Date
July 17, 2025, 11:11 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.029323] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 18.982016] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.986191] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.083706] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.090773] Modules linked in: [ 94.091446] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 94.092503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.092984] Hardware name: linux,dummy-virt (DT) [ 94.093574] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.094378] pc : kunit_test_null_dereference+0x70/0x170 [ 94.095044] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.095691] sp : ffff800080fd7d30 [ 94.096226] x29: ffff800080fd7d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.097127] x26: 1ffe0000195e5401 x25: 0000000000000000 x24: 0000000000000004 [ 94.097886] x23: fff00000caf2a00c x22: ffff99bd9ee23378 x21: fff00000c43c7508 [ 94.098649] x20: 1ffff000101fafa6 x19: ffff800080087990 x18: 000000000531588e [ 94.099418] x17: 0000000000000001 x16: fff00000c097583c x15: fff00000ff616b08 [ 94.100305] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: fffd8000190dddc4 [ 94.101293] x11: 1ffe0000190dddc3 x10: fffd8000190dddc3 x9 : ffff99bd9ee1a7e0 [ 94.101700] x8 : ffff800080fd7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.102097] x5 : ffff7000101fafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.102445] x2 : dfff800000000000 x1 : fff00000c86ee540 x0 : ffff800080087990 [ 94.102918] Call trace: [ 94.103087] kunit_test_null_dereference+0x70/0x170 (P) [ 94.103412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.103728] kthread+0x328/0x630 [ 94.103933] ret_from_fork+0x10/0x20 [ 94.104589] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.105258] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.896901] ================================================================== [ 50.896964] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.896964] [ 50.897049] Use-after-free read at 0x00000000da9c1692 (in kfence-#162): [ 50.897101] test_krealloc+0x51c/0x830 [ 50.897148] kunit_try_run_case+0x170/0x3f0 [ 50.897193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.897238] kthread+0x328/0x630 [ 50.897276] ret_from_fork+0x10/0x20 [ 50.897317] [ 50.897340] kfence-#162: 0x00000000da9c1692-0x000000007ba9f0bd, size=32, cache=kmalloc-32 [ 50.897340] [ 50.897393] allocated by task 337 on cpu 0 at 50.896198s (0.001192s ago): [ 50.897460] test_alloc+0x29c/0x628 [ 50.897500] test_krealloc+0xc0/0x830 [ 50.897540] kunit_try_run_case+0x170/0x3f0 [ 50.897579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.897622] kthread+0x328/0x630 [ 50.897658] ret_from_fork+0x10/0x20 [ 50.897697] [ 50.897722] freed by task 337 on cpu 0 at 50.896487s (0.001231s ago): [ 50.897784] krealloc_noprof+0x148/0x360 [ 50.897824] test_krealloc+0x1dc/0x830 [ 50.897873] kunit_try_run_case+0x170/0x3f0 [ 50.897913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.897957] kthread+0x328/0x630 [ 50.897993] ret_from_fork+0x10/0x20 [ 50.898032] [ 50.898073] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.898150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.898181] Hardware name: linux,dummy-virt (DT) [ 50.898216] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.828282] ================================================================== [ 50.828387] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.828387] [ 50.828484] Use-after-free read at 0x000000006a08758d (in kfence-#161): [ 50.828540] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.828591] kunit_try_run_case+0x170/0x3f0 [ 50.828637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.828681] kthread+0x328/0x630 [ 50.828720] ret_from_fork+0x10/0x20 [ 50.828761] [ 50.828786] kfence-#161: 0x000000006a08758d-0x00000000b47b35b0, size=32, cache=test [ 50.828786] [ 50.828838] allocated by task 335 on cpu 0 at 50.792435s (0.036399s ago): [ 50.828923] test_alloc+0x230/0x628 [ 50.828965] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.829009] kunit_try_run_case+0x170/0x3f0 [ 50.829048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.829090] kthread+0x328/0x630 [ 50.829125] ret_from_fork+0x10/0x20 [ 50.829163] [ 50.829186] freed by task 335 on cpu 0 at 50.792551s (0.036631s ago): [ 50.829244] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.829285] kunit_try_run_case+0x170/0x3f0 [ 50.829324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.829367] kthread+0x328/0x630 [ 50.829401] ret_from_fork+0x10/0x20 [ 50.829442] [ 50.829485] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.829562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.829590] Hardware name: linux,dummy-virt (DT) [ 50.829626] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.032355] ================================================================== [ 28.032513] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.032513] [ 28.032616] Invalid read at 0x0000000046173208: [ 28.032804] test_invalid_access+0xdc/0x1f0 [ 28.032976] kunit_try_run_case+0x170/0x3f0 [ 28.033031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.033081] kthread+0x328/0x630 [ 28.033126] ret_from_fork+0x10/0x20 [ 28.033949] [ 28.034497] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 28.034896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.034959] Hardware name: linux,dummy-virt (DT) [ 28.035344] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.804469] ================================================================== [ 27.804565] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.804565] [ 27.804629] Corrupted memory at 0x00000000eab24206 [ ! . . . . . . . . . . . . . . . ] (in kfence-#157): [ 27.804958] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.805008] kunit_try_run_case+0x170/0x3f0 [ 27.805053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.805097] kthread+0x328/0x630 [ 27.805136] ret_from_fork+0x10/0x20 [ 27.805176] [ 27.805200] kfence-#157: 0x000000006d11a10c-0x00000000a995896b, size=73, cache=kmalloc-96 [ 27.805200] [ 27.805253] allocated by task 325 on cpu 0 at 27.804208s (0.001042s ago): [ 27.805317] test_alloc+0x29c/0x628 [ 27.805357] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.805400] kunit_try_run_case+0x170/0x3f0 [ 27.805439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.805483] kthread+0x328/0x630 [ 27.805519] ret_from_fork+0x10/0x20 [ 27.805557] [ 27.805581] freed by task 325 on cpu 0 at 27.804365s (0.001212s ago): [ 27.805642] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.805685] kunit_try_run_case+0x170/0x3f0 [ 27.805724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.805766] kthread+0x328/0x630 [ 27.805802] ret_from_fork+0x10/0x20 [ 27.805840] [ 27.805898] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.805975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.806004] Hardware name: linux,dummy-virt (DT) [ 27.806036] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.596550] ================================================================== [ 27.596650] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.596650] [ 27.596749] Out-of-bounds read at 0x00000000fcbf08cb (105B right of kfence-#155): [ 27.596809] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.596859] kunit_try_run_case+0x170/0x3f0 [ 27.596922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.596971] kthread+0x328/0x630 [ 27.597011] ret_from_fork+0x10/0x20 [ 27.597050] [ 27.597076] kfence-#155: 0x0000000074b629a6-0x00000000e9471ff3, size=73, cache=kmalloc-96 [ 27.597076] [ 27.597130] allocated by task 323 on cpu 0 at 27.596237s (0.000888s ago): [ 27.597200] test_alloc+0x29c/0x628 [ 27.597240] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.597283] kunit_try_run_case+0x170/0x3f0 [ 27.597322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.597366] kthread+0x328/0x630 [ 27.597402] ret_from_fork+0x10/0x20 [ 27.597442] [ 27.597491] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.597568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.597598] Hardware name: linux,dummy-virt (DT) [ 27.597633] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.500400] ================================================================== [ 22.500495] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.500495] [ 22.500557] Corrupted memory at 0x0000000043af3f32 [ ! ] (in kfence-#106): [ 22.500677] test_corruption+0x1d8/0x378 [ 22.500722] kunit_try_run_case+0x170/0x3f0 [ 22.500765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.500808] kthread+0x328/0x630 [ 22.500847] ret_from_fork+0x10/0x20 [ 22.500899] [ 22.500923] kfence-#106: 0x0000000037388ed5-0x00000000f6b63d92, size=32, cache=test [ 22.500923] [ 22.500979] allocated by task 313 on cpu 1 at 22.500246s (0.000729s ago): [ 22.501039] test_alloc+0x230/0x628 [ 22.501078] test_corruption+0x198/0x378 [ 22.501118] kunit_try_run_case+0x170/0x3f0 [ 22.501156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.501200] kthread+0x328/0x630 [ 22.501236] ret_from_fork+0x10/0x20 [ 22.501274] [ 22.501296] freed by task 313 on cpu 1 at 22.500305s (0.000987s ago): [ 22.501356] test_corruption+0x1d8/0x378 [ 22.501396] kunit_try_run_case+0x170/0x3f0 [ 22.501434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.501476] kthread+0x328/0x630 [ 22.501511] ret_from_fork+0x10/0x20 [ 22.501550] [ 22.501590] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.501664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.501693] Hardware name: linux,dummy-virt (DT) [ 22.501725] ================================================================== [ 21.876555] ================================================================== [ 21.876666] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.876666] [ 21.876734] Corrupted memory at 0x00000000e95888d2 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 21.877852] test_corruption+0x278/0x378 [ 21.877922] kunit_try_run_case+0x170/0x3f0 [ 21.877970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.878013] kthread+0x328/0x630 [ 21.878054] ret_from_fork+0x10/0x20 [ 21.878093] [ 21.878117] kfence-#100: 0x0000000048d1737a-0x0000000048940ac0, size=32, cache=kmalloc-32 [ 21.878117] [ 21.878175] allocated by task 311 on cpu 1 at 21.876260s (0.001911s ago): [ 21.878236] test_alloc+0x29c/0x628 [ 21.878277] test_corruption+0xdc/0x378 [ 21.878317] kunit_try_run_case+0x170/0x3f0 [ 21.878356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.878400] kthread+0x328/0x630 [ 21.878436] ret_from_fork+0x10/0x20 [ 21.878475] [ 21.878498] freed by task 311 on cpu 1 at 21.876374s (0.002120s ago): [ 21.878557] test_corruption+0x278/0x378 [ 21.878597] kunit_try_run_case+0x170/0x3f0 [ 21.878636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.878679] kthread+0x328/0x630 [ 21.878715] ret_from_fork+0x10/0x20 [ 21.878754] [ 21.878802] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.878891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.878921] Hardware name: linux,dummy-virt (DT) [ 21.878955] ================================================================== [ 22.188316] ================================================================== [ 22.188414] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.188414] [ 22.188473] Corrupted memory at 0x00000000a8a61fc0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#103): [ 22.188785] test_corruption+0x120/0x378 [ 22.188833] kunit_try_run_case+0x170/0x3f0 [ 22.188894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.188939] kthread+0x328/0x630 [ 22.188977] ret_from_fork+0x10/0x20 [ 22.189018] [ 22.189043] kfence-#103: 0x00000000e6eba922-0x000000003b385a3a, size=32, cache=test [ 22.189043] [ 22.189097] allocated by task 313 on cpu 1 at 22.188165s (0.000928s ago): [ 22.189158] test_alloc+0x230/0x628 [ 22.189199] test_corruption+0xdc/0x378 [ 22.189237] kunit_try_run_case+0x170/0x3f0 [ 22.189277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.189321] kthread+0x328/0x630 [ 22.189357] ret_from_fork+0x10/0x20 [ 22.189396] [ 22.189419] freed by task 313 on cpu 1 at 22.188230s (0.001185s ago): [ 22.189479] test_corruption+0x120/0x378 [ 22.189519] kunit_try_run_case+0x170/0x3f0 [ 22.189560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.189604] kthread+0x328/0x630 [ 22.189642] ret_from_fork+0x10/0x20 [ 22.189680] [ 22.189724] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.189801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.189829] Hardware name: linux,dummy-virt (DT) [ 22.189878] ================================================================== [ 22.084533] ================================================================== [ 22.084631] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.084631] [ 22.084695] Corrupted memory at 0x00000000faf2afbb [ ! ] (in kfence-#102): [ 22.084825] test_corruption+0x284/0x378 [ 22.084887] kunit_try_run_case+0x170/0x3f0 [ 22.084930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.084975] kthread+0x328/0x630 [ 22.085018] ret_from_fork+0x10/0x20 [ 22.085058] [ 22.085083] kfence-#102: 0x00000000a9de398f-0x00000000940177bb, size=32, cache=kmalloc-32 [ 22.085083] [ 22.085138] allocated by task 311 on cpu 1 at 22.084246s (0.000887s ago): [ 22.085199] test_alloc+0x29c/0x628 [ 22.085239] test_corruption+0x198/0x378 [ 22.085278] kunit_try_run_case+0x170/0x3f0 [ 22.085317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.085359] kthread+0x328/0x630 [ 22.085394] ret_from_fork+0x10/0x20 [ 22.085432] [ 22.085456] freed by task 311 on cpu 1 at 22.084353s (0.001099s ago): [ 22.085516] test_corruption+0x284/0x378 [ 22.085554] kunit_try_run_case+0x170/0x3f0 [ 22.085593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.085634] kthread+0x328/0x630 [ 22.085671] ret_from_fork+0x10/0x20 [ 22.085710] [ 22.085751] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.085827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.085856] Hardware name: linux,dummy-virt (DT) [ 22.085898] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.668375] ================================================================== [ 21.668469] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.668469] [ 21.668532] Invalid free of 0x0000000087e34b07 (in kfence-#98): [ 21.668587] test_invalid_addr_free+0x1ac/0x238 [ 21.668634] kunit_try_run_case+0x170/0x3f0 [ 21.668678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.668722] kthread+0x328/0x630 [ 21.668762] ret_from_fork+0x10/0x20 [ 21.668801] [ 21.668825] kfence-#98: 0x0000000040b4be02-0x000000001f4e49e0, size=32, cache=kmalloc-32 [ 21.668825] [ 21.668895] allocated by task 307 on cpu 0 at 21.668217s (0.000675s ago): [ 21.668961] test_alloc+0x29c/0x628 [ 21.669002] test_invalid_addr_free+0xd4/0x238 [ 21.669043] kunit_try_run_case+0x170/0x3f0 [ 21.669083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.669126] kthread+0x328/0x630 [ 21.669163] ret_from_fork+0x10/0x20 [ 21.669203] [ 21.669249] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.669327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.669355] Hardware name: linux,dummy-virt (DT) [ 21.669391] ================================================================== [ 21.772276] ================================================================== [ 21.772371] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.772371] [ 21.772433] Invalid free of 0x00000000908fd59d (in kfence-#99): [ 21.772489] test_invalid_addr_free+0xec/0x238 [ 21.772538] kunit_try_run_case+0x170/0x3f0 [ 21.772581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.772626] kthread+0x328/0x630 [ 21.772663] ret_from_fork+0x10/0x20 [ 21.772701] [ 21.772725] kfence-#99: 0x000000008adc0511-0x0000000097d06900, size=32, cache=test [ 21.772725] [ 21.772780] allocated by task 309 on cpu 0 at 21.772148s (0.000627s ago): [ 21.772843] test_alloc+0x230/0x628 [ 21.772896] test_invalid_addr_free+0xd4/0x238 [ 21.772936] kunit_try_run_case+0x170/0x3f0 [ 21.772977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.773020] kthread+0x328/0x630 [ 21.773056] ret_from_fork+0x10/0x20 [ 21.773095] [ 21.773139] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.773217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.773246] Hardware name: linux,dummy-virt (DT) [ 21.773279] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.564453] ================================================================== [ 21.564551] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.564551] [ 21.564613] Invalid free of 0x000000003dc44b86 (in kfence-#97): [ 21.564667] test_double_free+0x100/0x238 [ 21.564714] kunit_try_run_case+0x170/0x3f0 [ 21.564758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.564803] kthread+0x328/0x630 [ 21.564842] ret_from_fork+0x10/0x20 [ 21.564896] [ 21.564921] kfence-#97: 0x000000003dc44b86-0x00000000561cfacc, size=32, cache=test [ 21.564921] [ 21.564973] allocated by task 305 on cpu 1 at 21.564215s (0.000754s ago): [ 21.565035] test_alloc+0x230/0x628 [ 21.565077] test_double_free+0xd4/0x238 [ 21.565116] kunit_try_run_case+0x170/0x3f0 [ 21.565158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.565200] kthread+0x328/0x630 [ 21.565238] ret_from_fork+0x10/0x20 [ 21.565275] [ 21.565300] freed by task 305 on cpu 1 at 21.564279s (0.001017s ago): [ 21.565363] test_double_free+0xf0/0x238 [ 21.565403] kunit_try_run_case+0x170/0x3f0 [ 21.565442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.565485] kthread+0x328/0x630 [ 21.565519] ret_from_fork+0x10/0x20 [ 21.565559] [ 21.565603] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.565680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.565707] Hardware name: linux,dummy-virt (DT) [ 21.565742] ================================================================== [ 21.460593] ================================================================== [ 21.460717] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.460717] [ 21.460788] Invalid free of 0x00000000c25da5c6 (in kfence-#96): [ 21.460855] test_double_free+0x1bc/0x238 [ 21.460922] kunit_try_run_case+0x170/0x3f0 [ 21.460968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461012] kthread+0x328/0x630 [ 21.461051] ret_from_fork+0x10/0x20 [ 21.461091] [ 21.461115] kfence-#96: 0x00000000c25da5c6-0x00000000d914fb61, size=32, cache=kmalloc-32 [ 21.461115] [ 21.461170] allocated by task 303 on cpu 1 at 21.460281s (0.000886s ago): [ 21.461234] test_alloc+0x29c/0x628 [ 21.461273] test_double_free+0xd4/0x238 [ 21.461314] kunit_try_run_case+0x170/0x3f0 [ 21.461352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461395] kthread+0x328/0x630 [ 21.461431] ret_from_fork+0x10/0x20 [ 21.461470] [ 21.461494] freed by task 303 on cpu 1 at 21.460360s (0.001130s ago): [ 21.461555] test_double_free+0x1ac/0x238 [ 21.461593] kunit_try_run_case+0x170/0x3f0 [ 21.461633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461677] kthread+0x328/0x630 [ 21.461712] ret_from_fork+0x10/0x20 [ 21.461752] [ 21.461799] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.461888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.461918] Hardware name: linux,dummy-virt (DT) [ 21.461954] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.145213] ================================================================== [ 21.145417] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.145417] [ 21.145818] Use-after-free read at 0x00000000c6575446 (in kfence-#93): [ 21.145899] test_use_after_free_read+0x114/0x248 [ 21.146071] kunit_try_run_case+0x170/0x3f0 [ 21.146270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.146317] kthread+0x328/0x630 [ 21.146353] ret_from_fork+0x10/0x20 [ 21.146393] [ 21.146419] kfence-#93: 0x00000000c6575446-0x0000000006181b44, size=32, cache=test [ 21.146419] [ 21.146468] allocated by task 297 on cpu 0 at 21.144781s (0.001683s ago): [ 21.146537] test_alloc+0x230/0x628 [ 21.146588] test_use_after_free_read+0xd0/0x248 [ 21.146630] kunit_try_run_case+0x170/0x3f0 [ 21.146669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.146724] kthread+0x328/0x630 [ 21.146759] ret_from_fork+0x10/0x20 [ 21.146905] [ 21.147028] freed by task 297 on cpu 0 at 21.144872s (0.002138s ago): [ 21.147443] test_use_after_free_read+0xf0/0x248 [ 21.147488] kunit_try_run_case+0x170/0x3f0 [ 21.147528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147582] kthread+0x328/0x630 [ 21.147618] ret_from_fork+0x10/0x20 [ 21.147769] [ 21.147857] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.147997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.148042] Hardware name: linux,dummy-virt (DT) [ 21.148074] ================================================================== [ 21.040970] ================================================================== [ 21.041097] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.041097] [ 21.041199] Use-after-free read at 0x00000000d02ba65c (in kfence-#92): [ 21.041258] test_use_after_free_read+0x114/0x248 [ 21.041361] kunit_try_run_case+0x170/0x3f0 [ 21.041408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.041450] kthread+0x328/0x630 [ 21.041489] ret_from_fork+0x10/0x20 [ 21.041536] [ 21.041657] kfence-#92: 0x00000000d02ba65c-0x000000006aa22cad, size=32, cache=kmalloc-32 [ 21.041657] [ 21.041924] allocated by task 295 on cpu 0 at 21.040413s (0.001493s ago): [ 21.042087] test_alloc+0x29c/0x628 [ 21.042223] test_use_after_free_read+0xd0/0x248 [ 21.042265] kunit_try_run_case+0x170/0x3f0 [ 21.042303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.042345] kthread+0x328/0x630 [ 21.042385] ret_from_fork+0x10/0x20 [ 21.042596] [ 21.042726] freed by task 295 on cpu 0 at 21.040487s (0.002158s ago): [ 21.043151] test_use_after_free_read+0x1c0/0x248 [ 21.043218] kunit_try_run_case+0x170/0x3f0 [ 21.043310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.043354] kthread+0x328/0x630 [ 21.043403] ret_from_fork+0x10/0x20 [ 21.043459] [ 21.043615] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.043886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.043999] Hardware name: linux,dummy-virt (DT) [ 21.044040] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.722514] ================================================================== [ 20.722658] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.722658] [ 20.723051] Out-of-bounds write at 0x00000000a8bbb79c (1B left of kfence-#89): [ 20.723114] test_out_of_bounds_write+0x100/0x240 [ 20.723442] kunit_try_run_case+0x170/0x3f0 [ 20.723551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.723658] kthread+0x328/0x630 [ 20.723708] ret_from_fork+0x10/0x20 [ 20.724072] [ 20.724101] kfence-#89: 0x000000005dcc85c3-0x00000000c52aa246, size=32, cache=kmalloc-32 [ 20.724101] [ 20.724472] allocated by task 291 on cpu 0 at 20.722288s (0.002160s ago): [ 20.724907] test_alloc+0x29c/0x628 [ 20.725029] test_out_of_bounds_write+0xc8/0x240 [ 20.725125] kunit_try_run_case+0x170/0x3f0 [ 20.725469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.725687] kthread+0x328/0x630 [ 20.725730] ret_from_fork+0x10/0x20 [ 20.725986] [ 20.726235] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.726654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.726792] Hardware name: linux,dummy-virt (DT) [ 20.727208] ================================================================== [ 20.936499] ================================================================== [ 20.936614] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.936614] [ 20.936819] Out-of-bounds write at 0x00000000fa3ddf04 (1B left of kfence-#91): [ 20.936991] test_out_of_bounds_write+0x100/0x240 [ 20.937084] kunit_try_run_case+0x170/0x3f0 [ 20.937152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.937205] kthread+0x328/0x630 [ 20.937243] ret_from_fork+0x10/0x20 [ 20.937283] [ 20.937308] kfence-#91: 0x0000000011041d17-0x00000000a8796dbc, size=32, cache=test [ 20.937308] [ 20.937389] allocated by task 293 on cpu 0 at 20.936372s (0.001012s ago): [ 20.937478] test_alloc+0x230/0x628 [ 20.937655] test_out_of_bounds_write+0xc8/0x240 [ 20.937697] kunit_try_run_case+0x170/0x3f0 [ 20.937736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.937779] kthread+0x328/0x630 [ 20.937815] ret_from_fork+0x10/0x20 [ 20.937873] [ 20.937919] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.938021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.938052] Hardware name: linux,dummy-virt (DT) [ 20.938106] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.897378] ================================================================== [ 18.897444] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.897500] Read of size 1 at addr ffff800080a97b4a by task kunit_try_catch/253 [ 18.897551] [ 18.897583] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.897664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897693] Hardware name: linux,dummy-virt (DT) [ 18.897965] Call trace: [ 18.897997] show_stack+0x20/0x38 (C) [ 18.898050] dump_stack_lvl+0x8c/0xd0 [ 18.898159] print_report+0x310/0x5d0 [ 18.898216] kasan_report+0xdc/0x128 [ 18.898281] __asan_report_load1_noabort+0x20/0x30 [ 18.898393] kasan_alloca_oob_right+0x2dc/0x340 [ 18.898473] kunit_try_run_case+0x170/0x3f0 [ 18.898525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898620] kthread+0x328/0x630 [ 18.898665] ret_from_fork+0x10/0x20 [ 18.898714] [ 18.898737] The buggy address belongs to stack of task kunit_try_catch/253 [ 18.898791] [ 18.898811] The buggy address ffff800080a97b4a belongs to a vmalloc virtual mapping [ 18.898853] The buggy address belongs to the physical page: [ 18.898898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d2 [ 18.898950] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.899010] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.899061] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.899103] page dumped because: kasan: bad access detected [ 18.899134] [ 18.899155] Memory state around the buggy address: [ 18.899187] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.899239] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.899282] >ffff800080a97b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.899321] ^ [ 18.899358] ffff800080a97b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.899401] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.899441] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.194382] ================================================================== [ 20.194734] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.194734] [ 20.194830] Out-of-bounds read at 0x000000006a90cfa8 (1B left of kfence-#84): [ 20.194903] test_out_of_bounds_read+0x114/0x3e0 [ 20.195205] kunit_try_run_case+0x170/0x3f0 [ 20.195345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.195619] kthread+0x328/0x630 [ 20.195810] ret_from_fork+0x10/0x20 [ 20.195900] [ 20.195927] kfence-#84: 0x00000000b3dec938-0x00000000367ba2df, size=32, cache=test [ 20.195927] [ 20.195983] allocated by task 289 on cpu 0 at 20.194174s (0.001804s ago): [ 20.196770] test_alloc+0x230/0x628 [ 20.196897] test_out_of_bounds_read+0xdc/0x3e0 [ 20.197081] kunit_try_run_case+0x170/0x3f0 [ 20.197140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.197183] kthread+0x328/0x630 [ 20.197220] ret_from_fork+0x10/0x20 [ 20.197259] [ 20.197319] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.197410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.197440] Hardware name: linux,dummy-virt (DT) [ 20.197481] ================================================================== [ 19.657780] ================================================================== [ 19.657939] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.657939] [ 19.658078] Out-of-bounds read at 0x0000000009008d0d (1B left of kfence-#79): [ 19.658326] test_out_of_bounds_read+0x114/0x3e0 [ 19.658389] kunit_try_run_case+0x170/0x3f0 [ 19.658464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658508] kthread+0x328/0x630 [ 19.658607] ret_from_fork+0x10/0x20 [ 19.658653] [ 19.658814] kfence-#79: 0x000000009c6d5f7a-0x00000000dd77bd5d, size=32, cache=kmalloc-32 [ 19.658814] [ 19.659233] allocated by task 287 on cpu 0 at 19.656889s (0.002241s ago): [ 19.659629] test_alloc+0x29c/0x628 [ 19.659720] test_out_of_bounds_read+0xdc/0x3e0 [ 19.659798] kunit_try_run_case+0x170/0x3f0 [ 19.659968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.660035] kthread+0x328/0x630 [ 19.660163] ret_from_fork+0x10/0x20 [ 19.660311] [ 19.660537] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.660789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.660883] Hardware name: linux,dummy-virt (DT) [ 19.660999] ================================================================== [ 20.086652] ================================================================== [ 20.086749] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.086749] [ 20.086918] Out-of-bounds read at 0x000000001d88cc1e (32B right of kfence-#83): [ 20.087002] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.087114] kunit_try_run_case+0x170/0x3f0 [ 20.087163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.087454] kthread+0x328/0x630 [ 20.087599] ret_from_fork+0x10/0x20 [ 20.087676] [ 20.087702] kfence-#83: 0x00000000fede9746-0x0000000071a60b0a, size=32, cache=kmalloc-32 [ 20.087702] [ 20.088107] allocated by task 287 on cpu 0 at 20.085994s (0.002091s ago): [ 20.088257] test_alloc+0x29c/0x628 [ 20.088607] test_out_of_bounds_read+0x198/0x3e0 [ 20.088750] kunit_try_run_case+0x170/0x3f0 [ 20.089135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.089267] kthread+0x328/0x630 [ 20.089625] ret_from_fork+0x10/0x20 [ 20.089726] [ 20.089884] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.090297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.090758] Hardware name: linux,dummy-virt (DT) [ 20.090966] ================================================================== [ 20.405807] ================================================================== [ 20.406238] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.406238] [ 20.406417] Out-of-bounds read at 0x00000000c7606567 (32B right of kfence-#86): [ 20.406485] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.406939] kunit_try_run_case+0x170/0x3f0 [ 20.407062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.407115] kthread+0x328/0x630 [ 20.407155] ret_from_fork+0x10/0x20 [ 20.407198] [ 20.407230] kfence-#86: 0x0000000036633588-0x00000000e207ce3b, size=32, cache=test [ 20.407230] [ 20.407290] allocated by task 289 on cpu 0 at 20.405590s (0.001689s ago): [ 20.407359] test_alloc+0x230/0x628 [ 20.407400] test_out_of_bounds_read+0x198/0x3e0 [ 20.407442] kunit_try_run_case+0x170/0x3f0 [ 20.407483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.407525] kthread+0x328/0x630 [ 20.407562] ret_from_fork+0x10/0x20 [ 20.407600] [ 20.407643] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.407719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.408230] Hardware name: linux,dummy-virt (DT) [ 20.408311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.558699] ================================================================== [ 19.558765] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.558822] Write of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.558886] [ 19.558963] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.559190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.559236] Hardware name: linux,dummy-virt (DT) [ 19.559274] Call trace: [ 19.559317] show_stack+0x20/0x38 (C) [ 19.559369] dump_stack_lvl+0x8c/0xd0 [ 19.559446] print_report+0x118/0x5d0 [ 19.559495] kasan_report+0xdc/0x128 [ 19.559542] kasan_check_range+0x100/0x1a8 [ 19.559882] __kasan_check_write+0x20/0x30 [ 19.559974] strncpy_from_user+0x3c/0x2a0 [ 19.560027] copy_user_test_oob+0x5c0/0xec8 [ 19.560094] kunit_try_run_case+0x170/0x3f0 [ 19.560422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.560529] kthread+0x328/0x630 [ 19.560604] ret_from_fork+0x10/0x20 [ 19.560745] [ 19.560793] Allocated by task 285: [ 19.560879] kasan_save_stack+0x3c/0x68 [ 19.560936] kasan_save_track+0x20/0x40 [ 19.561045] kasan_save_alloc_info+0x40/0x58 [ 19.561110] __kasan_kmalloc+0xd4/0xd8 [ 19.561175] __kmalloc_noprof+0x198/0x4c8 [ 19.561312] kunit_kmalloc_array+0x34/0x88 [ 19.561390] copy_user_test_oob+0xac/0xec8 [ 19.561466] kunit_try_run_case+0x170/0x3f0 [ 19.561504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.561549] kthread+0x328/0x630 [ 19.561606] ret_from_fork+0x10/0x20 [ 19.561642] [ 19.561664] The buggy address belongs to the object at fff00000c79f8300 [ 19.561664] which belongs to the cache kmalloc-128 of size 128 [ 19.561723] The buggy address is located 0 bytes inside of [ 19.561723] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.561787] [ 19.561808] The buggy address belongs to the physical page: [ 19.561840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.561906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.561954] page_type: f5(slab) [ 19.562119] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.562176] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.562227] page dumped because: kasan: bad access detected [ 19.562283] [ 19.562332] Memory state around the buggy address: [ 19.562378] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.562423] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.562491] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.562546] ^ [ 19.562592] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.562636] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.562677] ================================================================== [ 19.563605] ================================================================== [ 19.563837] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.563946] Write of size 1 at addr fff00000c79f8378 by task kunit_try_catch/285 [ 19.564119] [ 19.564293] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.564395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.564502] Hardware name: linux,dummy-virt (DT) [ 19.564559] Call trace: [ 19.564583] show_stack+0x20/0x38 (C) [ 19.564634] dump_stack_lvl+0x8c/0xd0 [ 19.564704] print_report+0x118/0x5d0 [ 19.564752] kasan_report+0xdc/0x128 [ 19.564958] __asan_report_store1_noabort+0x20/0x30 [ 19.565114] strncpy_from_user+0x270/0x2a0 [ 19.565300] copy_user_test_oob+0x5c0/0xec8 [ 19.565412] kunit_try_run_case+0x170/0x3f0 [ 19.565806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.565897] kthread+0x328/0x630 [ 19.566013] ret_from_fork+0x10/0x20 [ 19.566112] [ 19.566180] Allocated by task 285: [ 19.566299] kasan_save_stack+0x3c/0x68 [ 19.566358] kasan_save_track+0x20/0x40 [ 19.566423] kasan_save_alloc_info+0x40/0x58 [ 19.566467] __kasan_kmalloc+0xd4/0xd8 [ 19.566504] __kmalloc_noprof+0x198/0x4c8 [ 19.566838] kunit_kmalloc_array+0x34/0x88 [ 19.566915] copy_user_test_oob+0xac/0xec8 [ 19.567081] kunit_try_run_case+0x170/0x3f0 [ 19.567136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567198] kthread+0x328/0x630 [ 19.567631] ret_from_fork+0x10/0x20 [ 19.567669] [ 19.567691] The buggy address belongs to the object at fff00000c79f8300 [ 19.567691] which belongs to the cache kmalloc-128 of size 128 [ 19.567785] The buggy address is located 0 bytes to the right of [ 19.567785] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.567851] [ 19.567882] The buggy address belongs to the physical page: [ 19.567914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.568121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.568179] page_type: f5(slab) [ 19.568219] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.568501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.568587] page dumped because: kasan: bad access detected [ 19.568700] [ 19.568761] Memory state around the buggy address: [ 19.568809] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.568853] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.568926] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.568984] ^ [ 19.569109] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569185] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.569268] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.553956] ================================================================== [ 19.554033] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.554148] Read of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.554201] [ 19.554235] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.554619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.554664] Hardware name: linux,dummy-virt (DT) [ 19.554705] Call trace: [ 19.554740] show_stack+0x20/0x38 (C) [ 19.554794] dump_stack_lvl+0x8c/0xd0 [ 19.554840] print_report+0x118/0x5d0 [ 19.554895] kasan_report+0xdc/0x128 [ 19.554943] kasan_check_range+0x100/0x1a8 [ 19.554990] __kasan_check_read+0x20/0x30 [ 19.555035] copy_user_test_oob+0x4a0/0xec8 [ 19.555091] kunit_try_run_case+0x170/0x3f0 [ 19.555149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.555203] kthread+0x328/0x630 [ 19.555261] ret_from_fork+0x10/0x20 [ 19.555330] [ 19.555353] Allocated by task 285: [ 19.555381] kasan_save_stack+0x3c/0x68 [ 19.555424] kasan_save_track+0x20/0x40 [ 19.555486] kasan_save_alloc_info+0x40/0x58 [ 19.555531] __kasan_kmalloc+0xd4/0xd8 [ 19.555568] __kmalloc_noprof+0x198/0x4c8 [ 19.555608] kunit_kmalloc_array+0x34/0x88 [ 19.555646] copy_user_test_oob+0xac/0xec8 [ 19.555685] kunit_try_run_case+0x170/0x3f0 [ 19.555782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.555831] kthread+0x328/0x630 [ 19.555876] ret_from_fork+0x10/0x20 [ 19.555913] [ 19.555936] The buggy address belongs to the object at fff00000c79f8300 [ 19.555936] which belongs to the cache kmalloc-128 of size 128 [ 19.555993] The buggy address is located 0 bytes inside of [ 19.555993] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.556373] [ 19.556401] The buggy address belongs to the physical page: [ 19.556436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.556492] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.556556] page_type: f5(slab) [ 19.556624] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.556677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.556720] page dumped because: kasan: bad access detected [ 19.556754] [ 19.556774] Memory state around the buggy address: [ 19.556809] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.556970] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.557097] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.557185] ^ [ 19.557296] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.557392] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.557434] ================================================================== [ 19.538772] ================================================================== [ 19.538847] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.538913] Read of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.539163] [ 19.539206] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.539304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.539430] Hardware name: linux,dummy-virt (DT) [ 19.539465] Call trace: [ 19.539506] show_stack+0x20/0x38 (C) [ 19.539556] dump_stack_lvl+0x8c/0xd0 [ 19.539604] print_report+0x118/0x5d0 [ 19.540018] kasan_report+0xdc/0x128 [ 19.540154] kasan_check_range+0x100/0x1a8 [ 19.540456] __kasan_check_read+0x20/0x30 [ 19.540511] copy_user_test_oob+0x3c8/0xec8 [ 19.540566] kunit_try_run_case+0x170/0x3f0 [ 19.540613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.540667] kthread+0x328/0x630 [ 19.540712] ret_from_fork+0x10/0x20 [ 19.541105] [ 19.541159] Allocated by task 285: [ 19.541209] kasan_save_stack+0x3c/0x68 [ 19.541446] kasan_save_track+0x20/0x40 [ 19.541620] kasan_save_alloc_info+0x40/0x58 [ 19.541706] __kasan_kmalloc+0xd4/0xd8 [ 19.541806] __kmalloc_noprof+0x198/0x4c8 [ 19.541884] kunit_kmalloc_array+0x34/0x88 [ 19.541956] copy_user_test_oob+0xac/0xec8 [ 19.542073] kunit_try_run_case+0x170/0x3f0 [ 19.542172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.542249] kthread+0x328/0x630 [ 19.542352] ret_from_fork+0x10/0x20 [ 19.542431] [ 19.542495] The buggy address belongs to the object at fff00000c79f8300 [ 19.542495] which belongs to the cache kmalloc-128 of size 128 [ 19.542555] The buggy address is located 0 bytes inside of [ 19.542555] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.542874] [ 19.543002] The buggy address belongs to the physical page: [ 19.543072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.543157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.543371] page_type: f5(slab) [ 19.543545] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.543681] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.543781] page dumped because: kasan: bad access detected [ 19.543845] [ 19.543955] Memory state around the buggy address: [ 19.544001] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.544069] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544122] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.544228] ^ [ 19.544278] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544324] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544375] ================================================================== [ 19.534573] ================================================================== [ 19.534639] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.534696] Write of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.534749] [ 19.534785] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.534882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.534911] Hardware name: linux,dummy-virt (DT) [ 19.534944] Call trace: [ 19.534970] show_stack+0x20/0x38 (C) [ 19.535020] dump_stack_lvl+0x8c/0xd0 [ 19.535067] print_report+0x118/0x5d0 [ 19.535113] kasan_report+0xdc/0x128 [ 19.535172] kasan_check_range+0x100/0x1a8 [ 19.535229] __kasan_check_write+0x20/0x30 [ 19.535287] copy_user_test_oob+0x35c/0xec8 [ 19.535336] kunit_try_run_case+0x170/0x3f0 [ 19.535384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.535445] kthread+0x328/0x630 [ 19.535491] ret_from_fork+0x10/0x20 [ 19.535549] [ 19.535573] Allocated by task 285: [ 19.535611] kasan_save_stack+0x3c/0x68 [ 19.535658] kasan_save_track+0x20/0x40 [ 19.535699] kasan_save_alloc_info+0x40/0x58 [ 19.535769] __kasan_kmalloc+0xd4/0xd8 [ 19.535810] __kmalloc_noprof+0x198/0x4c8 [ 19.535850] kunit_kmalloc_array+0x34/0x88 [ 19.536320] copy_user_test_oob+0xac/0xec8 [ 19.536381] kunit_try_run_case+0x170/0x3f0 [ 19.536448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.536536] kthread+0x328/0x630 [ 19.536573] ret_from_fork+0x10/0x20 [ 19.536645] [ 19.536690] The buggy address belongs to the object at fff00000c79f8300 [ 19.536690] which belongs to the cache kmalloc-128 of size 128 [ 19.536751] The buggy address is located 0 bytes inside of [ 19.536751] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.536813] [ 19.536968] The buggy address belongs to the physical page: [ 