access detected [ 18.603495] [ 18.603513] Memory state around the buggy address: [ 18.603899] fff00000c7835f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.603960] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.604446] >fff00000c7836000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.604487] ^ [ 18.604784] fff00000c7836080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.604830] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.605237] ================================================================== [ 18.577211] ================================================================== [ 18.577288] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.577362] Read of size 1 at addr fff00000c7729273 by task kunit_try_catch/222 [ 18.577415] [ 18.577456] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.577543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.577569] Hardware name: linux,dummy-virt (DT) [ 18.577601] Call trace: [ 18.577627] show_stack+0x20/0x38 (C) [ 18.577680] dump_stack_lvl+0x8c/0xd0 [ 18.577730] print_report+0x118/0x608 [ 18.577776] kasan_report+0xdc/0x128 [ 18.577819] __asan_report_load1_noabort+0x20/0x30 [ 18.577870] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.577931] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.577979] kunit_try_run_case+0x170/0x3f0 [ 18.578146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.578199] kthread+0x328/0x630 [ 18.578242] ret_from_fork+0x10/0x20 [ 18.578291] [ 18.578310] Allocated by task 222: [ 18.578341] kasan_save_stack+0x3c/0x68 [ 18.578382] kasan_save_track+0x20/0x40 [ 18.578420] kasan_save_alloc_info+0x40/0x58 [ 18.578459] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.578502] remove_element+0x130/0x1f8 [ 18.578539] mempool_alloc_preallocated+0x58/0xc0 [ 18.578578] mempool_oob_right_helper+0x98/0x2f0 [ 18.578616] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.578655] kunit_try_run_case+0x170/0x3f0 [ 18.578695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.578739] kthread+0x328/0x630 [ 18.578770] ret_from_fork+0x10/0x20 [ 18.578807] [ 18.578826] The buggy address belongs to the object at fff00000c7729200 [ 18.578826] which belongs to the cache kmalloc-128 of size 128 [ 18.578884] The buggy address is located 0 bytes to the right of [ 18.578884] allocated 115-byte region [fff00000c7729200, fff00000c7729273) [ 18.578963] [ 18.578984] The buggy address belongs to the physical page: [ 18.579017] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107729 [ 18.579073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.579126] page_type: f5(slab) [ 18.579168] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.579218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.579259] page dumped because: kasan: bad access detected [ 18.579292] [ 18.579310] Memory state around the buggy address: [ 18.579344] fff00000c7729100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.579387] fff00000c7729180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579432] >fff00000c7729200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.579470] ^ [ 18.579511] fff00000c7729280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579553] fff00000c7729300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.579594] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.008804] ================================================================== [ 18.008891] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.008981] Read of size 1 at addr fff00000c77d9500 by task kunit_try_catch/216 [ 18.009054] [ 18.009107] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.009223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.009422] Hardware name: linux,dummy-virt (DT) [ 18.009516] Call trace: [ 18.009580] show_stack+0x20/0x38 (C) [ 18.009638] dump_stack_lvl+0x8c/0xd0 [ 18.009734] print_report+0x118/0x608 [ 18.009783] kasan_report+0xdc/0x128 [ 18.010006] __kasan_check_byte+0x54/0x70 [ 18.010062] kmem_cache_destroy+0x34/0x218 [ 18.010299] kmem_cache_double_destroy+0x174/0x300 [ 18.010447] kunit_try_run_case+0x170/0x3f0 [ 18.010568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.010621] kthread+0x328/0x630 [ 18.010664] ret_from_fork+0x10/0x20 [ 18.010731] [ 18.011120] Allocated by task 216: [ 18.011216] kasan_save_stack+0x3c/0x68 [ 18.011324] kasan_save_track+0x20/0x40 [ 18.011364] kasan_save_alloc_info+0x40/0x58 [ 18.011404] __kasan_slab_alloc+0xa8/0xb0 [ 18.011458] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.011502] __kmem_cache_create_args+0x178/0x280 [ 18.011552] kmem_cache_double_destroy+0xc0/0x300 [ 18.011590] kunit_try_run_case+0x170/0x3f0 [ 18.011634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.011681] kthread+0x328/0x630 [ 18.011724] ret_from_fork+0x10/0x20 [ 18.011768] [ 18.011786] Freed by task 216: [ 18.011828] kasan_save_stack+0x3c/0x68 [ 18.011864] kasan_save_track+0x20/0x40 [ 18.011902] kasan_save_free_info+0x4c/0x78 [ 18.011959] __kasan_slab_free+0x6c/0x98 [ 18.011999] kmem_cache_free+0x260/0x468 [ 18.012035] slab_kmem_cache_release+0x38/0x50 [ 18.012075] kmem_cache_release+0x1c/0x30 [ 18.012112] kobject_put+0x17c/0x420 [ 18.012157] sysfs_slab_release+0x1c/0x30 [ 18.012195] kmem_cache_destroy+0x118/0x218 [ 18.012231] kmem_cache_double_destroy+0x128/0x300 [ 18.012279] kunit_try_run_case+0x170/0x3f0 [ 18.012316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.012360] kthread+0x328/0x630 [ 18.012392] ret_from_fork+0x10/0x20 [ 18.012442] [ 18.012462] The buggy address belongs to the object at fff00000c77d9500 [ 18.012462] which belongs to the cache kmem_cache of size 208 [ 18.012529] The buggy address is located 0 bytes inside of [ 18.012529] freed 208-byte region [fff00000c77d9500, fff00000c77d95d0) [ 18.012589] [ 18.012612] The buggy address belongs to the physical page: [ 18.012651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d9 [ 18.012712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.012763] page_type: f5(slab) [ 18.012802] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.012853] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.012894] page dumped because: kasan: bad access detected [ 18.012944] [ 18.012962] Memory state around the buggy address: [ 18.012997] fff00000c77d9400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.013040] fff00000c77d9480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.013088] >fff00000c77d9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.013125] ^ [ 18.013153] fff00000c77d9580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.013195] fff00000c77d9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.013234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.955368] ================================================================== [ 17.956125] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.956295] Read of size 1 at addr fff00000c77e1000 by task kunit_try_catch/214 [ 17.956350] [ 17.956631] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.956729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.956755] Hardware name: linux,dummy-virt (DT) [ 17.956791] Call trace: [ 17.956935] show_stack+0x20/0x38 (C) [ 17.957305] dump_stack_lvl+0x8c/0xd0 [ 17.957380] print_report+0x118/0x608 [ 17.957431] kasan_report+0xdc/0x128 [ 17.957477] __asan_report_load1_noabort+0x20/0x30 [ 17.957529] kmem_cache_rcu_uaf+0x388/0x468 [ 17.957575] kunit_try_run_case+0x170/0x3f0 [ 17.957623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.957676] kthread+0x328/0x630 [ 17.957720] ret_from_fork+0x10/0x20 [ 17.957772] [ 17.957790] Allocated by task 214: [ 17.957819] kasan_save_stack+0x3c/0x68 [ 17.957871] kasan_save_track+0x20/0x40 [ 17.957921] kasan_save_alloc_info+0x40/0x58 [ 17.957973] __kasan_slab_alloc+0xa8/0xb0 [ 17.958157] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.958441] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.958607] kunit_try_run_case+0x170/0x3f0 [ 17.958658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959141] kthread+0x328/0x630 [ 17.959340] ret_from_fork+0x10/0x20 [ 17.959425] [ 17.959733] Freed by task 0: [ 17.959812] kasan_save_stack+0x3c/0x68 [ 17.960223] kasan_save_track+0x20/0x40 [ 17.960313] kasan_save_free_info+0x4c/0x78 [ 17.960550] __kasan_slab_free+0x6c/0x98 [ 17.960730] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.960787] rcu_core+0x9f4/0x1e20 [ 17.961082] rcu_core_si+0x18/0x30 [ 17.961274] handle_softirqs+0x374/0xb28 [ 17.961501] __do_softirq+0x1c/0x28 [ 17.961617] [ 17.961770] Last potentially related work creation: [ 17.961828] kasan_save_stack+0x3c/0x68 [ 17.962101] kasan_record_aux_stack+0xb4/0xc8 [ 17.962258] kmem_cache_free+0x120/0x468 [ 17.962381] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.962432] kunit_try_run_case+0x170/0x3f0 [ 17.962472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.962540] kthread+0x328/0x630 [ 17.962572] ret_from_fork+0x10/0x20 [ 17.962608] [ 17.962852] The buggy address belongs to the object at fff00000c77e1000 [ 17.962852] which belongs to the cache test_cache of size 200 [ 17.963046] The buggy address is located 0 bytes inside of [ 17.963046] freed 200-byte region [fff00000c77e1000, fff00000c77e10c8) [ 17.963390] [ 17.963501] The buggy address belongs to the physical page: [ 17.963583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e1 [ 17.963810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.963880] page_type: f5(slab) [ 17.963973] raw: 0bfffe0000000000 fff00000c77d93c0 dead000000000122 0000000000000000 [ 17.964024] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.964065] page dumped because: kasan: bad access detected [ 17.964095] [ 17.964216] Memory state around the buggy address: [ 17.964283] fff00000c77e0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.964343] fff00000c77e0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.964398] >fff00000c77e1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.964452] ^ [ 17.964481] fff00000c77e1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.964523] fff00000c77e1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.964562] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.427486] ================================================================== [ 17.427658] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.427751] Free of addr fff00000c77de001 by task kunit_try_catch/212 [ 17.427848] [ 17.427939] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.428029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.428280] Hardware name: linux,dummy-virt (DT) [ 17.428326] Call trace: [ 17.428356] show_stack+0x20/0x38 (C) [ 17.428419] dump_stack_lvl+0x8c/0xd0 [ 17.428576] print_report+0x118/0x608 [ 17.428670] kasan_report_invalid_free+0xc0/0xe8 [ 17.428791] check_slab_allocation+0xfc/0x108 [ 17.428844] __kasan_slab_pre_free+0x2c/0x48 [ 17.428943] kmem_cache_free+0xf0/0x468 [ 17.428995] kmem_cache_invalid_free+0x184/0x3c8 [ 17.429275] kunit_try_run_case+0x170/0x3f0 [ 17.429365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.429419] kthread+0x328/0x630 [ 17.429464] ret_from_fork+0x10/0x20 [ 17.429564] [ 17.429604] Allocated by task 212: [ 17.429634] kasan_save_stack+0x3c/0x68 [ 17.429696] kasan_save_track+0x20/0x40 [ 17.430037] kasan_save_alloc_info+0x40/0x58 [ 17.430172] __kasan_slab_alloc+0xa8/0xb0 [ 17.430276] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.430418] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.430519] kunit_try_run_case+0x170/0x3f0 [ 17.430605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.430887] kthread+0x328/0x630 [ 17.431088] ret_from_fork+0x10/0x20 [ 17.431151] [ 17.431230] The buggy address belongs to the object at fff00000c77de000 [ 17.431230] which belongs to the cache test_cache of size 200 [ 17.431304] The buggy address is located 1 bytes inside of [ 17.431304] 200-byte region [fff00000c77de000, fff00000c77de0c8) [ 17.431377] [ 17.431409] The buggy address belongs to the physical page: [ 17.431443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077de [ 17.431510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.431562] page_type: f5(slab) [ 17.431606] raw: 0bfffe0000000000 fff00000c77d9280 dead000000000122 0000000000000000 [ 17.431657] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.431713] page dumped because: kasan: bad access detected [ 17.431746] [ 17.431764] Memory state around the buggy address: [ 17.431821] fff00000c77ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.431862] fff00000c77ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.431923] >fff00000c77de000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.431962] ^ [ 17.432773] fff00000c77de080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.432857] fff00000c77de100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.433166] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.380738] ================================================================== [ 17.380867] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.381532] Free of addr fff00000c77dd000 by task kunit_try_catch/210 [ 17.381632] [ 17.381677] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.381764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.381791] Hardware name: linux,dummy-virt (DT) [ 17.381826] Call trace: [ 17.381849] show_stack+0x20/0x38 (C) [ 17.381903] dump_stack_lvl+0x8c/0xd0 [ 17.381963] print_report+0x118/0x608 [ 17.382011] kasan_report_invalid_free+0xc0/0xe8 [ 17.383206] check_slab_allocation+0xd4/0x108 [ 17.383320] __kasan_slab_pre_free+0x2c/0x48 [ 17.383593] kmem_cache_free+0xf0/0x468 [ 17.383688] kmem_cache_double_free+0x190/0x3c8 [ 17.383752] kunit_try_run_case+0x170/0x3f0 [ 17.384076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.384590] kthread+0x328/0x630 [ 17.384829] ret_from_fork+0x10/0x20 [ 17.385134] [ 17.385372] Allocated by task 210: [ 17.385476] kasan_save_stack+0x3c/0x68 [ 17.385814] kasan_save_track+0x20/0x40 [ 17.386039] kasan_save_alloc_info+0x40/0x58 [ 17.386082] __kasan_slab_alloc+0xa8/0xb0 [ 17.386118] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.386313] kmem_cache_double_free+0x12c/0x3c8 [ 17.386359] kunit_try_run_case+0x170/0x3f0 [ 17.386549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.386793] kthread+0x328/0x630 [ 17.386833] ret_from_fork+0x10/0x20 [ 17.387174] [ 17.387418] Freed by task 210: [ 17.387558] kasan_save_stack+0x3c/0x68 [ 17.388162] kasan_save_track+0x20/0x40 [ 17.388319] kasan_save_free_info+0x4c/0x78 [ 17.388639] __kasan_slab_free+0x6c/0x98 [ 17.388679] kmem_cache_free+0x260/0x468 [ 17.388717] kmem_cache_double_free+0x140/0x3c8 [ 17.388755] kunit_try_run_case+0x170/0x3f0 [ 17.388793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.388835] kthread+0x328/0x630 [ 17.389503] ret_from_fork+0x10/0x20 [ 17.389990] [ 17.390106] The buggy address belongs to the object at fff00000c77dd000 [ 17.390106] which belongs to the cache test_cache of size 200 [ 17.390169] The buggy address is located 0 bytes inside of [ 17.390169] 200-byte region [fff00000c77dd000, fff00000c77dd0c8) [ 17.390229] [ 17.390251] The buggy address belongs to the physical page: [ 17.390546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dd [ 17.390745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.390801] page_type: f5(slab) [ 17.391308] raw: 0bfffe0000000000 fff00000c77d9140 dead000000000122 0000000000000000 [ 17.391529] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.391572] page dumped because: kasan: bad access detected [ 17.391846] [ 17.391870] Memory state around the buggy address: [ 17.392150] fff00000c77dcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.392270] fff00000c77dcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.392317] >fff00000c77dd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.392738] ^ [ 17.392777] fff00000c77dd080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.392934] fff00000c77dd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.393347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.211740] ================================================================== [ 17.212783] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.213180] Read of size 1 at addr fff00000c77db0c8 by task kunit_try_catch/208 [ 17.213304] [ 17.213404] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.213491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.213519] Hardware name: linux,dummy-virt (DT) [ 17.213592] Call trace: [ 17.213666] show_stack+0x20/0x38 (C) [ 17.213759] dump_stack_lvl+0x8c/0xd0 [ 17.213817] print_report+0x118/0x608 [ 17.214276] kasan_report+0xdc/0x128 [ 17.214394] __asan_report_load1_noabort+0x20/0x30 [ 17.214531] kmem_cache_oob+0x344/0x430 [ 17.216931] kunit_try_run_case+0x170/0x3f0 [ 17.217008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.218177] kthread+0x328/0x630 [ 17.218250] ret_from_fork+0x10/0x20 [ 17.218300] [ 17.218319] Allocated by task 208: [ 17.218351] kasan_save_stack+0x3c/0x68 [ 17.218390] kasan_save_track+0x20/0x40 [ 17.218428] kasan_save_alloc_info+0x40/0x58 [ 17.218467] __kasan_slab_alloc+0xa8/0xb0 [ 17.218504] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.218543] kmem_cache_oob+0x12c/0x430 [ 17.218578] kunit_try_run_case+0x170/0x3f0 [ 17.218613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.218657] kthread+0x328/0x630 [ 17.218687] ret_from_fork+0x10/0x20 [ 17.218723] [ 17.218742] The buggy address belongs to the object at fff00000c77db000 [ 17.218742] which belongs to the cache test_cache of size 200 [ 17.218798] The buggy address is located 0 bytes to the right of [ 17.218798] allocated 200-byte region [fff00000c77db000, fff00000c77db0c8) [ 17.218863] [ 17.218884] The buggy address belongs to the physical page: [ 17.219149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077db [ 17.219218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.219268] page_type: f5(slab) [ 17.219309] raw: 0bfffe0000000000 fff00000c77d9000 dead000000000122 0000000000000000 [ 17.220622] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.223931] page dumped because: kasan: bad access detected [ 17.224057] [ 17.224179] Memory state around the buggy address: [ 17.224346] fff00000c77daf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224421] fff00000c77db000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.224523] >fff00000c77db080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.224644] ^ [ 17.224744] fff00000c77db100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224796] fff00000c77db180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224834] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.173699] ================================================================== [ 17.173877] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.173950] Read of size 8 at addr fff00000c7770f00 by task kunit_try_catch/201 [ 17.174547] [ 17.174593] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.174680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.174705] Hardware name: linux,dummy-virt (DT) [ 17.174737] Call trace: [ 17.174758] show_stack+0x20/0x38 (C) [ 17.174809] dump_stack_lvl+0x8c/0xd0 [ 17.174857] print_report+0x118/0x608 [ 17.174902] kasan_report+0xdc/0x128 [ 17.175778] __asan_report_load8_noabort+0x20/0x30 [ 17.175961] workqueue_uaf+0x480/0x4a8 [ 17.176075] kunit_try_run_case+0x170/0x3f0 [ 17.176223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.176629] kthread+0x328/0x630 [ 17.176737] ret_from_fork+0x10/0x20 [ 17.176866] [ 17.176887] Allocated by task 201: [ 17.176954] kasan_save_stack+0x3c/0x68 [ 17.177300] kasan_save_track+0x20/0x40 [ 