Date
July 15, 2025, 11:09 a.m.
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.793557] ================================================================== [ 20.793640] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.793640] [ 20.793701] Invalid free of 0x00000000f258e936 (in kfence-#95): [ 20.793752] test_invalid_addr_free+0x1ac/0x238 [ 20.793798] kunit_try_run_case+0x170/0x3f0 [ 20.793842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.793887] kthread+0x328/0x630 [ 20.793924] ret_from_fork+0x10/0x20 [ 20.793963] [ 20.793986] kfence-#95: 0x00000000b7761d8e-0x00000000688cae7b, size=32, cache=kmalloc-32 [ 20.793986] [ 20.794041] allocated by task 308 on cpu 0 at 20.793422s (0.000616s ago): [ 20.794103] test_alloc+0x29c/0x628 [ 20.794144] test_invalid_addr_free+0xd4/0x238 [ 20.794201] kunit_try_run_case+0x170/0x3f0 [ 20.794242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.794286] kthread+0x328/0x630 [ 20.794320] ret_from_fork+0x10/0x20 [ 20.794360] [ 20.794403] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.794483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.794512] Hardware name: linux,dummy-virt (DT) [ 20.794546] ================================================================== [ 20.897505] ================================================================== [ 20.897588] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.897588] [ 20.897648] Invalid free of 0x0000000059e7154d (in kfence-#96): [ 20.897702] test_invalid_addr_free+0xec/0x238 [ 20.897746] kunit_try_run_case+0x170/0x3f0 [ 20.897787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.897831] kthread+0x328/0x630 [ 20.897866] ret_from_fork+0x10/0x20 [ 20.897905] [ 20.897929] kfence-#96: 0x0000000035bd346d-0x00000000d1bd7121, size=32, cache=test [ 20.897929] [ 20.897983] allocated by task 310 on cpu 0 at 20.897396s (0.000584s ago): [ 20.898044] test_alloc+0x230/0x628 [ 20.898086] test_invalid_addr_free+0xd4/0x238 [ 20.898128] kunit_try_run_case+0x170/0x3f0 [ 20.898168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.898222] kthread+0x328/0x630 [ 20.898258] ret_from_fork+0x10/0x20 [ 20.898297] [ 20.898338] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.898417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.898446] Hardware name: linux,dummy-virt (DT) [ 20.898477] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.967991] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 17.925352] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.708402] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.715289] Modules linked in: [ 96.716437] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 96.716850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.717142] Hardware name: linux,dummy-virt (DT) [ 96.717730] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.718598] pc : kunit_test_null_dereference+0x70/0x170 [ 96.719158] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.719746] sp : ffff800080f87d30 [ 96.720107] x29: ffff800080f87d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.720930] x26: 1ffe00001888c301 x25: 0000000000000000 x24: 0000000000000004 [ 96.721793] x23: fff00000c446180c x22: ffffa65da9e23438 x21: fff00000c1201688 [ 96.722253] x20: 1ffff000101f0fa6 x19: ffff800080087990 x18: 000000004da9b264 [ 96.722609] x17: 0000000000000000 x16: fff00000c097543c x15: fff00000ff616b08 [ 96.722957] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: fffd800018efb11c [ 96.723350] x11: 1ffe000018efb11b x10: fffd800018efb11b x9 : ffffa65da9e1a8a0 [ 96.723807] x8 : ffff800080f87c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.724220] x5 : ffff7000101f0fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.724664] x2 : dfff800000000000 x1 : fff00000c77d8000 x0 : ffff800080087990 [ 96.725392] Call trace: [ 96.725703] kunit_test_null_dereference+0x70/0x170 (P) [ 96.726289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.726722] kthread+0x328/0x630 [ 96.726905] ret_from_fork+0x10/0x20 [ 96.727352] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.727874] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.949345] ================================================================== [ 17.953051] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 17.953595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.954290] Hardware name: linux,dummy-virt (DT) [ 17.955554] __kasan_check_write+0x20/0x30 [ 17.956393] kasan_bitops_generic+0x11c/0x1c8 [ 17.956585] kthread+0x328/0x630 [ 17.958380] kunit_try_run_case+0x170/0x3f0 [ 17.958421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959922] [ 17.960074] [ 17.961107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.961299] page_type: f5(slab) [ 17.961594] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.962512] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.963103] ^ [ 17.963585] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967935] ================================================================== [ 17.892522] ================================================================== [ 17.892579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.892634] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.892697] [ 17.892730] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.892824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.892861] Hardware name: linux,dummy-virt (DT) [ 17.892893] Call trace: [ 17.892922] show_stack+0x20/0x38 (C) [ 17.892977] dump_stack_lvl+0x8c/0xd0 [ 17.893307] print_report+0x118/0x5d0 [ 17.893865] kasan_report+0xdc/0x128 [ 17.894174] __asan_report_load8_noabort+0x20/0x30 [ 17.894248] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.894544] kasan_bitops_generic+0x11c/0x1c8 [ 17.894750] kunit_try_run_case+0x170/0x3f0 [ 17.894824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.901138] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.901573] page dumped because: kasan: bad access detected [ 17.901740] [ 17.901800] Memory state around the buggy address: [ 17.902358] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.903007] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.907374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.907433] Hardware name: linux,dummy-virt (DT) [ 17.907520] Call trace: [ 17.907545] show_stack+0x20/0x38 (C) [ 17.908369] kasan_report+0xdc/0x128 [ 17.909971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.910075] kthread+0x328/0x630 [ 17.910496] Allocated by task 262: [ 17.911190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.911381] kthread+0x328/0x630 [ 17.911617] The buggy address is located 8 bytes inside of [ 17.911617] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.911875] page_type: f5(slab) [ 17.911923] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.912148] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.912816] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.914484] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915552] ================================================================== [ 17.886137] ================================================================== [ 17.886211] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.886317] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.888023] [ 17.888082] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.888175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.888434] Hardware name: linux,dummy-virt (DT) [ 17.888495] Call trace: [ 17.888677] show_stack+0x20/0x38 (C) [ 17.888741] dump_stack_lvl+0x8c/0xd0 [ 17.888791] print_report+0x118/0x5d0 [ 17.888900] kasan_report+0xdc/0x128 [ 17.888952] kasan_check_range+0x100/0x1a8 [ 17.889007] __kasan_check_write+0x20/0x30 [ 17.889101] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.889171] kasan_bitops_generic+0x11c/0x1c8 [ 17.889232] kunit_try_run_case+0x170/0x3f0 [ 17.889297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.889350] kthread+0x328/0x630 [ 17.889393] ret_from_fork+0x10/0x20 [ 17.889678] [ 17.889701] Allocated by task 262: [ 17.889741] kasan_save_stack+0x3c/0x68 [ 17.889785] kasan_save_track+0x20/0x40 [ 17.889824] kasan_save_alloc_info+0x40/0x58 [ 17.889872] __kasan_kmalloc+0xd4/0xd8 [ 17.889909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.889951] kasan_bitops_generic+0xa0/0x1c8 [ 17.889990] kunit_try_run_case+0x170/0x3f0 [ 17.890028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.890074] kthread+0x328/0x630 [ 17.890108] ret_from_fork+0x10/0x20 [ 17.890151] [ 17.890450] The buggy address belongs to the object at fff00000c591d620 [ 17.890450] which belongs to the cache kmalloc-16 of size 16 [ 17.890631] The buggy address is located 8 bytes inside of [ 17.890631] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.890756] [ 17.890904] The buggy address belongs to the physical page: [ 17.890980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.891135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.891217] page_type: f5(slab) [ 17.891671] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.891731] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.891777] page dumped because: kasan: bad access detected [ 17.891822] [ 17.891848] Memory state around the buggy address: [ 17.891896] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.891958] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.892005] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.892052] ^ [ 17.892102] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892148] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892210] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.863920] ================================================================== [ 17.864036] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 17.864095] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.864159] [ 17.864227] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.864318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.864356] Hardware name: linux,dummy-virt (DT) [ 17.864402] Call trace: [ 17.864431] show_stack+0x20/0x38 (C) [ 17.864509] dump_stack_lvl+0x8c/0xd0 [ 17.864559] print_report+0x118/0x5d0 [ 17.864615] kasan_report+0xdc/0x128 [ 17.864668] __asan_report_load8_noabort+0x20/0x30 [ 17.864726] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 17.865072] kasan_bitops_generic+0x110/0x1c8 [ 17.865200] kunit_try_run_case+0x170/0x3f0 [ 17.865284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.865342] kthread+0x328/0x630 [ 17.865409] ret_from_fork+0x10/0x20 [ 17.865672] [ 17.865730] Allocated by task 262: [ 17.865813] kasan_save_stack+0x3c/0x68 [ 17.865941] kasan_save_track+0x20/0x40 [ 17.866005] kasan_save_alloc_info+0x40/0x58 [ 17.866076] __kasan_kmalloc+0xd4/0xd8 [ 17.866127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.866177] kasan_bitops_generic+0xa0/0x1c8 [ 17.866470] kunit_try_run_case+0x170/0x3f0 [ 17.866549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.866619] kthread+0x328/0x630 [ 17.866690] ret_from_fork+0x10/0x20 [ 17.866778] [ 17.866819] The buggy address belongs to the object at fff00000c591d620 [ 17.866819] which belongs to the cache kmalloc-16 of size 16 [ 17.867336] The buggy address is located 8 bytes inside of [ 17.867336] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.867457] [ 17.867499] The buggy address belongs to the physical page: [ 17.867533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.867611] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.867931] page_type: f5(slab) [ 17.867993] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.868049] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.868093] page dumped because: kasan: bad access detected [ 17.868130] [ 17.868166] Memory state around the buggy address: [ 17.868228] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.868274] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.868319] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.868368] ^ [ 17.868406] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868470] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868511] ================================================================== [ 17.858377] ================================================================== [ 17.858501] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.858557] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.858610] [ 17.858808] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.858903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.858932] Hardware name: linux,dummy-virt (DT) [ 17.858964] Call trace: [ 17.858987] show_stack+0x20/0x38 (C) [ 17.859043] dump_stack_lvl+0x8c/0xd0 [ 17.859360] print_report+0x118/0x5d0 [ 17.859447] kasan_report+0xdc/0x128 [ 17.859513] kasan_check_range+0x100/0x1a8 [ 17.859572] __kasan_check_write+0x20/0x30 [ 17.859628] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.861322] kasan_bitops_generic+0x110/0x1c8 [ 17.861427] kunit_try_run_case+0x170/0x3f0 [ 17.861489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.861562] kthread+0x328/0x630 [ 17.861634] ret_from_fork+0x10/0x20 [ 17.861747] [ 17.861796] Allocated by task 262: [ 17.861889] kasan_save_stack+0x3c/0x68 [ 17.861935] kasan_save_track+0x20/0x40 [ 17.861975] kasan_save_alloc_info+0x40/0x58 [ 17.862022] __kasan_kmalloc+0xd4/0xd8 [ 17.862059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.862099] kasan_bitops_generic+0xa0/0x1c8 [ 17.862139] kunit_try_run_case+0x170/0x3f0 [ 17.862190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862262] kthread+0x328/0x630 [ 17.862434] ret_from_fork+0x10/0x20 [ 17.862545] [ 17.862586] The buggy address belongs to the object at fff00000c591d620 [ 17.862586] which belongs to the cache kmalloc-16 of size 16 [ 17.862663] The buggy address is located 8 bytes inside of [ 17.862663] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.862752] [ 17.862789] The buggy address belongs to the physical page: [ 17.862865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.862927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.862977] page_type: f5(slab) [ 17.863016] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.863069] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.863115] page dumped because: kasan: bad access detected [ 17.863149] [ 17.863170] Memory state around the buggy address: [ 17.863214] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.863259] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.863310] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.863351] ^ [ 17.863383] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.863428] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.863468] ================================================================== [ 17.806144] ================================================================== [ 17.809725] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.810474] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.811102] [ 17.811150] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.811250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.811277] Hardware name: linux,dummy-virt (DT) [ 17.811310] Call trace: [ 17.812801] show_stack+0x20/0x38 (C) [ 17.812913] dump_stack_lvl+0x8c/0xd0 [ 17.812963] print_report+0x118/0x5d0 [ 17.813014] kasan_report+0xdc/0x128 [ 17.813061] kasan_check_range+0x100/0x1a8 [ 17.814692] __kasan_check_write+0x20/0x30 [ 17.814829] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.815588] kasan_bitops_generic+0x110/0x1c8 [ 17.816667] kunit_try_run_case+0x170/0x3f0 [ 17.816945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.817002] kthread+0x328/0x630 [ 17.817046] ret_from_fork+0x10/0x20 [ 17.817097] [ 17.817118] Allocated by task 262: [ 17.817149] kasan_save_stack+0x3c/0x68 [ 17.817202] kasan_save_track+0x20/0x40 [ 17.817243] kasan_save_alloc_info+0x40/0x58 [ 17.817285] __kasan_kmalloc+0xd4/0xd8 [ 17.817324] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.817364] kasan_bitops_generic+0xa0/0x1c8 [ 17.817405] kunit_try_run_case+0x170/0x3f0 [ 17.819876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.820261] kthread+0x328/0x630 [ 17.820300] ret_from_fork+0x10/0x20 [ 17.820337] [ 17.822045] The buggy address belongs to the object at fff00000c591d620 [ 17.822045] which belongs to the cache kmalloc-16 of size 16 [ 17.822592] The buggy address is located 8 bytes inside of [ 17.822592] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.822752] [ 17.823670] The buggy address belongs to the physical page: [ 17.823894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.824746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.824808] page_type: f5(slab) [ 17.824851] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.825979] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.826379] page dumped because: kasan: bad access detected [ 17.826843] [ 17.826871] Memory state around the buggy address: [ 17.827220] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.827280] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.827327] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.827368] ^ [ 17.827405] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.827451] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.827494] ================================================================== [ 17.878843] ================================================================== [ 17.878891] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 17.878938] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.878991] [ 17.879021] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.879423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.879491] Hardware name: linux,dummy-virt (DT) [ 17.879526] Call trace: [ 17.879550] show_stack+0x20/0x38 (C) [ 17.879852] dump_stack_lvl+0x8c/0xd0 [ 17.879930] print_report+0x118/0x5d0 [ 17.880002] kasan_report+0xdc/0x128 [ 17.880053] __asan_report_load8_noabort+0x20/0x30 [ 17.880106] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 17.880165] kasan_bitops_generic+0x110/0x1c8 [ 17.880231] kunit_try_run_case+0x170/0x3f0 [ 17.880293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.880349] kthread+0x328/0x630 [ 17.880445] ret_from_fork+0x10/0x20 [ 17.880505] [ 17.880535] Allocated by task 262: [ 17.880572] kasan_save_stack+0x3c/0x68 [ 17.880623] kasan_save_track+0x20/0x40 [ 17.880664] kasan_save_alloc_info+0x40/0x58 [ 17.880706] __kasan_kmalloc+0xd4/0xd8 [ 17.880743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.880783] kasan_bitops_generic+0xa0/0x1c8 [ 17.880821] kunit_try_run_case+0x170/0x3f0 [ 17.880861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.880909] kthread+0x328/0x630 [ 17.880941] ret_from_fork+0x10/0x20 [ 17.881028] [ 17.881554] The buggy address belongs to the object at fff00000c591d620 [ 17.881554] which belongs to the cache kmalloc-16 of size 16 [ 17.882238] The buggy address is located 8 bytes inside of [ 17.882238] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.882337] [ 17.882477] The buggy address belongs to the physical page: [ 17.882526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.882653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.882721] page_type: f5(slab) [ 17.882776] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.883105] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.883260] page dumped because: kasan: bad access detected [ 17.883319] [ 17.883408] Memory state around the buggy address: [ 17.883478] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.883551] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.883747] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.883981] ^ [ 17.884106] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.884203] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.884311] ================================================================== [ 17.855349] ================================================================== [ 17.855413] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.855469] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.855522] [ 17.855553] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.855646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.855675] Hardware name: linux,dummy-virt (DT) [ 17.855708] Call trace: [ 17.855731] show_stack+0x20/0x38 (C) [ 17.855787] dump_stack_lvl+0x8c/0xd0 [ 17.855837] print_report+0x118/0x5d0 [ 17.855905] kasan_report+0xdc/0x128 [ 17.855954] kasan_check_range+0x100/0x1a8 [ 17.856019] __kasan_check_write+0x20/0x30 [ 17.856080] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.856133] kasan_bitops_generic+0x110/0x1c8 [ 17.856192] kunit_try_run_case+0x170/0x3f0 [ 17.856250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.856310] kthread+0x328/0x630 [ 17.856352] ret_from_fork+0x10/0x20 [ 17.856403] [ 17.856422] Allocated by task 262: [ 17.856457] kasan_save_stack+0x3c/0x68 [ 17.856512] kasan_save_track+0x20/0x40 [ 17.856560] kasan_save_alloc_info+0x40/0x58 [ 17.856603] __kasan_kmalloc+0xd4/0xd8 [ 17.856663] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.856707] kasan_bitops_generic+0xa0/0x1c8 [ 17.856756] kunit_try_run_case+0x170/0x3f0 [ 17.856797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.856844] kthread+0x328/0x630 [ 17.856877] ret_from_fork+0x10/0x20 [ 17.856929] [ 17.856951] The buggy address belongs to the object at fff00000c591d620 [ 17.856951] which belongs to the cache kmalloc-16 of size 16 [ 17.857021] The buggy address is located 8 bytes inside of [ 17.857021] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.857086] [ 17.857128] The buggy address belongs to the physical page: [ 17.857166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.857230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.857279] page_type: f5(slab) [ 17.857323] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.857376] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.857425] page dumped because: kasan: bad access detected [ 17.857458] [ 17.857478] Memory state around the buggy address: [ 17.857511] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.857557] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.857600] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.857645] ^ [ 17.857679] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.857724] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.857766] ================================================================== [ 17.868736] ================================================================== [ 17.868802] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 17.868854] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.868914] [ 17.869609] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.869765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.869859] Hardware name: linux,dummy-virt (DT) [ 17.869897] Call trace: [ 17.869921] show_stack+0x20/0x38 (C) [ 17.869992] dump_stack_lvl+0x8c/0xd0 [ 17.870049] print_report+0x118/0x5d0 [ 17.870097] kasan_report+0xdc/0x128 [ 17.870145] kasan_check_range+0x100/0x1a8 [ 17.870206] __kasan_check_write+0x20/0x30 [ 17.871399] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 17.871516] kasan_bitops_generic+0x110/0x1c8 [ 17.871567] kunit_try_run_case+0x170/0x3f0 [ 17.871647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.871724] kthread+0x328/0x630 [ 17.871811] ret_from_fork+0x10/0x20 [ 17.871869] [ 17.871889] Allocated by task 262: [ 17.871924] kasan_save_stack+0x3c/0x68 [ 17.871972] kasan_save_track+0x20/0x40 [ 17.872011] kasan_save_alloc_info+0x40/0x58 [ 17.872053] __kasan_kmalloc+0xd4/0xd8 [ 17.872612] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.872735] kasan_bitops_generic+0xa0/0x1c8 [ 17.872811] kunit_try_run_case+0x170/0x3f0 [ 17.872857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.873153] kthread+0x328/0x630 [ 17.873242] ret_from_fork+0x10/0x20 [ 17.873331] [ 17.873380] The buggy address belongs to the object at fff00000c591d620 [ 17.873380] which belongs to the cache kmalloc-16 of size 16 [ 17.873456] The buggy address is located 8 bytes inside of [ 17.873456] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.873561] [ 17.873585] The buggy address belongs to the physical page: [ 17.873619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.873677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.873727] page_type: f5(slab) [ 17.873767] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.873938] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.874051] page dumped because: kasan: bad access detected [ 17.874092] [ 17.874112] Memory state around the buggy address: [ 17.874145] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.874205] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.874252] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.874309] ^ [ 17.874345] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.874391] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.874913] ================================================================== [ 17.849156] ================================================================== [ 17.849247] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.849306] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.849360] [ 17.849391] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.849475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.849503] Hardware name: linux,dummy-virt (DT) [ 17.849538] Call trace: [ 17.849562] show_stack+0x20/0x38 (C) [ 17.849612] dump_stack_lvl+0x8c/0xd0 [ 17.849659] print_report+0x118/0x5d0 [ 17.849710] kasan_report+0xdc/0x128 [ 17.849756] __asan_report_load8_noabort+0x20/0x30 [ 17.849809] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.849862] kasan_bitops_generic+0x110/0x1c8 [ 17.849909] kunit_try_run_case+0x170/0x3f0 [ 17.849959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.850012] kthread+0x328/0x630 [ 17.850056] ret_from_fork+0x10/0x20 [ 17.850371] [ 17.850502] Allocated by task 262: [ 17.850611] kasan_save_stack+0x3c/0x68 [ 17.850703] kasan_save_track+0x20/0x40 [ 17.850763] kasan_save_alloc_info+0x40/0x58 [ 17.850806] __kasan_kmalloc+0xd4/0xd8 [ 17.850874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.850919] kasan_bitops_generic+0xa0/0x1c8 [ 17.851330] kunit_try_run_case+0x170/0x3f0 [ 17.851421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.851551] kthread+0x328/0x630 [ 17.851656] ret_from_fork+0x10/0x20 [ 17.851740] [ 17.851828] The buggy address belongs to the object at fff00000c591d620 [ 17.851828] which belongs to the cache kmalloc-16 of size 16 [ 17.851921] The buggy address is located 8 bytes inside of [ 17.851921] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.852049] [ 17.852086] The buggy address belongs to the physical page: [ 17.852120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.852177] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.852239] page_type: f5(slab) [ 17.852280] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.852333] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.852376] page dumped because: kasan: bad access detected [ 17.852412] [ 17.852433] Memory state around the buggy address: [ 17.852469] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.852515] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.852561] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.852601] ^ [ 17.852634] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.852681] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.852722] ================================================================== [ 17.833319] ================================================================== [ 17.833376] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.833431] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.833486] [ 17.833519] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.833602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.833631] Hardware name: linux,dummy-virt (DT) [ 17.833662] Call trace: [ 17.833685] show_stack+0x20/0x38 (C) [ 17.833736] dump_stack_lvl+0x8c/0xd0 [ 17.833784] print_report+0x118/0x5d0 [ 17.833833] kasan_report+0xdc/0x128 [ 17.833878] __asan_report_load8_noabort+0x20/0x30 [ 17.833931] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.833988] kasan_bitops_generic+0x110/0x1c8 [ 17.834039] kunit_try_run_case+0x170/0x3f0 [ 17.834088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.834142] kthread+0x328/0x630 [ 17.838731] ret_from_fork+0x10/0x20 [ 17.838795] [ 17.838816] Allocated by task 262: [ 17.838850] kasan_save_stack+0x3c/0x68 [ 17.838897] kasan_save_track+0x20/0x40 [ 17.838937] kasan_save_alloc_info+0x40/0x58 [ 17.838984] __kasan_kmalloc+0xd4/0xd8 [ 17.839021] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.839063] kasan_bitops_generic+0xa0/0x1c8 [ 17.839101] kunit_try_run_case+0x170/0x3f0 [ 17.839141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.839196] kthread+0x328/0x630 [ 17.839229] ret_from_fork+0x10/0x20 [ 17.839265] [ 17.839289] The buggy address belongs to the object at fff00000c591d620 [ 17.839289] which belongs to the cache kmalloc-16 of size 16 [ 17.839368] The buggy address is located 8 bytes inside of [ 17.839368] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.839446] [ 17.839513] The buggy address belongs to the physical page: [ 17.839613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.839736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.839802] page_type: f5(slab) [ 17.839893] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.839985] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.840029] page dumped because: kasan: bad access detected [ 17.840064] [ 17.840087] Memory state around the buggy address: [ 17.840122] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.840168] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.840224] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.840265] ^ [ 17.840297] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.840346] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.840458] ================================================================== [ 17.842054] ================================================================== [ 17.842195] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.842315] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.842387] [ 17.842432] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.842519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.842556] Hardware name: linux,dummy-virt (DT) [ 17.842604] Call trace: [ 17.842630] show_stack+0x20/0x38 (C) [ 17.843025] dump_stack_lvl+0x8c/0xd0 [ 17.843123] print_report+0x118/0x5d0 [ 17.843236] kasan_report+0xdc/0x128 [ 17.843315] kasan_check_range+0x100/0x1a8 [ 17.843393] __kasan_check_write+0x20/0x30 [ 17.843445] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.843498] kasan_bitops_generic+0x110/0x1c8 [ 17.843586] kunit_try_run_case+0x170/0x3f0 [ 17.843671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.843731] kthread+0x328/0x630 [ 17.843772] ret_from_fork+0x10/0x20 [ 17.843821] [ 17.843841] Allocated by task 262: [ 17.843878] kasan_save_stack+0x3c/0x68 [ 17.843933] kasan_save_track+0x20/0x40 [ 17.844041] kasan_save_alloc_info+0x40/0x58 [ 17.844083] __kasan_kmalloc+0xd4/0xd8 [ 17.844122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.844343] kasan_bitops_generic+0xa0/0x1c8 [ 17.844543] kunit_try_run_case+0x170/0x3f0 [ 17.844597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.844663] kthread+0x328/0x630 [ 17.844698] ret_from_fork+0x10/0x20 [ 17.845963] [ 17.846001] The buggy address belongs to the object at fff00000c591d620 [ 17.846001] which belongs to the cache kmalloc-16 of size 16 [ 17.846065] The buggy address is located 8 bytes inside of [ 17.846065] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.846130] [ 17.846152] The buggy address belongs to the physical page: [ 17.846204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.846261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.846311] page_type: f5(slab) [ 17.846350] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.848240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.848305] page dumped because: kasan: bad access detected [ 17.848341] [ 17.848363] Memory state around the buggy address: [ 17.848398] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.848445] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.848497] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.848537] ^ [ 17.848572] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.848618] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.848660] ================================================================== [ 17.875559] ================================================================== [ 17.875628] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 17.875702] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.875868] [ 17.875906] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.875991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.876028] Hardware name: linux,dummy-virt (DT) [ 17.876065] Call trace: [ 17.876121] show_stack+0x20/0x38 (C) [ 17.876208] dump_stack_lvl+0x8c/0xd0 [ 17.876257] print_report+0x118/0x5d0 [ 17.876377] kasan_report+0xdc/0x128 [ 17.876554] kasan_check_range+0x100/0x1a8 [ 17.876729] __kasan_check_write+0x20/0x30 [ 17.876792] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 17.876892] kasan_bitops_generic+0x110/0x1c8 [ 17.876942] kunit_try_run_case+0x170/0x3f0 [ 17.877024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.877079] kthread+0x328/0x630 [ 17.877127] ret_from_fork+0x10/0x20 [ 17.877177] [ 17.877214] Allocated by task 262: [ 17.877424] kasan_save_stack+0x3c/0x68 [ 17.877474] kasan_save_track+0x20/0x40 [ 17.877515] kasan_save_alloc_info+0x40/0x58 [ 17.877557] __kasan_kmalloc+0xd4/0xd8 [ 17.877602] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.877643] kasan_bitops_generic+0xa0/0x1c8 [ 17.877683] kunit_try_run_case+0x170/0x3f0 [ 17.877723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.877769] kthread+0x328/0x630 [ 17.877804] ret_from_fork+0x10/0x20 [ 17.877840] [ 17.877863] The buggy address belongs to the object at fff00000c591d620 [ 17.877863] which belongs to the cache kmalloc-16 of size 16 [ 17.877926] The buggy address is located 8 bytes inside of [ 17.877926] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.877995] [ 17.878015] The buggy address belongs to the physical page: [ 17.878048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.878104] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.878153] page_type: f5(slab) [ 17.878203] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.878257] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.878300] page dumped because: kasan: bad access detected [ 17.878334] [ 17.878355] Memory state around the buggy address: [ 17.878392] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.878439] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.878485] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.878527] ^ [ 17.878561] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878603] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878644] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.029980] ================================================================== [ 50.030055] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.030055] [ 50.030138] Use-after-free read at 0x00000000dcd8e5a3 (in kfence-#152): [ 50.030209] test_krealloc+0x51c/0x830 [ 50.030254] kunit_try_run_case+0x170/0x3f0 [ 50.030297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.030341] kthread+0x328/0x630 [ 50.030380] ret_from_fork+0x10/0x20 [ 50.030418] [ 50.030442] kfence-#152: 0x00000000dcd8e5a3-0x00000000cd656a55, size=32, cache=kmalloc-32 [ 50.030442] [ 50.030498] allocated by task 338 on cpu 0 at 50.029357s (0.001137s ago): [ 50.030566] test_alloc+0x29c/0x628 [ 50.030607] test_krealloc+0xc0/0x830 [ 50.030647] kunit_try_run_case+0x170/0x3f0 [ 50.030686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.030728] kthread+0x328/0x630 [ 50.030764] ret_from_fork+0x10/0x20 [ 50.030802] [ 50.030824] freed by task 338 on cpu 0 at 50.029588s (0.001233s ago): [ 50.030885] krealloc_noprof+0x148/0x360 [ 50.030924] test_krealloc+0x1dc/0x830 [ 50.030962] kunit_try_run_case+0x170/0x3f0 [ 50.031000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.031043] kthread+0x328/0x630 [ 50.031078] ret_from_fork+0x10/0x20 [ 50.031115] [ 50.031158] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.031244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.031272] Hardware name: linux,dummy-virt (DT) [ 50.031306] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.937530] ================================================================== [ 49.937630] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.937630] [ 49.937727] Use-after-free read at 0x000000008bc4a521 (in kfence-#151): [ 49.937780] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.937831] kunit_try_run_case+0x170/0x3f0 [ 49.937875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.937919] kthread+0x328/0x630 [ 49.937958] ret_from_fork+0x10/0x20 [ 49.937999] [ 49.938023] kfence-#151: 0x000000008bc4a521-0x00000000f4c9fb41, size=32, cache=test [ 49.938023] [ 49.938077] allocated by task 336 on cpu 1 at 49.925457s (0.012616s ago): [ 49.938145] test_alloc+0x230/0x628 [ 49.938204] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.938249] kunit_try_run_case+0x170/0x3f0 [ 49.938288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.938331] kthread+0x328/0x630 [ 49.938367] ret_from_fork+0x10/0x20 [ 49.938404] [ 49.938429] freed by task 336 on cpu 1 at 49.925544s (0.012881s ago): [ 49.938483] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.938526] kunit_try_run_case+0x170/0x3f0 [ 49.938565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.938608] kthread+0x328/0x630 [ 49.938642] ret_from_fork+0x10/0x20 [ 49.938681] [ 49.938727] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.938805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.938834] Hardware name: linux,dummy-virt (DT) [ 49.938868] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.433792] ================================================================== [ 26.433945] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.433945] [ 26.434049] Invalid read at 0x0000000045ae23f3: [ 26.434229] test_invalid_access+0xdc/0x1f0 [ 26.435560] kunit_try_run_case+0x170/0x3f0 [ 26.435651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.435705] kthread+0x328/0x630 [ 26.435751] ret_from_fork+0x10/0x20 [ 26.436120] [ 26.436529] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.436645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.437049] Hardware name: linux,dummy-virt (DT) [ 26.438477] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.201682] ================================================================== [ 26.201781] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.201781] [ 26.201845] Corrupted memory at 0x00000000086cf21a [ ! . . . . . . . . . . . . . . . ] (in kfence-#147): [ 26.202155] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.202218] kunit_try_run_case+0x170/0x3f0 [ 26.202262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.202306] kthread+0x328/0x630 [ 26.202342] ret_from_fork+0x10/0x20 [ 26.202380] [ 26.202405] kfence-#147: 0x00000000ed878b27-0x0000000030113e71, size=73, cache=kmalloc-96 [ 26.202405] [ 26.202461] allocated by task 326 on cpu 0 at 26.201429s (0.001029s ago): [ 26.202524] test_alloc+0x29c/0x628 [ 26.202563] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.202606] kunit_try_run_case+0x170/0x3f0 [ 26.202646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.202688] kthread+0x328/0x630 [ 26.202724] ret_from_fork+0x10/0x20 [ 26.202763] [ 26.202788] freed by task 326 on cpu 0 at 26.201590s (0.001194s ago): [ 26.202848] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.202889] kunit_try_run_case+0x170/0x3f0 [ 26.202929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.202972] kthread+0x328/0x630 [ 26.203006] ret_from_fork+0x10/0x20 [ 26.203046] [ 26.203089] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.203166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.203206] Hardware name: linux,dummy-virt (DT) [ 26.203238] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.993602] ================================================================== [ 25.993696] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.993696] [ 25.993797] Out-of-bounds read at 0x00000000264fa2a7 (105B right of kfence-#145): [ 25.993858] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.993907] kunit_try_run_case+0x170/0x3f0 [ 25.993951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.993996] kthread+0x328/0x630 [ 25.994035] ret_from_fork+0x10/0x20 [ 25.994075] [ 25.994099] kfence-#145: 0x00000000983ed8ca-0x00000000343ea278, size=73, cache=kmalloc-96 [ 25.994099] [ 25.994154] allocated by task 324 on cpu 0 at 25.993368s (0.000781s ago): [ 25.994239] test_alloc+0x29c/0x628 [ 25.994279] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.994325] kunit_try_run_case+0x170/0x3f0 [ 25.994366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.994409] kthread+0x328/0x630 [ 25.994445] ret_from_fork+0x10/0x20 [ 25.994484] [ 25.994533] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.994613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.994642] Hardware name: linux,dummy-virt (DT) [ 25.994678] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.313688] ================================================================== [ 21.313784] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.313784] [ 21.313848] Corrupted memory at 0x00000000e7564923 [ ! ] (in kfence-#100): [ 21.313976] test_corruption+0x284/0x378 [ 21.314023] kunit_try_run_case+0x170/0x3f0 [ 21.314065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.314110] kthread+0x328/0x630 [ 21.314148] ret_from_fork+0x10/0x20 [ 21.314202] [ 21.314225] kfence-#100: 0x0000000035e9610a-0x000000003208943c, size=32, cache=kmalloc-32 [ 21.314225] [ 21.314282] allocated by task 312 on cpu 1 at 21.313411s (0.000867s ago): [ 21.314343] test_alloc+0x29c/0x628 [ 21.314383] test_corruption+0x198/0x378 [ 21.314422] kunit_try_run_case+0x170/0x3f0 [ 21.314462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.314504] kthread+0x328/0x630 [ 21.314540] ret_from_fork+0x10/0x20 [ 21.314580] [ 21.314604] freed by task 312 on cpu 1 at 21.313521s (0.001079s ago): [ 21.314663] test_corruption+0x284/0x378 [ 21.314702] kunit_try_run_case+0x170/0x3f0 [ 21.314741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.314784] kthread+0x328/0x630 [ 21.314818] ret_from_fork+0x10/0x20 [ 21.314856] [ 21.314900] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.314976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.315005] Hardware name: linux,dummy-virt (DT) [ 21.315039] ================================================================== [ 21.521553] ================================================================== [ 21.521637] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.521637] [ 21.521696] Corrupted memory at 0x000000000ce38d7b [ ! ] (in kfence-#102): [ 21.521810] test_corruption+0x1d8/0x378 [ 21.521855] kunit_try_run_case+0x170/0x3f0 [ 21.521898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.521942] kthread+0x328/0x630 [ 21.521981] ret_from_fork+0x10/0x20 [ 21.522020] [ 21.522044] kfence-#102: 0x000000002c599e00-0x000000004c3b1b94, size=32, cache=test [ 21.522044] [ 21.522098] allocated by task 314 on cpu 1 at 21.521410s (0.000684s ago): [ 21.522159] test_alloc+0x230/0x628 [ 21.522213] test_corruption+0x198/0x378 [ 21.522253] kunit_try_run_case+0x170/0x3f0 [ 21.522291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.522335] kthread+0x328/0x630 [ 21.522371] ret_from_fork+0x10/0x20 [ 21.522409] [ 21.522434] freed by task 314 on cpu 1 at 21.521471s (0.000959s ago): [ 21.522492] test_corruption+0x1d8/0x378 [ 21.522531] kunit_try_run_case+0x170/0x3f0 [ 21.522571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.522612] kthread+0x328/0x630 [ 21.522647] ret_from_fork+0x10/0x20 [ 21.522684] [ 21.522725] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.522802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.522830] Hardware name: linux,dummy-virt (DT) [ 21.522863] ================================================================== [ 21.001722] ================================================================== [ 21.001828] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.001828] [ 21.001898] Corrupted memory at 0x00000000e78db7bc [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 21.003019] test_corruption+0x278/0x378 [ 21.003073] kunit_try_run_case+0x170/0x3f0 [ 21.003120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.003165] kthread+0x328/0x630 [ 21.003216] ret_from_fork+0x10/0x20 [ 21.003255] [ 21.003280] kfence-#97: 0x000000008ab2bb6a-0x00000000c58ee22e, size=32, cache=kmalloc-32 [ 21.003280] [ 21.003339] allocated by task 312 on cpu 1 at 21.001418s (0.001916s ago): [ 21.003401] test_alloc+0x29c/0x628 [ 21.003442] test_corruption+0xdc/0x378 [ 21.003483] kunit_try_run_case+0x170/0x3f0 [ 21.003523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.003568] kthread+0x328/0x630 [ 21.003604] ret_from_fork+0x10/0x20 [ 21.003643] [ 21.003665] freed by task 312 on cpu 1 at 21.001543s (0.002119s ago): [ 21.003725] test_corruption+0x278/0x378 [ 21.003765] kunit_try_run_case+0x170/0x3f0 [ 21.003805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.003846] kthread+0x328/0x630 [ 21.003881] ret_from_fork+0x10/0x20 [ 21.003921] [ 21.003971] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.004051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.004080] Hardware name: linux,dummy-virt (DT) [ 21.004116] ================================================================== [ 21.417512] ================================================================== [ 21.417601] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.417601] [ 21.417663] Corrupted memory at 0x000000001ba10f96 [ ! . . . . . . . . . . . . . . . ] (in kfence-#101): [ 21.417973] test_corruption+0x120/0x378 [ 21.418020] kunit_try_run_case+0x170/0x3f0 [ 21.418065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.418109] kthread+0x328/0x630 [ 21.418148] ret_from_fork+0x10/0x20 [ 21.418200] [ 21.418223] kfence-#101: 0x000000000c9d92db-0x000000006f78a71a, size=32, cache=test [ 21.418223] [ 21.418278] allocated by task 314 on cpu 1 at 21.417366s (0.000909s ago): [ 21.418339] test_alloc+0x230/0x628 [ 21.418379] test_corruption+0xdc/0x378 [ 21.418419] kunit_try_run_case+0x170/0x3f0 [ 21.418458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.418503] kthread+0x328/0x630 [ 21.418538] ret_from_fork+0x10/0x20 [ 21.418577] [ 21.418599] freed by task 314 on cpu 1 at 21.417426s (0.001169s ago): [ 21.418659] test_corruption+0x120/0x378 [ 21.418699] kunit_try_run_case+0x170/0x3f0 [ 21.418737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.418780] kthread+0x328/0x630 [ 21.418815] ret_from_fork+0x10/0x20 [ 21.418855] [ 21.418911] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.418988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.419016] Hardware