19.537011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.537065] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.537121] page_type: f5(slab) [ 19.537162] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.537214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.537255] page dumped because: kasan: bad access detected [ 19.537288] [ 19.537310] Memory state around the buggy address: [ 19.537397] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.537500] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.537546] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.537616] ^ [ 19.537693] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.537818] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.537899] ================================================================== [ 19.547876] ================================================================== [ 19.547932] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.547984] Write of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.548035] [ 19.548068] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.548152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.548182] Hardware name: linux,dummy-virt (DT) [ 19.548213] Call trace: [ 19.548237] show_stack+0x20/0x38 (C) [ 19.548284] dump_stack_lvl+0x8c/0xd0 [ 19.548332] print_report+0x118/0x5d0 [ 19.548378] kasan_report+0xdc/0x128 [ 19.548424] kasan_check_range+0x100/0x1a8 [ 19.548475] __kasan_check_write+0x20/0x30 [ 19.548521] copy_user_test_oob+0x434/0xec8 [ 19.548570] kunit_try_run_case+0x170/0x3f0 [ 19.548620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.548674] kthread+0x328/0x630 [ 19.548717] ret_from_fork+0x10/0x20 [ 19.548765] [ 19.548786] Allocated by task 285: [ 19.548816] kasan_save_stack+0x3c/0x68 [ 19.548857] kasan_save_track+0x20/0x40 [ 19.548905] kasan_save_alloc_info+0x40/0x58 [ 19.548946] __kasan_kmalloc+0xd4/0xd8 [ 19.548985] __kmalloc_noprof+0x198/0x4c8 [ 19.549024] kunit_kmalloc_array+0x34/0x88 [ 19.549063] copy_user_test_oob+0xac/0xec8 [ 19.549100] kunit_try_run_case+0x170/0x3f0 [ 19.549146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.549192] kthread+0x328/0x630 [ 19.549225] ret_from_fork+0x10/0x20 [ 19.549262] [ 19.549283] The buggy address belongs to the object at fff00000c79f8300 [ 19.549283] which belongs to the cache kmalloc-128 of size 128 [ 19.549341] The buggy address is located 0 bytes inside of [ 19.549341] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.549404] [ 19.549425] The buggy address belongs to the physical page: [ 19.549458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.549510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.549559] page_type: f5(slab) [ 19.549597] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.549648] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.549689] page dumped because: kasan: bad access detected [ 19.549724] [ 19.549744] Memory state around the buggy address: [ 19.549778] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.549822] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549910] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.549951] ^ [ 19.550331] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.550381] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.550422] ================================================================== [ 19.523554] ================================================================== [ 19.523851] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.523957] Read of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.524044] [ 19.524110] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.524210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.524263] Hardware name: linux,dummy-virt (DT) [ 19.524339] Call trace: [ 19.524363] show_stack+0x20/0x38 (C) [ 19.524437] dump_stack_lvl+0x8c/0xd0 [ 19.524511] print_report+0x118/0x5d0 [ 19.524617] kasan_report+0xdc/0x128 [ 19.524664] kasan_check_range+0x100/0x1a8 [ 19.524712] __kasan_check_read+0x20/0x30 [ 19.524756] copy_user_test_oob+0x728/0xec8 [ 19.524805] kunit_try_run_case+0x170/0x3f0 [ 19.525065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.525177] kthread+0x328/0x630 [ 19.525242] ret_from_fork+0x10/0x20 [ 19.525315] [ 19.525354] Allocated by task 285: [ 19.525385] kasan_save_stack+0x3c/0x68 [ 19.525634] kasan_save_track+0x20/0x40 [ 19.525765] kasan_save_alloc_info+0x40/0x58 [ 19.525833] __kasan_kmalloc+0xd4/0xd8 [ 19.525910] __kmalloc_noprof+0x198/0x4c8 [ 19.526022] kunit_kmalloc_array+0x34/0x88 [ 19.526108] copy_user_test_oob+0xac/0xec8 [ 19.526211] kunit_try_run_case+0x170/0x3f0 [ 19.526290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.526373] kthread+0x328/0x630 [ 19.526448] ret_from_fork+0x10/0x20 [ 19.526526] [ 19.526574] The buggy address belongs to the object at fff00000c79f8300 [ 19.526574] which belongs to the cache kmalloc-128 of size 128 [ 19.526634] The buggy address is located 0 bytes inside of [ 19.526634] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.526991] [ 19.527027] The buggy address belongs to the physical page: [ 19.527087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.527168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.527509] page_type: f5(slab) [ 19.527564] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.527659] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.527752] page dumped because: kasan: bad access detected [ 19.527806] [ 19.527851] Memory state around the buggy address: [ 19.527918] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.528001] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.528085] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.528164] ^ [ 19.528248] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.528294] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.528334] ================================================================== [ 19.514816] ================================================================== [ 19.514982] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.515082] Write of size 121 at addr fff00000c79f8300 by task kunit_try_catch/285 [ 19.515148] [ 19.515196] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.515479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.515528] Hardware name: linux,dummy-virt (DT) [ 19.515604] Call trace: [ 19.515641] show_stack+0x20/0x38 (C) [ 19.515704] dump_stack_lvl+0x8c/0xd0 [ 19.515791] print_report+0x118/0x5d0 [ 19.516016] kasan_report+0xdc/0x128 [ 19.516093] kasan_check_range+0x100/0x1a8 [ 19.516144] __kasan_check_write+0x20/0x30 [ 19.516191] copy_user_test_oob+0x234/0xec8 [ 19.516247] kunit_try_run_case+0x170/0x3f0 [ 19.516305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.516369] kthread+0x328/0x630 [ 19.516422] ret_from_fork+0x10/0x20 [ 19.516501] [ 19.516532] Allocated by task 285: [ 19.516582] kasan_save_stack+0x3c/0x68 [ 19.516638] kasan_save_track+0x20/0x40 [ 19.516677] kasan_save_alloc_info+0x40/0x58 [ 19.516719] __kasan_kmalloc+0xd4/0xd8 [ 19.516762] __kmalloc_noprof+0x198/0x4c8 [ 19.516802] kunit_kmalloc_array+0x34/0x88 [ 19.516850] copy_user_test_oob+0xac/0xec8 [ 19.516903] kunit_try_run_case+0x170/0x3f0 [ 19.516945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.516991] kthread+0x328/0x630 [ 19.517038] ret_from_fork+0x10/0x20 [ 19.517093] [ 19.517129] The buggy address belongs to the object at fff00000c79f8300 [ 19.517129] which belongs to the cache kmalloc-128 of size 128 [ 19.517213] The buggy address is located 0 bytes inside of [ 19.517213] allocated 120-byte region [fff00000c79f8300, fff00000c79f8378) [ 19.517277] [ 19.517302] The buggy address belongs to the physical page: [ 19.517348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.517419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.517474] page_type: f5(slab) [ 19.517528] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.517589] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.517632] page dumped because: kasan: bad access detected [ 19.517665] [ 19.517692] Memory state around the buggy address: [ 19.517734] fff00000c79f8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.517780] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517825] >fff00000c79f8300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.517887] ^ [ 19.517930] fff00000c79f8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517974] fff00000c79f8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.518488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.459191] ================================================================== [ 19.459297] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.459366] Read of size 8 at addr fff00000c79f8278 by task kunit_try_catch/281 [ 19.459420] [ 19.459509] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.459598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.459627] Hardware name: linux,dummy-virt (DT) [ 19.459722] Call trace: [ 19.459783] show_stack+0x20/0x38 (C) [ 19.460000] dump_stack_lvl+0x8c/0xd0 [ 19.460073] print_report+0x118/0x5d0 [ 19.460124] kasan_report+0xdc/0x128 [ 19.460171] __asan_report_load8_noabort+0x20/0x30 [ 19.460285] copy_to_kernel_nofault+0x204/0x250 [ 19.460485] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.460636] kunit_try_run_case+0x170/0x3f0 [ 19.460711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.460773] kthread+0x328/0x630 [ 19.460840] ret_from_fork+0x10/0x20 [ 19.460986] [ 19.461034] Allocated by task 281: [ 19.461092] kasan_save_stack+0x3c/0x68 [ 19.461172] kasan_save_track+0x20/0x40 [ 19.461285] kasan_save_alloc_info+0x40/0x58 [ 19.461343] __kasan_kmalloc+0xd4/0xd8 [ 19.461415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.461470] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.461510] kunit_try_run_case+0x170/0x3f0 [ 19.461784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.461954] kthread+0x328/0x630 [ 19.462096] ret_from_fork+0x10/0x20 [ 19.462153] [ 19.462210] The buggy address belongs to the object at fff00000c79f8200 [ 19.462210] which belongs to the cache kmalloc-128 of size 128 [ 19.462367] The buggy address is located 0 bytes to the right of [ 19.462367] allocated 120-byte region [fff00000c79f8200, fff00000c79f8278) [ 19.462454] [ 19.462498] The buggy address belongs to the physical page: [ 19.462568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.462725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.462777] page_type: f5(slab) [ 19.462827] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.463298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.463656] page dumped because: kasan: bad access detected [ 19.463732] [ 19.463897] Memory state around the buggy address: [ 19.463996] fff00000c79f8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.464050] fff00000c79f8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464170] >fff00000c79f8200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.464239] ^ [ 19.464324] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464465] fff00000c79f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.464523] ================================================================== [ 19.465094] ================================================================== [ 19.465148] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.465202] Write of size 8 at addr fff00000c79f8278 by task kunit_try_catch/281 [ 19.465255] [ 19.465287] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.465368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.465397] Hardware name: linux,dummy-virt (DT) [ 19.465430] Call trace: [ 19.465454] show_stack+0x20/0x38 (C) [ 19.465504] dump_stack_lvl+0x8c/0xd0 [ 19.465554] print_report+0x118/0x5d0 [ 19.465600] kasan_report+0xdc/0x128 [ 19.465649] kasan_check_range+0x100/0x1a8 [ 19.465700] __kasan_check_write+0x20/0x30 [ 19.465747] copy_to_kernel_nofault+0x8c/0x250 [ 19.466005] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.466077] kunit_try_run_case+0x170/0x3f0 [ 19.466126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.466178] kthread+0x328/0x630 [ 19.466235] ret_from_fork+0x10/0x20 [ 19.466293] [ 19.466316] Allocated by task 281: [ 19.466355] kasan_save_stack+0x3c/0x68 [ 19.466397] kasan_save_track+0x20/0x40 [ 19.466437] kasan_save_alloc_info+0x40/0x58 [ 19.466480] __kasan_kmalloc+0xd4/0xd8 [ 19.466518] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.466566] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.466623] kunit_try_run_case+0x170/0x3f0 [ 19.466662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.466707] kthread+0x328/0x630 [ 19.466741] ret_from_fork+0x10/0x20 [ 19.466778] [ 19.466799] The buggy address belongs to the object at fff00000c79f8200 [ 19.466799] which belongs to the cache kmalloc-128 of size 128 [ 19.466876] The buggy address is located 0 bytes to the right of [ 19.466876] allocated 120-byte region [fff00000c79f8200, fff00000c79f8278) [ 19.466942] [ 19.466963] The buggy address belongs to the physical page: [ 19.466995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f8 [ 19.467562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.467650] page_type: f5(slab) [ 19.467698] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.468099] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.468161] page dumped because: kasan: bad access detected [ 19.468255] [ 19.468296] Memory state around the buggy address: [ 19.468331] fff00000c79f8100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.468376] fff00000c79f8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.468443] >fff00000c79f8200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.468510] ^ [ 19.468554] fff00000c79f8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.468614] fff00000c79f8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.468672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.421835] ================================================================== [ 19.421909] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.422146] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.422222] [ 19.422256] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.422367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.422405] Hardware name: linux,dummy-virt (DT) [ 19.422453] Call trace: [ 19.422492] show_stack+0x20/0x38 (C) [ 19.422580] dump_stack_lvl+0x8c/0xd0 [ 19.422630] print_report+0x310/0x5d0 [ 19.422676] kasan_report+0xdc/0x128 [ 19.423017] __asan_report_load1_noabort+0x20/0x30 [ 19.423108] vmalloc_oob+0x51c/0x5d0 [ 19.423174] kunit_try_run_case+0x170/0x3f0 [ 19.423306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.423400] kthread+0x328/0x630 [ 19.423443] ret_from_fork+0x10/0x20 [ 19.423493] [ 19.423516] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 19.423686] The buggy address belongs to the physical page: [ 19.423720] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ff [ 19.424609] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.424780] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.424856] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.424925] page dumped because: kasan: bad access detected [ 19.425058] [ 19.425130] Memory state around the buggy address: [ 19.425193] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.425247] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.425291] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.425331] ^ [ 19.425373] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.425417] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.425753] ================================================================== [ 19.418408] ================================================================== [ 19.418480] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.418546] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.418598] [ 19.418635] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.418718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.418758] Hardware name: linux,dummy-virt (DT) [ 19.418815] Call trace: [ 19.418840] show_stack+0x20/0x38 (C) [ 19.418905] dump_stack_lvl+0x8c/0xd0 [ 19.418955] print_report+0x310/0x5d0 [ 19.419003] kasan_report+0xdc/0x128 [ 19.419048] __asan_report_load1_noabort+0x20/0x30 [ 19.419100] vmalloc_oob+0x578/0x5d0 [ 19.419143] kunit_try_run_case+0x170/0x3f0 [ 19.419193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.419255] kthread+0x328/0x630 [ 19.419299] ret_from_fork+0x10/0x20 [ 19.419346] [ 19.419555] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 19.419606] The buggy address belongs to the physical page: [ 19.419953] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ff [ 19.420109] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.420275] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.420363] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.420746] page dumped because: kasan: bad access detected [ 19.420834] [ 19.420899] Memory state around the buggy address: [ 19.420936] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.420993] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.421059] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.421192] ^ [ 19.421253] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.421308] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.421351] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.401574] ================================================================== [ 19.401621] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.401960] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.402047] [ 19.402213] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.402307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.402466] Hardware name: linux,dummy-virt (DT) [ 19.402604] Call trace: [ 19.402718] show_stack+0x20/0x38 (C) [ 19.402772] dump_stack_lvl+0x8c/0xd0 [ 19.402890] print_report+0x118/0x5d0 [ 19.402957] kasan_report+0xdc/0x128 [ 19.403012] kasan_check_range+0x100/0x1a8 [ 19.403062] __kasan_check_write+0x20/0x30 [ 19.403107] kasan_atomics_helper+0x17ec/0x4858 [ 19.403206] kasan_atomics+0x198/0x2e0 [ 19.403265] kunit_try_run_case+0x170/0x3f0 [ 19.403333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.403395] kthread+0x328/0x630 [ 19.403502] ret_from_fork+0x10/0x20 [ 19.403549] [ 19.403570] Allocated by task 265: [ 19.403600] kasan_save_stack+0x3c/0x68 [ 19.403641] kasan_save_track+0x20/0x40 [ 19.403696] kasan_save_alloc_info+0x40/0x58 [ 19.403897] __kasan_kmalloc+0xd4/0xd8 [ 19.404212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.404297] kasan_atomics+0xb8/0x2e0 [ 19.404365] kunit_try_run_case+0x170/0x3f0 [ 19.404420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.404480] kthread+0x328/0x630 [ 19.404517] ret_from_fork+0x10/0x20 [ 19.404555] [ 19.404585] The buggy address belongs to the object at fff00000c79fb480 [ 19.404585] which belongs to the cache kmalloc-64 of size 64 [ 19.404652] The buggy address is located 0 bytes to the right of [ 19.404652] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.404717] [ 19.404741] The buggy address belongs to the physical page: [ 19.404803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.404858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.404917] page_type: f5(slab) [ 19.405006] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.405295] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.405369] page dumped because: kasan: bad access detected [ 19.405484] [ 19.405532] Memory state around the buggy address: [ 19.405589] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406086] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406148] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.406216] ^ [ 19.406252] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406297] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406589] ================================================================== [ 19.292989] ================================================================== [ 19.293045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.293098] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.293149] [ 19.293185] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.293268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.293295] Hardware name: linux,dummy-virt (DT) [ 19.293329] Call trace: [ 19.293352] show_stack+0x20/0x38 (C) [ 19.293401] dump_stack_lvl+0x8c/0xd0 [ 19.293447] print_report+0x118/0x5d0 [ 19.293494] kasan_report+0xdc/0x128 [ 19.293539] kasan_check_range+0x100/0x1a8 [ 19.293588] __kasan_check_write+0x20/0x30 [ 19.293633] kasan_atomics_helper+0xf88/0x4858 [ 19.293680] kasan_atomics+0x198/0x2e0 [ 19.293726] kunit_try_run_case+0x170/0x3f0 [ 19.293772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.293825] kthread+0x328/0x630 [ 19.293899] ret_from_fork+0x10/0x20 [ 19.293951] [ 19.293971] Allocated by task 265: [ 19.294000] kasan_save_stack+0x3c/0x68 [ 19.294042] kasan_save_track+0x20/0x40 [ 19.294080] kasan_save_alloc_info+0x40/0x58 [ 19.294122] __kasan_kmalloc+0xd4/0xd8 [ 19.294160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.294200] kasan_atomics+0xb8/0x2e0 [ 19.294237] kunit_try_run_case+0x170/0x3f0 [ 19.294276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.294325] kthread+0x328/0x630 [ 19.294359] ret_from_fork+0x10/0x20 [ 19.294396] [ 19.294417] The buggy address belongs to the object at fff00000c79fb480 [ 19.294417] which belongs to the cache kmalloc-64 of size 64 [ 19.294475] The buggy address is located 0 bytes to the right of [ 19.294475] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.294538] [ 19.294559] The buggy address belongs to the physical page: [ 19.294592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.294645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.294695] page_type: f5(slab) [ 19.294734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.294785] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.294827] page dumped because: kasan: bad access detected [ 19.294860] [ 19.294892] Memory state around the buggy address: [ 19.294924] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.294968] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.295012] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.295051] ^ [ 19.295083] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.295126] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.295166] ================================================================== [ 19.305688] ================================================================== [ 19.305793] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.305878] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.305974] [ 19.306044] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.306140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.306436] Hardware name: linux,dummy-virt (DT) [ 19.306519] Call trace: [ 19.306546] show_stack+0x20/0x38 (C) [ 19.306634] dump_stack_lvl+0x8c/0xd0 [ 19.306722] print_report+0x118/0x5d0 [ 19.306778] kasan_report+0xdc/0x128 [ 19.306826] kasan_check_range+0x100/0x1a8 [ 19.306905] __kasan_check_write+0x20/0x30 [ 19.306981] kasan_atomics_helper+0x10c0/0x4858 [ 19.307062] kasan_atomics+0x198/0x2e0 [ 19.307147] kunit_try_run_case+0x170/0x3f0 [ 19.307195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307254] kthread+0x328/0x630 [ 19.307324] ret_from_fork+0x10/0x20 [ 19.307587] [ 19.307621] Allocated by task 265: [ 19.307679] kasan_save_stack+0x3c/0x68 [ 19.308003] kasan_save_track+0x20/0x40 [ 19.308665] kasan_save_alloc_info+0x40/0x58 [ 19.308904] __kasan_kmalloc+0xd4/0xd8 [ 19.309282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.309525] kasan_atomics+0xb8/0x2e0 [ 19.309579] kunit_try_run_case+0x170/0x3f0 [ 19.309619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.309665] kthread+0x328/0x630 [ 19.309700] ret_from_fork+0x10/0x20 [ 19.309739] [ 19.309761] The buggy address belongs to the object at fff00000c79fb480 [ 19.309761] which belongs to the cache kmalloc-64 of size 64 [ 19.309822] The buggy address is located 0 bytes to the right of [ 19.309822] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.309898] [ 19.309920] The buggy address belongs to the physical page: [ 19.309952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.310006] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.310055] page_type: f5(slab) [ 19.310094] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.310146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.310189] page dumped because: kasan: bad access detected [ 19.310226] [ 19.310248] Memory state around the buggy address: [ 19.310281] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.310325] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.310370] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.310411] ^ [ 19.310443] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.310487] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.310527] ================================================================== [ 19.364009] ================================================================== [ 19.364072] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.364123] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.364265] [ 19.364402] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.364517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.364546] Hardware name: linux,dummy-virt (DT) [ 19.364603] Call trace: [ 19.364628] show_stack+0x20/0x38 (C) [ 19.364792] dump_stack_lvl+0x8c/0xd0 [ 19.364878] print_report+0x118/0x5d0 [ 19.364929] kasan_report+0xdc/0x128 [ 19.364983] kasan_check_range+0x100/0x1a8 [ 19.365043] __kasan_check_write+0x20/0x30 [ 19.365096] kasan_atomics_helper+0x15b4/0x4858 [ 19.365161] kasan_atomics+0x198/0x2e0 [ 19.365216] kunit_try_run_case+0x170/0x3f0 [ 19.365341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.365493] kthread+0x328/0x630 [ 19.365546] ret_from_fork+0x10/0x20 [ 19.365594] [ 19.365631] Allocated by task 265: [ 19.365711] kasan_save_stack+0x3c/0x68 [ 19.365780] kasan_save_track+0x20/0x40 [ 19.365827] kasan_save_alloc_info+0x40/0x58 [ 19.365927] __kasan_kmalloc+0xd4/0xd8 [ 19.365974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.366021] kasan_atomics+0xb8/0x2e0 [ 19.366069] kunit_try_run_case+0x170/0x3f0 [ 19.366152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.366198] kthread+0x328/0x630 [ 19.366231] ret_from_fork+0x10/0x20 [ 19.366287] [ 19.366309] The buggy address belongs to the object at fff00000c79fb480 [ 19.366309] which belongs to the cache kmalloc-64 of size 64 [ 19.366464] The buggy address is located 0 bytes to the right of [ 19.366464] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.366635] [ 19.366662] The buggy address belongs to the physical page: [ 19.366695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.366760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.366934] page_type: f5(slab) [ 19.366977] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.367030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.367163] page dumped because: kasan: bad access detected [ 19.367211] [ 19.367251] Memory state around the buggy address: [ 19.367304] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.367350] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.367395] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.367458] ^ [ 19.367493] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.367536] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.367574] ================================================================== [ 19.247140] ================================================================== [ 19.247183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.247242] Write of size 4 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.247293] [ 19.247321] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.247401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.247430] Hardware name: linux,dummy-virt (DT) [ 19.247460] Call trace: [ 19.247493] show_stack+0x20/0x38 (C) [ 19.247540] dump_stack_lvl+0x8c/0xd0 [ 19.247588] print_report+0x118/0x5d0 [ 19.247633] kasan_report+0xdc/0x128 [ 19.247680] kasan_check_range+0x100/0x1a8 [ 19.247727] __kasan_check_write+0x20/0x30 [ 19.247774] kasan_atomics_helper+0xd3c/0x4858 [ 19.247834] kasan_atomics+0x198/0x2e0 [ 19.248454] kunit_try_run_case+0x170/0x3f0 [ 19.248727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.248789] kthread+0x328/0x630 [ 19.248853] ret_from_fork+0x10/0x20 [ 19.248918] [ 19.248939] Allocated by task 265: [ 19.248970] kasan_save_stack+0x3c/0x68 [ 19.249013] kasan_save_track+0x20/0x40 [ 19.249428] kasan_save_alloc_info+0x40/0x58 [ 19.249568] __kasan_kmalloc+0xd4/0xd8 [ 19.249818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.250058] kasan_atomics+0xb8/0x2e0 [ 19.250212] kunit_try_run_case+0x170/0x3f0 [ 19.250274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.250355] kthread+0x328/0x630 [ 19.250489] ret_from_fork+0x10/0x20 [ 19.250528] [ 19.250552] The buggy address belongs to the object at fff00000c79fb480 [ 19.250552] which belongs to the cache kmalloc-64 of size 64 [ 19.250625] The buggy address is located 0 bytes to the right of [ 19.250625] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.250690] [ 19.250846] The buggy address belongs to the physical page: [ 19.250964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.251064] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.251467] page_type: f5(slab) [ 19.251560] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.251661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.251704] page dumped because: kasan: bad access detected [ 19.251763] [ 19.251785] Memory state around the buggy address: [ 19.251820] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.252040] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.252170] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.252266] ^ [ 19.252330] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.252375] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.252597] ================================================================== [ 19.276966] ================================================================== [ 19.277048] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.277111] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.277164] [ 19.277199] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.277279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.277333] Hardware name: linux,dummy-virt (DT) [ 19.277365] Call trace: [ 19.277390] show_stack+0x20/0x38 (C) [ 19.277439] dump_stack_lvl+0x8c/0xd0 [ 19.277489] print_report+0x118/0x5d0 [ 19.277535] kasan_report+0xdc/0x128 [ 19.277717] __asan_report_store8_noabort+0x20/0x30 [ 19.277795] kasan_atomics_helper+0x3e5c/0x4858 [ 19.277958] kasan_atomics+0x198/0x2e0 [ 19.278050] kunit_try_run_case+0x170/0x3f0 [ 19.278102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.278156] kthread+0x328/0x630 [ 19.278204] ret_from_fork+0x10/0x20 [ 19.278255] [ 19.278469] Allocated by task 265: [ 19.278618] kasan_save_stack+0x3c/0x68 [ 19.278671] kasan_save_track+0x20/0x40 [ 19.278783] kasan_save_alloc_info+0x40/0x58 [ 19.278826] __kasan_kmalloc+0xd4/0xd8 [ 19.278907] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.278950] kasan_atomics+0xb8/0x2e0 [ 19.278988] kunit_try_run_case+0x170/0x3f0 [ 19.279034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.279111] kthread+0x328/0x630 [ 19.279145] ret_from_fork+0x10/0x20 [ 19.279183] [ 19.279205] The buggy address belongs to the object at fff00000c79fb480 [ 19.279205] which belongs to the cache kmalloc-64 of size 64 [ 19.279269] The buggy address is located 0 bytes to the right of [ 19.279269] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.279345] [ 19.279369] The buggy address belongs to the physical page: [ 19.279410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.279479] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.279530] page_type: f5(slab) [ 19.279570] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.279630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.279678] page dumped because: kasan: bad access detected [ 19.279714] [ 19.279733] Memory state around the buggy address: [ 19.279798] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.279842] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.279896] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.279936] ^ [ 19.279969] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.280052] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.280092] ================================================================== [ 19.253605] ================================================================== [ 19.253713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.253788] Read of size 4 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.253899] [ 19.253966] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.254087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.254134] Hardware name: linux,dummy-virt (DT) [ 19.254345] Call trace: [ 19.254451] show_stack+0x20/0x38 (C) [ 19.254513] dump_stack_lvl+0x8c/0xd0 [ 19.254626] print_report+0x118/0x5d0 [ 19.254692] kasan_report+0xdc/0x128 [ 19.254757] __asan_report_load4_noabort+0x20/0x30 [ 19.254839] kasan_atomics_helper+0x3e04/0x4858 [ 19.254921] kasan_atomics+0x198/0x2e0 [ 19.254972] kunit_try_run_case+0x170/0x3f0 [ 19.255038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.255236] kthread+0x328/0x630 [ 19.255286] ret_from_fork+0x10/0x20 [ 19.255337] [ 19.255360] Allocated by task 265: [ 19.255392] kasan_save_stack+0x3c/0x68 [ 19.255522] kasan_save_track+0x20/0x40 [ 19.255590] kasan_save_alloc_info+0x40/0x58 [ 19.255634] __kasan_kmalloc+0xd4/0xd8 [ 19.255711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.256050] kasan_atomics+0xb8/0x2e0 [ 19.256185] kunit_try_run_case+0x170/0x3f0 [ 19.256269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.256347] kthread+0x328/0x630 [ 19.256382] ret_from_fork+0x10/0x20 [ 19.256419] [ 19.256449] The buggy address belongs to the object at fff00000c79fb480 [ 19.256449] which belongs to the cache kmalloc-64 of size 64 [ 19.256510] The buggy address is located 0 bytes to the right of [ 19.256510] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.256576] [ 19.256599] The buggy address belongs to the physical page: [ 19.256682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.256741] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.256793] page_type: f5(slab) [ 19.256833] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.256899] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.256940] page dumped because: kasan: bad access detected [ 19.257124] [ 19.257229] Memory state around the buggy address: [ 19.257306] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.257386] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.257475] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.257810] ^ [ 19.257896] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.257953] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.258041] ================================================================== [ 19.082907] ================================================================== [ 19.082985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 19.085069] [ 19.085235] page_type: f5(slab) [ 19.085276] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.085328] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.085380] page dumped because: kasan: bad access detected [ 19.088743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.088789] kthread+0x328/0x630 [ 19.088874] ret_from_fork+0x10/0x20 [ 19.090103] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.090747] [ 19.091669] __kasan_check_read+0x20/0x30 [ 19.092618] kthread+0x328/0x630 [ 19.092921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.094643] Write of size 4 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.097039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.099537] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 19.100756] kasan_save_stack+0x3c/0x68 [ 19.101742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.101793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.101841] page_type: f5(slab) [ 19.101903] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.102038] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.102230] page dumped because: kasan: bad access detected [ 19.102290] [ 19.102362] Memory state around the buggy address: [ 19.102396] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.102480] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.102856] ================================================================== [ 19.342635] ================================================================== [ 19.342764] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.342828] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.342913] [ 19.342956] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.343039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.343067] Hardware name: linux,dummy-virt (DT) [ 19.343102] Call trace: [ 19.343128] show_stack+0x20/0x38 (C) [ 19.343179] dump_stack_lvl+0x8c/0xd0 [ 19.343233] print_report+0x118/0x5d0 [ 19.343293] kasan_report+0xdc/0x128 [ 19.343341] kasan_check_range+0x100/0x1a8 [ 19.343389] __kasan_check_write+0x20/0x30 [ 19.343435] kasan_atomics_helper+0x1384/0x4858 [ 19.343488] kasan_atomics+0x198/0x2e0 [ 19.343534] kunit_try_run_case+0x170/0x3f0 [ 19.343592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.343654] kthread+0x328/0x630 [ 19.343695] ret_from_fork+0x10/0x20 [ 19.343750] [ 19.343778] Allocated by task 265: [ 19.343808] kasan_save_stack+0x3c/0x68 [ 19.343877] kasan_save_track+0x20/0x40 [ 19.343918] kasan_save_alloc_info+0x40/0x58 [ 19.343966] __kasan_kmalloc+0xd4/0xd8 [ 19.344013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.344056] kasan_atomics+0xb8/0x2e0 [ 19.344092] kunit_try_run_case+0x170/0x3f0 [ 19.344138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.344189] kthread+0x328/0x630 [ 19.344224] ret_from_fork+0x10/0x20 [ 19.344261] [ 19.344284] The buggy address belongs to the object at fff00000c79fb480 [ 19.344284] which belongs to the cache kmalloc-64 of size 64 [ 19.344344] The buggy address is located 0 bytes to the right of [ 19.344344] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.344409] [ 19.344433] The buggy address belongs to the physical page: [ 19.344490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.344547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.344597] page_type: f5(slab) [ 19.344638] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.344691] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.344733] page dumped because: kasan: bad access detected [ 19.344766] [ 19.344787] Memory state around the buggy address: [ 19.344821] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.344876] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.344920] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.344961] ^ [ 19.344993] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.345036] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.345074] ================================================================== [ 19.359282] ================================================================== [ 19.359338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.359385] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.359436] [ 19.359466] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.359546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.359574] Hardware name: linux,dummy-virt (DT) [ 19.359607] Call trace: [ 19.359660] show_stack+0x20/0x38 (C) [ 19.359714] dump_stack_lvl+0x8c/0xd0 [ 19.359770] print_report+0x118/0x5d0 [ 19.359834] kasan_report+0xdc/0x128 [ 19.359931] kasan_check_range+0x100/0x1a8 [ 19.360009] __kasan_check_write+0x20/0x30 [ 19.360086] kasan_atomics_helper+0x154c/0x4858 [ 19.360146] kasan_atomics+0x198/0x2e0 [ 19.360192] kunit_try_run_case+0x170/0x3f0 [ 19.360239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.360292] kthread+0x328/0x630 [ 19.360334] ret_from_fork+0x10/0x20 [ 19.360394] [ 19.360446] Allocated by task 265: [ 19.360508] kasan_save_stack+0x3c/0x68 [ 19.360595] kasan_save_track+0x20/0x40 [ 19.360634] kasan_save_alloc_info+0x40/0x58 [ 19.360694] __kasan_kmalloc+0xd4/0xd8 [ 19.360734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.360774] kasan_atomics+0xb8/0x2e0 [ 19.361161] kunit_try_run_case+0x170/0x3f0 [ 19.361242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.361324] kthread+0x328/0x630 [ 19.361397] ret_from_fork+0x10/0x20 [ 19.361486] [ 19.361543] The buggy address belongs to the object at fff00000c79fb480 [ 19.361543] which belongs to the cache kmalloc-64 of size 64 [ 19.361825] The buggy address is located 0 bytes to the right of [ 19.361825] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.361953] [ 19.361975] The buggy address belongs to the physical page: [ 19.362009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.362110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.362451] page_type: f5(slab) [ 19.362529] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.362600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.362811] page dumped because: kasan: bad access detected [ 19.362909] [ 19.362958] Memory state around the buggy address: [ 19.363028] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.363115] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.363183] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.363250] ^ [ 19.363307] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.363351] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.363390] ================================================================== [ 19.310971] ================================================================== [ 19.311027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.311077] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.311127] [ 19.311158] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.311247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.311276] Hardware name: linux,dummy-virt (DT) [ 19.311309] Call trace: [ 19.311333] show_stack+0x20/0x38 (C) [ 19.311382] dump_stack_lvl+0x8c/0xd0 [ 19.311431] print_report+0x118/0x5d0 [ 19.311479] kasan_report+0xdc/0x128 [ 19.311524] kasan_check_range+0x100/0x1a8 [ 19.311573] __kasan_check_write+0x20/0x30 [ 19.311618] kasan_atomics_helper+0x1128/0x4858 [ 19.311666] kasan_atomics+0x198/0x2e0 [ 19.311711] kunit_try_run_case+0x170/0x3f0 [ 19.315405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.315475] kthread+0x328/0x630 [ 19.315521] ret_from_fork+0x10/0x20 [ 19.315570] [ 19.315591] Allocated by task 265: [ 19.315622] kasan_save_stack+0x3c/0x68 [ 19.315665] kasan_save_track+0x20/0x40 [ 19.315703] kasan_save_alloc_info+0x40/0x58 [ 19.315745] __kasan_kmalloc+0xd4/0xd8 [ 19.315783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.315824] kasan_atomics+0xb8/0x2e0 [ 19.315874] kunit_try_run_case+0x170/0x3f0 [ 19.315914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.315960] kthread+0x328/0x630 [ 19.315993] ret_from_fork+0x10/0x20 [ 19.316029] [ 19.316050] The buggy address belongs to the object at fff00000c79fb480 [ 19.316050] which belongs to the cache kmalloc-64 of size 64 [ 19.316109] The buggy address is located 0 bytes to the right of [ 19.316109] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.316174] [ 19.316197] The buggy address belongs to the physical page: [ 19.316230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.316286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.316338] page_type: f5(slab) [ 19.316376] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.316428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.316471] page dumped because: kasan: bad access detected [ 19.316506] [ 19.316526] Memory state around the buggy address: [ 19.316559] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.316604] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.316648] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.316706] ^ [ 19.316768] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.316820] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.316873] ================================================================== [ 19.392285] ================================================================== [ 19.392334] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.392382] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.392617] [ 19.392662] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.392747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.392776] Hardware name: linux,dummy-virt (DT) [ 19.392807] Call trace: [ 19.392830] show_stack+0x20/0x38 (C) [ 19.392894] dump_stack_lvl+0x8c/0xd0 [ 19.392942] print_report+0x118/0x5d0 [ 19.392989] kasan_report+0xdc/0x128 [ 19.393217] kasan_check_range+0x100/0x1a8 [ 19.393397] __kasan_check_write+0x20/0x30 [ 19.393457] kasan_atomics_helper+0x175c/0x4858 [ 19.393551] kasan_atomics+0x198/0x2e0 [ 19.393615] kunit_try_run_case+0x170/0x3f0 [ 19.393670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393733] kthread+0x328/0x630 [ 19.393780] ret_from_fork+0x10/0x20 [ 19.393829] [ 19.393849] Allocated by task 265: [ 19.393900] kasan_save_stack+0x3c/0x68 [ 19.393952] kasan_save_track+0x20/0x40 [ 19.393999] kasan_save_alloc_info+0x40/0x58 [ 19.394041] __kasan_kmalloc+0xd4/0xd8 [ 19.394079] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.394121] kasan_atomics+0xb8/0x2e0 [ 19.394159] kunit_try_run_case+0x170/0x3f0 [ 19.394208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.394254] kthread+0x328/0x630 [ 19.394288] ret_from_fork+0x10/0x20 [ 19.394324] [ 19.394344] The buggy address belongs to the object at fff00000c79fb480 [ 19.394344] which belongs to the cache kmalloc-64 of size 64 [ 19.394411] The buggy address is located 0 bytes to the right of [ 19.394411] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.394477] [ 19.394500] The buggy address belongs to the physical page: [ 19.394532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.394591] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.394639] page_type: f5(slab) [ 19.394687] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.394740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.394790] page dumped because: kasan: bad access detected [ 19.394825] [ 19.394845] Memory state around the buggy address: [ 19.395314] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.395370] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.395426] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.395750] ^ [ 19.396122] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.396377] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.396605] ================================================================== [ 19.382226] ================================================================== [ 19.382370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.382429] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.382497] [ 19.382543] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.382632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.382663] Hardware name: linux,dummy-virt (DT) [ 19.382702] Call trace: [ 19.382755] show_stack+0x20/0x38 (C) [ 19.382810] dump_stack_lvl+0x8c/0xd0 [ 19.382895] print_report+0x118/0x5d0 [ 19.383057] kasan_report+0xdc/0x128 [ 19.383104] kasan_check_range+0x100/0x1a8 [ 19.383158] __kasan_check_write+0x20/0x30 [ 19.383204] kasan_atomics_helper+0x16d0/0x4858 [ 19.383429] kasan_atomics+0x198/0x2e0 [ 19.383545] kunit_try_run_case+0x170/0x3f0 [ 19.383616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383689] kthread+0x328/0x630 [ 19.383734] ret_from_fork+0x10/0x20 [ 19.383789] [ 19.383831] Allocated by task 265: [ 19.383949] kasan_save_stack+0x3c/0x68 [ 19.384004] kasan_save_track+0x20/0x40 [ 19.384044] kasan_save_alloc_info+0x40/0x58 [ 19.384110] __kasan_kmalloc+0xd4/0xd8 [ 19.384150] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.384191] kasan_atomics+0xb8/0x2e0 [ 19.384550] kunit_try_run_case+0x170/0x3f0 [ 19.384715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.384780] kthread+0x328/0x630 [ 19.384844] ret_from_fork+0x10/0x20 [ 19.385277] [ 19.385518] The buggy address belongs to the object at fff00000c79fb480 [ 19.385518] which belongs to the cache kmalloc-64 of size 64 [ 19.385660] The buggy address is located 0 bytes to the right of [ 19.385660] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.385745] [ 19.385770] The buggy address belongs to the physical page: [ 19.385825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.385893] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.385992] page_type: f5(slab) [ 19.386051] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.386103] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.386146] page dumped because: kasan: bad access detected [ 19.386181] [ 19.386201] Memory state around the buggy address: [ 19.386234] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.386279] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.386494] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.386594] ^ [ 19.386667] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.386748] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.387080] ================================================================== [ 19.354243] ================================================================== [ 19.354296] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.354344] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.354395] [ 19.354427] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.354507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.354536] Hardware name: linux,dummy-virt (DT) [ 19.354570] Call trace: [ 19.354596] show_stack+0x20/0x38 (C) [ 19.354644] dump_stack_lvl+0x8c/0xd0 [ 19.354691] print_report+0x118/0x5d0 [ 19.354739] kasan_report+0xdc/0x128 [ 19.354785] kasan_check_range+0x100/0x1a8 [ 19.354835] __kasan_check_write+0x20/0x30 [ 19.354895] kasan_atomics_helper+0x147c/0x4858 [ 19.354944] kasan_atomics+0x198/0x2e0 [ 19.354990] kunit_try_run_case+0x170/0x3f0 [ 19.355036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.355089] kthread+0x328/0x630 [ 19.355133] ret_from_fork+0x10/0x20 [ 19.355180] [ 19.355201] Allocated by task 265: [ 19.355237] kasan_save_stack+0x3c/0x68 [ 19.355278] kasan_save_track+0x20/0x40 [ 19.355318] kasan_save_alloc_info+0x40/0x58 [ 19.355358] __kasan_kmalloc+0xd4/0xd8 [ 19.355397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.355437] kasan_atomics+0xb8/0x2e0 [ 19.355475] kunit_try_run_case+0x170/0x3f0 [ 19.355513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.355559] kthread+0x328/0x630 [ 19.355592] ret_from_fork+0x10/0x20 [ 19.355630] [ 19.355651] The buggy address belongs to the object at fff00000c79fb480 [ 19.355651] which belongs to the cache kmalloc-64 of size 64 [ 19.355710] The buggy address is located 0 bytes to the right of [ 19.355710] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.355776] [ 19.355797] The buggy address belongs to the physical page: [ 19.355830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.355892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.355939] page_type: f5(slab) [ 19.355978] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.356041] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.356085] page dumped because: kasan: bad access detected [ 19.356126] [ 19.356156] Memory state around the buggy address: [ 19.356188] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.356233] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.356277] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.356317] ^ [ 19.356349] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356392] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.356430] ================================================================== [ 19.329373] ================================================================== [ 19.329428] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.329521] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.329589] [ 19.329624] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.329720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.329757] Hardware name: linux,dummy-virt (DT) [ 19.329790] Call trace: [ 19.329831] show_stack+0x20/0x38 (C) [ 19.330105] dump_stack_lvl+0x8c/0xd0 [ 19.330180] print_report+0x118/0x5d0 [ 19.330234] kasan_report+0xdc/0x128 [ 19.330291] kasan_check_range+0x100/0x1a8 [ 19.330357] __kasan_check_write+0x20/0x30 [ 19.330413] kasan_atomics_helper+0x126c/0x4858 [ 19.330468] kasan_atomics+0x198/0x2e0 [ 19.330534] kunit_try_run_case+0x170/0x3f0 [ 19.330590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.330643] kthread+0x328/0x630 [ 19.330710] ret_from_fork+0x10/0x20 [ 19.330777] [ 19.330805] Allocated by task 265: [ 19.330843] kasan_save_stack+0x3c/0x68 [ 19.330908] kasan_save_track+0x20/0x40 [ 19.330947] kasan_save_alloc_info+0x40/0x58 [ 19.330989] __kasan_kmalloc+0xd4/0xd8 [ 19.331026] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.331068] kasan_atomics+0xb8/0x2e0 [ 19.331104] kunit_try_run_case+0x170/0x3f0 [ 19.331144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.331187] kthread+0x328/0x630 [ 19.331331] ret_from_fork+0x10/0x20 [ 19.331403] [ 19.331429] The buggy address belongs to the object at fff00000c79fb480 [ 19.331429] which belongs to the cache kmalloc-64 of size 64 [ 19.331496] The buggy address is located 0 bytes to the right of [ 19.331496] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.331571] [ 19.331595] The buggy address belongs to the physical page: [ 19.331633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.331687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.331737] page_type: f5(slab) [ 19.331776] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.331846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.331912] page dumped because: kasan: bad access detected [ 19.332065] [ 19.332105] Memory state around the buggy address: [ 19.332191] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.332246] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.332292] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.332334] ^ [ 19.332370] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.332412] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.332452] ================================================================== [ 19.387431] ================================================================== [ 19.387480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.387531] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.387686] [ 19.387763] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.388106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.388161] Hardware name: linux,dummy-virt (DT) [ 19.388202] Call trace: [ 19.388246] show_stack+0x20/0x38 (C) [ 19.388300] dump_stack_lvl+0x8c/0xd0 [ 19.388362] print_report+0x118/0x5d0 [ 19.388420] kasan_report+0xdc/0x128 [ 19.388467] __asan_report_load8_noabort+0x20/0x30 [ 19.388519] kasan_atomics_helper+0x3e10/0x4858 [ 19.388596] kasan_atomics+0x198/0x2e0 [ 19.388646] kunit_try_run_case+0x170/0x3f0 [ 19.388694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388748] kthread+0x328/0x630 [ 19.388817] ret_from_fork+0x10/0x20 [ 19.389074] [ 19.389114] Allocated by task 265: [ 19.389175] kasan_save_stack+0x3c/0x68 [ 19.389303] kasan_save_track+0x20/0x40 [ 19.389377] kasan_save_alloc_info+0x40/0x58 [ 19.389430] __kasan_kmalloc+0xd4/0xd8 [ 19.389486] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.389810] kasan_atomics+0xb8/0x2e0 [ 19.389890] kunit_try_run_case+0x170/0x3f0 [ 19.390006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.390097] kthread+0x328/0x630 [ 19.390160] ret_from_fork+0x10/0x20 [ 19.390278] [ 19.390321] The buggy address belongs to the object at fff00000c79fb480 [ 19.390321] which belongs to the cache kmalloc-64 of size 64 [ 19.390399] The buggy address is located 0 bytes to the right of [ 19.390399] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.390485] [ 19.390509] The buggy address belongs to the physical page: [ 19.390541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.390839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.391025] page_type: f5(slab) [ 19.391110] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.391307] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.391480] page dumped because: kasan: bad access detected [ 19.391544] [ 19.391593] Memory state around the buggy address: [ 19.391722] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.391815] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.391870] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.391910] ^ [ 19.391973] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.392019] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.392058] ================================================================== [ 19.396800] ================================================================== [ 19.396893] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.396945] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.397210] [ 19.397287] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.397433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.397468] Hardware name: linux,dummy-virt (DT) [ 19.397526] Call trace: [ 19.397551] show_stack+0x20/0x38 (C) [ 19.397604] dump_stack_lvl+0x8c/0xd0 [ 19.397918] print_report+0x118/0x5d0 [ 19.397995] kasan_report+0xdc/0x128 [ 19.398051] __asan_report_load8_noabort+0x20/0x30 [ 19.398103] kasan_atomics_helper+0x3e20/0x4858 [ 19.398226] kasan_atomics+0x198/0x2e0 [ 19.398311] kunit_try_run_case+0x170/0x3f0 [ 19.398367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.398439] kthread+0x328/0x630 [ 19.398524] ret_from_fork+0x10/0x20 [ 19.398579] [ 19.398608] Allocated by task 265: [ 19.398647] kasan_save_stack+0x3c/0x68 [ 19.398689] kasan_save_track+0x20/0x40 [ 19.398728] kasan_save_alloc_info+0x40/0x58 [ 19.398928] __kasan_kmalloc+0xd4/0xd8 [ 19.398972] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.399099] kasan_atomics+0xb8/0x2e0 [ 19.399158] kunit_try_run_case+0x170/0x3f0 [ 19.399227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.399381] kthread+0x328/0x630 [ 19.399418] ret_from_fork+0x10/0x20 [ 19.399456] [ 19.399584] The buggy address belongs to the object at fff00000c79fb480 [ 19.399584] which belongs to the cache kmalloc-64 of size 64 [ 19.399679] The buggy address is located 0 bytes to the right of [ 19.399679] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.399890] [ 19.399935] The buggy address belongs to the physical page: [ 19.400002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.400143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.400232] page_type: f5(slab) [ 19.400306] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.400444] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.400488] page dumped because: kasan: bad access detected [ 19.400523] [ 19.400542] Memory state around the buggy address: [ 19.400576] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.400623] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.400668] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.401039] ^ [ 19.401175] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.401250] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.401293] ================================================================== [ 19.244803] ================================================================== [ 19.244856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.244926] Read of size 4 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.244977] [ 19.245009] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.245091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.245118] Hardware name: linux,dummy-virt (DT) [ 19.245151] Call trace: [ 19.245174] show_stack+0x20/0x38 (C) [ 19.245223] dump_stack_lvl+0x8c/0xd0 [ 19.245271] print_report+0x118/0x5d0 [ 19.245318] kasan_report+0xdc/0x128 [ 19.245364] __asan_report_load4_noabort+0x20/0x30 [ 19.245417] kasan_atomics_helper+0x3dd8/0x4858 [ 19.245465] kasan_atomics+0x198/0x2e0 [ 19.245510] kunit_try_run_case+0x170/0x3f0 [ 19.245558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.245612] kthread+0x328/0x630 [ 19.245656] ret_from_fork+0x10/0x20 [ 19.245705] [ 19.245725] Allocated by task 265: [ 19.245755] kasan_save_stack+0x3c/0x68 [ 19.245796] kasan_save_track+0x20/0x40 [ 19.245837] kasan_save_alloc_info+0x40/0x58 [ 19.245892] __kasan_kmalloc+0xd4/0xd8 [ 19.245932] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.245973] kasan_atomics+0xb8/0x2e0 [ 19.246022] kunit_try_run_case+0x170/0x3f0 [ 19.246062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.246113] kthread+0x328/0x630 [ 19.246148] ret_from_fork+0x10/0x20 [ 19.246187] [ 19.246207] The buggy address belongs to the object at fff00000c79fb480 [ 19.246207] which belongs to the cache kmalloc-64 of size 64 [ 19.246265] The buggy address is located 0 bytes to the right of [ 19.246265] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.246330] [ 19.246351] The buggy address belongs to the physical page: [ 19.246395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.246456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.246506] page_type: f5(slab) [ 19.246543] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.246594] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.246644] page dumped because: kasan: bad access detected [ 19.246678] [ 19.246697] Memory state around the buggy address: [ 19.246729] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.246779] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.246825] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.246880] ^ [ 19.246913] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.246956] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.246997] ================================================================== [ 19.285654] ================================================================== [ 19.285731] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.285784] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.285911] [ 19.285946] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.286110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.286140] Hardware name: linux,dummy-virt (DT) [ 19.286269] Call trace: [ 19.286324] show_stack+0x20/0x38 (C) [ 19.286422] dump_stack_lvl+0x8c/0xd0 [ 19.286499] print_report+0x118/0x5d0 [ 19.286571] kasan_report+0xdc/0x128 [ 19.286650] kasan_check_range+0x100/0x1a8 [ 19.286726] __kasan_check_write+0x20/0x30 [ 19.286771] kasan_atomics_helper+0xf20/0x4858 [ 19.286832] kasan_atomics+0x198/0x2e0 [ 19.286927] kunit_try_run_case+0x170/0x3f0 [ 19.286977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.287029] kthread+0x328/0x630 [ 19.287164] ret_from_fork+0x10/0x20 [ 19.287211] [ 19.287374] Allocated by task 265: [ 19.287443] kasan_save_stack+0x3c/0x68 [ 19.287506] kasan_save_track+0x20/0x40 [ 19.287547] kasan_save_alloc_info+0x40/0x58 [ 19.287588] __kasan_kmalloc+0xd4/0xd8 [ 19.287627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.287669] kasan_atomics+0xb8/0x2e0 [ 19.287716] kunit_try_run_case+0x170/0x3f0 [ 19.287792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.287838] kthread+0x328/0x630 [ 19.288024] ret_from_fork+0x10/0x20 [ 19.288123] [ 19.288158] The buggy address belongs to the object at fff00000c79fb480 [ 19.288158] which belongs to the cache kmalloc-64 of size 64 [ 19.288282] The buggy address is located 0 bytes to the right of [ 19.288282] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.288399] [ 19.288421] The buggy address belongs to the physical page: [ 19.288455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.288653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.288705] page_type: f5(slab) [ 19.288745] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.289022] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.289149] page dumped because: kasan: bad access detected [ 19.289266] [ 19.289336] Memory state around the buggy address: [ 19.292180] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.292252] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.292296] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.292336] ^ [ 19.292371] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292415] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.292455] ================================================================== [ 19.258822] ================================================================== [ 19.258942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.258996] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.259079] [ 19.259114] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.259196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.259254] Hardware name: linux,dummy-virt (DT) [ 19.259289] Call trace: [ 19.259341] show_stack+0x20/0x38 (C) [ 19.259392] dump_stack_lvl+0x8c/0xd0 [ 19.259439] print_report+0x118/0x5d0 [ 19.259486] kasan_report+0xdc/0x128 [ 19.259531] kasan_check_range+0x100/0x1a8 [ 19.259700] __kasan_check_read+0x20/0x30 [ 19.259830] kasan_atomics_helper+0xdd4/0x4858 [ 19.259960] kasan_atomics+0x198/0x2e0 [ 19.260040] kunit_try_run_case+0x170/0x3f0 [ 19.260225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.260337] kthread+0x328/0x630 [ 19.260405] ret_from_fork+0x10/0x20 [ 19.260588] [ 19.260648] Allocated by task 265: [ 19.261034] kasan_save_stack+0x3c/0x68 [ 19.261136] kasan_save_track+0x20/0x40 [ 19.261225] kasan_save_alloc_info+0x40/0x58 [ 19.261311] __kasan_kmalloc+0xd4/0xd8 [ 19.261402] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.261475] kasan_atomics+0xb8/0x2e0 [ 19.261513] kunit_try_run_case+0x170/0x3f0 [ 19.261577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.261625] kthread+0x328/0x630 [ 19.261694] ret_from_fork+0x10/0x20 [ 19.261733] [ 19.261755] The buggy address belongs to the object at fff00000c79fb480 [ 19.261755] which belongs to the cache kmalloc-64 of size 64 [ 19.261816] The buggy address is located 0 bytes to the right of [ 19.261816] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.261894] [ 19.261918] The buggy address belongs to the physical page: [ 19.262074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.262210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.262325] page_type: f5(slab) [ 19.262575] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.262700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.262821] page dumped because: kasan: bad access detected [ 19.262914] [ 19.263036] Memory state around the buggy address: [ 19.263072] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.263117] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.266228] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.266280] ^ [ 19.266318] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.266362] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.266402] ================================================================== [ 19.266901] ================================================================== [ 19.266956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.267009] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.267059] [ 19.267092] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.267174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.267201] Hardware name: linux,dummy-virt (DT) [ 19.267243] Call trace: [ 19.267266] show_stack+0x20/0x38 (C) [ 19.267316] dump_stack_lvl+0x8c/0xd0 [ 19.267364] print_report+0x118/0x5d0 [ 19.267412] kasan_report+0xdc/0x128 [ 19.267457] __asan_report_load8_noabort+0x20/0x30 [ 19.267537] kasan_atomics_helper+0x3f58/0x4858 [ 19.267588] kasan_atomics+0x198/0x2e0 [ 19.267949] kunit_try_run_case+0x170/0x3f0 [ 19.268053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.268199] kthread+0x328/0x630 [ 19.268253] ret_from_fork+0x10/0x20 [ 19.268312] [ 19.268334] Allocated by task 265: [ 19.268365] kasan_save_stack+0x3c/0x68 [ 19.268407] kasan_save_track+0x20/0x40 [ 19.268585] kasan_save_alloc_info+0x40/0x58 [ 19.268637] __kasan_kmalloc+0xd4/0xd8 [ 19.268676] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.268800] kasan_atomics+0xb8/0x2e0 [ 19.268882] kunit_try_run_case+0x170/0x3f0 [ 19.268976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.269170] kthread+0x328/0x630 [ 19.269464] ret_from_fork+0x10/0x20 [ 19.269562] [ 19.269612] The buggy address belongs to the object at fff00000c79fb480 [ 19.269612] which belongs to the cache kmalloc-64 of size 64 [ 19.269712] The buggy address is located 0 bytes to the right of [ 19.269712] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.269791] [ 19.269815] The buggy address belongs to the physical page: [ 19.269848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.270183] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.270393] page_type: f5(slab) [ 19.270435] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.270488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.270745] page dumped because: kasan: bad access detected [ 19.270823] [ 19.270991] Memory state around the buggy address: [ 19.271057] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.271101] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.271147] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.271786] ^ [ 19.271832] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.271892] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.271933] ================================================================== [ 19.272543] ================================================================== [ 19.272599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.272651] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.272701] [ 19.272735] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.272815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.272844] Hardware name: linux,dummy-virt (DT) [ 19.272894] Call trace: [ 19.272918] show_stack+0x20/0x38 (C) [ 19.272966] dump_stack_lvl+0x8c/0xd0 [ 19.273014] print_report+0x118/0x5d0 [ 19.273061] kasan_report+0xdc/0x128 [ 19.273106] kasan_check_range+0x100/0x1a8 [ 19.273155] __kasan_check_write+0x20/0x30 [ 19.273203] kasan_atomics_helper+0xe44/0x4858 [ 19.273254] kasan_atomics+0x198/0x2e0 [ 19.273298] kunit_try_run_case+0x170/0x3f0 [ 19.273346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.273397] kthread+0x328/0x630 [ 19.273441] ret_from_fork+0x10/0x20 [ 19.273488] [ 19.273508] Allocated by task 265: [ 19.273537] kasan_save_stack+0x3c/0x68 [ 19.273579] kasan_save_track+0x20/0x40 [ 19.273618] kasan_save_alloc_info+0x40/0x58 [ 19.273661] __kasan_kmalloc+0xd4/0xd8 [ 19.273699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.273741] kasan_atomics+0xb8/0x2e0 [ 19.273778] kunit_try_run_case+0x170/0x3f0 [ 19.273817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.275767] kthread+0x328/0x630 [ 19.275819] ret_from_fork+0x10/0x20 [ 19.275870] [ 19.275893] The buggy address belongs to the object at fff00000c79fb480 [ 19.275893] which belongs to the cache kmalloc-64 of size 64 [ 19.275954] The buggy address is located 0 bytes to the right of [ 19.275954] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.276020] [ 19.276042] The buggy address belongs to the physical page: [ 19.276078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.276135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.276186] page_type: f5(slab) [ 19.276227] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.276278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.276321] page dumped because: kasan: bad access detected [ 19.276355] [ 19.276375] Memory state around the buggy address: [ 19.276408] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.276451] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.276496] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.276536] ^ [ 19.276570] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.276612] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.276652] ================================================================== [ 19.301325] ================================================================== [ 19.301402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.301455] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.301548] [ 19.301611] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.301732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301763] Hardware name: linux,dummy-virt (DT) [ 19.301845] Call trace: [ 19.301902] show_stack+0x20/0x38 (C) [ 19.301953] dump_stack_lvl+0x8c/0xd0 [ 19.302002] print_report+0x118/0x5d0 [ 19.302242] kasan_report+0xdc/0x128 [ 19.302302] kasan_check_range+0x100/0x1a8 [ 19.302408] __kasan_check_write+0x20/0x30 [ 19.302484] kasan_atomics_helper+0x1058/0x4858 [ 19.302536] kasan_atomics+0x198/0x2e0 [ 19.302611] kunit_try_run_case+0x170/0x3f0 [ 19.302660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302880] kthread+0x328/0x630 [ 19.302959] ret_from_fork+0x10/0x20 [ 19.303038] [ 19.303096] Allocated by task 265: [ 19.303154] kasan_save_stack+0x3c/0x68 [ 19.303227] kasan_save_track+0x20/0x40 [ 19.303292] kasan_save_alloc_info+0x40/0x58 [ 19.303335] __kasan_kmalloc+0xd4/0xd8 [ 19.303372] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.303460] kasan_atomics+0xb8/0x2e0 [ 19.303568] kunit_try_run_case+0x170/0x3f0 [ 19.303608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.303655] kthread+0x328/0x630 [ 19.303689] ret_from_fork+0x10/0x20 [ 19.304221] [ 19.304736] The buggy address belongs to the object at fff00000c79fb480 [ 19.304736] which belongs to the cache kmalloc-64 of size 64 [ 19.304800] The buggy address is located 0 bytes to the right of [ 19.304800] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.304878] [ 19.304902] The buggy address belongs to the physical page: [ 19.304934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.304990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.305040] page_type: f5(slab) [ 19.305080] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.305132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.305174] page dumped because: kasan: bad access detected [ 19.305207] [ 19.305229] Memory state around the buggy address: [ 19.305262] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305305] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305350] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.305389] ^ [ 19.305422] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305466] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305506] ================================================================== [ 19.349471] ================================================================== [ 19.349751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.349844] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.349906] [ 19.349965] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.350046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.350079] Hardware name: linux,dummy-virt (DT) [ 19.350125] Call trace: [ 19.350151] show_stack+0x20/0x38 (C) [ 19.350212] dump_stack_lvl+0x8c/0xd0 [ 19.350338] print_report+0x118/0x5d0 [ 19.350515] kasan_report+0xdc/0x128 [ 19.350592] kasan_check_range+0x100/0x1a8 [ 19.350646] __kasan_check_write+0x20/0x30 [ 19.350693] kasan_atomics_helper+0x1414/0x4858 [ 19.350740] kasan_atomics+0x198/0x2e0 [ 19.350826] kunit_try_run_case+0x170/0x3f0 [ 19.350884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.350937] kthread+0x328/0x630 [ 19.350985] ret_from_fork+0x10/0x20 [ 19.351050] [ 19.351078] Allocated by task 265: [ 19.351115] kasan_save_stack+0x3c/0x68 [ 19.351158] kasan_save_track+0x20/0x40 [ 19.351216] kasan_save_alloc_info+0x40/0x58 [ 19.351259] __kasan_kmalloc+0xd4/0xd8 [ 19.351297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.351354] kasan_atomics+0xb8/0x2e0 [ 19.351399] kunit_try_run_case+0x170/0x3f0 [ 19.351455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.351499] kthread+0x328/0x630 [ 19.351534] ret_from_fork+0x10/0x20 [ 19.351570] [ 19.351592] The buggy address belongs to the object at fff00000c79fb480 [ 19.351592] which belongs to the cache kmalloc-64 of size 64 [ 19.351649] The buggy address is located 0 bytes to the right of [ 19.351649] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.351912] [ 19.351950] The buggy address belongs to the physical page: [ 19.352194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.352941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.353020] page_type: f5(slab) [ 19.353087] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.353422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.353468] page dumped because: kasan: bad access detected [ 19.353501] [ 19.353536] Memory state around the buggy address: [ 19.353573] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.353618] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.353694] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.353777] ^ [ 19.353836] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.353888] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.353948] ================================================================== [ 19.280894] ================================================================== [ 19.280948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.280998] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.281049] [ 19.281081] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.281162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.281189] Hardware name: linux,dummy-virt (DT) [ 19.281222] Call trace: [ 19.281245] show_stack+0x20/0x38 (C) [ 19.281292] dump_stack_lvl+0x8c/0xd0 [ 19.281339] print_report+0x118/0x5d0 [ 19.281455] kasan_report+0xdc/0x128 [ 19.281566] kasan_check_range+0x100/0x1a8 [ 19.281623] __kasan_check_write+0x20/0x30 [ 19.281724] kasan_atomics_helper+0xeb8/0x4858 [ 19.281778] kasan_atomics+0x198/0x2e0 [ 19.281914] kunit_try_run_case+0x170/0x3f0 [ 19.282019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.282106] kthread+0x328/0x630 [ 19.282154] ret_from_fork+0x10/0x20 [ 19.282265] [ 19.282397] Allocated by task 265: [ 19.282426] kasan_save_stack+0x3c/0x68 [ 19.282469] kasan_save_track+0x20/0x40 [ 19.282625] kasan_save_alloc_info+0x40/0x58 [ 19.282680] __kasan_kmalloc+0xd4/0xd8 [ 19.282776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.282819] kasan_atomics+0xb8/0x2e0 [ 19.282888] kunit_try_run_case+0x170/0x3f0 [ 19.282929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.282974] kthread+0x328/0x630 [ 19.283009] ret_from_fork+0x10/0x20 [ 19.283083] [ 19.283209] The buggy address belongs to the object at fff00000c79fb480 [ 19.283209] which belongs to the cache kmalloc-64 of size 64 [ 19.283273] The buggy address is located 0 bytes to the right of [ 19.283273] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.283338] [ 19.283487] The buggy address belongs to the physical page: [ 19.283547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.283603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.283651] page_type: f5(slab) [ 19.283691] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.283947] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.284083] page dumped because: kasan: bad access detected [ 19.284173] [ 19.284297] Memory state around the buggy address: [ 19.284383] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.284476] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.284599] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.284820] ^ [ 19.284958] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.285061] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.285112] ================================================================== [ 19.356536] ================================================================== [ 19.356587] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.356632] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.356684] [ 19.356712] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.356790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.356839] Hardware name: linux,dummy-virt (DT) [ 19.356883] Call trace: [ 19.356906] show_stack+0x20/0x38 (C) [ 19.356954] dump_stack_lvl+0x8c/0xd0 [ 19.357009] print_report+0x118/0x5d0 [ 19.357056] kasan_report+0xdc/0x128 [ 19.357106] kasan_check_range+0x100/0x1a8 [ 19.357155] __kasan_check_write+0x20/0x30 [ 19.357199] kasan_atomics_helper+0x14e4/0x4858 [ 19.357250] kasan_atomics+0x198/0x2e0 [ 19.357296] kunit_try_run_case+0x170/0x3f0 [ 19.357342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.357394] kthread+0x328/0x630 [ 19.357437] ret_from_fork+0x10/0x20 [ 19.357482] [ 19.357526] Allocated by task 265: [ 19.357565] kasan_save_stack+0x3c/0x68 [ 19.357606] kasan_save_track+0x20/0x40 [ 19.357653] kasan_save_alloc_info+0x40/0x58 [ 19.357694] __kasan_kmalloc+0xd4/0xd8 [ 19.357733] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.357774] kasan_atomics+0xb8/0x2e0 [ 19.357813] kunit_try_run_case+0x170/0x3f0 [ 19.357851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.357915] kthread+0x328/0x630 [ 19.357949] ret_from_fork+0x10/0x20 [ 19.357987] [ 19.358009] The buggy address belongs to the object at fff00000c79fb480 [ 19.358009] which belongs to the cache kmalloc-64 of size 64 [ 19.358068] The buggy address is located 0 bytes to the right of [ 19.358068] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.358132] [ 19.358153] The buggy address belongs to the physical page: [ 19.358186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.358237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.358284] page_type: f5(slab) [ 19.358322] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.358375] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.358417] page dumped because: kasan: bad access detected [ 19.358450] [ 19.358472] Memory state around the buggy address: [ 19.358504] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.358549] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.358593] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.358634] ^ [ 19.358666] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.358710] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.358748] ================================================================== [ 19.375919] ================================================================== [ 19.376054] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.376140] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.376267] [ 19.377247] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.377434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.377467] Hardware name: linux,dummy-virt (DT) [ 19.377619] Call trace: [ 19.377648] show_stack+0x20/0x38 (C) [ 19.377701] dump_stack_lvl+0x8c/0xd0 [ 19.377776] print_report+0x118/0x5d0 [ 19.377823] kasan_report+0xdc/0x128 [ 19.377882] __asan_report_load8_noabort+0x20/0x30 [ 19.377933] kasan_atomics_helper+0x3df4/0x4858 [ 19.377983] kasan_atomics+0x198/0x2e0 [ 19.378054] kunit_try_run_case+0x170/0x3f0 [ 19.378123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.378177] kthread+0x328/0x630 [ 19.378222] ret_from_fork+0x10/0x20 [ 19.378364] [ 19.378422] Allocated by task 265: [ 19.378502] kasan_save_stack+0x3c/0x68 [ 19.378743] kasan_save_track+0x20/0x40 [ 19.378848] kasan_save_alloc_info+0x40/0x58 [ 19.378997] __kasan_kmalloc+0xd4/0xd8 [ 19.379064] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.379127] kasan_atomics+0xb8/0x2e0 [ 19.379245] kunit_try_run_case+0x170/0x3f0 [ 19.379334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.379398] kthread+0x328/0x630 [ 19.379490] ret_from_fork+0x10/0x20 [ 19.379556] [ 19.379634] The buggy address belongs to the object at fff00000c79fb480 [ 19.379634] which belongs to the cache kmalloc-64 of size 64 [ 19.379793] The buggy address is located 0 bytes to the right of [ 19.379793] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.379871] [ 19.379986] The buggy address belongs to the physical page: [ 19.380061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.380186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.380274] page_type: f5(slab) [ 19.380383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.380459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.380553] page dumped because: kasan: bad access detected [ 19.380886] [ 19.380938] Memory state around the buggy address: [ 19.381015] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.381087] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.381132] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.381191] ^ [ 19.381227] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.381573] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.381629] ================================================================== [ 19.186538] ================================================================== [ 19.186657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.186711] Write of size 4 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.186762] [ 19.186795] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.186951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.186983] Hardware name: linux,dummy-virt (DT) [ 19.187015] Call trace: [ 19.187405] show_stack+0x20/0x38 (C) [ 19.187458] dump_stack_lvl+0x8c/0xd0 [ 19.187525] print_report+0x118/0x5d0 [ 19.187580] kasan_report+0xdc/0x128 [ 19.187638] kasan_check_range+0x100/0x1a8 [ 19.187705] __kasan_check_write+0x20/0x30 [ 19.187761] kasan_atomics_helper+0xa6c/0x4858 [ 19.187812] kasan_atomics+0x198/0x2e0 [ 19.187859] kunit_try_run_case+0x170/0x3f0 [ 19.187917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187971] kthread+0x328/0x630 [ 19.188015] ret_from_fork+0x10/0x20 [ 19.188063] [ 19.188083] Allocated by task 265: [ 19.188113] kasan_save_stack+0x3c/0x68 [ 19.188155] kasan_save_track+0x20/0x40 [ 19.188194] kasan_save_alloc_info+0x40/0x58 [ 19.188250] __kasan_kmalloc+0xd4/0xd8 [ 19.188289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.188332] kasan_atomics+0xb8/0x2e0 [ 19.188368] kunit_try_run_case+0x170/0x3f0 [ 19.188447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.188541] kthread+0x328/0x630 [ 19.188760] ret_from_fork+0x10/0x20 [ 19.188798] [ 19.188939] The buggy address belongs to the object at fff00000c79fb480 [ 19.188939] which belongs to the cache kmalloc-64 of size 64 [ 19.189393] The buggy address is located 0 bytes to the right of [ 19.189393] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.189518] [ 19.189669] The buggy address belongs to the physical page: [ 19.189702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.189921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.190034] page_type: f5(slab) [ 19.190593] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.191460] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.194810] Allocated by task 265: [ 19.194840] kasan_save_stack+0x3c/0x68 [ 19.194895] kasan_save_track+0x20/0x40 [ 19.195195] kasan_save_alloc_info+0x40/0x58 [ 19.195355] __kasan_kmalloc+0xd4/0xd8 [ 19.196689] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.196749] kasan_atomics+0xb8/0x2e0 [ 19.196789] kunit_try_run_case+0x170/0x3f0 [ 19.196830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.198011] The buggy address is located 0 bytes to the right of [ 19.198011] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.202325] Call trace: [ 19.204898] kasan_save_track+0x20/0x40 [ 19.206773] [ 19.207934] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.210122] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.213076] kasan_save_track+0x20/0x40 [ 19.213116] kasan_save_alloc_info+0x40/0x58 [ 19.213358] __kasan_kmalloc+0xd4/0xd8 [ 19.213407] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.213458] kasan_atomics+0xb8/0x2e0 [ 19.219499] kthread+0x328/0x630 [ 19.219720] kasan_save_alloc_info+0x40/0x58 [ 19.219770] __kasan_kmalloc+0xd4/0xd8 [ 19.219807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.219979] kthread+0x328/0x630 [ 19.220194] [ 19.220437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.222034] kasan_check_range+0x100/0x1a8 [ 19.222718] __kasan_kmalloc+0xd4/0xd8 [ 19.223501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.225013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.228971] kasan_atomics+0xb8/0x2e0 [ 19.232622] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.236993] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.237275] ================================================================== [ 19.372571] ================================================================== [ 19.372750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.372814] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.372881] [ 19.373139] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.373242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.373314] Hardware name: linux,dummy-virt (DT) [ 19.373382] Call trace: [ 19.373409] show_stack+0x20/0x38 (C) [ 19.373471] dump_stack_lvl+0x8c/0xd0 [ 19.373563] print_report+0x118/0x5d0 [ 19.373611] kasan_report+0xdc/0x128 [ 19.373658] kasan_check_range+0x100/0x1a8 [ 19.373725] __kasan_check_write+0x20/0x30 [ 19.373772] kasan_atomics_helper+0x1644/0x4858 [ 19.373820] kasan_atomics+0x198/0x2e0 [ 19.373878] kunit_try_run_case+0x170/0x3f0 [ 19.373926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373978] kthread+0x328/0x630 [ 19.374020] ret_from_fork+0x10/0x20 [ 19.374084] [ 19.374113] Allocated by task 265: [ 19.374143] kasan_save_stack+0x3c/0x68 [ 19.374188] kasan_save_track+0x20/0x40 [ 19.374226] kasan_save_alloc_info+0x40/0x58 [ 19.374283] __kasan_kmalloc+0xd4/0xd8 [ 19.374323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.374363] kasan_atomics+0xb8/0x2e0 [ 19.374414] kunit_try_run_case+0x170/0x3f0 [ 19.374456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.374499] kthread+0x328/0x630 [ 19.374534] ret_from_fork+0x10/0x20 [ 19.374579] [ 19.374601] The buggy address belongs to the object at fff00000c79fb480 [ 19.374601] which belongs to the cache kmalloc-64 of size 64 [ 19.374659] The buggy address is located 0 bytes to the right of [ 19.374659] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.374724] [ 19.374747] The buggy address belongs to the physical page: [ 19.374779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.374832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.374890] page_type: f5(slab) [ 19.374930] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.374982] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.375024] page dumped because: kasan: bad access detected [ 19.375057] [ 19.375078] Memory state around the buggy address: [ 19.375111] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.375419] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.375479] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.375522] ^ [ 19.375558] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.375626] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.375666] ================================================================== [ 19.324563] ================================================================== [ 19.324613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.324663] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.324713] [ 19.324748] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.324829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.324856] Hardware name: linux,dummy-virt (DT) [ 19.324904] Call trace: [ 19.324929] show_stack+0x20/0x38 (C) [ 19.324978] dump_stack_lvl+0x8c/0xd0 [ 19.325027] print_report+0x118/0x5d0 [ 19.325123] kasan_report+0xdc/0x128 [ 19.325170] kasan_check_range+0x100/0x1a8 [ 19.325229] __kasan_check_write+0x20/0x30 [ 19.325275] kasan_atomics_helper+0x11f8/0x4858 [ 19.325358] kasan_atomics+0x198/0x2e0 [ 19.325423] kunit_try_run_case+0x170/0x3f0 [ 19.325542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.325724] kthread+0x328/0x630 [ 19.325823] ret_from_fork+0x10/0x20 [ 19.325891] [ 19.325941] Allocated by task 265: [ 19.325988] kasan_save_stack+0x3c/0x68 [ 19.326043] kasan_save_track+0x20/0x40 [ 19.326090] kasan_save_alloc_info+0x40/0x58 [ 19.326133] __kasan_kmalloc+0xd4/0xd8 [ 19.326171] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.326213] kasan_atomics+0xb8/0x2e0 [ 19.326249] kunit_try_run_case+0x170/0x3f0 [ 19.326290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.326333] kthread+0x328/0x630 [ 19.326383] ret_from_fork+0x10/0x20 [ 19.326420] [ 19.326442] The buggy address belongs to the object at fff00000c79fb480 [ 19.326442] which belongs to the cache kmalloc-64 of size 64 [ 19.326500] The buggy address is located 0 bytes to the right of [ 19.326500] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.326565] [ 19.326588] The buggy address belongs to the physical page: [ 19.326620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.326674] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.326722] page_type: f5(slab) [ 19.326762] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.326826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.327336] page dumped because: kasan: bad access detected [ 19.327380] [ 19.327402] Memory state around the buggy address: [ 19.327436] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.327482] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.327526] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.327742] ^ [ 19.327852] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.328093] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.328753] ================================================================== [ 19.317416] ================================================================== [ 19.317472] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.317778] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.317831] [ 19.318186] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.320162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.320192] Hardware name: linux,dummy-virt (DT) [ 19.320225] Call trace: [ 19.320249] show_stack+0x20/0x38 (C) [ 19.320303] dump_stack_lvl+0x8c/0xd0 [ 19.320354] print_report+0x118/0x5d0 [ 19.320402] kasan_report+0xdc/0x128 [ 19.320448] kasan_check_range+0x100/0x1a8 [ 19.320497] __kasan_check_write+0x20/0x30 [ 19.320542] kasan_atomics_helper+0x1190/0x4858 [ 19.320591] kasan_atomics+0x198/0x2e0 [ 19.320637] kunit_try_run_case+0x170/0x3f0 [ 19.320686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.320739] kthread+0x328/0x630 [ 19.320783] ret_from_fork+0x10/0x20 [ 19.320830] [ 19.320850] Allocated by task 265: [ 19.320893] kasan_save_stack+0x3c/0x68 [ 19.320935] kasan_save_track+0x20/0x40 [ 19.320974] kasan_save_alloc_info+0x40/0x58 [ 19.321014] __kasan_kmalloc+0xd4/0xd8 [ 19.321053] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.321092] kasan_atomics+0xb8/0x2e0 [ 19.321131] kunit_try_run_case+0x170/0x3f0 [ 19.321170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.321215] kthread+0x328/0x630 [ 19.321248] ret_from_fork+0x10/0x20 [ 19.321286] [ 19.321307] The buggy address belongs to the object at fff00000c79fb480 [ 19.321307] which belongs to the cache kmalloc-64 of size 64 [ 19.321365] The buggy address is located 0 bytes to the right of [ 19.321365] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.321429] [ 19.321454] The buggy address belongs to the physical page: [ 19.321487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.321540] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.321589] page_type: f5(slab) [ 19.321629] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.321681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.321723] page dumped because: kasan: bad access detected [ 19.321756] [ 19.321777] Memory state around the buggy address: [ 19.321810] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.321857] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.324171] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.324215] ^ [ 19.324253] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.324296] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.324335] ================================================================== [ 19.367921] ================================================================== [ 19.368061] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.368175] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.368461] [ 19.368542] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.368625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.368655] Hardware name: linux,dummy-virt (DT) [ 19.368689] Call trace: [ 19.368712] show_stack+0x20/0x38 (C) [ 19.368997] dump_stack_lvl+0x8c/0xd0 [ 19.369081] print_report+0x118/0x5d0 [ 19.369131] kasan_report+0xdc/0x128 [ 19.369177] __asan_report_load8_noabort+0x20/0x30 [ 19.369230] kasan_atomics_helper+0x3db0/0x4858 [ 19.369278] kasan_atomics+0x198/0x2e0 [ 19.369392] kunit_try_run_case+0x170/0x3f0 [ 19.369460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.369553] kthread+0x328/0x630 [ 19.369801] ret_from_fork+0x10/0x20 [ 19.369902] [ 19.369951] Allocated by task 265: [ 19.370053] kasan_save_stack+0x3c/0x68 [ 19.370119] kasan_save_track+0x20/0x40 [ 19.370178] kasan_save_alloc_info+0x40/0x58 [ 19.370285] __kasan_kmalloc+0xd4/0xd8 [ 19.370352] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.370409] kasan_atomics+0xb8/0x2e0 [ 19.370515] kunit_try_run_case+0x170/0x3f0 [ 19.370585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.370638] kthread+0x328/0x630 [ 19.370686] ret_from_fork+0x10/0x20 [ 19.370753] [ 19.370775] The buggy address belongs to the object at fff00000c79fb480 [ 19.370775] which belongs to the cache kmalloc-64 of size 64 [ 19.370841] The buggy address is located 0 bytes to the right of [ 19.370841] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.370916] [ 19.370939] The buggy address belongs to the physical page: [ 19.370972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.371264] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.371333] page_type: f5(slab) [ 19.371390] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.371462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.371761] page dumped because: kasan: bad access detected [ 19.371853] [ 19.371903] Memory state around the buggy address: [ 19.372025] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.372103] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.372154] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.372197] ^ [ 19.372258] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372301] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372341] ================================================================== [ 19.295273] ================================================================== [ 19.295315] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.295359] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.295406] [ 19.295435] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.295515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.295543] Hardware name: linux,dummy-virt (DT) [ 19.295575] Call trace: [ 19.295597] show_stack+0x20/0x38 (C) [ 19.295644] dump_stack_lvl+0x8c/0xd0 [ 19.295691] print_report+0x118/0x5d0 [ 19.298125] kasan_report+0xdc/0x128 [ 19.298190] kasan_check_range+0x100/0x1a8 [ 19.298241] __kasan_check_write+0x20/0x30 [ 19.298286] kasan_atomics_helper+0xff0/0x4858 [ 19.298335] kasan_atomics+0x198/0x2e0 [ 19.298380] kunit_try_run_case+0x170/0x3f0 [ 19.298428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298481] kthread+0x328/0x630 [ 19.298522] ret_from_fork+0x10/0x20 [ 19.298570] [ 19.298593] Allocated by task 265: [ 19.298623] kasan_save_stack+0x3c/0x68 [ 19.298666] kasan_save_track+0x20/0x40 [ 19.298705] kasan_save_alloc_info+0x40/0x58 [ 19.298747] __kasan_kmalloc+0xd4/0xd8 [ 19.298786] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.298825] kasan_atomics+0xb8/0x2e0 [ 19.298876] kunit_try_run_case+0x170/0x3f0 [ 19.298937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298984] kthread+0x328/0x630 [ 19.299030] ret_from_fork+0x10/0x20 [ 19.299070] [ 19.299092] The buggy address belongs to the object at fff00000c79fb480 [ 19.299092] which belongs to the cache kmalloc-64 of size 64 [ 19.299152] The buggy address is located 0 bytes to the right of [ 19.299152] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.299223] [ 19.299283] The buggy address belongs to the physical page: [ 19.299323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.299377] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.299427] page_type: f5(slab) [ 19.299473] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.299538] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.299586] page dumped because: kasan: bad access detected [ 19.299626] [ 19.299645] Memory state around the buggy address: [ 19.299678] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.299724] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.300073] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.300118] ^ [ 19.300154] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300220] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300263] ================================================================== [ 19.345149] ================================================================== [ 19.345190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.345249] Read of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.345299] [ 19.345329] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.345407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.345436] Hardware name: linux,dummy-virt (DT) [ 19.345470] Call trace: [ 19.345492] show_stack+0x20/0x38 (C) [ 19.345541] dump_stack_lvl+0x8c/0xd0 [ 19.345588] print_report+0x118/0x5d0 [ 19.345637] kasan_report+0xdc/0x128 [ 19.345683] __asan_report_load8_noabort+0x20/0x30 [ 19.345735] kasan_atomics_helper+0x3f04/0x4858 [ 19.345784] kasan_atomics+0x198/0x2e0 [ 19.345830] kunit_try_run_case+0x170/0x3f0 [ 19.345891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.345945] kthread+0x328/0x630 [ 19.345987] ret_from_fork+0x10/0x20 [ 19.346035] [ 19.346055] Allocated by task 265: [ 19.346083] kasan_save_stack+0x3c/0x68 [ 19.346124] kasan_save_track+0x20/0x40 [ 19.346162] kasan_save_alloc_info+0x40/0x58 [ 19.346204] __kasan_kmalloc+0xd4/0xd8 [ 19.346241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.346306] kasan_atomics+0xb8/0x2e0 [ 19.346356] kunit_try_run_case+0x170/0x3f0 [ 19.346433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346501] kthread+0x328/0x630 [ 19.346569] ret_from_fork+0x10/0x20 [ 19.346642] [ 19.346701] The buggy address belongs to the object at fff00000c79fb480 [ 19.346701] which belongs to the cache kmalloc-64 of size 64 [ 19.347209] The buggy address is located 0 bytes to the right of [ 19.347209] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.347315] [ 19.347388] The buggy address belongs to the physical page: [ 19.347475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.347562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.347641] page_type: f5(slab) [ 19.347686] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.347765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.347855] page dumped because: kasan: bad access detected [ 19.347922] [ 19.347960] Memory state around the buggy address: [ 19.347999] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.348044] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.348383] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.348425] ^ [ 19.348459] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348502] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348542] ================================================================== [ 19.332907] ================================================================== [ 19.332962] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.333012] Write of size 8 at addr fff00000c79fb4b0 by task kunit_try_catch/265 [ 19.333063] [ 19.333095] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.333249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.333358] Hardware name: linux,dummy-virt (DT) [ 19.333416] Call trace: [ 19.333470] show_stack+0x20/0x38 (C) [ 19.333593] dump_stack_lvl+0x8c/0xd0 [ 19.333680] print_report+0x118/0x5d0 [ 19.333999] kasan_report+0xdc/0x128 [ 19.334076] kasan_check_range+0x100/0x1a8 [ 19.334185] __kasan_check_write+0x20/0x30 [ 19.334272] kasan_atomics_helper+0x12d8/0x4858 [ 19.334345] kasan_atomics+0x198/0x2e0 [ 19.334423] kunit_try_run_case+0x170/0x3f0 [ 19.334513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334612] kthread+0x328/0x630 [ 19.334704] ret_from_fork+0x10/0x20 [ 19.334822] [ 19.334850] Allocated by task 265: [ 19.334890] kasan_save_stack+0x3c/0x68 [ 19.334934] kasan_save_track+0x20/0x40 [ 19.335271] kasan_save_alloc_info+0x40/0x58 [ 19.335353] __kasan_kmalloc+0xd4/0xd8 [ 19.335417] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.335503] kasan_atomics+0xb8/0x2e0 [ 19.335582] kunit_try_run_case+0x170/0x3f0 [ 19.335635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.335914] kthread+0x328/0x630 [ 19.336003] ret_from_fork+0x10/0x20 [ 19.336061] [ 19.336085] The buggy address belongs to the object at fff00000c79fb480 [ 19.336085] which belongs to the cache kmalloc-64 of size 64 [ 19.336145] The buggy address is located 0 bytes to the right of [ 19.336145] allocated 48-byte region [fff00000c79fb480, fff00000c79fb4b0) [ 19.336210] [ 19.336252] The buggy address belongs to the physical page: [ 19.336293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fb [ 19.336349] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.336621] page_type: f5(slab) [ 19.336674] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.336728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.336814] page dumped because: kasan: bad access detected [ 19.336920] [ 19.336981] Memory state around the buggy address: [ 19.337027] fff00000c79fb380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.337132] fff00000c79fb400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.337207] >fff00000c79fb480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.337249] ^ [ 19.337283] fff00000c79fb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.337325] fff00000c79fb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.337500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.988607] ================================================================== [ 18.990297] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.990347] Write of size 8 at addr fff00000c6562248 by task kunit_try_catch/261 [ 18.990397] [ 18.990427] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.995542] Read of size 8 at addr fff00000c6562248 by task kunit_try_catch/261 [ 18.999262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.003784] kasan_bitops_generic+0x110/0x1c8 [ 19.003834] kunit_try_run_case+0x170/0x3f0 [ 19.003914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.003968] kthread+0x328/0x630 [ 19.004010] ret_from_fork+0x10/0x20 [ 19.004065] [ 19.004473] kasan_bitops_generic+0xa0/0x1c8 [ 19.004513] kunit_try_run_case+0x170/0x3f0 [ 19.004796] The buggy address is located 8 bytes inside of [ 19.004796] allocated 9-byte region [fff00000c6562240, fff00000c6562249) [ 19.005573] page dumped because: kasan: bad access detected [ 19.005950] >fff00000c6562200: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.006922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.010715] kasan_save_track+0x20/0x40 [ 19.011465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.015682] kasan_report+0xdc/0x128 [ 19.017429] __kasan_kmalloc+0xd4/0xd8 [ 19.017912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106562 [ 19.020922] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.925108] ================================================================== [ 18.925177] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.925239] Read of size 1 at addr fff00000c78e3fd8 by task kunit_try_catch/257 [ 18.925600] [ 18.925899] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.926613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.926652] Hardware name: linux,dummy-virt (DT) [ 18.926686] Call trace: [ 18.926937] show_stack+0x20/0x38 (C) [ 18.927304] dump_stack_lvl+0x8c/0xd0 [ 18.927563] print_report+0x118/0x5d0 [ 18.927886] kasan_report+0xdc/0x128 [ 18.928289] __asan_report_load1_noabort+0x20/0x30 [ 18.928465] memcmp+0x198/0x1d8 [ 18.928510] kasan_memcmp+0x16c/0x300 [ 18.928691] kunit_try_run_case+0x170/0x3f0 [ 18.928749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.928805] kthread+0x328/0x630 [ 18.928850] ret_from_fork+0x10/0x20 [ 18.928915] [ 18.928938] Allocated by task 257: [ 18.928997] kasan_save_stack+0x3c/0x68 [ 18.929109] kasan_save_track+0x20/0x40 [ 18.929186] kasan_save_alloc_info+0x40/0x58 [ 18.929292] __kasan_kmalloc+0xd4/0xd8 [ 18.929363] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.929415] kasan_memcmp+0xbc/0x300 [ 18.929474] kunit_try_run_case+0x170/0x3f0 [ 18.929617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.929714] kthread+0x328/0x630 [ 18.929768] ret_from_fork+0x10/0x20 [ 18.929911] [ 18.929978] The buggy address belongs to the object at fff00000c78e3fc0 [ 18.929978] which belongs to the cache kmalloc-32 of size 32 [ 18.930046] The buggy address is located 0 bytes to the right of [ 18.930046] allocated 24-byte region [fff00000c78e3fc0, fff00000c78e3fd8) [ 18.930246] [ 18.930299] The buggy address belongs to the physical page: [ 18.931279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e3 [ 18.931342] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.931395] page_type: f5(slab) [ 18.931438] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.931494] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.931536] page dumped because: kasan: bad access detected [ 18.931571] [ 18.931590] Memory state around the buggy address: [ 18.931624] fff00000c78e3e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.952775] fff00000c79fa100: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.960088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.962801] strlen+0xa8/0xb0 [ 18.964858] The buggy address is located 16 bytes inside of [ 18.964858] freed 32-byte region [fff00000c79fa180, fff00000c79fa1a0) [ 18.966242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.966936] kasan_save_stack+0x3c/0x68 [ 18.967307] ret_from_fork+0x10/0x20 [ 18.967546] kfree+0x214/0x3c8 [ 18.967698] kthread+0x328/0x630 [ 18.969419] [ 18.971485] page dumped because: kasan: bad access detected [ 18.971833] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.886504] ================================================================== [ 18.887410] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.887487] Read of size 1 at addr ffff800080aa7b5f by task kunit_try_catch/251 [ 18.887712] [ 18.887886] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.888062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.888094] Hardware name: linux,dummy-virt (DT) [ 18.888128] Call trace: [ 18.888154] show_stack+0x20/0x38 (C) [ 18.888341] dump_stack_lvl+0x8c/0xd0 [ 18.888412] print_report+0x310/0x5d0 [ 18.888461] kasan_report+0xdc/0x128 [ 18.888509] __asan_report_load1_noabort+0x20/0x30 [ 18.888560] kasan_alloca_oob_left+0x2b8/0x310 [ 18.888610] kunit_try_run_case+0x170/0x3f0 [ 18.888662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.888718] kthread+0x328/0x630 [ 18.888762] ret_from_fork+0x10/0x20 [ 18.888811] [ 18.888837] The buggy address belongs to stack of task kunit_try_catch/251 [ 18.888920] [ 18.888943] The buggy address ffff800080aa7b5f belongs to a vmalloc virtual mapping [ 18.888990] The buggy address belongs to the physical page: [ 18.889023] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078de [ 18.889080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.889146] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.889199] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.889242] page dumped because: kasan: bad access detected [ 18.889275] [ 18.889295] Memory state around the buggy address: [ 18.889330] ffff800080aa7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.889376] ffff800080aa7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.889422] >ffff800080aa7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.889464] ^ [ 18.889503] ffff800080aa7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.889547] ffff800080aa7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.889588] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.863908] ================================================================== [ 18.863987] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.864047] Read of size 1 at addr ffff800080aa7c2a by task kunit_try_catch/249 [ 18.864098] [ 18.865171] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.865273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.865389] Hardware name: linux,dummy-virt (DT) [ 18.865536] Call trace: [ 18.867888] show_stack+0x20/0x38 (C) [ 18.867957] dump_stack_lvl+0x8c/0xd0 [ 18.868010] print_report+0x310/0x5d0 [ 18.868276] kasan_report+0xdc/0x128 [ 18.868340] __asan_report_load1_noabort+0x20/0x30 [ 18.868393] kasan_stack_oob+0x238/0x270 [ 18.868747] kunit_try_run_case+0x170/0x3f0 [ 18.868802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.869191] kthread+0x328/0x630 [ 18.869243] ret_from_fork+0x10/0x20 [ 18.869295] [ 18.869760] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.870713] and is located at offset 138 in frame: [ 18.870766] kasan_stack_oob+0x0/0x270 [ 18.870922] [ 18.870959] This frame has 4 objects: [ 18.871050] [48, 49) '__assertion' [ 18.871090] [64, 72) 'array' [ 18.871122] [96, 112) '__assertion' [ 18.871163] [128, 138) 'stack_array' [ 18.871206] [ 18.871239] The buggy address ffff800080aa7c2a belongs to a vmalloc virtual mapping [ 18.871289] The buggy address belongs to the physical page: [ 18.871326] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078de [ 18.871383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.871451] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.871504] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.871546] page dumped because: kasan: bad access detected [ 18.871580] [ 18.871602] Memory state around the buggy address: [ 18.871636] ffff800080aa7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.871682] ffff800080aa7b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.871724] >ffff800080aa7c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.871764] ^ [ 18.871798] ffff800080aa7c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.871843] ffff800080aa7d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.871894] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.842181] ================================================================== [ 18.842252] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.842370] Read of size 1 at addr ffff99bda574f58d by task kunit_try_catch/245 [ 18.842420] [ 18.842465] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.842546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.842574] Hardware name: linux,dummy-virt (DT) [ 18.842606] Call trace: [ 18.842628] show_stack+0x20/0x38 (C) [ 18.842678] dump_stack_lvl+0x8c/0xd0 [ 18.842726] print_report+0x310/0x5d0 [ 18.842773] kasan_report+0xdc/0x128 [ 18.842816] __asan_report_load1_noabort+0x20/0x30 [ 18.842880] kasan_global_oob_right+0x230/0x270 [ 18.843409] kunit_try_run_case+0x170/0x3f0 [ 18.843619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.843832] kthread+0x328/0x630 [ 18.844015] ret_from_fork+0x10/0x20 [ 18.844346] [ 18.844696] The buggy address belongs to the variable: [ 18.844931] global_array+0xd/0x40 [ 18.845130] [ 18.845638] The buggy address ffff99bda574f58d belongs to a vmalloc virtual mapping [ 18.845855] The buggy address belongs to the physical page: [ 18.845932] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.845998] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.846222] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.846427] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.846626] page dumped because: kasan: bad access detected [ 18.846758] [ 18.847124] Memory state around the buggy address: [ 18.847163] ffff99bda574f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.847376] ffff99bda574f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.847562] >ffff99bda574f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.847641] ^ [ 18.847672] ffff99bda574f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.848081] ffff99bda574f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.848213] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.829569] ================================================================== [ 18.829725] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.829788] Free of addr fff00000c79b8001 by task kunit_try_catch/243 [ 18.829975] [ 18.830042] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.832289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.832342] Hardware name: linux,dummy-virt (DT) [ 18.832377] Call trace: [ 18.832400] show_stack+0x20/0x38 (C) [ 18.832459] dump_stack_lvl+0x8c/0xd0 [ 18.832510] print_report+0x118/0x5d0 [ 18.832559] kasan_report_invalid_free+0xc0/0xe8 [ 18.832608] __kasan_mempool_poison_object+0xfc/0x150 [ 18.832659] mempool_free+0x28c/0x328 [ 18.832703] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.832754] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.832805] kunit_try_run_case+0x170/0x3f0 [ 18.832855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.832922] kthread+0x328/0x630 [ 18.832965] ret_from_fork+0x10/0x20 [ 18.833012] [ 18.833033] The buggy address belongs to the physical page: [ 18.833067] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 18.833122] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.833170] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.833224] page_type: f8(unknown) [ 18.833264] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.833312] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.833361] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.833429] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.833489] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff [ 18.833536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.833578] page dumped because: kasan: bad access detected [ 18.833607] [ 18.833626] Memory state around the buggy address: [ 18.833658] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.833720] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.833771] >fff00000c79b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.833820] ^ [ 18.833858] fff00000c79b8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.833910] fff00000c79b8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.833949] ================================================================== [ 18.814732] ================================================================== [ 18.814881] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.814946] Free of addr fff00000c656ae01 by task kunit_try_catch/241 [ 18.815289] [ 18.815389] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.815477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.815505] Hardware name: linux,dummy-virt (DT) [ 18.815674] Call trace: [ 18.815708] show_stack+0x20/0x38 (C) [ 18.815764] dump_stack_lvl+0x8c/0xd0 [ 18.815979] print_report+0x118/0x5d0 [ 18.816033] kasan_report_invalid_free+0xc0/0xe8 [ 18.816202] check_slab_allocation+0xfc/0x108 [ 18.816293] __kasan_mempool_poison_object+0x78/0x150 [ 18.816586] mempool_free+0x28c/0x328 [ 18.816639] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.816952] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.817228] kunit_try_run_case+0x170/0x3f0 [ 18.817359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.817423] kthread+0x328/0x630 [ 18.817517] ret_from_fork+0x10/0x20 [ 18.817573] [ 18.817591] Allocated by task 241: [ 18.817621] kasan_save_stack+0x3c/0x68 [ 18.817663] kasan_save_track+0x20/0x40 [ 18.817706] kasan_save_alloc_info+0x40/0x58 [ 18.817746] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.817788] remove_element+0x130/0x1f8 [ 18.817831] mempool_alloc_preallocated+0x58/0xc0 [ 18.817890] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.817933] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.817972] kunit_try_run_case+0x170/0x3f0 [ 18.818009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818051] kthread+0x328/0x630 [ 18.818082] ret_from_fork+0x10/0x20 [ 18.818127] [ 18.818146] The buggy address belongs to the object at fff00000c656ae00 [ 18.818146] which belongs to the cache kmalloc-128 of size 128 [ 18.818220] The buggy address is located 1 bytes inside of [ 18.818220] 128-byte region [fff00000c656ae00, fff00000c656ae80) [ 18.818278] [ 18.818303] The buggy address belongs to the physical page: [ 18.818352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a [ 18.818406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.818473] page_type: f5(slab) [ 18.818511] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.818561] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.818600] page dumped because: kasan: bad access detected [ 18.818632] [ 18.818652] Memory state around the buggy address: [ 18.818681] fff00000c656ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.818734] fff00000c656ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.818785] >fff00000c656ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.818823] ^ [ 18.819138] fff00000c656ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.819413] fff00000c656af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.819494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.762740] ================================================================== [ 18.762804] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.763350] Free of addr fff00000c656aa00 by task kunit_try_catch/235 [ 18.763414] [ 18.763573] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.763666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.763967] Hardware name: linux,dummy-virt (DT) [ 18.764020] Call trace: [ 18.764228] show_stack+0x20/0x38 (C) [ 18.764705] dump_stack_lvl+0x8c/0xd0 [ 18.764801] print_report+0x118/0x5d0 [ 18.764896] kasan_report_invalid_free+0xc0/0xe8 [ 18.764946] check_slab_allocation+0xd4/0x108 [ 18.764995] __kasan_mempool_poison_object+0x78/0x150 [ 18.765045] mempool_free+0x28c/0x328 [ 18.765106] mempool_double_free_helper+0x150/0x2e8 [ 18.765155] mempool_kmalloc_double_free+0xc0/0x118 [ 18.765203] kunit_try_run_case+0x170/0x3f0 [ 18.765260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.765329] kthread+0x328/0x630 [ 18.765372] ret_from_fork+0x10/0x20 [ 18.765428] [ 18.765447] Allocated by task 235: [ 18.765487] kasan_save_stack+0x3c/0x68 [ 18.765528] kasan_save_track+0x20/0x40 [ 18.765576] kasan_save_alloc_info+0x40/0x58 [ 18.765614] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.765656] remove_element+0x130/0x1f8 [ 18.765700] mempool_alloc_preallocated+0x58/0xc0 [ 18.765748] mempool_double_free_helper+0x94/0x2e8 [ 18.765796] mempool_kmalloc_double_free+0xc0/0x118 [ 18.765836] kunit_try_run_case+0x170/0x3f0 [ 18.765884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.765927] kthread+0x328/0x630 [ 18.765959] ret_from_fork+0x10/0x20 [ 18.766005] [ 18.766034] Freed by task 235: [ 18.766060] kasan_save_stack+0x3c/0x68 [ 18.766111] kasan_save_track+0x20/0x40 [ 18.766159] kasan_save_free_info+0x4c/0x78 [ 18.766198] __kasan_mempool_poison_object+0xc0/0x150 [ 18.766239] mempool_free+0x28c/0x328 [ 18.766288] mempool_double_free_helper+0x100/0x2e8 [ 18.766329] mempool_kmalloc_double_free+0xc0/0x118 [ 18.766389] kunit_try_run_case+0x170/0x3f0 [ 18.766427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.766477] kthread+0x328/0x630 [ 18.766515] ret_from_fork+0x10/0x20 [ 18.766549] [ 18.766567] The buggy address belongs to the object at fff00000c656aa00 [ 18.766567] which belongs to the cache kmalloc-128 of size 128 [ 18.766626] The buggy address is located 0 bytes inside of [ 18.766626] 128-byte region [fff00000c656aa00, fff00000c656aa80) [ 18.766685] [ 18.766711] The buggy address belongs to the physical page: [ 18.766763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a [ 18.766819] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.767857] page_type: f5(slab) [ 18.767943] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.767997] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.768037] page dumped because: kasan: bad access detected [ 18.768179] [ 18.768410] Memory state around the buggy address: [ 18.768526] fff00000c656a900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.768706] fff00000c656a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.769239] >fff00000c656aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.769503] ^ [ 18.769640] fff00000c656aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.769800] fff00000c656ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.770013] ================================================================== [ 18.781441] ================================================================== [ 18.781502] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.781918] Free of addr fff00000c79b4000 by task kunit_try_catch/237 [ 18.782228] [ 18.782282] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.782593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.782978] Hardware name: linux,dummy-virt (DT) [ 18.783034] Call trace: [ 18.783128] show_stack+0x20/0x38 (C) [ 18.783408] dump_stack_lvl+0x8c/0xd0 [ 18.783549] print_report+0x118/0x5d0 [ 18.783774] kasan_report_invalid_free+0xc0/0xe8 [ 18.783942] __kasan_mempool_poison_object+0x14c/0x150 [ 18.783999] mempool_free+0x28c/0x328 [ 18.784044] mempool_double_free_helper+0x150/0x2e8 [ 18.784240] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.784515] kunit_try_run_case+0x170/0x3f0 [ 18.784905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.785112] kthread+0x328/0x630 [ 18.785311] ret_from_fork+0x10/0x20 [ 18.785455] [ 18.785577] The buggy address belongs to the physical page: [ 18.785651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 18.785970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.786347] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.786550] page_type: f8(unknown) [ 18.786606] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.786809] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.787064] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.787132] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.787488] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 18.787588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.787656] page dumped because: kasan: bad access detected [ 18.787837] [ 18.788175] Memory state around the buggy address: [ 18.788329] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.788478] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.788532] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.788571] ^ [ 18.788609] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.788651] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.788829] ================================================================== [ 18.797916] ================================================================== [ 18.798076] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.798139] Free of addr fff00000c79b4000 by task kunit_try_catch/239 [ 18.798304] [ 18.798348] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.798577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.798608] Hardware name: linux,dummy-virt (DT) [ 18.798645] Call trace: [ 18.798685] show_stack+0x20/0x38 (C) [ 18.798745] dump_stack_lvl+0x8c/0xd0 [ 18.799003] print_report+0x118/0x5d0 [ 18.799273] kasan_report_invalid_free+0xc0/0xe8 [ 18.799343] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.799783] mempool_free+0x24c/0x328 [ 18.799845] mempool_double_free_helper+0x150/0x2e8 [ 18.799911] mempool_page_alloc_double_free+0xbc/0x118 [ 18.799962] kunit_try_run_case+0x170/0x3f0 [ 18.800013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.800067] kthread+0x328/0x630 [ 18.800120] ret_from_fork+0x10/0x20 [ 18.800169] [ 18.800192] The buggy address belongs to the physical page: [ 18.800225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 18.800278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.800341] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.800390] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.800432] page dumped because: kasan: bad access detected [ 18.800472] [ 18.800490] Memory state around the buggy address: [ 18.800535] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.800587] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.800635] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.800674] ^ [ 