17.177454] kasan_save_alloc_info+0x40/0x58 [ 17.177500] __kasan_kmalloc+0xd4/0xd8 [ 17.177849] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.178096] workqueue_uaf+0x13c/0x4a8 [ 17.178298] kunit_try_run_case+0x170/0x3f0 [ 17.178345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.178390] kthread+0x328/0x630 [ 17.178445] ret_from_fork+0x10/0x20 [ 17.178483] [ 17.178505] Freed by task 57: [ 17.178978] kasan_save_stack+0x3c/0x68 [ 17.179040] kasan_save_track+0x20/0x40 [ 17.179225] kasan_save_free_info+0x4c/0x78 [ 17.179494] __kasan_slab_free+0x6c/0x98 [ 17.179564] kfree+0x214/0x3c8 [ 17.179765] workqueue_uaf_work+0x18/0x30 [ 17.179843] process_one_work+0x530/0xf98 [ 17.180155] worker_thread+0x618/0xf38 [ 17.180470] kthread+0x328/0x630 [ 17.180601] ret_from_fork+0x10/0x20 [ 17.180642] [ 17.180823] Last potentially related work creation: [ 17.180908] kasan_save_stack+0x3c/0x68 [ 17.180963] kasan_record_aux_stack+0xb4/0xc8 [ 17.181125] __queue_work+0x65c/0x1008 [ 17.181243] queue_work_on+0xbc/0xf8 [ 17.181581] workqueue_uaf+0x210/0x4a8 [ 17.181759] kunit_try_run_case+0x170/0x3f0 [ 17.181836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.182226] kthread+0x328/0x630 [ 17.182433] ret_from_fork+0x10/0x20 [ 17.182473] [ 17.182500] The buggy address belongs to the object at fff00000c7770f00 [ 17.182500] which belongs to the cache kmalloc-32 of size 32 [ 17.182559] The buggy address is located 0 bytes inside of [ 17.182559] freed 32-byte region [fff00000c7770f00, fff00000c7770f20) [ 17.182620] [ 17.182642] The buggy address belongs to the physical page: [ 17.182674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 17.182728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.182776] page_type: f5(slab) [ 17.182814] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.183273] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.183320] page dumped because: kasan: bad access detected [ 17.183362] [ 17.183420] Memory state around the buggy address: [ 17.183456] fff00000c7770e00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.183499] fff00000c7770e80: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.183551] >fff00000c7770f00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.183596] ^ [ 17.183625] fff00000c7770f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.183677] fff00000c7771000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.183716] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.143882] ================================================================== [ 17.144027] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.144087] Read of size 4 at addr fff00000c7770d00 by task swapper/1/0 [ 17.144133] [ 17.144179] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.144265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.144290] Hardware name: linux,dummy-virt (DT) [ 17.144322] Call trace: [ 17.144344] show_stack+0x20/0x38 (C) [ 17.144391] dump_stack_lvl+0x8c/0xd0 [ 17.144437] print_report+0x118/0x608 [ 17.144491] kasan_report+0xdc/0x128 [ 17.144536] __asan_report_load4_noabort+0x20/0x30 [ 17.144585] rcu_uaf_reclaim+0x64/0x70 [ 17.144630] rcu_core+0x9f4/0x1e20 [ 17.144675] rcu_core_si+0x18/0x30 [ 17.144728] handle_softirqs+0x374/0xb28 [ 17.144776] __do_softirq+0x1c/0x28 [ 17.144831] ____do_softirq+0x18/0x30 [ 17.144884] call_on_irq_stack+0x24/0x30 [ 17.145482] do_softirq_own_stack+0x24/0x38 [ 17.145549] __irq_exit_rcu+0x1fc/0x318 [ 17.146085] irq_exit_rcu+0x1c/0x80 [ 17.146177] el1_interrupt+0x38/0x58 [ 17.146494] el1h_64_irq_handler+0x18/0x28 [ 17.146548] el1h_64_irq+0x6c/0x70 [ 17.147221] arch_local_irq_enable+0x4/0x8 (P) [ 17.147566] do_idle+0x384/0x4e8 [ 17.147686] cpu_startup_entry+0x64/0x80 [ 17.147792] secondary_start_kernel+0x288/0x340 [ 17.147985] __secondary_switched+0xc0/0xc8 [ 17.148418] [ 17.148530] Allocated by task 199: [ 17.148602] kasan_save_stack+0x3c/0x68 [ 17.148869] kasan_save_track+0x20/0x40 [ 17.149087] kasan_save_alloc_info+0x40/0x58 [ 17.149193] __kasan_kmalloc+0xd4/0xd8 [ 17.149540] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.149753] rcu_uaf+0xb0/0x2d8 [ 17.150094] kunit_try_run_case+0x170/0x3f0 [ 17.150336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.150522] kthread+0x328/0x630 [ 17.150586] ret_from_fork+0x10/0x20 [ 17.150648] [ 17.150830] Freed by task 0: [ 17.151019] kasan_save_stack+0x3c/0x68 [ 17.151157] kasan_save_track+0x20/0x40 [ 17.151237] kasan_save_free_info+0x4c/0x78 [ 17.151487] __kasan_slab_free+0x6c/0x98 [ 17.151960] kfree+0x214/0x3c8 [ 17.152066] rcu_uaf_reclaim+0x28/0x70 [ 17.152178] rcu_core+0x9f4/0x1e20 [ 17.152269] rcu_core_si+0x18/0x30 [ 17.152658] handle_softirqs+0x374/0xb28 [ 17.152851] __do_softirq+0x1c/0x28 [ 17.152921] [ 17.153095] Last potentially related work creation: [ 17.153333] kasan_save_stack+0x3c/0x68 [ 17.153466] kasan_record_aux_stack+0xb4/0xc8 [ 17.153620] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.153723] call_rcu+0x18/0x30 [ 17.153879] rcu_uaf+0x14c/0x2d8 [ 17.154013] kunit_try_run_case+0x170/0x3f0 [ 17.154062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.154117] kthread+0x328/0x630 [ 17.154149] ret_from_fork+0x10/0x20 [ 17.154454] [ 17.154724] The buggy address belongs to the object at fff00000c7770d00 [ 17.154724] which belongs to the cache kmalloc-32 of size 32 [ 17.154842] The buggy address is located 0 bytes inside of [ 17.154842] freed 32-byte region [fff00000c7770d00, fff00000c7770d20) [ 17.155057] [ 17.155750] The buggy address belongs to the physical page: [ 17.156036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 17.156108] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.156473] page_type: f5(slab) [ 17.156616] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.156728] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.156953] page dumped because: kasan: bad access detected [ 17.157163] [ 17.157243] Memory state around the buggy address: [ 17.157381] fff00000c7770c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.157455] fff00000c7770c80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.157566] >fff00000c7770d00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157617] ^ [ 17.157645] fff00000c7770d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157692] fff00000c7770e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.157767] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.112079] ================================================================== [ 17.112399] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.112785] Read of size 1 at addr fff00000c63cdf78 by task kunit_try_catch/197 [ 17.112852] [ 17.112885] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.112997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.113024] Hardware name: linux,dummy-virt (DT) [ 17.113061] Call trace: [ 17.113090] show_stack+0x20/0x38 (C) [ 17.113144] dump_stack_lvl+0x8c/0xd0 [ 17.113193] print_report+0x118/0x608 [ 17.113252] kasan_report+0xdc/0x128 [ 17.113300] __asan_report_load1_noabort+0x20/0x30 [ 17.113349] ksize_uaf+0x544/0x5f8 [ 17.113392] kunit_try_run_case+0x170/0x3f0 [ 17.113438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.113489] kthread+0x328/0x630 [ 17.113527] ret_from_fork+0x10/0x20 [ 17.113581] [ 17.113609] Allocated by task 197: [ 17.113636] kasan_save_stack+0x3c/0x68 [ 17.113677] kasan_save_track+0x20/0x40 [ 17.113713] kasan_save_alloc_info+0x40/0x58 [ 17.113754] __kasan_kmalloc+0xd4/0xd8 [ 17.113790] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.113828] ksize_uaf+0xb8/0x5f8 [ 17.113862] kunit_try_run_case+0x170/0x3f0 [ 17.113899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.114348] kthread+0x328/0x630 [ 17.114604] ret_from_fork+0x10/0x20 [ 17.114842] [ 17.115010] Freed by task 197: [ 17.115417] kasan_save_stack+0x3c/0x68 [ 17.115487] kasan_save_track+0x20/0x40 [ 17.115634] kasan_save_free_info+0x4c/0x78 [ 17.115839] __kasan_slab_free+0x6c/0x98 [ 17.115892] kfree+0x214/0x3c8 [ 17.115939] ksize_uaf+0x11c/0x5f8 [ 17.116276] kunit_try_run_case+0x170/0x3f0 [ 17.116382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.116480] kthread+0x328/0x630 [ 17.116817] ret_from_fork+0x10/0x20 [ 17.117095] [ 17.117136] The buggy address belongs to the object at fff00000c63cdf00 [ 17.117136] which belongs to the cache kmalloc-128 of size 128 [ 17.117613] The buggy address is located 120 bytes inside of [ 17.117613] freed 128-byte region [fff00000c63cdf00, fff00000c63cdf80) [ 17.117693] [ 17.117713] The buggy address belongs to the physical page: [ 17.117760] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.118072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.118235] page_type: f5(slab) [ 17.118276] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.118337] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.118656] page dumped because: kasan: bad access detected [ 17.118706] [ 17.118784] Memory state around the buggy address: [ 17.119166] fff00000c63cde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.119281] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.119381] >fff00000c63cdf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.119509] ^ [ 17.119554] fff00000c63cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.119615] fff00000c63ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.119969] ================================================================== [ 17.092199] ================================================================== [ 17.092408] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.092473] Read of size 1 at addr fff00000c63cdf00 by task kunit_try_catch/197 [ 17.092527] [ 17.092715] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.093191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.093244] Hardware name: linux,dummy-virt (DT) [ 17.093345] Call trace: [ 17.093493] show_stack+0x20/0x38 (C) [ 17.093577] dump_stack_lvl+0x8c/0xd0 [ 17.093957] print_report+0x118/0x608 [ 17.094048] kasan_report+0xdc/0x128 [ 17.094216] __kasan_check_byte+0x54/0x70 [ 17.094344] ksize+0x30/0x88 [ 17.094499] ksize_uaf+0x168/0x5f8 [ 17.094603] kunit_try_run_case+0x170/0x3f0 [ 17.094751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.094804] kthread+0x328/0x630 [ 17.094860] ret_from_fork+0x10/0x20 [ 17.095218] [ 17.095258] Allocated by task 197: [ 17.095355] kasan_save_stack+0x3c/0x68 [ 17.095477] kasan_save_track+0x20/0x40 [ 17.095659] kasan_save_alloc_info+0x40/0x58 [ 17.095766] __kasan_kmalloc+0xd4/0xd8 [ 17.095973] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.096011] ksize_uaf+0xb8/0x5f8 [ 17.096433] kunit_try_run_case+0x170/0x3f0 [ 17.096517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.096623] kthread+0x328/0x630 [ 17.096806] ret_from_fork+0x10/0x20 [ 17.097307] [ 17.097408] Freed by task 197: [ 17.097595] kasan_save_stack+0x3c/0x68 [ 17.097746] kasan_save_track+0x20/0x40 [ 17.097893] kasan_save_free_info+0x4c/0x78 [ 17.098134] __kasan_slab_free+0x6c/0x98 [ 17.098310] kfree+0x214/0x3c8 [ 17.098384] ksize_uaf+0x11c/0x5f8 [ 17.098560] kunit_try_run_case+0x170/0x3f0 [ 17.098712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.098768] kthread+0x328/0x630 [ 17.098803] ret_from_fork+0x10/0x20 [ 17.098849] [ 17.098878] The buggy address belongs to the object at fff00000c63cdf00 [ 17.098878] which belongs to the cache kmalloc-128 of size 128 [ 17.098947] The buggy address is located 0 bytes inside of [ 17.098947] freed 128-byte region [fff00000c63cdf00, fff00000c63cdf80) [ 17.099007] [ 17.099035] The buggy address belongs to the physical page: [ 17.099081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.099135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.099180] page_type: f5(slab) [ 17.099235] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.099285] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.099336] page dumped because: kasan: bad access detected [ 17.099368] [ 17.099393] Memory state around the buggy address: [ 17.099424] fff00000c63cde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.099475] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.099527] >fff00000c63cdf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.099572] ^ [ 17.099608] fff00000c63cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.099673] fff00000c63ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.099712] ================================================================== [ 17.101008] ================================================================== [ 17.101073] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.101233] Read of size 1 at addr fff00000c63cdf00 by task kunit_try_catch/197 [ 17.101348] [ 17.101682] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.101781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.101806] Hardware name: linux,dummy-virt (DT) [ 17.101835] Call trace: [ 17.102041] show_stack+0x20/0x38 (C) [ 17.102224] dump_stack_lvl+0x8c/0xd0 [ 17.102272] print_report+0x118/0x608 [ 17.102333] kasan_report+0xdc/0x128 [ 17.102377] __asan_report_load1_noabort+0x20/0x30 [ 17.102840] ksize_uaf+0x598/0x5f8 [ 17.102954] kunit_try_run_case+0x170/0x3f0 [ 17.103120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.103240] kthread+0x328/0x630 [ 17.103593] ret_from_fork+0x10/0x20 [ 17.103846] [ 17.104030] Allocated by task 197: [ 17.104218] kasan_save_stack+0x3c/0x68 [ 17.104266] kasan_save_track+0x20/0x40 [ 17.104724] kasan_save_alloc_info+0x40/0x58 [ 17.104823] __kasan_kmalloc+0xd4/0xd8 [ 17.105013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.105106] ksize_uaf+0xb8/0x5f8 [ 17.105571] kunit_try_run_case+0x170/0x3f0 [ 17.105710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.105962] kthread+0x328/0x630 [ 17.106069] ret_from_fork+0x10/0x20 [ 17.106220] [ 17.106240] Freed by task 197: [ 17.106280] kasan_save_stack+0x3c/0x68 [ 17.106344] kasan_save_track+0x20/0x40 [ 17.106673] kasan_save_free_info+0x4c/0x78 [ 17.106746] __kasan_slab_free+0x6c/0x98 [ 17.107017] kfree+0x214/0x3c8 [ 17.107379] ksize_uaf+0x11c/0x5f8 [ 17.107648] kunit_try_run_case+0x170/0x3f0 [ 17.107756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.107897] kthread+0x328/0x630 [ 17.108059] ret_from_fork+0x10/0x20 [ 17.108169] [ 17.108447] The buggy address belongs to the object at fff00000c63cdf00 [ 17.108447] which belongs to the cache kmalloc-128 of size 128 [ 17.108629] The buggy address is located 0 bytes inside of [ 17.108629] freed 128-byte region [fff00000c63cdf00, fff00000c63cdf80) [ 17.108967] [ 17.109012] The buggy address belongs to the physical page: [ 17.109147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.109300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.109485] page_type: f5(slab) [ 17.109535] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.109692] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.109810] page dumped because: kasan: bad access detected [ 17.109868] [ 17.110200] Memory state around the buggy address: [ 17.110287] fff00000c63cde00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.110395] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.110466] >fff00000c63cdf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.110508] ^ [ 17.110546] fff00000c63cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.110828] fff00000c63ce000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.111038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.060485] ================================================================== [ 17.060583] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.060724] Read of size 1 at addr fff00000c63cde73 by task kunit_try_catch/195 [ 17.060778] [ 17.060812] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.060901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.060938] Hardware name: linux,dummy-virt (DT) [ 17.061380] Call trace: [ 17.061420] show_stack+0x20/0x38 (C) [ 17.061525] dump_stack_lvl+0x8c/0xd0 [ 17.061580] print_report+0x118/0x608 [ 17.061625] kasan_report+0xdc/0x128 [ 17.061768] __asan_report_load1_noabort+0x20/0x30 [ 17.061830] ksize_unpoisons_memory+0x628/0x740 [ 17.061886] kunit_try_run_case+0x170/0x3f0 [ 17.061949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.062004] kthread+0x328/0x630 [ 17.062476] ret_from_fork+0x10/0x20 [ 17.062606] [ 17.062717] Allocated by task 195: [ 17.062749] kasan_save_stack+0x3c/0x68 [ 17.062804] kasan_save_track+0x20/0x40 [ 17.062854] kasan_save_alloc_info+0x40/0x58 [ 17.062894] __kasan_kmalloc+0xd4/0xd8 [ 17.062942] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.063385] ksize_unpoisons_memory+0xc0/0x740 [ 17.063481] kunit_try_run_case+0x170/0x3f0 [ 17.063659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.063717] kthread+0x328/0x630 [ 17.063751] ret_from_fork+0x10/0x20 [ 17.063815] [ 17.063852] The buggy address belongs to the object at fff00000c63cde00 [ 17.063852] which belongs to the cache kmalloc-128 of size 128 [ 17.064160] The buggy address is located 0 bytes to the right of [ 17.064160] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.064263] [ 17.064296] The buggy address belongs to the physical page: [ 17.064391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.064445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.064493] page_type: f5(slab) [ 17.064532] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.064591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.064631] page dumped because: kasan: bad access detected [ 17.064661] [ 17.064679] Memory state around the buggy address: [ 17.064721] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.064776] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.064828] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.064875] ^ [ 17.064940] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065256] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065693] ================================================================== [ 17.067168] ================================================================== [ 17.067418] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.067493] Read of size 1 at addr fff00000c63cde78 by task kunit_try_catch/195 [ 17.067924] [ 17.068056] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.068312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.068444] Hardware name: linux,dummy-virt (DT) [ 17.068504] Call trace: [ 17.068529] show_stack+0x20/0x38 (C) [ 17.068584] dump_stack_lvl+0x8c/0xd0 [ 17.068630] print_report+0x118/0x608 [ 17.069364] kasan_report+0xdc/0x128 [ 17.069449] __asan_report_load1_noabort+0x20/0x30 [ 17.069515] ksize_unpoisons_memory+0x618/0x740 [ 17.069843] kunit_try_run_case+0x170/0x3f0 [ 17.069931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.070028] kthread+0x328/0x630 [ 17.070092] ret_from_fork+0x10/0x20 [ 17.070214] [ 17.070297] Allocated by task 195: [ 17.070376] kasan_save_stack+0x3c/0x68 [ 17.070506] kasan_save_track+0x20/0x40 [ 17.070602] kasan_save_alloc_info+0x40/0x58 [ 17.070761] __kasan_kmalloc+0xd4/0xd8 [ 17.071053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.071218] ksize_unpoisons_memory+0xc0/0x740 [ 17.071309] kunit_try_run_case+0x170/0x3f0 [ 17.071361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.071709] kthread+0x328/0x630 [ 17.071773] ret_from_fork+0x10/0x20 [ 17.071889] [ 17.071921] The buggy address belongs to the object at fff00000c63cde00 [ 17.071921] which belongs to the cache kmalloc-128 of size 128 [ 17.071981] The buggy address is located 5 bytes to the right of [ 17.071981] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.072083] [ 17.072102] The buggy address belongs to the physical page: [ 