name: linux,dummy-virt (DT) [ 21.419051] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.590142] ================================================================== [ 20.590262] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.590262] [ 20.590369] Invalid free of 0x000000004a756c11 (in kfence-#93): [ 20.590467] test_double_free+0x1bc/0x238 [ 20.590513] kunit_try_run_case+0x170/0x3f0 [ 20.590734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.590914] kthread+0x328/0x630 [ 20.590960] ret_from_fork+0x10/0x20 [ 20.591018] [ 20.591066] kfence-#93: 0x000000004a756c11-0x000000009bd72d8f, size=32, cache=kmalloc-32 [ 20.591066] [ 20.591122] allocated by task 304 on cpu 0 at 20.589650s (0.001468s ago): [ 20.591378] test_alloc+0x29c/0x628 [ 20.591433] test_double_free+0xd4/0x238 [ 20.591500] kunit_try_run_case+0x170/0x3f0 [ 20.591542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.591596] kthread+0x328/0x630 [ 20.591633] ret_from_fork+0x10/0x20 [ 20.591671] [ 20.591703] freed by task 304 on cpu 0 at 20.589896s (0.001803s ago): [ 20.591767] test_double_free+0x1ac/0x238 [ 20.591807] kunit_try_run_case+0x170/0x3f0 [ 20.591847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.591891] kthread+0x328/0x630 [ 20.591925] ret_from_fork+0x10/0x20 [ 20.591964] [ 20.592010] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.592090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.592119] Hardware name: linux,dummy-virt (DT) [ 20.592154] ================================================================== [ 20.694126] ================================================================== [ 20.694288] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.694288] [ 20.694562] Invalid free of 0x000000006c0f6cd6 (in kfence-#94): [ 20.694686] test_double_free+0x100/0x238 [ 20.694766] kunit_try_run_case+0x170/0x3f0 [ 20.694810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.694884] kthread+0x328/0x630 [ 20.694929] ret_from_fork+0x10/0x20 [ 20.695019] [ 20.695196] kfence-#94: 0x000000006c0f6cd6-0x000000002fae9442, size=32, cache=test [ 20.695196] [ 20.695274] allocated by task 306 on cpu 0 at 20.693594s (0.001674s ago): [ 20.695575] test_alloc+0x230/0x628 [ 20.695735] test_double_free+0xd4/0x238 [ 20.695964] kunit_try_run_case+0x170/0x3f0 [ 20.696018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.696063] kthread+0x328/0x630 [ 20.696098] ret_from_fork+0x10/0x20 [ 20.696137] [ 20.696159] freed by task 306 on cpu 0 at 20.693729s (0.002427s ago): [ 20.696360] test_double_free+0xf0/0x238 [ 20.696402] kunit_try_run_case+0x170/0x3f0 [ 20.696642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.696737] kthread+0x328/0x630 [ 20.696887] ret_from_fork+0x10/0x20 [ 20.696932] [ 20.697003] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.697264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.697471] Hardware name: linux,dummy-virt (DT) [ 20.697615] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 20.274104] ================================================================== [ 20.274195] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.274195] [ 20.274500] Use-after-free read at 0x000000008ede1ffe (in kfence-#90): [ 20.274669] test_use_after_free_read+0x114/0x248 [ 20.274722] kunit_try_run_case+0x170/0x3f0 [ 20.274765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.274808] kthread+0x328/0x630 [ 20.274941] ret_from_fork+0x10/0x20 [ 20.275008] [ 20.275053] kfence-#90: 0x000000008ede1ffe-0x000000000ea96c6e, size=32, cache=test [ 20.275053] [ 20.275135] allocated by task 298 on cpu 0 at 20.273871s (0.001243s ago): [ 20.275214] test_alloc+0x230/0x628 [ 20.275260] test_use_after_free_read+0xd0/0x248 [ 20.275346] kunit_try_run_case+0x170/0x3f0 [ 20.275392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.275438] kthread+0x328/0x630 [ 20.275474] ret_from_fork+0x10/0x20 [ 20.275512] [ 20.275761] freed by task 298 on cpu 0 at 20.273942s (0.001800s ago): [ 20.275906] test_use_after_free_read+0xf0/0x248 [ 20.275957] kunit_try_run_case+0x170/0x3f0 [ 20.275997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.276041] kthread+0x328/0x630 [ 20.276075] ret_from_fork+0x10/0x20 [ 20.276123] [ 20.276167] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.276258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.276285] Hardware name: linux,dummy-virt (DT) [ 20.276543] ================================================================== [ 20.167865] ================================================================== [ 20.167963] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.167963] [ 20.168250] Use-after-free read at 0x00000000be839a73 (in kfence-#89): [ 20.168312] test_use_after_free_read+0x114/0x248 [ 20.168434] kunit_try_run_case+0x170/0x3f0 [ 20.168501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.168545] kthread+0x328/0x630 [ 20.168585] ret_from_fork+0x10/0x20 [ 20.168623] [ 20.168647] kfence-#89: 0x00000000be839a73-0x00000000a2026642, size=32, cache=kmalloc-32 [ 20.168647] [ 20.168842] allocated by task 296 on cpu 0 at 20.167407s (0.001287s ago): [ 20.168945] test_alloc+0x29c/0x628 [ 20.168991] test_use_after_free_read+0xd0/0x248 [ 20.169164] kunit_try_run_case+0x170/0x3f0 [ 20.169254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.169296] kthread+0x328/0x630 [ 20.169332] ret_from_fork+0x10/0x20 [ 20.169380] [ 20.169930] freed by task 296 on cpu 0 at 20.167637s (0.002044s ago): [ 20.170151] test_use_after_free_read+0x1c0/0x248 [ 20.170556] kunit_try_run_case+0x170/0x3f0 [ 20.170665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.170789] kthread+0x328/0x630 [ 20.170877] ret_from_fork+0x10/0x20 [ 20.170944] [ 20.171324] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.171523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.171640] Hardware name: linux,dummy-virt (DT) [ 20.171675] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.063646] ================================================================== [ 20.063769] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.063769] [ 20.063904] Out-of-bounds write at 0x000000009890eb69 (1B left of kfence-#88): [ 20.064000] test_out_of_bounds_write+0x100/0x240 [ 20.064052] kunit_try_run_case+0x170/0x3f0 [ 20.064110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.064265] kthread+0x328/0x630 [ 20.064344] ret_from_fork+0x10/0x20 [ 20.064388] [ 20.064441] kfence-#88: 0x0000000071f1ca98-0x00000000b358e7df, size=32, cache=test [ 20.064441] [ 20.064501] allocated by task 294 on cpu 0 at 20.063066s (0.001431s ago): [ 20.064572] test_alloc+0x230/0x628 [ 20.064831] test_out_of_bounds_write+0xc8/0x240 [ 20.064892] kunit_try_run_case+0x170/0x3f0 [ 20.064955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.065067] kthread+0x328/0x630 [ 20.065106] ret_from_fork+0x10/0x20 [ 20.065156] [ 20.065594] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.065754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.065843] Hardware name: linux,dummy-virt (DT) [ 20.065884] ================================================================== [ 19.847759] ================================================================== [ 19.847825] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.847825] [ 19.847912] Out-of-bounds write at 0x00000000defba307 (1B left of kfence-#86): [ 19.847966] test_out_of_bounds_write+0x100/0x240 [ 19.848010] kunit_try_run_case+0x170/0x3f0 [ 19.848052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.848096] kthread+0x328/0x630 [ 19.848133] ret_from_fork+0x10/0x20 [ 19.848172] [ 19.848211] kfence-#86: 0x0000000072b4e606-0x000000008fd736a3, size=32, cache=kmalloc-32 [ 19.848211] [ 19.848265] allocated by task 292 on cpu 0 at 19.847623s (0.000639s ago): [ 19.848334] test_alloc+0x29c/0x628 [ 19.848372] test_out_of_bounds_write+0xc8/0x240 [ 19.848414] kunit_try_run_case+0x170/0x3f0 [ 19.848455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.848498] kthread+0x328/0x630 [ 19.848730] ret_from_fork+0x10/0x20 [ 19.848788] [ 19.848835] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.848963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.849121] Hardware name: linux,dummy-virt (DT) [ 19.849160] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.114861] ================================================================== [ 19.115080] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.115080] [ 19.115259] Out-of-bounds read at 0x0000000058eae786 (32B right of kfence-#79): [ 19.115350] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.115411] kunit_try_run_case+0x170/0x3f0 [ 19.115695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.115766] kthread+0x328/0x630 [ 19.115888] ret_from_fork+0x10/0x20 [ 19.115934] [ 19.116015] kfence-#79: 0x00000000d7eedaa9-0x00000000eef6f941, size=32, cache=kmalloc-32 [ 19.116015] [ 19.116146] allocated by task 288 on cpu 0 at 19.113991s (0.002133s ago): [ 19.116291] test_alloc+0x29c/0x628 [ 19.116336] test_out_of_bounds_read+0x198/0x3e0 [ 19.116378] kunit_try_run_case+0x170/0x3f0 [ 19.116416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.116733] kthread+0x328/0x630 [ 19.116794] ret_from_fork+0x10/0x20 [ 19.116904] [ 19.116961] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.117171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.117364] Hardware name: linux,dummy-virt (DT) [ 19.117439] ================================================================== [ 19.530107] ================================================================== [ 19.530201] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.530201] [ 19.530342] Out-of-bounds read at 0x00000000579f36d0 (1B left of kfence-#83): [ 19.530418] test_out_of_bounds_read+0x114/0x3e0 [ 19.530519] kunit_try_run_case+0x170/0x3f0 [ 19.530562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.530632] kthread+0x328/0x630 [ 19.530704] ret_from_fork+0x10/0x20 [ 19.530771] [ 19.530831] kfence-#83: 0x00000000938bd354-0x000000002288f8cd, size=32, cache=test [ 19.530831] [ 19.530936] allocated by task 290 on cpu 0 at 19.530022s (0.000893s ago): [ 19.531274] test_alloc+0x230/0x628 [ 19.531331] test_out_of_bounds_read+0xdc/0x3e0 [ 19.531395] kunit_try_run_case+0x170/0x3f0 [ 19.531437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.531508] kthread+0x328/0x630 [ 19.531572] ret_from_fork+0x10/0x20 [ 19.531660] [ 19.531705] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.531803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.531880] Hardware name: linux,dummy-virt (DT) [ 19.531915] ================================================================== [ 18.906907] ================================================================== [ 18.907400] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.907400] [ 18.907750] Out-of-bounds read at 0x000000000b2718eb (1B left of kfence-#77): [ 18.908277] test_out_of_bounds_read+0x114/0x3e0 [ 18.908334] kunit_try_run_case+0x170/0x3f0 [ 18.908662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.908771] kthread+0x328/0x630 [ 18.908815] ret_from_fork+0x10/0x20 [ 18.909000] [ 18.909489] kfence-#77: 0x0000000003eef249-0x000000001ec17d79, size=32, cache=kmalloc-32 [ 18.909489] [ 18.910063] allocated by task 288 on cpu 0 at 18.905779s (0.003838s ago): [ 18.911837] test_alloc+0x29c/0x628 [ 18.912279] test_out_of_bounds_read+0xdc/0x3e0 [ 18.912354] kunit_try_run_case+0x170/0x3f0 [ 18.912397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.912465] kthread+0x328/0x630 [ 18.912510] ret_from_fork+0x10/0x20 [ 18.912642] [ 18.912718] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.912814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.912857] Hardware name: linux,dummy-virt (DT) [ 18.912913] ================================================================== [ 19.742272] ================================================================== [ 19.742368] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.742368] [ 19.742475] Out-of-bounds read at 0x00000000fbdb6fb6 (32B right of kfence-#85): [ 19.742538] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.742583] kunit_try_run_case+0x170/0x3f0 [ 19.742625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.742668] kthread+0x328/0x630 [ 19.742956] ret_from_fork+0x10/0x20 [ 19.743027] [ 19.743052] kfence-#85: 0x00000000a52ed27c-0x000000007b6c67a6, size=32, cache=test [ 19.743052] [ 19.743114] allocated by task 290 on cpu 0 at 19.742097s (0.001004s ago): [ 19.743192] test_alloc+0x230/0x628 [ 19.743234] test_out_of_bounds_read+0x198/0x3e0 [ 19.743275] kunit_try_run_case+0x170/0x3f0 [ 19.743318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.743362] kthread+0x328/0x630 [ 19.743399] ret_from_fork+0x10/0x20 [ 19.743451] [ 19.743492] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.743595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.743624] Hardware name: linux,dummy-virt (DT) [ 19.743657] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.834841] ================================================================== [ 18.834895] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.834946] Write of size 1 at addr fff00000c593d378 by task kunit_try_catch/286 [ 18.834999] [ 18.835030] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.835115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.835716] Hardware name: linux,dummy-virt (DT) [ 18.835935] Call trace: [ 18.836145] show_stack+0x20/0x38 (C) [ 18.836433] dump_stack_lvl+0x8c/0xd0 [ 18.836604] print_report+0x118/0x5d0 [ 18.836721] kasan_report+0xdc/0x128 [ 18.836947] __asan_report_store1_noabort+0x20/0x30 [ 18.837210] strncpy_from_user+0x270/0x2a0 [ 18.837516] copy_user_test_oob+0x5c0/0xec8 [ 18.838005] kunit_try_run_case+0x170/0x3f0 [ 18.838105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.838341] kthread+0x328/0x630 [ 18.838537] ret_from_fork+0x10/0x20 [ 18.838586] [ 18.838802] Allocated by task 286: [ 18.838944] kasan_save_stack+0x3c/0x68 [ 18.839055] kasan_save_track+0x20/0x40 [ 18.839152] kasan_save_alloc_info+0x40/0x58 [ 18.839226] __kasan_kmalloc+0xd4/0xd8 [ 18.839264] __kmalloc_noprof+0x198/0x4c8 [ 18.839304] kunit_kmalloc_array+0x34/0x88 [ 18.839343] copy_user_test_oob+0xac/0xec8 [ 18.839580] kunit_try_run_case+0x170/0x3f0 [ 18.839664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.839736] kthread+0x328/0x630 [ 18.839773] ret_from_fork+0x10/0x20 [ 18.840223] [ 18.840267] The buggy address belongs to the object at fff00000c593d300 [ 18.840267] which belongs to the cache kmalloc-128 of size 128 [ 18.840331] The buggy address is located 0 bytes to the right of [ 18.840331] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.840414] [ 18.840435] The buggy address belongs to the physical page: [ 18.840473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.840640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.840877] page_type: f5(slab) [ 18.840924] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.841075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.841119] page dumped because: kasan: bad access detected [ 18.841153] [ 18.841392] Memory state around the buggy address: [ 18.841543] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.841594] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.841668] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.841791] ^ [ 18.841869] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.841933] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.841975] ================================================================== [ 18.825766] ================================================================== [ 18.825822] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.825878] Write of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.826086] [ 18.826258] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.826839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.826995] Hardware name: linux,dummy-virt (DT) [ 18.827169] Call trace: [ 18.827226] show_stack+0x20/0x38 (C) [ 18.827276] dump_stack_lvl+0x8c/0xd0 [ 18.827322] print_report+0x118/0x5d0 [ 18.827373] kasan_report+0xdc/0x128 [ 18.827418] kasan_check_range+0x100/0x1a8 [ 18.827475] __kasan_check_write+0x20/0x30 [ 18.827540] strncpy_from_user+0x3c/0x2a0 [ 18.827720] copy_user_test_oob+0x5c0/0xec8 [ 18.827960] kunit_try_run_case+0x170/0x3f0 [ 18.828532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.829038] kthread+0x328/0x630 [ 18.829416] ret_from_fork+0x10/0x20 [ 18.829593] [ 18.829626] Allocated by task 286: [ 18.829688] kasan_save_stack+0x3c/0x68 [ 18.829733] kasan_save_track+0x20/0x40 [ 18.829770] kasan_save_alloc_info+0x40/0x58 [ 18.829933] __kasan_kmalloc+0xd4/0xd8 [ 18.829981] __kmalloc_noprof+0x198/0x4c8 [ 18.830326] kunit_kmalloc_array+0x34/0x88 [ 18.830684] copy_user_test_oob+0xac/0xec8 [ 18.830894] kunit_try_run_case+0x170/0x3f0 [ 18.831017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.831068] kthread+0x328/0x630 [ 18.831102] ret_from_fork+0x10/0x20 [ 18.831140] [ 18.831161] The buggy address belongs to the object at fff00000c593d300 [ 18.831161] which belongs to the cache kmalloc-128 of size 128 [ 18.831234] The buggy address is located 0 bytes inside of [ 18.831234] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.831305] [ 18.831336] The buggy address belongs to the physical page: [ 18.831369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.831917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.832165] page_type: f5(slab) [ 18.832241] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.832296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.833081] page dumped because: kasan: bad access detected [ 18.833312] [ 18.833400] Memory state around the buggy address: [ 18.833450] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.833560] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.833609] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.833830] ^ [ 18.833950] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.833997] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.834161] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.751383] ================================================================== [ 18.751755] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.752329] Write of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.752532] [ 18.752791] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.753653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.753774] Hardware name: linux,dummy-virt (DT) [ 18.753859] Call trace: [ 18.753894] show_stack+0x20/0x38 (C) [ 18.754050] dump_stack_lvl+0x8c/0xd0 [ 18.754127] print_report+0x118/0x5d0 [ 18.754175] kasan_report+0xdc/0x128 [ 18.754232] kasan_check_range+0x100/0x1a8 [ 18.754562] __kasan_check_write+0x20/0x30 [ 18.754679] copy_user_test_oob+0x234/0xec8 [ 18.754728] kunit_try_run_case+0x170/0x3f0 [ 18.754783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.754850] kthread+0x328/0x630 [ 18.754895] ret_from_fork+0x10/0x20 [ 18.755504] [ 18.755578] Allocated by task 286: [ 18.755662] kasan_save_stack+0x3c/0x68 [ 18.755763] kasan_save_track+0x20/0x40 [ 18.755930] kasan_save_alloc_info+0x40/0x58 [ 18.755992] __kasan_kmalloc+0xd4/0xd8 [ 18.756030] __kmalloc_noprof+0x198/0x4c8 [ 18.756137] kunit_kmalloc_array+0x34/0x88 [ 18.756177] copy_user_test_oob+0xac/0xec8 [ 18.756227] kunit_try_run_case+0x170/0x3f0 [ 18.756266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.756312] kthread+0x328/0x630 [ 18.756345] ret_from_fork+0x10/0x20 [ 18.756590] [ 18.756839] The buggy address belongs to the object at fff00000c593d300 [ 18.756839] which belongs to the cache kmalloc-128 of size 128 [ 18.757254] The buggy address is located 0 bytes inside of [ 18.757254] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.757501] [ 18.757745] The buggy address belongs to the physical page: [ 18.757786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.757847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.757931] page_type: f5(slab) [ 18.757975] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.758380] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.758552] page dumped because: kasan: bad access detected [ 18.758643] [ 18.758673] Memory state around the buggy address: [ 18.758727] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.758775] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.759175] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.759258] ^ [ 18.759409] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.759467] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.759749] ================================================================== [ 18.784054] ================================================================== [ 18.784119] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.784176] Write of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.784247] [ 18.784295] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.784383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.784665] Hardware name: linux,dummy-virt (DT) [ 18.785018] Call trace: [ 18.785616] show_stack+0x20/0x38 (C) [ 18.785776] dump_stack_lvl+0x8c/0xd0 [ 18.785824] print_report+0x118/0x5d0 [ 18.785871] kasan_report+0xdc/0x128 [ 18.785918] kasan_check_range+0x100/0x1a8 [ 18.786332] __kasan_check_write+0x20/0x30 [ 18.786523] copy_user_test_oob+0x35c/0xec8 [ 18.786575] kunit_try_run_case+0x170/0x3f0 [ 18.786654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.786709] kthread+0x328/0x630 [ 18.786754] ret_from_fork+0x10/0x20 [ 18.786803] [ 18.786878] Allocated by task 286: [ 18.787041] kasan_save_stack+0x3c/0x68 [ 18.787133] kasan_save_track+0x20/0x40 [ 18.787174] kasan_save_alloc_info+0x40/0x58 [ 18.787228] __kasan_kmalloc+0xd4/0xd8 [ 18.787266] __kmalloc_noprof+0x198/0x4c8 [ 18.787304] kunit_kmalloc_array+0x34/0x88 [ 18.787345] copy_user_test_oob+0xac/0xec8 [ 18.787384] kunit_try_run_case+0x170/0x3f0 [ 18.787956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.788196] kthread+0x328/0x630 [ 18.788233] ret_from_fork+0x10/0x20 [ 18.788315] [ 18.788712] The buggy address belongs to the object at fff00000c593d300 [ 18.788712] which belongs to the cache kmalloc-128 of size 128 [ 18.788782] The buggy address is located 0 bytes inside of [ 18.788782] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.789000] [ 18.789097] The buggy address belongs to the physical page: [ 18.789135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.789203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.789255] page_type: f5(slab) [ 18.789297] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.789484] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.789553] page dumped because: kasan: bad access detected [ 18.789588] [ 18.789609] Memory state around the buggy address: [ 18.789644] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.789690] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.789736] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.789778] ^ [ 18.789892] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.790057] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.790099] ================================================================== [ 18.817773] ================================================================== [ 18.817829] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.817883] Read of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.817944] [ 18.818107] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.818262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.818324] Hardware name: linux,dummy-virt (DT) [ 18.818744] Call trace: [ 18.818790] show_stack+0x20/0x38 (C) [ 18.818977] dump_stack_lvl+0x8c/0xd0 [ 18.819374] print_report+0x118/0x5d0 [ 18.819469] kasan_report+0xdc/0x128 [ 18.819527] kasan_check_range+0x100/0x1a8 [ 18.819870] __kasan_check_read+0x20/0x30 [ 18.820115] copy_user_test_oob+0x4a0/0xec8 [ 18.820170] kunit_try_run_case+0x170/0x3f0 [ 18.820229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.820287] kthread+0x328/0x630 [ 18.820330] ret_from_fork+0x10/0x20 [ 18.820378] [ 18.820399] Allocated by task 286: [ 18.820428] kasan_save_stack+0x3c/0x68 [ 18.820489] kasan_save_track+0x20/0x40 [ 18.820528] kasan_save_alloc_info+0x40/0x58 [ 18.820680] __kasan_kmalloc+0xd4/0xd8 [ 18.821060] __kmalloc_noprof+0x198/0x4c8 [ 18.821409] kunit_kmalloc_array+0x34/0x88 [ 18.821456] copy_user_test_oob+0xac/0xec8 [ 18.821496] kunit_try_run_case+0x170/0x3f0 [ 18.821535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.821580] kthread+0x328/0x630 [ 18.821615] ret_from_fork+0x10/0x20 [ 18.821653] [ 18.821674] The buggy address belongs to the object at fff00000c593d300 [ 18.821674] which belongs to the cache kmalloc-128 of size 128 [ 18.822120] The buggy address is located 0 bytes inside of [ 18.822120] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.822231] [ 18.822253] The buggy address belongs to the physical page: [ 18.822588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.822651] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.822701] page_type: f5(slab) [ 18.822739] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.822793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.822848] page dumped because: kasan: bad access detected [ 18.822882] [ 18.823331] Memory state around the buggy address: [ 18.823434] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.823482] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823577] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.823619] ^ [ 18.823719] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823765] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.823807] ================================================================== [ 18.806144] ================================================================== [ 18.806226] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.806284] Read of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.806338] [ 18.806371] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.806456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.806485] Hardware name: linux,dummy-virt (DT) [ 18.806519] Call trace: [ 18.806542] show_stack+0x20/0x38 (C) [ 18.806590] dump_stack_lvl+0x8c/0xd0 [ 18.806637] print_report+0x118/0x5d0 [ 18.806683] kasan_report+0xdc/0x128 [ 18.806728] kasan_check_range+0x100/0x1a8 [ 18.806777] __kasan_check_read+0x20/0x30 [ 18.806822] copy_user_test_oob+0x3c8/0xec8 [ 18.806870] kunit_try_run_case+0x170/0x3f0 [ 18.806916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.806970] kthread+0x328/0x630 [ 18.807012] ret_from_fork+0x10/0x20 [ 18.807061] [ 18.807081] Allocated by task 286: [ 18.807109] kasan_save_stack+0x3c/0x68 [ 18.807151] kasan_save_track+0x20/0x40 [ 18.807200] kasan_save_alloc_info+0x40/0x58 [ 18.807243] __kasan_kmalloc+0xd4/0xd8 [ 18.807427] __kmalloc_noprof+0x198/0x4c8 [ 18.807484] kunit_kmalloc_array+0x34/0x88 [ 18.807526] copy_user_test_oob+0xac/0xec8 [ 18.807567] kunit_try_run_case+0x170/0x3f0 [ 18.807785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.807850] kthread+0x328/0x630 [ 18.808192] ret_from_fork+0x10/0x20 [ 18.808276] [ 18.808301] The buggy address belongs to the object at fff00000c593d300 [ 18.808301] which belongs to the cache kmalloc-128 of size 128 [ 18.808613] The buggy address is located 0 bytes inside of [ 18.808613] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.808718] [ 18.808767] The buggy address belongs to the physical page: [ 18.808816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.808875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.808925] page_type: f5(slab) [ 18.808965] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.809019] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.809207] page dumped because: kasan: bad access detected [ 18.809248] [ 18.809270] Memory state around the buggy address: [ 18.809306] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.809353] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.809398] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.809702] ^ [ 18.809757] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.810014] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.810061] ================================================================== [ 18.810985] ================================================================== [ 18.811052] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.811103] Write of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.811446] [ 18.811489] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.811586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.811617] Hardware name: linux,dummy-virt (DT) [ 18.811649] Call trace: [ 18.811673] show_stack+0x20/0x38 (C) [ 18.811722] dump_stack_lvl+0x8c/0xd0 [ 18.811771] print_report+0x118/0x5d0 [ 18.811816] kasan_report+0xdc/0x128 [ 18.811861] kasan_check_range+0x100/0x1a8 [ 18.811931] __kasan_check_write+0x20/0x30 [ 18.811978] copy_user_test_oob+0x434/0xec8 [ 18.812024] kunit_try_run_case+0x170/0x3f0 [ 18.812072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.812129] kthread+0x328/0x630 [ 18.812173] ret_from_fork+0x10/0x20 [ 18.812232] [ 18.812263] Allocated by task 286: [ 18.812294] kasan_save_stack+0x3c/0x68 [ 18.812337] kasan_save_track+0x20/0x40 [ 18.812377] kasan_save_alloc_info+0x40/0x58 [ 18.812417] __kasan_kmalloc+0xd4/0xd8 [ 18.812460] __kmalloc_noprof+0x198/0x4c8 [ 18.812507] kunit_kmalloc_array+0x34/0x88 [ 18.812559] copy_user_test_oob+0xac/0xec8 [ 18.812597] kunit_try_run_case+0x170/0x3f0 [ 18.812637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.812728] kthread+0x328/0x630 [ 18.812768] ret_from_fork+0x10/0x20 [ 18.813193] [ 18.813229] The buggy address belongs to the object at fff00000c593d300 [ 18.813229] which belongs to the cache kmalloc-128 of size 128 [ 18.813351] The buggy address is located 0 bytes inside of [ 18.813351] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.813429] [ 18.813452] The buggy address belongs to the physical page: [ 18.813484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.813718] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.814333] page_type: f5(slab) [ 18.814387] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.814441] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.814788] page dumped because: kasan: bad access detected [ 18.814828] [ 18.814927] Memory state around the buggy address: [ 18.815267] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.815358] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.815448] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.815492] ^ [ 18.815622] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.815729] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.815771] ================================================================== [ 18.767039] ================================================================== [ 18.767364] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.767524] Read of size 121 at addr fff00000c593d300 by task kunit_try_catch/286 [ 18.767834] [ 18.767904] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.768313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.768346] Hardware name: linux,dummy-virt (DT) [ 18.768380] Call trace: [ 18.768403] show_stack+0x20/0x38 (C) [ 18.768611] dump_stack_lvl+0x8c/0xd0 [ 18.768658] print_report+0x118/0x5d0 [ 18.768704] kasan_report+0xdc/0x128 [ 18.768751] kasan_check_range+0x100/0x1a8 [ 18.769055] __kasan_check_read+0x20/0x30 [ 18.769116] copy_user_test_oob+0x728/0xec8 [ 18.769166] kunit_try_run_case+0x170/0x3f0 [ 18.769611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770176] kthread+0x328/0x630 [ 18.770340] ret_from_fork+0x10/0x20 [ 18.770530] [ 18.770551] Allocated by task 286: [ 18.770581] kasan_save_stack+0x3c/0x68 [ 18.770672] kasan_save_track+0x20/0x40 [ 18.770758] kasan_save_alloc_info+0x40/0x58 [ 18.770835] __kasan_kmalloc+0xd4/0xd8 [ 18.770873] __kmalloc_noprof+0x198/0x4c8 [ 18.770919] kunit_kmalloc_array+0x34/0x88 [ 18.771085] copy_user_test_oob+0xac/0xec8 [ 18.771132] kunit_try_run_case+0x170/0x3f0 [ 18.771189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771308] kthread+0x328/0x630 [ 18.771348] ret_from_fork+0x10/0x20 [ 18.771525] [ 18.771546] The buggy address belongs to the object at fff00000c593d300 [ 18.771546] which belongs to the cache kmalloc-128 of size 128 [ 18.771633] The buggy address is located 0 bytes inside of [ 18.771633] allocated 120-byte region [fff00000c593d300, fff00000c593d378) [ 18.771782] [ 18.771829] The buggy address belongs to the physical page: [ 18.771886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.771998] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.772105] page_type: f5(slab) [ 18.772150] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.772236] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.772281] page dumped because: kasan: bad access detected [ 18.772315] [ 18.772335] Memory state around the buggy address: [ 18.772371] fff00000c593d200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.772419] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.772471] >fff00000c593d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.772512] ^ [ 18.772555] fff00000c593d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.772600] fff00000c593d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.772640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.713003] ================================================================== [ 18.713059] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.713153] Write of size 8 at addr fff00000c593d278 by task kunit_try_catch/282 [ 18.713219] [ 18.713249] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.713333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.713362] Hardware name: linux,dummy-virt (DT) [ 18.714039] Call trace: [ 18.714096] show_stack+0x20/0x38 (C) [ 18.714148] dump_stack_lvl+0x8c/0xd0 [ 18.714218] print_report+0x118/0x5d0 [ 18.714411] kasan_report+0xdc/0x128 [ 18.714476] kasan_check_range+0x100/0x1a8 [ 18.714528] __kasan_check_write+0x20/0x30 [ 18.714575] copy_to_kernel_nofault+0x8c/0x250 [ 18.714623] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.714729] kunit_try_run_case+0x170/0x3f0 [ 18.714782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.714835] kthread+0x328/0x630 [ 18.714879] ret_from_fork+0x10/0x20 [ 18.714927] [ 18.714959] Allocated by task 282: [ 18.715012] kasan_save_stack+0x3c/0x68 [ 18.715054] kasan_save_track+0x20/0x40 [ 18.715113] kasan_save_alloc_info+0x40/0x58 [ 18.715224] __kasan_kmalloc+0xd4/0xd8 [ 18.715413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.715457] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.715498] kunit_try_run_case+0x170/0x3f0 [ 18.715563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.715670] kthread+0x328/0x630 [ 18.715723] ret_from_fork+0x10/0x20 [ 18.715813] [ 18.715878] The buggy address belongs to the object at fff00000c593d200 [ 18.715878] which belongs to the cache kmalloc-128 of size 128 [ 18.715978] The buggy address is located 0 bytes to the right of [ 18.715978] allocated 120-byte region [fff00000c593d200, fff00000c593d278) [ 18.716047] [ 18.716121] The buggy address belongs to the physical page: [ 18.716153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.716219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.716269] page_type: f5(slab) [ 18.716343] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.716397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.716441] page dumped because: kasan: bad access detected [ 18.716568] [ 18.716590] Memory state around the buggy address: [ 18.716623] fff00000c593d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.716669] fff00000c593d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.716741] >fff00000c593d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.716803] ^ [ 18.717026] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.717076] fff00000c593d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.717168] ================================================================== [ 18.707730] ================================================================== [ 18.707931] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.708025] Read of size 8 at addr fff00000c593d278 by task kunit_try_catch/282 [ 18.708214] [ 18.708259] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.708637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.708670] Hardware name: linux,dummy-virt (DT) [ 18.708705] Call trace: [ 18.708731] show_stack+0x20/0x38 (C) [ 18.708794] dump_stack_lvl+0x8c/0xd0 [ 18.708986] print_report+0x118/0x5d0 [ 18.709098] kasan_report+0xdc/0x128 [ 18.709324] __asan_report_load8_noabort+0x20/0x30 [ 18.709436] copy_to_kernel_nofault+0x204/0x250 [ 18.709486] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.709534] kunit_try_run_case+0x170/0x3f0 [ 18.709584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.709686] kthread+0x328/0x630 [ 18.709735] ret_from_fork+0x10/0x20 [ 18.709788] [ 18.709808] Allocated by task 282: [ 18.709837] kasan_save_stack+0x3c/0x68 [ 18.709881] kasan_save_track+0x20/0x40 [ 18.709981] kasan_save_alloc_info+0x40/0x58 [ 18.710044] __kasan_kmalloc+0xd4/0xd8 [ 18.710113] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.710169] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.710317] kunit_try_run_case+0x170/0x3f0 [ 18.710357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.710440] kthread+0x328/0x630 [ 18.710525] ret_from_fork+0x10/0x20 [ 18.710565] [ 18.710587] The buggy address belongs to the object at fff00000c593d200 [ 18.710587] which belongs to the cache kmalloc-128 of size 128 [ 18.710708] The buggy address is located 0 bytes to the right of [ 18.710708] allocated 120-byte region [fff00000c593d200, fff00000c593d278) [ 18.710776] [ 18.710797] The buggy address belongs to the physical page: [ 18.710831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10593d [ 18.710924] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.710976] page_type: f5(slab) [ 18.711017] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.711070] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.711170] page dumped because: kasan: bad access detected [ 18.711279] [ 18.711357] Memory state around the buggy address: [ 18.711398] fff00000c593d100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.711576] fff00000c593d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.711622] >fff00000c593d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.711664] ^ [ 18.711708] fff00000c593d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.711753] fff00000c593d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.711794] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.668126] ================================================================== [ 18.668213] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.668271] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 18.668325] [ 18.668359] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.668466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.668632] Hardware name: linux,dummy-virt (DT) [ 18.668825] Call trace: [ 18.668950] show_stack+0x20/0x38 (C) [ 18.669045] dump_stack_lvl+0x8c/0xd0 [ 18.669092] print_report+0x310/0x5d0 [ 18.669140] kasan_report+0xdc/0x128 [ 18.669195] __asan_report_load1_noabort+0x20/0x30 [ 18.669453] vmalloc_oob+0x578/0x5d0 [ 18.669526] kunit_try_run_case+0x170/0x3f0 [ 18.669702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.669825] kthread+0x328/0x630 [ 18.669939] ret_from_fork+0x10/0x20 [ 18.670029] [ 18.670085] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.670270] The buggy address belongs to the physical page: [ 18.670411] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106efa [ 18.670485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.670566] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.670621] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.670664] page dumped because: kasan: bad access detected [ 18.670697] [ 18.670719] Memory state around the buggy address: [ 18.670764] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.671084] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.671384] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.671720] ^ [ 18.671835] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.671881] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.671924] ================================================================== [ 18.673363] ================================================================== [ 18.673417] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.673465] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 18.673535] [ 18.673686] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.673836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.673872] Hardware name: linux,dummy-virt (DT) [ 18.674118] Call trace: [ 18.674266] show_stack+0x20/0x38 (C) [ 18.674416] dump_stack_lvl+0x8c/0xd0 [ 18.674467] print_report+0x310/0x5d0 [ 18.674519] kasan_report+0xdc/0x128 [ 18.674745] __asan_report_load1_noabort+0x20/0x30 [ 18.674878] vmalloc_oob+0x51c/0x5d0 [ 18.675037] kunit_try_run_case+0x170/0x3f0 [ 18.675113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.675503] kthread+0x328/0x630 [ 18.675711] ret_from_fork+0x10/0x20 [ 18.675762] [ 18.675786] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.675831] The buggy address belongs to the physical page: [ 18.676115] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106efa [ 18.676191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.676253] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.676305] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.676347] page dumped because: kasan: bad access detected [ 18.676381] [ 18.676409] Memory state around the buggy address: [ 18.676444] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.676495] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.676660] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.676825] ^ [ 18.677048] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.677229] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.677390] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.284887] ================================================================== [ 18.285000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.285055] Write of size 4 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.285110] [ 18.285142] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.285241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.285270] Hardware name: linux,dummy-virt (DT) [ 18.285302] Call trace: [ 18.285326] show_stack+0x20/0x38 (C) [ 18.285376] dump_stack_lvl+0x8c/0xd0 [ 18.285423] print_report+0x118/0x5d0 [ 18.285470] kasan_report+0xdc/0x128 [ 18.285518] kasan_check_range+0x100/0x1a8 [ 18.285900] __kasan_check_write+0x20/0x30 [ 18.286121] kasan_atomics_helper+0xa6c/0x4858 [ 18.286344] kasan_atomics+0x198/0x2e0 [ 18.286408] kunit_try_run_case+0x170/0x3f0 [ 18.286456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.286523] kthread+0x328/0x630 [ 18.286603] ret_from_fork+0x10/0x20 [ 18.286919] [ 18.287054] Allocated by task 266: [ 18.287411] kasan_save_stack+0x3c/0x68 [ 18.287649] kasan_save_track+0x20/0x40 [ 18.287733] kasan_save_alloc_info+0x40/0x58 [ 18.288367] __kasan_kmalloc+0xd4/0xd8 [ 18.289134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.289355] kasan_atomics+0xb8/0x2e0 [ 18.289419] kunit_try_run_case+0x170/0x3f0 [ 18.289460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.289506] kthread+0x328/0x630 [ 18.290249] ret_from_fork+0x10/0x20 [ 18.290308] [ 18.290574] The buggy address belongs to the object at fff00000c653a200 [ 18.290574] which belongs to the cache kmalloc-64 of size 64 [ 18.290921] The buggy address is located 0 bytes to the right of [ 18.290921] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.291660] [ 18.292045] The buggy address belongs to the physical page: [ 18.292080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.292615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.292689] page_type: f5(slab) [ 18.292731] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.292784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.292828] page dumped because: kasan: bad access detected [ 18.293330] [ 18.293381] Memory state around the buggy address: [ 18.293509] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.293559] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.293605] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.294132] ^ [ 18.294201] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294427] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.294490] ================================================================== [ 18.474391] ================================================================== [ 18.474458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.474512] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.474950] [ 18.474987] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.475073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.475102] Hardware name: linux,dummy-virt (DT) [ 18.475136] Call trace: [ 18.475160] show_stack+0x20/0x38 (C) [ 18.475223] dump_stack_lvl+0x8c/0xd0 [ 18.475269] print_report+0x118/0x5d0 [ 18.476229] kasan_report+0xdc/0x128 [ 18.476310] kasan_check_range+0x100/0x1a8 [ 18.476409] __kasan_check_write+0x20/0x30 [ 18.476491] kasan_atomics_helper+0xf88/0x4858 [ 18.476540] kasan_atomics+0x198/0x2e0 [ 18.476586] kunit_try_run_case+0x170/0x3f0 [ 18.476632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.476687] kthread+0x328/0x630 [ 18.476731] ret_from_fork+0x10/0x20 [ 18.476778] [ 18.476799] Allocated by task 266: [ 18.476832] kasan_save_stack+0x3c/0x68 [ 18.476875] kasan_save_track+0x20/0x40 [ 18.477480] kasan_save_alloc_info+0x40/0x58 [ 18.477543] __kasan_kmalloc+0xd4/0xd8 [ 18.478137] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.478205] kasan_atomics+0xb8/0x2e0 [ 18.478244] kunit_try_run_case+0x170/0x3f0 [ 18.478285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.478482] kthread+0x328/0x630 [ 18.478604] ret_from_fork+0x10/0x20 [ 18.478905] [ 18.478934] The buggy address belongs to the object at fff00000c653a200 [ 18.478934] which belongs to the cache kmalloc-64 of size 64 [ 18.479126] The buggy address is located 0 bytes to the right of [ 18.479126] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.479794] [ 18.479818] The buggy address belongs to the physical page: [ 18.479866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.480084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.480338] page_type: f5(slab) [ 18.480384] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.481096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.481394] page dumped because: kasan: bad access detected [ 18.481444] [ 18.481465] Memory state around the buggy address: [ 18.481502] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.481549] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.482135] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.482190] ^ [ 