18.800703] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.800743] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.800787] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.686446] ================================================================== [ 18.686592] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.686655] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/229 [ 18.686706] [ 18.687129] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.687295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.687344] Hardware name: linux,dummy-virt (DT) [ 18.687378] Call trace: [ 18.687402] show_stack+0x20/0x38 (C) [ 18.687710] dump_stack_lvl+0x8c/0xd0 [ 18.687880] print_report+0x118/0x5d0 [ 18.687932] kasan_report+0xdc/0x128 [ 18.688095] __asan_report_load1_noabort+0x20/0x30 [ 18.688188] mempool_uaf_helper+0x314/0x340 [ 18.688234] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.688292] kunit_try_run_case+0x170/0x3f0 [ 18.688343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.688395] kthread+0x328/0x630 [ 18.688448] ret_from_fork+0x10/0x20 [ 18.688494] [ 18.688516] The buggy address belongs to the physical page: [ 18.688551] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 18.688623] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.688671] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.688724] page_type: f8(unknown) [ 18.688762] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.688813] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.688884] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.688940] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.688988] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 18.689038] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.689088] page dumped because: kasan: bad access detected [ 18.689127] [ 18.689145] Memory state around the buggy address: [ 18.689186] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.689230] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.689273] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.689320] ^ [ 18.689347] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.689404] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.689443] ================================================================== [ 18.745345] ================================================================== [ 18.745502] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.745623] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/233 [ 18.745676] [ 18.745731] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.746133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.746178] Hardware name: linux,dummy-virt (DT) [ 18.746226] Call trace: [ 18.746251] show_stack+0x20/0x38 (C) [ 18.746344] dump_stack_lvl+0x8c/0xd0 [ 18.746398] print_report+0x118/0x5d0 [ 18.746463] kasan_report+0xdc/0x128 [ 18.746565] __asan_report_load1_noabort+0x20/0x30 [ 18.746629] mempool_uaf_helper+0x314/0x340 [ 18.746677] mempool_page_alloc_uaf+0xc0/0x118 [ 18.746734] kunit_try_run_case+0x170/0x3f0 [ 18.746930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.747127] kthread+0x328/0x630 [ 18.747266] ret_from_fork+0x10/0x20 [ 18.747339] [ 18.747364] The buggy address belongs to the physical page: [ 18.747400] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 18.747456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.747612] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.747692] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.747878] page dumped because: kasan: bad access detected [ 18.747932] [ 18.748051] Memory state around the buggy address: [ 18.748106] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.748186] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.748458] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.748589] ^ [ 18.748656] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.748823] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.748882] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.666609] ================================================================== [ 18.666680] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.667221] Read of size 1 at addr fff00000c656a600 by task kunit_try_catch/227 [ 18.667440] [ 18.667527] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.667666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.667693] Hardware name: linux,dummy-virt (DT) [ 18.667839] Call trace: [ 18.668131] show_stack+0x20/0x38 (C) [ 18.668326] dump_stack_lvl+0x8c/0xd0 [ 18.668516] print_report+0x118/0x5d0 [ 18.668884] kasan_report+0xdc/0x128 [ 18.668971] __asan_report_load1_noabort+0x20/0x30 [ 18.669157] mempool_uaf_helper+0x314/0x340 [ 18.669349] mempool_kmalloc_uaf+0xc4/0x120 [ 18.669399] kunit_try_run_case+0x170/0x3f0 [ 18.669482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.669537] kthread+0x328/0x630 [ 18.669580] ret_from_fork+0x10/0x20 [ 18.669860] [ 18.670244] Allocated by task 227: [ 18.670307] kasan_save_stack+0x3c/0x68 [ 18.670355] kasan_save_track+0x20/0x40 [ 18.670412] kasan_save_alloc_info+0x40/0x58 [ 18.670453] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.670505] remove_element+0x130/0x1f8 [ 18.670554] mempool_alloc_preallocated+0x58/0xc0 [ 18.670603] mempool_uaf_helper+0xa4/0x340 [ 18.670654] mempool_kmalloc_uaf+0xc4/0x120 [ 18.670708] kunit_try_run_case+0x170/0x3f0 [ 18.670745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.670788] kthread+0x328/0x630 [ 18.670821] ret_from_fork+0x10/0x20 [ 18.670857] [ 18.670899] Freed by task 227: [ 18.670934] kasan_save_stack+0x3c/0x68 [ 18.670970] kasan_save_track+0x20/0x40 [ 18.671014] kasan_save_free_info+0x4c/0x78 [ 18.671076] __kasan_mempool_poison_object+0xc0/0x150 [ 18.671126] mempool_free+0x28c/0x328 [ 18.671159] mempool_uaf_helper+0x104/0x340 [ 18.671197] mempool_kmalloc_uaf+0xc4/0x120 [ 18.671237] kunit_try_run_case+0x170/0x3f0 [ 18.671289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.671342] kthread+0x328/0x630 [ 18.671373] ret_from_fork+0x10/0x20 [ 18.671420] [ 18.671439] The buggy address belongs to the object at fff00000c656a600 [ 18.671439] which belongs to the cache kmalloc-128 of size 128 [ 18.671507] The buggy address is located 0 bytes inside of [ 18.671507] freed 128-byte region [fff00000c656a600, fff00000c656a680) [ 18.671566] [ 18.671597] The buggy address belongs to the physical page: [ 18.671628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a [ 18.671691] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.671750] page_type: f5(slab) [ 18.672140] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.672297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.672906] page dumped because: kasan: bad access detected [ 18.672975] [ 18.673030] Memory state around the buggy address: [ 18.673129] fff00000c656a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.673288] fff00000c656a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.673435] >fff00000c656a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.673600] ^ [ 18.673940] fff00000c656a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.673996] fff00000c656a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.674117] ================================================================== [ 18.700524] ================================================================== [ 18.700886] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.700962] Read of size 1 at addr fff00000c78e2240 by task kunit_try_catch/231 [ 18.701052] [ 18.701092] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.701428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.701473] Hardware name: linux,dummy-virt (DT) [ 18.701527] Call trace: [ 18.701553] show_stack+0x20/0x38 (C) [ 18.701775] dump_stack_lvl+0x8c/0xd0 [ 18.702180] print_report+0x118/0x5d0 [ 18.702250] kasan_report+0xdc/0x128 [ 18.702588] __asan_report_load1_noabort+0x20/0x30 [ 18.702710] mempool_uaf_helper+0x314/0x340 [ 18.702841] mempool_slab_uaf+0xc0/0x118 [ 18.702903] kunit_try_run_case+0x170/0x3f0 [ 18.703174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.703263] kthread+0x328/0x630 [ 18.703307] ret_from_fork+0x10/0x20 [ 18.703356] [ 18.703423] Allocated by task 231: [ 18.703455] kasan_save_stack+0x3c/0x68 [ 18.703496] kasan_save_track+0x20/0x40 [ 18.703534] kasan_save_alloc_info+0x40/0x58 [ 18.703574] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.703617] remove_element+0x16c/0x1f8 [ 18.703654] mempool_alloc_preallocated+0x58/0xc0 [ 18.703693] mempool_uaf_helper+0xa4/0x340 [ 18.703729] mempool_slab_uaf+0xc0/0x118 [ 18.704261] kunit_try_run_case+0x170/0x3f0 [ 18.704302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.704345] kthread+0x328/0x630 [ 18.704385] ret_from_fork+0x10/0x20 [ 18.704421] [ 18.704675] Freed by task 231: [ 18.704745] kasan_save_stack+0x3c/0x68 [ 18.704935] kasan_save_track+0x20/0x40 [ 18.705210] kasan_save_free_info+0x4c/0x78 [ 18.705320] __kasan_mempool_poison_object+0xc0/0x150 [ 18.705383] mempool_free+0x28c/0x328 [ 18.705528] mempool_uaf_helper+0x104/0x340 [ 18.705614] mempool_slab_uaf+0xc0/0x118 [ 18.706135] kunit_try_run_case+0x170/0x3f0 [ 18.706205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.706528] kthread+0x328/0x630 [ 18.706592] ret_from_fork+0x10/0x20 [ 18.706696] [ 18.706787] The buggy address belongs to the object at fff00000c78e2240 [ 18.706787] which belongs to the cache test_cache of size 123 [ 18.706946] The buggy address is located 0 bytes inside of [ 18.706946] freed 123-byte region [fff00000c78e2240, fff00000c78e22bb) [ 18.707618] [ 18.707815] The buggy address belongs to the physical page: [ 18.707879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e2 [ 18.708080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.708139] page_type: f5(slab) [ 18.708180] raw: 0bfffe0000000000 fff00000c5875780 dead000000000122 0000000000000000 [ 18.708239] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.708280] page dumped because: kasan: bad access detected [ 18.708312] [ 18.708332] Memory state around the buggy address: [ 18.708365] fff00000c78e2100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.708407] fff00000c78e2180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.708449] >fff00000c78e2200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.708486] ^ [ 18.708521] fff00000c78e2280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.708560] fff00000c78e2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.708597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.578453] ================================================================== [ 18.578544] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.578623] Read of size 1 at addr fff00000c6691d73 by task kunit_try_catch/221 [ 18.578673] [ 18.578716] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.578800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.578827] Hardware name: linux,dummy-virt (DT) [ 18.578876] Call trace: [ 18.578902] show_stack+0x20/0x38 (C) [ 18.578957] dump_stack_lvl+0x8c/0xd0 [ 18.579007] print_report+0x118/0x5d0 [ 18.579054] kasan_report+0xdc/0x128 [ 18.579097] __asan_report_load1_noabort+0x20/0x30 [ 18.579147] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.579194] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.579247] kunit_try_run_case+0x170/0x3f0 [ 18.579297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.579347] kthread+0x328/0x630 [ 18.579389] ret_from_fork+0x10/0x20 [ 18.579437] [ 18.579456] Allocated by task 221: [ 18.579487] kasan_save_stack+0x3c/0x68 [ 18.579527] kasan_save_track+0x20/0x40 [ 18.579565] kasan_save_alloc_info+0x40/0x58 [ 18.579604] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.579648] remove_element+0x130/0x1f8 [ 18.579685] mempool_alloc_preallocated+0x58/0xc0 [ 18.579725] mempool_oob_right_helper+0x98/0x2f0 [ 18.580281] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.580333] kunit_try_run_case+0x170/0x3f0 [ 18.580374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.580417] kthread+0x328/0x630 [ 18.580449] ret_from_fork+0x10/0x20 [ 18.580486] [ 18.580507] The buggy address belongs to the object at fff00000c6691d00 [ 18.580507] which belongs to the cache kmalloc-128 of size 128 [ 18.580565] The buggy address is located 0 bytes to the right of [ 18.580565] allocated 115-byte region [fff00000c6691d00, fff00000c6691d73) [ 18.580627] [ 18.580650] The buggy address belongs to the physical page: [ 18.580682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 18.580738] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.580788] page_type: f5(slab) [ 18.580832] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.580896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.580937] page dumped because: kasan: bad access detected [ 18.580966] [ 18.580984] Memory state around the buggy address: [ 18.581019] fff00000c6691c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.581063] fff00000c6691c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.581106] >fff00000c6691d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.581144] ^ [ 18.581183] fff00000c6691d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.581225] fff00000c6691e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.581263] ================================================================== [ 18.611515] ================================================================== [ 18.611608] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.611689] Read of size 1 at addr fff00000c79ae001 by task kunit_try_catch/223 [ 18.611752] [ 18.611923] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.612014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.612042] Hardware name: linux,dummy-virt (DT) [ 18.612077] Call trace: [ 18.612103] show_stack+0x20/0x38 (C) [ 18.612158] dump_stack_lvl+0x8c/0xd0 [ 18.612208] print_report+0x118/0x5d0 [ 18.612253] kasan_report+0xdc/0x128 [ 18.612299] __asan_report_load1_noabort+0x20/0x30 [ 18.612348] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.612396] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.612445] kunit_try_run_case+0x170/0x3f0 [ 18.612495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.612546] kthread+0x328/0x630 [ 18.612588] ret_from_fork+0x10/0x20 [ 18.612639] [ 18.612664] The buggy address belongs to the physical page: [ 18.612698] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ac [ 18.612756] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.612803] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.612871] page_type: f8(unknown) [ 18.612914] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.612963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.613014] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.613062] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.613111] head: 0bfffe0000000002 ffffc1ffc31e6b01 00000000ffffffff 00000000ffffffff [ 18.613159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.613199] page dumped because: kasan: bad access detected [ 18.613230] [ 18.613248] Memory state around the buggy address: [ 18.613283] fff00000c79adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.613326] fff00000c79adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.613367] >fff00000c79ae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.613404] ^ [ 18.613431] fff00000c79ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.613472] fff00000c79ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.613509] ================================================================== [ 18.630829] ================================================================== [ 18.631164] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.631244] Read of size 1 at addr fff00000c78d52bb by task kunit_try_catch/225 [ 18.631526] [ 18.631596] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.631684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.631712] Hardware name: linux,dummy-virt (DT) [ 18.632192] Call trace: [ 18.632264] show_stack+0x20/0x38 (C) [ 18.632407] dump_stack_lvl+0x8c/0xd0 [ 18.632484] print_report+0x118/0x5d0 [ 18.632541] kasan_report+0xdc/0x128 [ 18.632586] __asan_report_load1_noabort+0x20/0x30 [ 18.632647] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.632706] mempool_slab_oob_right+0xc0/0x118 [ 18.632767] kunit_try_run_case+0x170/0x3f0 [ 18.632817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.632891] kthread+0x328/0x630 [ 18.632934] ret_from_fork+0x10/0x20 [ 18.632997] [ 18.633036] Allocated by task 225: [ 18.633072] kasan_save_stack+0x3c/0x68 [ 18.633136] kasan_save_track+0x20/0x40 [ 18.633174] kasan_save_alloc_info+0x40/0x58 [ 18.633224] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.633276] remove_element+0x16c/0x1f8 [ 18.633321] mempool_alloc_preallocated+0x58/0xc0 [ 18.633358] mempool_oob_right_helper+0x98/0x2f0 [ 18.633395] mempool_slab_oob_right+0xc0/0x118 [ 18.633433] kunit_try_run_case+0x170/0x3f0 [ 18.633513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.633919] kthread+0x328/0x630 [ 18.634109] ret_from_fork+0x10/0x20 [ 18.634253] [ 18.634508] The buggy address belongs to the object at fff00000c78d5240 [ 18.634508] which belongs to the cache test_cache of size 123 [ 18.634613] The buggy address is located 0 bytes to the right of [ 18.634613] allocated 123-byte region [fff00000c78d5240, fff00000c78d52bb) [ 18.634775] [ 18.635094] The buggy address belongs to the physical page: [ 18.635311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d5 [ 18.635502] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.635600] page_type: f5(slab) [ 18.635943] raw: 0bfffe0000000000 fff00000c5875640 dead000000000122 0000000000000000 [ 18.636556] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.636654] page dumped because: kasan: bad access detected [ 18.636832] [ 18.637040] Memory state around the buggy address: [ 18.637101] fff00000c78d5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.637320] fff00000c78d5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.637643] >fff00000c78d5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.637904] ^ [ 18.638063] fff00000c78d5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.638174] fff00000c78d5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.638300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.019536] ================================================================== [ 18.019619] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.019694] Read of size 1 at addr fff00000c3e56a00 by task kunit_try_catch/215 [ 18.019745] [ 18.019813] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.019915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.019942] Hardware name: linux,dummy-virt (DT) [ 18.019977] Call trace: [ 18.020030] show_stack+0x20/0x38 (C) [ 18.020157] dump_stack_lvl+0x8c/0xd0 [ 18.020366] print_report+0x118/0x5d0 [ 18.020500] kasan_report+0xdc/0x128 [ 18.020726] __kasan_check_byte+0x54/0x70 [ 18.020915] kmem_cache_destroy+0x34/0x218 [ 18.021074] kmem_cache_double_destroy+0x174/0x300 [ 18.021125] kunit_try_run_case+0x170/0x3f0 [ 18.021344] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.021396] kthread+0x328/0x630 [ 18.021440] ret_from_fork+0x10/0x20 [ 18.021489] [ 18.021508] Allocated by task 215: [ 18.021537] kasan_save_stack+0x3c/0x68 [ 18.021578] kasan_save_track+0x20/0x40 [ 18.021616] kasan_save_alloc_info+0x40/0x58 [ 18.021696] __kasan_slab_alloc+0xa8/0xb0 [ 18.021799] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.021910] __kmem_cache_create_args+0x178/0x280 [ 18.022027] kmem_cache_double_destroy+0xc0/0x300 [ 18.022160] kunit_try_run_case+0x170/0x3f0 [ 18.022269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.022428] kthread+0x328/0x630 [ 18.022478] ret_from_fork+0x10/0x20 [ 18.022513] [ 18.022531] Freed by task 215: [ 18.022737] kasan_save_stack+0x3c/0x68 [ 18.022944] kasan_save_track+0x20/0x40 [ 18.023064] kasan_save_free_info+0x4c/0x78 [ 18.023102] __kasan_slab_free+0x6c/0x98 [ 18.023547] kmem_cache_free+0x260/0x468 [ 18.023735] slab_kmem_cache_release+0x38/0x50 [ 18.023788] kmem_cache_release+0x1c/0x30 [ 18.024110] kobject_put+0x17c/0x420 [ 18.024176] sysfs_slab_release+0x1c/0x30 [ 18.024540] kmem_cache_destroy+0x118/0x218 [ 18.024655] kmem_cache_double_destroy+0x128/0x300 [ 18.024710] kunit_try_run_case+0x170/0x3f0 [ 18.024816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.025036] kthread+0x328/0x630 [ 18.025188] ret_from_fork+0x10/0x20 [ 18.025269] [ 18.025290] The buggy address belongs to the object at fff00000c3e56a00 [ 18.025290] which belongs to the cache kmem_cache of size 208 [ 18.025416] The buggy address is located 0 bytes inside of [ 18.025416] freed 208-byte region [fff00000c3e56a00, fff00000c3e56ad0) [ 18.025564] [ 18.025603] The buggy address belongs to the physical page: [ 18.025651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e56 [ 18.025755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.026134] page_type: f5(slab) [ 18.026204] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.026256] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.026343] page dumped because: kasan: bad access detected [ 18.026424] [ 18.026441] Memory state around the buggy address: [ 18.026505] fff00000c3e56900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.026611] fff00000c3e56980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026663] >fff00000c3e56a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.026743] ^ [ 18.026811] fff00000c3e56a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.026907] fff00000c3e56b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026945] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.860458] ================================================================== [ 17.860558] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.860639] Read of size 1 at addr fff00000c65a6000 by task kunit_try_catch/213 [ 17.860690] [ 17.860735] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.860818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.860843] Hardware name: linux,dummy-virt (DT) [ 17.860908] Call trace: [ 17.860932] show_stack+0x20/0x38 (C) [ 17.860993] dump_stack_lvl+0x8c/0xd0 [ 17.861043] print_report+0x118/0x5d0 [ 17.861124] kasan_report+0xdc/0x128 [ 17.861169] __asan_report_load1_noabort+0x20/0x30 [ 17.861265] kmem_cache_rcu_uaf+0x388/0x468 [ 17.861340] kunit_try_run_case+0x170/0x3f0 [ 17.861393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.861456] kthread+0x328/0x630 [ 17.861599] ret_from_fork+0x10/0x20 [ 17.861807] [ 17.861827] Allocated by task 213: [ 17.861889] kasan_save_stack+0x3c/0x68 [ 17.861940] kasan_save_track+0x20/0x40 [ 17.862139] kasan_save_alloc_info+0x40/0x58 [ 17.862182] __kasan_slab_alloc+0xa8/0xb0 [ 17.862331] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.862434] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.862474] kunit_try_run_case+0x170/0x3f0 [ 17.862512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862554] kthread+0x328/0x630 [ 17.862586] ret_from_fork+0x10/0x20 [ 17.862622] [ 17.862647] Freed by task 0: [ 17.862790] kasan_save_stack+0x3c/0x68 [ 17.862974] kasan_save_track+0x20/0x40 [ 17.863010] kasan_save_free_info+0x4c/0x78 [ 17.863169] __kasan_slab_free+0x6c/0x98 [ 17.863332] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.863416] rcu_core+0x9f4/0x1e20 [ 17.863516] rcu_core_si+0x18/0x30 [ 17.863680] handle_softirqs+0x374/0xb28 [ 17.863725] __do_softirq+0x1c/0x28 [ 17.863996] [ 17.864076] Last potentially related work creation: [ 17.864342] kasan_save_stack+0x3c/0x68 [ 17.864435] kasan_record_aux_stack+0xb4/0xc8 [ 17.864476] kmem_cache_free+0x120/0x468 [ 17.864558] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.864711] kunit_try_run_case+0x170/0x3f0 [ 17.864808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.864989] kthread+0x328/0x630 [ 17.865130] ret_from_fork+0x10/0x20 [ 17.865251] [ 17.865313] The buggy address belongs to the object at fff00000c65a6000 [ 17.865313] which belongs to the cache test_cache of size 200 [ 17.865424] The buggy address is located 0 bytes inside of [ 17.865424] freed 200-byte region [fff00000c65a6000, fff00000c65a60c8) [ 17.865626] [ 17.865711] The buggy address belongs to the physical page: [ 17.865744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a6 [ 17.865803] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.866129] page_type: f5(slab) [ 17.866408] raw: 0bfffe0000000000 fff00000c3e568c0 dead000000000122 0000000000000000 [ 17.866540] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.866608] page dumped because: kasan: bad access detected [ 17.866640] [ 17.866657] Memory state around the buggy address: [ 17.866703] fff00000c65a5f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.866750] fff00000c65a5f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.866985] >fff00000c65a6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.867190] ^ [ 17.867226] fff00000c65a6080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.867534] fff00000c65a6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.867693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.338560] ================================================================== [ 17.338631] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.338703] Free of addr fff00000c65a9001 by task kunit_try_catch/211 [ 17.338805] [ 17.338859] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.338994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.339228] Hardware name: linux,dummy-virt (DT) [ 17.339324] Call trace: [ 17.339386] show_stack+0x20/0x38 (C) [ 17.339462] dump_stack_lvl+0x8c/0xd0 [ 17.339551] print_report+0x118/0x5d0 [ 17.339597] kasan_report_invalid_free+0xc0/0xe8 [ 17.339652] check_slab_allocation+0xfc/0x108 [ 17.339700] __kasan_slab_pre_free+0x2c/0x48 [ 17.339920] kmem_cache_free+0xf0/0x468 [ 17.340046] kmem_cache_invalid_free+0x184/0x3c8 [ 17.340144] kunit_try_run_case+0x170/0x3f0 [ 17.340193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.340265] kthread+0x328/0x630 [ 17.340309] ret_from_fork+0x10/0x20 [ 17.340357] [ 17.340376] Allocated by task 211: [ 17.340406] kasan_save_stack+0x3c/0x68 [ 17.340447] kasan_save_track+0x20/0x40 [ 17.340484] kasan_save_alloc_info+0x40/0x58 [ 17.340524] __kasan_slab_alloc+0xa8/0xb0 [ 17.340560] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.340712] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.340852] kunit_try_run_case+0x170/0x3f0 [ 17.341027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.341135] kthread+0x328/0x630 [ 17.341295] ret_from_fork+0x10/0x20 [ 17.341440] [ 17.341573] The buggy address belongs to the object at fff00000c65a9000 [ 17.341573] which belongs to the cache test_cache of size 200 [ 17.341683] The buggy address is located 1 bytes inside of [ 17.341683] 200-byte region [fff00000c65a9000, fff00000c65a90c8) [ 17.341906] [ 17.342146] The buggy address belongs to the physical page: [ 17.342198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a9 [ 17.342526] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.342736] page_type: f5(slab) [ 17.342816] raw: 0bfffe0000000000 fff00000c3e56780 dead000000000122 0000000000000000 [ 17.343138] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.343328] page dumped because: kasan: bad access detected [ 17.343387] [ 17.343480] Memory state around the buggy address: [ 17.343621] fff00000c65a8f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.343735] fff00000c65a8f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.343904] >fff00000c65a9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.344006] ^ [ 17.344046] fff00000c65a9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.344089] fff00000c65a9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.344128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.309171] ================================================================== [ 17.309265] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.309347] Free of addr fff00000c65ab000 by task kunit_try_catch/209 [ 17.309392] [ 17.309435] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.309535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.309562] Hardware name: linux,dummy-virt (DT) [ 17.309664] Call trace: [ 17.309689] show_stack+0x20/0x38 (C) [ 17.309743] dump_stack_lvl+0x8c/0xd0 [ 17.309794] print_report+0x118/0x5d0 [ 17.309943] kasan_report_invalid_free+0xc0/0xe8 [ 17.310020] check_slab_allocation+0xd4/0x108 [ 17.310085] __kasan_slab_pre_free+0x2c/0x48 [ 17.310170] kmem_cache_free+0xf0/0x468 [ 17.310218] kmem_cache_double_free+0x190/0x3c8 [ 17.310265] kunit_try_run_case+0x170/0x3f0 [ 17.310313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.310476] kthread+0x328/0x630 [ 17.310542] ret_from_fork+0x10/0x20 [ 17.310620] [ 17.310641] Allocated by task 209: [ 17.310707] kasan_save_stack+0x3c/0x68 [ 17.310800] kasan_save_track+0x20/0x40 [ 17.310838] kasan_save_alloc_info+0x40/0x58 [ 17.310906] __kasan_slab_alloc+0xa8/0xb0 [ 17.310942] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.310982] kmem_cache_double_free+0x12c/0x3c8 [ 17.311018] kunit_try_run_case+0x170/0x3f0 [ 17.311056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.311231] kthread+0x328/0x630 [ 17.311298] ret_from_fork+0x10/0x20 [ 17.311353] [ 17.311374] Freed by task 209: [ 17.311401] kasan_save_stack+0x3c/0x68 [ 17.311440] kasan_save_track+0x20/0x40 [ 17.311602] kasan_save_free_info+0x4c/0x78 [ 17.311687] __kasan_slab_free+0x6c/0x98 [ 17.311796] kmem_cache_free+0x260/0x468 [ 17.311882] kmem_cache_double_free+0x140/0x3c8 [ 17.312013] kunit_try_run_case+0x170/0x3f0 [ 17.312103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.312146] kthread+0x328/0x630 [ 17.312179] ret_from_fork+0x10/0x20 [ 17.312214] [ 17.312311] The buggy address belongs to the object at fff00000c65ab000 [ 17.312311] which belongs to the cache test_cache of size 200 [ 17.312371] The buggy address is located 0 bytes inside of [ 17.312371] 200-byte region [fff00000c65ab000, fff00000c65ab0c8) [ 17.312430] [ 17.312478] The buggy address belongs to the physical page: [ 17.312857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ab [ 17.313041] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.313184] page_type: f5(slab) [ 17.313225] raw: 0bfffe0000000000 fff00000c3e56640 dead000000000122 0000000000000000 [ 17.313276] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.313492] page dumped because: kasan: bad access detected [ 17.313612] [ 17.313711] Memory state around the buggy address: [ 17.313813] fff00000c65aaf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.313857] fff00000c65aaf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.313928] >fff00000c65ab000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.313966] ^ [ 17.313994] fff00000c65ab080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.314036] fff00000c65ab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.314149] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.057899] ================================================================== [ 17.057978] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.058347] Read of size 1 at addr fff00000c78c90c8 by task kunit_try_catch/207 [ 17.058785] [ 17.058845] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.058945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.058973] Hardware name: linux,dummy-virt (DT) [ 17.059007] Call trace: [ 17.059156] show_stack+0x20/0x38 (C) [ 17.059230] dump_stack_lvl+0x8c/0xd0 [ 17.059282] print_report+0x118/0x5d0 [ 17.059489] kasan_report+0xdc/0x128 [ 17.059692] __asan_report_load1_noabort+0x20/0x30 [ 17.059821] kmem_cache_oob+0x344/0x430 [ 17.059983] kunit_try_run_case+0x170/0x3f0 [ 17.060180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.060267] kthread+0x328/0x630 [ 17.060726] ret_from_fork+0x10/0x20 [ 17.060923] [ 17.061062] Allocated by task 207: [ 17.061196] kasan_save_stack+0x3c/0x68 [ 17.061359] kasan_save_track+0x20/0x40 [ 17.061403] kasan_save_alloc_info+0x40/0x58 [ 17.061465] __kasan_slab_alloc+0xa8/0xb0 [ 17.061697] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.062003] kmem_cache_oob+0x12c/0x430 [ 17.062174] kunit_try_run_case+0x170/0x3f0 [ 17.062252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.062363] kthread+0x328/0x630 [ 17.062397] ret_from_fork+0x10/0x20 [ 17.062769] [ 17.062877] The buggy address belongs to the object at fff00000c78c9000 [ 17.062877] which belongs to the cache test_cache of size 200 [ 17.062982] The buggy address is located 0 bytes to the right of [ 17.062982] allocated 200-byte region [fff00000c78c9000, fff00000c78c90c8) [ 17.063168] [ 17.063312] The buggy address belongs to the physical page: [ 17.063363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c9 [ 17.063564] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.063682] page_type: f5(slab) [ 17.063855] raw: 0bfffe0000000000 fff00000c3e56500 dead000000000122 0000000000000000 [ 17.064043] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.064196] page dumped because: kasan: bad access detected [ 17.064315] [ 17.064334] Memory state around the buggy address: [ 17.064380] fff00000c78c8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.064670] fff00000c78c9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.064943] >fff00000c78c9080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.065051] ^ [ 17.065147] fff00000c78c9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065453] fff00000c78c9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.065728] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.006840] ================================================================== [ 17.006980] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.007066] Read of size 8 at addr fff00000c7859e00 by task kunit_try_catch/200 [ 17.007118] [ 17.007292] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.007510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.007599] Hardware name: linux,dummy-virt (DT) [ 17.007673] Call trace: [ 17.007804] show_stack+0x20/0x38 (C) [ 17.007874] dump_stack_lvl+0x8c/0xd0 [ 17.007925] print_report+0x118/0x5d0 [ 17.007978] kasan_report+0xdc/0x128 [ 17.008022] __asan_report_load8_noabort+0x20/0x30 [ 17.008361] workqueue_uaf+0x480/0x4a8 [ 17.008528] kunit_try_run_case+0x170/0x3f0 [ 17.008792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.008910] kthread+0x328/0x630 [ 17.009265] ret_from_fork+0x10/0x20 [ 17.009570] [ 17.009733] Allocated by task 200: [ 17.009846] kasan_save_stack+0x3c/0x68 [ 17.010288] kasan_save_track+0x20/0x40 [ 17.010484] kasan_save_alloc_info+0x40/0x58 [ 17.010540] __kasan_kmalloc+0xd4/0xd8 [ 17.010579] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.010619] workqueue_uaf+0x13c/0x4a8 [ 17.010665] kunit_try_run_case+0x170/0x3f0 [ 17.010703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.010746] kthread+0x328/0x630 [ 17.010790] ret_from_fork+0x10/0x20 [ 17.010828] [ 17.010858] Freed by task 48: [ 17.010914] kasan_save_stack+0x3c/0x68 [ 17.010954] kasan_save_track+0x20/0x40 [ 17.010998] kasan_save_free_info+0x4c/0x78 [ 17.011036] __kasan_slab_free+0x6c/0x98 [ 17.011077] kfree+0x214/0x3c8 [ 17.011110] workqueue_uaf_work+0x18/0x30 [ 17.011161] process_one_work+0x530/0xf98 [ 17.011197] worker_thread+0x618/0xf38 [ 17.011239] kthread+0x328/0x630 [ 17.011271] ret_from_fork+0x10/0x20 [ 17.011308] [ 17.011329] Last potentially related work creation: [ 17.011355] kasan_save_stack+0x3c/0x68 [ 17.011392] kasan_record_aux_stack+0xb4/0xc8 [ 17.011432] __queue_work+0x65c/0x1008 [ 17.011468] queue_work_on+0xbc/0xf8 [ 17.011516] workqueue_uaf+0x210/0x4a8 [ 17.011554] kunit_try_run_case+0x170/0x3f0 [ 17.011596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.011660] kthread+0x328/0x630 [ 17.011693] ret_from_fork+0x10/0x20 [ 17.011729] [ 17.012045] The buggy address belongs to the object at fff00000c7859e00 [ 17.012045] which belongs to the cache kmalloc-32 of size 32 [ 17.012168] The buggy address is located 0 bytes inside of [ 17.012168] freed 32-byte region [fff00000c7859e00, fff00000c7859e20) [ 17.012229] [ 17.012252] The buggy address belongs to the physical page: [ 17.012677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107859 [ 17.012771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.013030] page_type: f5(slab) [ 17.013113] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.013322] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.013485] page dumped because: kasan: bad access detected [ 17.013793] [ 17.013816] Memory state around the buggy address: [ 17.014150] fff00000c7859d00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.014263] fff00000c7859d80: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.014479] >fff00000c7859e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.014687] ^ [ 17.014718] fff00000c7859e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.014787] fff00000c7859f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.015037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 16.968800] ================================================================== [ 16.969557] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 16.969648] Read of size 4 at addr fff00000c7859c00 by task swapper/1/0 [ 16.969696] [ 16.969858] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.969964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.969990] Hardware name: linux,dummy-virt (DT) [ 16.970156] Call trace: [ 16.970534] show_stack+0x20/0x38 (C) [ 16.970632] dump_stack_lvl+0x8c/0xd0 [ 16.970939] print_report+0x118/0x5d0 [ 16.971007] kasan_report+0xdc/0x128 [ 16.971079] __asan_report_load4_noabort+0x20/0x30 [ 16.971266] rcu_uaf_reclaim+0x64/0x70 [ 16.971533] rcu_core+0x9f4/0x1e20 [ 16.971605] rcu_core_si+0x18/0x30 [ 16.971649] handle_softirqs+0x374/0xb28 [ 16.971994] __do_softirq+0x1c/0x28 [ 16.972060] ____do_softirq+0x18/0x30 [ 16.972284] call_on_irq_stack+0x24/0x30 [ 16.972577] do_softirq_own_stack+0x24/0x38 [ 16.972732] __irq_exit_rcu+0x1fc/0x318 [ 16.972947] irq_exit_rcu+0x1c/0x80 [ 16.973072] el1_interrupt+0x38/0x58 [ 16.973252] el1h_64_irq_handler+0x18/0x28 [ 16.973364] el1h_64_irq+0x6c/0x70 [ 16.973486] finish_task_switch.isra.0+0x120/0x5e8 (P) [ 16.973542] __schedule+0xab4/0x2840 [ 16.973604] schedule_idle+0x60/0xa8 [ 16.973668] do_idle+0x2c4/0x4e8 [ 16.973711] cpu_startup_entry+0x68/0x80 [ 16.973757] secondary_start_kernel+0x288/0x340 [ 16.973803] __secondary_switched+0xc0/0xc8 [ 16.973856] [ 16.973887] Allocated by task 198: [ 16.974141] kasan_save_stack+0x3c/0x68 [ 16.974592] kasan_save_track+0x20/0x40 [ 16.974663] kasan_save_alloc_info+0x40/0x58 [ 16.974740] __kasan_kmalloc+0xd4/0xd8 [ 16.974961] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.975187] rcu_uaf+0xb0/0x2d8 [ 16.975425] kunit_try_run_case+0x170/0x3f0 [ 16.975606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.975755] kthread+0x328/0x630 [ 16.975977] ret_from_fork+0x10/0x20 [ 16.976197] [ 16.976223] Freed by task 0: [ 16.976251] kasan_save_stack+0x3c/0x68 [ 16.976295] kasan_save_track+0x20/0x40 [ 16.976340] kasan_save_free_info+0x4c/0x78 [ 16.976811] __kasan_slab_free+0x6c/0x98 [ 16.977373] kfree+0x214/0x3c8 [ 16.977601] rcu_uaf_reclaim+0x28/0x70 [ 16.977695] rcu_core+0x9f4/0x1e20 [ 16.977921] rcu_core_si+0x18/0x30 [ 16.978074] handle_softirqs+0x374/0xb28 [ 16.978258] __do_softirq+0x1c/0x28 [ 16.978297] [ 16.978395] Last potentially related work creation: [ 16.978609] kasan_save_stack+0x3c/0x68 [ 16.979079] kasan_record_aux_stack+0xb4/0xc8 [ 16.979227] __call_rcu_common.constprop.0+0x74/0x8c8 [ 16.979321] call_rcu+0x18/0x30 [ 16.979702] rcu_uaf+0x14c/0x2d8 [ 16.979917] kunit_try_run_case+0x170/0x3f0 [ 16.980198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.980272] kthread+0x328/0x630 [ 16.980305] ret_from_fork+0x10/0x20 [ 16.980716] [ 16.981009] The buggy address belongs to the object at fff00000c7859c00 [ 16.981009] which belongs to the cache kmalloc-32 of size 32 [ 16.981172] The buggy address is located 0 bytes inside of [ 16.981172] freed 32-byte region [fff00000c7859c00, fff00000c7859c20) [ 16.981303] [ 16.981327] The buggy address belongs to the physical page: [ 16.981679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107859 [ 16.981840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.982015] page_type: f5(slab) [ 16.982242] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.982737] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.982880] page dumped because: kasan: bad access detected [ 16.982963] [ 16.983332] Memory state around the buggy address: [ 16.983588] fff00000c7859b00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.983644] fff00000c7859b80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 16.983770] >fff00000c7859c00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 16.983810] ^ [ 16.983974] fff00000c7859c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.984223] fff00000c7859d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.984327] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.879455] ================================================================== [ 16.879616] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.879679] Read of size 1 at addr fff00000c6691a00 by task kunit_try_catch/196 [ 16.879730] [ 16.879989] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.880306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.880591] Hardware name: linux,dummy-virt (DT) [ 16.880688] Call trace: [ 16.880788] show_stack+0x20/0x38 (C) [ 16.880891] dump_stack_lvl+0x8c/0xd0 [ 16.881074] print_report+0x118/0x5d0 [ 16.881154] kasan_report+0xdc/0x128 [ 16.881344] __asan_report_load1_noabort+0x20/0x30 [ 16.881404] ksize_uaf+0x598/0x5f8 [ 16.881463] kunit_try_run_case+0x170/0x3f0 [ 16.881511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.881562] kthread+0x328/0x630 [ 16.881605] ret_from_fork+0x10/0x20 [ 16.881651] [ 16.881669] Allocated by task 196: [ 16.881697] kasan_save_stack+0x3c/0x68 [ 16.881737] kasan_save_track+0x20/0x40 [ 16.881774] kasan_save_alloc_info+0x40/0x58 [ 16.881824] __kasan_kmalloc+0xd4/0xd8 [ 16.881881] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.881921] ksize_uaf+0xb8/0x5f8 [ 16.881961] kunit_try_run_case+0x170/0x3f0 [ 16.881999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.882041] kthread+0x328/0x630 [ 16.882073] ret_from_fork+0x10/0x20 [ 16.882107] [ 16.882125] Freed by task 196: [ 16.882159] kasan_save_stack+0x3c/0x68 [ 16.882195] kasan_save_track+0x20/0x40 [ 16.882233] kasan_save_free_info+0x4c/0x78 [ 16.882286] __kasan_slab_free+0x6c/0x98 [ 16.882324] kfree+0x214/0x3c8 [ 16.882356] ksize_uaf+0x11c/0x5f8 [ 16.882389] kunit_try_run_case+0x170/0x3f0 [ 16.882427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.882470] kthread+0x328/0x630 [ 16.882511] ret_from_fork+0x10/0x20 [ 16.882556] [ 16.882576] The buggy address belongs to the object at fff00000c6691a00 [ 16.882576] which belongs to the cache kmalloc-128 of size 128 [ 16.882644] The buggy address is located 0 bytes inside of [ 16.882644] freed 128-byte region [fff00000c6691a00, fff00000c6691a80) [ 16.882705] [ 16.882735] The buggy address belongs to the physical