17.072138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.072194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.072243] page_type: f5(slab) [ 17.072291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.072353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.072393] page dumped because: kasan: bad access detected [ 17.072423] [ 17.072441] Memory state around the buggy address: [ 17.072480] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.072526] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072568] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.072607] ^ [ 17.072647] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072699] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.072737] ================================================================== [ 17.076021] ================================================================== [ 17.076075] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.076128] Read of size 1 at addr fff00000c63cde7f by task kunit_try_catch/195 [ 17.076178] [ 17.076210] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.076291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.076318] Hardware name: linux,dummy-virt (DT) [ 17.076483] Call trace: [ 17.076754] show_stack+0x20/0x38 (C) [ 17.076840] dump_stack_lvl+0x8c/0xd0 [ 17.076893] print_report+0x118/0x608 [ 17.077201] kasan_report+0xdc/0x128 [ 17.077338] __asan_report_load1_noabort+0x20/0x30 [ 17.077393] ksize_unpoisons_memory+0x690/0x740 [ 17.077439] kunit_try_run_case+0x170/0x3f0 [ 17.077818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.077892] kthread+0x328/0x630 [ 17.078163] ret_from_fork+0x10/0x20 [ 17.078241] [ 17.078637] Allocated by task 195: [ 17.078725] kasan_save_stack+0x3c/0x68 [ 17.078787] kasan_save_track+0x20/0x40 [ 17.078825] kasan_save_alloc_info+0x40/0x58 [ 17.079257] __kasan_kmalloc+0xd4/0xd8 [ 17.079349] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.079725] ksize_unpoisons_memory+0xc0/0x740 [ 17.079841] kunit_try_run_case+0x170/0x3f0 [ 17.079894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.080224] kthread+0x328/0x630 [ 17.080362] ret_from_fork+0x10/0x20 [ 17.080696] [ 17.080738] The buggy address belongs to the object at fff00000c63cde00 [ 17.080738] which belongs to the cache kmalloc-128 of size 128 [ 17.080890] The buggy address is located 12 bytes to the right of [ 17.080890] allocated 115-byte region [fff00000c63cde00, fff00000c63cde73) [ 17.081298] [ 17.081346] The buggy address belongs to the physical page: [ 17.081464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 17.081558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.081607] page_type: f5(slab) [ 17.081960] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.082057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.082156] page dumped because: kasan: bad access detected [ 17.082337] [ 17.082486] Memory state around the buggy address: [ 17.082562] fff00000c63cdd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.082686] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082732] >fff00000c63cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.082773] ^ [ 17.082823] fff00000c63cde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082921] fff00000c63cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082970] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.043799] ================================================================== [ 17.043897] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.043960] Free of addr fff00000c1376c40 by task kunit_try_catch/193 [ 17.044079] [ 17.044115] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.044198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.044223] Hardware name: linux,dummy-virt (DT) [ 17.044253] Call trace: [ 17.044292] show_stack+0x20/0x38 (C) [ 17.044342] dump_stack_lvl+0x8c/0xd0 [ 17.044389] print_report+0x118/0x608 [ 17.044434] kasan_report_invalid_free+0xc0/0xe8 [ 17.044484] check_slab_allocation+0xd4/0x108 [ 17.044529] __kasan_slab_pre_free+0x2c/0x48 [ 17.044574] kfree+0xe8/0x3c8 [ 17.044614] kfree_sensitive+0x3c/0xb0 [ 17.044658] kmalloc_double_kzfree+0x168/0x308 [ 17.044705] kunit_try_run_case+0x170/0x3f0 [ 17.044754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.044806] kthread+0x328/0x630 [ 17.044845] ret_from_fork+0x10/0x20 [ 17.044891] [ 17.045136] Allocated by task 193: [ 17.045182] kasan_save_stack+0x3c/0x68 [ 17.045499] kasan_save_track+0x20/0x40 [ 17.045657] kasan_save_alloc_info+0x40/0x58 [ 17.045857] __kasan_kmalloc+0xd4/0xd8 [ 17.045936] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.046288] kmalloc_double_kzfree+0xb8/0x308 [ 17.046470] kunit_try_run_case+0x170/0x3f0 [ 17.046514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.046574] kthread+0x328/0x630 [ 17.046614] ret_from_fork+0x10/0x20 [ 17.046876] [ 17.046999] Freed by task 193: [ 17.047100] kasan_save_stack+0x3c/0x68 [ 17.047194] kasan_save_track+0x20/0x40 [ 17.047411] kasan_save_free_info+0x4c/0x78 [ 17.047613] __kasan_slab_free+0x6c/0x98 [ 17.047789] kfree+0x214/0x3c8 [ 17.047925] kfree_sensitive+0x80/0xb0 [ 17.048051] kmalloc_double_kzfree+0x11c/0x308 [ 17.048204] kunit_try_run_case+0x170/0x3f0 [ 17.048291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.048337] kthread+0x328/0x630 [ 17.048609] ret_from_fork+0x10/0x20 [ 17.048715] [ 17.048999] The buggy address belongs to the object at fff00000c1376c40 [ 17.048999] which belongs to the cache kmalloc-16 of size 16 [ 17.049106] The buggy address is located 0 bytes inside of [ 17.049106] 16-byte region [fff00000c1376c40, fff00000c1376c50) [ 17.049197] [ 17.049298] The buggy address belongs to the physical page: [ 17.049364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 17.049614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.049775] page_type: f5(slab) [ 17.049830] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.049983] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.050085] page dumped because: kasan: bad access detected [ 17.050204] [ 17.050256] Memory state around the buggy address: [ 17.050332] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.050511] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.050707] >fff00000c1376c00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.050870] ^ [ 17.050949] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.051181] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.051325] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.033329] ================================================================== [ 17.033466] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.033525] Read of size 1 at addr fff00000c1376c40 by task kunit_try_catch/193 [ 17.033575] [ 17.033835] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.033953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.034035] Hardware name: linux,dummy-virt (DT) [ 17.034091] Call trace: [ 17.034151] show_stack+0x20/0x38 (C) [ 17.034534] dump_stack_lvl+0x8c/0xd0 [ 17.034640] print_report+0x118/0x608 [ 17.034833] kasan_report+0xdc/0x128 [ 17.034951] __kasan_check_byte+0x54/0x70 [ 17.035048] kfree_sensitive+0x30/0xb0 [ 17.035106] kmalloc_double_kzfree+0x168/0x308 [ 17.035424] kunit_try_run_case+0x170/0x3f0 [ 17.035591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.035660] kthread+0x328/0x630 [ 17.036003] ret_from_fork+0x10/0x20 [ 17.036095] [ 17.036219] Allocated by task 193: [ 17.036253] kasan_save_stack+0x3c/0x68 [ 17.036605] kasan_save_track+0x20/0x40 [ 17.036678] kasan_save_alloc_info+0x40/0x58 [ 17.036871] __kasan_kmalloc+0xd4/0xd8 [ 17.036995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.037039] kmalloc_double_kzfree+0xb8/0x308 [ 17.037338] kunit_try_run_case+0x170/0x3f0 [ 17.037416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.037474] kthread+0x328/0x630 [ 17.037506] ret_from_fork+0x10/0x20 [ 17.037724] [ 17.037837] Freed by task 193: [ 17.037925] kasan_save_stack+0x3c/0x68 [ 17.038013] kasan_save_track+0x20/0x40 [ 17.038049] kasan_save_free_info+0x4c/0x78 [ 17.038307] __kasan_slab_free+0x6c/0x98 [ 17.038394] kfree+0x214/0x3c8 [ 17.038444] kfree_sensitive+0x80/0xb0 [ 17.038726] kmalloc_double_kzfree+0x11c/0x308 [ 17.038800] kunit_try_run_case+0x170/0x3f0 [ 17.038930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.039243] kthread+0x328/0x630 [ 17.039307] ret_from_fork+0x10/0x20 [ 17.039375] [ 17.039460] The buggy address belongs to the object at fff00000c1376c40 [ 17.039460] which belongs to the cache kmalloc-16 of size 16 [ 17.039555] The buggy address is located 0 bytes inside of [ 17.039555] freed 16-byte region [fff00000c1376c40, fff00000c1376c50) [ 17.039900] [ 17.039951] The buggy address belongs to the physical page: [ 17.040201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 17.040282] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.040406] page_type: f5(slab) [ 17.040510] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.040600] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.040856] page dumped because: kasan: bad access detected [ 17.041074] [ 17.041164] Memory state around the buggy address: [ 17.041487] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.041568] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.041624] >fff00000c1376c00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.041761] ^ [ 17.041799] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042195] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042324] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.008010] ================================================================== [ 17.008068] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.008120] Read of size 1 at addr fff00000c7772228 by task kunit_try_catch/189 [ 17.008189] [ 17.008221] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.008303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.008338] Hardware name: linux,dummy-virt (DT) [ 17.008369] Call trace: [ 17.008390] show_stack+0x20/0x38 (C) [ 17.008443] dump_stack_lvl+0x8c/0xd0 [ 17.008499] print_report+0x118/0x608 [ 17.008546] kasan_report+0xdc/0x128 [ 17.008590] __asan_report_load1_noabort+0x20/0x30 [ 17.008642] kmalloc_uaf2+0x3f4/0x468 [ 17.008694] kunit_try_run_case+0x170/0x3f0 [ 17.008743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.008796] kthread+0x328/0x630 [ 17.008836] ret_from_fork+0x10/0x20 [ 17.008883] [ 17.008900] Allocated by task 189: [ 17.009091] kasan_save_stack+0x3c/0x68 [ 17.009174] kasan_save_track+0x20/0x40 [ 17.009216] kasan_save_alloc_info+0x40/0x58 [ 17.009523] __kasan_kmalloc+0xd4/0xd8 [ 17.009583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.010019] kmalloc_uaf2+0xc4/0x468 [ 17.010380] kunit_try_run_case+0x170/0x3f0 [ 17.010446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.010531] kthread+0x328/0x630 [ 17.010635] ret_from_fork+0x10/0x20 [ 17.010701] [ 17.010720] Freed by task 189: [ 17.010756] kasan_save_stack+0x3c/0x68 [ 17.010795] kasan_save_track+0x20/0x40 [ 17.010832] kasan_save_free_info+0x4c/0x78 [ 17.011161] __kasan_slab_free+0x6c/0x98 [ 17.011303] kfree+0x214/0x3c8 [ 17.011341] kmalloc_uaf2+0x134/0x468 [ 17.011425] kunit_try_run_case+0x170/0x3f0 [ 17.011742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.011826] kthread+0x328/0x630 [ 17.011988] ret_from_fork+0x10/0x20 [ 17.012076] [ 17.012183] The buggy address belongs to the object at fff00000c7772200 [ 17.012183] which belongs to the cache kmalloc-64 of size 64 [ 17.012320] The buggy address is located 40 bytes inside of [ 17.012320] freed 64-byte region [fff00000c7772200, fff00000c7772240) [ 17.012791] [ 17.012862] The buggy address belongs to the physical page: [ 17.013117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 17.013270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.013367] page_type: f5(slab) [ 17.013407] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.013735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.013880] page dumped because: kasan: bad access detected [ 17.013979] [ 17.014041] Memory state around the buggy address: [ 17.014130] fff00000c7772100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.014284] fff00000c7772180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.014391] >fff00000c7772200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.014438] ^ [ 17.014471] fff00000c7772280: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.014513] fff00000c7772300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.014553] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.991696] ================================================================== [ 16.991757] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.991812] Write of size 33 at addr fff00000c7772080 by task kunit_try_catch/187 [ 16.992107] [ 16.992274] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.992363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.992797] Hardware name: linux,dummy-virt (DT) [ 16.992847] Call trace: [ 16.992869] show_stack+0x20/0x38 (C) [ 16.992936] dump_stack_lvl+0x8c/0xd0 [ 16.992984] print_report+0x118/0x608 [ 16.993031] kasan_report+0xdc/0x128 [ 16.993082] kasan_check_range+0x100/0x1a8 [ 16.993130] __asan_memset+0x34/0x78 [ 16.993171] kmalloc_uaf_memset+0x170/0x310 [ 16.993217] kunit_try_run_case+0x170/0x3f0 [ 16.993264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.993327] kthread+0x328/0x630 [ 16.993368] ret_from_fork+0x10/0x20 [ 16.993416] [ 16.993434] Allocated by task 187: [ 16.993461] kasan_save_stack+0x3c/0x68 [ 16.993517] kasan_save_track+0x20/0x40 [ 16.993570] kasan_save_alloc_info+0x40/0x58 [ 16.993609] __kasan_kmalloc+0xd4/0xd8 [ 16.993646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.993685] kmalloc_uaf_memset+0xb8/0x310 [ 16.993729] kunit_try_run_case+0x170/0x3f0 [ 16.993766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.993809] kthread+0x328/0x630 [ 16.993841] ret_from_fork+0x10/0x20 [ 16.993883] [ 16.993902] Freed by task 187: [ 16.993937] kasan_save_stack+0x3c/0x68 [ 16.993973] kasan_save_track+0x20/0x40 [ 16.994010] kasan_save_free_info+0x4c/0x78 [ 16.994051] __kasan_slab_free+0x6c/0x98 [ 16.994792] kfree+0x214/0x3c8 [ 16.994866] kmalloc_uaf_memset+0x11c/0x310 [ 16.994904] kunit_try_run_case+0x170/0x3f0 [ 16.994953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.995281] kthread+0x328/0x630 [ 16.995351] ret_from_fork+0x10/0x20 [ 16.995439] [ 16.995508] The buggy address belongs to the object at fff00000c7772080 [ 16.995508] which belongs to the cache kmalloc-64 of size 64 [ 16.995865] The buggy address is located 0 bytes inside of [ 16.995865] freed 64-byte region [fff00000c7772080, fff00000c77720c0) [ 16.996013] [ 16.996084] The buggy address belongs to the physical page: [ 16.996417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107772 [ 16.996534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.996643] page_type: f5(slab) [ 16.996840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.997228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.997323] page dumped because: kasan: bad access detected [ 16.997362] [ 16.997381] Memory state around the buggy address: [ 16.997668] fff00000c7771f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997723] fff00000c7772000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.997849] >fff00000c7772080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.998149] ^ [ 16.998196] fff00000c7772100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.998241] fff00000c7772180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.998280] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.972761] ================================================================== [ 16.972833] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.972887] Read of size 1 at addr fff00000c1376c28 by task kunit_try_catch/185 [ 16.972951] [ 16.972983] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.973070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.973095] Hardware name: linux,dummy-virt (DT) [ 16.973422] Call trace: [ 16.973702] show_stack+0x20/0x38 (C) [ 16.973924] dump_stack_lvl+0x8c/0xd0 [ 16.973991] print_report+0x118/0x608 [ 16.974201] kasan_report+0xdc/0x128 [ 16.974258] __asan_report_load1_noabort+0x20/0x30 [ 16.974311] kmalloc_uaf+0x300/0x338 [ 16.974352] kunit_try_run_case+0x170/0x3f0 [ 16.974775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.974898] kthread+0x328/0x630 [ 16.975091] ret_from_fork+0x10/0x20 [ 16.975277] [ 16.975346] Allocated by task 185: [ 16.975379] kasan_save_stack+0x3c/0x68 [ 16.975719] kasan_save_track+0x20/0x40 [ 16.975828] kasan_save_alloc_info+0x40/0x58 [ 16.975895] __kasan_kmalloc+0xd4/0xd8 [ 16.976054] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.976231] kmalloc_uaf+0xb8/0x338 [ 16.976340] kunit_try_run_case+0x170/0x3f0 [ 16.976416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.976822] kthread+0x328/0x630 [ 16.976997] ret_from_fork+0x10/0x20 [ 16.977091] [ 16.977215] Freed by task 185: [ 16.977294] kasan_save_stack+0x3c/0x68 [ 16.977438] kasan_save_track+0x20/0x40 [ 16.977477] kasan_save_free_info+0x4c/0x78 [ 16.977548] __kasan_slab_free+0x6c/0x98 [ 16.977826] kfree+0x214/0x3c8 [ 16.977903] kmalloc_uaf+0x11c/0x338 [ 16.978039] kunit_try_run_case+0x170/0x3f0 [ 16.978153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.978268] kthread+0x328/0x630 [ 16.978337] ret_from_fork+0x10/0x20 [ 16.978440] [ 16.978595] The buggy address belongs to the object at fff00000c1376c20 [ 16.978595] which belongs to the cache kmalloc-16 of size 16 [ 16.978762] The buggy address is located 8 bytes inside of [ 16.978762] freed 16-byte region [fff00000c1376c20, fff00000c1376c30) [ 16.978903] [ 16.978986] The buggy address belongs to the physical page: [ 16.979049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 16.979191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.979373] page_type: f5(slab) [ 16.979416] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.979507] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.979848] page dumped because: kasan: bad access detected [ 16.979926] [ 16.980015] Memory state around the buggy address: [ 16.980206] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.980344] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.980402] >fff00000c1376c00: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.980601] ^ [ 16.980861] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.980998] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.981092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.951946] ================================================================== [ 16.952007] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.952061] Read of size 64 at addr fff00000c776cd84 by task kunit_try_catch/183 [ 16.952362] [ 16.952504] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.952670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.952699] Hardware name: linux,dummy-virt (DT) [ 16.952767] Call trace: [ 16.952792] show_stack+0x20/0x38 (C) [ 16.952976] dump_stack_lvl+0x8c/0xd0 [ 16.953028] print_report+0x118/0x608 [ 16.953086] kasan_report+0xdc/0x128 [ 16.953201] kasan_check_range+0x100/0x1a8 [ 16.953268] __asan_memmove+0x3c/0x98 [ 16.953311] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.953599] kunit_try_run_case+0x170/0x3f0 [ 16.953660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.953713] kthread+0x328/0x630 [ 16.953760] ret_from_fork+0x10/0x20 [ 16.953940] [ 16.953968] Allocated by task 183: [ 16.954017] kasan_save_stack+0x3c/0x68 [ 16.954226] kasan_save_track+0x20/0x40 [ 