18.482235] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.482279] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.482322] ================================================================== [ 18.621464] ================================================================== [ 18.621662] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.621722] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.621775] [ 18.621815] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.621899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.621928] Hardware name: linux,dummy-virt (DT) [ 18.621960] Call trace: [ 18.621983] show_stack+0x20/0x38 (C) [ 18.622100] dump_stack_lvl+0x8c/0xd0 [ 18.622152] print_report+0x118/0x5d0 [ 18.622220] kasan_report+0xdc/0x128 [ 18.622267] kasan_check_range+0x100/0x1a8 [ 18.622316] __kasan_check_write+0x20/0x30 [ 18.622360] kasan_atomics_helper+0x16d0/0x4858 [ 18.622410] kasan_atomics+0x198/0x2e0 [ 18.622464] kunit_try_run_case+0x170/0x3f0 [ 18.622512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622565] kthread+0x328/0x630 [ 18.622608] ret_from_fork+0x10/0x20 [ 18.622655] [ 18.622685] Allocated by task 266: [ 18.622716] kasan_save_stack+0x3c/0x68 [ 18.622757] kasan_save_track+0x20/0x40 [ 18.622805] kasan_save_alloc_info+0x40/0x58 [ 18.622846] __kasan_kmalloc+0xd4/0xd8 [ 18.622885] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.622929] kasan_atomics+0xb8/0x2e0 [ 18.622976] kunit_try_run_case+0x170/0x3f0 [ 18.623024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623071] kthread+0x328/0x630 [ 18.623104] ret_from_fork+0x10/0x20 [ 18.623142] [ 18.623162] The buggy address belongs to the object at fff00000c653a200 [ 18.623162] which belongs to the cache kmalloc-64 of size 64 [ 18.623574] The buggy address is located 0 bytes to the right of [ 18.623574] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.623938] [ 18.623975] The buggy address belongs to the physical page: [ 18.624116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.624188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.624283] page_type: f5(slab) [ 18.624352] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.624426] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.624639] page dumped because: kasan: bad access detected [ 18.624676] [ 18.624756] Memory state around the buggy address: [ 18.624834] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.624884] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.624929] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.624970] ^ [ 18.625006] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625049] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625089] ================================================================== [ 18.518838] ================================================================== [ 18.518890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.518939] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.518991] [ 18.519022] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.519610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.519730] Hardware name: linux,dummy-virt (DT) [ 18.519873] Call trace: [ 18.519899] show_stack+0x20/0x38 (C) [ 18.519964] dump_stack_lvl+0x8c/0xd0 [ 18.520050] print_report+0x118/0x5d0 [ 18.520098] kasan_report+0xdc/0x128 [ 18.520143] kasan_check_range+0x100/0x1a8 [ 18.520203] __kasan_check_write+0x20/0x30 [ 18.520387] kasan_atomics_helper+0x1190/0x4858 [ 18.520671] kasan_atomics+0x198/0x2e0 [ 18.520922] kunit_try_run_case+0x170/0x3f0 [ 18.521050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.521165] kthread+0x328/0x630 [ 18.521230] ret_from_fork+0x10/0x20 [ 18.521291] [ 18.521378] Allocated by task 266: [ 18.521412] kasan_save_stack+0x3c/0x68 [ 18.521454] kasan_save_track+0x20/0x40 [ 18.521494] kasan_save_alloc_info+0x40/0x58 [ 18.521563] __kasan_kmalloc+0xd4/0xd8 [ 18.521603] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.521686] kasan_atomics+0xb8/0x2e0 [ 18.521738] kunit_try_run_case+0x170/0x3f0 [ 18.521779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.521825] kthread+0x328/0x630 [ 18.521859] ret_from_fork+0x10/0x20 [ 18.521959] [ 18.522053] The buggy address belongs to the object at fff00000c653a200 [ 18.522053] which belongs to the cache kmalloc-64 of size 64 [ 18.522222] The buggy address is located 0 bytes to the right of [ 18.522222] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.522291] [ 18.522313] The buggy address belongs to the physical page: [ 18.522348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.522403] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.522516] page_type: f5(slab) [ 18.522558] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.522655] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.522773] page dumped because: kasan: bad access detected [ 18.522807] [ 18.522828] Memory state around the buggy address: [ 18.522861] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.522942] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.522989] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.523150] ^ [ 18.523223] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.523266] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.523307] ================================================================== [ 18.590291] ================================================================== [ 18.590355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.590596] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.590807] [ 18.590850] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.590983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.591020] Hardware name: linux,dummy-virt (DT) [ 18.591055] Call trace: [ 18.591084] show_stack+0x20/0x38 (C) [ 18.591287] dump_stack_lvl+0x8c/0xd0 [ 18.591338] print_report+0x118/0x5d0 [ 18.591557] kasan_report+0xdc/0x128 [ 18.591676] kasan_check_range+0x100/0x1a8 [ 18.591736] __kasan_check_write+0x20/0x30 [ 18.591782] kasan_atomics_helper+0x15b4/0x4858 [ 18.592097] kasan_atomics+0x198/0x2e0 [ 18.592307] kunit_try_run_case+0x170/0x3f0 [ 18.592413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.592802] kthread+0x328/0x630 [ 18.592976] ret_from_fork+0x10/0x20 [ 18.593098] [ 18.593467] Allocated by task 266: [ 18.593543] kasan_save_stack+0x3c/0x68 [ 18.593689] kasan_save_track+0x20/0x40 [ 18.593855] kasan_save_alloc_info+0x40/0x58 [ 18.593900] __kasan_kmalloc+0xd4/0xd8 [ 18.593939] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.594001] kasan_atomics+0xb8/0x2e0 [ 18.594042] kunit_try_run_case+0x170/0x3f0 [ 18.594350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.594533] kthread+0x328/0x630 [ 18.594773] ret_from_fork+0x10/0x20 [ 18.594939] [ 18.594966] The buggy address belongs to the object at fff00000c653a200 [ 18.594966] which belongs to the cache kmalloc-64 of size 64 [ 18.595460] The buggy address is located 0 bytes to the right of [ 18.595460] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.595843] [ 18.595986] The buggy address belongs to the physical page: [ 18.596250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.596484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.596730] page_type: f5(slab) [ 18.596779] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.597231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.597305] page dumped because: kasan: bad access detected [ 18.597356] [ 18.597915] Memory state around the buggy address: [ 18.597975] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.598025] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.598072] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.598114] ^ [ 18.598149] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.598206] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.598279] ================================================================== [ 18.604933] ================================================================== [ 18.605031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.605279] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.605625] [ 18.605680] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.606250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.606324] Hardware name: linux,dummy-virt (DT) [ 18.606707] Call trace: [ 18.606777] show_stack+0x20/0x38 (C) [ 18.606959] dump_stack_lvl+0x8c/0xd0 [ 18.607025] print_report+0x118/0x5d0 [ 18.607090] kasan_report+0xdc/0x128 [ 18.607345] kasan_check_range+0x100/0x1a8 [ 18.607641] __kasan_check_write+0x20/0x30 [ 18.607883] kasan_atomics_helper+0x1644/0x4858 [ 18.608013] kasan_atomics+0x198/0x2e0 [ 18.608214] kunit_try_run_case+0x170/0x3f0 [ 18.608303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.608521] kthread+0x328/0x630 [ 18.608765] ret_from_fork+0x10/0x20 [ 18.608861] [ 18.609044] Allocated by task 266: [ 18.609277] kasan_save_stack+0x3c/0x68 [ 18.609333] kasan_save_track+0x20/0x40 [ 18.609372] kasan_save_alloc_info+0x40/0x58 [ 18.609415] __kasan_kmalloc+0xd4/0xd8 [ 18.609452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.609493] kasan_atomics+0xb8/0x2e0 [ 18.609530] kunit_try_run_case+0x170/0x3f0 [ 18.609571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.609615] kthread+0x328/0x630 [ 18.609650] ret_from_fork+0x10/0x20 [ 18.609687] [ 18.609710] The buggy address belongs to the object at fff00000c653a200 [ 18.609710] which belongs to the cache kmalloc-64 of size 64 [ 18.609772] The buggy address is located 0 bytes to the right of [ 18.609772] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.609840] [ 18.609863] The buggy address belongs to the physical page: [ 18.609934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.610170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.610242] page_type: f5(slab) [ 18.610653] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.610757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.610828] page dumped because: kasan: bad access detected [ 18.611035] [ 18.611062] Memory state around the buggy address: [ 18.611139] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.611520] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.611774] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.611912] ^ [ 18.611953] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.612044] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.612298] ================================================================== [ 18.484716] ================================================================== [ 18.484780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.484841] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.484893] [ 18.484925] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.485014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.485044] Hardware name: linux,dummy-virt (DT) [ 18.485077] Call trace: [ 18.485100] show_stack+0x20/0x38 (C) [ 18.485149] dump_stack_lvl+0x8c/0xd0 [ 18.485208] print_report+0x118/0x5d0 [ 18.486226] kasan_report+0xdc/0x128 [ 18.486299] kasan_check_range+0x100/0x1a8 [ 18.486360] __kasan_check_write+0x20/0x30 [ 18.486408] kasan_atomics_helper+0xff0/0x4858 [ 18.486456] kasan_atomics+0x198/0x2e0 [ 18.486503] kunit_try_run_case+0x170/0x3f0 [ 18.486552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.487369] kthread+0x328/0x630 [ 18.487496] ret_from_fork+0x10/0x20 [ 18.487967] [ 18.488002] Allocated by task 266: [ 18.488145] kasan_save_stack+0x3c/0x68 [ 18.488202] kasan_save_track+0x20/0x40 [ 18.488241] kasan_save_alloc_info+0x40/0x58 [ 18.488284] __kasan_kmalloc+0xd4/0xd8 [ 18.488325] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.488368] kasan_atomics+0xb8/0x2e0 [ 18.488631] kunit_try_run_case+0x170/0x3f0 [ 18.489435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.489587] kthread+0x328/0x630 [ 18.489693] ret_from_fork+0x10/0x20 [ 18.489943] [ 18.489965] The buggy address belongs to the object at fff00000c653a200 [ 18.489965] which belongs to the cache kmalloc-64 of size 64 [ 18.490038] The buggy address is located 0 bytes to the right of [ 18.490038] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.490106] [ 18.490915] The buggy address belongs to the physical page: [ 18.490961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.491450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.491577] page_type: f5(slab) [ 18.491650] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.491704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.491748] page dumped because: kasan: bad access detected [ 18.491784] [ 18.491804] Memory state around the buggy address: [ 18.493222] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.493279] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.493732] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.493779] ^ [ 18.493814] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.494054] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.494100] ================================================================== [ 18.511714] ================================================================== [ 18.511766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.512785] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.512884] [ 18.513021] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.513135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.513262] Hardware name: linux,dummy-virt (DT) [ 18.513311] Call trace: [ 18.513334] show_stack+0x20/0x38 (C) [ 18.513450] dump_stack_lvl+0x8c/0xd0 [ 18.513498] print_report+0x118/0x5d0 [ 18.513546] kasan_report+0xdc/0x128 [ 18.513593] kasan_check_range+0x100/0x1a8 [ 18.513642] __kasan_check_write+0x20/0x30 [ 18.513686] kasan_atomics_helper+0x1128/0x4858 [ 18.513736] kasan_atomics+0x198/0x2e0 [ 18.513781] kunit_try_run_case+0x170/0x3f0 [ 18.513829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.513881] kthread+0x328/0x630 [ 18.513931] ret_from_fork+0x10/0x20 [ 18.513978] [ 18.513998] Allocated by task 266: [ 18.514028] kasan_save_stack+0x3c/0x68 [ 18.514072] kasan_save_track+0x20/0x40 [ 18.514110] kasan_save_alloc_info+0x40/0x58 [ 18.514151] __kasan_kmalloc+0xd4/0xd8 [ 18.514199] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.514240] kasan_atomics+0xb8/0x2e0 [ 18.514591] kunit_try_run_case+0x170/0x3f0 [ 18.514638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.517010] kthread+0x328/0x630 [ 18.517058] ret_from_fork+0x10/0x20 [ 18.517110] [ 18.517132] The buggy address belongs to the object at fff00000c653a200 [ 18.517132] which belongs to the cache kmalloc-64 of size 64 [ 18.517652] The buggy address is located 0 bytes to the right of [ 18.517652] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.517828] [ 18.517852] The buggy address belongs to the physical page: [ 18.517886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.517947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.517997] page_type: f5(slab) [ 18.518036] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.518089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.518135] page dumped because: kasan: bad access detected [ 18.518230] [ 18.518250] Memory state around the buggy address: [ 18.518284] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.518372] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.518421] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.518464] ^ [ 18.518501] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.518544] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.518585] ================================================================== [ 18.527962] ================================================================== [ 18.528771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.528832] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.528893] [ 18.528925] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.529118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.529287] Hardware name: linux,dummy-virt (DT) [ 18.529467] Call trace: [ 18.529532] show_stack+0x20/0x38 (C) [ 18.529582] dump_stack_lvl+0x8c/0xd0 [ 18.529648] print_report+0x118/0x5d0 [ 18.529790] kasan_report+0xdc/0x128 [ 18.530633] kasan_check_range+0x100/0x1a8 [ 18.531286] __kasan_check_write+0x20/0x30 [ 18.532008] kasan_atomics_helper+0x126c/0x4858 [ 18.532461] kasan_atomics+0x198/0x2e0 [ 18.532560] kunit_try_run_case+0x170/0x3f0 [ 18.533820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533878] kthread+0x328/0x630 [ 18.533920] ret_from_fork+0x10/0x20 [ 18.534070] [ 18.534122] Allocated by task 266: [ 18.534199] kasan_save_stack+0x3c/0x68 [ 18.534245] kasan_save_track+0x20/0x40 [ 18.534283] kasan_save_alloc_info+0x40/0x58 [ 18.534326] __kasan_kmalloc+0xd4/0xd8 [ 18.534406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.534449] kasan_atomics+0xb8/0x2e0 [ 18.534485] kunit_try_run_case+0x170/0x3f0 [ 18.534526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.534570] kthread+0x328/0x630 [ 18.534605] ret_from_fork+0x10/0x20 [ 18.534641] [ 18.534663] The buggy address belongs to the object at fff00000c653a200 [ 18.534663] which belongs to the cache kmalloc-64 of size 64 [ 18.534724] The buggy address is located 0 bytes to the right of [ 18.534724] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.534793] [ 18.535457] The buggy address belongs to the physical page: [ 18.535632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.535748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.535934] page_type: f5(slab) [ 18.535975] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.536082] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.536161] page dumped because: kasan: bad access detected [ 18.536264] [ 18.536622] Memory state around the buggy address: [ 18.536896] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.537096] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.537143] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.537386] ^ [ 18.537430] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537475] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537691] ================================================================== [ 18.388513] ================================================================== [ 18.388776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.389337] Write of size 4 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.389587] [ 18.389847] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.389991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.390022] Hardware name: linux,dummy-virt (DT) [ 18.390156] Call trace: [ 18.390385] show_stack+0x20/0x38 (C) [ 18.390624] dump_stack_lvl+0x8c/0xd0 [ 18.390949] print_report+0x118/0x5d0 [ 18.391339] kasan_report+0xdc/0x128 [ 18.391395] kasan_check_range+0x100/0x1a8 [ 18.391447] __kasan_check_write+0x20/0x30 [ 18.391494] kasan_atomics_helper+0xd3c/0x4858 [ 18.391837] kasan_atomics+0x198/0x2e0 [ 18.391907] kunit_try_run_case+0x170/0x3f0 [ 18.392382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.392493] kthread+0x328/0x630 [ 18.392858] ret_from_fork+0x10/0x20 [ 18.392955] [ 18.392983] Allocated by task 266: [ 18.393393] kasan_save_stack+0x3c/0x68 [ 18.393448] kasan_save_track+0x20/0x40 [ 18.393534] kasan_save_alloc_info+0x40/0x58 [ 18.393579] __kasan_kmalloc+0xd4/0xd8 [ 18.393618] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.393662] kasan_atomics+0xb8/0x2e0 [ 18.393700] kunit_try_run_case+0x170/0x3f0 [ 18.393740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.394304] kthread+0x328/0x630 [ 18.394549] ret_from_fork+0x10/0x20 [ 18.395245] [ 18.395412] The buggy address belongs to the object at fff00000c653a200 [ 18.395412] which belongs to the cache kmalloc-64 of size 64 [ 18.395596] The buggy address is located 0 bytes to the right of [ 18.395596] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.395707] [ 18.395728] The buggy address belongs to the physical page: [ 18.396173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.396337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.396390] page_type: f5(slab) [ 18.396432] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.396491] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.396536] page dumped because: kasan: bad access detected [ 18.396569] [ 18.397821] Memory state around the buggy address: [ 18.397868] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.398034] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.398147] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.398201] ^ [ 18.398245] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.398321] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.398364] ================================================================== [ 18.376916] ================================================================== [ 18.376987] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.377515] Read of size 4 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.377616] [ 18.378002] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.378248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.378283] Hardware name: linux,dummy-virt (DT) [ 18.378514] Call trace: [ 18.378685] show_stack+0x20/0x38 (C) [ 18.378756] dump_stack_lvl+0x8c/0xd0 [ 18.379033] print_report+0x118/0x5d0 [ 18.379082] kasan_report+0xdc/0x128 [ 18.379131] __asan_report_load4_noabort+0x20/0x30 [ 18.379195] kasan_atomics_helper+0x3dd8/0x4858 [ 18.379638] kasan_atomics+0x198/0x2e0 [ 18.379708] kunit_try_run_case+0x170/0x3f0 [ 18.379968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.380473] kthread+0x328/0x630 [ 18.380535] ret_from_fork+0x10/0x20 [ 18.380763] [ 18.381014] Allocated by task 266: [ 18.381056] kasan_save_stack+0x3c/0x68 [ 18.381327] kasan_save_track+0x20/0x40 [ 18.381647] kasan_save_alloc_info+0x40/0x58 [ 18.381856] __kasan_kmalloc+0xd4/0xd8 [ 18.381898] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.381966] kasan_atomics+0xb8/0x2e0 [ 18.382201] kunit_try_run_case+0x170/0x3f0 [ 18.382644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.382873] kthread+0x328/0x630 [ 18.382910] ret_from_fork+0x10/0x20 [ 18.382949] [ 18.382970] The buggy address belongs to the object at fff00000c653a200 [ 18.382970] which belongs to the cache kmalloc-64 of size 64 [ 18.383033] The buggy address is located 0 bytes to the right of [ 18.383033] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.383102] [ 18.383125] The buggy address belongs to the physical page: [ 18.383537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.384117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.384353] page_type: f5(slab) [ 18.384396] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.385017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.385079] page dumped because: kasan: bad access detected [ 18.385504] [ 18.385528] Memory state around the buggy address: [ 18.385565] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.385802] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.385854] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.386126] ^ [ 18.386405] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.386645] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.386731] ================================================================== [ 18.495121] ================================================================== [ 18.495291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.495345] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.495947] [ 18.496251] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.496397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.496497] Hardware name: linux,dummy-virt (DT) [ 18.496533] Call trace: [ 18.496556] show_stack+0x20/0x38 (C) [ 18.496608] dump_stack_lvl+0x8c/0xd0 [ 18.496656] print_report+0x118/0x5d0 [ 18.496704] kasan_report+0xdc/0x128 [ 18.496751] kasan_check_range+0x100/0x1a8 [ 18.497824] __kasan_check_write+0x20/0x30 [ 18.498199] kasan_atomics_helper+0x1058/0x4858 [ 18.498418] kasan_atomics+0x198/0x2e0 [ 18.498489] kunit_try_run_case+0x170/0x3f0 [ 18.498783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.499227] kthread+0x328/0x630 [ 18.499301] ret_from_fork+0x10/0x20 [ 18.499906] [ 18.500092] Allocated by task 266: [ 18.500449] kasan_save_stack+0x3c/0x68 [ 18.500604] kasan_save_track+0x20/0x40 [ 18.500844] kasan_save_alloc_info+0x40/0x58 [ 18.500888] __kasan_kmalloc+0xd4/0xd8 [ 18.500929] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.501021] kasan_atomics+0xb8/0x2e0 [ 18.501075] kunit_try_run_case+0x170/0x3f0 [ 18.501150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.501314] kthread+0x328/0x630 [ 18.501467] ret_from_fork+0x10/0x20 [ 18.501513] [ 18.501898] The buggy address belongs to the object at fff00000c653a200 [ 18.501898] which belongs to the cache kmalloc-64 of size 64 [ 18.502788] The buggy address is located 0 bytes to the right of [ 18.502788] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.503040] [ 18.503122] The buggy address belongs to the physical page: [ 18.503254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.504016] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.504243] page_type: f5(slab) [ 18.504286] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.504341] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.504385] page dumped because: kasan: bad access detected [ 18.505398] [ 18.505521] Memory state around the buggy address: [ 18.505819] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.506078] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.506195] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.506239] ^ [ 18.506274] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507171] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507574] ================================================================== [ 18.448571] ================================================================== [ 18.448707] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.448940] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.449336] [ 18.449380] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.450102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.450145] Hardware name: linux,dummy-virt (DT) [ 18.450406] Call trace: [ 18.450467] show_stack+0x20/0x38 (C) [ 18.450520] dump_stack_lvl+0x8c/0xd0 [ 18.450998] print_report+0x118/0x5d0 [ 18.451057] kasan_report+0xdc/0x128 [ 18.451105] kasan_check_range+0x100/0x1a8 [ 18.451509] __kasan_check_write+0x20/0x30 [ 18.451564] kasan_atomics_helper+0xeb8/0x4858 [ 18.452267] kasan_atomics+0x198/0x2e0 [ 18.452329] kunit_try_run_case+0x170/0x3f0 [ 18.452509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.452869] kthread+0x328/0x630 [ 18.453272] ret_from_fork+0x10/0x20 [ 18.453334] [ 18.453354] Allocated by task 266: [ 18.453386] kasan_save_stack+0x3c/0x68 [ 18.453430] kasan_save_track+0x20/0x40 [ 18.453468] kasan_save_alloc_info+0x40/0x58 [ 18.453838] __kasan_kmalloc+0xd4/0xd8 [ 18.454664] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.455177] kasan_atomics+0xb8/0x2e0 [ 18.455474] kunit_try_run_case+0x170/0x3f0 [ 18.455820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.455887] kthread+0x328/0x630 [ 18.456041] ret_from_fork+0x10/0x20 [ 18.456519] [ 18.456547] The buggy address belongs to the object at fff00000c653a200 [ 18.456547] which belongs to the cache kmalloc-64 of size 64 [ 18.456988] The buggy address is located 0 bytes to the right of [ 18.456988] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.457209] [ 18.457409] The buggy address belongs to the physical page: [ 18.457451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.457719] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.457826] page_type: f5(slab) [ 18.458109] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.458177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.458622] page dumped because: kasan: bad access detected [ 18.458796] [ 18.458963] Memory state around the buggy address: [ 18.459006] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.459089] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.459149] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.459597] ^ [ 18.459736] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.459786] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.460271] ================================================================== [ 18.550601] ================================================================== [ 18.550799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.550876] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.550930] [ 18.550972] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.551340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.551382] Hardware name: linux,dummy-virt (DT) [ 18.551431] Call trace: [ 18.551457] show_stack+0x20/0x38 (C) [ 18.551517] dump_stack_lvl+0x8c/0xd0 [ 18.551569] print_report+0x118/0x5d0 [ 18.551615] kasan_report+0xdc/0x128 [ 18.551830] kasan_check_range+0x100/0x1a8 [ 18.553197] __kasan_check_write+0x20/0x30 [ 18.553259] kasan_atomics_helper+0x1384/0x4858 [ 18.553752] kasan_atomics+0x198/0x2e0 [ 18.553809] kunit_try_run_case+0x170/0x3f0 [ 18.553989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.554044] kthread+0x328/0x630 [ 18.554085] ret_from_fork+0x10/0x20 [ 18.554134] [ 18.554155] Allocated by task 266: [ 18.554199] kasan_save_stack+0x3c/0x68 [ 18.554243] kasan_save_track+0x20/0x40 [ 18.554281] kasan_save_alloc_info+0x40/0x58 [ 18.554323] __kasan_kmalloc+0xd4/0xd8 [ 18.554360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.554401] kasan_atomics+0xb8/0x2e0 [ 18.554438] kunit_try_run_case+0x170/0x3f0 [ 18.554480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.554524] kthread+0x328/0x630 [ 18.554559] ret_from_fork+0x10/0x20 [ 18.554596] [ 18.554618] The buggy address belongs to the object at fff00000c653a200 [ 18.554618] which belongs to the cache kmalloc-64 of size 64 [ 18.554679] The buggy address is located 0 bytes to the right of [ 18.554679] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.554747] [ 18.554768] The buggy address belongs to the physical page: [ 18.554802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.554856] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.554906] page_type: f5(slab) [ 18.554945] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.554999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.555042] page dumped because: kasan: bad access detected [ 18.555076] [ 18.555097] Memory state around the buggy address: [ 18.555131] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.555176] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.555328] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.555455] ^ [ 18.555555] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.555655] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.555758] ================================================================== [ 18.612816] ================================================================== [ 18.612960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.613063] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.613307] [ 18.613362] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.613651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.613840] Hardware name: linux,dummy-virt (DT) [ 18.613918] Call trace: [ 18.614028] show_stack+0x20/0x38 (C) [ 18.614142] dump_stack_lvl+0x8c/0xd0 [ 18.614213] print_report+0x118/0x5d0 [ 18.614261] kasan_report+0xdc/0x128 [ 18.614309] __asan_report_load8_noabort+0x20/0x30 [ 18.614520] kasan_atomics_helper+0x3df4/0x4858 [ 18.614820] kasan_atomics+0x198/0x2e0 [ 18.614997] kunit_try_run_case+0x170/0x3f0 [ 18.615117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.615254] kthread+0x328/0x630 [ 18.615363] ret_from_fork+0x10/0x20 [ 18.615580] [ 18.615657] Allocated by task 266: [ 18.615699] kasan_save_stack+0x3c/0x68 [ 18.615898] kasan_save_track+0x20/0x40 [ 18.616048] kasan_save_alloc_info+0x40/0x58 [ 18.616357] __kasan_kmalloc+0xd4/0xd8 [ 18.616537] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.616725] kasan_atomics+0xb8/0x2e0 [ 18.616895] kunit_try_run_case+0x170/0x3f0 [ 18.616995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.617075] kthread+0x328/0x630 [ 18.617111] ret_from_fork+0x10/0x20 [ 18.617322] [ 18.617387] The buggy address belongs to the object at fff00000c653a200 [ 18.617387] which belongs to the cache kmalloc-64 of size 64 [ 18.617671] The buggy address is located 0 bytes to the right of [ 18.617671] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.617938] [ 18.618022] The buggy address belongs to the physical page: [ 18.618145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.618321] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.618376] page_type: f5(slab) [ 18.618531] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.618624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.618784] page dumped because: kasan: bad access detected [ 18.618854] [ 18.618943] Memory state around the buggy address: [ 18.619211] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.619436] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.619659] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.619891] ^ [ 18.620010] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.620110] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.620299] ================================================================== [ 18.556222] ================================================================== [ 18.556274] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.556322] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.556374] [ 18.556404] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.556574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.556606] Hardware name: linux,dummy-virt (DT) [ 18.556640] Call trace: [ 18.556663] show_stack+0x20/0x38 (C) [ 18.556722] dump_stack_lvl+0x8c/0xd0 [ 18.556807] print_report+0x118/0x5d0 [ 18.556862] kasan_report+0xdc/0x128 [ 18.556936] __asan_report_load8_noabort+0x20/0x30 [ 18.557016] kasan_atomics_helper+0x3f04/0x4858 [ 18.557137] kasan_atomics+0x198/0x2e0 [ 18.557241] kunit_try_run_case+0x170/0x3f0 [ 18.557625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.557747] kthread+0x328/0x630 [ 18.557826] ret_from_fork+0x10/0x20 [ 18.557996] [ 18.558075] Allocated by task 266: [ 18.558236] kasan_save_stack+0x3c/0x68 [ 18.558324] kasan_save_track+0x20/0x40 [ 18.558417] kasan_save_alloc_info+0x40/0x58 [ 18.558479] __kasan_kmalloc+0xd4/0xd8 [ 18.558517] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.558558] kasan_atomics+0xb8/0x2e0 [ 18.558594] kunit_try_run_case+0x170/0x3f0 [ 18.558942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.559038] kthread+0x328/0x630 [ 18.559221] ret_from_fork+0x10/0x20 [ 18.559306] [ 18.559329] The buggy address belongs to the object at fff00000c653a200 [ 18.559329] which belongs to the cache kmalloc-64 of size 64 [ 18.559392] The buggy address is located 0 bytes to the right of [ 18.559392] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.559461] [ 18.559491] The buggy address belongs to the physical page: [ 18.559524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.559589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.559644] page_type: f5(slab) [ 18.559693] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.559749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.559800] page dumped because: kasan: bad access detected [ 18.559839] [ 18.559860] Memory state around the buggy address: [ 18.559893] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.559938] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.559983] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.560030] ^ [ 18.560070] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.560114] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.560170] ================================================================== [ 18.437238] ================================================================== [ 18.437720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.437809] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.437864] [ 18.437896] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.438747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.438802] Hardware name: linux,dummy-virt (DT) [ 18.438838] Call trace: [ 18.438868] show_stack+0x20/0x38 (C) [ 18.439148] dump_stack_lvl+0x8c/0xd0 [ 18.439213] print_report+0x118/0x5d0 [ 18.439262] kasan_report+0xdc/0x128 [ 18.439308] __asan_report_store8_noabort+0x20/0x30 [ 18.439363] kasan_atomics_helper+0x3e5c/0x4858 [ 18.439414] kasan_atomics+0x198/0x2e0 [ 18.439462] kunit_try_run_case+0x170/0x3f0 [ 18.439510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439565] kthread+0x328/0x630 [ 18.439606] ret_from_fork+0x10/0x20 [ 18.439654] [ 18.439673] Allocated by task 266: [ 18.439703] kasan_save_stack+0x3c/0x68 [ 18.439745] kasan_save_track+0x20/0x40 [ 18.441337] kasan_save_alloc_info+0x40/0x58 [ 18.441401] __kasan_kmalloc+0xd4/0xd8 [ 18.441509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.441553] kasan_atomics+0xb8/0x2e0 [ 18.441640] kunit_try_run_case+0x170/0x3f0 [ 18.441786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.442054] kthread+0x328/0x630 [ 18.442122] ret_from_fork+0x10/0x20 [ 18.442323] [ 18.442615] The buggy address belongs to the object at fff00000c653a200 [ 18.442615] which belongs to the cache kmalloc-64 of size 64 [ 18.442805] The buggy address is located 0 bytes to the right of [ 18.442805] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.443130] [ 18.443528] The buggy address belongs to the physical page: [ 18.443648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.444131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.444324] page_type: f5(slab) [ 18.444371] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.444716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.445444] page dumped because: kasan: bad access detected [ 18.445500] [ 18.445521] Memory state around the buggy address: [ 18.445754] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.445978] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.446307] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.446659] ^ [ 18.446862] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.447337] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.447412] ================================================================== [ 18.508241] ================================================================== [ 18.508546] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.508603] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.508655] [ 18.509425] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.509546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509574] Hardware name: linux,dummy-virt (DT) [ 18.509608] Call trace: [ 18.509632] show_stack+0x20/0x38 (C) [ 18.509686] dump_stack_lvl+0x8c/0xd0 [ 18.509738] print_report+0x118/0x5d0 [ 18.509786] kasan_report+0xdc/0x128 [ 18.509831] kasan_check_range+0x100/0x1a8 [ 18.509881] __kasan_check_write+0x20/0x30 [ 18.509926] kasan_atomics_helper+0x10c0/0x4858 [ 18.509982] kasan_atomics+0x198/0x2e0 [ 18.510026] kunit_try_run_case+0x170/0x3f0 [ 18.510075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.510128] kthread+0x328/0x630 [ 18.510171] ret_from_fork+0x10/0x20 [ 18.510233] [ 18.510255] Allocated by task 266: [ 18.510284] kasan_save_stack+0x3c/0x68 [ 18.510326] kasan_save_track+0x20/0x40 [ 18.510364] kasan_save_alloc_info+0x40/0x58 [ 18.510404] __kasan_kmalloc+0xd4/0xd8 [ 18.510442] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.510482] kasan_atomics+0xb8/0x2e0 [ 18.510520] kunit_try_run_case+0x170/0x3f0 [ 18.510558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.510603] kthread+0x328/0x630 [ 18.510635] ret_from_fork+0x10/0x20 [ 18.510673] [ 18.510695] The buggy address belongs to the object at fff00000c653a200 [ 18.510695] which belongs to the cache kmalloc-64 of size 64 [ 18.510755] The buggy address is located 0 bytes to the right of [ 18.510755] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.510823] [ 18.510843] The buggy address belongs to the physical page: [ 18.510876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.510931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.510979] page_type: f5(slab) [ 18.511018] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.511072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.511116] page dumped because: kasan: bad access detected [ 18.511150] [ 18.511169] Memory state around the buggy address: [ 18.511244] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.511291] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.511336] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.511378] ^ [ 18.511411] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.511456] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.511495] ================================================================== [ 18.411234] ================================================================== [ 18.411702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.411821] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.411875] [ 18.411907] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.411993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.412023] Hardware name: linux,dummy-virt (DT) [ 18.412263] Call trace: [ 18.412298] show_stack+0x20/0x38 (C) [ 18.412380] dump_stack_lvl+0x8c/0xd0 [ 18.412942] print_report+0x118/0x5d0 [ 18.413296] kasan_report+0xdc/0x128 [ 18.413479] kasan_check_range+0x100/0x1a8 [ 18.413622] __kasan_check_read+0x20/0x30 [ 18.413688] kasan_atomics_helper+0xdd4/0x4858 [ 18.413779] kasan_atomics+0x198/0x2e0 [ 18.414139] kunit_try_run_case+0x170/0x3f0 [ 18.414202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.414597] kthread+0x328/0x630 [ 18.414790] ret_from_fork+0x10/0x20 [ 18.415067] [ 18.415096] Allocated by task 266: [ 18.415128] kasan_save_stack+0x3c/0x68 [ 18.415172] kasan_save_track+0x20/0x40 [ 18.415225] kasan_save_alloc_info+0x40/0x58 [ 18.415267] __kasan_kmalloc+0xd4/0xd8 [ 18.415692] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.415808] kasan_atomics+0xb8/0x2e0 [ 18.416145] kunit_try_run_case+0x170/0x3f0 [ 18.416634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.417028] kthread+0x328/0x630 [ 18.417131] ret_from_fork+0x10/0x20 [ 18.417370] [ 18.417401] The buggy address belongs to the object at fff00000c653a200 [ 18.417401] which belongs to the cache kmalloc-64 of size 64 [ 18.417465] The buggy address is located 0 bytes to the right of [ 18.417465] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.417535] [ 18.417555] The buggy address belongs to the physical page: [ 18.417754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.417848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.418410] page_type: f5(slab) [ 18.418486] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.418680] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.418891] page dumped because: kasan: bad access detected [ 18.419065] [ 18.419086] Memory state around the buggy address: [ 18.419306] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.419578] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.419843] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.420335] ^ [ 18.420460] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420673] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420947] ================================================================== [ 18.430477] ================================================================== [ 18.430532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.430719] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.430783] [ 18.430837] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.431062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.431152] Hardware name: linux,dummy-virt (DT) [ 18.431194] Call trace: [ 18.431467] show_stack+0x20/0x38 (C) [ 18.431750] dump_stack_lvl+0x8c/0xd0 [ 18.431944] print_report+0x118/0x5d0 [ 18.433277] kasan_report+0xdc/0x128 [ 18.433327] kasan_check_range+0x100/0x1a8 [ 18.433377] __kasan_check_write+0x20/0x30 [ 18.433423] kasan_atomics_helper+0xe44/0x4858 [ 18.433471] kasan_atomics+0x198/0x2e0 [ 18.433518] kunit_try_run_case+0x170/0x3f0 [ 18.433565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433631] kthread+0x328/0x630 [ 18.433675] ret_from_fork+0x10/0x20 [ 18.433724] [ 18.433745] Allocated by task 266: [ 18.433777] kasan_save_stack+0x3c/0x68 [ 18.434220] kasan_save_track+0x20/0x40 [ 18.434277] kasan_save_alloc_info+0x40/0x58 [ 18.434420] __kasan_kmalloc+0xd4/0xd8 [ 18.434470] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.434512] kasan_atomics+0xb8/0x2e0 [ 18.434550] kunit_try_run_case+0x170/0x3f0 [ 18.434591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.434636] kthread+0x328/0x630 [ 18.434671] ret_from_fork+0x10/0x20 [ 18.434709] [ 18.434731] The buggy address belongs to the object at fff00000c653a200 [ 18.434731] which belongs to the cache kmalloc-64 of size 64 [ 18.434792] The buggy address is located 0 bytes to the right of [ 18.434792] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.434861] [ 18.434881] The buggy address belongs to the physical page: [ 18.434916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.434972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.435021] page_type: f5(slab) [ 18.435060] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.435114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.435157] page dumped because: kasan: bad access detected [ 18.435203] [ 18.435224] Memory state around the buggy address: [ 18.435259] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.435303] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.435348] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.435386] ^ [ 18.435422] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.435466] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.435507] ================================================================== [ 18.538581] ================================================================== [ 18.538919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.539096] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.539150] [ 18.539195] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.539279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.539307] Hardware name: linux,dummy-virt (DT) [ 18.539341] Call trace: [ 18.539367] show_stack+0x20/0x38 (C) [ 18.539990] dump_stack_lvl+0x8c/0xd0 [ 18.540648] print_report+0x118/0x5d0 [ 18.541082] kasan_report+0xdc/0x128 [ 18.541140] kasan_check_range+0x100/0x1a8 [ 18.541200] __kasan_check_write+0x20/0x30 [ 18.541950] kasan_atomics_helper+0x12d8/0x4858 [ 18.542263] kasan_atomics+0x198/0x2e0 [ 18.542320] kunit_try_run_case+0x170/0x3f0 [ 18.542721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.542782] kthread+0x328/0x630 [ 18.543142] ret_from_fork+0x10/0x20 [ 18.543255] [ 18.543282] Allocated by task 266: [ 18.543315] kasan_save_stack+0x3c/0x68 [ 18.543640] kasan_save_track+0x20/0x40 [ 18.544079] kasan_save_alloc_info+0x40/0x58 [ 18.544174] __kasan_kmalloc+0xd4/0xd8 [ 18.544401] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.544447] kasan_atomics+0xb8/0x2e0 [ 18.544908] kunit_try_run_case+0x170/0x3f0 [ 