page: [ 16.882767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.882834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.883150] page_type: f5(slab) [ 16.883225] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.884068] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.884163] page dumped because: kasan: bad access detected [ 16.884242] [ 16.884298] Memory state around the buggy address: [ 16.884449] fff00000c6691900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.884763] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885202] >fff00000c6691a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.885900] ^ [ 16.886273] fff00000c6691a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886653] fff00000c6691b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.886769] ================================================================== [ 16.865295] ================================================================== [ 16.865366] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.865426] Read of size 1 at addr fff00000c6691a00 by task kunit_try_catch/196 [ 16.865938] [ 16.866013] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.866424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.866451] Hardware name: linux,dummy-virt (DT) [ 16.866601] Call trace: [ 16.866638] show_stack+0x20/0x38 (C) [ 16.866691] dump_stack_lvl+0x8c/0xd0 [ 16.866841] print_report+0x118/0x5d0 [ 16.866925] kasan_report+0xdc/0x128 [ 16.867296] __kasan_check_byte+0x54/0x70 [ 16.867363] ksize+0x30/0x88 [ 16.867408] ksize_uaf+0x168/0x5f8 [ 16.867560] kunit_try_run_case+0x170/0x3f0 [ 16.867622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.867768] kthread+0x328/0x630 [ 16.867856] ret_from_fork+0x10/0x20 [ 16.867961] [ 16.867980] Allocated by task 196: [ 16.868469] kasan_save_stack+0x3c/0x68 [ 16.868582] kasan_save_track+0x20/0x40 [ 16.868735] kasan_save_alloc_info+0x40/0x58 [ 16.868930] __kasan_kmalloc+0xd4/0xd8 [ 16.869000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.869059] ksize_uaf+0xb8/0x5f8 [ 16.869365] kunit_try_run_case+0x170/0x3f0 [ 16.870111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.870191] kthread+0x328/0x630 [ 16.870257] ret_from_fork+0x10/0x20 [ 16.870331] [ 16.870392] Freed by task 196: [ 16.870938] kasan_save_stack+0x3c/0x68 [ 16.871245] kasan_save_track+0x20/0x40 [ 16.871725] kasan_save_free_info+0x4c/0x78 [ 16.871846] __kasan_slab_free+0x6c/0x98 [ 16.872140] kfree+0x214/0x3c8 [ 16.872290] ksize_uaf+0x11c/0x5f8 [ 16.872420] kunit_try_run_case+0x170/0x3f0 [ 16.872615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.872873] kthread+0x328/0x630 [ 16.872990] ret_from_fork+0x10/0x20 [ 16.873153] [ 16.873287] The buggy address belongs to the object at fff00000c6691a00 [ 16.873287] which belongs to the cache kmalloc-128 of size 128 [ 16.873532] The buggy address is located 0 bytes inside of [ 16.873532] freed 128-byte region [fff00000c6691a00, fff00000c6691a80) [ 16.873648] [ 16.873671] The buggy address belongs to the physical page: [ 16.874066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.874261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.874544] page_type: f5(slab) [ 16.874726] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.874847] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.874931] page dumped because: kasan: bad access detected [ 16.875233] [ 16.875268] Memory state around the buggy address: [ 16.875307] fff00000c6691900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.875681] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875799] >fff00000c6691a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.875853] ^ [ 16.875900] fff00000c6691a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876251] fff00000c6691b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876350] ================================================================== [ 16.889191] ================================================================== [ 16.889249] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.889473] Read of size 1 at addr fff00000c6691a78 by task kunit_try_catch/196 [ 16.889676] [ 16.889719] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.889911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.890105] Hardware name: linux,dummy-virt (DT) [ 16.890310] Call trace: [ 16.890350] show_stack+0x20/0x38 (C) [ 16.890452] dump_stack_lvl+0x8c/0xd0 [ 16.890503] print_report+0x118/0x5d0 [ 16.890549] kasan_report+0xdc/0x128 [ 16.890592] __asan_report_load1_noabort+0x20/0x30 [ 16.890693] ksize_uaf+0x544/0x5f8 [ 16.890736] kunit_try_run_case+0x170/0x3f0 [ 16.890798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.891182] kthread+0x328/0x630 [ 16.891276] ret_from_fork+0x10/0x20 [ 16.891532] [ 16.891599] Allocated by task 196: [ 16.891648] kasan_save_stack+0x3c/0x68 [ 16.891702] kasan_save_track+0x20/0x40 [ 16.891739] kasan_save_alloc_info+0x40/0x58 [ 16.892348] __kasan_kmalloc+0xd4/0xd8 [ 16.892451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.892551] ksize_uaf+0xb8/0x5f8 [ 16.892621] kunit_try_run_case+0x170/0x3f0 [ 16.892747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.892813] kthread+0x328/0x630 [ 16.892951] ret_from_fork+0x10/0x20 [ 16.893199] [ 16.893363] Freed by task 196: [ 16.893528] kasan_save_stack+0x3c/0x68 [ 16.893634] kasan_save_track+0x20/0x40 [ 16.893807] kasan_save_free_info+0x4c/0x78 [ 16.893896] __kasan_slab_free+0x6c/0x98 [ 16.894061] kfree+0x214/0x3c8 [ 16.894300] ksize_uaf+0x11c/0x5f8 [ 16.894433] kunit_try_run_case+0x170/0x3f0 [ 16.895141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.897668] kthread+0x328/0x630 [ 16.897720] ret_from_fork+0x10/0x20 [ 16.897759] [ 16.897781] The buggy address belongs to the object at fff00000c6691a00 [ 16.897781] which belongs to the cache kmalloc-128 of size 128 [ 16.897841] The buggy address is located 120 bytes inside of [ 16.897841] freed 128-byte region [fff00000c6691a00, fff00000c6691a80) [ 16.897919] [ 16.897943] The buggy address belongs to the physical page: [ 16.897975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.898032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.898083] page_type: f5(slab) [ 16.898123] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.898172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.898212] page dumped because: kasan: bad access detected [ 16.898243] [ 16.898263] Memory state around the buggy address: [ 16.898295] fff00000c6691900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.898338] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898381] >fff00000c6691a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.898416] ^ [ 16.898456] fff00000c6691a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898497] fff00000c6691b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.898535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.849976] ================================================================== [ 16.850038] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.850091] Read of size 1 at addr fff00000c669197f by task kunit_try_catch/194 [ 16.850460] [ 16.850509] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.850743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850881] Hardware name: linux,dummy-virt (DT) [ 16.850917] Call trace: [ 16.850941] show_stack+0x20/0x38 (C) [ 16.851117] dump_stack_lvl+0x8c/0xd0 [ 16.851339] print_report+0x118/0x5d0 [ 16.851400] kasan_report+0xdc/0x128 [ 16.851494] __asan_report_load1_noabort+0x20/0x30 [ 16.851548] ksize_unpoisons_memory+0x690/0x740 [ 16.851621] kunit_try_run_case+0x170/0x3f0 [ 16.851948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.852083] kthread+0x328/0x630 [ 16.852190] ret_from_fork+0x10/0x20 [ 16.852244] [ 16.852262] Allocated by task 194: [ 16.852290] kasan_save_stack+0x3c/0x68 [ 16.852560] kasan_save_track+0x20/0x40 [ 16.852983] kasan_save_alloc_info+0x40/0x58 [ 16.853119] __kasan_kmalloc+0xd4/0xd8 [ 16.853233] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.853320] ksize_unpoisons_memory+0xc0/0x740 [ 16.853360] kunit_try_run_case+0x170/0x3f0 [ 16.853806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853976] kthread+0x328/0x630 [ 16.854129] ret_from_fork+0x10/0x20 [ 16.854212] [ 16.854302] The buggy address belongs to the object at fff00000c6691900 [ 16.854302] which belongs to the cache kmalloc-128 of size 128 [ 16.854560] The buggy address is located 12 bytes to the right of [ 16.854560] allocated 115-byte region [fff00000c6691900, fff00000c6691973) [ 16.855017] [ 16.855090] The buggy address belongs to the physical page: [ 16.855182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.855273] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.855324] page_type: f5(slab) [ 16.855373] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.855424] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.855461] page dumped because: kasan: bad access detected [ 16.855492] [ 16.855511] Memory state around the buggy address: [ 16.855547] fff00000c6691800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.855604] fff00000c6691880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855657] >fff00000c6691900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.855696] ^ [ 16.855737] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.856316] fff00000c6691a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.856372] ================================================================== [ 16.841341] ================================================================== [ 16.841423] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.841478] Read of size 1 at addr fff00000c6691978 by task kunit_try_catch/194 [ 16.841854] [ 16.841944] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.842094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.842135] Hardware name: linux,dummy-virt (DT) [ 16.842167] Call trace: [ 16.842217] show_stack+0x20/0x38 (C) [ 16.842577] dump_stack_lvl+0x8c/0xd0 [ 16.842877] print_report+0x118/0x5d0 [ 16.843099] kasan_report+0xdc/0x128 [ 16.843200] __asan_report_load1_noabort+0x20/0x30 [ 16.843469] ksize_unpoisons_memory+0x618/0x740 [ 16.843675] kunit_try_run_case+0x170/0x3f0 [ 16.843951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.844251] kthread+0x328/0x630 [ 16.844383] ret_from_fork+0x10/0x20 [ 16.844439] [ 16.844467] Allocated by task 194: [ 16.844494] kasan_save_stack+0x3c/0x68 [ 16.844537] kasan_save_track+0x20/0x40 [ 16.844575] kasan_save_alloc_info+0x40/0x58 [ 16.844613] __kasan_kmalloc+0xd4/0xd8 [ 16.844659] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.844714] ksize_unpoisons_memory+0xc0/0x740 [ 16.844752] kunit_try_run_case+0x170/0x3f0 [ 16.844790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.844842] kthread+0x328/0x630 [ 16.844897] ret_from_fork+0x10/0x20 [ 16.844934] [ 16.844952] The buggy address belongs to the object at fff00000c6691900 [ 16.844952] which belongs to the cache kmalloc-128 of size 128 [ 16.845009] The buggy address is located 5 bytes to the right of [ 16.845009] allocated 115-byte region [fff00000c6691900, fff00000c6691973) [ 16.845082] [ 16.845102] The buggy address belongs to the physical page: [ 16.845151] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.845204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.845253] page_type: f5(slab) [ 16.845290] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.845356] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.845396] page dumped because: kasan: bad access detected [ 16.845435] [ 16.845456] Memory state around the buggy address: [ 16.845495] fff00000c6691800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.845548] fff00000c6691880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845600] >fff00000c6691900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.845639] ^ [ 16.845695] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845738] fff00000c6691a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845791] ================================================================== [ 16.831240] ================================================================== [ 16.831311] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.831817] Read of size 1 at addr fff00000c6691973 by task kunit_try_catch/194 [ 16.832368] [ 16.832788] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.833099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.833159] Hardware name: linux,dummy-virt (DT) [ 16.833194] Call trace: [ 16.833219] show_stack+0x20/0x38 (C) [ 16.833426] dump_stack_lvl+0x8c/0xd0 [ 16.833950] print_report+0x118/0x5d0 [ 16.834054] kasan_report+0xdc/0x128 [ 16.834105] __asan_report_load1_noabort+0x20/0x30 [ 16.834315] ksize_unpoisons_memory+0x628/0x740 [ 16.834474] kunit_try_run_case+0x170/0x3f0 [ 16.835046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.835206] kthread+0x328/0x630 [ 16.835369] ret_from_fork+0x10/0x20 [ 16.835557] [ 16.835632] Allocated by task 194: [ 16.835681] kasan_save_stack+0x3c/0x68 [ 16.835882] kasan_save_track+0x20/0x40 [ 16.836077] kasan_save_alloc_info+0x40/0x58 [ 16.836194] __kasan_kmalloc+0xd4/0xd8 [ 16.836235] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.836274] ksize_unpoisons_memory+0xc0/0x740 [ 16.836339] kunit_try_run_case+0x170/0x3f0 [ 16.836537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.836830] kthread+0x328/0x630 [ 16.836895] ret_from_fork+0x10/0x20 [ 16.837092] [ 16.837218] The buggy address belongs to the object at fff00000c6691900 [ 16.837218] which belongs to the cache kmalloc-128 of size 128 [ 16.837613] The buggy address is located 0 bytes to the right of [ 16.837613] allocated 115-byte region [fff00000c6691900, fff00000c6691973) [ 16.837872] [ 16.837910] The buggy address belongs to the physical page: [ 16.838111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.838204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.838371] page_type: f5(slab) [ 16.838416] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.838601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.838656] page dumped because: kasan: bad access detected [ 16.838685] [ 16.838703] Memory state around the buggy address: [ 16.838747] fff00000c6691800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.838791] fff00000c6691880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838844] >fff00000c6691900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.838912] ^ [ 16.838960] fff00000c6691980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839001] fff00000c6691a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.813351] ================================================================== [ 16.813492] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.813782] Free of addr fff00000c3e55180 by task kunit_try_catch/192 [ 16.813834] [ 16.813914] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.813998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.814050] Hardware name: linux,dummy-virt (DT) [ 16.814088] Call trace: [ 16.814112] show_stack+0x20/0x38 (C) [ 16.814190] dump_stack_lvl+0x8c/0xd0 [ 16.814239] print_report+0x118/0x5d0 [ 16.814284] kasan_report_invalid_free+0xc0/0xe8 [ 16.814337] check_slab_allocation+0xd4/0x108 [ 16.814515] __kasan_slab_pre_free+0x2c/0x48 [ 16.814567] kfree+0xe8/0x3c8 [ 16.814752] kfree_sensitive+0x3c/0xb0 [ 16.814844] kmalloc_double_kzfree+0x168/0x308 [ 16.814939] kunit_try_run_case+0x170/0x3f0 [ 16.814987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815041] kthread+0x328/0x630 [ 16.815147] ret_from_fork+0x10/0x20 [ 16.815197] [ 16.815273] Allocated by task 192: [ 16.815323] kasan_save_stack+0x3c/0x68 [ 16.815366] kasan_save_track+0x20/0x40 [ 16.815404] kasan_save_alloc_info+0x40/0x58 [ 16.815444] __kasan_kmalloc+0xd4/0xd8 [ 16.815479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.815527] kmalloc_double_kzfree+0xb8/0x308 [ 16.815565] kunit_try_run_case+0x170/0x3f0 [ 16.815603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815655] kthread+0x328/0x630 [ 16.815686] ret_from_fork+0x10/0x20 [ 16.815727] [ 16.815792] Freed by task 192: [ 16.815819] kasan_save_stack+0x3c/0x68 [ 16.816148] kasan_save_track+0x20/0x40 [ 16.816218] kasan_save_free_info+0x4c/0x78 [ 16.816257] __kasan_slab_free+0x6c/0x98 [ 16.816293] kfree+0x214/0x3c8 [ 16.816327] kfree_sensitive+0x80/0xb0 [ 16.816362] kmalloc_double_kzfree+0x11c/0x308 [ 16.816588] kunit_try_run_case+0x170/0x3f0 [ 16.816676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.816821] kthread+0x328/0x630 [ 16.816959] ret_from_fork+0x10/0x20 [ 16.817066] [ 16.817197] The buggy address belongs to the object at fff00000c3e55180 [ 16.817197] which belongs to the cache kmalloc-16 of size 16 [ 16.817312] The buggy address is located 0 bytes inside of [ 16.817312] 16-byte region [fff00000c3e55180, fff00000c3e55190) [ 16.817460] [ 16.817510] The buggy address belongs to the physical page: [ 16.817543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.817835] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.818026] page_type: f5(slab) [ 16.818133] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.818419] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.818576] page dumped because: kasan: bad access detected [ 16.818655] [ 16.818721] Memory state around the buggy address: [ 16.818828] fff00000c3e55080: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.818986] fff00000c3e55100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.819071] >fff00000c3e55180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819254] ^ [ 16.819477] fff00000c3e55200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819545] fff00000c3e55280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819587] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.805818] ================================================================== [ 16.805918] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.805989] Read of size 1 at addr fff00000c3e55180 by task kunit_try_catch/192 [ 16.806068] [ 16.806127] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.806356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.806528] Hardware name: linux,dummy-virt (DT) [ 16.806571] Call trace: [ 16.806600] show_stack+0x20/0x38 (C) [ 16.806653] dump_stack_lvl+0x8c/0xd0 [ 16.806728] print_report+0x118/0x5d0 [ 16.806793] kasan_report+0xdc/0x128 [ 16.806853] __kasan_check_byte+0x54/0x70 [ 16.806914] kfree_sensitive+0x30/0xb0 [ 16.806959] kmalloc_double_kzfree+0x168/0x308 [ 16.807045] kunit_try_run_case+0x170/0x3f0 [ 16.807092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.807149] kthread+0x328/0x630 [ 16.807191] ret_from_fork+0x10/0x20 [ 16.807247] [ 16.807265] Allocated by task 192: [ 16.807334] kasan_save_stack+0x3c/0x68 [ 16.807380] kasan_save_track+0x20/0x40 [ 16.807416] kasan_save_alloc_info+0x40/0x58 [ 16.807595] __kasan_kmalloc+0xd4/0xd8 [ 16.807665] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.807707] kmalloc_double_kzfree+0xb8/0x308 [ 16.807816] kunit_try_run_case+0x170/0x3f0 [ 16.807855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.807909] kthread+0x328/0x630 [ 16.808135] ret_from_fork+0x10/0x20 [ 16.808273] [ 16.808331] Freed by task 192: [ 16.808358] kasan_save_stack+0x3c/0x68 [ 16.808395] kasan_save_track+0x20/0x40 [ 16.808456] kasan_save_free_info+0x4c/0x78 [ 16.808499] __kasan_slab_free+0x6c/0x98 [ 16.808680] kfree+0x214/0x3c8 [ 16.808833] kfree_sensitive+0x80/0xb0 [ 16.808886] kmalloc_double_kzfree+0x11c/0x308 [ 16.808963] kunit_try_run_case+0x170/0x3f0 [ 16.809214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.809333] kthread+0x328/0x630 [ 16.809463] ret_from_fork+0x10/0x20 [ 16.809599] [ 16.809736] The buggy address belongs to the object at fff00000c3e55180 [ 16.809736] which belongs to the cache kmalloc-16 of size 16 [ 16.809824] The buggy address is located 0 bytes inside of [ 16.809824] freed 16-byte region [fff00000c3e55180, fff00000c3e55190) [ 16.809957] [ 16.810023] The buggy address belongs to the physical page: [ 16.810361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.810560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.810704] page_type: f5(slab) [ 16.810777] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.810826] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.811174] page dumped because: kasan: bad access detected [ 16.811297] [ 16.811365] Memory state around the buggy address: [ 16.811428] fff00000c3e55080: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.811508] fff00000c3e55100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.811582] >fff00000c3e55180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811648] ^ [ 16.811736] fff00000c3e55200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811815] fff00000c3e55280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.812039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.782976] ================================================================== [ 16.783046] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.783104] Read of size 1 at addr fff00000c7848f28 by task kunit_try_catch/188 [ 16.783373] [ 16.783449] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.783536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.783564] Hardware name: linux,dummy-virt (DT) [ 16.783603] Call trace: [ 16.783653] show_stack+0x20/0x38 (C) [ 16.783767] dump_stack_lvl+0x8c/0xd0 [ 16.783852] print_report+0x118/0x5d0 [ 16.784017] kasan_report+0xdc/0x128 [ 16.784095] __asan_report_load1_noabort+0x20/0x30 [ 16.784159] kmalloc_uaf2+0x3f4/0x468 [ 16.784321] kunit_try_run_case+0x170/0x3f0 [ 16.784370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.784423] kthread+0x328/0x630 [ 16.784464] ret_from_fork+0x10/0x20 [ 16.785033] [ 16.785107] Allocated by task 188: [ 16.785174] kasan_save_stack+0x3c/0x68 [ 16.785325] kasan_save_track+0x20/0x40 [ 16.785527] kasan_save_alloc_info+0x40/0x58 [ 16.785597] __kasan_kmalloc+0xd4/0xd8 [ 16.785729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.785770] kmalloc_uaf2+0xc4/0x468 [ 16.785991] kunit_try_run_case+0x170/0x3f0 [ 16.786193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.786343] kthread+0x328/0x630 [ 16.786478] ret_from_fork+0x10/0x20 [ 16.786636] [ 16.786712] Freed by task 188: [ 16.786845] kasan_save_stack+0x3c/0x68 [ 16.786970] kasan_save_track+0x20/0x40 [ 16.787026] kasan_save_free_info+0x4c/0x78 [ 16.787321] __kasan_slab_free+0x6c/0x98 [ 16.787463] kfree+0x214/0x3c8 [ 16.787622] kmalloc_uaf2+0x134/0x468 [ 16.787724] kunit_try_run_case+0x170/0x3f0 [ 16.788178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.788336] kthread+0x328/0x630 [ 16.788408] ret_from_fork+0x10/0x20 [ 16.788445] [ 16.788466] The buggy address belongs to the object at fff00000c7848f00 [ 16.788466] which belongs to the cache kmalloc-64 of size 64 [ 16.788528] The buggy address is located 40 bytes inside of [ 16.788528] freed 64-byte region [fff00000c7848f00, fff00000c7848f40) [ 16.788823] [ 16.789002] The buggy address belongs to the physical page: [ 16.789147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 16.789250] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.789398] page_type: f5(slab) [ 16.789554] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.789643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.789684] page dumped because: kasan: bad access detected [ 16.789979] [ 16.790017] Memory state around the buggy address: [ 16.790051] fff00000c7848e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.790425] fff00000c7848e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.790531] >fff00000c7848f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.790645] ^ [ 16.790782] fff00000c7848f80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.790910] fff00000c7849000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.790978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.769978] ================================================================== [ 16.770052] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.770180] Write of size 33 at addr fff00000c7848d80 by task kunit_try_catch/186 [ 16.770233] [ 16.770335] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.770442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.770469] Hardware name: linux,dummy-virt (DT) [ 16.770507] Call trace: [ 16.770536] show_stack+0x20/0x38 (C) [ 16.770587] dump_stack_lvl+0x8c/0xd0 [ 16.770637] print_report+0x118/0x5d0 [ 16.770931] kasan_report+0xdc/0x128 [ 16.771065] kasan_check_range+0x100/0x1a8 [ 16.771120] __asan_memset+0x34/0x78 [ 16.771164] kmalloc_uaf_memset+0x170/0x310 [ 16.771253] kunit_try_run_case+0x170/0x3f0 [ 16.771303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.771361] kthread+0x328/0x630 [ 16.771404] ret_from_fork+0x10/0x20 [ 16.771453] [ 16.771476] Allocated by task 186: [ 16.771566] kasan_save_stack+0x3c/0x68 [ 16.771623] kasan_save_track+0x20/0x40 [ 16.771699] kasan_save_alloc_info+0x40/0x58 [ 16.771869] __kasan_kmalloc+0xd4/0xd8 [ 16.771908] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.771964] kmalloc_uaf_memset+0xb8/0x310 [ 16.771999] kunit_try_run_case+0x170/0x3f0 [ 16.772189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.772333] kthread+0x328/0x630 [ 16.772555] ret_from_fork+0x10/0x20 [ 16.772702] [ 16.772819] Freed by task 186: [ 16.772948] kasan_save_stack+0x3c/0x68 [ 16.773114] kasan_save_track+0x20/0x40 [ 16.773199] kasan_save_free_info+0x4c/0x78 [ 16.773326] __kasan_slab_free+0x6c/0x98 [ 16.773381] kfree+0x214/0x3c8 [ 16.773452] kmalloc_uaf_memset+0x11c/0x310 [ 16.773852] kunit_try_run_case+0x170/0x3f0 [ 16.774061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.774175] kthread+0x328/0x630 [ 16.774393] ret_from_fork+0x10/0x20 [ 16.774554] [ 16.774650] The buggy address belongs to the object at fff00000c7848d80 [ 16.774650] which belongs to the cache kmalloc-64 of size 64 [ 16.774712] The buggy address is located 0 bytes inside of [ 16.774712] freed 64-byte region [fff00000c7848d80, fff00000c7848dc0) [ 16.774936] [ 16.775225] The buggy address belongs to the physical page: [ 16.775327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 16.775441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.775615] page_type: f5(slab) [ 16.775717] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.775926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.775968] page dumped because: kasan: bad access detected [ 16.775999] [ 16.776035] Memory state around the buggy address: [ 16.776067] fff00000c7848c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.776110] fff00000c7848d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.776155] >fff00000c7848d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.776195] ^ [ 16.776491] fff00000c7848e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776554] fff00000c7848e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.757251] ================================================================== [ 16.757348] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.757411] Read of size 1 at addr fff00000c3e55168 by task kunit_try_catch/184 [ 16.757458] [ 16.757497] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.757579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.757616] Hardware name: linux,dummy-virt (DT) [ 16.757648] Call trace: [ 16.757682] show_stack+0x20/0x38 (C) [ 16.757730] dump_stack_lvl+0x8c/0xd0 [ 16.757779] print_report+0x118/0x5d0 [ 16.757833] kasan_report+0xdc/0x128 [ 16.757890] __asan_report_load1_noabort+0x20/0x30 [ 16.757941] kmalloc_uaf+0x300/0x338 [ 16.757983] kunit_try_run_case+0x170/0x3f0 [ 16.758031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.758080] kthread+0x328/0x630 [ 16.758122] ret_from_fork+0x10/0x20 [ 16.758169] [ 16.758188] Allocated by task 184: [ 16.758223] kasan_save_stack+0x3c/0x68 [ 16.758272] kasan_save_track+0x20/0x40 [ 16.758310] kasan_save_alloc_info+0x40/0x58 [ 16.758350] __kasan_kmalloc+0xd4/0xd8 [ 16.758386] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.758436] kmalloc_uaf+0xb8/0x338 [ 16.758474] kunit_try_run_case+0x170/0x3f0 [ 16.758510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.758561] kthread+0x328/0x630 [ 16.758594] ret_from_fork+0x10/0x20 [ 16.758628] [ 16.758648] Freed by task 184: [ 16.758672] kasan_save_stack+0x3c/0x68 [ 16.758709] kasan_save_track+0x20/0x40 [ 16.758744] kasan_save_free_info+0x4c/0x78 [ 16.758799] __kasan_slab_free+0x6c/0x98 [ 16.758836] kfree+0x214/0x3c8 [ 16.758877] kmalloc_uaf+0x11c/0x338 [ 16.758912] kunit_try_run_case+0x170/0x3f0 [ 16.758948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.759248] kthread+0x328/0x630 [ 16.759427] ret_from_fork+0x10/0x20 [ 16.759618] [ 16.759645] The buggy address belongs to the object at fff00000c3e55160 [ 16.759645] which belongs to the cache kmalloc-16 of size 16 [ 16.760065] The buggy address is located 8 bytes inside of [ 16.760065] freed 16-byte region [fff00000c3e55160, fff00000c3e55170) [ 16.760316] [ 16.760372] The buggy address belongs to the physical page: [ 16.760447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.760551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.760664] page_type: f5(slab) [ 16.760757] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.760858] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.760913] page dumped because: kasan: bad access detected [ 16.760944] [ 16.760962] Memory state around the buggy address: [ 16.760996] fff00000c3e55000: 00 06 fc fc 00 06 fc fc 00 02 fc fc 00 06 fc fc [ 16.761038] fff00000c3e55080: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.761227] >fff00000c3e55100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.761311] ^ [ 16.761414] fff00000c3e55180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.761492] fff00000c3e55200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.761609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.743466] ================================================================== [ 16.743542] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.743609] Read of size 64 at addr fff00000c7848a04 by task kunit_try_catch/182 [ 16.743660] [ 16.743695] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.743815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.743842] Hardware name: linux,dummy-virt (DT) [ 16.743885] Call trace: [ 16.743908] show_stack+0x20/0x38 (C) [ 16.743958] dump_stack_lvl+0x8c/0xd0 [ 16.744004] print_report+0x118/0x5d0 [ 16.744337] kasan_report+0xdc/0x128 [ 16.744391] kasan_check_range+0x100/0x1a8 [ 16.744500] __asan_memmove+0x3c/0x98 [ 16.744633] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.744744] kunit_try_run_case+0x170/0x3f0 [ 16.744829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.744958] kthread+0x328/0x630 [ 16.745096] ret_from_fork+0x10/0x20 [ 16.745326] [ 16.745462] Allocated by task 182: [ 16.745560] kasan_save_stack+0x3c/0x68 [ 16.745677] kasan_save_track+0x20/0x40 [ 16.745745] kasan_save_alloc_info+0x40/0x58 [ 16.745853] __kasan_kmalloc+0xd4/0xd8 [ 16.745923] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.746174] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.746413] kunit_try_run_case+0x170/0x3f0 [ 16.746530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.746585] kthread+0x328/0x630 [ 16.746616] ret_from_fork+0x10/0x20 [ 16.746653] [ 16.746673] The buggy address belongs to the object at fff00000c7848a00 [ 16.746673] which belongs to the cache kmalloc-64 of size 64 [ 16.746859] The buggy address is located 4 bytes inside of [ 16.746859] allocated 64-byte region [fff00000c7848a00, fff00000c7848a40) [ 16.746976] [ 16.747027] The buggy address belongs to the physical page: [ 16.747102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 16.747232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.747328] page_type: f5(slab) [ 16.747405] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.747455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.747504] page dumped because: kasan: bad access detected [ 16.747535] [ 16.747552] Memory state around the buggy address: [ 16.747766] fff00000c7848900: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.747959] fff00000c7848980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.748028] >fff00000c7848a00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.748198] ^ [ 16.748254] fff00000c7848a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.748315] fff00000c7848b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.748354] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.725836] ================================================================== [ 16.726089] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.726211] Read of size 18446744073709551614 at addr fff00000c7848804 by task kunit_try_catch/180 [ 16.726364] [ 16.726466] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.726552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726901] Hardware name: linux,dummy-virt (DT) [ 16.726954] Call trace: [ 16.726980] show_stack+0x20/0x38 (C) [ 16.727034] dump_stack_lvl+0x8c/0xd0 [ 16.727152] print_report+0x118/0x5d0 [ 16.727272] kasan_report+0xdc/0x128 [ 16.727545] kasan_check_range+0x100/0x1a8 [ 16.727599] __asan_memmove+0x3c/0x98 [ 16.727809] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.728253] kunit_try_run_case+0x170/0x3f0 [ 16.728322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.728373] kthread+0x328/0x630 [ 16.729244] ret_from_fork+0x10/0x20 [ 16.729537] [ 16.729650] Allocated by task 180: [ 16.729822] kasan_save_stack+0x3c/0x68 [ 16.730233] kasan_save_track+0x20/0x40 [ 16.730433] kasan_save_alloc_info+0x40/0x58 [ 16.730653] __kasan_kmalloc+0xd4/0xd8 [ 16.730750] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.731162] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.731497] kunit_try_run_case+0x170/0x3f0 [ 16.731610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.731729] kthread+0x328/0x630 [ 16.731836] ret_from_fork+0x10/0x20 [ 16.732505] [ 16.732581] The buggy address belongs to the object at fff00000c7848800 [ 16.732581] which belongs to the cache kmalloc-64 of size 64 [ 16.732691] The buggy address is located 4 bytes inside of [ 16.732691] 64-byte region [fff00000c7848800, fff00000c7848840) [ 16.732933] [ 16.733074] The buggy address belongs to the physical page: [ 16.733343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 16.733451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.733661] page_type: f5(slab) [ 16.733915] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.734033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.734144] page dumped because: kasan: bad access detected [ 16.734229] [ 16.734357] Memory state around the buggy address: [ 16.734414] fff00000c7848700: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.734810] fff00000c7848780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.734900] >fff00000c7848800: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.735017] ^ [ 16.735106] fff00000c7848880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735183] fff00000c7848900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735330] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.702245] ================================================================== [ 16.702331] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.702399] Write of size 16 at addr fff00000c6691869 by task kunit_try_catch/178 [ 16.702448] [ 16.702485] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.702574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.702600] Hardware name: linux,dummy-virt (DT) [ 16.702631] Call trace: [ 16.702654] show_stack+0x20/0x38 (C) [ 16.702712] dump_stack_lvl+0x8c/0xd0 [ 16.702766] print_report+0x118/0x5d0 [ 16.702812] kasan_report+0xdc/0x128 [ 16.703188] kasan_check_range+0x100/0x1a8 [ 16.703625] __asan_memset+0x34/0x78 [ 16.703945] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.704015] kunit_try_run_case+0x170/0x3f0 [ 16.704067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.704512] kthread+0x328/0x630 [ 16.704983] ret_from_fork+0x10/0x20 [ 16.705175] [ 16.705598] Allocated by task 178: [ 16.705777] kasan_save_stack+0x3c/0x68 [ 16.706125] kasan_save_track+0x20/0x40 [ 16.706251] kasan_save_alloc_info+0x40/0x58 [ 16.706321] __kasan_kmalloc+0xd4/0xd8 [ 16.706592] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.706700] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.706902] kunit_try_run_case+0x170/0x3f0 [ 16.707123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707188] kthread+0x328/0x630 [ 16.707253] ret_from_fork+0x10/0x20 [ 16.707401] [ 16.707647] The buggy address belongs to the object at fff00000c6691800 [ 16.707647] which belongs to the cache kmalloc-128 of size 128 [ 16.707956] The buggy address is located 105 bytes inside of [ 16.707956] allocated 120-byte region [fff00000c6691800, fff00000c6691878) [ 16.708050] [ 16.708073] The buggy address belongs to the physical page: [ 16.708112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.708288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.708551] page_type: f5(slab) [ 16.708597] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.708793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.709258] page dumped because: kasan: bad access detected [ 16.709721] [ 16.709760] Memory state around the buggy address: [ 16.709812] fff00000c6691700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.709992] fff00000c6691780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.710220] >fff00000c6691800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.710263] ^ [ 16.710478] fff00000c6691880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.710687] fff00000c6691900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.710783] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.682896] ================================================================== [ 16.683112] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.683238] Write of size 8 at addr fff00000c6691771 by task kunit_try_catch/176 [ 16.683429] [ 16.683481] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.683704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.683893] Hardware name: linux,dummy-virt (DT) [ 16.684021] Call trace: [ 16.684101] show_stack+0x20/0x38 (C) [ 16.684306] dump_stack_lvl+0x8c/0xd0 [ 16.684658] print_report+0x118/0x5d0 [ 16.684749] kasan_report+0xdc/0x128 [ 16.684924] kasan_check_range+0x100/0x1a8 [ 16.685113] __asan_memset+0x34/0x78 [ 16.685338] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.685534] kunit_try_run_case+0x170/0x3f0 [ 16.685837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.685947] kthread+0x328/0x630 [ 16.686085] ret_from_fork+0x10/0x20 [ 16.686321] [ 16.686456] Allocated by task 176: [ 16.686588] kasan_save_stack+0x3c/0x68 [ 16.686634] kasan_save_track+0x20/0x40 [ 16.686709] kasan_save_alloc_info+0x40/0x58 [ 16.687262] __kasan_kmalloc+0xd4/0xd8 [ 16.687395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.687577] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.687646] kunit_try_run_case+0x170/0x3f0 [ 16.687764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.688187] kthread+0x328/0x630 [ 16.688612] ret_from_fork+0x10/0x20 [ 16.688656] [ 16.688678] The buggy address belongs to the object at fff00000c6691700 [ 16.688678] which belongs to the cache kmalloc-128 of size 128 [ 16.689131] The buggy address is located 113 bytes inside of [ 16.689131] allocated 120-byte region [fff00000c6691700, fff00000c6691778) [ 16.689263] [ 16.689524] The buggy address belongs to the physical page: [ 16.689599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.689673] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.689944] page_type: f5(slab) [ 16.690012] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.690408] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.690489] page dumped because: kasan: bad access detected [ 16.690630] [ 16.690649] Memory state around the buggy address: [ 16.690708] fff00000c6691600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.690953] fff00000c6691680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691366] >fff00000c6691700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.691537] ^ [ 16.691582] fff00000c6691780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691698] fff00000c6691800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692136] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.658820] ================================================================== [ 16.658956] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.659075] Write of size 4 at addr fff00000c6691675 by task kunit_try_catch/174 [ 16.659371] [ 16.659525] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.659616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.659642] Hardware name: linux,dummy-virt (DT) [ 16.659790] Call trace: [ 16.659851] show_stack+0x20/0x38 (C) [ 16.660282] dump_stack_lvl+0x8c/0xd0 [ 16.660494] print_report+0x118/0x5d0 [ 16.660602] kasan_report+0xdc/0x128 [ 16.660738] kasan_check_range+0x100/0x1a8 [ 16.660851] __asan_memset+0x34/0x78 [ 16.661036] kmalloc_oob_memset_4+0x150/0x300 [ 16.661279] kunit_try_run_case+0x170/0x3f0 [ 16.661430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.661555] kthread+0x328/0x630 [ 16.661703] ret_from_fork+0x10/0x20 [ 16.662230] [ 16.662278] Allocated by task 174: [ 16.662675] kasan_save_stack+0x3c/0x68 [ 16.662750] kasan_save_track+0x20/0x40 [ 16.662788] kasan_save_alloc_info+0x40/0x58 [ 16.662827] __kasan_kmalloc+0xd4/0xd8 [ 16.662873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.662954] kmalloc_oob_memset_4+0xb0/0x300 [ 16.663021] kunit_try_run_case+0x170/0x3f0 [ 16.663106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663180] kthread+0x328/0x630 [ 16.663243] ret_from_fork+0x10/0x20 [ 16.663353] [ 16.663375] The buggy address belongs to the object at fff00000c6691600 [ 16.663375] which belongs to the cache kmalloc-128 of size 128 [ 16.663893] The buggy address is located 117 bytes inside of [ 16.663893] allocated 120-byte region [fff00000c6691600, fff00000c6691678) [ 16.664053] [ 16.664292] The buggy address belongs to the physical page: [ 16.664333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.664397] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.664936] page_type: f5(slab) [ 16.665447] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.665584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.665795] page dumped because: kasan: bad access detected [ 16.665829] [ 16.665900] Memory state around the buggy address: [ 16.666375] fff00000c6691500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.666460] fff00000c6691580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666544] >fff00000c6691600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.666984] ^ [ 16.667346] fff00000c6691680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667770] fff00000c6691700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667997] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.639593] ================================================================== [ 