16.954424] kasan_save_alloc_info+0x40/0x58 [ 16.954931] __kasan_kmalloc+0xd4/0xd8 [ 16.954993] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.955035] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.955076] kunit_try_run_case+0x170/0x3f0 [ 16.955973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.956030] kthread+0x328/0x630 [ 16.956188] ret_from_fork+0x10/0x20 [ 16.956231] [ 16.956263] The buggy address belongs to the object at fff00000c776cd80 [ 16.956263] which belongs to the cache kmalloc-64 of size 64 [ 16.957146] The buggy address is located 4 bytes inside of [ 16.957146] allocated 64-byte region [fff00000c776cd80, fff00000c776cdc0) [ 16.957235] [ 16.957503] The buggy address belongs to the physical page: [ 16.959988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 16.960080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.960131] page_type: f5(slab) [ 16.960172] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.960222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.960264] page dumped because: kasan: bad access detected [ 16.964755] [ 16.964841] Memory state around the buggy address: [ 16.964952] fff00000c776cc80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.964999] fff00000c776cd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.965041] >fff00000c776cd80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.965083] ^ [ 16.965116] fff00000c776ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.965158] fff00000c776ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.965196] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.936804] ================================================================== [ 16.936868] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.937261] Read of size 18446744073709551614 at addr fff00000c776cb84 by task kunit_try_catch/181 [ 16.937461] [ 16.937600] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.937747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.937771] Hardware name: linux,dummy-virt (DT) [ 16.937800] Call trace: [ 16.938156] show_stack+0x20/0x38 (C) [ 16.938425] dump_stack_lvl+0x8c/0xd0 [ 16.938535] print_report+0x118/0x608 [ 16.938641] kasan_report+0xdc/0x128 [ 16.938817] kasan_check_range+0x100/0x1a8 [ 16.938864] __asan_memmove+0x3c/0x98 [ 16.938923] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.938972] kunit_try_run_case+0x170/0x3f0 [ 16.939019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.939238] kthread+0x328/0x630 [ 16.939307] ret_from_fork+0x10/0x20 [ 16.939362] [ 16.939381] Allocated by task 181: [ 16.939422] kasan_save_stack+0x3c/0x68 [ 16.939471] kasan_save_track+0x20/0x40 [ 16.939508] kasan_save_alloc_info+0x40/0x58 [ 16.939555] __kasan_kmalloc+0xd4/0xd8 [ 16.939591] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.939927] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.939972] kunit_try_run_case+0x170/0x3f0 [ 16.940009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.940052] kthread+0x328/0x630 [ 16.940092] ret_from_fork+0x10/0x20 [ 16.940129] [ 16.940169] The buggy address belongs to the object at fff00000c776cb80 [ 16.940169] which belongs to the cache kmalloc-64 of size 64 [ 16.940273] The buggy address is located 4 bytes inside of [ 16.940273] 64-byte region [fff00000c776cb80, fff00000c776cbc0) [ 16.940332] [ 16.940375] The buggy address belongs to the physical page: [ 16.940413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 16.940466] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.940512] page_type: f5(slab) [ 16.940551] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.940601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.940647] page dumped because: kasan: bad access detected [ 16.940680] [ 16.940697] Memory state around the buggy address: [ 16.940731] fff00000c776ca80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.940783] fff00000c776cb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.940825] >fff00000c776cb80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.940864] ^ [ 16.940891] fff00000c776cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.941642] fff00000c776cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.941721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.923893] ================================================================== [ 16.923961] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.924012] Write of size 16 at addr fff00000c63cdd69 by task kunit_try_catch/179 [ 16.924060] [ 16.924412] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.924569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.924664] Hardware name: linux,dummy-virt (DT) [ 16.924694] Call trace: [ 16.924747] show_stack+0x20/0x38 (C) [ 16.924813] dump_stack_lvl+0x8c/0xd0 [ 16.925138] print_report+0x118/0x608 [ 16.925322] kasan_report+0xdc/0x128 [ 16.925366] kasan_check_range+0x100/0x1a8 [ 16.925412] __asan_memset+0x34/0x78 [ 16.925452] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.925507] kunit_try_run_case+0x170/0x3f0 [ 16.925555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.925743] kthread+0x328/0x630 [ 16.925785] ret_from_fork+0x10/0x20 [ 16.926382] [ 16.926405] Allocated by task 179: [ 16.926551] kasan_save_stack+0x3c/0x68 [ 16.926594] kasan_save_track+0x20/0x40 [ 16.926641] kasan_save_alloc_info+0x40/0x58 [ 16.926680] __kasan_kmalloc+0xd4/0xd8 [ 16.926853] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.927054] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.927112] kunit_try_run_case+0x170/0x3f0 [ 16.927148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.927191] kthread+0x328/0x630 [ 16.927223] ret_from_fork+0x10/0x20 [ 16.927305] [ 16.927325] The buggy address belongs to the object at fff00000c63cdd00 [ 16.927325] which belongs to the cache kmalloc-128 of size 128 [ 16.927428] The buggy address is located 105 bytes inside of [ 16.927428] allocated 120-byte region [fff00000c63cdd00, fff00000c63cdd78) [ 16.927488] [ 16.927508] The buggy address belongs to the physical page: [ 16.927544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.927769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.927832] page_type: f5(slab) [ 16.927868] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.927926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.927985] page dumped because: kasan: bad access detected [ 16.928064] [ 16.928082] Memory state around the buggy address: [ 16.928185] fff00000c63cdc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.928375] fff00000c63cdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928511] >fff00000c63cdd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.928549] ^ [ 16.928586] fff00000c63cdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928639] fff00000c63cde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.928675] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.908616] ================================================================== [ 16.908674] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.908723] Write of size 8 at addr fff00000c63cdc71 by task kunit_try_catch/177 [ 16.908770] [ 16.908802] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.908880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.908904] Hardware name: linux,dummy-virt (DT) [ 16.908945] Call trace: [ 16.908966] show_stack+0x20/0x38 (C) [ 16.909012] dump_stack_lvl+0x8c/0xd0 [ 16.909061] print_report+0x118/0x608 [ 16.909297] kasan_report+0xdc/0x128 [ 16.909382] kasan_check_range+0x100/0x1a8 [ 16.909427] __asan_memset+0x34/0x78 [ 16.909468] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.910389] kunit_try_run_case+0x170/0x3f0 [ 16.910546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.910763] kthread+0x328/0x630 [ 16.910805] ret_from_fork+0x10/0x20 [ 16.910851] [ 16.910869] Allocated by task 177: [ 16.910896] kasan_save_stack+0x3c/0x68 [ 16.910948] kasan_save_track+0x20/0x40 [ 16.910984] kasan_save_alloc_info+0x40/0x58 [ 16.911034] __kasan_kmalloc+0xd4/0xd8 [ 16.911070] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.911408] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.911466] kunit_try_run_case+0x170/0x3f0 [ 16.911503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.911774] kthread+0x328/0x630 [ 16.911876] ret_from_fork+0x10/0x20 [ 16.912187] [ 16.912211] The buggy address belongs to the object at fff00000c63cdc00 [ 16.912211] which belongs to the cache kmalloc-128 of size 128 [ 16.912269] The buggy address is located 113 bytes inside of [ 16.912269] allocated 120-byte region [fff00000c63cdc00, fff00000c63cdc78) [ 16.912330] [ 16.912356] The buggy address belongs to the physical page: [ 16.912494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.912609] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.912672] page_type: f5(slab) [ 16.912731] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.912779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.912844] page dumped because: kasan: bad access detected [ 16.912875] [ 16.912892] Memory state around the buggy address: [ 16.913203] fff00000c63cdb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.913660] fff00000c63cdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.913737] >fff00000c63cdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.913774] ^ [ 16.913813] fff00000c63cdc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.913855] fff00000c63cdd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.913892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.893636] ================================================================== [ 16.893761] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.893940] Write of size 4 at addr fff00000c63cdb75 by task kunit_try_catch/175 [ 16.894031] [ 16.894277] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.894501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.894528] Hardware name: linux,dummy-virt (DT) [ 16.894557] Call trace: [ 16.894580] show_stack+0x20/0x38 (C) [ 16.894791] dump_stack_lvl+0x8c/0xd0 [ 16.894880] print_report+0x118/0x608 [ 16.894943] kasan_report+0xdc/0x128 [ 16.894987] kasan_check_range+0x100/0x1a8 [ 16.895033] __asan_memset+0x34/0x78 [ 16.895073] kmalloc_oob_memset_4+0x150/0x300 [ 16.895140] kunit_try_run_case+0x170/0x3f0 [ 16.895413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.895480] kthread+0x328/0x630 [ 16.895532] ret_from_fork+0x10/0x20 [ 16.895800] [ 16.895819] Allocated by task 175: [ 16.895846] kasan_save_stack+0x3c/0x68 [ 16.895886] kasan_save_track+0x20/0x40 [ 16.895942] kasan_save_alloc_info+0x40/0x58 [ 16.896038] __kasan_kmalloc+0xd4/0xd8 [ 16.896075] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.896453] kmalloc_oob_memset_4+0xb0/0x300 [ 16.896813] kunit_try_run_case+0x170/0x3f0 [ 16.896852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.896894] kthread+0x328/0x630 [ 16.896985] ret_from_fork+0x10/0x20 [ 16.897173] [ 16.897237] The buggy address belongs to the object at fff00000c63cdb00 [ 16.897237] which belongs to the cache kmalloc-128 of size 128 [ 16.897330] The buggy address is located 117 bytes inside of [ 16.897330] allocated 120-byte region [fff00000c63cdb00, fff00000c63cdb78) [ 16.897393] [ 16.897419] The buggy address belongs to the physical page: [ 16.897539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.897627] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.897768] page_type: f5(slab) [ 16.897869] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.897925] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.897963] page dumped because: kasan: bad access detected [ 16.898018] [ 16.898036] Memory state around the buggy address: [ 16.898066] fff00000c63cda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.898107] fff00000c63cda80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898234] >fff00000c63cdb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.898559] ^ [ 16.898795] fff00000c63cdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898995] fff00000c63cdc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.899117] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.879503] ================================================================== [ 16.879563] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.879615] Write of size 2 at addr fff00000c63cda77 by task kunit_try_catch/173 [ 16.880103] [ 16.880149] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.880622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.880649] Hardware name: linux,dummy-virt (DT) [ 16.881063] Call trace: [ 16.881138] show_stack+0x20/0x38 (C) [ 16.881191] dump_stack_lvl+0x8c/0xd0 [ 16.881236] print_report+0x118/0x608 [ 16.881279] kasan_report+0xdc/0x128 [ 16.881332] kasan_check_range+0x100/0x1a8 [ 16.881378] __asan_memset+0x34/0x78 [ 16.881902] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.882386] kunit_try_run_case+0x170/0x3f0 [ 16.882436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.882510] kthread+0x328/0x630 [ 16.882550] ret_from_fork+0x10/0x20 [ 16.882729] [ 16.882878] Allocated by task 173: [ 16.882999] kasan_save_stack+0x3c/0x68 [ 16.883066] kasan_save_track+0x20/0x40 [ 16.883103] kasan_save_alloc_info+0x40/0x58 [ 16.883141] __kasan_kmalloc+0xd4/0xd8 [ 16.883176] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.883214] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.883289] kunit_try_run_case+0x170/0x3f0 [ 16.883340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.883469] kthread+0x328/0x630 [ 16.883501] ret_from_fork+0x10/0x20 [ 16.883582] [ 16.883682] The buggy address belongs to the object at fff00000c63cda00 [ 16.883682] which belongs to the cache kmalloc-128 of size 128 [ 16.883783] The buggy address is located 119 bytes inside of [ 16.883783] allocated 120-byte region [fff00000c63cda00, fff00000c63cda78) [ 16.883923] [ 16.883949] The buggy address belongs to the physical page: [ 16.884029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.884115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.884188] page_type: f5(slab) [ 16.884363] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.884445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.884523] page dumped because: kasan: bad access detected [ 16.884595] [ 16.884630] Memory state around the buggy address: [ 16.884670] fff00000c63cd900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.884727] fff00000c63cd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.884822] >fff00000c63cda00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.885361] ^ [ 16.885644] fff00000c63cda80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885745] fff00000c63cdb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.864065] ================================================================== [ 16.864127] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.864182] Write of size 128 at addr fff00000c63cd900 by task kunit_try_catch/171 [ 16.864231] [ 16.864536] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.864917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.865108] Hardware name: linux,dummy-virt (DT) [ 16.865174] Call trace: [ 16.865281] show_stack+0x20/0x38 (C) [ 16.865399] dump_stack_lvl+0x8c/0xd0 [ 16.865446] print_report+0x118/0x608 [ 16.865490] kasan_report+0xdc/0x128 [ 16.865532] kasan_check_range+0x100/0x1a8 [ 16.865578] __asan_memset+0x34/0x78 [ 16.865628] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.865673] kunit_try_run_case+0x170/0x3f0 [ 16.866173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.866231] kthread+0x328/0x630 [ 16.866271] ret_from_fork+0x10/0x20 [ 16.866320] [ 16.866338] Allocated by task 171: [ 16.866391] kasan_save_stack+0x3c/0x68 [ 16.866583] kasan_save_track+0x20/0x40 [ 16.866805] kasan_save_alloc_info+0x40/0x58 [ 16.866976] __kasan_kmalloc+0xd4/0xd8 [ 16.867014] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.867219] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.867256] kunit_try_run_case+0x170/0x3f0 [ 16.867293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.867341] kthread+0x328/0x630 [ 16.867963] ret_from_fork+0x10/0x20 [ 16.868107] [ 16.868243] The buggy address belongs to the object at fff00000c63cd900 [ 16.868243] which belongs to the cache kmalloc-128 of size 128 [ 16.868631] The buggy address is located 0 bytes inside of [ 16.868631] allocated 120-byte region [fff00000c63cd900, fff00000c63cd978) [ 16.868859] [ 16.868881] The buggy address belongs to the physical page: [ 16.868920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.868973] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.869032] page_type: f5(slab) [ 16.869076] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.869424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.869669] page dumped because: kasan: bad access detected [ 16.869702] [ 16.869784] Memory state around the buggy address: [ 16.869864] fff00000c63cd800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.869906] fff00000c63cd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.869958] >fff00000c63cd900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.870042] ^ [ 16.870082] fff00000c63cd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.870284] fff00000c63cda00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.870322] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.830322] ================================================================== [ 16.830555] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.830640] Read of size 16 at addr fff00000c1376c00 by task kunit_try_catch/169 [ 16.830689] [ 16.831100] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.831250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.831633] Hardware name: linux,dummy-virt (DT) [ 16.831785] Call trace: [ 16.831842] show_stack+0x20/0x38 (C) [ 16.832199] dump_stack_lvl+0x8c/0xd0 [ 16.832261] print_report+0x118/0x608 [ 16.832306] kasan_report+0xdc/0x128 [ 16.832350] __asan_report_load16_noabort+0x20/0x30 [ 16.832459] kmalloc_uaf_16+0x3bc/0x438 [ 16.832870] kunit_try_run_case+0x170/0x3f0 [ 16.832930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.832997] kthread+0x328/0x630 [ 16.833038] ret_from_fork+0x10/0x20 [ 16.833139] [ 16.833158] Allocated by task 169: [ 16.833186] kasan_save_stack+0x3c/0x68 [ 16.833231] kasan_save_track+0x20/0x40 [ 16.833390] kasan_save_alloc_info+0x40/0x58 [ 16.833448] __kasan_kmalloc+0xd4/0xd8 [ 16.833549] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.833587] kmalloc_uaf_16+0x140/0x438 [ 16.833621] kunit_try_run_case+0x170/0x3f0 [ 16.833656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.833736] kthread+0x328/0x630 [ 16.833878] ret_from_fork+0x10/0x20 [ 16.834014] [ 16.834033] Freed by task 169: [ 16.834058] kasan_save_stack+0x3c/0x68 [ 16.834534] kasan_save_track+0x20/0x40 [ 16.834581] kasan_save_free_info+0x4c/0x78 [ 16.834757] __kasan_slab_free+0x6c/0x98 [ 16.834806] kfree+0x214/0x3c8 [ 16.834856] kmalloc_uaf_16+0x190/0x438 [ 16.834891] kunit_try_run_case+0x170/0x3f0 [ 16.834976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.835035] kthread+0x328/0x630 [ 16.835066] ret_from_fork+0x10/0x20 [ 16.835100] [ 16.835371] The buggy address belongs to the object at fff00000c1376c00 [ 16.835371] which belongs to the cache kmalloc-16 of size 16 [ 16.835440] The buggy address is located 0 bytes inside of [ 16.835440] freed 16-byte region [fff00000c1376c00, fff00000c1376c10) [ 16.835604] [ 16.835687] The buggy address belongs to the physical page: [ 16.835716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 16.835769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.836116] page_type: f5(slab) [ 16.836243] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.836384] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.836423] page dumped because: kasan: bad access detected [ 16.836452] [ 16.836480] Memory state around the buggy address: [ 16.836564] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.836605] fff00000c1376b80: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.836646] >fff00000c1376c00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836682] ^ [ 16.836718] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836758] fff00000c1376d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.812841] ================================================================== [ 16.812906] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.813201] Write of size 16 at addr fff00000c1376ba0 by task kunit_try_catch/167 [ 16.813265] [ 16.813746] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.813970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.814002] Hardware name: linux,dummy-virt (DT) [ 16.814054] Call trace: [ 16.814075] show_stack+0x20/0x38 (C) [ 16.814325] dump_stack_lvl+0x8c/0xd0 [ 16.814393] print_report+0x118/0x608 [ 16.814438] kasan_report+0xdc/0x128 [ 16.814664] __asan_report_store16_noabort+0x20/0x30 [ 16.814835] kmalloc_oob_16+0x3a0/0x3f8 [ 16.814878] kunit_try_run_case+0x170/0x3f0 [ 16.814935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.814985] kthread+0x328/0x630 [ 16.815025] ret_from_fork+0x10/0x20 [ 16.815071] [ 16.815088] Allocated by task 167: [ 16.815115] kasan_save_stack+0x3c/0x68 [ 16.815153] kasan_save_track+0x20/0x40 [ 16.815189] kasan_save_alloc_info+0x40/0x58 [ 16.815227] __kasan_kmalloc+0xd4/0xd8 [ 16.815261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.815298] kmalloc_oob_16+0xb4/0x3f8 [ 16.815333] kunit_try_run_case+0x170/0x3f0 [ 16.815369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815731] kthread+0x328/0x630 [ 16.815781] ret_from_fork+0x10/0x20 [ 16.815827] [ 16.815932] The buggy address belongs to the object at fff00000c1376ba0 [ 16.815932] which belongs to the cache kmalloc-16 of size 16 [ 16.816074] The buggy address is located 0 bytes inside of [ 16.816074] allocated 13-byte region [fff00000c1376ba0, fff00000c1376bad) [ 16.816196] [ 16.816217] The buggy address belongs to the physical page: [ 16.816245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 16.816618] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.816803] page_type: f5(slab) [ 16.816889] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.816949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.816987] page dumped because: kasan: bad access detected [ 16.817184] [ 16.817210] Memory state around the buggy address: [ 16.817242] fff00000c1376a80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.817624] fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.817692] >fff00000c1376b80: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 16.817760] ^ [ 16.817793] fff00000c1376c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.817899] fff00000c1376c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.817946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.788251] ================================================================== [ 16.788341] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.788399] Read of size 1 at addr fff00000c172e200 by task kunit_try_catch/165 [ 16.788578] [ 16.788609] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.788892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.788926] Hardware name: linux,dummy-virt (DT) [ 16.788955] Call trace: [ 16.788975] show_stack+0x20/0x38 (C) [ 16.789509] dump_stack_lvl+0x8c/0xd0 [ 16.789672] print_report+0x118/0x608 [ 16.789716] kasan_report+0xdc/0x128 [ 16.790122] __kasan_check_byte+0x54/0x70 [ 16.790189] krealloc_noprof+0x44/0x360 [ 16.790274] krealloc_uaf+0x180/0x520 [ 16.790334] kunit_try_run_case+0x170/0x3f0 [ 16.790381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.790438] kthread+0x328/0x630 [ 16.790477] ret_from_fork+0x10/0x20 [ 16.790522] [ 16.790540] Allocated by task 165: [ 16.790695] kasan_save_stack+0x3c/0x68 [ 16.790863] kasan_save_track+0x20/0x40 [ 16.790978] kasan_save_alloc_info+0x40/0x58 [ 16.791019] __kasan_kmalloc+0xd4/0xd8 [ 16.791095] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.791141] krealloc_uaf+0xc8/0x520 [ 16.791338] kunit_try_run_case+0x170/0x3f0 [ 16.791599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.791641] kthread+0x328/0x630 [ 16.792044] ret_from_fork+0x10/0x20 [ 16.792294] [ 16.792332] Freed by task 165: [ 16.792415] kasan_save_stack+0x3c/0x68 [ 16.792538] kasan_save_track+0x20/0x40 [ 16.792596] kasan_save_free_info+0x4c/0x78 [ 16.792635] __kasan_slab_free+0x6c/0x98 [ 16.792672] kfree+0x214/0x3c8 [ 16.792704] krealloc_uaf+0x12c/0x520 [ 16.792739] kunit_try_run_case+0x170/0x3f0 [ 16.792775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.792816] kthread+0x328/0x630 [ 16.792847] ret_from_fork+0x10/0x20 [ 16.792898] [ 16.792932] The buggy address belongs to the object at fff00000c172e200 [ 16.792932] which belongs to the cache kmalloc-256 of size 256 [ 16.793416] The buggy address is located 0 bytes inside of [ 16.793416] freed 256-byte region [fff00000c172e200, fff00000c172e300) [ 16.793541] [ 16.793562] The buggy address belongs to the physical page: [ 16.793592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.793644] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.794167] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.794314] page_type: f5(slab) [ 16.794351] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.794522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.794599] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.794765] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.794886] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.795051] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.795092] page dumped because: kasan: bad access detected [ 16.795175] [ 16.795201] Memory state around the buggy address: [ 16.795232] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795326] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795378] >fff00000c172e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.795414] ^ [ 16.795496] fff00000c172e280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.795680] fff00000c172e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.795728] ================================================================== [ 16.796940] ================================================================== [ 16.796988] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.797331] Read of size 1 at addr fff00000c172e200 by task kunit_try_catch/165 [ 16.797466] [ 16.797578] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.797663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.797688] Hardware name: linux,dummy-virt (DT) [ 16.797716] Call trace: [ 16.797736] show_stack+0x20/0x38 (C) [ 16.797783] dump_stack_lvl+0x8c/0xd0 [ 16.797838] print_report+0x118/0x608 [ 16.797883] kasan_report+0xdc/0x128 [ 16.798271] __asan_report_load1_noabort+0x20/0x30 [ 16.798343] krealloc_uaf+0x4c8/0x520 [ 16.798398] kunit_try_run_case+0x170/0x3f0 [ 16.798446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.798595] kthread+0x328/0x630 [ 16.798894] ret_from_fork+0x10/0x20 [ 16.799228] [ 16.799269] Allocated by task 165: [ 16.799297] kasan_save_stack+0x3c/0x68 [ 16.799342] kasan_save_track+0x20/0x40 [ 16.799508] kasan_save_alloc_info+0x40/0x58 [ 16.799590] __kasan_kmalloc+0xd4/0xd8 [ 16.799665] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.799783] krealloc_uaf+0xc8/0x520 [ 16.799856] kunit_try_run_case+0x170/0x3f0 [ 16.800091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.800390] kthread+0x328/0x630 [ 16.800529] ret_from_fork+0x10/0x20 [ 16.800701] [ 16.800803] Freed by task 165: [ 16.800864] kasan_save_stack+0x3c/0x68 [ 16.800950] kasan_save_track+0x20/0x40 [ 16.800987] kasan_save_free_info+0x4c/0x78 [ 16.801025] __kasan_slab_free+0x6c/0x98 [ 16.801065] kfree+0x214/0x3c8 [ 16.801098] krealloc_uaf+0x12c/0x520 [ 16.801142] kunit_try_run_case+0x170/0x3f0 [ 16.801178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.801456] kthread+0x328/0x630 [ 16.801647] ret_from_fork+0x10/0x20 [ 16.801683] [ 16.801702] The buggy address belongs to the object at fff00000c172e200 [ 16.801702] which belongs to the cache kmalloc-256 of size 256 [ 16.802158] The buggy address is located 0 bytes inside of [ 16.802158] freed 256-byte region [fff00000c172e200, fff00000c172e300) [ 16.802336] [ 16.802357] The buggy address belongs to the physical page: [ 16.802385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.802466] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.802592] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.802640] page_type: f5(slab) [ 16.802675] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.802723] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.802770] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.803056] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.803232] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.803332] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.803410] page dumped because: kasan: bad access detected [ 16.803439] [ 16.803456] Memory state around the buggy address: [ 16.803493] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803658] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.803699] >fff00000c172e200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.803774] ^ [ 16.803902] fff00000c172e280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.804046] fff00000c172e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.804087] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.735766] ================================================================== [ 16.735814] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.735861] Write of size 1 at addr fff00000c172e0eb by task kunit_try_catch/159 [ 16.735924] [ 16.736157] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.736611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.736687] Hardware name: linux,dummy-virt (DT) [ 16.736799] Call trace: [ 16.736827] show_stack+0x20/0x38 (C) [ 16.736926] dump_stack_lvl+0x8c/0xd0 [ 16.736983] print_report+0x118/0x608 [ 16.737131] kasan_report+0xdc/0x128 [ 16.737175] __asan_report_store1_noabort+0x20/0x30 [ 16.737325] krealloc_less_oob_helper+0xa58/0xc50 [ 16.737536] krealloc_less_oob+0x20/0x38 [ 16.737583] kunit_try_run_case+0x170/0x3f0 [ 16.737637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.737711] kthread+0x328/0x630 [ 16.737934] ret_from_fork+0x10/0x20 [ 16.738259] [ 16.738307] Allocated by task 159: [ 16.738334] kasan_save_stack+0x3c/0x68 [ 16.738375] kasan_save_track+0x20/0x40 [ 16.738431] kasan_save_alloc_info+0x40/0x58 [ 16.738470] __kasan_krealloc+0x118/0x178 [ 16.738505] krealloc_noprof+0x128/0x360 [ 16.738541] krealloc_less_oob_helper+0x168/0xc50 [ 16.738807] krealloc_less_oob+0x20/0x38 [ 16.738947] kunit_try_run_case+0x170/0x3f0 [ 16.739007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.739048] kthread+0x328/0x630 [ 16.739079] ret_from_fork+0x10/0x20 [ 16.739418] [ 16.739441] The buggy address belongs to the object at fff00000c172e000 [ 16.739441] which belongs to the cache kmalloc-256 of size 256 [ 16.739499] The buggy address is located 34 bytes to the right of [ 16.739499] allocated 201-byte region [fff00000c172e000, fff00000c172e0c9) [ 16.739755] [ 16.739786] The buggy address belongs to the physical page: [ 16.739888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.739953] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.740019] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.740091] page_type: f5(slab) [ 16.740440] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.740560] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.740780] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.741015] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.741068] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.741162] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.741224] page dumped because: kasan: bad access detected [ 16.741253] [ 16.741271] Memory state around the buggy address: [ 16.741301] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.741343] fff00000c172e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.741586] >fff00000c172e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.741624] ^ [ 16.741698] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.741979] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.742161] ================================================================== [ 16.773191] ================================================================== [ 16.773226] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.773269] Write of size 1 at addr fff00000c77120da by task kunit_try_catch/163 [ 16.773344] [ 16.773479] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.773600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.773626] Hardware name: linux,dummy-virt (DT) [ 16.773655] Call trace: [ 16.773681] show_stack+0x20/0x38 (C) [ 16.773732] dump_stack_lvl+0x8c/0xd0 [ 16.773851] print_report+0x118/0x608 [ 16.774049] kasan_report+0xdc/0x128 [ 16.774094] __asan_report_store1_noabort+0x20/0x30 [ 16.774199] krealloc_less_oob_helper+0xa80/0xc50 [ 16.774247] krealloc_large_less_oob+0x20/0x38 [ 16.774292] kunit_try_run_case+0x170/0x3f0 [ 16.774337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.774388] kthread+0x328/0x630 [ 16.774428] ret_from_fork+0x10/0x20 [ 16.774474] [ 16.774493] The buggy address belongs to the physical page: [ 16.774521] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 16.774572] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.774618] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.774666] page_type: f8(unknown) [ 16.774744] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.774794] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.774842] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.774891] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.774954] head: 0bfffe0000000002 ffffc1ffc31dc401 00000000ffffffff 00000000ffffffff [ 16.775001] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.775039] page dumped because: kasan: bad access detected [ 16.775091] [ 16.775114] Memory state around the buggy address: [ 16.775228] fff00000c7711f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.775270] fff00000c7712000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.775373] >fff00000c7712080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.775476] ^ [ 16.775529] fff00000c7712100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.775569] fff00000c7712180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.775606] ================================================================== [ 16.708847] ================================================================== [ 16.708940] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.708999] Write of size 1 at addr fff00000c172e0c9 by task kunit_try_catch/159 [ 16.709184] [ 16.709321] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.709401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.709426] Hardware name: linux,dummy-virt (DT) [ 16.709456] Call trace: [ 16.709864] show_stack+0x20/0x38 (C) [ 16.709955] dump_stack_lvl+0x8c/0xd0 [ 16.710278] print_report+0x118/0x608 [ 16.710333] kasan_report+0xdc/0x128 [ 16.710475] __asan_report_store1_noabort+0x20/0x30 [ 16.710529] krealloc_less_oob_helper+0xa48/0xc50 [ 16.710576] krealloc_less_oob+0x20/0x38 [ 16.710619] kunit_try_run_case+0x170/0x3f0 [ 16.710668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.710815] kthread+0x328/0x630 [ 16.710983] ret_from_fork+0x10/0x20 [ 16.711090] [ 16.711110] Allocated by task 159: [ 16.711137] kasan_save_stack+0x3c/0x68 [ 16.711177] kasan_save_track+0x20/0x40 [ 16.711384] kasan_save_alloc_info+0x40/0x58 [ 16.711468] __kasan_krealloc+0x118/0x178 [ 16.711608] krealloc_noprof+0x128/0x360 [ 16.711644] krealloc_less_oob_helper+0x168/0xc50 [ 16.711682] krealloc_less_oob+0x20/0x38 [ 16.711718] kunit_try_run_case+0x170/0x3f0 [ 16.711755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.711797] kthread+0x328/0x630 [ 16.711870] ret_from_fork+0x10/0x20 [ 16.711946] [ 16.711989] The buggy address belongs to the object at fff00000c172e000 [ 16.711989] which belongs to the cache kmalloc-256 of size 256 [ 16.712046] The buggy address is located 0 bytes to the right of [ 16.712046] allocated 201-byte region [fff00000c172e000, fff00000c172e0c9) [ 16.712146] [ 16.712240] The buggy address belongs to the physical page: [ 16.712314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.712471] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.712598] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.712667] page_type: f5(slab) [ 16.712706] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.712805] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.712949] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.712996] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.713083] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.713131] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.713512] page dumped because: kasan: bad access detected [ 16.713546] [ 16.713657] Memory state around the buggy address: [ 16.713932] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714109] fff00000c172e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.714182] >fff00000c172e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.714218] ^ [ 16.714252] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714293] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714330] ================================================================== [ 16.766211] ================================================================== [ 16.766333] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.766387] Write of size 1 at addr fff00000c77120c9 by task kunit_try_catch/163 [ 16.766434] [ 16.766465] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.766543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.766568] Hardware name: linux,dummy-virt (DT) [ 16.766597] Call trace: [ 16.766943] show_stack+0x20/0x38 (C) [ 16.767048] dump_stack_lvl+0x8c/0xd0 [ 16.767272] print_report+0x118/0x608 [ 16.767336] kasan_report+0xdc/0x128 [ 16.767397] __asan_report_store1_noabort+0x20/0x30 [ 16.767447] krealloc_less_oob_helper+0xa48/0xc50 [ 16.767494] krealloc_large_less_oob+0x20/0x38 [ 16.767699] kunit_try_run_case+0x170/0x3f0 [ 16.767759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.767935] kthread+0x328/0x630 [ 16.767993] ret_from_fork+0x10/0x20 [ 16.768050] [ 16.768077] The buggy address belongs to the physical page: [ 16.768136] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 16.768188] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.768234] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.768535] page_type: f8(unknown) [ 16.768643] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.768755] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.768811] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.768925] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.768974] head: 0bfffe0000000002 ffffc1ffc31dc401 00000000ffffffff 00000000ffffffff [ 16.769021] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.769064] page dumped because: kasan: bad access detected [ 16.769106] [ 16.769124] Memory state