16.639656] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.639717] Write of size 2 at addr fff00000c6691577 by task kunit_try_catch/172 [ 16.642746] [ 16.642791] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.642891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.642918] Hardware name: linux,dummy-virt (DT) [ 16.642949] Call trace: [ 16.642972] show_stack+0x20/0x38 (C) [ 16.643025] dump_stack_lvl+0x8c/0xd0 [ 16.643074] print_report+0x118/0x5d0 [ 16.643119] kasan_report+0xdc/0x128 [ 16.643162] kasan_check_range+0x100/0x1a8 [ 16.643207] __asan_memset+0x34/0x78 [ 16.643252] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.643295] kunit_try_run_case+0x170/0x3f0 [ 16.643342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.643391] kthread+0x328/0x630 [ 16.643431] ret_from_fork+0x10/0x20 [ 16.643477] [ 16.643495] Allocated by task 172: [ 16.643523] kasan_save_stack+0x3c/0x68 [ 16.643564] kasan_save_track+0x20/0x40 [ 16.643600] kasan_save_alloc_info+0x40/0x58 [ 16.643638] __kasan_kmalloc+0xd4/0xd8 [ 16.643673] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.643711] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.644735] kunit_try_run_case+0x170/0x3f0 [ 16.645000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.645049] kthread+0x328/0x630 [ 16.645082] ret_from_fork+0x10/0x20 [ 16.645370] [ 16.645392] The buggy address belongs to the object at fff00000c6691500 [ 16.645392] which belongs to the cache kmalloc-128 of size 128 [ 16.645652] The buggy address is located 119 bytes inside of [ 16.645652] allocated 120-byte region [fff00000c6691500, fff00000c6691578) [ 16.645714] [ 16.645737] The buggy address belongs to the physical page: [ 16.645768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.645827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.645886] page_type: f5(slab) [ 16.645925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.645972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.646010] page dumped because: kasan: bad access detected [ 16.646039] [ 16.646056] Memory state around the buggy address: [ 16.646088] fff00000c6691400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.646127] fff00000c6691480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646167] >fff00000c6691500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.646203] ^ [ 16.646243] fff00000c6691580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646283] fff00000c6691600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.618486] ================================================================== [ 16.618839] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.619062] Write of size 128 at addr fff00000c6691400 by task kunit_try_catch/170 [ 16.619176] [ 16.619234] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.619699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.619891] Hardware name: linux,dummy-virt (DT) [ 16.620012] Call trace: [ 16.620079] show_stack+0x20/0x38 (C) [ 16.620164] dump_stack_lvl+0x8c/0xd0 [ 16.620353] print_report+0x118/0x5d0 [ 16.620403] kasan_report+0xdc/0x128 [ 16.620625] kasan_check_range+0x100/0x1a8 [ 16.620901] __asan_memset+0x34/0x78 [ 16.621035] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.621175] kunit_try_run_case+0x170/0x3f0 [ 16.621345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.621398] kthread+0x328/0x630 [ 16.621457] ret_from_fork+0x10/0x20 [ 16.621784] [ 16.621924] Allocated by task 170: [ 16.622037] kasan_save_stack+0x3c/0x68 [ 16.622170] kasan_save_track+0x20/0x40 [ 16.622252] kasan_save_alloc_info+0x40/0x58 [ 16.622373] __kasan_kmalloc+0xd4/0xd8 [ 16.622735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.623019] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.623157] kunit_try_run_case+0x170/0x3f0 [ 16.623304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.623374] kthread+0x328/0x630 [ 16.623669] ret_from_fork+0x10/0x20 [ 16.624053] [ 16.624100] The buggy address belongs to the object at fff00000c6691400 [ 16.624100] which belongs to the cache kmalloc-128 of size 128 [ 16.624173] The buggy address is located 0 bytes inside of [ 16.624173] allocated 120-byte region [fff00000c6691400, fff00000c6691478) [ 16.624231] [ 16.624253] The buggy address belongs to the physical page: [ 16.624484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.624777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.624967] page_type: f5(slab) [ 16.625103] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.625470] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.625612] page dumped because: kasan: bad access detected [ 16.625774] [ 16.626023] Memory state around the buggy address: [ 16.626089] fff00000c6691300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.626242] fff00000c6691380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.626443] >fff00000c6691400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.626541] ^ [ 16.626666] fff00000c6691480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.626807] fff00000c6691500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.627167] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.594496] ================================================================== [ 16.594563] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.594627] Read of size 16 at addr fff00000c3e55140 by task kunit_try_catch/168 [ 16.594677] [ 16.594739] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.594819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.594845] Hardware name: linux,dummy-virt (DT) [ 16.595754] Call trace: [ 16.595978] show_stack+0x20/0x38 (C) [ 16.596049] dump_stack_lvl+0x8c/0xd0 [ 16.596483] print_report+0x118/0x5d0 [ 16.596622] kasan_report+0xdc/0x128 [ 16.596668] __asan_report_load16_noabort+0x20/0x30 [ 16.597034] kmalloc_uaf_16+0x3bc/0x438 [ 16.597172] kunit_try_run_case+0x170/0x3f0 [ 16.597298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.597492] kthread+0x328/0x630 [ 16.597693] ret_from_fork+0x10/0x20 [ 16.598108] [ 16.598243] Allocated by task 168: [ 16.598345] kasan_save_stack+0x3c/0x68 [ 16.598423] kasan_save_track+0x20/0x40 [ 16.598518] kasan_save_alloc_info+0x40/0x58 [ 16.598590] __kasan_kmalloc+0xd4/0xd8 [ 16.598666] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.598985] kmalloc_uaf_16+0x140/0x438 [ 16.599509] kunit_try_run_case+0x170/0x3f0 [ 16.599645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.599923] kthread+0x328/0x630 [ 16.599964] ret_from_fork+0x10/0x20 [ 16.600017] [ 16.600037] Freed by task 168: [ 16.600245] kasan_save_stack+0x3c/0x68 [ 16.600444] kasan_save_track+0x20/0x40 [ 16.600506] kasan_save_free_info+0x4c/0x78 [ 16.600716] __kasan_slab_free+0x6c/0x98 [ 16.600921] kfree+0x214/0x3c8 [ 16.600957] kmalloc_uaf_16+0x190/0x438 [ 16.601166] kunit_try_run_case+0x170/0x3f0 [ 16.601527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.601596] kthread+0x328/0x630 [ 16.601710] ret_from_fork+0x10/0x20 [ 16.601800] [ 16.601840] The buggy address belongs to the object at fff00000c3e55140 [ 16.601840] which belongs to the cache kmalloc-16 of size 16 [ 16.602245] The buggy address is located 0 bytes inside of [ 16.602245] freed 16-byte region [fff00000c3e55140, fff00000c3e55150) [ 16.602343] [ 16.602758] The buggy address belongs to the physical page: [ 16.603163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.603248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.603320] page_type: f5(slab) [ 16.603730] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.603801] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.604331] page dumped because: kasan: bad access detected [ 16.604386] [ 16.604588] Memory state around the buggy address: [ 16.604786] fff00000c3e55000: 00 06 fc fc 00 06 fc fc 00 02 fc fc 00 06 fc fc [ 16.604872] fff00000c3e55080: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.605160] >fff00000c3e55100: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 16.605387] ^ [ 16.605522] fff00000c3e55180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605653] fff00000c3e55200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.577322] ================================================================== [ 16.577548] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.577619] Write of size 16 at addr fff00000c3e550e0 by task kunit_try_catch/166 [ 16.578000] [ 16.578074] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.578156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.578181] Hardware name: linux,dummy-virt (DT) [ 16.578468] Call trace: [ 16.578556] show_stack+0x20/0x38 (C) [ 16.578673] dump_stack_lvl+0x8c/0xd0 [ 16.578727] print_report+0x118/0x5d0 [ 16.578773] kasan_report+0xdc/0x128 [ 16.578817] __asan_report_store16_noabort+0x20/0x30 [ 16.578879] kmalloc_oob_16+0x3a0/0x3f8 [ 16.578943] kunit_try_run_case+0x170/0x3f0 [ 16.578991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.579043] kthread+0x328/0x630 [ 16.579084] ret_from_fork+0x10/0x20 [ 16.579137] [ 16.579155] Allocated by task 166: [ 16.579183] kasan_save_stack+0x3c/0x68 [ 16.579226] kasan_save_track+0x20/0x40 [ 16.579271] kasan_save_alloc_info+0x40/0x58 [ 16.579309] __kasan_kmalloc+0xd4/0xd8 [ 16.579353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.579391] kmalloc_oob_16+0xb4/0x3f8 [ 16.579424] kunit_try_run_case+0x170/0x3f0 [ 16.579460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.579502] kthread+0x328/0x630 [ 16.579542] ret_from_fork+0x10/0x20 [ 16.579586] [ 16.579605] The buggy address belongs to the object at fff00000c3e550e0 [ 16.579605] which belongs to the cache kmalloc-16 of size 16 [ 16.579659] The buggy address is located 0 bytes inside of [ 16.579659] allocated 13-byte region [fff00000c3e550e0, fff00000c3e550ed) [ 16.579717] [ 16.579882] The buggy address belongs to the physical page: [ 16.580200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.580730] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.580839] page_type: f5(slab) [ 16.580909] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.581229] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.581472] page dumped because: kasan: bad access detected [ 16.581640] [ 16.582317] Memory state around the buggy address: [ 16.582805] fff00000c3e54f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.582855] fff00000c3e55000: 00 06 fc fc 00 06 fc fc 00 02 fc fc 00 06 fc fc [ 16.583233] >fff00000c3e55080: 00 05 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 16.583514] ^ [ 16.583990] fff00000c3e55100: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.584066] fff00000c3e55180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.584183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.539580] ================================================================== [ 16.539903] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.540349] Read of size 1 at addr fff00000c0b98200 by task kunit_try_catch/164 [ 16.540962] [ 16.541142] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.541303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.541388] Hardware name: linux,dummy-virt (DT) [ 16.541707] Call trace: [ 16.541932] show_stack+0x20/0x38 (C) [ 16.542087] dump_stack_lvl+0x8c/0xd0 [ 16.542186] print_report+0x118/0x5d0 [ 16.542347] kasan_report+0xdc/0x128 [ 16.542757] __kasan_check_byte+0x54/0x70 [ 16.542986] krealloc_noprof+0x44/0x360 [ 16.543127] krealloc_uaf+0x180/0x520 [ 16.543327] kunit_try_run_case+0x170/0x3f0 [ 16.543414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.543491] kthread+0x328/0x630 [ 16.543781] ret_from_fork+0x10/0x20 [ 16.544060] [ 16.544199] Allocated by task 164: [ 16.544340] kasan_save_stack+0x3c/0x68 [ 16.544386] kasan_save_track+0x20/0x40 [ 16.544948] kasan_save_alloc_info+0x40/0x58 [ 16.545047] __kasan_kmalloc+0xd4/0xd8 [ 16.545218] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.545608] krealloc_uaf+0xc8/0x520 [ 16.546015] kunit_try_run_case+0x170/0x3f0 [ 16.546167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.546291] kthread+0x328/0x630 [ 16.546393] ret_from_fork+0x10/0x20 [ 16.546559] [ 16.546952] Freed by task 164: [ 16.547018] kasan_save_stack+0x3c/0x68 [ 16.547149] kasan_save_track+0x20/0x40 [ 16.547328] kasan_save_free_info+0x4c/0x78 [ 16.547406] __kasan_slab_free+0x6c/0x98 [ 16.547839] kfree+0x214/0x3c8 [ 16.548010] krealloc_uaf+0x12c/0x520 [ 16.548062] kunit_try_run_case+0x170/0x3f0 [ 16.548472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.548755] kthread+0x328/0x630 [ 16.548928] ret_from_fork+0x10/0x20 [ 16.548981] [ 16.549002] The buggy address belongs to the object at fff00000c0b98200 [ 16.549002] which belongs to the cache kmalloc-256 of size 256 [ 16.549165] The buggy address is located 0 bytes inside of [ 16.549165] freed 256-byte region [fff00000c0b98200, fff00000c0b98300) [ 16.549631] [ 16.549825] The buggy address belongs to the physical page: [ 16.549916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.550368] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.550531] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.550647] page_type: f5(slab) [ 16.550781] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.550838] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.551050] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.551155] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.551315] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.551367] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.551406] page dumped because: kasan: bad access detected [ 16.551461] [ 16.551493] Memory state around the buggy address: [ 16.551524] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.551585] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.551639] >fff00000c0b98200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.551689] ^ [ 16.551716] fff00000c0b98280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.552307] fff00000c0b98300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552571] ================================================================== [ 16.557892] ================================================================== [ 16.557969] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.558395] Read of size 1 at addr fff00000c0b98200 by task kunit_try_catch/164 [ 16.558479] [ 16.558516] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.558600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.558927] Hardware name: linux,dummy-virt (DT) [ 16.559010] Call trace: [ 16.559264] show_stack+0x20/0x38 (C) [ 16.559429] dump_stack_lvl+0x8c/0xd0 [ 16.559668] print_report+0x118/0x5d0 [ 16.560060] kasan_report+0xdc/0x128 [ 16.560199] __asan_report_load1_noabort+0x20/0x30 [ 16.560483] krealloc_uaf+0x4c8/0x520 [ 16.560589] kunit_try_run_case+0x170/0x3f0 [ 16.560638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.560689] kthread+0x328/0x630 [ 16.560731] ret_from_fork+0x10/0x20 [ 16.560778] [ 16.560796] Allocated by task 164: [ 16.560823] kasan_save_stack+0x3c/0x68 [ 16.560876] kasan_save_track+0x20/0x40 [ 16.560912] kasan_save_alloc_info+0x40/0x58 [ 16.560950] __kasan_kmalloc+0xd4/0xd8 [ 16.561303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.561372] krealloc_uaf+0xc8/0x520 [ 16.561407] kunit_try_run_case+0x170/0x3f0 [ 16.561443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.561486] kthread+0x328/0x630 [ 16.561520] ret_from_fork+0x10/0x20 [ 16.561563] [ 16.561582] Freed by task 164: [ 16.561617] kasan_save_stack+0x3c/0x68 [ 16.561653] kasan_save_track+0x20/0x40 [ 16.561688] kasan_save_free_info+0x4c/0x78 [ 16.561726] __kasan_slab_free+0x6c/0x98 [ 16.561773] kfree+0x214/0x3c8 [ 16.561804] krealloc_uaf+0x12c/0x520 [ 16.561848] kunit_try_run_case+0x170/0x3f0 [ 16.562589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.562715] kthread+0x328/0x630 [ 16.562750] ret_from_fork+0x10/0x20 [ 16.562784] [ 16.562826] The buggy address belongs to the object at fff00000c0b98200 [ 16.562826] which belongs to the cache kmalloc-256 of size 256 [ 16.563104] The buggy address is located 0 bytes inside of [ 16.563104] freed 256-byte region [fff00000c0b98200, fff00000c0b98300) [ 16.563467] [ 16.563669] The buggy address belongs to the physical page: [ 16.563942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.564229] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.564403] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.564513] page_type: f5(slab) [ 16.564633] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.564701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.565107] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.565207] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.565341] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.565511] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.565591] page dumped because: kasan: bad access detected [ 16.565665] [ 16.565683] Memory state around the buggy address: [ 16.565734] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566033] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566116] >fff00000c0b98200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.566282] ^ [ 16.566448] fff00000c0b98280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.566609] fff00000c0b98300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.566650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.515758] ================================================================== [ 16.515843] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.515925] Write of size 1 at addr fff00000c78a60c9 by task kunit_try_catch/162 [ 16.515973] [ 16.516004] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.516081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.516115] Hardware name: linux,dummy-virt (DT) [ 16.516153] Call trace: [ 16.516182] show_stack+0x20/0x38 (C) [ 16.516231] dump_stack_lvl+0x8c/0xd0 [ 16.516277] print_report+0x118/0x5d0 [ 16.516323] kasan_report+0xdc/0x128 [ 16.516368] __asan_report_store1_noabort+0x20/0x30 [ 16.516418] krealloc_less_oob_helper+0xa48/0xc50 [ 16.516465] krealloc_large_less_oob+0x20/0x38 [ 16.516511] kunit_try_run_case+0x170/0x3f0 [ 16.516558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.516609] kthread+0x328/0x630 [ 16.516649] ret_from_fork+0x10/0x20 [ 16.516695] [ 16.516725] The buggy address belongs to the physical page: [ 16.516756] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 16.516807] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.516858] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.517632] page_type: f8(unknown) [ 16.517721] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.517843] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.517957] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.518043] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.518149] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 16.518216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.518311] page dumped because: kasan: bad access detected [ 16.518369] [ 16.518386] Memory state around the buggy address: [ 16.518417] fff00000c78a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.518457] fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.518497] >fff00000c78a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.518532] ^ [ 16.518565] fff00000c78a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.518604] fff00000c78a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.518640] ================================================================== [ 16.471046] ================================================================== [ 16.471166] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.471230] Write of size 1 at addr fff00000c0b980d0 by task kunit_try_catch/158 [ 16.471277] [ 16.471307] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.471389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.471414] Hardware name: linux,dummy-virt (DT) [ 16.471443] Call trace: [ 16.471625] show_stack+0x20/0x38 (C) [ 16.471755] dump_stack_lvl+0x8c/0xd0 [ 16.471811] print_report+0x118/0x5d0 [ 16.471956] kasan_report+0xdc/0x128 [ 16.472006] __asan_report_store1_noabort+0x20/0x30 [ 16.472061] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.472268] krealloc_less_oob+0x20/0x38 [ 16.472444] kunit_try_run_case+0x170/0x3f0 [ 16.472522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.472580] kthread+0x328/0x630 [ 16.472620] ret_from_fork+0x10/0x20 [ 16.472687] [ 16.472729] Allocated by task 158: [ 16.472757] kasan_save_stack+0x3c/0x68 [ 16.472798] kasan_save_track+0x20/0x40 [ 16.472834] kasan_save_alloc_info+0x40/0x58 [ 16.472884] __kasan_krealloc+0x118/0x178 [ 16.472930] krealloc_noprof+0x128/0x360 [ 16.472975] krealloc_less_oob_helper+0x168/0xc50 [ 16.473013] krealloc_less_oob+0x20/0x38 [ 16.473056] kunit_try_run_case+0x170/0x3f0 [ 16.473100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.473141] kthread+0x328/0x630 [ 16.473178] ret_from_fork+0x10/0x20 [ 16.473229] [ 16.473247] The buggy address belongs to the object at fff00000c0b98000 [ 16.473247] which belongs to the cache kmalloc-256 of size 256 [ 16.473316] The buggy address is located 7 bytes to the right of [ 16.473316] allocated 201-byte region [fff00000c0b98000, fff00000c0b980c9) [ 16.473376] [ 16.473396] The buggy address belongs to the physical page: [ 16.473432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.473491] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.473550] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.473604] page_type: f5(slab) [ 16.473659] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.473707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.473764] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.473810] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.473857] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.474290] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.474566] page dumped because: kasan: bad access detected [ 16.474656] [ 16.474724] Memory state around the buggy address: [ 16.474756] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.474969] fff00000c0b98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.475171] >fff00000c0b98080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.475333] ^ [ 16.475423] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475574] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475627] ================================================================== [ 16.526662] ================================================================== [ 16.526833] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.526934] Write of size 1 at addr fff00000c78a60ea by task kunit_try_catch/162 [ 16.527022] [ 16.527048] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.527120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.527203] Hardware name: linux,dummy-virt (DT) [ 16.527278] Call trace: [ 16.527327] show_stack+0x20/0x38 (C) [ 16.527375] dump_stack_lvl+0x8c/0xd0 [ 16.527420] print_report+0x118/0x5d0 [ 16.527464] kasan_report+0xdc/0x128 [ 16.527507] __asan_report_store1_noabort+0x20/0x30 [ 16.527556] krealloc_less_oob_helper+0xae4/0xc50 [ 16.527602] krealloc_large_less_oob+0x20/0x38 [ 16.527666] kunit_try_run_case+0x170/0x3f0 [ 16.527714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.527771] kthread+0x328/0x630 [ 16.527811] ret_from_fork+0x10/0x20 [ 16.527856] [ 16.527885] The buggy address belongs to the physical page: [ 16.527923] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 16.527974] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.528078] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.528209] page_type: f8(unknown) [ 16.528350] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.528476] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.528526] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.528572] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.528619] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 16.528674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.528714] page dumped because: kasan: bad access detected [ 16.528743] [ 16.528760] Memory state around the buggy address: [ 16.528789] fff00000c78a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.528829] fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.528898] >fff00000c78a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.528934] ^ [ 16.528997] fff00000c78a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.529076] fff00000c78a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.529184] ================================================================== [ 16.529717] ================================================================== [ 16.529786] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.529831] Write of size 1 at addr fff00000c78a60eb by task kunit_try_catch/162 [ 16.529890] [ 16.529919] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.529993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.530018] Hardware name: linux,dummy-virt (DT) [ 16.530046] Call trace: [ 16.530065] show_stack+0x20/0x38 (C) [ 16.530110] dump_stack_lvl+0x8c/0xd0 [ 16.530168] print_report+0x118/0x5d0 [ 16.530219] kasan_report+0xdc/0x128 [ 16.530263] __asan_report_store1_noabort+0x20/0x30 [ 16.530312] krealloc_less_oob_helper+0xa58/0xc50 [ 16.530358] krealloc_large_less_oob+0x20/0x38 [ 16.530404] kunit_try_run_case+0x170/0x3f0 [ 16.530448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.530536] kthread+0x328/0x630 [ 16.530604] ret_from_fork+0x10/0x20 [ 16.530650] [ 16.530668] The buggy address belongs to the physical page: [ 16.530697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 16.530747] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.530791] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.530837] page_type: f8(unknown) [ 16.530882] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.530979] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.531030] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.531077] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.531164] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 16.531259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.531306] page dumped because: kasan: bad access detected [ 16.531335] [ 16.531369] Memory state around the buggy address: [ 16.531427] fff00000c78a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.531474] fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.531535] >fff00000c78a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.531571] ^ [ 16.531606] fff00000c78a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.531645] fff00000c78a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.531754] ================================================================== [ 16.523952] ================================================================== [ 16.523998] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.524095] Write of size 1 at addr fff00000c78a60da by task kunit_try_catch/162 [ 16.524180] [ 16.524236] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.524338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.524364] Hardware name: linux,dummy-virt (DT) [ 16.524416] Call trace: [ 16.524455] show_stack+0x20/0x38 (C) [ 16.524540] dump_stack_lvl+0x8c/0xd0 [ 16.524588] print_report+0x118/0x5d0 [ 16.524633] kasan_report+0xdc/0x128 [ 16.524677] __asan_report_store1_noabort+0x20/0x30 [ 16.524726] krealloc_less_oob_helper+0xa80/0xc50 [ 16.524772] krealloc_large_less_oob+0x20/0x38 [ 16.524817] kunit_try_run_case+0x170/0x3f0 [ 16.524874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.524925] kthread+0x328/0x630 [ 16.524964] ret_from_fork+0x10/0x20 [ 16.525036] [ 16.525083] The buggy address belongs to the physical page: [ 16.525141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 16.525197] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.525300] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.525396] page_type: f8(unknown) [ 16.525442] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.525491] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.525790] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.525837] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.525894] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 16.525970] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.526017] page dumped because: kasan: bad access detected [ 16.526125] [ 16.526144] Memory state around the buggy address: [ 16.526174] fff00000c78a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.526271] fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.526339] >fff00000c78a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.526377] ^ [ 16.526412] fff00000c78a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.526479] fff00000c78a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.526516] ================================================================== [ 16.519562] ================================================================== [ 16.519609] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.519657] Write of size 1 at addr fff00000c78a60d0 by task kunit_try_catch/162 [ 16.519704] [ 16.519733] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.519908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.520088] Hardware name: linux,dummy-virt (DT) [ 16.520136] Call trace: [ 16.520194] show_stack+0x20/0x38 (C) [ 16.520241] dump_stack_lvl+0x8c/0xd0 [ 16.520286] print_report+0x118/0x5d0 [ 16.520331] kasan_report+0xdc/0x128 [ 16.520375] __asan_report_store1_noabort+0x20/0x30 [ 16.520424] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.520470] krealloc_large_less_oob+0x20/0x38 [ 16.520516] kunit_try_run_case+0x170/0x3f0 [ 16.520591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.520641] kthread+0x328/0x630 [ 16.520682] ret_from_fork+0x10/0x20 [ 16.520800] [ 16.520905] The buggy address belongs to the physical page: [ 16.520960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a4 [ 16.521288] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.521367] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.521490] page_type: f8(unknown) [ 16.521576] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.521634] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.521760] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.521807] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.522160] head: 0bfffe0000000002 ffffc1ffc31e2901 00000000ffffffff 00000000ffffffff [ 16.522314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.522470] page dumped because: kasan: bad access detected [ 16.522582] [ 16.522637] Memory state around the buggy address: [ 16.522666] fff00000c78a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.522971] fff00000c78a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.523018] >fff00000c78a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.523125] ^ [ 16.523224] fff00000c78a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.523336] fff00000c78a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.523422] ================================================================== [ 16.461593] ================================================================== [ 16.461659] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.461718] Write of size 1 at addr fff00000c0b980c9 by task kunit_try_catch/158 [ 16.461766] [ 16.461799] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.461891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.462126] Hardware name: linux,dummy-virt (DT) [ 16.462900] Call trace: [ 16.462942] show_stack+0x20/0x38 (C) [ 16.462996] dump_stack_lvl+0x8c/0xd0 [ 16.463044] print_report+0x118/0x5d0 [ 16.463173] kasan_report+0xdc/0x128 [ 16.463230] __asan_report_store1_noabort+0x20/0x30 [ 16.463280] krealloc_less_oob_helper+0xa48/0xc50 [ 16.463824] krealloc_less_oob+0x20/0x38 [ 16.463880] kunit_try_run_case+0x170/0x3f0 [ 16.464234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.464398] kthread+0x328/0x630 [ 16.464488] ret_from_fork+0x10/0x20 [ 16.464666] [ 16.464752] Allocated by task 158: [ 16.464939] kasan_save_stack+0x3c/0x68 [ 16.465011] kasan_save_track+0x20/0x40 [ 16.465048] kasan_save_alloc_info+0x40/0x58 [ 16.465448] __kasan_krealloc+0x118/0x178 [ 16.465575] krealloc_noprof+0x128/0x360 [ 16.465986] krealloc_less_oob_helper+0x168/0xc50 [ 16.466117] krealloc_less_oob+0x20/0x38 [ 16.466217] kunit_try_run_case+0x170/0x3f0 [ 16.466326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.466370] kthread+0x328/0x630 [ 16.466657] ret_from_fork+0x10/0x20 [ 16.466776] [ 16.466855] The buggy address belongs to the object at fff00000c0b98000 [ 16.466855] which belongs to the cache kmalloc-256 of size 256 [ 16.467057] The buggy address is located 0 bytes to the right of [ 16.467057] allocated 201-byte region [fff00000c0b98000, fff00000c0b980c9) [ 16.467212] [ 16.467354] The buggy address belongs to the physical page: [ 16.467411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.467466] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.467538] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.467850] page_type: f5(slab) [ 16.467907] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.467956] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.468038] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.468115] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.468223] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.468342] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.468440] page dumped because: kasan: bad access detected [ 16.468563] [ 16.468712] Memory state around the buggy address: [ 16.468890] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.469061] fff00000c0b98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.469199] >fff00000c0b98080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.469412] ^ [ 16.469600] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.469776] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.469887] ================================================================== [ 16.492372] ================================================================== [ 16.492434] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.492488] Write of size 1 at addr fff00000c0b980eb by task kunit_try_catch/158 [ 16.492731] [ 16.492782] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.492941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.492999] Hardware name: linux,dummy-virt (DT) [ 16.493031] Call trace: [ 16.493052] show_stack+0x20/0x38 (C) [ 16.493146] dump_stack_lvl+0x8c/0xd0 [ 16.493193] print_report+0x118/0x5d0 [ 16.493238] kasan_report+0xdc/0x128 [ 16.493282] __asan_report_store1_noabort+0x20/0x30 [ 16.493331] krealloc_less_oob_helper+0xa58/0xc50 [ 16.493377] krealloc_less_oob+0x20/0x38 [ 16.493421] kunit_try_run_case+0x170/0x3f0 [ 16.493466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.493527] kthread+0x328/0x630 [ 16.493568] ret_from_fork+0x10/0x20 [ 16.493615] [ 16.493642] Allocated by task 158: [ 16.493684] kasan_save_stack+0x3c/0x68 [ 16.493729] kasan_save_track+0x20/0x40 [ 16.493765] kasan_save_alloc_info+0x40/0x58 [ 16.493803] __kasan_krealloc+0x118/0x178 [ 16.493840] krealloc_noprof+0x128/0x360 [ 16.493886] krealloc_less_oob_helper+0x168/0xc50 [ 16.493923] krealloc_less_oob+0x20/0x38 [ 16.493957] kunit_try_run_case+0x170/0x3f0 [ 16.493993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.494178] kthread+0x328/0x630 [ 16.494282] ret_from_fork+0x10/0x20 [ 16.494318] [ 16.494346] The buggy address belongs to the object at fff00000c0b98000 [ 16.494346] which belongs to the cache kmalloc-256 of size 256 [ 16.494400] The buggy address is located 34 bytes to the right of [ 16.494400] allocated 201-byte region [fff00000c0b98000, fff00000c0b980c9) [ 16.494461] [ 16.494706] The buggy address belongs to the physical page: [ 16.494793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.494899] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.494991] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.495056] page_type: f5(slab) [ 16.495093] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.495178] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.495397] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.495603] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.495658] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.495721] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.495761] page dumped because: kasan: bad access detected [ 16.495965] [ 16.496089] Memory state around the buggy address: [ 16.496197] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.496428] fff00000c0b98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.496496] >fff00000c0b98080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.498883] ^ [ 16.498933] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498976] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.499013] ================================================================== [ 16.483517] ================================================================== [ 16.483578] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.483635] Write of size 1 at addr fff00000c0b980ea by task kunit_try_catch/158 [ 16.483786] [ 16.483949] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.484101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.484240] Hardware name: linux,dummy-virt (DT) [ 16.484386] Call trace: [ 16.484527] show_stack+0x20/0x38 (C) [ 16.484726] dump_stack_lvl+0x8c/0xd0 [ 16.484822] print_report+0x118/0x5d0 [ 16.484880] kasan_report+0xdc/0x128 [ 16.485150] __asan_report_store1_noabort+0x20/0x30 [ 16.485313] krealloc_less_oob_helper+0xae4/0xc50 [ 16.485458] krealloc_less_oob+0x20/0x38 [ 16.485504] kunit_try_run_case+0x170/0x3f0 [ 16.485690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.485840] kthread+0x328/0x630 [ 16.485895] ret_from_fork+0x10/0x20 [ 16.486225] [ 16.486324] Allocated by task 158: [ 16.486365] kasan_save_stack+0x3c/0x68 [ 16.486421] kasan_save_track+0x20/0x40 [ 16.486466] kasan_save_alloc_info+0x40/0x58 [ 16.486547] __kasan_krealloc+0x118/0x178 [ 16.486587] krealloc_noprof+0x128/0x360 [ 16.486624] krealloc_less_oob_helper+0x168/0xc50 [ 16.486672] krealloc_less_oob+0x20/0x38 [ 16.486708] kunit_try_run_case+0x170/0x3f0 [ 16.486744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.486786] kthread+0x328/0x630 [ 16.486817] ret_from_fork+0x10/0x20 [ 16.486850] [ 16.487249] The buggy address belongs to the object at fff00000c0b98000 [ 16.487249] which belongs to the cache kmalloc-256 of size 256 [ 16.487346] The buggy address is located 33 bytes to the right of [ 16.487346] allocated 201-byte region [fff00000c0b98000, fff00000c0b980c9) [ 16.487591] [ 16.487681] The buggy address belongs to the physical page: [ 16.487917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.488164] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.488316] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.488520] page_type: f5(slab) [ 16.488576] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.488728] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.488975] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.489200] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.489286] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.489405] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.489598] page dumped because: kasan: bad access detected [ 16.489755] [ 16.489826] Memory state around the buggy address: [ 16.489994] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.490070] fff00000c0b98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.490194] >fff00000c0b98080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.490252] ^ [ 16.490289] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.490584] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.490742] ================================================================== [ 16.476620] ================================================================== [ 16.476707] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.476852] Write of size 1 at addr fff00000c0b980da by task kunit_try_catch/158 [ 16.476915] [ 16.477015] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.477289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.477377] Hardware name: linux,dummy-virt (DT) [ 16.477410] Call trace: [ 16.477431] show_stack+0x20/0x38 (C) [ 16.477499] dump_stack_lvl+0x8c/0xd0 [ 16.477554] print_report+0x118/0x5d0 [ 16.477598] kasan_report+0xdc/0x128 [ 16.477642] __asan_report_store1_noabort+0x20/0x30 [ 16.477851] krealloc_less_oob_helper+0xa80/0xc50 [ 16.477990] krealloc_less_oob+0x20/0x38 [ 16.478040] kunit_try_run_case+0x170/0x3f0 [ 16.478129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.478354] kthread+0x328/0x630 [ 16.478480] ret_from_fork+0x10/0x20 [ 16.478558] [ 16.478649] Allocated by task 158: [ 16.478679] kasan_save_stack+0x3c/0x68 [ 16.478721] kasan_save_track+0x20/0x40 [ 16.478757] kasan_save_alloc_info+0x40/0x58 [ 16.478939] __kasan_krealloc+0x118/0x178 [ 16.479084] krealloc_noprof+0x128/0x360 [ 16.479144] krealloc_less_oob_helper+0x168/0xc50 [ 16.479262] krealloc_less_oob+0x20/0x38 [ 16.479309] kunit_try_run_case+0x170/0x3f0 [ 16.479346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.479405] kthread+0x328/0x630 [ 16.479544] ret_from_fork+0x10/0x20 [ 16.479774] [ 16.479826] The buggy address belongs to the object at fff00000c0b98000 [ 16.479826] which belongs to the cache kmalloc-256 of size 256 [ 16.479952] The buggy address is located 17 bytes to the right of [ 16.479952] allocated 201-byte region [fff00000c0b98000, fff00000c0b980c9) [ 16.480042] [ 16.480062] The buggy address belongs to the physical page: [ 16.480092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b98 [ 16.480144] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.480346] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.480562] page_type: f5(slab) [ 16.480647] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.480794] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.480845] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.481115] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.481262] head: 0bfffe0000000001 ffffc1ffc302e601 00000000ffffffff 00000000ffffffff [ 16.481438] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.481585] page dumped because: kasan: bad access detected [ 16.481653] [ 16.481671] Memory state around the buggy address: [ 16.481702] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.482005] fff00000c0b98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.482073] >fff00000c0b98080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.482162] ^ [ 16.482391] fff00000c0b98100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.482474] fff00000c0b98180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.482510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.447090] ================================================================== [ 