around the buggy address: [ 16.769154] fff00000c7711f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.769568] fff00000c7712000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.769615] >fff00000c7712080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.769652] ^ [ 16.769713] fff00000c7712100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.769753] fff00000c7712180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.769845] ================================================================== [ 16.776474] ================================================================== [ 16.776601] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.776763] Write of size 1 at addr fff00000c77120ea by task kunit_try_catch/163 [ 16.776929] [ 16.777013] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.777114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.777236] Hardware name: linux,dummy-virt (DT) [ 16.777281] Call trace: [ 16.777302] show_stack+0x20/0x38 (C) [ 16.777388] dump_stack_lvl+0x8c/0xd0 [ 16.777436] print_report+0x118/0x608 [ 16.777480] kasan_report+0xdc/0x128 [ 16.777524] __asan_report_store1_noabort+0x20/0x30 [ 16.777599] krealloc_less_oob_helper+0xae4/0xc50 [ 16.777779] krealloc_large_less_oob+0x20/0x38 [ 16.777832] kunit_try_run_case+0x170/0x3f0 [ 16.777878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.777939] kthread+0x328/0x630 [ 16.777979] ret_from_fork+0x10/0x20 [ 16.778068] [ 16.778087] The buggy address belongs to the physical page: [ 16.778262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 16.778405] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.778593] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.778682] page_type: f8(unknown) [ 16.778718] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.778781] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.778899] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.779018] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.779089] head: 0bfffe0000000002 ffffc1ffc31dc401 00000000ffffffff 00000000ffffffff [ 16.779233] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.779272] page dumped because: kasan: bad access detected [ 16.779340] [ 16.779363] Memory state around the buggy address: [ 16.779392] fff00000c7711f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.779575] fff00000c7712000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.779671] >fff00000c7712080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.779707] ^ [ 16.779744] fff00000c7712100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.779841] fff00000c7712180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.779939] ================================================================== [ 16.722066] ================================================================== [ 16.722112] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.722209] Write of size 1 at addr fff00000c172e0da by task kunit_try_catch/159 [ 16.722529] [ 16.722565] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.722645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.722670] Hardware name: linux,dummy-virt (DT) [ 16.722862] Call trace: [ 16.722897] show_stack+0x20/0x38 (C) [ 16.723052] dump_stack_lvl+0x8c/0xd0 [ 16.723184] print_report+0x118/0x608 [ 16.723233] kasan_report+0xdc/0x128 [ 16.723278] __asan_report_store1_noabort+0x20/0x30 [ 16.723327] krealloc_less_oob_helper+0xa80/0xc50 [ 16.723374] krealloc_less_oob+0x20/0x38 [ 16.723642] kunit_try_run_case+0x170/0x3f0 [ 16.723730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.723874] kthread+0x328/0x630 [ 16.723946] ret_from_fork+0x10/0x20 [ 16.724042] [ 16.724071] Allocated by task 159: [ 16.724099] kasan_save_stack+0x3c/0x68 [ 16.724138] kasan_save_track+0x20/0x40 [ 16.724174] kasan_save_alloc_info+0x40/0x58 [ 16.724481] __kasan_krealloc+0x118/0x178 [ 16.724593] krealloc_noprof+0x128/0x360 [ 16.724629] krealloc_less_oob_helper+0x168/0xc50 [ 16.724687] krealloc_less_oob+0x20/0x38 [ 16.724850] kunit_try_run_case+0x170/0x3f0 [ 16.724943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.724984] kthread+0x328/0x630 [ 16.725015] ret_from_fork+0x10/0x20 [ 16.725056] [ 16.725074] The buggy address belongs to the object at fff00000c172e000 [ 16.725074] which belongs to the cache kmalloc-256 of size 256 [ 16.725357] The buggy address is located 17 bytes to the right of [ 16.725357] allocated 201-byte region [fff00000c172e000, fff00000c172e0c9) [ 16.725473] [ 16.725492] The buggy address belongs to the physical page: [ 16.725528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.725620] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.725683] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.725760] page_type: f5(slab) [ 16.725795] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.726033] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.726087] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.726135] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.726341] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.726509] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.726548] page dumped because: kasan: bad access detected [ 16.726618] [ 16.726694] Memory state around the buggy address: [ 16.726726] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.726834] fff00000c172e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.727090] >fff00000c172e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.727276] ^ [ 16.727468] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.727555] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.727617] ================================================================== [ 16.770429] ================================================================== [ 16.770474] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.770523] Write of size 1 at addr fff00000c77120d0 by task kunit_try_catch/163 [ 16.770571] [ 16.770613] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.770834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.770860] Hardware name: linux,dummy-virt (DT) [ 16.770889] Call trace: [ 16.770920] show_stack+0x20/0x38 (C) [ 16.770989] dump_stack_lvl+0x8c/0xd0 [ 16.771035] print_report+0x118/0x608 [ 16.771080] kasan_report+0xdc/0x128 [ 16.771124] __asan_report_store1_noabort+0x20/0x30 [ 16.771174] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.771308] krealloc_large_less_oob+0x20/0x38 [ 16.771355] kunit_try_run_case+0x170/0x3f0 [ 16.771425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.771523] kthread+0x328/0x630 [ 16.771564] ret_from_fork+0x10/0x20 [ 16.771608] [ 16.771627] The buggy address belongs to the physical page: [ 16.771656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 16.771706] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.771751] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.771871] page_type: f8(unknown) [ 16.772054] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.772142] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.772222] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.772269] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.772315] head: 0bfffe0000000002 ffffc1ffc31dc401 00000000ffffffff 00000000ffffffff [ 16.772362] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.772407] page dumped because: kasan: bad access detected [ 16.772542] [ 16.772623] Memory state around the buggy address: [ 16.772703] fff00000c7711f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.772789] fff00000c7712000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.772933] >fff00000c7712080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.772970] ^ [ 16.773005] fff00000c7712100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.773045] fff00000c7712180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.773086] ================================================================== [ 16.728409] ================================================================== [ 16.728457] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.728585] Write of size 1 at addr fff00000c172e0ea by task kunit_try_catch/159 [ 16.728823] [ 16.729290] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.729383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.729408] Hardware name: linux,dummy-virt (DT) [ 16.729437] Call trace: [ 16.729458] show_stack+0x20/0x38 (C) [ 16.729697] dump_stack_lvl+0x8c/0xd0 [ 16.729744] print_report+0x118/0x608 [ 16.729789] kasan_report+0xdc/0x128 [ 16.729843] __asan_report_store1_noabort+0x20/0x30 [ 16.730062] krealloc_less_oob_helper+0xae4/0xc50 [ 16.730113] krealloc_less_oob+0x20/0x38 [ 16.730156] kunit_try_run_case+0x170/0x3f0 [ 16.730620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.730782] kthread+0x328/0x630 [ 16.730858] ret_from_fork+0x10/0x20 [ 16.730974] [ 16.730999] Allocated by task 159: [ 16.731026] kasan_save_stack+0x3c/0x68 [ 16.731119] kasan_save_track+0x20/0x40 [ 16.731156] kasan_save_alloc_info+0x40/0x58 [ 16.731331] __kasan_krealloc+0x118/0x178 [ 16.731370] krealloc_noprof+0x128/0x360 [ 16.731655] krealloc_less_oob_helper+0x168/0xc50 [ 16.731698] krealloc_less_oob+0x20/0x38 [ 16.731733] kunit_try_run_case+0x170/0x3f0 [ 16.731808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.731972] kthread+0x328/0x630 [ 16.732005] ret_from_fork+0x10/0x20 [ 16.732149] [ 16.732203] The buggy address belongs to the object at fff00000c172e000 [ 16.732203] which belongs to the cache kmalloc-256 of size 256 [ 16.732259] The buggy address is located 33 bytes to the right of [ 16.732259] allocated 201-byte region [fff00000c172e000, fff00000c172e0c9) [ 16.732361] [ 16.732448] The buggy address belongs to the physical page: [ 16.732598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.732668] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.732714] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.732802] page_type: f5(slab) [ 16.732973] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.733083] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.733196] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.733250] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.733297] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.733414] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.733584] page dumped because: kasan: bad access detected [ 16.733657] [ 16.733675] Memory state around the buggy address: [ 16.733754] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.733796] fff00000c172e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.733892] >fff00000c172e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.734272] ^ [ 16.734950] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735013] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735051] ================================================================== [ 16.715196] ================================================================== [ 16.715243] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.715290] Write of size 1 at addr fff00000c172e0d0 by task kunit_try_catch/159 [ 16.715337] [ 16.715365] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.715696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.715942] Hardware name: linux,dummy-virt (DT) [ 16.715980] Call trace: [ 16.716001] show_stack+0x20/0x38 (C) [ 16.716294] dump_stack_lvl+0x8c/0xd0 [ 16.716463] print_report+0x118/0x608 [ 16.716550] kasan_report+0xdc/0x128 [ 16.716595] __asan_report_store1_noabort+0x20/0x30 [ 16.716778] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.716827] krealloc_less_oob+0x20/0x38 [ 16.716872] kunit_try_run_case+0x170/0x3f0 [ 16.717288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.717444] kthread+0x328/0x630 [ 16.717580] ret_from_fork+0x10/0x20 [ 16.717741] [ 16.717759] Allocated by task 159: [ 16.717786] kasan_save_stack+0x3c/0x68 [ 16.717985] kasan_save_track+0x20/0x40 [ 16.718158] kasan_save_alloc_info+0x40/0x58 [ 16.718198] __kasan_krealloc+0x118/0x178 [ 16.718287] krealloc_noprof+0x128/0x360 [ 16.718325] krealloc_less_oob_helper+0x168/0xc50 [ 16.718363] krealloc_less_oob+0x20/0x38 [ 16.718397] kunit_try_run_case+0x170/0x3f0 [ 16.718466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.718510] kthread+0x328/0x630 [ 16.718540] ret_from_fork+0x10/0x20 [ 16.718880] [ 16.718973] The buggy address belongs to the object at fff00000c172e000 [ 16.718973] which belongs to the cache kmalloc-256 of size 256 [ 16.719120] The buggy address is located 7 bytes to the right of [ 16.719120] allocated 201-byte region [fff00000c172e000, fff00000c172e0c9) [ 16.719230] [ 16.719249] The buggy address belongs to the physical page: [ 16.719278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172e [ 16.719554] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.719643] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.719747] page_type: f5(slab) [ 16.719783] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.719831] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.719878] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.719969] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.720017] head: 0bfffe0000000001 ffffc1ffc305cb81 00000000ffffffff 00000000ffffffff [ 16.720113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.720154] page dumped because: kasan: bad access detected [ 16.720225] [ 16.720336] Memory state around the buggy address: [ 16.720368] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720410] fff00000c172e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.720451] >fff00000c172e080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.720486] ^ [ 16.720865] fff00000c172e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720908] fff00000c172e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720965] ================================================================== [ 16.780169] ================================================================== [ 16.780210] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.780252] Write of size 1 at addr fff00000c77120eb by task kunit_try_catch/163 [ 16.780298] [ 16.780325] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.780399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.780423] Hardware name: linux,dummy-virt (DT) [ 16.780484] Call trace: [ 16.780584] show_stack+0x20/0x38 (C) [ 16.780629] dump_stack_lvl+0x8c/0xd0 [ 16.780673] print_report+0x118/0x608 [ 16.780752] kasan_report+0xdc/0x128 [ 16.780796] __asan_report_store1_noabort+0x20/0x30 [ 16.780846] krealloc_less_oob_helper+0xa58/0xc50 [ 16.780892] krealloc_large_less_oob+0x20/0x38 [ 16.781038] kunit_try_run_case+0x170/0x3f0 [ 16.781152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.781264] kthread+0x328/0x630 [ 16.781304] ret_from_fork+0x10/0x20 [ 16.781348] [ 16.781402] The buggy address belongs to the physical page: [ 16.781430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 16.781480] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.781524] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.781635] page_type: f8(unknown) [ 16.781672] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.781726] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.781842] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.782028] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.782104] head: 0bfffe0000000002 ffffc1ffc31dc401 00000000ffffffff 00000000ffffffff [ 16.782151] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.782219] page dumped because: kasan: bad access detected [ 16.782249] [ 16.782265] Memory state around the buggy address: [ 16.782295] fff00000c7711f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.782336] fff00000c7712000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.782375] >fff00000c7712080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.782411] ^ [ 16.782447] fff00000c7712100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.782591] fff00000c7712180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.782636] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.676493] ================================================================== [ 16.676548] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.676599] Write of size 1 at addr fff00000c172deeb by task kunit_try_catch/157 [ 16.677016] [ 16.677112] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.677199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.677238] Hardware name: linux,dummy-virt (DT) [ 16.677268] Call trace: [ 16.677288] show_stack+0x20/0x38 (C) [ 16.677356] dump_stack_lvl+0x8c/0xd0 [ 16.677625] print_report+0x118/0x608 [ 16.677678] kasan_report+0xdc/0x128 [ 16.677733] __asan_report_store1_noabort+0x20/0x30 [ 16.677851] krealloc_more_oob_helper+0x60c/0x678 [ 16.677904] krealloc_more_oob+0x20/0x38 [ 16.677958] kunit_try_run_case+0x170/0x3f0 [ 16.678293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.678403] kthread+0x328/0x630 [ 16.678483] ret_from_fork+0x10/0x20 [ 16.678599] [ 16.678629] Allocated by task 157: [ 16.678667] kasan_save_stack+0x3c/0x68 [ 16.678706] kasan_save_track+0x20/0x40 [ 16.678742] kasan_save_alloc_info+0x40/0x58 [ 16.678921] __kasan_krealloc+0x118/0x178 [ 16.678964] krealloc_noprof+0x128/0x360 [ 16.679032] krealloc_more_oob_helper+0x168/0x678 [ 16.679070] krealloc_more_oob+0x20/0x38 [ 16.679144] kunit_try_run_case+0x170/0x3f0 [ 16.679187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.679310] kthread+0x328/0x630 [ 16.679343] ret_from_fork+0x10/0x20 [ 16.679377] [ 16.679396] The buggy address belongs to the object at fff00000c172de00 [ 16.679396] which belongs to the cache kmalloc-256 of size 256 [ 16.679540] The buggy address is located 0 bytes to the right of [ 16.679540] allocated 235-byte region [fff00000c172de00, fff00000c172deeb) [ 16.679813] [ 16.679836] The buggy address belongs to the physical page: [ 16.679868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172c [ 16.680055] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.680136] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.680188] page_type: f5(slab) [ 16.680225] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.680274] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.680669] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.680721] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.680821] head: 0bfffe0000000001 ffffc1ffc305cb01 00000000ffffffff 00000000ffffffff [ 16.680920] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.680960] page dumped because: kasan: bad access detected [ 16.680989] [ 16.681156] Memory state around the buggy address: [ 16.681268] fff00000c172dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.681310] fff00000c172de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.681351] >fff00000c172de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.681397] ^ [ 16.681540] fff00000c172df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.681580] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.681615] ================================================================== [ 16.755448] ================================================================== [ 16.755575] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.755669] Write of size 1 at addr fff00000c770e0f0 by task kunit_try_catch/161 [ 16.755717] [ 16.755746] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.755822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.755847] Hardware name: linux,dummy-virt (DT) [ 16.755886] Call trace: [ 16.755907] show_stack+0x20/0x38 (C) [ 16.755966] dump_stack_lvl+0x8c/0xd0 [ 16.756351] print_report+0x118/0x608 [ 16.756584] kasan_report+0xdc/0x128 [ 