16.447173] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.447236] Write of size 1 at addr fff00000c0b97ef0 by task kunit_try_catch/156 [ 16.447283] [ 16.447319] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.447398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.447440] Hardware name: linux,dummy-virt (DT) [ 16.447471] Call trace: [ 16.447498] show_stack+0x20/0x38 (C) [ 16.447546] dump_stack_lvl+0x8c/0xd0 [ 16.447592] print_report+0x118/0x5d0 [ 16.447636] kasan_report+0xdc/0x128 [ 16.447679] __asan_report_store1_noabort+0x20/0x30 [ 16.447746] krealloc_more_oob_helper+0x5c0/0x678 [ 16.448285] krealloc_more_oob+0x20/0x38 [ 16.448469] kunit_try_run_case+0x170/0x3f0 [ 16.448624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.448677] kthread+0x328/0x630 [ 16.448877] ret_from_fork+0x10/0x20 [ 16.449165] [ 16.449285] Allocated by task 156: [ 16.449500] kasan_save_stack+0x3c/0x68 [ 16.449655] kasan_save_track+0x20/0x40 [ 16.449754] kasan_save_alloc_info+0x40/0x58 [ 16.449922] __kasan_krealloc+0x118/0x178 [ 16.449983] krealloc_noprof+0x128/0x360 [ 16.450304] krealloc_more_oob_helper+0x168/0x678 [ 16.450438] krealloc_more_oob+0x20/0x38 [ 16.450557] kunit_try_run_case+0x170/0x3f0 [ 16.450702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.450800] kthread+0x328/0x630 [ 16.450925] ret_from_fork+0x10/0x20 [ 16.451000] [ 16.451066] The buggy address belongs to the object at fff00000c0b97e00 [ 16.451066] which belongs to the cache kmalloc-256 of size 256 [ 16.451400] The buggy address is located 5 bytes to the right of [ 16.451400] allocated 235-byte region [fff00000c0b97e00, fff00000c0b97eeb) [ 16.451701] [ 16.451877] The buggy address belongs to the physical page: [ 16.451944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 16.452053] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.452149] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.452348] page_type: f5(slab) [ 16.452432] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.452601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.452651] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.452704] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.453114] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 16.453166] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.453205] page dumped because: kasan: bad access detected [ 16.453241] [ 16.453259] Memory state around the buggy address: [ 16.453288] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453329] fff00000c0b97e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.453368] >fff00000c0b97e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.453403] ^ [ 16.453440] fff00000c0b97f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453481] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453516] ================================================================== [ 16.437842] ================================================================== [ 16.438027] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.438093] Write of size 1 at addr fff00000c0b97eeb by task kunit_try_catch/156 [ 16.438397] [ 16.438454] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.438561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.438588] Hardware name: linux,dummy-virt (DT) [ 16.438651] Call trace: [ 16.438677] show_stack+0x20/0x38 (C) [ 16.438730] dump_stack_lvl+0x8c/0xd0 [ 16.439031] print_report+0x118/0x5d0 [ 16.439122] kasan_report+0xdc/0x128 [ 16.439194] __asan_report_store1_noabort+0x20/0x30 [ 16.439252] krealloc_more_oob_helper+0x60c/0x678 [ 16.439300] krealloc_more_oob+0x20/0x38 [ 16.439344] kunit_try_run_case+0x170/0x3f0 [ 16.439393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.439607] kthread+0x328/0x630 [ 16.439857] ret_from_fork+0x10/0x20 [ 16.440078] [ 16.440098] Allocated by task 156: [ 16.440128] kasan_save_stack+0x3c/0x68 [ 16.440544] kasan_save_track+0x20/0x40 [ 16.440693] kasan_save_alloc_info+0x40/0x58 [ 16.440772] __kasan_krealloc+0x118/0x178 [ 16.440909] krealloc_noprof+0x128/0x360 [ 16.440997] krealloc_more_oob_helper+0x168/0x678 [ 16.441272] krealloc_more_oob+0x20/0x38 [ 16.441416] kunit_try_run_case+0x170/0x3f0 [ 16.441588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.441732] kthread+0x328/0x630 [ 16.441918] ret_from_fork+0x10/0x20 [ 16.441977] [ 16.442155] The buggy address belongs to the object at fff00000c0b97e00 [ 16.442155] which belongs to the cache kmalloc-256 of size 256 [ 16.442353] The buggy address is located 0 bytes to the right of [ 16.442353] allocated 235-byte region [fff00000c0b97e00, fff00000c0b97eeb) [ 16.442468] [ 16.442534] The buggy address belongs to the physical page: [ 16.442770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b96 [ 16.442946] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.443117] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.443268] page_type: f5(slab) [ 16.443466] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.443727] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.443832] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.443991] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.444187] head: 0bfffe0000000001 ffffc1ffc302e581 00000000ffffffff 00000000ffffffff [ 16.444396] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.444470] page dumped because: kasan: bad access detected [ 16.444622] [ 16.444711] Memory state around the buggy address: [ 16.444818] fff00000c0b97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.444885] fff00000c0b97e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.444960] >fff00000c0b97e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.445230] ^ [ 16.445440] fff00000c0b97f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.445605] fff00000c0b97f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.445687] ================================================================== [ 16.503665] ================================================================== [ 16.503725] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.503783] Write of size 1 at addr fff00000c78a20eb by task kunit_try_catch/160 [ 16.503831] [ 16.503879] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.503957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.503982] Hardware name: linux,dummy-virt (DT) [ 16.504028] Call trace: [ 16.504050] show_stack+0x20/0x38 (C) [ 16.504099] dump_stack_lvl+0x8c/0xd0 [ 16.504146] print_report+0x118/0x5d0 [ 16.504191] kasan_report+0xdc/0x128 [ 16.504234] __asan_report_store1_noabort+0x20/0x30 [ 16.504284] krealloc_more_oob_helper+0x60c/0x678 [ 16.504330] krealloc_large_more_oob+0x20/0x38 [ 16.504375] kunit_try_run_case+0x170/0x3f0 [ 16.504422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.504472] kthread+0x328/0x630 [ 16.504512] ret_from_fork+0x10/0x20 [ 16.504558] [ 16.504578] The buggy address belongs to the physical page: [ 16.504609] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 16.504661] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.504705] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.504757] page_type: f8(unknown) [ 16.504794] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.504893] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.505003] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.505147] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.505320] head: 0bfffe0000000002 ffffc1ffc31e2801 00000000ffffffff 00000000ffffffff [ 16.505448] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.505508] page dumped because: kasan: bad access detected [ 16.505586] [ 16.505639] Memory state around the buggy address: [ 16.505678] fff00000c78a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.505718] fff00000c78a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.505757] >fff00000c78a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.505793] ^ [ 16.505830] fff00000c78a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.505879] fff00000c78a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.505915] ================================================================== [ 16.506651] ================================================================== [ 16.506697] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.506947] Write of size 1 at addr fff00000c78a20f0 by task kunit_try_catch/160 [ 16.507008] [ 16.507067] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.507354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.507495] Hardware name: linux,dummy-virt (DT) [ 16.507543] Call trace: [ 16.507612] show_stack+0x20/0x38 (C) [ 16.507663] dump_stack_lvl+0x8c/0xd0 [ 16.507709] print_report+0x118/0x5d0 [ 16.507855] kasan_report+0xdc/0x128 [ 16.508083] __asan_report_store1_noabort+0x20/0x30 [ 16.508208] krealloc_more_oob_helper+0x5c0/0x678 [ 16.508304] krealloc_large_more_oob+0x20/0x38 [ 16.508526] kunit_try_run_case+0x170/0x3f0 [ 16.508606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.508698] kthread+0x328/0x630 [ 16.508791] ret_from_fork+0x10/0x20 [ 16.509007] [ 16.509046] The buggy address belongs to the physical page: [ 16.509076] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 16.509254] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.509299] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.509347] page_type: f8(unknown) [ 16.509383] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.509430] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.509561] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.509661] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.509775] head: 0bfffe0000000002 ffffc1ffc31e2801 00000000ffffffff 00000000ffffffff [ 16.509821] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.509878] page dumped because: kasan: bad access detected [ 16.509907] [ 16.509924] Memory state around the buggy address: [ 16.509953] fff00000c78a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.509993] fff00000c78a2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.510137] >fff00000c78a2080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.510294] ^ [ 16.510375] fff00000c78a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.510431] fff00000c78a2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.510534] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.426430] ================================================================== [ 16.426506] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.426726] Read of size 1 at addr fff00000c7920000 by task kunit_try_catch/154 [ 16.426777] [ 16.427129] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.427424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.427483] Hardware name: linux,dummy-virt (DT) [ 16.427552] Call trace: [ 16.427594] show_stack+0x20/0x38 (C) [ 16.427704] dump_stack_lvl+0x8c/0xd0 [ 16.427788] print_report+0x118/0x5d0 [ 16.428195] kasan_report+0xdc/0x128 [ 16.428253] __asan_report_load1_noabort+0x20/0x30 [ 16.428537] page_alloc_uaf+0x328/0x350 [ 16.428739] kunit_try_run_case+0x170/0x3f0 [ 16.428803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.428873] kthread+0x328/0x630 [ 16.428939] ret_from_fork+0x10/0x20 [ 16.429000] [ 16.429023] The buggy address belongs to the physical page: [ 16.429054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107920 [ 16.429117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.429167] page_type: f0(buddy) [ 16.429213] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 16.429288] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 16.429326] page dumped because: kasan: bad access detected [ 16.429370] [ 16.429395] Memory state around the buggy address: [ 16.429429] fff00000c791ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429470] fff00000c791ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429519] >fff00000c7920000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429557] ^ [ 16.429584] fff00000c7920080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429637] fff00000c7920100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.429673] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.405650] ================================================================== [ 16.405834] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.405999] Free of addr fff00000c789c001 by task kunit_try_catch/150 [ 16.406053] [ 16.406093] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.406304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.406332] Hardware name: linux,dummy-virt (DT) [ 16.406364] Call trace: [ 16.406389] show_stack+0x20/0x38 (C) [ 16.406440] dump_stack_lvl+0x8c/0xd0 [ 16.406488] print_report+0x118/0x5d0 [ 16.406533] kasan_report_invalid_free+0xc0/0xe8 [ 16.406580] __kasan_kfree_large+0x5c/0xa8 [ 16.406625] free_large_kmalloc+0x64/0x190 [ 16.406795] kfree+0x270/0x3c8 [ 16.406990] kmalloc_large_invalid_free+0x108/0x270 [ 16.407046] kunit_try_run_case+0x170/0x3f0 [ 16.407134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.407273] kthread+0x328/0x630 [ 16.407320] ret_from_fork+0x10/0x20 [ 16.407396] [ 16.407436] The buggy address belongs to the physical page: [ 16.407471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10789c [ 16.407565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.407613] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.407666] page_type: f8(unknown) [ 16.407704] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.407958] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.408255] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.408374] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.408515] head: 0bfffe0000000002 ffffc1ffc31e2701 00000000ffffffff 00000000ffffffff [ 16.408624] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.408838] page dumped because: kasan: bad access detected [ 16.408886] [ 16.408905] Memory state around the buggy address: [ 16.408939] fff00000c789bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408986] fff00000c789bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.409129] >fff00000c789c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.409291] ^ [ 16.409383] fff00000c789c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.409444] fff00000c789c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.409676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.390836] ================================================================== [ 16.390943] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.391015] Read of size 1 at addr fff00000c7898000 by task kunit_try_catch/148 [ 16.391297] [ 16.391417] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.391506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.391555] Hardware name: linux,dummy-virt (DT) [ 16.391690] Call trace: [ 16.391718] show_stack+0x20/0x38 (C) [ 16.392117] dump_stack_lvl+0x8c/0xd0 [ 16.392280] print_report+0x118/0x5d0 [ 16.392359] kasan_report+0xdc/0x128 [ 16.392635] __asan_report_load1_noabort+0x20/0x30 [ 16.392816] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.392994] kunit_try_run_case+0x170/0x3f0 [ 16.393097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.393309] kthread+0x328/0x630 [ 16.393494] ret_from_fork+0x10/0x20 [ 16.393722] [ 16.393750] The buggy address belongs to the physical page: [ 16.393784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 16.393930] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.394077] raw: 0bfffe0000000000 ffffc1ffc31e2708 fff00000da478c40 0000000000000000 [ 16.394128] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.394355] page dumped because: kasan: bad access detected [ 16.394543] [ 16.394630] Memory state around the buggy address: [ 16.394726] fff00000c7897f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394772] fff00000c7897f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394820] >fff00000c7898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.395088] ^ [ 16.395240] fff00000c7898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.395328] fff00000c7898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.395425] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.370946] ================================================================== [ 16.371020] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.371350] Write of size 1 at addr fff00000c789a00a by task kunit_try_catch/146 [ 16.371552] [ 16.371601] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.371684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.372322] Hardware name: linux,dummy-virt (DT) [ 16.372989] Call trace: [ 16.373022] show_stack+0x20/0x38 (C) [ 16.373077] dump_stack_lvl+0x8c/0xd0 [ 16.373125] print_report+0x118/0x5d0 [ 16.373171] kasan_report+0xdc/0x128 [ 16.373216] __asan_report_store1_noabort+0x20/0x30 [ 16.373265] kmalloc_large_oob_right+0x278/0x2b8 [ 16.373312] kunit_try_run_case+0x170/0x3f0 [ 16.373358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.373408] kthread+0x328/0x630 [ 16.373448] ret_from_fork+0x10/0x20 [ 16.373495] [ 16.373538] The buggy address belongs to the physical page: [ 16.373572] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 16.373624] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.373669] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.373728] page_type: f8(unknown) [ 16.373767] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.373815] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.373878] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.373924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.373970] head: 0bfffe0000000002 ffffc1ffc31e2601 00000000ffffffff 00000000ffffffff [ 16.374017] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.374054] page dumped because: kasan: bad access detected [ 16.374084] [ 16.374102] Memory state around the buggy address: [ 16.374134] fff00000c7899f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.374177] fff00000c7899f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.374218] >fff00000c789a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.374253] ^ [ 16.374281] fff00000c789a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.374322] fff00000c789a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.374359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.351252] ================================================================== [ 16.351630] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.351911] Write of size 1 at addr fff00000c7901f00 by task kunit_try_catch/144 [ 16.352010] [ 16.352168] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.352422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.352544] Hardware name: linux,dummy-virt (DT) [ 16.352624] Call trace: [ 16.352669] show_stack+0x20/0x38 (C) [ 16.352975] dump_stack_lvl+0x8c/0xd0 [ 16.353205] print_report+0x118/0x5d0 [ 16.353441] kasan_report+0xdc/0x128 [ 16.353634] __asan_report_store1_noabort+0x20/0x30 [ 16.353838] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.353905] kunit_try_run_case+0x170/0x3f0 [ 16.354204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.354436] kthread+0x328/0x630 [ 16.354509] ret_from_fork+0x10/0x20 [ 16.354714] [ 16.354817] Allocated by task 144: [ 16.354871] kasan_save_stack+0x3c/0x68 [ 16.355140] kasan_save_track+0x20/0x40 [ 16.355296] kasan_save_alloc_info+0x40/0x58 [ 16.355712] __kasan_kmalloc+0xd4/0xd8 [ 16.355760] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.355896] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.356097] kunit_try_run_case+0x170/0x3f0 [ 16.356153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.356249] kthread+0x328/0x630 [ 16.356396] ret_from_fork+0x10/0x20 [ 16.356528] [ 16.356578] The buggy address belongs to the object at fff00000c7900000 [ 16.356578] which belongs to the cache kmalloc-8k of size 8192 [ 16.356656] The buggy address is located 0 bytes to the right of [ 16.356656] allocated 7936-byte region [fff00000c7900000, fff00000c7901f00) [ 16.356892] [ 16.357115] The buggy address belongs to the physical page: [ 16.357287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107900 [ 16.357576] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.357830] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.357913] page_type: f5(slab) [ 16.358063] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.358231] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.358651] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.358922] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.359104] head: 0bfffe0000000003 ffffc1ffc31e4001 00000000ffffffff 00000000ffffffff [ 16.359172] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.359255] page dumped because: kasan: bad access detected [ 16.359321] [ 16.359380] Memory state around the buggy address: [ 16.359415] fff00000c7901e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.359490] fff00000c7901e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.359544] >fff00000c7901f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359725] ^ [ 16.359778] fff00000c7901f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359819] fff00000c7902000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359891] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.323695] ================================================================== [ 16.323929] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.324422] Write of size 1 at addr fff00000c6691278 by task kunit_try_catch/142 [ 16.324482] [ 16.324523] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.324897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.324961] Hardware name: linux,dummy-virt (DT) [ 16.325119] Call trace: [ 16.325208] show_stack+0x20/0x38 (C) [ 16.325330] dump_stack_lvl+0x8c/0xd0 [ 16.325437] print_report+0x118/0x5d0 [ 16.325516] kasan_report+0xdc/0x128 [ 16.325945] __asan_report_store1_noabort+0x20/0x30 [ 16.326060] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.326277] kunit_try_run_case+0x170/0x3f0 [ 16.326360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.326587] kthread+0x328/0x630 [ 16.326795] ret_from_fork+0x10/0x20 [ 16.327226] [ 16.327371] Allocated by task 142: [ 16.327461] kasan_save_stack+0x3c/0x68 [ 16.327614] kasan_save_track+0x20/0x40 [ 16.327701] kasan_save_alloc_info+0x40/0x58 [ 16.327831] __kasan_kmalloc+0xd4/0xd8 [ 16.327882] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.327927] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.328207] kunit_try_run_case+0x170/0x3f0 [ 16.328378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.328452] kthread+0x328/0x630 [ 16.328625] ret_from_fork+0x10/0x20 [ 16.328728] [ 16.328834] The buggy address belongs to the object at fff00000c6691200 [ 16.328834] which belongs to the cache kmalloc-128 of size 128 [ 16.328907] The buggy address is located 0 bytes to the right of [ 16.328907] allocated 120-byte region [fff00000c6691200, fff00000c6691278) [ 16.329147] [ 16.329351] The buggy address belongs to the physical page: [ 16.329649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.329845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.329934] page_type: f5(slab) [ 16.330046] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.330603] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.330674] page dumped because: kasan: bad access detected [ 16.330762] [ 16.331049] Memory state around the buggy address: [ 16.331297] fff00000c6691100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.331362] fff00000c6691180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.331421] >fff00000c6691200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.331536] ^ [ 16.331578] fff00000c6691280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.331962] fff00000c6691300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332079] ================================================================== [ 16.333816] ================================================================== [ 16.333882] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.333934] Write of size 1 at addr fff00000c6691378 by task kunit_try_catch/142 [ 16.333981] [ 16.334012] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.334089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.334126] Hardware name: linux,dummy-virt (DT) [ 16.334156] Call trace: [ 16.334177] show_stack+0x20/0x38 (C) [ 16.334223] dump_stack_lvl+0x8c/0xd0 [ 16.334278] print_report+0x118/0x5d0 [ 16.334323] kasan_report+0xdc/0x128 [ 16.334367] __asan_report_store1_noabort+0x20/0x30 [ 16.334425] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.334483] kunit_try_run_case+0x170/0x3f0 [ 16.334530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.334580] kthread+0x328/0x630 [ 16.334622] ret_from_fork+0x10/0x20 [ 16.334669] [ 16.334694] Allocated by task 142: [ 16.334722] kasan_save_stack+0x3c/0x68 [ 16.334761] kasan_save_track+0x20/0x40 [ 16.334804] kasan_save_alloc_info+0x40/0x58 [ 16.334843] __kasan_kmalloc+0xd4/0xd8 [ 16.334887] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.334929] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.334972] kunit_try_run_case+0x170/0x3f0 [ 16.335019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.335061] kthread+0x328/0x630 [ 16.335092] ret_from_fork+0x10/0x20 [ 16.335126] [ 16.335145] The buggy address belongs to the object at fff00000c6691300 [ 16.335145] which belongs to the cache kmalloc-128 of size 128 [ 16.335199] The buggy address is located 0 bytes to the right of [ 16.335199] allocated 120-byte region [fff00000c6691300, fff00000c6691378) [ 16.335267] [ 16.335287] The buggy address belongs to the physical page: [ 16.335316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.335366] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.335421] page_type: f5(slab) [ 16.335457] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.335506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.335544] page dumped because: kasan: bad access detected [ 16.335579] [ 16.335597] Memory state around the buggy address: [ 16.335626] fff00000c6691200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.335666] fff00000c6691280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335716] >fff00000c6691300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.336212] ^ [ 16.336261] fff00000c6691380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.336304] fff00000c6691400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.336340] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.302697] ================================================================== [ 16.302766] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.302833] Read of size 1 at addr fff00000c78e9000 by task kunit_try_catch/140 [ 16.302926] [ 16.302966] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.303046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.303071] Hardware name: linux,dummy-virt (DT) [ 16.303220] Call trace: [ 16.303252] show_stack+0x20/0x38 (C) [ 16.303366] dump_stack_lvl+0x8c/0xd0 [ 16.303642] print_report+0x118/0x5d0 [ 16.303694] kasan_report+0xdc/0x128 [ 16.303738] __asan_report_load1_noabort+0x20/0x30 [ 16.303787] kmalloc_node_oob_right+0x2f4/0x330 [ 16.303833] kunit_try_run_case+0x170/0x3f0 [ 16.303893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.303944] kthread+0x328/0x630 [ 16.303985] ret_from_fork+0x10/0x20 [ 16.304032] [ 16.304049] Allocated by task 140: [ 16.304077] kasan_save_stack+0x3c/0x68 [ 16.304117] kasan_save_track+0x20/0x40 [ 16.304153] kasan_save_alloc_info+0x40/0x58 [ 16.304190] __kasan_kmalloc+0xd4/0xd8 [ 16.304225] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.304264] kmalloc_node_oob_right+0xbc/0x330 [ 16.304299] kunit_try_run_case+0x170/0x3f0 [ 16.305232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.305733] kthread+0x328/0x630 [ 16.305795] ret_from_fork+0x10/0x20 [ 16.305846] [ 16.305879] The buggy address belongs to the object at fff00000c78e8000 [ 16.305879] which belongs to the cache kmalloc-4k of size 4096 [ 16.306316] The buggy address is located 0 bytes to the right of [ 16.306316] allocated 4096-byte region [fff00000c78e8000, fff00000c78e9000) [ 16.306417] [ 16.306925] The buggy address belongs to the physical page: [ 16.307143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 16.308110] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.308195] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.308512] page_type: f5(slab) [ 16.308669] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.308825] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.308954] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.309125] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.309318] head: 0bfffe0000000003 ffffc1ffc31e3a01 00000000ffffffff 00000000ffffffff [ 16.309445] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.309811] page dumped because: kasan: bad access detected [ 16.309997] [ 16.310194] Memory state around the buggy address: [ 16.310240] fff00000c78e8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.310283] fff00000c78e8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.310323] >fff00000c78e9000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.310359] ^ [ 16.310386] fff00000c78e9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.310426] fff00000c78e9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.310490] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.279177] ================================================================== [ 16.279287] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.279706] Read of size 1 at addr fff00000c3e550bf by task kunit_try_catch/138 [ 16.279825] [ 16.280061] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.280289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.280320] Hardware name: linux,dummy-virt (DT) [ 16.280383] Call trace: [ 16.280414] show_stack+0x20/0x38 (C) [ 16.280468] dump_stack_lvl+0x8c/0xd0 [ 16.280517] print_report+0x118/0x5d0 [ 16.280882] kasan_report+0xdc/0x128 [ 16.281178] __asan_report_load1_noabort+0x20/0x30 [ 16.281467] kmalloc_oob_left+0x2ec/0x320 [ 16.281517] kunit_try_run_case+0x170/0x3f0 [ 16.282090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.282466] kthread+0x328/0x630 [ 16.282528] ret_from_fork+0x10/0x20 [ 16.282591] [ 16.282725] Allocated by task 26: [ 16.283001] kasan_save_stack+0x3c/0x68 [ 16.283238] kasan_save_track+0x20/0x40 [ 16.283546] kasan_save_alloc_info+0x40/0x58 [ 16.283606] __kasan_kmalloc+0xd4/0xd8 [ 16.283641] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.283683] kstrdup+0x54/0xc8 [ 16.283816] devtmpfs_work_loop+0x6f8/0xa58 [ 16.283885] devtmpfsd+0x50/0x58 [ 16.283920] kthread+0x328/0x630 [ 16.283992] ret_from_fork+0x10/0x20 [ 16.284030] [ 16.284155] Freed by task 26: [ 16.284205] kasan_save_stack+0x3c/0x68 [ 16.284388] kasan_save_track+0x20/0x40 [ 16.284434] kasan_save_free_info+0x4c/0x78 [ 16.284485] __kasan_slab_free+0x6c/0x98 [ 16.284602] kfree+0x214/0x3c8 [ 16.284750] devtmpfs_work_loop+0x804/0xa58 [ 16.284859] devtmpfsd+0x50/0x58 [ 16.284901] kthread+0x328/0x630 [ 16.284931] ret_from_fork+0x10/0x20 [ 16.285371] [ 16.285400] The buggy address belongs to the object at fff00000c3e550a0 [ 16.285400] which belongs to the cache kmalloc-16 of size 16 [ 16.285473] The buggy address is located 15 bytes to the right of [ 16.285473] allocated 16-byte region [fff00000c3e550a0, fff00000c3e550b0) [ 16.285604] [ 16.285752] The buggy address belongs to the physical page: [ 16.285894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e55 [ 16.285996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.286310] page_type: f5(slab) [ 16.286564] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.286749] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.286884] page dumped because: kasan: bad access detected [ 16.286915] [ 16.286932] Memory state around the buggy address: [ 16.286967] fff00000c3e54f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.287008] fff00000c3e55000: 00 06 fc fc 00 06 fc fc 00 02 fc fc 00 06 fc fc [ 16.287048] >fff00000c3e55080: 00 05 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 16.287659] ^ [ 16.287787] fff00000c3e55100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.287829] fff00000c3e55180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.288027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.237576] ================================================================== [ 16.237938] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.238753] Write of size 1 at addr fff00000c6691173 by task kunit_try_catch/136 [ 16.238860] [ 16.239605] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.239745] Tainted: [N]=TEST [ 16.239903] Hardware name: linux,dummy-virt (DT) [ 16.240138] Call trace: [ 16.240313] show_stack+0x20/0x38 (C) [ 16.240443] dump_stack_lvl+0x8c/0xd0 [ 16.240504] print_report+0x118/0x5d0 [ 16.240552] kasan_report+0xdc/0x128 [ 16.240598] __asan_report_store1_noabort+0x20/0x30 [ 16.240649] kmalloc_oob_right+0x5a4/0x660 [ 16.240694] kunit_try_run_case+0x170/0x3f0 [ 16.240743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.240793] kthread+0x328/0x630 [ 16.240836] ret_from_fork+0x10/0x20 [ 16.241003] [ 16.241042] Allocated by task 136: [ 16.241153] kasan_save_stack+0x3c/0x68 [ 16.241216] kasan_save_track+0x20/0x40 [ 16.241253] kasan_save_alloc_info+0x40/0x58 [ 16.241291] __kasan_kmalloc+0xd4/0xd8 [ 16.241326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.241366] kmalloc_oob_right+0xb0/0x660 [ 16.241400] kunit_try_run_case+0x170/0x3f0 [ 16.241436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.241477] kthread+0x328/0x630 [ 16.241508] ret_from_fork+0x10/0x20 [ 16.241560] [ 16.241618] The buggy address belongs to the object at fff00000c6691100 [ 16.241618] which belongs to the cache kmalloc-128 of size 128 [ 16.241707] The buggy address is located 0 bytes to the right of [ 16.241707] allocated 115-byte region [fff00000c6691100, fff00000c6691173) [ 16.241772] [ 16.241854] The buggy address belongs to the physical page: [ 16.242038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.242302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.242580] page_type: f5(slab) [ 16.242873] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.242937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.243042] page dumped because: kasan: bad access detected [ 16.243082] [ 16.243107] Memory state around the buggy address: [ 16.243331] fff00000c6691000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.243395] fff00000c6691080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243448] >fff00000c6691100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.243499] ^ [ 16.243588] fff00000c6691180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243629] fff00000c6691200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.243689] ================================================================== [ 16.245967] ================================================================== [ 16.246472] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.246527] Write of size 1 at addr fff00000c6691178 by task kunit_try_catch/136 [ 16.246575] [ 16.246607] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.247253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.247402] Hardware name: linux,dummy-virt (DT) [ 16.247622] Call trace: [ 16.247731] show_stack+0x20/0x38 (C) [ 16.248287] dump_stack_lvl+0x8c/0xd0 [ 16.248758] print_report+0x118/0x5d0 [ 16.249149] kasan_report+0xdc/0x128 [ 16.249328] __asan_report_store1_noabort+0x20/0x30 [ 16.249378] kmalloc_oob_right+0x538/0x660 [ 16.249960] kunit_try_run_case+0x170/0x3f0 [ 16.250779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.251004] kthread+0x328/0x630 [ 16.251070] ret_from_fork+0x10/0x20 [ 16.251774] [ 16.251848] Allocated by task 136: [ 16.251892] kasan_save_stack+0x3c/0x68 [ 16.252164] kasan_save_track+0x20/0x40 [ 16.252615] kasan_save_alloc_info+0x40/0x58 [ 16.253033] __kasan_kmalloc+0xd4/0xd8 [ 16.253159] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.253198] kmalloc_oob_right+0xb0/0x660 [ 16.253721] kunit_try_run_case+0x170/0x3f0 [ 16.253772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.254471] kthread+0x328/0x630 [ 16.254923] ret_from_fork+0x10/0x20 [ 16.255343] [ 16.255724] The buggy address belongs to the object at fff00000c6691100 [ 16.255724] which belongs to the cache kmalloc-128 of size 128 [ 16.255883] The buggy address is located 5 bytes to the right of [ 16.255883] allocated 115-byte region [fff00000c6691100, fff00000c6691173) [ 16.256501] [ 16.256545] The buggy address belongs to the physical page: [ 16.257238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.257687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.257748] page_type: f5(slab) [ 16.257791] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.259389] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.259642] page dumped because: kasan: bad access detected [ 16.259674] [ 16.259719] Memory state around the buggy address: [ 16.259782] fff00000c6691000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.259901] fff00000c6691080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.260233] >fff00000c6691100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.260426] ^ [ 16.260998] fff00000c6691180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.261090] fff00000c6691200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.261390] ================================================================== [ 16.262827] ================================================================== [ 16.262896] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.262948] Read of size 1 at addr fff00000c6691180 by task kunit_try_catch/136 [ 16.262996] [ 16.263029] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.263106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.263132] Hardware name: linux,dummy-virt (DT) [ 16.263162] Call trace: [ 16.263183] show_stack+0x20/0x38 (C) [ 16.263669] dump_stack_lvl+0x8c/0xd0 [ 16.263751] print_report+0x118/0x5d0 [ 16.263893] kasan_report+0xdc/0x128 [ 16.263942] __asan_report_load1_noabort+0x20/0x30 [ 16.263991] kmalloc_oob_right+0x5d0/0x660 [ 16.264035] kunit_try_run_case+0x170/0x3f0 [ 16.264081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.264131] kthread+0x328/0x630 [ 16.264171] ret_from_fork+0x10/0x20 [ 16.264216] [ 16.264234] Allocated by task 136: [ 16.264261] kasan_save_stack+0x3c/0x68 [ 16.264300] kasan_save_track+0x20/0x40 [ 16.264335] kasan_save_alloc_info+0x40/0x58 [ 16.264373] __kasan_kmalloc+0xd4/0xd8 [ 16.264408] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.264447] kmalloc_oob_right+0xb0/0x660 [ 16.264482] kunit_try_run_case+0x170/0x3f0 [ 16.264518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.264559] kthread+0x328/0x630 [ 16.264590] ret_from_fork+0x10/0x20 [ 16.264627] [ 16.264646] The buggy address belongs to the object at fff00000c6691100 [ 16.264646] which belongs to the cache kmalloc-128 of size 128 [ 16.264700] The buggy address is located 13 bytes to the right of [ 16.264700] allocated 115-byte region [fff00000c6691100, fff00000c6691173) [ 16.264760] [ 16.264779] The buggy address belongs to the physical page: [ 16.264808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106691 [ 16.264856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.264912] page_type: f5(slab) [ 16.264948] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.264995] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.265033] page dumped because: kasan: bad access detected [ 16.265062] [ 16.265079] Memory state around the buggy address: [ 16.265108] fff00000c6691080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265298] fff00000c6691100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.265340] >fff00000c6691180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265751] ^ [ 16.265793] fff00000c6691200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265835] fff00000c6691280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.265881] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.002753] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.005504] Modules linked in: [ 95.006058] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 95.007303] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.007998] Hardware name: linux,dummy-virt (DT) [ 95.008704] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.009021] pc : intlog10+0x38/0x48 [ 95.009207] lr : intlog10_test+0xe4/0x200 [ 95.009395] sp : ffff800082277c10 [ 95.009551] x29: ffff800082277c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.009911] x26: 1ffe0000196f3e41 x25: 0000000000000000 x24: ffff800082277ce0 [ 95.010253] x23: ffff800082277d00 x22: 0000000000000000 x21: 1ffff0001044ef82 [ 95.010591] x20: ffff99bda1889d80 x19: ffff800080087990 x18: 0000000078411d13 [ 95.011050] x17: 000000000299a21c x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.011789] x14: 0000000000018fff x13: 1ffe00001b48e989 x12: ffff7337b4ae3379 [ 95.012770] x11: 1ffff337b4ae3378 x10: ffff7337b4ae3378 x9 : ffff99bd9ee35d9c [ 95.013729] x8 : ffff99bda5719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.014493] x5 : ffff70001044ef82 x4 : 1ffff00010010f3a x3 : 1ffff337b43113b0 [ 95.015255] x2 : 1ffff337b43113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.016077] Call trace: [ 95.016381] intlog10+0x38/0x48 (P) [ 95.016804] kunit_try_run_case+0x170/0x3f0 [ 95.017272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.017819] kthread+0x328/0x630 [ 95.018210] ret_from_fork+0x10/0x20 [ 95.018615] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 94.953457] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 94.955571] Modules linked in: [ 94.955900] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 94.957050] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 94.957829] Hardware name: linux,dummy-virt (DT) [ 94.958455] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.959408] pc : intlog2+0xd8/0xf8 [ 94.959892] lr : intlog2_test+0xe4/0x200 [ 94.960433] sp : ffff8000821f7c10 [ 94.960910] x29: ffff8000821f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.961736] x26: 1ffe0000182cc001 x25: 0000000000000000 x24: ffff8000821f7ce0 [ 94.962519] x23: ffff8000821f7d00 x22: 0000000000000000 x21: 1ffff0001043ef82 [ 94.963285] x20: ffff99bda1889c80 x19: ffff800080087990 x18: 00000000adc44890 [ 94.964150] x17: 00000000f697600f x16: fff00000c097583c x15: fff00000ff616b08 [ 94.964699] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7337b4ae3379 [ 94.965624] x11: 1ffff337b4ae3378 x10: ffff7337b4ae3378 x9 : ffff99bd9ee35f9c [ 94.965984] x8 : ffff99bda5719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.966330] x5 : ffff70001043ef82 x4 : 1ffff00010010f3a x3 : 1ffff337b4311390 [ 94.966672] x2 : 1ffff337b4311390 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.967331] Call trace: [ 94.967634] intlog2+0xd8/0xf8 (P) [ 94.968140] kunit_try_run_case+0x170/0x3f0 [ 94.968679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.969334] kthread+0x328/0x630 [ 94.969737] ret_from_fork+0x10/0x20 [ 94.970177] ---[ end trace 0000000000000000 ]---