16.756696] __asan_report_store1_noabort+0x20/0x30 [ 16.756746] krealloc_more_oob_helper+0x5c0/0x678 [ 16.756985] krealloc_large_more_oob+0x20/0x38 [ 16.757082] kunit_try_run_case+0x170/0x3f0 [ 16.757161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.757213] kthread+0x328/0x630 [ 16.757253] ret_from_fork+0x10/0x20 [ 16.757299] [ 16.757320] The buggy address belongs to the physical page: [ 16.757350] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 16.757401] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.757449] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.757499] page_type: f8(unknown) [ 16.757536] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.757595] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.757644] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.757842] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.758133] head: 0bfffe0000000002 ffffc1ffc31dc301 00000000ffffffff 00000000ffffffff [ 16.758433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.758542] page dumped because: kasan: bad access detected [ 16.758625] [ 16.758761] Memory state around the buggy address: [ 16.758796] fff00000c770df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.758838] fff00000c770e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.758879] >fff00000c770e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.758948] ^ [ 16.759028] fff00000c770e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.759211] fff00000c770e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.759368] ================================================================== [ 16.748976] ================================================================== [ 16.749033] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.749149] Write of size 1 at addr fff00000c770e0eb by task kunit_try_catch/161 [ 16.749531] [ 16.749568] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.749647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.749887] Hardware name: linux,dummy-virt (DT) [ 16.749963] Call trace: [ 16.750080] show_stack+0x20/0x38 (C) [ 16.750135] dump_stack_lvl+0x8c/0xd0 [ 16.750182] print_report+0x118/0x608 [ 16.750245] kasan_report+0xdc/0x128 [ 16.750289] __asan_report_store1_noabort+0x20/0x30 [ 16.750383] krealloc_more_oob_helper+0x60c/0x678 [ 16.750606] krealloc_large_more_oob+0x20/0x38 [ 16.750680] kunit_try_run_case+0x170/0x3f0 [ 16.750729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.750785] kthread+0x328/0x630 [ 16.750832] ret_from_fork+0x10/0x20 [ 16.751050] [ 16.751127] The buggy address belongs to the physical page: [ 16.751178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 16.751306] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.751407] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.751458] page_type: f8(unknown) [ 16.751585] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.751706] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.751755] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.751814] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.751902] head: 0bfffe0000000002 ffffc1ffc31dc301 00000000ffffffff 00000000ffffffff [ 16.751964] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.752004] page dumped because: kasan: bad access detected [ 16.752033] [ 16.752050] Memory state around the buggy address: [ 16.752080] fff00000c770df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.752121] fff00000c770e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.752161] >fff00000c770e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.752613] ^ [ 16.752660] fff00000c770e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.752701] fff00000c770e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.752738] ================================================================== [ 16.685453] ================================================================== [ 16.685585] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.685660] Write of size 1 at addr fff00000c172def0 by task kunit_try_catch/157 [ 16.686021] [ 16.686171] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.686263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.686288] Hardware name: linux,dummy-virt (DT) [ 16.686363] Call trace: [ 16.686403] show_stack+0x20/0x38 (C) [ 16.686454] dump_stack_lvl+0x8c/0xd0 [ 16.686633] print_report+0x118/0x608 [ 16.686803] kasan_report+0xdc/0x128 [ 16.686952] __asan_report_store1_noabort+0x20/0x30 [ 16.687073] krealloc_more_oob_helper+0x5c0/0x678 [ 16.687121] krealloc_more_oob+0x20/0x38 [ 16.687167] kunit_try_run_case+0x170/0x3f0 [ 16.687212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.687263] kthread+0x328/0x630 [ 16.687313] ret_from_fork+0x10/0x20 [ 16.687359] [ 16.687376] Allocated by task 157: [ 16.687530] kasan_save_stack+0x3c/0x68 [ 16.687676] kasan_save_track+0x20/0x40 [ 16.687797] kasan_save_alloc_info+0x40/0x58 [ 16.687875] __kasan_krealloc+0x118/0x178 [ 16.687945] krealloc_noprof+0x128/0x360 [ 16.688047] krealloc_more_oob_helper+0x168/0x678 [ 16.688098] krealloc_more_oob+0x20/0x38 [ 16.688132] kunit_try_run_case+0x170/0x3f0 [ 16.688168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.688210] kthread+0x328/0x630 [ 16.688242] ret_from_fork+0x10/0x20 [ 16.688286] [ 16.688306] The buggy address belongs to the object at fff00000c172de00 [ 16.688306] which belongs to the cache kmalloc-256 of size 256 [ 16.688950] The buggy address is located 5 bytes to the right of [ 16.688950] allocated 235-byte region [fff00000c172de00, fff00000c172deeb) [ 16.689029] [ 16.689055] The buggy address belongs to the physical page: [ 16.689085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10172c [ 16.689138] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.689184] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.689234] page_type: f5(slab) [ 16.689271] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.689321] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.689369] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.689416] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.689464] head: 0bfffe0000000001 ffffc1ffc305cb01 00000000ffffffff 00000000ffffffff [ 16.689511] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.689549] page dumped because: kasan: bad access detected [ 16.689578] [ 16.689596] Memory state around the buggy address: [ 16.689625] fff00000c172dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689666] fff00000c172de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.689707] >fff00000c172de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.689743] ^ [ 16.689780] fff00000c172df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689820] fff00000c172df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689856] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.665483] ================================================================== [ 16.666069] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.666365] Read of size 1 at addr fff00000c7790000 by task kunit_try_catch/155 [ 16.666491] [ 16.666693] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.666933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.667078] Hardware name: linux,dummy-virt (DT) [ 16.667111] Call trace: [ 16.667133] show_stack+0x20/0x38 (C) [ 16.667476] dump_stack_lvl+0x8c/0xd0 [ 16.667549] print_report+0x118/0x608 [ 16.667595] kasan_report+0xdc/0x128 [ 16.667639] __asan_report_load1_noabort+0x20/0x30 [ 16.667688] page_alloc_uaf+0x328/0x350 [ 16.667993] kunit_try_run_case+0x170/0x3f0 [ 16.668090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.668144] kthread+0x328/0x630 [ 16.668455] ret_from_fork+0x10/0x20 [ 16.668505] [ 16.668526] The buggy address belongs to the physical page: [ 16.668555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 16.668617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.668665] page_type: f0(buddy) [ 16.668972] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 16.669026] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.669069] page dumped because: kasan: bad access detected [ 16.669098] [ 16.669115] Memory state around the buggy address: [ 16.669494] fff00000c778ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.669540] fff00000c778ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.669856] >fff00000c7790000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670033] ^ [ 16.670098] fff00000c7790080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670139] fff00000c7790100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.670194] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.644293] ================================================================== [ 16.644381] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.644443] Free of addr fff00000c770c001 by task kunit_try_catch/151 [ 16.644487] [ 16.644529] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.644855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.645269] Hardware name: linux,dummy-virt (DT) [ 16.645315] Call trace: [ 16.645452] show_stack+0x20/0x38 (C) [ 16.645507] dump_stack_lvl+0x8c/0xd0 [ 16.645552] print_report+0x118/0x608 [ 16.645596] kasan_report_invalid_free+0xc0/0xe8 [ 16.645853] __kasan_kfree_large+0x5c/0xa8 [ 16.646098] free_large_kmalloc+0x64/0x190 [ 16.646255] kfree+0x270/0x3c8 [ 16.646297] kmalloc_large_invalid_free+0x108/0x270 [ 16.646343] kunit_try_run_case+0x170/0x3f0 [ 16.646390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.646449] kthread+0x328/0x630 [ 16.646489] ret_from_fork+0x10/0x20 [ 16.646534] [ 16.646554] The buggy address belongs to the physical page: [ 16.646714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770c [ 16.646809] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.646856] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.646907] page_type: f8(unknown) [ 16.646957] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.647004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.647051] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.647097] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.647145] head: 0bfffe0000000002 ffffc1ffc31dc301 00000000ffffffff 00000000ffffffff [ 16.647245] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.647289] page dumped because: kasan: bad access detected [ 16.647357] [ 16.647376] Memory state around the buggy address: [ 16.647407] fff00000c770bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647510] fff00000c770bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647784] >fff00000c770c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.647836] ^ [ 16.647870] fff00000c770c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.648006] fff00000c770c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.648107] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.631570] ================================================================== [ 16.631632] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.631953] Read of size 1 at addr fff00000c7708000 by task kunit_try_catch/149 [ 16.632271] [ 16.632304] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.632382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.632844] Hardware name: linux,dummy-virt (DT) [ 16.632977] Call trace: [ 16.633000] show_stack+0x20/0x38 (C) [ 16.633056] dump_stack_lvl+0x8c/0xd0 [ 16.633352] print_report+0x118/0x608 [ 16.633481] kasan_report+0xdc/0x128 [ 16.633531] __asan_report_load1_noabort+0x20/0x30 [ 16.633618] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.633661] kunit_try_run_case+0x170/0x3f0 [ 16.634024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.634084] kthread+0x328/0x630 [ 16.634124] ret_from_fork+0x10/0x20 [ 16.634170] [ 16.634191] The buggy address belongs to the physical page: [ 16.634372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107708 [ 16.634464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.634569] raw: 0bfffe0000000000 ffffc1ffc31dc308 fff00000da478c40 0000000000000000 [ 16.634617] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.634655] page dumped because: kasan: bad access detected [ 16.634693] [ 16.634712] Memory state around the buggy address: [ 16.634743] fff00000c7707f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.635091] fff00000c7707f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.635135] >fff00000c7708000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.635171] ^ [ 16.635374] fff00000c7708080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.635454] fff00000c7708100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.635578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.618531] ================================================================== [ 16.618628] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.618977] Write of size 1 at addr fff00000c770a00a by task kunit_try_catch/147 [ 16.619029] [ 16.619060] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.619140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.619164] Hardware name: linux,dummy-virt (DT) [ 16.619193] Call trace: [ 16.619224] show_stack+0x20/0x38 (C) [ 16.619388] dump_stack_lvl+0x8c/0xd0 [ 16.619452] print_report+0x118/0x608 [ 16.619498] kasan_report+0xdc/0x128 [ 16.619596] __asan_report_store1_noabort+0x20/0x30 [ 16.619645] kmalloc_large_oob_right+0x278/0x2b8 [ 16.619690] kunit_try_run_case+0x170/0x3f0 [ 16.620100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.620265] kthread+0x328/0x630 [ 16.620332] ret_from_fork+0x10/0x20 [ 16.620379] [ 16.620416] The buggy address belongs to the physical page: [ 16.620447] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107708 [ 16.620509] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.620556] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.621080] page_type: f8(unknown) [ 16.621126] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.621174] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.621222] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.621268] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.621315] head: 0bfffe0000000002 ffffc1ffc31dc201 00000000ffffffff 00000000ffffffff [ 16.621513] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.621712] page dumped because: kasan: bad access detected [ 16.621743] [ 16.621760] Memory state around the buggy address: [ 16.621792] fff00000c7709f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.621838] fff00000c7709f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.622040] >fff00000c770a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.622078] ^ [ 16.622105] fff00000c770a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.622145] fff00000c770a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.622181] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.605401] ================================================================== [ 16.605821] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.605890] Write of size 1 at addr fff00000c64c5f00 by task kunit_try_catch/145 [ 16.605950] [ 16.605983] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.606436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606462] Hardware name: linux,dummy-virt (DT) [ 16.606512] Call trace: [ 16.606535] show_stack+0x20/0x38 (C) [ 16.606585] dump_stack_lvl+0x8c/0xd0 [ 16.606745] print_report+0x118/0x608 [ 16.606791] kasan_report+0xdc/0x128 [ 16.606835] __asan_report_store1_noabort+0x20/0x30 [ 16.606883] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.606940] kunit_try_run_case+0x170/0x3f0 [ 16.607004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.607220] kthread+0x328/0x630 [ 16.607284] ret_from_fork+0x10/0x20 [ 16.607331] [ 16.607396] Allocated by task 145: [ 16.607493] kasan_save_stack+0x3c/0x68 [ 16.607534] kasan_save_track+0x20/0x40 [ 16.607570] kasan_save_alloc_info+0x40/0x58 [ 16.607610] __kasan_kmalloc+0xd4/0xd8 [ 16.607645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.607683] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.607719] kunit_try_run_case+0x170/0x3f0 [ 16.607756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.607798] kthread+0x328/0x630 [ 16.607829] ret_from_fork+0x10/0x20 [ 16.607923] [ 16.607965] The buggy address belongs to the object at fff00000c64c4000 [ 16.607965] which belongs to the cache kmalloc-8k of size 8192 [ 16.608020] The buggy address is located 0 bytes to the right of [ 16.608020] allocated 7936-byte region [fff00000c64c4000, fff00000c64c5f00) [ 16.608102] [ 16.608163] The buggy address belongs to the physical page: [ 16.608247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064c0 [ 16.608348] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.608438] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.608558] page_type: f5(slab) [ 16.608702] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.608750] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.608798] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.608844] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.608891] head: 0bfffe0000000003 ffffc1ffc3193001 00000000ffffffff 00000000ffffffff [ 16.609341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.609779] page dumped because: kasan: bad access detected [ 16.609868] [ 16.609981] Memory state around the buggy address: [ 16.610140] fff00000c64c5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.610273] fff00000c64c5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.610353] >fff00000c64c5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610389] ^ [ 16.610415] fff00000c64c5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610478] fff00000c64c6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610514] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.592759] ================================================================== [ 16.592806] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.592860] Write of size 1 at addr fff00000c63cd878 by task kunit_try_catch/143 [ 16.592908] [ 16.592949] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.593025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.593055] Hardware name: linux,dummy-virt (DT) [ 16.593084] Call trace: [ 16.593104] show_stack+0x20/0x38 (C) [ 16.593150] dump_stack_lvl+0x8c/0xd0 [ 16.593195] print_report+0x118/0x608 [ 16.593249] kasan_report+0xdc/0x128 [ 16.593359] __asan_report_store1_noabort+0x20/0x30 [ 16.593527] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.593736] kunit_try_run_case+0x170/0x3f0 [ 16.593789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.593942] kthread+0x328/0x630 [ 16.593982] ret_from_fork+0x10/0x20 [ 16.594636] [ 16.594656] Allocated by task 143: [ 16.594684] kasan_save_stack+0x3c/0x68 [ 16.594872] kasan_save_track+0x20/0x40 [ 16.595103] kasan_save_alloc_info+0x40/0x58 [ 16.595147] __kasan_kmalloc+0xd4/0xd8 [ 16.595460] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.595671] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.595714] kunit_try_run_case+0x170/0x3f0 [ 16.595750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.596127] kthread+0x328/0x630 [ 16.596187] ret_from_fork+0x10/0x20 [ 16.596222] [ 16.596240] The buggy address belongs to the object at fff00000c63cd800 [ 16.596240] which belongs to the cache kmalloc-128 of size 128 [ 16.596526] The buggy address is located 0 bytes to the right of [ 16.596526] allocated 120-byte region [fff00000c63cd800, fff00000c63cd878) [ 16.596663] [ 16.596684] The buggy address belongs to the physical page: [ 16.596713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.596764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.597074] page_type: f5(slab) [ 16.597130] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.597178] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.597217] page dumped because: kasan: bad access detected [ 16.597246] [ 16.597263] Memory state around the buggy address: [ 16.597304] fff00000c63cd700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.597346] fff00000c63cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.597491] >fff00000c63cd800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.597668] ^ [ 16.597798] fff00000c63cd880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598167] fff00000c63cd900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598330] ================================================================== [ 16.585946] ================================================================== [ 16.586011] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.586066] Write of size 1 at addr fff00000c63cd778 by task kunit_try_catch/143 [ 16.586114] [ 16.586150] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.586229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.586283] Hardware name: linux,dummy-virt (DT) [ 16.586316] Call trace: [ 16.586361] show_stack+0x20/0x38 (C) [ 16.586564] dump_stack_lvl+0x8c/0xd0 [ 16.587001] print_report+0x118/0x608 [ 16.587085] kasan_report+0xdc/0x128 [ 16.587129] __asan_report_store1_noabort+0x20/0x30 [ 16.587179] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.587228] kunit_try_run_case+0x170/0x3f0 [ 16.587275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.587326] kthread+0x328/0x630 [ 16.587688] ret_from_fork+0x10/0x20 [ 16.587810] [ 16.587829] Allocated by task 143: [ 16.587857] kasan_save_stack+0x3c/0x68 [ 16.587927] kasan_save_track+0x20/0x40 [ 16.587972] kasan_save_alloc_info+0x40/0x58 [ 16.588118] __kasan_kmalloc+0xd4/0xd8 [ 16.588153] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.588229] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.588434] kunit_try_run_case+0x170/0x3f0 [ 16.588655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.588705] kthread+0x328/0x630 [ 16.588821] ret_from_fork+0x10/0x20 [ 16.589021] [ 16.589092] The buggy address belongs to the object at fff00000c63cd700 [ 16.589092] which belongs to the cache kmalloc-128 of size 128 [ 16.589191] The buggy address is located 0 bytes to the right of [ 16.589191] allocated 120-byte region [fff00000c63cd700, fff00000c63cd778) [ 16.589263] [ 16.589363] The buggy address belongs to the physical page: [ 16.589399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.589513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.589564] page_type: f5(slab) [ 16.589607] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.589840] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.589945] page dumped because: kasan: bad access detected [ 16.589974] [ 16.590014] Memory state around the buggy address: [ 16.590068] fff00000c63cd600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.590280] fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.590324] >fff00000c63cd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.590361] ^ [ 16.590399] fff00000c63cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.590438] fff00000c63cd800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.590892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.540998] ================================================================== [ 16.541068] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.542902] Read of size 1 at addr fff00000c5657000 by task kunit_try_catch/141 [ 16.543106] [ 16.543431] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.544604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.544749] Hardware name: linux,dummy-virt (DT) [ 16.544952] Call trace: [ 16.545107] show_stack+0x20/0x38 (C) [ 16.545162] dump_stack_lvl+0x8c/0xd0 [ 16.545208] print_report+0x118/0x608 [ 16.545253] kasan_report+0xdc/0x128 [ 16.546038] __asan_report_load1_noabort+0x20/0x30 [ 16.546372] kmalloc_node_oob_right+0x2f4/0x330 [ 16.547089] kunit_try_run_case+0x170/0x3f0 [ 16.547273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.548253] kthread+0x328/0x630 [ 16.548408] ret_from_fork+0x10/0x20 [ 16.548568] [ 16.548587] Allocated by task 141: [ 16.548800] kasan_save_stack+0x3c/0x68 [ 16.549436] kasan_save_track+0x20/0x40 [ 16.549728] kasan_save_alloc_info+0x40/0x58 [ 16.550524] __kasan_kmalloc+0xd4/0xd8 [ 16.550731] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.550789] kmalloc_node_oob_right+0xbc/0x330 [ 16.551634] kunit_try_run_case+0x170/0x3f0 [ 16.551827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.552181] kthread+0x328/0x630 [ 16.552223] ret_from_fork+0x10/0x20 [ 16.552258] [ 16.552278] The buggy address belongs to the object at fff00000c5656000 [ 16.552278] which belongs to the cache kmalloc-4k of size 4096 [ 16.552810] The buggy address is located 0 bytes to the right of [ 16.552810] allocated 4096-byte region [fff00000c5656000, fff00000c5657000) [ 16.553744] [ 16.554587] The buggy address belongs to the physical page: [ 16.554719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105650 [ 16.556635] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.556709] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.557552] page_type: f5(slab) [ 16.557631] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.557708] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.558297] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.558656] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.559094] head: 0bfffe0000000003 ffffc1ffc3159401 00000000ffffffff 00000000ffffffff [ 16.559413] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.559466] page dumped because: kasan: bad access detected [ 16.560718] [ 16.560748] Memory state around the buggy address: [ 16.561011] fff00000c5656f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.561133] fff00000c5656f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.561220] >fff00000c5657000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561257] ^ [ 16.561283] fff00000c5657080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561324] fff00000c5657100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561361] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.525205] ================================================================== [ 16.525582] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.525705] Read of size 1 at addr fff00000c1376b7f by task kunit_try_catch/139 [ 16.525753] [ 16.525785] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.526159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.526189] Hardware name: linux,dummy-virt (DT) [ 16.526344] Call trace: [ 16.526368] show_stack+0x20/0x38 (C) [ 16.526420] dump_stack_lvl+0x8c/0xd0 [ 16.526466] print_report+0x118/0x608 [ 16.526511] kasan_report+0xdc/0x128 [ 16.526555] __asan_report_load1_noabort+0x20/0x30 [ 16.526753] kmalloc_oob_left+0x2ec/0x320 [ 16.526818] kunit_try_run_case+0x170/0x3f0 [ 16.526950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.527091] kthread+0x328/0x630 [ 16.527132] ret_from_fork+0x10/0x20 [ 16.527178] [ 16.527196] Allocated by task 24: [ 16.527452] kasan_save_stack+0x3c/0x68 [ 16.527557] kasan_save_track+0x20/0x40 [ 16.527660] kasan_save_alloc_info+0x40/0x58 [ 16.527738] __kasan_kmalloc+0xd4/0xd8 [ 16.527862] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.527927] kvasprintf+0xe0/0x180 [ 16.527992] __kthread_create_on_node+0x16c/0x350 [ 16.528031] kthread_create_on_node+0xe4/0x130 [ 16.528066] create_worker+0x380/0x6b8 [ 16.528100] worker_thread+0x808/0xf38 [ 16.528134] kthread+0x328/0x630 [ 16.528164] ret_from_fork+0x10/0x20 [ 16.528209] [ 16.528228] The buggy address belongs to the object at fff00000c1376b60 [ 16.528228] which belongs to the cache kmalloc-16 of size 16 [ 16.528818] The buggy address is located 19 bytes to the right of [ 16.528818] allocated 12-byte region [fff00000c1376b60, fff00000c1376b6c) [ 16.528936] [ 16.528957] The buggy address belongs to the physical page: [ 16.528987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101376 [ 16.529076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.529332] page_type: f5(slab) [ 16.529424] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.529558] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.529657] page dumped because: kasan: bad access detected [ 16.529726] [ 16.529783] Memory state around the buggy address: [ 16.529820] fff00000c1376a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 05 fc fc [ 16.529986] fff00000c1376a80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.530027] >fff00000c1376b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.530070] ^ [ 16.530165] fff00000c1376b80: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.530312] fff00000c1376c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.530414] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.508473] ================================================================== [ 16.508511] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.508558] Write of size 1 at addr fff00000c63cd678 by task kunit_try_catch/137 [ 16.508605] [ 16.508636] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.508713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.508738] Hardware name: linux,dummy-virt (DT) [ 16.508768] Call trace: [ 16.509299] show_stack+0x20/0x38 (C) [ 16.509361] dump_stack_lvl+0x8c/0xd0 [ 16.509408] print_report+0x118/0x608 [ 16.509452] kasan_report+0xdc/0x128 [ 16.509495] __asan_report_store1_noabort+0x20/0x30 [ 16.509545] kmalloc_oob_right+0x538/0x660 [ 16.509599] kunit_try_run_case+0x170/0x3f0 [ 16.509647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.509927] kthread+0x328/0x630 [ 16.509975] ret_from_fork+0x10/0x20 [ 16.510032] [ 16.510050] Allocated by task 137: [ 16.510077] kasan_save_stack+0x3c/0x68 [ 16.510136] kasan_save_track+0x20/0x40 [ 16.510173] kasan_save_alloc_info+0x40/0x58 [ 16.510233] __kasan_kmalloc+0xd4/0xd8 [ 16.510280] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.510318] kmalloc_oob_right+0xb0/0x660 [ 16.510352] kunit_try_run_case+0x170/0x3f0 [ 16.510389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.510429] kthread+0x328/0x630 [ 16.510460] ret_from_fork+0x10/0x20 [ 16.510494] [ 16.510512] The buggy address belongs to the object at fff00000c63cd600 [ 16.510512] which belongs to the cache kmalloc-128 of size 128 [ 16.510632] The buggy address is located 5 bytes to the right of [ 16.510632] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.510797] [ 16.510845] The buggy address belongs to the physical page: [ 16.510880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.510959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.511005] page_type: f5(slab) [ 16.511040] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.511166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.511208] page dumped because: kasan: bad access detected [ 16.511237] [ 16.511254] Memory state around the buggy address: [ 16.511312] fff00000c63cd500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.511386] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511426] >fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.511462] ^ [ 16.511509] fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511550] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.511618] ================================================================== [ 16.512586] ================================================================== [ 16.512679] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.512794] Read of size 1 at addr fff00000c63cd680 by task kunit_try_catch/137 [ 16.512864] [ 16.512893] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.512980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513006] Hardware name: linux,dummy-virt (DT) [ 16.513034] Call trace: [ 16.513060] show_stack+0x20/0x38 (C) [ 16.513115] dump_stack_lvl+0x8c/0xd0 [ 16.513162] print_report+0x118/0x608 [ 16.513281] kasan_report+0xdc/0x128 [ 16.513330] __asan_report_load1_noabort+0x20/0x30 [ 16.513379] kmalloc_oob_right+0x5d0/0x660 [ 16.513482] kunit_try_run_case+0x170/0x3f0 [ 16.513561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.513612] kthread+0x328/0x630 [ 16.513651] ret_from_fork+0x10/0x20 [ 16.513906] [ 16.513976] Allocated by task 137: [ 16.514004] kasan_save_stack+0x3c/0x68 [ 16.514156] kasan_save_track+0x20/0x40 [ 16.514248] kasan_save_alloc_info+0x40/0x58 [ 16.514299] __kasan_kmalloc+0xd4/0xd8 [ 16.514334] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.514371] kmalloc_oob_right+0xb0/0x660 [ 16.514405] kunit_try_run_case+0x170/0x3f0 [ 16.514478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.514520] kthread+0x328/0x630 [ 16.514551] ret_from_fork+0x10/0x20 [ 16.514585] [ 16.514636] The buggy address belongs to the object at fff00000c63cd600 [ 16.514636] which belongs to the cache kmalloc-128 of size 128 [ 16.514692] The buggy address is located 13 bytes to the right of [ 16.514692] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.514754] [ 16.514773] The buggy address belongs to the physical page: [ 16.514801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.514851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.514988] page_type: f5(slab) [ 16.515101] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.515200] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.515266] page dumped because: kasan: bad access detected [ 16.515347] [ 16.515364] Memory state around the buggy address: [ 16.515443] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515566] fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.515608] >fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515643] ^ [ 16.515670] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515765] fff00000c63cd780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.515951] ================================================================== [ 16.497712] ================================================================== [ 16.498051] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.499221] Write of size 1 at addr fff00000c63cd673 by task kunit_try_catch/137 [ 16.499536] [ 16.500471] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.500748] Tainted: [N]=TEST [ 16.500993] Hardware name: linux,dummy-virt (DT) [ 16.501263] Call trace: [ 16.501594] show_stack+0x20/0x38 (C) [ 16.502024] dump_stack_lvl+0x8c/0xd0 [ 16.502149] print_report+0x118/0x608 [ 16.502226] kasan_report+0xdc/0x128 [ 16.502405] __asan_report_store1_noabort+0x20/0x30 [ 16.502455] kmalloc_oob_right+0x5a4/0x660 [ 16.502539] kunit_try_run_case+0x170/0x3f0 [ 16.502673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.502847] kthread+0x328/0x630 [ 16.502929] ret_from_fork+0x10/0x20 [ 16.503096] [ 16.503134] Allocated by task 137: [ 16.503246] kasan_save_stack+0x3c/0x68 [ 16.503339] kasan_save_track+0x20/0x40 [ 16.503376] kasan_save_alloc_info+0x40/0x58 [ 16.503414] __kasan_kmalloc+0xd4/0xd8 [ 16.503449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.503489] kmalloc_oob_right+0xb0/0x660 [ 16.503524] kunit_try_run_case+0x170/0x3f0 [ 16.503560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.503601] kthread+0x328/0x630 [ 16.503632] ret_from_fork+0x10/0x20 [ 16.503685] [ 16.503743] The buggy address belongs to the object at fff00000c63cd600 [ 16.503743] which belongs to the cache kmalloc-128 of size 128 [ 16.503855] The buggy address is located 0 bytes to the right of [ 16.503855] allocated 115-byte region [fff00000c63cd600, fff00000c63cd673) [ 16.503951] [ 16.504046] The buggy address belongs to the physical page: [ 16.504285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063cd [ 16.504759] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.505090] page_type: f5(slab) [ 16.505515] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.505601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.505829] page dumped because: kasan: bad access detected [ 16.505926] [ 16.505992] Memory state around the buggy address: [ 16.506431] fff00000c63cd500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.506500] fff00000c63cd580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506551] >fff00000c63cd600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.506633] ^ [ 16.506751] fff00000c63cd680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506792] fff00000c63cd700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506855] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.749396] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.751434] Modules linked in: [ 95.751823] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 95.754276] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.754520] Hardware name: linux,dummy-virt (DT) [ 95.754716] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.755836] pc : intlog10+0x38/0x48 [ 95.757156] lr : intlog10_test+0xe4/0x200 [ 95.757553] sp : ffff800082197c10 [ 95.757745] x29: ffff800082197c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.758354] x26: 1ffe00001946c601 x25: 0000000000000000 x24: ffff800082197ce0 [ 95.759457] x23: ffff800082197d00 x22: 0000000000000000 x21: 1ffff00010432f82 [ 95.759870] x20: ffff9c72c4889e80 x19: ffff800080087990 x18: 00000000230f3a76 [ 95.760648] x17: 000000008495d2c6 x16: fff00000c0975c3c x15: 000000005aa26e2a [ 95.761006] x14: 0000000093034224 x13: 1ffe00001b48a5cd x12: ffff738e590e3379 [ 95.761427] x11: 1ffff38e590e3378 x10: ffff738e590e3378 x9 : ffff9c72c1e35fdc [ 95.761809] x8 : ffff9c72c8719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.762729] x5 : ffff700010432f82 x4 : 1ffff00010010f3a x3 : 1ffff38e589113d0 [ 95.763493] x2 : 1ffff38e589113d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.764247] Call trace: [ 95.764524] intlog10+0x38/0x48 (P) [ 95.764943] kunit_try_run_case+0x170/0x3f0 [ 95.765392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.765961] kthread+0x328/0x630 [ 95.766481] ret_from_fork+0x10/0x20 [ 95.766750] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.702378] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.705333] Modules linked in: [ 95.705706] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 95.706847] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.707464] Hardware name: linux,dummy-virt (DT) [ 95.707672] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.707955] pc : intlog2+0xd8/0xf8 [ 95.708132] lr : intlog2_test+0xe4/0x200 [ 95.708314] sp : ffff800082107c10 [ 95.708467] x29: ffff800082107c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.708811] x26: 1ffe00001931b601 x25: 0000000000000000 x24: ffff800082107ce0 [ 95.710115] x23: ffff800082107d00 x22: 0000000000000000 x21: 1ffff00010420f82 [ 95.711032] x20: ffff9c72c4889d80 x19: ffff800080087990 x18: 00000000d4852972 [ 95.711908] x17: 0000000048c0e427 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.712828] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff738e590e3379 [ 95.713640] x11: 1ffff38e590e3378 x10: ffff738e590e3378 x9 : ffff9c72c1e361dc [ 95.714516] x8 : ffff9c72c8719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.715326] x5 : ffff700010420f82 x4 : 1ffff00010010f3a x3 : 1ffff38e589113b0 [ 95.716164] x2 : 1ffff38e589113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.716973] Call trace: [ 95.717326] intlog2+0xd8/0xf8 (P) [ 95.717767] kunit_try_run_case+0x170/0x3f0 [ 95.718337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.718984] kthread+0x328/0x630 [ 95.719310] ret_from_fork+0x10/0x20 [ 95.719616] ---[ end trace 0000000000000000 ]---