18.545189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.545240] kthread+0x328/0x630 [ 18.545276] ret_from_fork+0x10/0x20 [ 18.545313] [ 18.545553] The buggy address belongs to the object at fff00000c653a200 [ 18.545553] which belongs to the cache kmalloc-64 of size 64 [ 18.546113] The buggy address is located 0 bytes to the right of [ 18.546113] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.546201] [ 18.546225] The buggy address belongs to the physical page: [ 18.546797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.546942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.546998] page_type: f5(slab) [ 18.547372] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.547593] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.547645] page dumped because: kasan: bad access detected [ 18.547904] [ 18.548299] Memory state around the buggy address: [ 18.548507] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.548623] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.548755] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.549342] ^ [ 18.549744] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.549836] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.549941] ================================================================== [ 18.461019] ================================================================== [ 18.461075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.461124] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.461176] [ 18.462208] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.462326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.462411] Hardware name: linux,dummy-virt (DT) [ 18.462486] Call trace: [ 18.462513] show_stack+0x20/0x38 (C) [ 18.462565] dump_stack_lvl+0x8c/0xd0 [ 18.462710] print_report+0x118/0x5d0 [ 18.462774] kasan_report+0xdc/0x128 [ 18.462822] kasan_check_range+0x100/0x1a8 [ 18.462878] __kasan_check_write+0x20/0x30 [ 18.463426] kasan_atomics_helper+0xf20/0x4858 [ 18.463491] kasan_atomics+0x198/0x2e0 [ 18.463954] kunit_try_run_case+0x170/0x3f0 [ 18.464348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.464420] kthread+0x328/0x630 [ 18.464466] ret_from_fork+0x10/0x20 [ 18.464515] [ 18.464535] Allocated by task 266: [ 18.464566] kasan_save_stack+0x3c/0x68 [ 18.465422] kasan_save_track+0x20/0x40 [ 18.465484] kasan_save_alloc_info+0x40/0x58 [ 18.465530] __kasan_kmalloc+0xd4/0xd8 [ 18.465606] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.465695] kasan_atomics+0xb8/0x2e0 [ 18.465968] kunit_try_run_case+0x170/0x3f0 [ 18.466241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.466538] kthread+0x328/0x630 [ 18.466580] ret_from_fork+0x10/0x20 [ 18.467031] [ 18.467060] The buggy address belongs to the object at fff00000c653a200 [ 18.467060] which belongs to the cache kmalloc-64 of size 64 [ 18.467426] The buggy address is located 0 bytes to the right of [ 18.467426] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.467834] [ 18.467862] The buggy address belongs to the physical page: [ 18.467897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.468520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.468938] page_type: f5(slab) [ 18.469316] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.469535] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.469591] page dumped because: kasan: bad access detected [ 18.469627] [ 18.470034] Memory state around the buggy address: [ 18.471299] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.471763] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.472032] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.472134] ^ [ 18.472172] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.472642] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.473116] ================================================================== [ 18.295918] ================================================================== [ 18.296367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 18.296584] Write of size 4 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.299708] Allocated by task 266: [ 18.299740] kasan_save_stack+0x3c/0x68 [ 18.299783] kasan_save_track+0x20/0x40 [ 18.299822] kasan_save_alloc_info+0x40/0x58 [ 18.299864] __kasan_kmalloc+0xd4/0xd8 [ 18.299903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.299945] kasan_atomics+0xb8/0x2e0 [ 18.299983] kunit_try_run_case+0x170/0x3f0 [ 18.300022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.300068] kthread+0x328/0x630 [ 18.300102] ret_from_fork+0x10/0x20 [ 18.300139] [ 18.300161] The buggy address belongs to the object at fff00000c653a200 [ 18.300161] which belongs to the cache kmalloc-64 of size 64 [ 18.300312] [ 18.300370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.302744] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.305849] [ 18.307012] __asan_report_load4_noabort+0x20/0x30 [ 18.309237] kasan_save_track+0x20/0x40 [ 18.309953] kasan_save_alloc_info+0x40/0x58 [ 18.310289] __kasan_kmalloc+0xd4/0xd8 [ 18.310620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.310881] kasan_atomics+0xb8/0x2e0 [ 18.311159] kunit_try_run_case+0x170/0x3f0 [ 18.311476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.311665] kthread+0x328/0x630 [ 18.312004] ret_from_fork+0x10/0x20 [ 18.312047] [ 18.312705] The buggy address belongs to the object at fff00000c653a200 [ 18.312705] which belongs to the cache kmalloc-64 of size 64 [ 18.312796] The buggy address is located 0 bytes to the right of [ 18.312796] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.313266] [ 18.313293] The buggy address belongs to the physical page: [ 18.313331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.313393] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.313448] page_type: f5(slab) [ 18.313492] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.313943] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.314013] page dumped because: kasan: bad access detected [ 18.314348] [ 18.314372] Memory state around the buggy address: [ 18.314615] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.314678] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.314984] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.315114] ^ [ 18.315214] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.315260] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.315601] ================================================================== [ 18.638809] ================================================================== [ 18.638871] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.639149] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.639302] [ 18.639611] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.639800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.639834] Hardware name: linux,dummy-virt (DT) [ 18.639912] Call trace: [ 18.640047] show_stack+0x20/0x38 (C) [ 18.640154] dump_stack_lvl+0x8c/0xd0 [ 18.640239] print_report+0x118/0x5d0 [ 18.640524] kasan_report+0xdc/0x128 [ 18.640603] __asan_report_load8_noabort+0x20/0x30 [ 18.640656] kasan_atomics_helper+0x3e20/0x4858 [ 18.640832] kasan_atomics+0x198/0x2e0 [ 18.641077] kunit_try_run_case+0x170/0x3f0 [ 18.641256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.641471] kthread+0x328/0x630 [ 18.641593] ret_from_fork+0x10/0x20 [ 18.641759] [ 18.641782] Allocated by task 266: [ 18.641816] kasan_save_stack+0x3c/0x68 [ 18.641859] kasan_save_track+0x20/0x40 [ 18.641899] kasan_save_alloc_info+0x40/0x58 [ 18.642231] __kasan_kmalloc+0xd4/0xd8 [ 18.642336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.642658] kasan_atomics+0xb8/0x2e0 [ 18.642837] kunit_try_run_case+0x170/0x3f0 [ 18.642894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.643116] kthread+0x328/0x630 [ 18.643561] ret_from_fork+0x10/0x20 [ 18.643679] [ 18.644013] The buggy address belongs to the object at fff00000c653a200 [ 18.644013] which belongs to the cache kmalloc-64 of size 64 [ 18.644111] The buggy address is located 0 bytes to the right of [ 18.644111] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.644304] [ 18.644396] The buggy address belongs to the physical page: [ 18.644468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.644653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.644736] page_type: f5(slab) [ 18.644810] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.644959] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.645006] page dumped because: kasan: bad access detected [ 18.645041] [ 18.645235] Memory state around the buggy address: [ 18.645454] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.645551] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.645615] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.645803] ^ [ 18.645889] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.646101] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.646165] ================================================================== [ 18.421430] ================================================================== [ 18.421482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.421534] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.421587] [ 18.422118] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.422385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.422551] Hardware name: linux,dummy-virt (DT) [ 18.422596] Call trace: [ 18.422619] show_stack+0x20/0x38 (C) [ 18.422843] dump_stack_lvl+0x8c/0xd0 [ 18.422895] print_report+0x118/0x5d0 [ 18.422943] kasan_report+0xdc/0x128 [ 18.422989] __asan_report_load8_noabort+0x20/0x30 [ 18.423043] kasan_atomics_helper+0x3f58/0x4858 [ 18.423094] kasan_atomics+0x198/0x2e0 [ 18.423140] kunit_try_run_case+0x170/0x3f0 [ 18.423199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.423749] kthread+0x328/0x630 [ 18.423812] ret_from_fork+0x10/0x20 [ 18.423876] [ 18.424547] Allocated by task 266: [ 18.424589] kasan_save_stack+0x3c/0x68 [ 18.424697] kasan_save_track+0x20/0x40 [ 18.425134] kasan_save_alloc_info+0x40/0x58 [ 18.425334] __kasan_kmalloc+0xd4/0xd8 [ 18.425625] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.425671] kasan_atomics+0xb8/0x2e0 [ 18.425810] kunit_try_run_case+0x170/0x3f0 [ 18.425871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.426128] kthread+0x328/0x630 [ 18.426396] ret_from_fork+0x10/0x20 [ 18.426765] [ 18.426789] The buggy address belongs to the object at fff00000c653a200 [ 18.426789] which belongs to the cache kmalloc-64 of size 64 [ 18.426851] The buggy address is located 0 bytes to the right of [ 18.426851] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.426919] [ 18.426940] The buggy address belongs to the physical page: [ 18.427726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.428111] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.428168] page_type: f5(slab) [ 18.428220] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.428274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.428325] page dumped because: kasan: bad access detected [ 18.428359] [ 18.428380] Memory state around the buggy address: [ 18.428414] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.428462] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.428870] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.428931] ^ [ 18.429148] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.429391] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.429470] ================================================================== [ 18.567668] ================================================================== [ 18.567862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.568000] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.568074] [ 18.568147] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.568262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.568307] Hardware name: linux,dummy-virt (DT) [ 18.568341] Call trace: [ 18.568365] show_stack+0x20/0x38 (C) [ 18.568415] dump_stack_lvl+0x8c/0xd0 [ 18.568466] print_report+0x118/0x5d0 [ 18.568689] kasan_report+0xdc/0x128 [ 18.568774] kasan_check_range+0x100/0x1a8 [ 18.568826] __kasan_check_write+0x20/0x30 [ 18.568892] kasan_atomics_helper+0x147c/0x4858 [ 18.568981] kasan_atomics+0x198/0x2e0 [ 18.569223] kunit_try_run_case+0x170/0x3f0 [ 18.569293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.569386] kthread+0x328/0x630 [ 18.569442] ret_from_fork+0x10/0x20 [ 18.569489] [ 18.569542] Allocated by task 266: [ 18.569626] kasan_save_stack+0x3c/0x68 [ 18.569697] kasan_save_track+0x20/0x40 [ 18.569737] kasan_save_alloc_info+0x40/0x58 [ 18.570018] __kasan_kmalloc+0xd4/0xd8 [ 18.570083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.570125] kasan_atomics+0xb8/0x2e0 [ 18.570197] kunit_try_run_case+0x170/0x3f0 [ 18.570238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.570284] kthread+0x328/0x630 [ 18.570317] ret_from_fork+0x10/0x20 [ 18.570365] [ 18.570396] The buggy address belongs to the object at fff00000c653a200 [ 18.570396] which belongs to the cache kmalloc-64 of size 64 [ 18.570652] The buggy address is located 0 bytes to the right of [ 18.570652] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.570730] [ 18.570752] The buggy address belongs to the physical page: [ 18.570918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.571130] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.571282] page_type: f5(slab) [ 18.571325] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.571379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.571727] page dumped because: kasan: bad access detected [ 18.571815] [ 18.572193] Memory state around the buggy address: [ 18.572570] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.572794] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.573041] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.573191] ^ [ 18.573230] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573303] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573342] ================================================================== [ 18.317536] ================================================================== [ 18.317597] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 18.317702] [ 18.319596] Allocated by task 266: [ 18.320813] kasan_atomics+0xb8/0x2e0 [ 18.321928] [ 18.323133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.326208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 18.329599] dump_stack_lvl+0x8c/0xd0 [ 18.332499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.333947] __kasan_kmalloc+0xd4/0xd8 [ 18.333989] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.334168] kthread+0x328/0x630 [ 18.335396] The buggy address is located 0 bytes to the right of [ 18.335396] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.337908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.339505] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.345393] kasan_atomics_helper+0xc08/0x4858 [ 18.347336] __kasan_kmalloc+0xd4/0xd8 [ 18.347376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.347418] kasan_atomics+0xb8/0x2e0 [ 18.348427] The buggy address is located 0 bytes to the right of [ 18.348427] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.349681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.350809] page dumped because: kasan: bad access detected [ 18.350947] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.351157] ================================================================== [ 18.268923] ================================================================== [ 18.269032] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.270461] __kasan_check_write+0x20/0x30 [ 18.270615] kunit_try_run_case+0x170/0x3f0 [ 18.270689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.272954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.277493] ================================================================== [ 18.634729] ================================================================== [ 18.634876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.634932] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.634994] [ 18.635026] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.635110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.635145] Hardware name: linux,dummy-virt (DT) [ 18.635190] Call trace: [ 18.635214] show_stack+0x20/0x38 (C) [ 18.635274] dump_stack_lvl+0x8c/0xd0 [ 18.635323] print_report+0x118/0x5d0 [ 18.635371] kasan_report+0xdc/0x128 [ 18.635418] kasan_check_range+0x100/0x1a8 [ 18.635466] __kasan_check_write+0x20/0x30 [ 18.635511] kasan_atomics_helper+0x175c/0x4858 [ 18.635569] kasan_atomics+0x198/0x2e0 [ 18.635615] kunit_try_run_case+0x170/0x3f0 [ 18.635663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.635716] kthread+0x328/0x630 [ 18.635767] ret_from_fork+0x10/0x20 [ 18.635816] [ 18.635836] Allocated by task 266: [ 18.635865] kasan_save_stack+0x3c/0x68 [ 18.635907] kasan_save_track+0x20/0x40 [ 18.635954] kasan_save_alloc_info+0x40/0x58 [ 18.635997] __kasan_kmalloc+0xd4/0xd8 [ 18.636034] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.636081] kasan_atomics+0xb8/0x2e0 [ 18.636123] kunit_try_run_case+0x170/0x3f0 [ 18.636164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.636220] kthread+0x328/0x630 [ 18.636252] ret_from_fork+0x10/0x20 [ 18.636289] [ 18.636309] The buggy address belongs to the object at fff00000c653a200 [ 18.636309] which belongs to the cache kmalloc-64 of size 64 [ 18.636375] The buggy address is located 0 bytes to the right of [ 18.636375] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.636443] [ 18.636470] The buggy address belongs to the physical page: [ 18.636502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.636556] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.636606] page_type: f5(slab) [ 18.636642] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.636696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.636740] page dumped because: kasan: bad access detected [ 18.636775] [ 18.636794] Memory state around the buggy address: [ 18.636827] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.636872] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.636918] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.636959] ^ [ 18.637732] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.637848] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.638289] ================================================================== [ 18.561006] ================================================================== [ 18.561136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.561263] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.561316] [ 18.561361] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.561446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.561473] Hardware name: linux,dummy-virt (DT) [ 18.561506] Call trace: [ 18.561570] show_stack+0x20/0x38 (C) [ 18.561620] dump_stack_lvl+0x8c/0xd0 [ 18.561804] print_report+0x118/0x5d0 [ 18.561937] kasan_report+0xdc/0x128 [ 18.562026] kasan_check_range+0x100/0x1a8 [ 18.562253] __kasan_check_write+0x20/0x30 [ 18.562462] kasan_atomics_helper+0x1414/0x4858 [ 18.562614] kasan_atomics+0x198/0x2e0 [ 18.562777] kunit_try_run_case+0x170/0x3f0 [ 18.562919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.562976] kthread+0x328/0x630 [ 18.563057] ret_from_fork+0x10/0x20 [ 18.563458] [ 18.563524] Allocated by task 266: [ 18.563706] kasan_save_stack+0x3c/0x68 [ 18.563879] kasan_save_track+0x20/0x40 [ 18.563989] kasan_save_alloc_info+0x40/0x58 [ 18.564033] __kasan_kmalloc+0xd4/0xd8 [ 18.564132] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.564197] kasan_atomics+0xb8/0x2e0 [ 18.564233] kunit_try_run_case+0x170/0x3f0 [ 18.564342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.564514] kthread+0x328/0x630 [ 18.564598] ret_from_fork+0x10/0x20 [ 18.564712] [ 18.564789] The buggy address belongs to the object at fff00000c653a200 [ 18.564789] which belongs to the cache kmalloc-64 of size 64 [ 18.564853] The buggy address is located 0 bytes to the right of [ 18.564853] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.565023] [ 18.565156] The buggy address belongs to the physical page: [ 18.565325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.565520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.565614] page_type: f5(slab) [ 18.565985] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.566097] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.566142] page dumped because: kasan: bad access detected [ 18.566176] [ 18.566365] Memory state around the buggy address: [ 18.566400] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.566447] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.566631] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.566755] ^ [ 18.566913] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.566976] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.567038] ================================================================== [ 18.523672] ================================================================== [ 18.523806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.523863] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.523914] [ 18.523946] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.524036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.524171] Hardware name: linux,dummy-virt (DT) [ 18.524313] Call trace: [ 18.524438] show_stack+0x20/0x38 (C) [ 18.524659] dump_stack_lvl+0x8c/0xd0 [ 18.524759] print_report+0x118/0x5d0 [ 18.524811] kasan_report+0xdc/0x128 [ 18.524858] kasan_check_range+0x100/0x1a8 [ 18.524911] __kasan_check_write+0x20/0x30 [ 18.525041] kasan_atomics_helper+0x11f8/0x4858 [ 18.525089] kasan_atomics+0x198/0x2e0 [ 18.525240] kunit_try_run_case+0x170/0x3f0 [ 18.525314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.525369] kthread+0x328/0x630 [ 18.525410] ret_from_fork+0x10/0x20 [ 18.525459] [ 18.525479] Allocated by task 266: [ 18.525534] kasan_save_stack+0x3c/0x68 [ 18.525578] kasan_save_track+0x20/0x40 [ 18.525725] kasan_save_alloc_info+0x40/0x58 [ 18.525769] __kasan_kmalloc+0xd4/0xd8 [ 18.525807] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.525849] kasan_atomics+0xb8/0x2e0 [ 18.525891] kunit_try_run_case+0x170/0x3f0 [ 18.525931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.525985] kthread+0x328/0x630 [ 18.526137] ret_from_fork+0x10/0x20 [ 18.526212] [ 18.526235] The buggy address belongs to the object at fff00000c653a200 [ 18.526235] which belongs to the cache kmalloc-64 of size 64 [ 18.526296] The buggy address is located 0 bytes to the right of [ 18.526296] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.526386] [ 18.526408] The buggy address belongs to the physical page: [ 18.526477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.526532] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.526601] page_type: f5(slab) [ 18.526640] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.526694] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.526783] page dumped because: kasan: bad access detected [ 18.526906] [ 18.526927] Memory state around the buggy address: [ 18.527083] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.527130] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.527174] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.527355] ^ [ 18.527393] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.527460] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.527548] ================================================================== [ 18.399941] ================================================================== [ 18.399996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.400051] Read of size 4 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.400102] [ 18.400134] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.400706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.401053] Hardware name: linux,dummy-virt (DT) [ 18.401535] Call trace: [ 18.401561] show_stack+0x20/0x38 (C) [ 18.401626] dump_stack_lvl+0x8c/0xd0 [ 18.401683] print_report+0x118/0x5d0 [ 18.402177] kasan_report+0xdc/0x128 [ 18.402421] __asan_report_load4_noabort+0x20/0x30 [ 18.402595] kasan_atomics_helper+0x3e04/0x4858 [ 18.402804] kasan_atomics+0x198/0x2e0 [ 18.403110] kunit_try_run_case+0x170/0x3f0 [ 18.403253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.403311] kthread+0x328/0x630 [ 18.404411] ret_from_fork+0x10/0x20 [ 18.404491] [ 18.404512] Allocated by task 266: [ 18.404925] kasan_save_stack+0x3c/0x68 [ 18.405020] kasan_save_track+0x20/0x40 [ 18.405190] kasan_save_alloc_info+0x40/0x58 [ 18.405235] __kasan_kmalloc+0xd4/0xd8 [ 18.405698] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.405767] kasan_atomics+0xb8/0x2e0 [ 18.405833] kunit_try_run_case+0x170/0x3f0 [ 18.406214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.406331] kthread+0x328/0x630 [ 18.406602] ret_from_fork+0x10/0x20 [ 18.406645] [ 18.406997] The buggy address belongs to the object at fff00000c653a200 [ 18.406997] which belongs to the cache kmalloc-64 of size 64 [ 18.407072] The buggy address is located 0 bytes to the right of [ 18.407072] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.407141] [ 18.407506] The buggy address belongs to the physical page: [ 18.407545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.407926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.408161] page_type: f5(slab) [ 18.408443] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.408509] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.409006] page dumped because: kasan: bad access detected [ 18.409050] [ 18.409070] Memory state around the buggy address: [ 18.409103] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.409150] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.409206] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.409612] ^ [ 18.409669] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409784] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409906] ================================================================== [ 18.625450] ================================================================== [ 18.625718] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.625815] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.626157] [ 18.626230] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.626506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.626735] Hardware name: linux,dummy-virt (DT) [ 18.626828] Call trace: [ 18.626942] show_stack+0x20/0x38 (C) [ 18.627154] dump_stack_lvl+0x8c/0xd0 [ 18.627277] print_report+0x118/0x5d0 [ 18.627562] kasan_report+0xdc/0x128 [ 18.627682] __asan_report_load8_noabort+0x20/0x30 [ 18.627850] kasan_atomics_helper+0x3e10/0x4858 [ 18.628139] kasan_atomics+0x198/0x2e0 [ 18.628372] kunit_try_run_case+0x170/0x3f0 [ 18.628540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.628682] kthread+0x328/0x630 [ 18.628944] ret_from_fork+0x10/0x20 [ 18.629146] [ 18.629289] Allocated by task 266: [ 18.629423] kasan_save_stack+0x3c/0x68 [ 18.629610] kasan_save_track+0x20/0x40 [ 18.629693] kasan_save_alloc_info+0x40/0x58 [ 18.629901] __kasan_kmalloc+0xd4/0xd8 [ 18.629994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.630131] kasan_atomics+0xb8/0x2e0 [ 18.630242] kunit_try_run_case+0x170/0x3f0 [ 18.630293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.630550] kthread+0x328/0x630 [ 18.630651] ret_from_fork+0x10/0x20 [ 18.630832] [ 18.631110] The buggy address belongs to the object at fff00000c653a200 [ 18.631110] which belongs to the cache kmalloc-64 of size 64 [ 18.631279] The buggy address is located 0 bytes to the right of [ 18.631279] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.631574] [ 18.631699] The buggy address belongs to the physical page: [ 18.631776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.631998] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.632239] page_type: f5(slab) [ 18.632306] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.632386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.632431] page dumped because: kasan: bad access detected [ 18.632471] [ 18.632710] Memory state around the buggy address: [ 18.632877] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.633203] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.633352] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.633581] ^ [ 18.633626] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.633674] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.633714] ================================================================== [ 18.582790] ================================================================== [ 18.582850] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.582903] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.582955] [ 18.582998] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.583092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.583122] Hardware name: linux,dummy-virt (DT) [ 18.583155] Call trace: [ 18.583189] show_stack+0x20/0x38 (C) [ 18.583247] dump_stack_lvl+0x8c/0xd0 [ 18.583295] print_report+0x118/0x5d0 [ 18.583343] kasan_report+0xdc/0x128 [ 18.583388] kasan_check_range+0x100/0x1a8 [ 18.583446] __kasan_check_write+0x20/0x30 [ 18.583491] kasan_atomics_helper+0x154c/0x4858 [ 18.583541] kasan_atomics+0x198/0x2e0 [ 18.583587] kunit_try_run_case+0x170/0x3f0 [ 18.583633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.583689] kthread+0x328/0x630 [ 18.583742] ret_from_fork+0x10/0x20 [ 18.583790] [ 18.583810] Allocated by task 266: [ 18.583849] kasan_save_stack+0x3c/0x68 [ 18.583891] kasan_save_track+0x20/0x40 [ 18.583940] kasan_save_alloc_info+0x40/0x58 [ 18.583981] __kasan_kmalloc+0xd4/0xd8 [ 18.584019] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.584064] kasan_atomics+0xb8/0x2e0 [ 18.584109] kunit_try_run_case+0x170/0x3f0 [ 18.584155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.584210] kthread+0x328/0x630 [ 18.584254] ret_from_fork+0x10/0x20 [ 18.584293] [ 18.584315] The buggy address belongs to the object at fff00000c653a200 [ 18.584315] which belongs to the cache kmalloc-64 of size 64 [ 18.584376] The buggy address is located 0 bytes to the right of [ 18.584376] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.585091] [ 18.585130] The buggy address belongs to the physical page: [ 18.585166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.585251] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.585466] page_type: f5(slab) [ 18.585901] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.586077] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.586162] page dumped because: kasan: bad access detected [ 18.586769] [ 18.586971] Memory state around the buggy address: [ 18.587012] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.587464] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.587563] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.587907] ^ [ 18.587968] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.588323] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.588386] ================================================================== [ 18.599254] ================================================================== [ 18.599310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.599516] Read of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.599579] [ 18.599797] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.599895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.600161] Hardware name: linux,dummy-virt (DT) [ 18.600229] Call trace: [ 18.600489] show_stack+0x20/0x38 (C) [ 18.600562] dump_stack_lvl+0x8c/0xd0 [ 18.600613] print_report+0x118/0x5d0 [ 18.600811] kasan_report+0xdc/0x128 [ 18.600884] __asan_report_load8_noabort+0x20/0x30 [ 18.600941] kasan_atomics_helper+0x3db0/0x4858 [ 18.601324] kasan_atomics+0x198/0x2e0 [ 18.601587] kunit_try_run_case+0x170/0x3f0 [ 18.601935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.602122] kthread+0x328/0x630 [ 18.602391] ret_from_fork+0x10/0x20 [ 18.602451] [ 18.602483] Allocated by task 266: [ 18.602515] kasan_save_stack+0x3c/0x68 [ 18.602567] kasan_save_track+0x20/0x40 [ 18.602605] kasan_save_alloc_info+0x40/0x58 [ 18.602647] __kasan_kmalloc+0xd4/0xd8 [ 18.602684] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.602735] kasan_atomics+0xb8/0x2e0 [ 18.602772] kunit_try_run_case+0x170/0x3f0 [ 18.602828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.602879] kthread+0x328/0x630 [ 18.602929] ret_from_fork+0x10/0x20 [ 18.602977] [ 18.603000] The buggy address belongs to the object at fff00000c653a200 [ 18.603000] which belongs to the cache kmalloc-64 of size 64 [ 18.603062] The buggy address is located 0 bytes to the right of [ 18.603062] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.603130] [ 18.603162] The buggy address belongs to the physical page: [ 18.603211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.603268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.603317] page_type: f5(slab) [ 18.603357] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.603421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.603474] page dumped because: kasan: bad access detected [ 18.603518] [ 18.603556] Memory state around the buggy address: [ 18.603590] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.603636] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.603682] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.603724] ^ [ 18.603758] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.603801] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.603841] ================================================================== [ 18.574455] ================================================================== [ 18.574556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.574639] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.574694] [ 18.574874] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.574970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.575001] Hardware name: linux,dummy-virt (DT) [ 18.575035] Call trace: [ 18.575059] show_stack+0x20/0x38 (C) [ 18.575109] dump_stack_lvl+0x8c/0xd0 [ 18.575157] print_report+0x118/0x5d0 [ 18.575220] kasan_report+0xdc/0x128 [ 18.575265] kasan_check_range+0x100/0x1a8 [ 18.575315] __kasan_check_write+0x20/0x30 [ 18.575360] kasan_atomics_helper+0x14e4/0x4858 [ 18.575410] kasan_atomics+0x198/0x2e0 [ 18.575457] kunit_try_run_case+0x170/0x3f0 [ 18.575503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.575557] kthread+0x328/0x630 [ 18.575599] ret_from_fork+0x10/0x20 [ 18.575646] [ 18.576339] Allocated by task 266: [ 18.576393] kasan_save_stack+0x3c/0x68 [ 18.576757] kasan_save_track+0x20/0x40 [ 18.576821] kasan_save_alloc_info+0x40/0x58 [ 18.576937] __kasan_kmalloc+0xd4/0xd8 [ 18.577025] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.577256] kasan_atomics+0xb8/0x2e0 [ 18.577322] kunit_try_run_case+0x170/0x3f0 [ 18.577368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.577415] kthread+0x328/0x630 [ 18.577448] ret_from_fork+0x10/0x20 [ 18.578037] [ 18.578078] The buggy address belongs to the object at fff00000c653a200 [ 18.578078] which belongs to the cache kmalloc-64 of size 64 [ 18.578237] The buggy address is located 0 bytes to the right of [ 18.578237] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.578597] [ 18.578664] The buggy address belongs to the physical page: [ 18.578767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.578849] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.579253] page_type: f5(slab) [ 18.579393] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.579471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.579850] page dumped because: kasan: bad access detected [ 18.579941] [ 18.579964] Memory state around the buggy address: [ 18.580001] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.580406] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.580616] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.580856] ^ [ 18.580894] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.581298] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.581438] ================================================================== [ 18.646994] ================================================================== [ 18.647242] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.647405] Write of size 8 at addr fff00000c653a230 by task kunit_try_catch/266 [ 18.647494] [ 18.647531] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.647618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.647653] Hardware name: linux,dummy-virt (DT) [ 18.647687] Call trace: [ 18.647710] show_stack+0x20/0x38 (C) [ 18.647950] dump_stack_lvl+0x8c/0xd0 [ 18.648067] print_report+0x118/0x5d0 [ 18.648121] kasan_report+0xdc/0x128 [ 18.648344] kasan_check_range+0x100/0x1a8 [ 18.648414] __kasan_check_write+0x20/0x30 [ 18.648520] kasan_atomics_helper+0x17ec/0x4858 [ 18.648667] kasan_atomics+0x198/0x2e0 [ 18.648720] kunit_try_run_case+0x170/0x3f0 [ 18.648955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.649155] kthread+0x328/0x630 [ 18.649368] ret_from_fork+0x10/0x20 [ 18.649473] [ 18.649752] Allocated by task 266: [ 18.649874] kasan_save_stack+0x3c/0x68 [ 18.650118] kasan_save_track+0x20/0x40 [ 18.650277] kasan_save_alloc_info+0x40/0x58 [ 18.650425] __kasan_kmalloc+0xd4/0xd8 [ 18.650528] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.650790] kasan_atomics+0xb8/0x2e0 [ 18.650960] kunit_try_run_case+0x170/0x3f0 [ 18.651159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.651282] kthread+0x328/0x630 [ 18.651406] ret_from_fork+0x10/0x20 [ 18.651496] [ 18.651519] The buggy address belongs to the object at fff00000c653a200 [ 18.651519] which belongs to the cache kmalloc-64 of size 64 [ 18.651824] The buggy address is located 0 bytes to the right of [ 18.651824] allocated 48-byte region [fff00000c653a200, fff00000c653a230) [ 18.651958] [ 18.652082] The buggy address belongs to the physical page: [ 18.652276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653a [ 18.652578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.652758] page_type: f5(slab) [ 18.652854] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.653132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.653242] page dumped because: kasan: bad access detected [ 18.653386] [ 18.653590] Memory state around the buggy address: [ 18.653820] fff00000c653a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.653907] fff00000c653a180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.654168] >fff00000c653a200: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.654323] ^ [ 18.654570] fff00000c653a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.654621] fff00000c653a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.654679] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.771987] ================================================================== [ 17.772044] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.772611] Read of size 1 at addr fff00000c5977b10 by task kunit_try_catch/260 [ 17.772681] [ 17.772715] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.773211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.773450] Hardware name: linux,dummy-virt (DT) [ 17.773649] Call trace: [ 17.773684] show_stack+0x20/0x38 (C) [ 17.773741] dump_stack_lvl+0x8c/0xd0 [ 17.773790] print_report+0x118/0x5d0 [ 17.773839] kasan_report+0xdc/0x128 [ 17.773887] __asan_report_load1_noabort+0x20/0x30 [ 17.774087] strnlen+0x80/0x88 [ 17.774137] kasan_strings+0x478/0xb00 [ 17.774910] kunit_try_run_case+0x170/0x3f0 [ 17.775801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.776129] kthread+0x328/0x630 [ 17.776197] ret_from_fork+0x10/0x20 [ 17.776249] [ 17.776271] Allocated by task 260: [ 17.777393] kasan_save_stack+0x3c/0x68 [ 17.777968] kasan_save_track+0x20/0x40 [ 17.779871] kasan_save_alloc_info+0x40/0x58 [ 17.779940] __kasan_kmalloc+0xd4/0xd8 [ 17.780225] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.780362] kasan_strings+0xc8/0xb00 [ 17.780402] kunit_try_run_case+0x170/0x3f0 [ 17.780442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.780492] kthread+0x328/0x630 [ 17.780525] ret_from_fork+0x10/0x20 [ 17.781569] [ 17.781596] Freed by task 260: [ 17.781629] kasan_save_stack+0x3c/0x68 [ 17.781833] kasan_save_track+0x20/0x40 [ 17.782238] kasan_save_free_info+0x4c/0x78 [ 17.782294] __kasan_slab_free+0x6c/0x98 [ 17.782336] kfree+0x214/0x3c8 [ 17.782800] kasan_strings+0x24c/0xb00 [ 17.782854] kunit_try_run_case+0x170/0x3f0 [ 17.782902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.783584] kthread+0x328/0x630 [ 17.783996] ret_from_fork+0x10/0x20 [ 17.784310] [ 17.784595] The buggy address belongs to the object at fff00000c5977b00 [ 17.784595] which belongs to the cache kmalloc-32 of size 32 [ 17.784894] The buggy address is located 16 bytes inside of [ 17.784894] freed 32-byte region [fff00000c5977b00, fff00000c5977b20) [ 17.784966] [ 17.785105] The buggy address belongs to the physical page: [ 17.785144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105977 [ 17.785217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.785268] page_type: f5(slab) [ 17.785307] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.785361] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.785601] page dumped because: kasan: bad access detected [ 17.785641] [ 17.785664] Memory state around the buggy address: [ 17.785709] fff00000c5977a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.786045] fff00000c5977a80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.786136] >fff00000c5977b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.786543] ^ [ 17.787272] fff00000c5977b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.787533] fff00000c5977c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.787583] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.763234] ================================================================== [ 17.763290] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.763341] Read of size 1 at addr fff00000c5977b10 by task kunit_try_catch/260 [ 17.763395] [ 17.763425] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.763509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.764771] Hardware name: linux,dummy-virt (DT) [ 17.764829] Call trace: [ 17.764862] show_stack+0x20/0x38 (C) [ 17.765249] dump_stack_lvl+0x8c/0xd0 [ 17.765304] print_report+0x118/0x5d0 [ 17.765357] kasan_report+0xdc/0x128 [ 17.765451] __asan_report_load1_noabort+0x20/0x30 [ 17.765507] strlen+0xa8/0xb0 [ 17.765549] kasan_strings+0x418/0xb00 [ 17.765596] kunit_try_run_case+0x170/0x3f0 [ 17.765645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.765702] kthread+0x328/0x630 [ 17.765745] ret_from_fork+0x10/0x20 [ 17.765794] [ 17.765816] Allocated by task 260: [ 17.765846] kasan_save_stack+0x3c/0x68 [ 17.765888] kasan_save_track+0x20/0x40 [ 17.765926] kasan_save_alloc_info+0x40/0x58 [ 17.765968] __kasan_kmalloc+0xd4/0xd8 [ 17.766004] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.766043] kasan_strings+0xc8/0xb00 [ 17.766081] kunit_try_run_case+0x170/0x3f0 [ 17.766120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.766164] kthread+0x328/0x630 [ 17.766209] ret_from_fork+0x10/0x20 [ 17.766246] [ 17.766265] Freed by task 260: [ 17.766295] kasan_save_stack+0x3c/0x68 [ 17.766336] kasan_save_track+0x20/0x40 [ 17.766389] kasan_save_free_info+0x4c/0x78 [ 17.766433] __kasan_slab_free+0x6c/0x98 [ 17.766471] kfree+0x214/0x3c8 [ 17.766506] kasan_strings+0x24c/0xb00 [ 17.766542] kunit_try_run_case+0x170/0x3f0 [ 17.766582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.766628] kthread+0x328/0x630 [ 17.766660] ret_from_fork+0x10/0x20 [ 17.766788] [ 17.766838] The buggy address belongs to the object at fff00000c5977b00 [ 17.766838] which belongs to the cache kmalloc-32 of size 32 [ 17.767011] The buggy address is located 16 bytes inside of [ 17.767011] freed 32-byte region [fff00000c5977b00, fff00000c5977b20) [ 17.767131] [ 17.767416] The buggy address belongs to the physical page: [ 17.767662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105977 [ 17.767844] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.768037] page_type: f5(slab) [ 17.768092] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.768146] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.768202] page dumped because: kasan: bad access detected [ 17.768731] [ 17.768755] Memory state around the buggy address: [ 17.768791] fff00000c5977a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.769905] fff00000c5977a80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.770093] >fff00000c5977b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.770138] ^ [ 17.770423] fff00000c5977b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.770697] fff00000c5977c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.770742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.753747] ================================================================== [ 17.754223] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.754337] Read of size 1 at addr fff00000c5977b10 by task kunit_try_catch/260 [ 17.754395] [ 17.754427] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.754541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.754570] Hardware name: linux,dummy-virt (DT) [ 17.754603] Call trace: [ 17.754626] show_stack+0x20/0x38 (C) [ 17.754676] dump_stack_lvl+0x8c/0xd0 [ 17.754797] print_report+0x118/0x5d0 [ 17.754852] kasan_report+0xdc/0x128 [ 17.754899] __asan_report_load1_noabort+0x20/0x30 [ 17.754951] kasan_strings+0x95c/0xb00 [ 17.754998] kunit_try_run_case+0x170/0x3f0 [ 17.755046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.755109] kthread+0x328/0x630 [ 17.755154] ret_from_fork+0x10/0x20 [ 17.755463] [ 17.755553] Allocated by task 260: [ 17.756640] kasan_save_stack+0x3c/0x68 [ 17.756713] kasan_save_track+0x20/0x40 [ 17.756754] kasan_save_alloc_info+0x40/0x58 [ 17.756797] __kasan_kmalloc+0xd4/0xd8 [ 17.756835] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.756877] kasan_strings+0xc8/0xb00 [ 17.756913] kunit_try_run_case+0x170/0x3f0 [ 17.757018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.757066] kthread+0x328/0x630 [ 17.757100] ret_from_fork+0x10/0x20 [ 17.758068] [ 17.758107] Freed by task 260: [ 17.758142] kasan_save_stack+0x3c/0x68 [ 17.758193] kasan_save_track+0x20/0x40 [ 17.758233] kasan_save_free_info+0x4c/0x78 [ 17.758275] __kasan_slab_free+0x6c/0x98 [ 17.758411] kfree+0x214/0x3c8 [ 17.758447] kasan_strings+0x24c/0xb00 [ 17.758496] kunit_try_run_case+0x170/0x3f0 [ 17.758536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.758681] kthread+0x328/0x630 [ 17.758897] ret_from_fork+0x10/0x20 [ 17.758936] [ 17.758973] The buggy address belongs to the object at fff00000c5977b00 [ 17.758973] which belongs to the cache kmalloc-32 of size 32 [ 17.759061] The buggy address is located 16 bytes inside of [ 17.759061] freed 32-byte region [fff00000c5977b00, fff00000c5977b20) [ 17.759176] [ 17.759260] The buggy address belongs to the physical page: [ 17.759300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105977 [ 17.759431] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.760142] page_type: f5(slab) [ 17.760276] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.761255] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.761380] page dumped because: kasan: bad access detected [ 17.761647] [ 17.761673] Memory state around the buggy address: [ 17.761711] fff00000c5977a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.761761] fff00000c5977a80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.761815] >fff00000c5977b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.761857] ^ [ 17.761926] fff00000c5977b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.762006] fff00000c5977c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.762533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.748125] ================================================================== [ 17.748189] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.748242] Read of size 1 at addr fff00000c5977b10 by task kunit_try_catch/260 [ 17.748428] [ 17.748774] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.749495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.749531] Hardware name: linux,dummy-virt (DT) [ 17.749564] Call trace: [ 17.749589] show_stack+0x20/0x38 (C) [ 17.749645] dump_stack_lvl+0x8c/0xd0 [ 17.749694] print_report+0x118/0x5d0 [ 17.749743] kasan_report+0xdc/0x128 [ 17.749790] __asan_report_load1_noabort+0x20/0x30 [ 17.749844] strcmp+0xc0/0xc8 [ 17.749885] kasan_strings+0x340/0xb00 [ 17.749931] kunit_try_run_case+0x170/0x3f0 [ 17.749981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.750036] kthread+0x328/0x630 [ 17.750080] ret_from_fork+0x10/0x20 [ 17.750129] [ 17.750151] Allocated by task 260: [ 17.750197] kasan_save_stack+0x3c/0x68 [ 17.750241] kasan_save_track+0x20/0x40 [ 17.750279] kasan_save_alloc_info+0x40/0x58 [ 17.750323] __kasan_kmalloc+0xd4/0xd8 [ 17.750364] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.750407] kasan_strings+0xc8/0xb00 [ 17.750444] kunit_try_run_case+0x170/0x3f0 [ 17.750484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.750573] kthread+0x328/0x630 [ 17.750632] ret_from_fork+0x10/0x20 [ 17.750671] [ 17.750691] Freed by task 260: [ 17.750742] kasan_save_stack+0x3c/0x68 [ 17.750783] kasan_save_track+0x20/0x40 [ 17.750822] kasan_save_free_info+0x4c/0x78 [ 17.750864] __kasan_slab_free+0x6c/0x98 [ 17.750904] kfree+0x214/0x3c8 [ 17.750938] kasan_strings+0x24c/0xb00 [ 17.750974] kunit_try_run_case+0x170/0x3f0 [ 17.751013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751079] kthread+0x328/0x630 [ 17.751113] ret_from_fork+0x10/0x20 [ 17.751151] [ 17.751172] The buggy address belongs to the object at fff00000c5977b00 [ 17.751172] which belongs to the cache kmalloc-32 of size 32 [ 17.751243] The buggy address is located 16 bytes inside of [ 17.751243] freed 32-byte region [fff00000c5977b00, fff00000c5977b20) [ 17.751307] [ 17.751329] The buggy address belongs to the physical page: [ 17.751362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105977 [ 17.751417] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.751505] page_type: f5(slab) [ 17.751547] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.751675] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.751809] page dumped because: kasan: bad access detected [ 17.751871] [ 17.751912] Memory state around the buggy address: [ 17.751959] fff00000c5977a00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.752011] fff00000c5977a80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.752066] >fff00000c5977b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.752107] ^ [ 17.752205] fff00000c5977b80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.752321] fff00000c5977c00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.752669] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.723959] ================================================================== [ 17.724055] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.724115] Read of size 1 at addr fff00000c5977958 by task kunit_try_catch/258 [ 17.724169] [ 17.724254] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.724477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.724515] Hardware name: linux,dummy-virt (DT) [ 17.724576] Call trace: [ 17.724603] show_stack+0x20/0x38 (C) [ 17.724668] dump_stack_lvl+0x8c/0xd0 [ 17.724718] print_report+0x118/0x5d0 [ 17.724783] kasan_report+0xdc/0x128 [ 17.724831] __asan_report_load1_noabort+0x20/0x30 [ 17.725106] memcmp+0x198/0x1d8 [ 17.725174] kasan_memcmp+0x16c/0x300 [ 17.725259] kunit_try_run_case+0x170/0x3f0 [ 17.725373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.725430] kthread+0x328/0x630 [ 17.725475] ret_from_fork+0x10/0x20 [ 17.725524] [ 17.725546] Allocated by task 258: [ 17.725576] kasan_save_stack+0x3c/0x68 [ 17.725620] kasan_save_track+0x20/0x40 [ 17.725659] kasan_save_alloc_info+0x40/0x58 [ 17.725701] __kasan_kmalloc+0xd4/0xd8 [ 17.725739] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.726619] kasan_memcmp+0xbc/0x300 [ 17.727557] kunit_try_run_case+0x170/0x3f0 [ 17.728223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.729481] kthread+0x328/0x630 [ 17.729531] ret_from_fork+0x10/0x20 [ 17.730812] [ 17.731326] The buggy address belongs to the object at fff00000c5977940 [ 17.731326] which belongs to the cache kmalloc-32 of size 32 [ 17.731412] The buggy address is located 0 bytes to the right of [ 17.731412] allocated 24-byte region [fff00000c5977940, fff00000c5977958) [ 17.731483] [ 17.732217] The buggy address belongs to the physical page: [ 17.732260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105977 [ 17.732887] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.734931] page_type: f5(slab) [ 17.735548] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.735610] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.735655] page dumped because: kasan: bad access detected [ 17.735689] [ 17.735709] Memory state around the buggy address: [ 17.735745] fff00000c5977800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.735791] fff00000c5977880: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.735836] >fff00000c5977900: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.735954] ^ [ 17.736110] fff00000c5977980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.736171] fff00000c5977a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.736608] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.706624] ================================================================== [ 17.706776] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.706872] Read of size 1 at addr ffff800080a27b4a by task kunit_try_catch/254 [ 17.706943] [ 17.707008] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.707099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.707162] Hardware name: linux,dummy-virt (DT) [ 17.707271] Call trace: [ 17.707297] show_stack+0x20/0x38 (C) [ 17.707348] dump_stack_lvl+0x8c/0xd0 [ 17.707408] print_report+0x310/0x5d0 [ 17.707626] kasan_report+0xdc/0x128 [ 17.707680] __asan_report_load1_noabort+0x20/0x30 [ 17.707872] kasan_alloca_oob_right+0x2dc/0x340 [ 17.707968] kunit_try_run_case+0x170/0x3f0 [ 17.708021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708074] kthread+0x328/0x630 [ 17.708117] ret_from_fork+0x10/0x20 [ 17.708240] [ 17.708265] The buggy address belongs to stack of task kunit_try_catch/254 [ 17.708321] [ 17.708380] The buggy address ffff800080a27b4a belongs to a vmalloc virtual mapping [ 17.708597] The buggy address belongs to the physical page: [ 17.708635] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105982 [ 17.708771] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.708841] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.708893] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.708949] page dumped because: kasan: bad access detected [ 17.709040] [ 17.709152] Memory state around the buggy address: [ 17.709304] ffff800080a27a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.709523] ffff800080a27a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.709572] >ffff800080a27b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.709718] ^ [ 17.709870] ffff800080a27b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.709962] ffff800080a27c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.710110] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.694827] ================================================================== [ 17.694902] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.694958] Read of size 1 at addr ffff800080a07b5f by task kunit_try_catch/252 [ 17.695012] [ 17.695057] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.695141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.695169] Hardware name: linux,dummy-virt (DT) [ 17.695216] Call trace: [ 17.695238] show_stack+0x20/0x38 (C) [ 17.695287] dump_stack_lvl+0x8c/0xd0 [ 17.695646] print_report+0x310/0x5d0 [ 17.695798] kasan_report+0xdc/0x128 [ 17.695861] __asan_report_load1_noabort+0x20/0x30 [ 17.696047] kasan_alloca_oob_left+0x2b8/0x310 [ 17.696116] kunit_try_run_case+0x170/0x3f0 [ 17.696195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.696262] kthread+0x328/0x630 [ 17.696306] ret_from_fork+0x10/0x20 [ 17.696384] [ 17.696434] The buggy address belongs to stack of task kunit_try_catch/252 [ 17.696530] [ 17.696578] The buggy address ffff800080a07b5f belongs to a vmalloc virtual mapping [ 17.696699] The buggy address belongs to the physical page: [ 17.696734] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106555 [ 17.696790] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.696853] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.696906] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.697136] page dumped because: kasan: bad access detected [ 17.697238] [ 17.697271] Memory state around the buggy address: [ 17.697304] ffff800080a07a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.697393] ffff800080a07a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.697458] >ffff800080a07b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.697538] ^ [ 17.697610] ffff800080a07b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.697725] ffff800080a07c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.697880] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.685883] ================================================================== [ 17.685959] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.686042] Read of size 1 at addr ffff800080a07c2a by task kunit_try_catch/250 [ 17.686094] [ 17.686137] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.686242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.686600] Hardware name: linux,dummy-virt (DT) [ 17.686642] Call trace: [ 17.686862] show_stack+0x20/0x38 (C) [ 17.686914] dump_stack_lvl+0x8c/0xd0 [ 17.686965] print_report+0x310/0x5d0 [ 17.687013] kasan_report+0xdc/0x128 [ 17.687060] __asan_report_load1_noabort+0x20/0x30 [ 17.687120] kasan_stack_oob+0x238/0x270 [ 17.687739] kunit_try_run_case+0x170/0x3f0 [ 17.687814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.687871] kthread+0x328/0x630 [ 17.688017] ret_from_fork+0x10/0x20 [ 17.688144] [ 17.688245] The buggy address belongs to stack of task kunit_try_catch/250 [ 17.688358] and is located at offset 138 in frame: [ 17.688397] kasan_stack_oob+0x0/0x270 [ 17.688688] [ 17.688763] This frame has 4 objects: [ 17.688899] [48, 49) '__assertion' [ 17.688943] [64, 72) 'array' [ 17.689008] [96, 112) '__assertion' [ 17.689105] [128, 138) 'stack_array' [ 17.689151] [ 17.689176] The buggy address ffff800080a07c2a belongs to a vmalloc virtual mapping [ 17.689238] The buggy address belongs to the physical page: [ 17.689397] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106555 [ 17.689461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.689575] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.689694] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.689772] page dumped because: kasan: bad access detected [ 17.689896] [ 17.689916] Memory state around the buggy address: [ 17.689967] ffff800080a07b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.690012] ffff800080a07b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.690060] >ffff800080a07c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.690098] ^ [ 17.690271] ffff800080a07c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.690378] ffff800080a07d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.690455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.673551] ================================================================== [ 17.673615] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.673666] Read of size 1 at addr ffffa65db074f58d by task kunit_try_catch/246 [ 17.673758] [ 17.673794] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.673904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.673941] Hardware name: linux,dummy-virt (DT) [ 17.673973] Call trace: [ 17.673994] show_stack+0x20/0x38 (C) [ 17.674287] dump_stack_lvl+0x8c/0xd0 [ 17.674350] print_report+0x310/0x5d0 [ 17.674395] kasan_report+0xdc/0x128 [ 17.674440] __asan_report_load1_noabort+0x20/0x30 [ 17.674492] kasan_global_oob_right+0x230/0x270 [ 17.674540] kunit_try_run_case+0x170/0x3f0 [ 17.674627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.674682] kthread+0x328/0x630 [ 17.674722] ret_from_fork+0x10/0x20 [ 17.674784] [ 17.674844] The buggy address belongs to the variable: [ 17.674875] global_array+0xd/0x40 [ 17.674923] [ 17.675139] The buggy address ffffa65db074f58d belongs to a vmalloc virtual mapping [ 17.675241] The buggy address belongs to the physical page: [ 17.675274] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.675329] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.675488] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.675540] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.675579] page dumped because: kasan: bad access detected [ 17.675616] [ 17.675755] Memory state around the buggy address: [ 17.675787] ffffa65db074f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.675830] ffffa65db074f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.675872] >ffffa65db074f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.675911] ^ [ 17.675939] ffffa65db074f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.676033] ffffa65db074f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.676101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.657374] ================================================================== [ 17.657433] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.657578] Free of addr fff00000c5962e01 by task kunit_try_catch/242 [ 17.657626] [ 17.657655] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.657765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.657833] Hardware name: linux,dummy-virt (DT) [ 17.657880] Call trace: [ 17.657934] show_stack+0x20/0x38 (C) [ 17.658001] dump_stack_lvl+0x8c/0xd0 [ 17.658076] print_report+0x118/0x5d0 [ 17.658123] kasan_report_invalid_free+0xc0/0xe8 [ 17.658200] check_slab_allocation+0xfc/0x108 [ 17.658368] __kasan_mempool_poison_object+0x78/0x150 [ 17.658446] mempool_free+0x28c/0x328 [ 17.658507] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.658613] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.658689] kunit_try_run_case+0x170/0x3f0 [ 17.658739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.658812] kthread+0x328/0x630 [ 17.658858] ret_from_fork+0x10/0x20 [ 17.658932] [ 17.658969] Allocated by task 242: [ 17.659015] kasan_save_stack+0x3c/0x68 [ 17.659056] kasan_save_track+0x20/0x40 [ 17.659090] kasan_save_alloc_info+0x40/0x58 [ 17.659163] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.659281] remove_element+0x130/0x1f8 [ 17.659323] mempool_alloc_preallocated+0x58/0xc0 [ 17.659361] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.659403] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.659444] kunit_try_run_case+0x170/0x3f0 [ 17.659480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.659542] kthread+0x328/0x630 [ 17.659574] ret_from_fork+0x10/0x20 [ 17.659610] [ 17.659629] The buggy address belongs to the object at fff00000c5962e00 [ 17.659629] which belongs to the cache kmalloc-128 of size 128 [ 17.659693] The buggy address is located 1 bytes inside of [ 17.659693] 128-byte region [fff00000c5962e00, fff00000c5962e80) [ 17.659777] [ 17.659836] The buggy address belongs to the physical page: [ 17.659883] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105962 [ 17.659968] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.660036] page_type: f5(slab) [ 17.660077] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.660129] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.660169] page dumped because: kasan: bad access detected [ 17.660211] [ 17.660229] Memory state around the buggy address: [ 17.660259] fff00000c5962d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.660301] fff00000c5962d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.660344] >fff00000c5962e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.660381] ^ [ 17.660408] fff00000c5962e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.660461] fff00000c5962f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.660506] ================================================================== [ 17.665836] ================================================================== [ 17.665966] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.666021] Free of addr fff00000c7928001 by task kunit_try_catch/244 [ 17.666089] [ 17.666172] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.666266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.666292] Hardware name: linux,dummy-virt (DT) [ 17.666323] Call trace: [ 17.666363] show_stack+0x20/0x38 (C) [ 17.666500] dump_stack_lvl+0x8c/0xd0 [ 17.666555] print_report+0x118/0x5d0 [ 17.666601] kasan_report_invalid_free+0xc0/0xe8 [ 17.666702] __kasan_mempool_poison_object+0xfc/0x150 [ 17.666776] mempool_free+0x28c/0x328 [ 17.666819] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.666872] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.666924] kunit_try_run_case+0x170/0x3f0 [ 17.666992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.667045] kthread+0x328/0x630 [ 17.667120] ret_from_fork+0x10/0x20 [ 17.667168] [ 17.667198] The buggy address belongs to the physical page: [ 17.667313] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107928 [ 17.667370] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.667457] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.667512] page_type: f8(unknown) [ 17.667549] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.667635] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.667687] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.667762] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.667839] head: 0bfffe0000000002 ffffc1ffc31e4a01 00000000ffffffff 00000000ffffffff [ 17.667891] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.667934] page dumped because: kasan: bad access detected [ 17.667991] [ 17.668009] Memory state around the buggy address: [ 17.668038] fff00000c7927f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.668080] fff00000c7927f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.668128] >fff00000c7928000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.668250] ^ [ 17.668279] fff00000c7928080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.668322] fff00000c7928100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.668401] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.641927] ================================================================== [ 17.641989] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.642067] Free of addr fff00000c78f4000 by task kunit_try_catch/238 [ 17.642110] [ 17.642149] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.642246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.642272] Hardware name: linux,dummy-virt (DT) [ 17.642314] Call trace: [ 17.642336] show_stack+0x20/0x38 (C) [ 17.642384] dump_stack_lvl+0x8c/0xd0 [ 17.642433] print_report+0x118/0x5d0 [ 17.642523] kasan_report_invalid_free+0xc0/0xe8 [ 17.642575] __kasan_mempool_poison_object+0x14c/0x150 [ 17.642628] mempool_free+0x28c/0x328 [ 17.642671] mempool_double_free_helper+0x150/0x2e8 [ 17.642720] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.642770] kunit_try_run_case+0x170/0x3f0 [ 17.642837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.642891] kthread+0x328/0x630 [ 17.642939] ret_from_fork+0x10/0x20 [ 17.643023] [ 17.643071] The buggy address belongs to the physical page: [ 17.643105] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f4 [ 17.643210] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.643266] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.643350] page_type: f8(unknown) [ 17.643390] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.643486] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.643573] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.643627] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.643702] head: 0bfffe0000000002 ffffc1ffc31e3d01 00000000ffffffff 00000000ffffffff [ 17.643772] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.643839] page dumped because: kasan: bad access detected [ 17.643871] [ 17.643888] Memory state around the buggy address: [ 17.643919] fff00000c78f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.644049] fff00000c78f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.644095] >fff00000c78f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.644134] ^ [ 17.644204] fff00000c78f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.644248] fff00000c78f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.644341] ================================================================== [ 17.614952] ================================================================== [ 17.615018] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.615077] Free of addr fff00000c5962a00 by task kunit_try_catch/236 [ 17.615119] [ 17.615153] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.616195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.616499] Hardware name: linux,dummy-virt (DT) [ 17.616859] Call trace: [ 17.617167] show_stack+0x20/0x38 (C) [ 17.617273] dump_stack_lvl+0x8c/0xd0 [ 17.617348] print_report+0x118/0x5d0 [ 17.617451] kasan_report_invalid_free+0xc0/0xe8 [ 17.617547] check_slab_allocation+0xd4/0x108 [ 17.617691] __kasan_mempool_poison_object+0x78/0x150 [ 17.618145] mempool_free+0x28c/0x328 [ 17.618216] mempool_double_free_helper+0x150/0x2e8 [ 17.618653] mempool_kmalloc_double_free+0xc0/0x118 [ 17.618721] kunit_try_run_case+0x170/0x3f0 [ 17.618986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.619106] kthread+0x328/0x630 [ 17.619174] ret_from_fork+0x10/0x20 [ 17.619297] [ 17.619468] Allocated by task 236: [ 17.619501] kasan_save_stack+0x3c/0x68 [ 17.619858] kasan_save_track+0x20/0x40 [ 17.620126] kasan_save_alloc_info+0x40/0x58 [ 17.620172] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.620224] remove_element+0x130/0x1f8 [ 17.620259] mempool_alloc_preallocated+0x58/0xc0 [ 17.620710] mempool_double_free_helper+0x94/0x2e8 [ 17.620761] mempool_kmalloc_double_free+0xc0/0x118 [ 17.620913] kunit_try_run_case+0x170/0x3f0 [ 17.621130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.621411] kthread+0x328/0x630 [ 17.621479] ret_from_fork+0x10/0x20 [ 17.621541] [ 17.621568] Freed by task 236: [ 17.621596] kasan_save_stack+0x3c/0x68 [ 17.621769] kasan_save_track+0x20/0x40 [ 17.622015] kasan_save_free_info+0x4c/0x78 [ 17.622235] __kasan_mempool_poison_object+0xc0/0x150 [ 17.622281] mempool_free+0x28c/0x328 [ 17.622776] mempool_double_free_helper+0x100/0x2e8 [ 17.622841] mempool_kmalloc_double_free+0xc0/0x118 [ 17.622881] kunit_try_run_case+0x170/0x3f0 [ 17.622918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.622961] kthread+0x328/0x630 [ 17.622995] ret_from_fork+0x10/0x20 [ 17.623029] [ 17.623814] The buggy address belongs to the object at fff00000c5962a00 [ 17.623814] which belongs to the cache kmalloc-128 of size 128 [ 17.624331] The buggy address is located 0 bytes inside of [ 17.624331] 128-byte region [fff00000c5962a00, fff00000c5962a80) [ 17.624782] [ 17.624805] The buggy address belongs to the physical page: [ 17.625554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105962 [ 17.626193] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.626252] page_type: f5(slab) [ 17.626291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.627317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.627394] page dumped because: kasan: bad access detected [ 17.627682] [ 17.627701] Memory state around the buggy address: [ 17.627737] fff00000c5962900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.627783] fff00000c5962980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.628799] >fff00000c5962a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.628865] ^ [ 17.628894] fff00000c5962a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.629377] fff00000c5962b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.629748] ================================================================== [ 17.650212] ================================================================== [ 17.650296] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.650389] Free of addr fff00000c78f4000 by task kunit_try_catch/240 [ 17.650432] [ 17.650460] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.650569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.650639] Hardware name: linux,dummy-virt (DT) [ 17.650676] Call trace: [ 17.650696] show_stack+0x20/0x38 (C) [ 17.650744] dump_stack_lvl+0x8c/0xd0 [ 17.651045] print_report+0x118/0x5d0 [ 17.651099] kasan_report_invalid_free+0xc0/0xe8 [ 17.651207] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.651289] mempool_free+0x24c/0x328 [ 17.651334] mempool_double_free_helper+0x150/0x2e8 [ 17.651382] mempool_page_alloc_double_free+0xbc/0x118 [ 17.651432] kunit_try_run_case+0x170/0x3f0 [ 17.651488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.651550] kthread+0x328/0x630 [ 17.651593] ret_from_fork+0x10/0x20 [ 17.651648] [ 17.651667] The buggy address belongs to the physical page: [ 17.651699] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f4 [ 17.651762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.651821] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.651870] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.651910] page dumped because: kasan: bad access detected [ 17.651950] [ 17.651975] Memory state around the buggy address: [ 17.652005] fff00000c78f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.652054] fff00000c78f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.652109] >fff00000c78f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.652146] ^ [ 17.652173] fff00000c78f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.652225] fff00000c78f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.652263] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.590260] ================================================================== [ 17.590324] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.590385] Read of size 1 at addr fff00000c78f4000 by task kunit_try_catch/234 [ 17.590435] [ 17.590469] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.590554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.590580] Hardware name: linux,dummy-virt (DT) [ 17.590611] Call trace: [ 17.590642] show_stack+0x20/0x38 (C) [ 17.590896] dump_stack_lvl+0x8c/0xd0 [ 17.590976] print_report+0x118/0x5d0 [ 17.591493] kasan_report+0xdc/0x128 [ 17.591902] __asan_report_load1_noabort+0x20/0x30 [ 17.592467] mempool_uaf_helper+0x314/0x340 [ 17.592779] mempool_page_alloc_uaf+0xc0/0x118 [ 17.592854] kunit_try_run_case+0x170/0x3f0 [ 17.593030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.593503] kthread+0x328/0x630 [ 17.593876] ret_from_fork+0x10/0x20 [ 17.593929] [ 17.593950] The buggy address belongs to the physical page: [ 17.594057] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f4 [ 17.594120] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.594194] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.594389] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.594432] page dumped because: kasan: bad access detected [ 17.594465] [ 17.594679] Memory state around the buggy address: [ 17.594731] fff00000c78f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.594776] fff00000c78f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.594821] >fff00000c78f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.594860] ^ [ 17.594896] fff00000c78f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.595091] fff00000c78f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.595158] ================================================================== [ 17.535121] ================================================================== [ 17.535205] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.537749] Read of size 1 at addr fff00000c78ec000 by task kunit_try_catch/230 [ 17.538290] [ 17.539020] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.539655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.539717] Hardware name: linux,dummy-virt (DT) [ 17.540487] Call trace: [ 17.540810] show_stack+0x20/0x38 (C) [ 17.541045] dump_stack_lvl+0x8c/0xd0 [ 17.541101] print_report+0x118/0x5d0 [ 17.542167] kasan_report+0xdc/0x128 [ 17.542411] __asan_report_load1_noabort+0x20/0x30 [ 17.542598] mempool_uaf_helper+0x314/0x340 [ 17.543534] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.543712] kunit_try_run_case+0x170/0x3f0 [ 17.544096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.544157] kthread+0x328/0x630 [ 17.544747] ret_from_fork+0x10/0x20 [ 17.545223] [ 17.545398] The buggy address belongs to the physical page: [ 17.545617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ec [ 17.546345] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.547058] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.547465] page_type: f8(unknown) [ 17.548068] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.548266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.548574] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.549066] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.549438] head: 0bfffe0000000002 ffffc1ffc31e3b01 00000000ffffffff 00000000ffffffff [ 17.549881] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.550198] page dumped because: kasan: bad access detected [ 17.550235] [ 17.550453] Memory state around the buggy address: [ 17.550692] fff00000c78ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.551785] fff00000c78ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.551858] >fff00000c78ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.551901] ^ [ 17.551930] fff00000c78ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.551973] fff00000c78ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.552481] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.561787] ================================================================== [ 17.561982] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.562312] Read of size 1 at addr fff00000c596a240 by task kunit_try_catch/232 [ 17.562438] [ 17.562474] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.563089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.563142] Hardware name: linux,dummy-virt (DT) [ 17.563217] Call trace: [ 17.563344] show_stack+0x20/0x38 (C) [ 17.563590] dump_stack_lvl+0x8c/0xd0 [ 17.563640] print_report+0x118/0x5d0 [ 17.563718] kasan_report+0xdc/0x128 [ 17.563763] __asan_report_load1_noabort+0x20/0x30 [ 17.563852] mempool_uaf_helper+0x314/0x340 [ 17.564089] mempool_slab_uaf+0xc0/0x118 [ 17.564141] kunit_try_run_case+0x170/0x3f0 [ 17.564197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.564251] kthread+0x328/0x630 [ 17.564291] ret_from_fork+0x10/0x20 [ 17.564588] [ 17.564606] Allocated by task 232: [ 17.564637] kasan_save_stack+0x3c/0x68 [ 17.564679] kasan_save_track+0x20/0x40 [ 17.564714] kasan_save_alloc_info+0x40/0x58 [ 17.564754] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.564797] remove_element+0x16c/0x1f8 [ 17.565514] mempool_alloc_preallocated+0x58/0xc0 [ 17.565561] mempool_uaf_helper+0xa4/0x340 [ 17.565944] mempool_slab_uaf+0xc0/0x118 [ 17.566040] kunit_try_run_case+0x170/0x3f0 [ 17.566092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.566138] kthread+0x328/0x630 [ 17.566465] ret_from_fork+0x10/0x20 [ 17.566511] [ 17.566587] Freed by task 232: [ 17.566617] kasan_save_stack+0x3c/0x68 [ 17.566802] kasan_save_track+0x20/0x40 [ 17.566889] kasan_save_free_info+0x4c/0x78 [ 17.566930] __kasan_mempool_poison_object+0xc0/0x150 [ 17.567021] mempool_free+0x28c/0x328 [ 17.567192] mempool_uaf_helper+0x104/0x340 [ 17.567230] mempool_slab_uaf+0xc0/0x118 [ 17.567424] kunit_try_run_case+0x170/0x3f0 [ 17.567551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.567602] kthread+0x328/0x630 [ 17.567634] ret_from_fork+0x10/0x20 [ 17.567870] [ 17.567958] The buggy address belongs to the object at fff00000c596a240 [ 17.567958] which belongs to the cache test_cache of size 123 [ 17.568060] The buggy address is located 0 bytes inside of [ 17.568060] freed 123-byte region [fff00000c596a240, fff00000c596a2bb) [ 17.568213] [ 17.568233] The buggy address belongs to the physical page: [ 17.568269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596a [ 17.568476] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.568526] page_type: f5(slab) [ 17.568573] raw: 0bfffe0000000000 fff00000c590fb40 dead000000000122 0000000000000000 [ 17.568822] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.569009] page dumped because: kasan: bad access detected [ 17.569100] [ 17.569123] Memory state around the buggy address: [ 17.569156] fff00000c596a100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.569211] fff00000c596a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.569254] >fff00000c596a200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.569485] ^ [ 17.569530] fff00000c596a280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.569654] fff00000c596a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.569711] ================================================================== [ 17.506849] ================================================================== [ 17.506918] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.506990] Read of size 1 at addr fff00000c5962600 by task kunit_try_catch/228 [ 17.507041] [ 17.507092] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.507217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.507361] Hardware name: linux,dummy-virt (DT) [ 17.507418] Call trace: [ 17.507469] show_stack+0x20/0x38 (C) [ 17.507533] dump_stack_lvl+0x8c/0xd0 [ 17.507609] print_report+0x118/0x5d0 [ 17.507774] kasan_report+0xdc/0x128 [ 17.507820] __asan_report_load1_noabort+0x20/0x30 [ 17.507873] mempool_uaf_helper+0x314/0x340 [ 17.507918] mempool_kmalloc_uaf+0xc4/0x120 [ 17.507963] kunit_try_run_case+0x170/0x3f0 [ 17.508080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.508168] kthread+0x328/0x630 [ 17.508242] ret_from_fork+0x10/0x20 [ 17.508307] [ 17.508325] Allocated by task 228: [ 17.508380] kasan_save_stack+0x3c/0x68 [ 17.508422] kasan_save_track+0x20/0x40 [ 17.508464] kasan_save_alloc_info+0x40/0x58 [ 17.508505] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.508548] remove_element+0x130/0x1f8 [ 17.508739] mempool_alloc_preallocated+0x58/0xc0 [ 17.508792] mempool_uaf_helper+0xa4/0x340 [ 17.508859] mempool_kmalloc_uaf+0xc4/0x120 [ 17.508914] kunit_try_run_case+0x170/0x3f0 [ 17.508953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.509079] kthread+0x328/0x630 [ 17.509120] ret_from_fork+0x10/0x20 [ 17.509157] [ 17.509209] Freed by task 228: [ 17.509238] kasan_save_stack+0x3c/0x68 [ 17.509279] kasan_save_track+0x20/0x40 [ 17.509341] kasan_save_free_info+0x4c/0x78 [ 17.509380] __kasan_mempool_poison_object+0xc0/0x150 [ 17.509422] mempool_free+0x28c/0x328 [ 17.509456] mempool_uaf_helper+0x104/0x340 [ 17.509624] mempool_kmalloc_uaf+0xc4/0x120 [ 17.509795] kunit_try_run_case+0x170/0x3f0 [ 17.509880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.509994] kthread+0x328/0x630 [ 17.510112] ret_from_fork+0x10/0x20 [ 17.510256] [ 17.510276] The buggy address belongs to the object at fff00000c5962600 [ 17.510276] which belongs to the cache kmalloc-128 of size 128 [ 17.510376] The buggy address is located 0 bytes inside of [ 17.510376] freed 128-byte region [fff00000c5962600, fff00000c5962680) [ 17.510539] [ 17.510640] The buggy address belongs to the physical page: [ 17.510708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105962 [ 17.510802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.510900] page_type: f5(slab) [ 17.511013] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.511115] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.511155] page dumped because: kasan: bad access detected [ 17.511325] [ 17.511445] Memory state around the buggy address: [ 17.511512] fff00000c5962500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.511661] fff00000c5962580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.511750] >fff00000c5962600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.511879] ^ [ 17.511948] fff00000c5962680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.511990] fff00000c5962700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.512246] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.448607] ================================================================== [ 17.448681] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.448741] Read of size 1 at addr fff00000c78ee001 by task kunit_try_catch/224 [ 17.448791] [ 17.448825] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.449003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.449056] Hardware name: linux,dummy-virt (DT) [ 17.449115] Call trace: [ 17.449266] show_stack+0x20/0x38 (C) [ 17.449371] dump_stack_lvl+0x8c/0xd0 [ 17.449431] print_report+0x118/0x5d0 [ 17.449507] kasan_report+0xdc/0x128 [ 17.449554] __asan_report_load1_noabort+0x20/0x30 [ 17.449604] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.449651] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.449699] kunit_try_run_case+0x170/0x3f0 [ 17.450122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.450208] kthread+0x328/0x630 [ 17.450398] ret_from_fork+0x10/0x20 [ 17.450704] [ 17.450853] The buggy address belongs to the physical page: [ 17.450972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ec [ 17.451364] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.451657] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.452084] page_type: f8(unknown) [ 17.452789] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.453286] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.453375] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.453572] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.453627] head: 0bfffe0000000002 ffffc1ffc31e3b01 00000000ffffffff 00000000ffffffff [ 17.453685] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.453727] page dumped because: kasan: bad access detected [ 17.453979] [ 17.454030] Memory state around the buggy address: [ 17.454151] fff00000c78edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.454210] fff00000c78edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.454255] >fff00000c78ee000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.454419] ^ [ 17.454718] fff00000c78ee080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.454881] fff00000c78ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.454968] ================================================================== [ 17.431704] ================================================================== [ 17.431788] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.431865] Read of size 1 at addr fff00000c5962273 by task kunit_try_catch/222 [ 17.431917] [ 17.431960] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.432047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.432073] Hardware name: linux,dummy-virt (DT) [ 17.432105] Call trace: [ 17.432131] show_stack+0x20/0x38 (C) [ 17.432197] dump_stack_lvl+0x8c/0xd0 [ 17.432248] print_report+0x118/0x5d0 [ 17.432293] kasan_report+0xdc/0x128 [ 17.432338] __asan_report_load1_noabort+0x20/0x30 [ 17.432387] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.432434] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.432488] kunit_try_run_case+0x170/0x3f0 [ 17.432538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.432590] kthread+0x328/0x630 [ 17.432632] ret_from_fork+0x10/0x20 [ 17.432680] [ 17.432699] Allocated by task 222: [ 17.432728] kasan_save_stack+0x3c/0x68 [ 17.432769] kasan_save_track+0x20/0x40 [ 17.432808] kasan_save_alloc_info+0x40/0x58 [ 17.432847] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.432891] remove_element+0x130/0x1f8 [ 17.432929] mempool_alloc_preallocated+0x58/0xc0 [ 17.433082] mempool_oob_right_helper+0x98/0x2f0 [ 17.433133] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.433171] kunit_try_run_case+0x170/0x3f0 [ 17.433226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.433270] kthread+0x328/0x630 [ 17.433303] ret_from_fork+0x10/0x20 [ 17.433341] [ 17.433361] The buggy address belongs to the object at fff00000c5962200 [ 17.433361] which belongs to the cache kmalloc-128 of size 128 [ 17.433423] The buggy address is located 0 bytes to the right of [ 17.433423] allocated 115-byte region [fff00000c5962200, fff00000c5962273) [ 17.433487] [ 17.433509] The buggy address belongs to the physical page: [ 17.433549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105962 [ 17.433604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.433657] page_type: f5(slab) [ 17.433698] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.433749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.433791] page dumped because: kasan: bad access detected [ 17.433824] [ 17.433841] Memory state around the buggy address: [ 17.433873] fff00000c5962100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.433918] fff00000c5962180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.433962] >fff00000c5962200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.434001] ^ [ 17.434042] fff00000c5962280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.434084] fff00000c5962300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.434124] ================================================================== [ 17.483667] ================================================================== [ 17.483778] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.483887] Read of size 1 at addr fff00000c59662bb by task kunit_try_catch/226 [ 17.483941] [ 17.484004] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.484092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.484119] Hardware name: linux,dummy-virt (DT) [ 17.484151] Call trace: [ 17.484172] show_stack+0x20/0x38 (C) [ 17.484352] dump_stack_lvl+0x8c/0xd0 [ 17.484403] print_report+0x118/0x5d0 [ 17.484449] kasan_report+0xdc/0x128 [ 17.484530] __asan_report_load1_noabort+0x20/0x30 [ 17.484589] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.484646] mempool_slab_oob_right+0xc0/0x118 [ 17.484767] kunit_try_run_case+0x170/0x3f0 [ 17.484819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.484872] kthread+0x328/0x630 [ 17.484980] ret_from_fork+0x10/0x20 [ 17.485103] [ 17.485217] Allocated by task 226: [ 17.485322] kasan_save_stack+0x3c/0x68 [ 17.485365] kasan_save_track+0x20/0x40 [ 17.485402] kasan_save_alloc_info+0x40/0x58 [ 17.485442] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.485485] remove_element+0x16c/0x1f8 [ 17.485794] mempool_alloc_preallocated+0x58/0xc0 [ 17.485920] mempool_oob_right_helper+0x98/0x2f0 [ 17.485989] mempool_slab_oob_right+0xc0/0x118 [ 17.486039] kunit_try_run_case+0x170/0x3f0 [ 17.486128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.486192] kthread+0x328/0x630 [ 17.486272] ret_from_fork+0x10/0x20 [ 17.486397] [ 17.486456] The buggy address belongs to the object at fff00000c5966240 [ 17.486456] which belongs to the cache test_cache of size 123 [ 17.486612] The buggy address is located 0 bytes to the right of [ 17.486612] allocated 123-byte region [fff00000c5966240, fff00000c59662bb) [ 17.486736] [ 17.486756] The buggy address belongs to the physical page: [ 17.486806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105966 [ 17.486918] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.486986] page_type: f5(slab) [ 17.487144] raw: 0bfffe0000000000 fff00000c590fa00 dead000000000122 0000000000000000 [ 17.487260] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.487386] page dumped because: kasan: bad access detected [ 17.487420] [ 17.487449] Memory state around the buggy address: [ 17.487481] fff00000c5966180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.487524] fff00000c5966200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.487570] >fff00000c5966280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.487608] ^ [ 17.487640] fff00000c5966300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.487683] fff00000c5966380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.487721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.863869] ================================================================== [ 16.863955] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.864032] Read of size 1 at addr fff00000c1b0b640 by task kunit_try_catch/216 [ 16.864085] [ 16.864128] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.864236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.864264] Hardware name: linux,dummy-virt (DT) [ 16.864298] Call trace: [ 16.864322] show_stack+0x20/0x38 (C) [ 16.864375] dump_stack_lvl+0x8c/0xd0 [ 16.864426] print_report+0x118/0x5d0 [ 16.864478] kasan_report+0xdc/0x128 [ 16.864521] __kasan_check_byte+0x54/0x70 [ 16.864567] kmem_cache_destroy+0x34/0x218 [ 16.864615] kmem_cache_double_destroy+0x174/0x300 [ 16.864661] kunit_try_run_case+0x170/0x3f0 [ 16.864711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.864764] kthread+0x328/0x630 [ 16.864807] ret_from_fork+0x10/0x20 [ 16.864855] [ 16.864873] Allocated by task 216: [ 16.864903] kasan_save_stack+0x3c/0x68 [ 16.864944] kasan_save_track+0x20/0x40 [ 16.865010] kasan_save_alloc_info+0x40/0x58 [ 16.865049] __kasan_slab_alloc+0xa8/0xb0 [ 16.865087] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.865129] __kmem_cache_create_args+0x178/0x280 [ 16.865169] kmem_cache_double_destroy+0xc0/0x300 [ 16.865216] kunit_try_run_case+0x170/0x3f0 [ 16.865254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.865296] kthread+0x328/0x630 [ 16.865328] ret_from_fork+0x10/0x20 [ 16.865363] [ 16.865381] Freed by task 216: [ 16.865407] kasan_save_stack+0x3c/0x68 [ 16.865444] kasan_save_track+0x20/0x40 [ 16.865481] kasan_save_free_info+0x4c/0x78 [ 16.865519] __kasan_slab_free+0x6c/0x98 [ 16.865557] kmem_cache_free+0x260/0x468 [ 16.865593] slab_kmem_cache_release+0x38/0x50 [ 16.865634] kmem_cache_release+0x1c/0x30 [ 16.865669] kobject_put+0x17c/0x420 [ 16.865706] sysfs_slab_release+0x1c/0x30 [ 16.865742] kmem_cache_destroy+0x118/0x218 [ 16.865780] kmem_cache_double_destroy+0x128/0x300 [ 16.865820] kunit_try_run_case+0x170/0x3f0 [ 16.865856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.865901] kthread+0x328/0x630 [ 16.865934] ret_from_fork+0x10/0x20 [ 16.865970] [ 16.865989] The buggy address belongs to the object at fff00000c1b0b640 [ 16.865989] which belongs to the cache kmem_cache of size 208 [ 16.866048] The buggy address is located 0 bytes inside of [ 16.866048] freed 208-byte region [fff00000c1b0b640, fff00000c1b0b710) [ 16.866110] [ 16.866131] The buggy address belongs to the physical page: [ 16.866166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0b [ 16.866230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.866284] page_type: f5(slab) [ 16.866326] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.866377] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.866420] page dumped because: kasan: bad access detected [ 16.866452] [ 16.866472] Memory state around the buggy address: [ 16.866505] fff00000c1b0b500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.866550] fff00000c1b0b580: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 16.866593] >fff00000c1b0b600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.866634] ^ [ 16.866668] fff00000c1b0b680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.866712] fff00000c1b0b700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.866752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.773535] ================================================================== [ 16.773651] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.773730] Read of size 1 at addr fff00000c5953000 by task kunit_try_catch/214 [ 16.773782] [ 16.773824] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.773913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.773941] Hardware name: linux,dummy-virt (DT) [ 16.773976] Call trace: [ 16.773999] show_stack+0x20/0x38 (C) [ 16.774052] dump_stack_lvl+0x8c/0xd0 [ 16.774104] print_report+0x118/0x5d0 [ 16.774151] kasan_report+0xdc/0x128 [ 16.774211] __asan_report_load1_noabort+0x20/0x30 [ 16.774262] kmem_cache_rcu_uaf+0x388/0x468 [ 16.774309] kunit_try_run_case+0x170/0x3f0 [ 16.774358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.774411] kthread+0x328/0x630 [ 16.774453] ret_from_fork+0x10/0x20 [ 16.774505] [ 16.774522] Allocated by task 214: [ 16.774550] kasan_save_stack+0x3c/0x68 [ 16.774592] kasan_save_track+0x20/0x40 [ 16.774628] kasan_save_alloc_info+0x40/0x58 [ 16.774668] __kasan_slab_alloc+0xa8/0xb0 [ 16.774707] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.774749] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.774788] kunit_try_run_case+0x170/0x3f0 [ 16.774825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.774869] kthread+0x328/0x630 [ 16.774901] ret_from_fork+0x10/0x20 [ 16.774937] [ 16.774955] Freed by task 0: [ 16.774982] kasan_save_stack+0x3c/0x68 [ 16.775019] kasan_save_track+0x20/0x40 [ 16.775057] kasan_save_free_info+0x4c/0x78 [ 16.775097] __kasan_slab_free+0x6c/0x98 [ 16.775132] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.775172] rcu_core+0x9f4/0x1e20 [ 16.775242] rcu_core_si+0x18/0x30 [ 16.775277] handle_softirqs+0x374/0xb28 [ 16.775313] __do_softirq+0x1c/0x28 [ 16.775347] [ 16.775365] Last potentially related work creation: [ 16.775393] kasan_save_stack+0x3c/0x68 [ 16.775431] kasan_record_aux_stack+0xb4/0xc8 [ 16.775470] kmem_cache_free+0x120/0x468 [ 16.775507] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.775543] kunit_try_run_case+0x170/0x3f0 [ 16.775582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.775625] kthread+0x328/0x630 [ 16.775656] ret_from_fork+0x10/0x20 [ 16.775691] [ 16.775709] The buggy address belongs to the object at fff00000c5953000 [ 16.775709] which belongs to the cache test_cache of size 200 [ 16.775769] The buggy address is located 0 bytes inside of [ 16.775769] freed 200-byte region [fff00000c5953000, fff00000c59530c8) [ 16.775834] [ 16.775855] The buggy address belongs to the physical page: [ 16.775889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105953 [ 16.775948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.776001] page_type: f5(slab) [ 16.776042] raw: 0bfffe0000000000 fff00000c590f780 dead000000000122 0000000000000000 [ 16.776093] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.776135] page dumped because: kasan: bad access detected [ 16.776166] [ 16.776194] Memory state around the buggy address: [ 16.776228] fff00000c5952f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776272] fff00000c5952f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776318] >fff00000c5953000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.776357] ^ [ 16.776385] fff00000c5953080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.776427] fff00000c5953100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776470] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.399548] ================================================================== [ 16.399637] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.399710] Free of addr fff00000c5952001 by task kunit_try_catch/212 [ 16.399754] [ 16.399795] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.399884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.399910] Hardware name: linux,dummy-virt (DT) [ 16.399944] Call trace: [ 16.399966] show_stack+0x20/0x38 (C) [ 16.400035] dump_stack_lvl+0x8c/0xd0 [ 16.400085] print_report+0x118/0x5d0 [ 16.400140] kasan_report_invalid_free+0xc0/0xe8 [ 16.400203] check_slab_allocation+0xfc/0x108 [ 16.400252] __kasan_slab_pre_free+0x2c/0x48 [ 16.400298] kmem_cache_free+0xf0/0x468 [ 16.400372] kmem_cache_invalid_free+0x184/0x3c8 [ 16.400418] kunit_try_run_case+0x170/0x3f0 [ 16.400476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.400549] kthread+0x328/0x630 [ 16.400593] ret_from_fork+0x10/0x20 [ 16.400642] [ 16.400659] Allocated by task 212: [ 16.400944] kasan_save_stack+0x3c/0x68 [ 16.401020] kasan_save_track+0x20/0x40 [ 16.401166] kasan_save_alloc_info+0x40/0x58 [ 16.401384] __kasan_slab_alloc+0xa8/0xb0 [ 16.401518] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.401627] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.401737] kunit_try_run_case+0x170/0x3f0 [ 16.401802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.401846] kthread+0x328/0x630 [ 16.401876] ret_from_fork+0x10/0x20 [ 16.401934] [ 16.401955] The buggy address belongs to the object at fff00000c5952000 [ 16.401955] which belongs to the cache test_cache of size 200 [ 16.402016] The buggy address is located 1 bytes inside of [ 16.402016] 200-byte region [fff00000c5952000, fff00000c59520c8) [ 16.402346] [ 16.402421] The buggy address belongs to the physical page: [ 16.402582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105952 [ 16.402644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.402871] page_type: f5(slab) [ 16.403111] raw: 0bfffe0000000000 fff00000c590f640 dead000000000122 0000000000000000 [ 16.403247] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.403366] page dumped because: kasan: bad access detected [ 16.403444] [ 16.403521] Memory state around the buggy address: [ 16.403553] fff00000c5951f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403623] fff00000c5951f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403909] >fff00000c5952000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.404094] ^ [ 16.404212] fff00000c5952080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.404277] fff00000c5952100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404376] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.360515] ================================================================== [ 16.360612] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.360744] Free of addr fff00000c594f000 by task kunit_try_catch/210 [ 16.360819] [ 16.361250] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.361792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.361873] Hardware name: linux,dummy-virt (DT) [ 16.361991] Call trace: [ 16.362042] show_stack+0x20/0x38 (C) [ 16.362268] dump_stack_lvl+0x8c/0xd0 [ 16.362365] print_report+0x118/0x5d0 [ 16.362747] kasan_report_invalid_free+0xc0/0xe8 [ 16.362851] check_slab_allocation+0xd4/0x108 [ 16.363017] __kasan_slab_pre_free+0x2c/0x48 [ 16.363099] kmem_cache_free+0xf0/0x468 [ 16.363463] kmem_cache_double_free+0x190/0x3c8 [ 16.363555] kunit_try_run_case+0x170/0x3f0 [ 16.363852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.364255] kthread+0x328/0x630 [ 16.364370] ret_from_fork+0x10/0x20 [ 16.364547] [ 16.364678] Allocated by task 210: [ 16.364801] kasan_save_stack+0x3c/0x68 [ 16.364847] kasan_save_track+0x20/0x40 [ 16.364883] kasan_save_alloc_info+0x40/0x58 [ 16.365164] __kasan_slab_alloc+0xa8/0xb0 [ 16.365252] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.365343] kmem_cache_double_free+0x12c/0x3c8 [ 16.365385] kunit_try_run_case+0x170/0x3f0 [ 16.365423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.365464] kthread+0x328/0x630 [ 16.365507] ret_from_fork+0x10/0x20 [ 16.365542] [ 16.365796] Freed by task 210: [ 16.365920] kasan_save_stack+0x3c/0x68 [ 16.365980] kasan_save_track+0x20/0x40 [ 16.366020] kasan_save_free_info+0x4c/0x78 [ 16.366420] __kasan_slab_free+0x6c/0x98 [ 16.366527] kmem_cache_free+0x260/0x468 [ 16.366675] kmem_cache_double_free+0x140/0x3c8 [ 16.366763] kunit_try_run_case+0x170/0x3f0 [ 16.366963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.367011] kthread+0x328/0x630 [ 16.367387] ret_from_fork+0x10/0x20 [ 16.367461] [ 16.367528] The buggy address belongs to the object at fff00000c594f000 [ 16.367528] which belongs to the cache test_cache of size 200 [ 16.367630] The buggy address is located 0 bytes inside of [ 16.367630] 200-byte region [fff00000c594f000, fff00000c594f0c8) [ 16.367810] [ 16.367889] The buggy address belongs to the physical page: [ 16.368169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594f [ 16.368272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.368427] page_type: f5(slab) [ 16.368602] raw: 0bfffe0000000000 fff00000c590f500 dead000000000122 0000000000000000 [ 16.368690] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.368759] page dumped because: kasan: bad access detected [ 16.369076] [ 16.369362] Memory state around the buggy address: [ 16.369477] fff00000c594ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.369534] fff00000c594ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.369586] >fff00000c594f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.369922] ^ [ 16.370060] fff00000c594f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.370241] fff00000c594f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.370329] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 16.076164] ================================================================== [ 16.076238] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 16.076294] Read of size 1 at addr fff00000c594d0c8 by task kunit_try_catch/208 [ 16.076345] [ 16.076380] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.076466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.076493] Hardware name: linux,dummy-virt (DT) [ 16.076526] Call trace: [ 16.076546] show_stack+0x20/0x38 (C) [ 16.076597] dump_stack_lvl+0x8c/0xd0 [ 16.076644] print_report+0x118/0x5d0 [ 16.076689] kasan_report+0xdc/0x128 [ 16.076735] __asan_report_load1_noabort+0x20/0x30 [ 16.076786] kmem_cache_oob+0x344/0x430 [ 16.076829] kunit_try_run_case+0x170/0x3f0 [ 16.076877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.076930] kthread+0x328/0x630 [ 16.076986] ret_from_fork+0x10/0x20 [ 16.077238] [ 16.077346] Allocated by task 208: [ 16.077649] kasan_save_stack+0x3c/0x68 [ 16.077814] kasan_save_track+0x20/0x40 [ 16.077912] kasan_save_alloc_info+0x40/0x58 [ 16.078002] __kasan_slab_alloc+0xa8/0xb0 [ 16.078092] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.078213] kmem_cache_oob+0x12c/0x430 [ 16.078291] kunit_try_run_case+0x170/0x3f0 [ 16.078364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.078428] kthread+0x328/0x630 [ 16.078458] ret_from_fork+0x10/0x20 [ 16.078905] [ 16.078974] The buggy address belongs to the object at fff00000c594d000 [ 16.078974] which belongs to the cache test_cache of size 200 [ 16.079097] The buggy address is located 0 bytes to the right of [ 16.079097] allocated 200-byte region [fff00000c594d000, fff00000c594d0c8) [ 16.079259] [ 16.079305] The buggy address belongs to the physical page: [ 16.079354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594d [ 16.079620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.079917] page_type: f5(slab) [ 16.079976] raw: 0bfffe0000000000 fff00000c590f3c0 dead000000000122 0000000000000000 [ 16.080154] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.080293] page dumped because: kasan: bad access detected [ 16.080345] [ 16.080362] Memory state around the buggy address: [ 16.080429] fff00000c594cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.080837] fff00000c594d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.080890] >fff00000c594d080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.080967] ^ [ 16.081002] fff00000c594d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081044] fff00000c594d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081083] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 16.054779] ================================================================== [ 16.054861] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 16.054927] Read of size 8 at addr fff00000c5947200 by task kunit_try_catch/201 [ 16.054978] [ 16.055017] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.055104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.055140] Hardware name: linux,dummy-virt (DT) [ 16.055210] Call trace: [ 16.055236] show_stack+0x20/0x38 (C) [ 16.055293] dump_stack_lvl+0x8c/0xd0 [ 16.055343] print_report+0x118/0x5d0 [ 16.055389] kasan_report+0xdc/0x128 [ 16.055433] __asan_report_load8_noabort+0x20/0x30 [ 16.055483] workqueue_uaf+0x480/0x4a8 [ 16.055526] kunit_try_run_case+0x170/0x3f0 [ 16.055584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.055636] kthread+0x328/0x630 [ 16.055677] ret_from_fork+0x10/0x20 [ 16.055734] [ 16.055752] Allocated by task 201: [ 16.055782] kasan_save_stack+0x3c/0x68 [ 16.055823] kasan_save_track+0x20/0x40 [ 16.055861] kasan_save_alloc_info+0x40/0x58 [ 16.055901] __kasan_kmalloc+0xd4/0xd8 [ 16.055945] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.055994] workqueue_uaf+0x13c/0x4a8 [ 16.056030] kunit_try_run_case+0x170/0x3f0 [ 16.056068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.056111] kthread+0x328/0x630 [ 16.056141] ret_from_fork+0x10/0x20 [ 16.056177] [ 16.056203] Freed by task 58: [ 16.056229] kasan_save_stack+0x3c/0x68 [ 16.056265] kasan_save_track+0x20/0x40 [ 16.056302] kasan_save_free_info+0x4c/0x78 [ 16.056341] __kasan_slab_free+0x6c/0x98 [ 16.056377] kfree+0x214/0x3c8 [ 16.056408] workqueue_uaf_work+0x18/0x30 [ 16.056443] process_one_work+0x530/0xf98 [ 16.056484] worker_thread+0x618/0xf38 [ 16.056517] kthread+0x328/0x630 [ 16.056547] ret_from_fork+0x10/0x20 [ 16.056583] [ 16.056601] Last potentially related work creation: [ 16.056627] kasan_save_stack+0x3c/0x68 [ 16.056664] kasan_record_aux_stack+0xb4/0xc8 [ 16.056705] __queue_work+0x65c/0x1008 [ 16.056739] queue_work_on+0xbc/0xf8 [ 16.056773] workqueue_uaf+0x210/0x4a8 [ 16.056809] kunit_try_run_case+0x170/0x3f0 [ 16.056845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.056888] kthread+0x328/0x630 [ 16.056918] ret_from_fork+0x10/0x20 [ 16.056987] [ 16.057016] The buggy address belongs to the object at fff00000c5947200 [ 16.057016] which belongs to the cache kmalloc-32 of size 32 [ 16.057115] The buggy address is located 0 bytes inside of [ 16.057115] freed 32-byte region [fff00000c5947200, fff00000c5947220) [ 16.057221] [ 16.057302] The buggy address belongs to the physical page: [ 16.057385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105947 [ 16.057447] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.057618] page_type: f5(slab) [ 16.057735] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.057922] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.058024] page dumped because: kasan: bad access detected [ 16.058072] [ 16.058089] Memory state around the buggy address: [ 16.058172] fff00000c5947100: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 16.058244] fff00000c5947180: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 16.058288] >fff00000c5947200: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.058325] ^ [ 16.058352] fff00000c5947280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058395] fff00000c5947300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.058434] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.971514] ================================================================== [ 15.976216] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.976462] Read of size 4 at addr fff00000c5947000 by task swapper/1/0 [ 15.977213] [ 15.977271] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.978176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.978310] Hardware name: linux,dummy-virt (DT) [ 15.978879] Call trace: [ 15.979320] show_stack+0x20/0x38 (C) [ 15.980045] dump_stack_lvl+0x8c/0xd0 [ 15.980702] print_report+0x118/0x5d0 [ 15.980946] kasan_report+0xdc/0x128 [ 15.981357] __asan_report_load4_noabort+0x20/0x30 [ 15.981408] rcu_uaf_reclaim+0x64/0x70 [ 15.982238] rcu_core+0x9f4/0x1e20 [ 15.982928] rcu_core_si+0x18/0x30 [ 15.983323] handle_softirqs+0x374/0xb28 [ 15.983785] __do_softirq+0x1c/0x28 [ 15.983959] ____do_softirq+0x18/0x30 [ 15.984316] call_on_irq_stack+0x24/0x30 [ 15.984362] do_softirq_own_stack+0x24/0x38 [ 15.984409] __irq_exit_rcu+0x1fc/0x318 [ 15.985258] irq_exit_rcu+0x1c/0x80 [ 15.985315] el1_interrupt+0x38/0x58 [ 15.985365] el1h_64_irq_handler+0x18/0x28 [ 15.985411] el1h_64_irq+0x6c/0x70 [ 15.986562] arch_local_irq_enable+0x4/0x8 (P) [ 15.987285] do_idle+0x384/0x4e8 [ 15.987393] cpu_startup_entry+0x64/0x80 [ 15.987440] secondary_start_kernel+0x288/0x340 [ 15.987488] __secondary_switched+0xc0/0xc8 [ 15.988482] [ 15.988644] Allocated by task 199: [ 15.989395] kasan_save_stack+0x3c/0x68 [ 15.989811] kasan_save_track+0x20/0x40 [ 15.989866] kasan_save_alloc_info+0x40/0x58 [ 15.990452] __kasan_kmalloc+0xd4/0xd8 [ 15.991192] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.991287] rcu_uaf+0xb0/0x2d8 [ 15.991417] kunit_try_run_case+0x170/0x3f0 [ 15.991507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.991586] kthread+0x328/0x630 [ 15.991623] ret_from_fork+0x10/0x20 [ 15.991660] [ 15.991680] Freed by task 0: [ 15.992152] kasan_save_stack+0x3c/0x68 [ 15.992591] kasan_save_track+0x20/0x40 [ 15.992642] kasan_save_free_info+0x4c/0x78 [ 15.992682] __kasan_slab_free+0x6c/0x98 [ 15.992721] kfree+0x214/0x3c8 [ 15.993633] rcu_uaf_reclaim+0x28/0x70 [ 15.993712] rcu_core+0x9f4/0x1e20 [ 15.993749] rcu_core_si+0x18/0x30 [ 15.994383] handle_softirqs+0x374/0xb28 [ 15.994436] __do_softirq+0x1c/0x28 [ 15.994750] [ 15.995611] Last potentially related work creation: [ 15.995848] kasan_save_stack+0x3c/0x68 [ 15.996289] kasan_record_aux_stack+0xb4/0xc8 [ 15.996414] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.996990] call_rcu+0x18/0x30 [ 15.997103] rcu_uaf+0x14c/0x2d8 [ 15.997138] kunit_try_run_case+0x170/0x3f0 [ 15.997177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.997231] kthread+0x328/0x630 [ 15.997264] ret_from_fork+0x10/0x20 [ 15.998358] [ 15.998411] The buggy address belongs to the object at fff00000c5947000 [ 15.998411] which belongs to the cache kmalloc-32 of size 32 [ 15.998481] The buggy address is located 0 bytes inside of [ 15.998481] freed 32-byte region [fff00000c5947000, fff00000c5947020) [ 15.999996] [ 16.000098] The buggy address belongs to the physical page: [ 16.000152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105947 [ 16.000225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.001054] page_type: f5(slab) [ 16.001379] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.001438] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.001833] page dumped because: kasan: bad access detected [ 16.002007] [ 16.002029] Memory state around the buggy address: [ 16.002388] fff00000c5946f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.002534] fff00000c5946f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.002579] >fff00000c5947000: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 16.002617] ^ [ 16.002645] fff00000c5947080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003176] fff00000c5947100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.004088] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.867356] ================================================================== [ 15.867421] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.867476] Read of size 1 at addr fff00000c592cf00 by task kunit_try_catch/197 [ 15.867527] [ 15.867560] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.867645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.867670] Hardware name: linux,dummy-virt (DT) [ 15.867699] Call trace: [ 15.867722] show_stack+0x20/0x38 (C) [ 15.867769] dump_stack_lvl+0x8c/0xd0 [ 15.868413] print_report+0x118/0x5d0 [ 15.868953] kasan_report+0xdc/0x128 [ 15.869355] __kasan_check_byte+0x54/0x70 [ 15.869407] ksize+0x30/0x88 [ 15.869451] ksize_uaf+0x168/0x5f8 [ 15.869502] kunit_try_run_case+0x170/0x3f0 [ 15.869931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.869993] kthread+0x328/0x630 [ 15.870038] ret_from_fork+0x10/0x20 [ 15.870216] [ 15.870240] Allocated by task 197: [ 15.870285] kasan_save_stack+0x3c/0x68 [ 15.870456] kasan_save_track+0x20/0x40 [ 15.870533] kasan_save_alloc_info+0x40/0x58 [ 15.870972] __kasan_kmalloc+0xd4/0xd8 [ 15.871155] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.871419] ksize_uaf+0xb8/0x5f8 [ 15.871463] kunit_try_run_case+0x170/0x3f0 [ 15.871738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.872224] kthread+0x328/0x630 [ 15.872266] ret_from_fork+0x10/0x20 [ 15.872301] [ 15.872586] Freed by task 197: [ 15.872737] kasan_save_stack+0x3c/0x68 [ 15.872978] kasan_save_track+0x20/0x40 [ 15.873075] kasan_save_free_info+0x4c/0x78 [ 15.873116] __kasan_slab_free+0x6c/0x98 [ 15.873153] kfree+0x214/0x3c8 [ 15.873251] ksize_uaf+0x11c/0x5f8 [ 15.873288] kunit_try_run_case+0x170/0x3f0 [ 15.873379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.873548] kthread+0x328/0x630 [ 15.873595] ret_from_fork+0x10/0x20 [ 15.873739] [ 15.873878] The buggy address belongs to the object at fff00000c592cf00 [ 15.873878] which belongs to the cache kmalloc-128 of size 128 [ 15.874251] The buggy address is located 0 bytes inside of [ 15.874251] freed 128-byte region [fff00000c592cf00, fff00000c592cf80) [ 15.874544] [ 15.874566] The buggy address belongs to the physical page: [ 15.874599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.874995] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.875061] page_type: f5(slab) [ 15.875101] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.875188] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.875488] page dumped because: kasan: bad access detected [ 15.875540] [ 15.875557] Memory state around the buggy address: [ 15.875852] fff00000c592ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.876212] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.876398] >fff00000c592cf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.876693] ^ [ 15.876776] fff00000c592cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.876821] fff00000c592d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.877311] ================================================================== [ 15.878316] ================================================================== [ 15.878372] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.878421] Read of size 1 at addr fff00000c592cf00 by task kunit_try_catch/197 [ 15.878471] [ 15.878900] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.879010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.879720] Hardware name: linux,dummy-virt (DT) [ 15.879969] Call trace: [ 15.880005] show_stack+0x20/0x38 (C) [ 15.880108] dump_stack_lvl+0x8c/0xd0 [ 15.880318] print_report+0x118/0x5d0 [ 15.880382] kasan_report+0xdc/0x128 [ 15.880628] __asan_report_load1_noabort+0x20/0x30 [ 15.880741] ksize_uaf+0x598/0x5f8 [ 15.880785] kunit_try_run_case+0x170/0x3f0 [ 15.880831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.880883] kthread+0x328/0x630 [ 15.880926] ret_from_fork+0x10/0x20 [ 15.881350] [ 15.881464] Allocated by task 197: [ 15.881691] kasan_save_stack+0x3c/0x68 [ 15.881737] kasan_save_track+0x20/0x40 [ 15.881776] kasan_save_alloc_info+0x40/0x58 [ 15.881815] __kasan_kmalloc+0xd4/0xd8 [ 15.881851] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.881890] ksize_uaf+0xb8/0x5f8 [ 15.882447] kunit_try_run_case+0x170/0x3f0 [ 15.882907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.882963] kthread+0x328/0x630 [ 15.882997] ret_from_fork+0x10/0x20 [ 15.883032] [ 15.883051] Freed by task 197: [ 15.883078] kasan_save_stack+0x3c/0x68 [ 15.883115] kasan_save_track+0x20/0x40 [ 15.883926] kasan_save_free_info+0x4c/0x78 [ 15.884201] __kasan_slab_free+0x6c/0x98 [ 15.884269] kfree+0x214/0x3c8 [ 15.884315] ksize_uaf+0x11c/0x5f8 [ 15.884348] kunit_try_run_case+0x170/0x3f0 [ 15.884544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.884594] kthread+0x328/0x630 [ 15.884685] ret_from_fork+0x10/0x20 [ 15.884743] [ 15.885096] The buggy address belongs to the object at fff00000c592cf00 [ 15.885096] which belongs to the cache kmalloc-128 of size 128 [ 15.885349] The buggy address is located 0 bytes inside of [ 15.885349] freed 128-byte region [fff00000c592cf00, fff00000c592cf80) [ 15.885415] [ 15.885435] The buggy address belongs to the physical page: [ 15.885589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.885670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.886132] page_type: f5(slab) [ 15.886173] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.886355] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.886763] page dumped because: kasan: bad access detected [ 15.886801] [ 15.887016] Memory state around the buggy address: [ 15.887129] fff00000c592ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.887380] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.887431] >fff00000c592cf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.887886] ^ [ 15.888012] fff00000c592cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.888057] fff00000c592d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.888096] ================================================================== [ 15.890099] ================================================================== [ 15.890419] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.890613] Read of size 1 at addr fff00000c592cf78 by task kunit_try_catch/197 [ 15.890781] [ 15.890969] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.891054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.891081] Hardware name: linux,dummy-virt (DT) [ 15.891576] Call trace: [ 15.891630] show_stack+0x20/0x38 (C) [ 15.891913] dump_stack_lvl+0x8c/0xd0 [ 15.892058] print_report+0x118/0x5d0 [ 15.892105] kasan_report+0xdc/0x128 [ 15.892149] __asan_report_load1_noabort+0x20/0x30 [ 15.892244] ksize_uaf+0x544/0x5f8 [ 15.892288] kunit_try_run_case+0x170/0x3f0 [ 15.892346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.892640] kthread+0x328/0x630 [ 15.892933] ret_from_fork+0x10/0x20 [ 15.893337] [ 15.893372] Allocated by task 197: [ 15.893405] kasan_save_stack+0x3c/0x68 [ 15.893498] kasan_save_track+0x20/0x40 [ 15.893539] kasan_save_alloc_info+0x40/0x58 [ 15.893713] __kasan_kmalloc+0xd4/0xd8 [ 15.893764] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.894109] ksize_uaf+0xb8/0x5f8 [ 15.894145] kunit_try_run_case+0x170/0x3f0 [ 15.894633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.894688] kthread+0x328/0x630 [ 15.894724] ret_from_fork+0x10/0x20 [ 15.894762] [ 15.894781] Freed by task 197: [ 15.894807] kasan_save_stack+0x3c/0x68 [ 15.894848] kasan_save_track+0x20/0x40 [ 15.895400] kasan_save_free_info+0x4c/0x78 [ 15.895783] __kasan_slab_free+0x6c/0x98 [ 15.895846] kfree+0x214/0x3c8 [ 15.895880] ksize_uaf+0x11c/0x5f8 [ 15.895913] kunit_try_run_case+0x170/0x3f0 [ 15.895949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.896348] kthread+0x328/0x630 [ 15.896400] ret_from_fork+0x10/0x20 [ 15.896483] [ 15.896791] The buggy address belongs to the object at fff00000c592cf00 [ 15.896791] which belongs to the cache kmalloc-128 of size 128 [ 15.897000] The buggy address is located 120 bytes inside of [ 15.897000] freed 128-byte region [fff00000c592cf00, fff00000c592cf80) [ 15.897127] [ 15.897342] The buggy address belongs to the physical page: [ 15.897373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.897584] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.897639] page_type: f5(slab) [ 15.898213] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.898515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.898561] page dumped because: kasan: bad access detected [ 15.898593] [ 15.898612] Memory state around the buggy address: [ 15.898644] fff00000c592ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.898689] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899112] >fff00000c592cf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.899154] ^ [ 15.899337] fff00000c592cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899398] fff00000c592d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.899439] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.829881] ================================================================== [ 15.829932] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.829984] Read of size 1 at addr fff00000c592ce78 by task kunit_try_catch/195 [ 15.830033] [ 15.830064] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.831526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.831573] Hardware name: linux,dummy-virt (DT) [ 15.831870] Call trace: [ 15.832007] show_stack+0x20/0x38 (C) [ 15.832061] dump_stack_lvl+0x8c/0xd0 [ 15.832384] print_report+0x118/0x5d0 [ 15.832540] kasan_report+0xdc/0x128 [ 15.832588] __asan_report_load1_noabort+0x20/0x30 [ 15.832864] ksize_unpoisons_memory+0x618/0x740 [ 15.833200] kunit_try_run_case+0x170/0x3f0 [ 15.833547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.833833] kthread+0x328/0x630 [ 15.834077] ret_from_fork+0x10/0x20 [ 15.834131] [ 15.834270] Allocated by task 195: [ 15.834343] kasan_save_stack+0x3c/0x68 [ 15.834721] kasan_save_track+0x20/0x40 [ 15.834763] kasan_save_alloc_info+0x40/0x58 [ 15.834915] __kasan_kmalloc+0xd4/0xd8 [ 15.835134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.835494] ksize_unpoisons_memory+0xc0/0x740 [ 15.835541] kunit_try_run_case+0x170/0x3f0 [ 15.835776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.835826] kthread+0x328/0x630 [ 15.836253] ret_from_fork+0x10/0x20 [ 15.836370] [ 15.836389] The buggy address belongs to the object at fff00000c592ce00 [ 15.836389] which belongs to the cache kmalloc-128 of size 128 [ 15.836948] The buggy address is located 5 bytes to the right of [ 15.836948] allocated 115-byte region [fff00000c592ce00, fff00000c592ce73) [ 15.837220] [ 15.837244] The buggy address belongs to the physical page: [ 15.837419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.837512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.837914] page_type: f5(slab) [ 15.838325] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.838624] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.838896] page dumped because: kasan: bad access detected [ 15.839273] [ 15.839360] Memory state around the buggy address: [ 15.839815] fff00000c592cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.839989] fff00000c592cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840239] >fff00000c592ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.840283] ^ [ 15.840326] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840370] fff00000c592cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840410] ================================================================== [ 15.816405] ================================================================== [ 15.816479] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.816537] Read of size 1 at addr fff00000c592ce73 by task kunit_try_catch/195 [ 15.816589] [ 15.816624] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.816706] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.818730] Hardware name: linux,dummy-virt (DT) [ 15.818784] Call trace: [ 15.818853] show_stack+0x20/0x38 (C) [ 15.818911] dump_stack_lvl+0x8c/0xd0 [ 15.818961] print_report+0x118/0x5d0 [ 15.819008] kasan_report+0xdc/0x128 [ 15.819053] __asan_report_load1_noabort+0x20/0x30 [ 15.819104] ksize_unpoisons_memory+0x628/0x740 [ 15.819152] kunit_try_run_case+0x170/0x3f0 [ 15.819297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.819683] kthread+0x328/0x630 [ 15.819968] ret_from_fork+0x10/0x20 [ 15.820023] [ 15.820042] Allocated by task 195: [ 15.820455] kasan_save_stack+0x3c/0x68 [ 15.820554] kasan_save_track+0x20/0x40 [ 15.820812] kasan_save_alloc_info+0x40/0x58 [ 15.820910] __kasan_kmalloc+0xd4/0xd8 [ 15.821275] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.821618] ksize_unpoisons_memory+0xc0/0x740 [ 15.821944] kunit_try_run_case+0x170/0x3f0 [ 15.822398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.822551] kthread+0x328/0x630 [ 15.822954] ret_from_fork+0x10/0x20 [ 15.823431] [ 15.823510] The buggy address belongs to the object at fff00000c592ce00 [ 15.823510] which belongs to the cache kmalloc-128 of size 128 [ 15.823572] The buggy address is located 0 bytes to the right of [ 15.823572] allocated 115-byte region [fff00000c592ce00, fff00000c592ce73) [ 15.823646] [ 15.823993] The buggy address belongs to the physical page: [ 15.824208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.824839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.824944] page_type: f5(slab) [ 15.825515] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.825647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.825899] page dumped because: kasan: bad access detected [ 15.826072] [ 15.826089] Memory state around the buggy address: [ 15.826518] fff00000c592cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.826685] fff00000c592cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.826969] >fff00000c592ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.827212] ^ [ 15.827413] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827640] fff00000c592cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827882] ================================================================== [ 15.841903] ================================================================== [ 15.841956] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.842009] Read of size 1 at addr fff00000c592ce7f by task kunit_try_catch/195 [ 15.842060] [ 15.843241] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.843382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.843410] Hardware name: linux,dummy-virt (DT) [ 15.843900] Call trace: [ 15.843937] show_stack+0x20/0x38 (C) [ 15.844166] dump_stack_lvl+0x8c/0xd0 [ 15.844391] print_report+0x118/0x5d0 [ 15.844613] kasan_report+0xdc/0x128 [ 15.845031] __asan_report_load1_noabort+0x20/0x30 [ 15.845399] ksize_unpoisons_memory+0x690/0x740 [ 15.845656] kunit_try_run_case+0x170/0x3f0 [ 15.845818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.845874] kthread+0x328/0x630 [ 15.846252] ret_from_fork+0x10/0x20 [ 15.846680] [ 15.846785] Allocated by task 195: [ 15.846820] kasan_save_stack+0x3c/0x68 [ 15.847327] kasan_save_track+0x20/0x40 [ 15.847897] kasan_save_alloc_info+0x40/0x58 [ 15.848004] __kasan_kmalloc+0xd4/0xd8 [ 15.848333] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.848388] ksize_unpoisons_memory+0xc0/0x740 [ 15.848751] kunit_try_run_case+0x170/0x3f0 [ 15.848795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.848838] kthread+0x328/0x630 [ 15.848869] ret_from_fork+0x10/0x20 [ 15.848905] [ 15.848925] The buggy address belongs to the object at fff00000c592ce00 [ 15.848925] which belongs to the cache kmalloc-128 of size 128 [ 15.848993] The buggy address is located 12 bytes to the right of [ 15.848993] allocated 115-byte region [fff00000c592ce00, fff00000c592ce73) [ 15.849699] [ 15.849723] The buggy address belongs to the physical page: [ 15.849767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.850003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.850054] page_type: f5(slab) [ 15.850386] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.850462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.850540] page dumped because: kasan: bad access detected [ 15.850584] [ 15.850663] Memory state around the buggy address: [ 15.850696] fff00000c592cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.850743] fff00000c592cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.850788] >fff00000c592ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.850827] ^ [ 15.851383] fff00000c592ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.851946] fff00000c592cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.851991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.784737] ================================================================== [ 15.785111] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.785988] Free of addr fff00000c591d600 by task kunit_try_catch/193 [ 15.786043] [ 15.786076] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.786856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.787057] Hardware name: linux,dummy-virt (DT) [ 15.787142] Call trace: [ 15.787167] show_stack+0x20/0x38 (C) [ 15.787228] dump_stack_lvl+0x8c/0xd0 [ 15.787279] print_report+0x118/0x5d0 [ 15.787550] kasan_report_invalid_free+0xc0/0xe8 [ 15.788128] check_slab_allocation+0xd4/0x108 [ 15.788489] __kasan_slab_pre_free+0x2c/0x48 [ 15.788556] kfree+0xe8/0x3c8 [ 15.788597] kfree_sensitive+0x3c/0xb0 [ 15.788920] kmalloc_double_kzfree+0x168/0x308 [ 15.789058] kunit_try_run_case+0x170/0x3f0 [ 15.789104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.789165] kthread+0x328/0x630 [ 15.789426] ret_from_fork+0x10/0x20 [ 15.789793] [ 15.789818] Allocated by task 193: [ 15.790148] kasan_save_stack+0x3c/0x68 [ 15.790435] kasan_save_track+0x20/0x40 [ 15.790718] kasan_save_alloc_info+0x40/0x58 [ 15.790768] __kasan_kmalloc+0xd4/0xd8 [ 15.790810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.790851] kmalloc_double_kzfree+0xb8/0x308 [ 15.791474] kunit_try_run_case+0x170/0x3f0 [ 15.791802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.791860] kthread+0x328/0x630 [ 15.791969] ret_from_fork+0x10/0x20 [ 15.792076] [ 15.792146] Freed by task 193: [ 15.792269] kasan_save_stack+0x3c/0x68 [ 15.792377] kasan_save_track+0x20/0x40 [ 15.792416] kasan_save_free_info+0x4c/0x78 [ 15.792463] __kasan_slab_free+0x6c/0x98 [ 15.792499] kfree+0x214/0x3c8 [ 15.792532] kfree_sensitive+0x80/0xb0 [ 15.792567] kmalloc_double_kzfree+0x11c/0x308 [ 15.793019] kunit_try_run_case+0x170/0x3f0 [ 15.793112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.793299] kthread+0x328/0x630 [ 15.793336] ret_from_fork+0x10/0x20 [ 15.793515] [ 15.793543] The buggy address belongs to the object at fff00000c591d600 [ 15.793543] which belongs to the cache kmalloc-16 of size 16 [ 15.793908] The buggy address is located 0 bytes inside of [ 15.793908] 16-byte region [fff00000c591d600, fff00000c591d610) [ 15.794177] [ 15.794246] The buggy address belongs to the physical page: [ 15.794329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.794632] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.794900] page_type: f5(slab) [ 15.795010] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.795213] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.795257] page dumped because: kasan: bad access detected [ 15.795289] [ 15.795307] Memory state around the buggy address: [ 15.795707] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.796038] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.796089] >fff00000c591d600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796128] ^ [ 15.796156] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796360] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796449] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.770137] ================================================================== [ 15.770214] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.770274] Read of size 1 at addr fff00000c591d600 by task kunit_try_catch/193 [ 15.770325] [ 15.770359] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.770636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.770904] Hardware name: linux,dummy-virt (DT) [ 15.771192] Call trace: [ 15.771265] show_stack+0x20/0x38 (C) [ 15.772024] dump_stack_lvl+0x8c/0xd0 [ 15.772167] print_report+0x118/0x5d0 [ 15.772344] kasan_report+0xdc/0x128 [ 15.772693] __kasan_check_byte+0x54/0x70 [ 15.773300] kfree_sensitive+0x30/0xb0 [ 15.773378] kmalloc_double_kzfree+0x168/0x308 [ 15.773428] kunit_try_run_case+0x170/0x3f0 [ 15.773565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.773793] kthread+0x328/0x630 [ 15.773972] ret_from_fork+0x10/0x20 [ 15.774522] [ 15.774542] Allocated by task 193: [ 15.774998] kasan_save_stack+0x3c/0x68 [ 15.775313] kasan_save_track+0x20/0x40 [ 15.775354] kasan_save_alloc_info+0x40/0x58 [ 15.775397] __kasan_kmalloc+0xd4/0xd8 [ 15.775435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.775961] kmalloc_double_kzfree+0xb8/0x308 [ 15.776263] kunit_try_run_case+0x170/0x3f0 [ 15.776539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.776653] kthread+0x328/0x630 [ 15.776848] ret_from_fork+0x10/0x20 [ 15.776991] [ 15.777065] Freed by task 193: [ 15.777092] kasan_save_stack+0x3c/0x68 [ 15.777225] kasan_save_track+0x20/0x40 [ 15.777262] kasan_save_free_info+0x4c/0x78 [ 15.777305] __kasan_slab_free+0x6c/0x98 [ 15.777341] kfree+0x214/0x3c8 [ 15.777898] kfree_sensitive+0x80/0xb0 [ 15.777982] kmalloc_double_kzfree+0x11c/0x308 [ 15.778251] kunit_try_run_case+0x170/0x3f0 [ 15.778521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.778680] kthread+0x328/0x630 [ 15.778836] ret_from_fork+0x10/0x20 [ 15.778872] [ 15.778893] The buggy address belongs to the object at fff00000c591d600 [ 15.778893] which belongs to the cache kmalloc-16 of size 16 [ 15.778953] The buggy address is located 0 bytes inside of [ 15.778953] freed 16-byte region [fff00000c591d600, fff00000c591d610) [ 15.779014] [ 15.779524] The buggy address belongs to the physical page: [ 15.780053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.780400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.780592] page_type: f5(slab) [ 15.780751] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.780956] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.780999] page dumped because: kasan: bad access detected [ 15.781032] [ 15.781283] Memory state around the buggy address: [ 15.781395] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.781504] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.781816] >fff00000c591d600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781965] ^ [ 15.781997] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782515] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782562] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.731606] ================================================================== [ 15.731669] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.731725] Read of size 1 at addr fff00000c594b1a8 by task kunit_try_catch/189 [ 15.731775] [ 15.731809] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.731890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.731918] Hardware name: linux,dummy-virt (DT) [ 15.731951] Call trace: [ 15.731972] show_stack+0x20/0x38 (C) [ 15.732021] dump_stack_lvl+0x8c/0xd0 [ 15.732067] print_report+0x118/0x5d0 [ 15.732113] kasan_report+0xdc/0x128 [ 15.732156] __asan_report_load1_noabort+0x20/0x30 [ 15.732221] kmalloc_uaf2+0x3f4/0x468 [ 15.732264] kunit_try_run_case+0x170/0x3f0 [ 15.733334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.733537] kthread+0x328/0x630 [ 15.733650] ret_from_fork+0x10/0x20 [ 15.733765] [ 15.733784] Allocated by task 189: [ 15.733896] kasan_save_stack+0x3c/0x68 [ 15.734691] kasan_save_track+0x20/0x40 [ 15.736023] kasan_save_alloc_info+0x40/0x58 [ 15.736546] __kasan_kmalloc+0xd4/0xd8 [ 15.736591] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.736769] kmalloc_uaf2+0xc4/0x468 [ 15.737010] kunit_try_run_case+0x170/0x3f0 [ 15.737081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.737306] kthread+0x328/0x630 [ 15.737340] ret_from_fork+0x10/0x20 [ 15.737376] [ 15.737396] Freed by task 189: [ 15.737422] kasan_save_stack+0x3c/0x68 [ 15.737657] kasan_save_track+0x20/0x40 [ 15.738216] kasan_save_free_info+0x4c/0x78 [ 15.738363] __kasan_slab_free+0x6c/0x98 [ 15.738403] kfree+0x214/0x3c8 [ 15.738773] kmalloc_uaf2+0x134/0x468 [ 15.738947] kunit_try_run_case+0x170/0x3f0 [ 15.739061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.739106] kthread+0x328/0x630 [ 15.739138] ret_from_fork+0x10/0x20 [ 15.739451] [ 15.739944] The buggy address belongs to the object at fff00000c594b180 [ 15.739944] which belongs to the cache kmalloc-64 of size 64 [ 15.740310] The buggy address is located 40 bytes inside of [ 15.740310] freed 64-byte region [fff00000c594b180, fff00000c594b1c0) [ 15.740635] [ 15.740719] The buggy address belongs to the physical page: [ 15.740770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b [ 15.740831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.740880] page_type: f5(slab) [ 15.741254] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.741562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.742097] page dumped because: kasan: bad access detected [ 15.742325] [ 15.742352] Memory state around the buggy address: [ 15.742385] fff00000c594b080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.742439] fff00000c594b100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.742483] >fff00000c594b180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.742797] ^ [ 15.742834] fff00000c594b200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.742877] fff00000c594b280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.742916] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.696307] ================================================================== [ 15.696421] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.696945] Write of size 33 at addr fff00000c594b000 by task kunit_try_catch/187 [ 15.697228] [ 15.697271] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.697356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.697382] Hardware name: linux,dummy-virt (DT) [ 15.697414] Call trace: [ 15.697436] show_stack+0x20/0x38 (C) [ 15.697879] dump_stack_lvl+0x8c/0xd0 [ 15.697989] print_report+0x118/0x5d0 [ 15.698064] kasan_report+0xdc/0x128 [ 15.698239] kasan_check_range+0x100/0x1a8 [ 15.698453] __asan_memset+0x34/0x78 [ 15.698698] kmalloc_uaf_memset+0x170/0x310 [ 15.698749] kunit_try_run_case+0x170/0x3f0 [ 15.698799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.699283] kthread+0x328/0x630 [ 15.699377] ret_from_fork+0x10/0x20 [ 15.699436] [ 15.699455] Allocated by task 187: [ 15.699486] kasan_save_stack+0x3c/0x68 [ 15.699526] kasan_save_track+0x20/0x40 [ 15.699564] kasan_save_alloc_info+0x40/0x58 [ 15.699603] __kasan_kmalloc+0xd4/0xd8 [ 15.699639] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.700168] kmalloc_uaf_memset+0xb8/0x310 [ 15.700234] kunit_try_run_case+0x170/0x3f0 [ 15.700710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.700768] kthread+0x328/0x630 [ 15.700800] ret_from_fork+0x10/0x20 [ 15.700956] [ 15.701220] Freed by task 187: [ 15.701252] kasan_save_stack+0x3c/0x68 [ 15.701862] kasan_save_track+0x20/0x40 [ 15.702204] kasan_save_free_info+0x4c/0x78 [ 15.702298] __kasan_slab_free+0x6c/0x98 [ 15.702526] kfree+0x214/0x3c8 [ 15.702560] kmalloc_uaf_memset+0x11c/0x310 [ 15.702597] kunit_try_run_case+0x170/0x3f0 [ 15.702635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.702677] kthread+0x328/0x630 [ 15.702710] ret_from_fork+0x10/0x20 [ 15.702744] [ 15.702764] The buggy address belongs to the object at fff00000c594b000 [ 15.702764] which belongs to the cache kmalloc-64 of size 64 [ 15.704400] The buggy address is located 0 bytes inside of [ 15.704400] freed 64-byte region [fff00000c594b000, fff00000c594b040) [ 15.704581] [ 15.704603] The buggy address belongs to the physical page: [ 15.704636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594b [ 15.704694] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.704746] page_type: f5(slab) [ 15.704785] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.704835] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.704878] page dumped because: kasan: bad access detected [ 15.704909] [ 15.704928] Memory state around the buggy address: [ 15.706449] fff00000c594af00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.707029] fff00000c594af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.707377] >fff00000c594b000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.707850] ^ [ 15.708338] fff00000c594b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.708417] fff00000c594b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.708464] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.663729] ================================================================== [ 15.663802] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.663858] Read of size 1 at addr fff00000c591d5e8 by task kunit_try_catch/185 [ 15.663907] [ 15.664605] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.664823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.665001] Hardware name: linux,dummy-virt (DT) [ 15.665102] Call trace: [ 15.665127] show_stack+0x20/0x38 (C) [ 15.665199] dump_stack_lvl+0x8c/0xd0 [ 15.665248] print_report+0x118/0x5d0 [ 15.665293] kasan_report+0xdc/0x128 [ 15.665882] __asan_report_load1_noabort+0x20/0x30 [ 15.665991] kmalloc_uaf+0x300/0x338 [ 15.666655] kunit_try_run_case+0x170/0x3f0 [ 15.666760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.666812] kthread+0x328/0x630 [ 15.667298] ret_from_fork+0x10/0x20 [ 15.667649] [ 15.667673] Allocated by task 185: [ 15.667705] kasan_save_stack+0x3c/0x68 [ 15.667939] kasan_save_track+0x20/0x40 [ 15.668103] kasan_save_alloc_info+0x40/0x58 [ 15.668430] __kasan_kmalloc+0xd4/0xd8 [ 15.668676] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.668765] kmalloc_uaf+0xb8/0x338 [ 15.669061] kunit_try_run_case+0x170/0x3f0 [ 15.669123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.669334] kthread+0x328/0x630 [ 15.669385] ret_from_fork+0x10/0x20 [ 15.669422] [ 15.669443] Freed by task 185: [ 15.669470] kasan_save_stack+0x3c/0x68 [ 15.670044] kasan_save_track+0x20/0x40 [ 15.670101] kasan_save_free_info+0x4c/0x78 [ 15.670345] __kasan_slab_free+0x6c/0x98 [ 15.670408] kfree+0x214/0x3c8 [ 15.670772] kmalloc_uaf+0x11c/0x338 [ 15.670937] kunit_try_run_case+0x170/0x3f0 [ 15.670989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.671162] kthread+0x328/0x630 [ 15.671314] ret_from_fork+0x10/0x20 [ 15.671623] [ 15.671677] The buggy address belongs to the object at fff00000c591d5e0 [ 15.671677] which belongs to the cache kmalloc-16 of size 16 [ 15.671826] The buggy address is located 8 bytes inside of [ 15.671826] freed 16-byte region [fff00000c591d5e0, fff00000c591d5f0) [ 15.672217] [ 15.672242] The buggy address belongs to the physical page: [ 15.672275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.672665] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.672866] page_type: f5(slab) [ 15.673095] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.673287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.673457] page dumped because: kasan: bad access detected [ 15.673546] [ 15.673619] Memory state around the buggy address: [ 15.673654] fff00000c591d480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.673699] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.673744] >fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.673792] ^ [ 15.673833] fff00000c591d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.673876] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.674363] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.630952] ================================================================== [ 15.631017] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.631109] Read of size 64 at addr fff00000c6532d04 by task kunit_try_catch/183 [ 15.631165] [ 15.631212] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.631295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.631322] Hardware name: linux,dummy-virt (DT) [ 15.631362] Call trace: [ 15.631392] show_stack+0x20/0x38 (C) [ 15.631440] dump_stack_lvl+0x8c/0xd0 [ 15.631493] print_report+0x118/0x5d0 [ 15.631539] kasan_report+0xdc/0x128 [ 15.631592] kasan_check_range+0x100/0x1a8 [ 15.631648] __asan_memmove+0x3c/0x98 [ 15.631689] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.631747] kunit_try_run_case+0x170/0x3f0 [ 15.631796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.631854] kthread+0x328/0x630 [ 15.631896] ret_from_fork+0x10/0x20 [ 15.631943] [ 15.631960] Allocated by task 183: [ 15.631993] kasan_save_stack+0x3c/0x68 [ 15.632034] kasan_save_track+0x20/0x40 [ 15.632080] kasan_save_alloc_info+0x40/0x58 [ 15.632127] __kasan_kmalloc+0xd4/0xd8 [ 15.632169] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.632787] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.632849] kunit_try_run_case+0x170/0x3f0 [ 15.633123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.633314] kthread+0x328/0x630 [ 15.633403] ret_from_fork+0x10/0x20 [ 15.633517] [ 15.633539] The buggy address belongs to the object at fff00000c6532d00 [ 15.633539] which belongs to the cache kmalloc-64 of size 64 [ 15.633618] The buggy address is located 4 bytes inside of [ 15.633618] allocated 64-byte region [fff00000c6532d00, fff00000c6532d40) [ 15.633942] [ 15.634020] The buggy address belongs to the physical page: [ 15.634119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106532 [ 15.634301] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.634352] page_type: f5(slab) [ 15.634628] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.634817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.634950] page dumped because: kasan: bad access detected [ 15.634985] [ 15.635003] Memory state around the buggy address: [ 15.635035] fff00000c6532c00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.635383] fff00000c6532c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.635501] >fff00000c6532d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.635653] ^ [ 15.635717] fff00000c6532d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.635873] fff00000c6532e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.636075] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.614419] ================================================================== [ 15.614489] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.614597] Read of size 18446744073709551614 at addr fff00000c6532b04 by task kunit_try_catch/181 [ 15.614741] [ 15.614849] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.614931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.614957] Hardware name: linux,dummy-virt (DT) [ 15.615089] Call trace: [ 15.615110] show_stack+0x20/0x38 (C) [ 15.615278] dump_stack_lvl+0x8c/0xd0 [ 15.615370] print_report+0x118/0x5d0 [ 15.615465] kasan_report+0xdc/0x128 [ 15.615548] kasan_check_range+0x100/0x1a8 [ 15.615604] __asan_memmove+0x3c/0x98 [ 15.615650] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.615704] kunit_try_run_case+0x170/0x3f0 [ 15.615751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.615902] kthread+0x328/0x630 [ 15.616318] ret_from_fork+0x10/0x20 [ 15.616513] [ 15.616619] Allocated by task 181: [ 15.616716] kasan_save_stack+0x3c/0x68 [ 15.616758] kasan_save_track+0x20/0x40 [ 15.616814] kasan_save_alloc_info+0x40/0x58 [ 15.616918] __kasan_kmalloc+0xd4/0xd8 [ 15.616994] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.617086] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.617233] kunit_try_run_case+0x170/0x3f0 [ 15.617272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.617341] kthread+0x328/0x630 [ 15.617375] ret_from_fork+0x10/0x20 [ 15.617410] [ 15.617429] The buggy address belongs to the object at fff00000c6532b00 [ 15.617429] which belongs to the cache kmalloc-64 of size 64 [ 15.617503] The buggy address is located 4 bytes inside of [ 15.617503] 64-byte region [fff00000c6532b00, fff00000c6532b40) [ 15.617804] [ 15.617852] The buggy address belongs to the physical page: [ 15.617934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106532 [ 15.618032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.618158] page_type: f5(slab) [ 15.618234] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.618327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.618445] page dumped because: kasan: bad access detected [ 15.618563] [ 15.618636] Memory state around the buggy address: [ 15.618697] fff00000c6532a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.618758] fff00000c6532a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.619026] >fff00000c6532b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.619153] ^ [ 15.619203] fff00000c6532b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619274] fff00000c6532c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.619409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.605612] ================================================================== [ 15.605672] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.605737] Write of size 16 at addr fff00000c592cd69 by task kunit_try_catch/179 [ 15.605825] [ 15.605859] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.605976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.606002] Hardware name: linux,dummy-virt (DT) [ 15.606060] Call trace: [ 15.606125] show_stack+0x20/0x38 (C) [ 15.606193] dump_stack_lvl+0x8c/0xd0 [ 15.606240] print_report+0x118/0x5d0 [ 15.606285] kasan_report+0xdc/0x128 [ 15.606327] kasan_check_range+0x100/0x1a8 [ 15.606373] __asan_memset+0x34/0x78 [ 15.606412] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.606468] kunit_try_run_case+0x170/0x3f0 [ 15.606526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.606577] kthread+0x328/0x630 [ 15.606616] ret_from_fork+0x10/0x20 [ 15.606661] [ 15.606678] Allocated by task 179: [ 15.606706] kasan_save_stack+0x3c/0x68 [ 15.606744] kasan_save_track+0x20/0x40 [ 15.606780] kasan_save_alloc_info+0x40/0x58 [ 15.606818] __kasan_kmalloc+0xd4/0xd8 [ 15.606878] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.606954] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.607023] kunit_try_run_case+0x170/0x3f0 [ 15.607060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.607120] kthread+0x328/0x630 [ 15.607168] ret_from_fork+0x10/0x20 [ 15.607239] [ 15.607258] The buggy address belongs to the object at fff00000c592cd00 [ 15.607258] which belongs to the cache kmalloc-128 of size 128 [ 15.607352] The buggy address is located 105 bytes inside of [ 15.607352] allocated 120-byte region [fff00000c592cd00, fff00000c592cd78) [ 15.607428] [ 15.607447] The buggy address belongs to the physical page: [ 15.607495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.607546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.607624] page_type: f5(slab) [ 15.607661] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.607736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.607818] page dumped because: kasan: bad access detected [ 15.607856] [ 15.607874] Memory state around the buggy address: [ 15.607961] fff00000c592cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.608004] fff00000c592cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608044] >fff00000c592cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.608080] ^ [ 15.608154] fff00000c592cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608204] fff00000c592ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.608241] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.584659] ================================================================== [ 15.584731] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.584791] Write of size 8 at addr fff00000c592cc71 by task kunit_try_catch/177 [ 15.584840] [ 15.584878] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.587134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.587418] Hardware name: linux,dummy-virt (DT) [ 15.588146] Call trace: [ 15.588188] show_stack+0x20/0x38 (C) [ 15.588252] dump_stack_lvl+0x8c/0xd0 [ 15.588301] print_report+0x118/0x5d0 [ 15.588347] kasan_report+0xdc/0x128 [ 15.589345] kasan_check_range+0x100/0x1a8 [ 15.589487] __asan_memset+0x34/0x78 [ 15.590344] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.590819] kunit_try_run_case+0x170/0x3f0 [ 15.590995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.591048] kthread+0x328/0x630 [ 15.591091] ret_from_fork+0x10/0x20 [ 15.592072] [ 15.592175] Allocated by task 177: [ 15.592292] kasan_save_stack+0x3c/0x68 [ 15.593079] kasan_save_track+0x20/0x40 [ 15.593320] kasan_save_alloc_info+0x40/0x58 [ 15.593369] __kasan_kmalloc+0xd4/0xd8 [ 15.593405] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.593444] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.594236] kunit_try_run_case+0x170/0x3f0 [ 15.594612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.594831] kthread+0x328/0x630 [ 15.594972] ret_from_fork+0x10/0x20 [ 15.595272] [ 15.595344] The buggy address belongs to the object at fff00000c592cc00 [ 15.595344] which belongs to the cache kmalloc-128 of size 128 [ 15.595406] The buggy address is located 113 bytes inside of [ 15.595406] allocated 120-byte region [fff00000c592cc00, fff00000c592cc78) [ 15.595469] [ 15.595489] The buggy address belongs to the physical page: [ 15.595520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.597038] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.597100] page_type: f5(slab) [ 15.597510] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.598194] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.598680] page dumped because: kasan: bad access detected [ 15.599047] [ 15.599067] Memory state around the buggy address: [ 15.599101] fff00000c592cb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.599147] fff00000c592cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.599206] >fff00000c592cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.599244] ^ [ 15.600419] fff00000c592cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.600650] fff00000c592cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.600691] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.532533] ================================================================== [ 15.532835] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.533796] Write of size 4 at addr fff00000c592cb75 by task kunit_try_catch/175 [ 15.533862] [ 15.534046] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.534682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.534962] Hardware name: linux,dummy-virt (DT) [ 15.534996] Call trace: [ 15.535755] show_stack+0x20/0x38 (C) [ 15.535907] dump_stack_lvl+0x8c/0xd0 [ 15.536395] print_report+0x118/0x5d0 [ 15.536952] kasan_report+0xdc/0x128 [ 15.537376] kasan_check_range+0x100/0x1a8 [ 15.538079] __asan_memset+0x34/0x78 [ 15.538801] kmalloc_oob_memset_4+0x150/0x300 [ 15.538917] kunit_try_run_case+0x170/0x3f0 [ 15.539202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.539712] kthread+0x328/0x630 [ 15.539782] ret_from_fork+0x10/0x20 [ 15.540326] [ 15.540391] Allocated by task 175: [ 15.540855] kasan_save_stack+0x3c/0x68 [ 15.541602] kasan_save_track+0x20/0x40 [ 15.541796] kasan_save_alloc_info+0x40/0x58 [ 15.542259] __kasan_kmalloc+0xd4/0xd8 [ 15.542308] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.543010] kmalloc_oob_memset_4+0xb0/0x300 [ 15.543072] kunit_try_run_case+0x170/0x3f0 [ 15.543110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.543152] kthread+0x328/0x630 [ 15.543937] ret_from_fork+0x10/0x20 [ 15.544280] [ 15.544725] The buggy address belongs to the object at fff00000c592cb00 [ 15.544725] which belongs to the cache kmalloc-128 of size 128 [ 15.544838] The buggy address is located 117 bytes inside of [ 15.544838] allocated 120-byte region [fff00000c592cb00, fff00000c592cb78) [ 15.545893] [ 15.545916] The buggy address belongs to the physical page: [ 15.546072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.546533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.546586] page_type: f5(slab) [ 15.547248] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.547546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.547936] page dumped because: kasan: bad access detected [ 15.548208] [ 15.548638] Memory state around the buggy address: [ 15.548918] fff00000c592ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.549588] fff00000c592ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.549773] >fff00000c592cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.549817] ^ [ 15.549859] fff00000c592cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550591] fff00000c592cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550832] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.512655] ================================================================== [ 15.512717] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.512768] Write of size 2 at addr fff00000c592ca77 by task kunit_try_catch/173 [ 15.512819] [ 15.513089] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.513302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.513402] Hardware name: linux,dummy-virt (DT) [ 15.513453] Call trace: [ 15.513475] show_stack+0x20/0x38 (C) [ 15.513525] dump_stack_lvl+0x8c/0xd0 [ 15.513569] print_report+0x118/0x5d0 [ 15.513749] kasan_report+0xdc/0x128 [ 15.513804] kasan_check_range+0x100/0x1a8 [ 15.513893] __asan_memset+0x34/0x78 [ 15.513934] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.514001] kunit_try_run_case+0x170/0x3f0 [ 15.514100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.514151] kthread+0x328/0x630 [ 15.514298] ret_from_fork+0x10/0x20 [ 15.514348] [ 15.514384] Allocated by task 173: [ 15.514411] kasan_save_stack+0x3c/0x68 [ 15.514570] kasan_save_track+0x20/0x40 [ 15.514617] kasan_save_alloc_info+0x40/0x58 [ 15.514656] __kasan_kmalloc+0xd4/0xd8 [ 15.514691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.514729] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.514765] kunit_try_run_case+0x170/0x3f0 [ 15.514801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.514842] kthread+0x328/0x630 [ 15.515189] ret_from_fork+0x10/0x20 [ 15.515272] [ 15.515292] The buggy address belongs to the object at fff00000c592ca00 [ 15.515292] which belongs to the cache kmalloc-128 of size 128 [ 15.515377] The buggy address is located 119 bytes inside of [ 15.515377] allocated 120-byte region [fff00000c592ca00, fff00000c592ca78) [ 15.515512] [ 15.515580] The buggy address belongs to the physical page: [ 15.515609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.515706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.515797] page_type: f5(slab) [ 15.515903] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.516049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.516089] page dumped because: kasan: bad access detected [ 15.516157] [ 15.516201] Memory state around the buggy address: [ 15.516232] fff00000c592c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.516273] fff00000c592c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.516497] >fff00000c592ca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.516537] ^ [ 15.516755] fff00000c592ca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.516853] fff00000c592cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.516924] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.496346] ================================================================== [ 15.496693] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.496746] Write of size 128 at addr fff00000c592c900 by task kunit_try_catch/171 [ 15.496796] [ 15.496825] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.496906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.496942] Hardware name: linux,dummy-virt (DT) [ 15.496999] Call trace: [ 15.497239] show_stack+0x20/0x38 (C) [ 15.497295] dump_stack_lvl+0x8c/0xd0 [ 15.497446] print_report+0x118/0x5d0 [ 15.497494] kasan_report+0xdc/0x128 [ 15.497539] kasan_check_range+0x100/0x1a8 [ 15.497855] __asan_memset+0x34/0x78 [ 15.498014] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.498089] kunit_try_run_case+0x170/0x3f0 [ 15.498139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.498202] kthread+0x328/0x630 [ 15.498417] ret_from_fork+0x10/0x20 [ 15.498596] [ 15.498616] Allocated by task 171: [ 15.498651] kasan_save_stack+0x3c/0x68 [ 15.498735] kasan_save_track+0x20/0x40 [ 15.498771] kasan_save_alloc_info+0x40/0x58 [ 15.498866] __kasan_kmalloc+0xd4/0xd8 [ 15.498902] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.498940] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.499224] kunit_try_run_case+0x170/0x3f0 [ 15.499263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.499467] kthread+0x328/0x630 [ 15.499661] ret_from_fork+0x10/0x20 [ 15.499759] [ 15.499779] The buggy address belongs to the object at fff00000c592c900 [ 15.499779] which belongs to the cache kmalloc-128 of size 128 [ 15.499857] The buggy address is located 0 bytes inside of [ 15.499857] allocated 120-byte region [fff00000c592c900, fff00000c592c978) [ 15.500122] [ 15.500146] The buggy address belongs to the physical page: [ 15.500177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.500335] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.500556] page_type: f5(slab) [ 15.500599] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.500648] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.500687] page dumped because: kasan: bad access detected [ 15.500724] [ 15.500744] Memory state around the buggy address: [ 15.500774] fff00000c592c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.501054] fff00000c592c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.501209] >fff00000c592c900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.501271] ^ [ 15.501314] fff00000c592c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.501355] fff00000c592ca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.501529] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.481997] ================================================================== [ 15.482419] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.482651] Read of size 16 at addr fff00000c591d5c0 by task kunit_try_catch/169 [ 15.482711] [ 15.482788] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.482867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.482892] Hardware name: linux,dummy-virt (DT) [ 15.482921] Call trace: [ 15.483051] show_stack+0x20/0x38 (C) [ 15.483167] dump_stack_lvl+0x8c/0xd0 [ 15.483226] print_report+0x118/0x5d0 [ 15.483277] kasan_report+0xdc/0x128 [ 15.483338] __asan_report_load16_noabort+0x20/0x30 [ 15.483550] kmalloc_uaf_16+0x3bc/0x438 [ 15.483600] kunit_try_run_case+0x170/0x3f0 [ 15.483738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.483812] kthread+0x328/0x630 [ 15.483852] ret_from_fork+0x10/0x20 [ 15.483899] [ 15.483921] Allocated by task 169: [ 15.484057] kasan_save_stack+0x3c/0x68 [ 15.484262] kasan_save_track+0x20/0x40 [ 15.484348] kasan_save_alloc_info+0x40/0x58 [ 15.484414] __kasan_kmalloc+0xd4/0xd8 [ 15.484449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.484494] kmalloc_uaf_16+0x140/0x438 [ 15.484527] kunit_try_run_case+0x170/0x3f0 [ 15.484562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.484604] kthread+0x328/0x630 [ 15.484640] ret_from_fork+0x10/0x20 [ 15.484810] [ 15.484834] Freed by task 169: [ 15.484858] kasan_save_stack+0x3c/0x68 [ 15.485013] kasan_save_track+0x20/0x40 [ 15.485051] kasan_save_free_info+0x4c/0x78 [ 15.485089] __kasan_slab_free+0x6c/0x98 [ 15.485124] kfree+0x214/0x3c8 [ 15.485157] kmalloc_uaf_16+0x190/0x438 [ 15.485200] kunit_try_run_case+0x170/0x3f0 [ 15.485432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.485730] kthread+0x328/0x630 [ 15.485764] ret_from_fork+0x10/0x20 [ 15.485912] [ 15.485931] The buggy address belongs to the object at fff00000c591d5c0 [ 15.485931] which belongs to the cache kmalloc-16 of size 16 [ 15.485987] The buggy address is located 0 bytes inside of [ 15.485987] freed 16-byte region [fff00000c591d5c0, fff00000c591d5d0) [ 15.486047] [ 15.486065] The buggy address belongs to the physical page: [ 15.486207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.486262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.486310] page_type: f5(slab) [ 15.486347] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.486396] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.486450] page dumped because: kasan: bad access detected [ 15.486486] [ 15.486509] Memory state around the buggy address: [ 15.486673] fff00000c591d480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.486715] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.486757] >fff00000c591d580: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 15.486793] ^ [ 15.486825] fff00000c591d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486877] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.487010] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.471593] ================================================================== [ 15.471859] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.471911] Write of size 16 at addr fff00000c591d560 by task kunit_try_catch/167 [ 15.471967] [ 15.472062] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.472224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.472249] Hardware name: linux,dummy-virt (DT) [ 15.472279] Call trace: [ 15.472299] show_stack+0x20/0x38 (C) [ 15.472346] dump_stack_lvl+0x8c/0xd0 [ 15.472392] print_report+0x118/0x5d0 [ 15.472436] kasan_report+0xdc/0x128 [ 15.472603] __asan_report_store16_noabort+0x20/0x30 [ 15.473011] kmalloc_oob_16+0x3a0/0x3f8 [ 15.473171] kunit_try_run_case+0x170/0x3f0 [ 15.473232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.473303] kthread+0x328/0x630 [ 15.473344] ret_from_fork+0x10/0x20 [ 15.473390] [ 15.473407] Allocated by task 167: [ 15.473435] kasan_save_stack+0x3c/0x68 [ 15.473475] kasan_save_track+0x20/0x40 [ 15.473511] kasan_save_alloc_info+0x40/0x58 [ 15.473656] __kasan_kmalloc+0xd4/0xd8 [ 15.473697] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.473734] kmalloc_oob_16+0xb4/0x3f8 [ 15.473768] kunit_try_run_case+0x170/0x3f0 [ 15.473803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.473845] kthread+0x328/0x630 [ 15.473998] ret_from_fork+0x10/0x20 [ 15.474091] [ 15.474109] The buggy address belongs to the object at fff00000c591d560 [ 15.474109] which belongs to the cache kmalloc-16 of size 16 [ 15.474172] The buggy address is located 0 bytes inside of [ 15.474172] allocated 13-byte region [fff00000c591d560, fff00000c591d56d) [ 15.474246] [ 15.474264] The buggy address belongs to the physical page: [ 15.474293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.474457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.474527] page_type: f5(slab) [ 15.474678] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.474763] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.474820] page dumped because: kasan: bad access detected [ 15.474869] [ 15.474887] Memory state around the buggy address: [ 15.474917] fff00000c591d400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.474959] fff00000c591d480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.475086] >fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.475192] ^ [ 15.475231] fff00000c591d580: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.475283] fff00000c591d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.475441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.457367] ================================================================== [ 15.457427] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.457482] Read of size 1 at addr fff00000c175f200 by task kunit_try_catch/165 [ 15.457531] [ 15.457563] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.457641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.458332] Hardware name: linux,dummy-virt (DT) [ 15.458376] Call trace: [ 15.458398] show_stack+0x20/0x38 (C) [ 15.458450] dump_stack_lvl+0x8c/0xd0 [ 15.458496] print_report+0x118/0x5d0 [ 15.459000] kasan_report+0xdc/0x128 [ 15.459216] __asan_report_load1_noabort+0x20/0x30 [ 15.459290] krealloc_uaf+0x4c8/0x520 [ 15.459334] kunit_try_run_case+0x170/0x3f0 [ 15.459380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.459431] kthread+0x328/0x630 [ 15.459473] ret_from_fork+0x10/0x20 [ 15.459519] [ 15.459536] Allocated by task 165: [ 15.459564] kasan_save_stack+0x3c/0x68 [ 15.459949] kasan_save_track+0x20/0x40 [ 15.459994] kasan_save_alloc_info+0x40/0x58 [ 15.460033] __kasan_kmalloc+0xd4/0xd8 [ 15.460068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.460105] krealloc_uaf+0xc8/0x520 [ 15.460138] kunit_try_run_case+0x170/0x3f0 [ 15.460418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.460472] kthread+0x328/0x630 [ 15.460505] ret_from_fork+0x10/0x20 [ 15.460540] [ 15.460558] Freed by task 165: [ 15.460630] kasan_save_stack+0x3c/0x68 [ 15.460712] kasan_save_track+0x20/0x40 [ 15.460822] kasan_save_free_info+0x4c/0x78 [ 15.461003] __kasan_slab_free+0x6c/0x98 [ 15.461040] kfree+0x214/0x3c8 [ 15.461072] krealloc_uaf+0x12c/0x520 [ 15.461105] kunit_try_run_case+0x170/0x3f0 [ 15.461140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.461463] kthread+0x328/0x630 [ 15.461526] ret_from_fork+0x10/0x20 [ 15.461561] [ 15.461580] The buggy address belongs to the object at fff00000c175f200 [ 15.461580] which belongs to the cache kmalloc-256 of size 256 [ 15.461649] The buggy address is located 0 bytes inside of [ 15.461649] freed 256-byte region [fff00000c175f200, fff00000c175f300) [ 15.461825] [ 15.461843] The buggy address belongs to the physical page: [ 15.461902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.461958] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.462005] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.462057] page_type: f5(slab) [ 15.462093] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.462152] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.462212] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.462260] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.462483] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.462535] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.462800] page dumped because: kasan: bad access detected [ 15.462833] [ 15.462849] Memory state around the buggy address: [ 15.462881] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.462923] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.462965] >fff00000c175f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.463002] ^ [ 15.463034] fff00000c175f280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.463427] fff00000c175f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.463468] ================================================================== [ 15.440041] ================================================================== [ 15.440291] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.440350] Read of size 1 at addr fff00000c175f200 by task kunit_try_catch/165 [ 15.440401] [ 15.440434] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.440521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.440546] Hardware name: linux,dummy-virt (DT) [ 15.440575] Call trace: [ 15.440596] show_stack+0x20/0x38 (C) [ 15.440644] dump_stack_lvl+0x8c/0xd0 [ 15.441241] print_report+0x118/0x5d0 [ 15.441659] kasan_report+0xdc/0x128 [ 15.441799] __kasan_check_byte+0x54/0x70 [ 15.441996] krealloc_noprof+0x44/0x360 [ 15.442270] krealloc_uaf+0x180/0x520 [ 15.442517] kunit_try_run_case+0x170/0x3f0 [ 15.442568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.442738] kthread+0x328/0x630 [ 15.442784] ret_from_fork+0x10/0x20 [ 15.443217] [ 15.443266] Allocated by task 165: [ 15.443522] kasan_save_stack+0x3c/0x68 [ 15.443738] kasan_save_track+0x20/0x40 [ 15.443848] kasan_save_alloc_info+0x40/0x58 [ 15.443902] __kasan_kmalloc+0xd4/0xd8 [ 15.444022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.444059] krealloc_uaf+0xc8/0x520 [ 15.444505] kunit_try_run_case+0x170/0x3f0 [ 15.444555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.444607] kthread+0x328/0x630 [ 15.444638] ret_from_fork+0x10/0x20 [ 15.444674] [ 15.444693] Freed by task 165: [ 15.445266] kasan_save_stack+0x3c/0x68 [ 15.445314] kasan_save_track+0x20/0x40 [ 15.445350] kasan_save_free_info+0x4c/0x78 [ 15.445389] __kasan_slab_free+0x6c/0x98 [ 15.445702] kfree+0x214/0x3c8 [ 15.445913] krealloc_uaf+0x12c/0x520 [ 15.445955] kunit_try_run_case+0x170/0x3f0 [ 15.445992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.446062] kthread+0x328/0x630 [ 15.446207] ret_from_fork+0x10/0x20 [ 15.446529] [ 15.446726] The buggy address belongs to the object at fff00000c175f200 [ 15.446726] which belongs to the cache kmalloc-256 of size 256 [ 15.447040] The buggy address is located 0 bytes inside of [ 15.447040] freed 256-byte region [fff00000c175f200, fff00000c175f300) [ 15.447513] [ 15.447538] The buggy address belongs to the physical page: [ 15.447572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.447895] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.447948] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.448001] page_type: f5(slab) [ 15.448047] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.448235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.448283] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.448735] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.448788] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.449043] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.449360] page dumped because: kasan: bad access detected [ 15.449394] [ 15.449411] Memory state around the buggy address: [ 15.449443] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449685] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449729] >fff00000c175f200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.449998] ^ [ 15.450193] fff00000c175f280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.450334] fff00000c175f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.314871] ================================================================== [ 15.314920] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.314968] Write of size 1 at addr fff00000c175f0d0 by task kunit_try_catch/159 [ 15.315017] [ 15.315045] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.315122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.315147] Hardware name: linux,dummy-virt (DT) [ 15.315214] Call trace: [ 15.315328] show_stack+0x20/0x38 (C) [ 15.315539] dump_stack_lvl+0x8c/0xd0 [ 15.315611] print_report+0x118/0x5d0 [ 15.315836] kasan_report+0xdc/0x128 [ 15.316002] __asan_report_store1_noabort+0x20/0x30 [ 15.316114] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.316472] krealloc_less_oob+0x20/0x38 [ 15.317112] kunit_try_run_case+0x170/0x3f0 [ 15.317408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.317462] kthread+0x328/0x630 [ 15.317503] ret_from_fork+0x10/0x20 [ 15.317549] [ 15.317566] Allocated by task 159: [ 15.317594] kasan_save_stack+0x3c/0x68 [ 15.317634] kasan_save_track+0x20/0x40 [ 15.318439] kasan_save_alloc_info+0x40/0x58 [ 15.318614] __kasan_krealloc+0x118/0x178 [ 15.318743] krealloc_noprof+0x128/0x360 [ 15.319554] krealloc_less_oob_helper+0x168/0xc50 [ 15.319600] krealloc_less_oob+0x20/0x38 [ 15.319635] kunit_try_run_case+0x170/0x3f0 [ 15.319682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.319724] kthread+0x328/0x630 [ 15.320015] ret_from_fork+0x10/0x20 [ 15.320365] [ 15.320442] The buggy address belongs to the object at fff00000c175f000 [ 15.320442] which belongs to the cache kmalloc-256 of size 256 [ 15.320518] The buggy address is located 7 bytes to the right of [ 15.320518] allocated 201-byte region [fff00000c175f000, fff00000c175f0c9) [ 15.320707] [ 15.320726] The buggy address belongs to the physical page: [ 15.320762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.320989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.321040] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.321138] page_type: f5(slab) [ 15.321224] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.321274] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.321325] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.321382] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.321430] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.321477] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.321545] page dumped because: kasan: bad access detected [ 15.321603] [ 15.321689] Memory state around the buggy address: [ 15.321770] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321831] fff00000c175f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.321872] >fff00000c175f080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.322091] ^ [ 15.322141] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.322218] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.322287] ================================================================== [ 15.418888] ================================================================== [ 15.418945] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.418995] Write of size 1 at addr fff00000c783e0eb by task kunit_try_catch/163 [ 15.419043] [ 15.419074] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.419153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.419192] Hardware name: linux,dummy-virt (DT) [ 15.419222] Call trace: [ 15.419484] show_stack+0x20/0x38 (C) [ 15.419547] dump_stack_lvl+0x8c/0xd0 [ 15.420126] print_report+0x118/0x5d0 [ 15.420395] kasan_report+0xdc/0x128 [ 15.420445] __asan_report_store1_noabort+0x20/0x30 [ 15.420500] krealloc_less_oob_helper+0xa58/0xc50 [ 15.420547] krealloc_large_less_oob+0x20/0x38 [ 15.420593] kunit_try_run_case+0x170/0x3f0 [ 15.420638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.421240] kthread+0x328/0x630 [ 15.421614] ret_from_fork+0x10/0x20 [ 15.421666] [ 15.421685] The buggy address belongs to the physical page: [ 15.421723] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.421901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.422040] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.422089] page_type: f8(unknown) [ 15.422127] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.422576] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.422647] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.423172] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.423384] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.423434] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.423475] page dumped because: kasan: bad access detected [ 15.423911] [ 15.423934] Memory state around the buggy address: [ 15.423966] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.424009] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.424115] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.424204] ^ [ 15.424265] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.424306] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.424342] ================================================================== [ 15.328021] ================================================================== [ 15.328088] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.328147] Write of size 1 at addr fff00000c175f0ea by task kunit_try_catch/159 [ 15.328229] [ 15.328258] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.328336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328361] Hardware name: linux,dummy-virt (DT) [ 15.328389] Call trace: [ 15.328409] show_stack+0x20/0x38 (C) [ 15.328458] dump_stack_lvl+0x8c/0xd0 [ 15.328505] print_report+0x118/0x5d0 [ 15.328548] kasan_report+0xdc/0x128 [ 15.328593] __asan_report_store1_noabort+0x20/0x30 [ 15.328642] krealloc_less_oob_helper+0xae4/0xc50 [ 15.328689] krealloc_less_oob+0x20/0x38 [ 15.328743] kunit_try_run_case+0x170/0x3f0 [ 15.328789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.328888] kthread+0x328/0x630 [ 15.328942] ret_from_fork+0x10/0x20 [ 15.328988] [ 15.329005] Allocated by task 159: [ 15.329243] kasan_save_stack+0x3c/0x68 [ 15.329283] kasan_save_track+0x20/0x40 [ 15.329327] kasan_save_alloc_info+0x40/0x58 [ 15.329365] __kasan_krealloc+0x118/0x178 [ 15.329412] krealloc_noprof+0x128/0x360 [ 15.329449] krealloc_less_oob_helper+0x168/0xc50 [ 15.329486] krealloc_less_oob+0x20/0x38 [ 15.329560] kunit_try_run_case+0x170/0x3f0 [ 15.329664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.329753] kthread+0x328/0x630 [ 15.329901] ret_from_fork+0x10/0x20 [ 15.330025] [ 15.330043] The buggy address belongs to the object at fff00000c175f000 [ 15.330043] which belongs to the cache kmalloc-256 of size 256 [ 15.330127] The buggy address is located 33 bytes to the right of [ 15.330127] allocated 201-byte region [fff00000c175f000, fff00000c175f0c9) [ 15.330515] [ 15.330568] The buggy address belongs to the physical page: [ 15.330705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.330768] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.330814] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.330866] page_type: f5(slab) [ 15.330904] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.331602] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.331696] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.332025] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.332267] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.332316] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.332356] page dumped because: kasan: bad access detected [ 15.332387] [ 15.332404] Memory state around the buggy address: [ 15.332446] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332492] fff00000c175f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.332860] >fff00000c175f080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.332900] ^ [ 15.333123] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333216] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333254] ================================================================== [ 15.372734] ================================================================== [ 15.375471] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.375552] Write of size 1 at addr fff00000c783e0c9 by task kunit_try_catch/163 [ 15.375605] [ 15.375644] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.375726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.375752] Hardware name: linux,dummy-virt (DT) [ 15.375783] Call trace: [ 15.375805] show_stack+0x20/0x38 (C) [ 15.375854] dump_stack_lvl+0x8c/0xd0 [ 15.375902] print_report+0x118/0x5d0 [ 15.375947] kasan_report+0xdc/0x128 [ 15.375991] __asan_report_store1_noabort+0x20/0x30 [ 15.376044] krealloc_less_oob_helper+0xa48/0xc50 [ 15.376091] krealloc_large_less_oob+0x20/0x38 [ 15.376138] kunit_try_run_case+0x170/0x3f0 [ 15.376198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.376250] kthread+0x328/0x630 [ 15.376292] ret_from_fork+0x10/0x20 [ 15.376339] [ 15.376359] The buggy address belongs to the physical page: [ 15.376392] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.376447] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.376500] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.376555] page_type: f8(unknown) [ 15.376596] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.376646] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.376694] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.376741] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.376789] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.376837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.376877] page dumped because: kasan: bad access detected [ 15.376907] [ 15.376923] Memory state around the buggy address: [ 15.376954] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.377033] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.377074] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.379897] ^ [ 15.379946] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.380283] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.380325] ================================================================== [ 15.323174] ================================================================== [ 15.323234] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.323449] Write of size 1 at addr fff00000c175f0da by task kunit_try_catch/159 [ 15.323549] [ 15.323582] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.323661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.323693] Hardware name: linux,dummy-virt (DT) [ 15.323850] Call trace: [ 15.323877] show_stack+0x20/0x38 (C) [ 15.323931] dump_stack_lvl+0x8c/0xd0 [ 15.324022] print_report+0x118/0x5d0 [ 15.324072] kasan_report+0xdc/0x128 [ 15.324230] __asan_report_store1_noabort+0x20/0x30 [ 15.324389] krealloc_less_oob_helper+0xa80/0xc50 [ 15.324487] krealloc_less_oob+0x20/0x38 [ 15.324532] kunit_try_run_case+0x170/0x3f0 [ 15.324577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.324628] kthread+0x328/0x630 [ 15.324667] ret_from_fork+0x10/0x20 [ 15.324713] [ 15.324736] Allocated by task 159: [ 15.324871] kasan_save_stack+0x3c/0x68 [ 15.324932] kasan_save_track+0x20/0x40 [ 15.324979] kasan_save_alloc_info+0x40/0x58 [ 15.325017] __kasan_krealloc+0x118/0x178 [ 15.325053] krealloc_noprof+0x128/0x360 [ 15.325144] krealloc_less_oob_helper+0x168/0xc50 [ 15.325261] krealloc_less_oob+0x20/0x38 [ 15.325308] kunit_try_run_case+0x170/0x3f0 [ 15.325343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.325384] kthread+0x328/0x630 [ 15.325415] ret_from_fork+0x10/0x20 [ 15.325448] [ 15.325466] The buggy address belongs to the object at fff00000c175f000 [ 15.325466] which belongs to the cache kmalloc-256 of size 256 [ 15.325523] The buggy address is located 17 bytes to the right of [ 15.325523] allocated 201-byte region [fff00000c175f000, fff00000c175f0c9) [ 15.325615] [ 15.325642] The buggy address belongs to the physical page: [ 15.325779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.325928] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.326043] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.326121] page_type: f5(slab) [ 15.326157] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.326215] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.326430] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.326485] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.326584] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.326756] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.326893] page dumped because: kasan: bad access detected [ 15.326965] [ 15.326982] Memory state around the buggy address: [ 15.327051] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327093] fff00000c175f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.327146] >fff00000c175f080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.327337] ^ [ 15.327382] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327528] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327574] ================================================================== [ 15.410212] ================================================================== [ 15.410259] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.410575] Write of size 1 at addr fff00000c783e0ea by task kunit_try_catch/163 [ 15.410639] [ 15.411328] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.411475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.411500] Hardware name: linux,dummy-virt (DT) [ 15.411530] Call trace: [ 15.411550] show_stack+0x20/0x38 (C) [ 15.411599] dump_stack_lvl+0x8c/0xd0 [ 15.411646] print_report+0x118/0x5d0 [ 15.411690] kasan_report+0xdc/0x128 [ 15.411734] __asan_report_store1_noabort+0x20/0x30 [ 15.412573] krealloc_less_oob_helper+0xae4/0xc50 [ 15.412658] krealloc_large_less_oob+0x20/0x38 [ 15.412888] kunit_try_run_case+0x170/0x3f0 [ 15.413261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.413356] kthread+0x328/0x630 [ 15.413422] ret_from_fork+0x10/0x20 [ 15.413542] [ 15.413843] The buggy address belongs to the physical page: [ 15.413991] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.414053] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.414230] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.414599] page_type: f8(unknown) [ 15.414735] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.414883] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.415070] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.415150] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.415574] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.415802] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.415843] page dumped because: kasan: bad access detected [ 15.415873] [ 15.416247] Memory state around the buggy address: [ 15.416403] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.416736] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.416833] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.416900] ^ [ 15.417412] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.417468] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.417509] ================================================================== [ 15.390464] ================================================================== [ 15.390705] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.390816] Write of size 1 at addr fff00000c783e0d0 by task kunit_try_catch/163 [ 15.390866] [ 15.390901] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.390982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.391546] Hardware name: linux,dummy-virt (DT) [ 15.391819] Call trace: [ 15.391927] show_stack+0x20/0x38 (C) [ 15.391983] dump_stack_lvl+0x8c/0xd0 [ 15.392392] print_report+0x118/0x5d0 [ 15.392631] kasan_report+0xdc/0x128 [ 15.392768] __asan_report_store1_noabort+0x20/0x30 [ 15.393094] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.393343] krealloc_large_less_oob+0x20/0x38 [ 15.393401] kunit_try_run_case+0x170/0x3f0 [ 15.393537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.393768] kthread+0x328/0x630 [ 15.393824] ret_from_fork+0x10/0x20 [ 15.393972] [ 15.393995] The buggy address belongs to the physical page: [ 15.394028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.394367] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.394569] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.394651] page_type: f8(unknown) [ 15.394945] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.395107] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.395258] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.395525] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.395767] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.395852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.396108] page dumped because: kasan: bad access detected [ 15.396340] [ 15.396358] Memory state around the buggy address: [ 15.396389] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.396720] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.397078] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.397284] ^ [ 15.397375] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.397674] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.397893] ================================================================== [ 15.307559] ================================================================== [ 15.307627] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.308047] Write of size 1 at addr fff00000c175f0c9 by task kunit_try_catch/159 [ 15.308216] [ 15.308359] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.308675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.308879] Hardware name: linux,dummy-virt (DT) [ 15.309227] Call trace: [ 15.309306] show_stack+0x20/0x38 (C) [ 15.309359] dump_stack_lvl+0x8c/0xd0 [ 15.309406] print_report+0x118/0x5d0 [ 15.309452] kasan_report+0xdc/0x128 [ 15.309540] __asan_report_store1_noabort+0x20/0x30 [ 15.309693] krealloc_less_oob_helper+0xa48/0xc50 [ 15.309859] krealloc_less_oob+0x20/0x38 [ 15.309904] kunit_try_run_case+0x170/0x3f0 [ 15.309953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.310027] kthread+0x328/0x630 [ 15.310082] ret_from_fork+0x10/0x20 [ 15.310367] [ 15.310494] Allocated by task 159: [ 15.310544] kasan_save_stack+0x3c/0x68 [ 15.310587] kasan_save_track+0x20/0x40 [ 15.310622] kasan_save_alloc_info+0x40/0x58 [ 15.310795] __kasan_krealloc+0x118/0x178 [ 15.311057] krealloc_noprof+0x128/0x360 [ 15.311172] krealloc_less_oob_helper+0x168/0xc50 [ 15.311278] krealloc_less_oob+0x20/0x38 [ 15.311315] kunit_try_run_case+0x170/0x3f0 [ 15.311358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.311411] kthread+0x328/0x630 [ 15.311461] ret_from_fork+0x10/0x20 [ 15.311495] [ 15.311572] The buggy address belongs to the object at fff00000c175f000 [ 15.311572] which belongs to the cache kmalloc-256 of size 256 [ 15.311629] The buggy address is located 0 bytes to the right of [ 15.311629] allocated 201-byte region [fff00000c175f000, fff00000c175f0c9) [ 15.311834] [ 15.311977] The buggy address belongs to the physical page: [ 15.312044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.312177] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.312245] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.312361] page_type: f5(slab) [ 15.312405] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.312458] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.312507] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.312780] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.312829] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.312880] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.312920] page dumped because: kasan: bad access detected [ 15.312951] [ 15.313113] Memory state around the buggy address: [ 15.313173] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313226] fff00000c175f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.313268] >fff00000c175f080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.313304] ^ [ 15.313338] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313743] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313911] ================================================================== [ 15.399234] ================================================================== [ 15.399286] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.399333] Write of size 1 at addr fff00000c783e0da by task kunit_try_catch/163 [ 15.399382] [ 15.399412] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.399490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.401019] Hardware name: linux,dummy-virt (DT) [ 15.401064] Call trace: [ 15.401698] show_stack+0x20/0x38 (C) [ 15.401888] dump_stack_lvl+0x8c/0xd0 [ 15.401979] print_report+0x118/0x5d0 [ 15.402026] kasan_report+0xdc/0x128 [ 15.402128] __asan_report_store1_noabort+0x20/0x30 [ 15.402576] krealloc_less_oob_helper+0xa80/0xc50 [ 15.402931] krealloc_large_less_oob+0x20/0x38 [ 15.403363] kunit_try_run_case+0x170/0x3f0 [ 15.403423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.404243] kthread+0x328/0x630 [ 15.404828] ret_from_fork+0x10/0x20 [ 15.405060] [ 15.405250] The buggy address belongs to the physical page: [ 15.405284] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.405344] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.405391] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.405441] page_type: f8(unknown) [ 15.405478] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.406292] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.406360] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.406415] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.406928] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.407223] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.407264] page dumped because: kasan: bad access detected [ 15.407295] [ 15.407312] Memory state around the buggy address: [ 15.407725] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.407772] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.407995] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.408247] ^ [ 15.408422] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.408686] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.408879] ================================================================== [ 15.334674] ================================================================== [ 15.334731] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.334788] Write of size 1 at addr fff00000c175f0eb by task kunit_try_catch/159 [ 15.334836] [ 15.334872] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.335211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.335245] Hardware name: linux,dummy-virt (DT) [ 15.335276] Call trace: [ 15.335298] show_stack+0x20/0x38 (C) [ 15.335348] dump_stack_lvl+0x8c/0xd0 [ 15.335931] print_report+0x118/0x5d0 [ 15.336438] kasan_report+0xdc/0x128 [ 15.336561] __asan_report_store1_noabort+0x20/0x30 [ 15.336613] krealloc_less_oob_helper+0xa58/0xc50 [ 15.336941] krealloc_less_oob+0x20/0x38 [ 15.337028] kunit_try_run_case+0x170/0x3f0 [ 15.337141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.337221] kthread+0x328/0x630 [ 15.337263] ret_from_fork+0x10/0x20 [ 15.337347] [ 15.337365] Allocated by task 159: [ 15.337395] kasan_save_stack+0x3c/0x68 [ 15.337436] kasan_save_track+0x20/0x40 [ 15.337885] kasan_save_alloc_info+0x40/0x58 [ 15.337986] __kasan_krealloc+0x118/0x178 [ 15.338063] krealloc_noprof+0x128/0x360 [ 15.338100] krealloc_less_oob_helper+0x168/0xc50 [ 15.338138] krealloc_less_oob+0x20/0x38 [ 15.338172] kunit_try_run_case+0x170/0x3f0 [ 15.338348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.338392] kthread+0x328/0x630 [ 15.338674] ret_from_fork+0x10/0x20 [ 15.338745] [ 15.338807] The buggy address belongs to the object at fff00000c175f000 [ 15.338807] which belongs to the cache kmalloc-256 of size 256 [ 15.338911] The buggy address is located 34 bytes to the right of [ 15.338911] allocated 201-byte region [fff00000c175f000, fff00000c175f0c9) [ 15.339063] [ 15.339082] The buggy address belongs to the physical page: [ 15.339113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.339229] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.339459] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.339618] page_type: f5(slab) [ 15.339655] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.339705] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.339753] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.339873] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.340103] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.340223] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.340262] page dumped because: kasan: bad access detected [ 15.340292] [ 15.340309] Memory state around the buggy address: [ 15.340338] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340379] fff00000c175f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.340651] >fff00000c175f080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.341070] ^ [ 15.341236] fff00000c175f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.341298] fff00000c175f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.341336] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.290782] ================================================================== [ 15.290852] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.291086] Write of size 1 at addr fff00000c175eef0 by task kunit_try_catch/157 [ 15.291138] [ 15.291168] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.291260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291758] Hardware name: linux,dummy-virt (DT) [ 15.291792] Call trace: [ 15.291915] show_stack+0x20/0x38 (C) [ 15.292262] dump_stack_lvl+0x8c/0xd0 [ 15.292317] print_report+0x118/0x5d0 [ 15.292362] kasan_report+0xdc/0x128 [ 15.292416] __asan_report_store1_noabort+0x20/0x30 [ 15.292473] krealloc_more_oob_helper+0x5c0/0x678 [ 15.292995] krealloc_more_oob+0x20/0x38 [ 15.293047] kunit_try_run_case+0x170/0x3f0 [ 15.293142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.293235] kthread+0x328/0x630 [ 15.293444] ret_from_fork+0x10/0x20 [ 15.293604] [ 15.293642] Allocated by task 157: [ 15.293671] kasan_save_stack+0x3c/0x68 [ 15.293711] kasan_save_track+0x20/0x40 [ 15.293753] kasan_save_alloc_info+0x40/0x58 [ 15.293903] __kasan_krealloc+0x118/0x178 [ 15.293946] krealloc_noprof+0x128/0x360 [ 15.294075] krealloc_more_oob_helper+0x168/0x678 [ 15.294137] krealloc_more_oob+0x20/0x38 [ 15.294188] kunit_try_run_case+0x170/0x3f0 [ 15.294232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.294273] kthread+0x328/0x630 [ 15.294304] ret_from_fork+0x10/0x20 [ 15.294488] [ 15.294508] The buggy address belongs to the object at fff00000c175ee00 [ 15.294508] which belongs to the cache kmalloc-256 of size 256 [ 15.294642] The buggy address is located 5 bytes to the right of [ 15.294642] allocated 235-byte region [fff00000c175ee00, fff00000c175eeeb) [ 15.294705] [ 15.294724] The buggy address belongs to the physical page: [ 15.294755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.294808] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.294853] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.294903] page_type: f5(slab) [ 15.294940] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.294989] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.295678] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.295733] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.295781] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.296146] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.296205] page dumped because: kasan: bad access detected [ 15.296236] [ 15.296254] Memory state around the buggy address: [ 15.296292] fff00000c175ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.296336] fff00000c175ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.296636] >fff00000c175ee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.296684] ^ [ 15.296792] fff00000c175ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.296927] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.297002] ================================================================== [ 15.350688] ================================================================== [ 15.350750] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.350806] Write of size 1 at addr fff00000c783e0eb by task kunit_try_catch/161 [ 15.350855] [ 15.350889] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.351328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.351524] Hardware name: linux,dummy-virt (DT) [ 15.351694] Call trace: [ 15.351716] show_stack+0x20/0x38 (C) [ 15.351769] dump_stack_lvl+0x8c/0xd0 [ 15.351824] print_report+0x118/0x5d0 [ 15.352055] kasan_report+0xdc/0x128 [ 15.352192] __asan_report_store1_noabort+0x20/0x30 [ 15.352244] krealloc_more_oob_helper+0x60c/0x678 [ 15.352291] krealloc_large_more_oob+0x20/0x38 [ 15.352336] kunit_try_run_case+0x170/0x3f0 [ 15.352602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.352663] kthread+0x328/0x630 [ 15.352706] ret_from_fork+0x10/0x20 [ 15.352754] [ 15.352774] The buggy address belongs to the physical page: [ 15.353094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.353374] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.353428] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.353482] page_type: f8(unknown) [ 15.353521] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.353581] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.353753] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.353812] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.353948] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.353999] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.354066] page dumped because: kasan: bad access detected [ 15.354108] [ 15.354125] Memory state around the buggy address: [ 15.354175] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.354262] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.354423] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.354568] ^ [ 15.354607] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.354648] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.354965] ================================================================== [ 15.280893] ================================================================== [ 15.280954] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.281508] Write of size 1 at addr fff00000c175eeeb by task kunit_try_catch/157 [ 15.281674] [ 15.281724] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.281804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.281830] Hardware name: linux,dummy-virt (DT) [ 15.281977] Call trace: [ 15.282006] show_stack+0x20/0x38 (C) [ 15.282058] dump_stack_lvl+0x8c/0xd0 [ 15.282104] print_report+0x118/0x5d0 [ 15.282149] kasan_report+0xdc/0x128 [ 15.282391] __asan_report_store1_noabort+0x20/0x30 [ 15.282460] krealloc_more_oob_helper+0x60c/0x678 [ 15.282508] krealloc_more_oob+0x20/0x38 [ 15.282628] kunit_try_run_case+0x170/0x3f0 [ 15.282722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.282825] kthread+0x328/0x630 [ 15.282865] ret_from_fork+0x10/0x20 [ 15.282940] [ 15.283357] Allocated by task 157: [ 15.283498] kasan_save_stack+0x3c/0x68 [ 15.283548] kasan_save_track+0x20/0x40 [ 15.283585] kasan_save_alloc_info+0x40/0x58 [ 15.283629] __kasan_krealloc+0x118/0x178 [ 15.283666] krealloc_noprof+0x128/0x360 [ 15.283749] krealloc_more_oob_helper+0x168/0x678 [ 15.283937] krealloc_more_oob+0x20/0x38 [ 15.284086] kunit_try_run_case+0x170/0x3f0 [ 15.284123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.284165] kthread+0x328/0x630 [ 15.284277] ret_from_fork+0x10/0x20 [ 15.284313] [ 15.284333] The buggy address belongs to the object at fff00000c175ee00 [ 15.284333] which belongs to the cache kmalloc-256 of size 256 [ 15.284390] The buggy address is located 0 bytes to the right of [ 15.284390] allocated 235-byte region [fff00000c175ee00, fff00000c175eeeb) [ 15.284457] [ 15.284527] The buggy address belongs to the physical page: [ 15.284681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175e [ 15.284882] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.284928] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.285029] page_type: f5(slab) [ 15.285067] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.285118] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.285167] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.285743] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.286322] head: 0bfffe0000000001 ffffc1ffc305d781 00000000ffffffff 00000000ffffffff [ 15.286376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.286416] page dumped because: kasan: bad access detected [ 15.286643] [ 15.286698] Memory state around the buggy address: [ 15.287091] fff00000c175ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.287209] fff00000c175ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.287252] >fff00000c175ee80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.287409] ^ [ 15.287449] fff00000c175ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.287490] fff00000c175ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.287527] ================================================================== [ 15.357390] ================================================================== [ 15.357440] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.357488] Write of size 1 at addr fff00000c783e0f0 by task kunit_try_catch/161 [ 15.357828] [ 15.357972] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.358144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.358170] Hardware name: linux,dummy-virt (DT) [ 15.358461] Call trace: [ 15.358700] show_stack+0x20/0x38 (C) [ 15.358755] dump_stack_lvl+0x8c/0xd0 [ 15.358946] print_report+0x118/0x5d0 [ 15.359096] kasan_report+0xdc/0x128 [ 15.359162] __asan_report_store1_noabort+0x20/0x30 [ 15.359222] krealloc_more_oob_helper+0x5c0/0x678 [ 15.359298] krealloc_large_more_oob+0x20/0x38 [ 15.359344] kunit_try_run_case+0x170/0x3f0 [ 15.359775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.360240] kthread+0x328/0x630 [ 15.360341] ret_from_fork+0x10/0x20 [ 15.360397] [ 15.360460] The buggy address belongs to the physical page: [ 15.360490] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10783c [ 15.360551] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.360782] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.360837] page_type: f8(unknown) [ 15.361310] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.361623] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.361686] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.361832] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.361929] head: 0bfffe0000000002 ffffc1ffc31e0f01 00000000ffffffff 00000000ffffffff [ 15.361996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.362058] page dumped because: kasan: bad access detected [ 15.362128] [ 15.362215] Memory state around the buggy address: [ 15.362290] fff00000c783df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.362349] fff00000c783e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.362392] >fff00000c783e080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.362428] ^ [ 15.362511] fff00000c783e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.362660] fff00000c783e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.362697] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.267684] ================================================================== [ 15.267741] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.267796] Read of size 1 at addr fff00000c7880000 by task kunit_try_catch/155 [ 15.267845] [ 15.268313] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.268601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.268629] Hardware name: linux,dummy-virt (DT) [ 15.268889] Call trace: [ 15.269208] show_stack+0x20/0x38 (C) [ 15.269652] dump_stack_lvl+0x8c/0xd0 [ 15.269911] print_report+0x118/0x5d0 [ 15.270091] kasan_report+0xdc/0x128 [ 15.270135] __asan_report_load1_noabort+0x20/0x30 [ 15.270218] page_alloc_uaf+0x328/0x350 [ 15.270265] kunit_try_run_case+0x170/0x3f0 [ 15.270313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.270365] kthread+0x328/0x630 [ 15.270868] ret_from_fork+0x10/0x20 [ 15.271038] [ 15.271058] The buggy address belongs to the physical page: [ 15.271100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107880 [ 15.271154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.271593] page_type: f0(buddy) [ 15.271682] raw: 0bfffe0000000000 fff00000ff6161d8 fff00000ff6161d8 0000000000000000 [ 15.271822] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 15.271891] page dumped because: kasan: bad access detected [ 15.271921] [ 15.271938] Memory state around the buggy address: [ 15.272052] fff00000c787ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.272237] fff00000c787ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.272298] >fff00000c7880000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.272337] ^ [ 15.272364] fff00000c7880080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.272405] fff00000c7880100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.272812] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.243472] ================================================================== [ 15.243594] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.243656] Free of addr fff00000c7834001 by task kunit_try_catch/151 [ 15.244004] [ 15.244071] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.244233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.244259] Hardware name: linux,dummy-virt (DT) [ 15.244373] Call trace: [ 15.244559] show_stack+0x20/0x38 (C) [ 15.244665] dump_stack_lvl+0x8c/0xd0 [ 15.244713] print_report+0x118/0x5d0 [ 15.245004] kasan_report_invalid_free+0xc0/0xe8 [ 15.245137] __kasan_kfree_large+0x5c/0xa8 [ 15.245239] free_large_kmalloc+0x64/0x190 [ 15.245303] kfree+0x270/0x3c8 [ 15.245344] kmalloc_large_invalid_free+0x108/0x270 [ 15.245390] kunit_try_run_case+0x170/0x3f0 [ 15.245438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.245488] kthread+0x328/0x630 [ 15.245566] ret_from_fork+0x10/0x20 [ 15.245613] [ 15.245633] The buggy address belongs to the physical page: [ 15.245664] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 15.245717] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.245764] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.245994] page_type: f8(unknown) [ 15.246270] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.246382] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.246431] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.246481] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.246888] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 15.246962] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.247005] page dumped because: kasan: bad access detected [ 15.247036] [ 15.247053] Memory state around the buggy address: [ 15.247084] fff00000c7833f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247127] fff00000c7833f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247170] >fff00000c7834000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.247216] ^ [ 15.247244] fff00000c7834080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.247292] fff00000c7834100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.247525] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.227655] ================================================================== [ 15.227898] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.227950] Read of size 1 at addr fff00000c7834000 by task kunit_try_catch/149 [ 15.228192] [ 15.228346] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.228427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228463] Hardware name: linux,dummy-virt (DT) [ 15.228605] Call trace: [ 15.228730] show_stack+0x20/0x38 (C) [ 15.228779] dump_stack_lvl+0x8c/0xd0 [ 15.228823] print_report+0x118/0x5d0 [ 15.228867] kasan_report+0xdc/0x128 [ 15.228911] __asan_report_load1_noabort+0x20/0x30 [ 15.228960] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.229003] kunit_try_run_case+0x170/0x3f0 [ 15.229049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.229099] kthread+0x328/0x630 [ 15.229139] ret_from_fork+0x10/0x20 [ 15.229454] [ 15.229522] The buggy address belongs to the physical page: [ 15.229566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 15.229712] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.229785] raw: 0bfffe0000000000 ffffc1ffc31e0e08 fff00000da478c40 0000000000000000 [ 15.229835] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.229874] page dumped because: kasan: bad access detected [ 15.229904] [ 15.229945] Memory state around the buggy address: [ 15.229975] fff00000c7833f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230018] fff00000c7833f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230058] >fff00000c7834000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.230257] ^ [ 15.230497] fff00000c7834080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.230541] fff00000c7834100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.230578] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.210529] ================================================================== [ 15.211525] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.212262] Write of size 1 at addr fff00000c783600a by task kunit_try_catch/147 [ 15.212446] [ 15.212488] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.212569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.212595] Hardware name: linux,dummy-virt (DT) [ 15.212626] Call trace: [ 15.212647] show_stack+0x20/0x38 (C) [ 15.213745] dump_stack_lvl+0x8c/0xd0 [ 15.214163] print_report+0x118/0x5d0 [ 15.214615] kasan_report+0xdc/0x128 [ 15.214893] __asan_report_store1_noabort+0x20/0x30 [ 15.214949] kmalloc_large_oob_right+0x278/0x2b8 [ 15.214994] kunit_try_run_case+0x170/0x3f0 [ 15.215498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.215578] kthread+0x328/0x630 [ 15.215963] ret_from_fork+0x10/0x20 [ 15.216904] [ 15.217221] The buggy address belongs to the physical page: [ 15.217388] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 15.217444] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.218368] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.218445] page_type: f8(unknown) [ 15.218486] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.218535] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.218583] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.218631] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.218678] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 15.218725] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.218764] page dumped because: kasan: bad access detected [ 15.218794] [ 15.218812] Memory state around the buggy address: [ 15.218842] fff00000c7835f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.218883] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.218924] >fff00000c7836000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.218960] ^ [ 15.218989] fff00000c7836080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.219034] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.219072] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.183531] ================================================================== [ 15.183628] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.183683] Write of size 1 at addr fff00000c7851f00 by task kunit_try_catch/145 [ 15.183738] [ 15.183798] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.183880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.183911] Hardware name: linux,dummy-virt (DT) [ 15.183967] Call trace: [ 15.183989] show_stack+0x20/0x38 (C) [ 15.184054] dump_stack_lvl+0x8c/0xd0 [ 15.184128] print_report+0x118/0x5d0 [ 15.184317] kasan_report+0xdc/0x128 [ 15.184482] __asan_report_store1_noabort+0x20/0x30 [ 15.184610] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.184675] kunit_try_run_case+0x170/0x3f0 [ 15.184724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.184803] kthread+0x328/0x630 [ 15.184870] ret_from_fork+0x10/0x20 [ 15.184918] [ 15.184935] Allocated by task 145: [ 15.185091] kasan_save_stack+0x3c/0x68 [ 15.185176] kasan_save_track+0x20/0x40 [ 15.185356] kasan_save_alloc_info+0x40/0x58 [ 15.185449] __kasan_kmalloc+0xd4/0xd8 [ 15.185585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.185696] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.185743] kunit_try_run_case+0x170/0x3f0 [ 15.185803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.185846] kthread+0x328/0x630 [ 15.186225] ret_from_fork+0x10/0x20 [ 15.186309] [ 15.186358] The buggy address belongs to the object at fff00000c7850000 [ 15.186358] which belongs to the cache kmalloc-8k of size 8192 [ 15.186631] The buggy address is located 0 bytes to the right of [ 15.186631] allocated 7936-byte region [fff00000c7850000, fff00000c7851f00) [ 15.186823] [ 15.186903] The buggy address belongs to the physical page: [ 15.186953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107850 [ 15.187008] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.187384] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.187491] page_type: f5(slab) [ 15.187623] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.187692] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.188005] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.188079] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.188127] head: 0bfffe0000000003 ffffc1ffc31e1401 00000000ffffffff 00000000ffffffff [ 15.188174] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.188224] page dumped because: kasan: bad access detected [ 15.188256] [ 15.188274] Memory state around the buggy address: [ 15.188356] fff00000c7851e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.188402] fff00000c7851e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.188443] >fff00000c7851f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188485] ^ [ 15.188512] fff00000c7851f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188563] fff00000c7852000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.188618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.170577] ================================================================== [ 15.170852] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.170957] Write of size 1 at addr fff00000c592c878 by task kunit_try_catch/143 [ 15.171055] [ 15.171089] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.171217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.171246] Hardware name: linux,dummy-virt (DT) [ 15.171303] Call trace: [ 15.171342] show_stack+0x20/0x38 (C) [ 15.171391] dump_stack_lvl+0x8c/0xd0 [ 15.171546] print_report+0x118/0x5d0 [ 15.171681] kasan_report+0xdc/0x128 [ 15.171734] __asan_report_store1_noabort+0x20/0x30 [ 15.171784] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.171835] kunit_try_run_case+0x170/0x3f0 [ 15.171879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.171930] kthread+0x328/0x630 [ 15.171970] ret_from_fork+0x10/0x20 [ 15.172016] [ 15.172033] Allocated by task 143: [ 15.172060] kasan_save_stack+0x3c/0x68 [ 15.172098] kasan_save_track+0x20/0x40 [ 15.172133] kasan_save_alloc_info+0x40/0x58 [ 15.172171] __kasan_kmalloc+0xd4/0xd8 [ 15.172214] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.172256] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.172296] kunit_try_run_case+0x170/0x3f0 [ 15.172394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.172585] kthread+0x328/0x630 [ 15.172620] ret_from_fork+0x10/0x20 [ 15.172702] [ 15.172760] The buggy address belongs to the object at fff00000c592c800 [ 15.172760] which belongs to the cache kmalloc-128 of size 128 [ 15.172845] The buggy address is located 0 bytes to the right of [ 15.172845] allocated 120-byte region [fff00000c592c800, fff00000c592c878) [ 15.172937] [ 15.172990] The buggy address belongs to the physical page: [ 15.173040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.173094] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.173160] page_type: f5(slab) [ 15.173207] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.173363] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.173408] page dumped because: kasan: bad access detected [ 15.173501] [ 15.173584] Memory state around the buggy address: [ 15.173694] fff00000c592c700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.173788] fff00000c592c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173905] >fff00000c592c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.174002] ^ [ 15.174064] fff00000c592c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174141] fff00000c592c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174246] ================================================================== [ 15.163705] ================================================================== [ 15.163818] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.163914] Write of size 1 at addr fff00000c592c778 by task kunit_try_catch/143 [ 15.164045] [ 15.164079] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.164160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.164196] Hardware name: linux,dummy-virt (DT) [ 15.164287] Call trace: [ 15.164315] show_stack+0x20/0x38 (C) [ 15.164365] dump_stack_lvl+0x8c/0xd0 [ 15.164440] print_report+0x118/0x5d0 [ 15.164589] kasan_report+0xdc/0x128 [ 15.164643] __asan_report_store1_noabort+0x20/0x30 [ 15.164889] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.164948] kunit_try_run_case+0x170/0x3f0 [ 15.165129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.165217] kthread+0x328/0x630 [ 15.165362] ret_from_fork+0x10/0x20 [ 15.165433] [ 15.165450] Allocated by task 143: [ 15.165477] kasan_save_stack+0x3c/0x68 [ 15.165535] kasan_save_track+0x20/0x40 [ 15.165571] kasan_save_alloc_info+0x40/0x58 [ 15.165609] __kasan_kmalloc+0xd4/0xd8 [ 15.165882] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.166070] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.166230] kunit_try_run_case+0x170/0x3f0 [ 15.166277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.166319] kthread+0x328/0x630 [ 15.166628] ret_from_fork+0x10/0x20 [ 15.166680] [ 15.166752] The buggy address belongs to the object at fff00000c592c700 [ 15.166752] which belongs to the cache kmalloc-128 of size 128 [ 15.166913] The buggy address is located 0 bytes to the right of [ 15.166913] allocated 120-byte region [fff00000c592c700, fff00000c592c778) [ 15.166989] [ 15.167087] The buggy address belongs to the physical page: [ 15.167126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.167219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.167329] page_type: f5(slab) [ 15.167451] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.167555] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.167636] page dumped because: kasan: bad access detected [ 15.167916] [ 15.168203] Memory state around the buggy address: [ 15.168287] fff00000c592c600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.168374] fff00000c592c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168434] >fff00000c592c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.168594] ^ [ 15.168673] fff00000c592c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168754] fff00000c592c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168811] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.144448] ================================================================== [ 15.144671] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.145119] Read of size 1 at addr fff00000c7821000 by task kunit_try_catch/141 [ 15.145555] [ 15.145659] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.145913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.146251] Hardware name: linux,dummy-virt (DT) [ 15.146536] Call trace: [ 15.146559] show_stack+0x20/0x38 (C) [ 15.146997] dump_stack_lvl+0x8c/0xd0 [ 15.147062] print_report+0x118/0x5d0 [ 15.147107] kasan_report+0xdc/0x128 [ 15.147491] __asan_report_load1_noabort+0x20/0x30 [ 15.147797] kmalloc_node_oob_right+0x2f4/0x330 [ 15.148009] kunit_try_run_case+0x170/0x3f0 [ 15.148388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.148728] kthread+0x328/0x630 [ 15.148800] ret_from_fork+0x10/0x20 [ 15.149199] [ 15.149222] Allocated by task 141: [ 15.149494] kasan_save_stack+0x3c/0x68 [ 15.149579] kasan_save_track+0x20/0x40 [ 15.149664] kasan_save_alloc_info+0x40/0x58 [ 15.149702] __kasan_kmalloc+0xd4/0xd8 [ 15.149737] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.149777] kmalloc_node_oob_right+0xbc/0x330 [ 15.149865] kunit_try_run_case+0x170/0x3f0 [ 15.149905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.149948] kthread+0x328/0x630 [ 15.150169] ret_from_fork+0x10/0x20 [ 15.150478] [ 15.150512] The buggy address belongs to the object at fff00000c7820000 [ 15.150512] which belongs to the cache kmalloc-4k of size 4096 [ 15.150591] The buggy address is located 0 bytes to the right of [ 15.150591] allocated 4096-byte region [fff00000c7820000, fff00000c7821000) [ 15.150872] [ 15.151518] The buggy address belongs to the physical page: [ 15.152080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107820 [ 15.152990] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.153169] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.153503] page_type: f5(slab) [ 15.153547] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.153598] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.154378] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.154552] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.154693] head: 0bfffe0000000003 ffffc1ffc31e0801 00000000ffffffff 00000000ffffffff [ 15.154846] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.155189] page dumped because: kasan: bad access detected [ 15.155228] [ 15.155259] Memory state around the buggy address: [ 15.155535] fff00000c7820f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.155600] fff00000c7820f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.155643] >fff00000c7821000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155680] ^ [ 15.155707] fff00000c7821080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155748] fff00000c7821100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.155784] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.115820] ================================================================== [ 15.115939] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.118247] Read of size 1 at addr fff00000c591d53f by task kunit_try_catch/139 [ 15.118298] [ 15.118336] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.118416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.118441] Hardware name: linux,dummy-virt (DT) [ 15.118472] Call trace: [ 15.118494] show_stack+0x20/0x38 (C) [ 15.118543] dump_stack_lvl+0x8c/0xd0 [ 15.118590] print_report+0x118/0x5d0 [ 15.118637] kasan_report+0xdc/0x128 [ 15.118681] __asan_report_load1_noabort+0x20/0x30 [ 15.118731] kmalloc_oob_left+0x2ec/0x320 [ 15.118776] kunit_try_run_case+0x170/0x3f0 [ 15.118824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.118876] kthread+0x328/0x630 [ 15.118917] ret_from_fork+0x10/0x20 [ 15.118964] [ 15.118981] Allocated by task 26: [ 15.119011] kasan_save_stack+0x3c/0x68 [ 15.119049] kasan_save_track+0x20/0x40 [ 15.119086] kasan_save_alloc_info+0x40/0x58 [ 15.119124] __kasan_kmalloc+0xd4/0xd8 [ 15.119159] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.119212] kstrdup+0x54/0xc8 [ 15.119243] devtmpfs_work_loop+0x6f8/0xa58 [ 15.119283] devtmpfsd+0x50/0x58 [ 15.119316] kthread+0x328/0x630 [ 15.119346] ret_from_fork+0x10/0x20 [ 15.119380] [ 15.119411] Freed by task 26: [ 15.119445] kasan_save_stack+0x3c/0x68 [ 15.119481] kasan_save_track+0x20/0x40 [ 15.119516] kasan_save_free_info+0x4c/0x78 [ 15.119553] __kasan_slab_free+0x6c/0x98 [ 15.119588] kfree+0x214/0x3c8 [ 15.119620] devtmpfs_work_loop+0x804/0xa58 [ 15.119654] devtmpfsd+0x50/0x58 [ 15.119685] kthread+0x328/0x630 [ 15.119715] ret_from_fork+0x10/0x20 [ 15.119755] [ 15.119776] The buggy address belongs to the object at fff00000c591d520 [ 15.119776] which belongs to the cache kmalloc-16 of size 16 [ 15.119832] The buggy address is located 15 bytes to the right of [ 15.119832] allocated 16-byte region [fff00000c591d520, fff00000c591d530) [ 15.119895] [ 15.119914] The buggy address belongs to the physical page: [ 15.119945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 15.119998] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.120047] page_type: f5(slab) [ 15.120085] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.120134] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.120173] page dumped because: kasan: bad access detected [ 15.121277] [ 15.121301] Memory state around the buggy address: [ 15.121517] fff00000c591d400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.121567] fff00000c591d480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.121610] >fff00000c591d500: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 15.121647] ^ [ 15.122031] fff00000c591d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122697] fff00000c591d600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122749] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.083642] ================================================================== [ 15.083683] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.083731] Write of size 1 at addr fff00000c592c678 by task kunit_try_catch/137 [ 15.083959] [ 15.084041] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.084224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.084629] Hardware name: linux,dummy-virt (DT) [ 15.084805] Call trace: [ 15.084826] show_stack+0x20/0x38 (C) [ 15.084877] dump_stack_lvl+0x8c/0xd0 [ 15.084923] print_report+0x118/0x5d0 [ 15.084968] kasan_report+0xdc/0x128 [ 15.085012] __asan_report_store1_noabort+0x20/0x30 [ 15.085062] kmalloc_oob_right+0x538/0x660 [ 15.085105] kunit_try_run_case+0x170/0x3f0 [ 15.085152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.085490] kthread+0x328/0x630 [ 15.085540] ret_from_fork+0x10/0x20 [ 15.085587] [ 15.085604] Allocated by task 137: [ 15.085632] kasan_save_stack+0x3c/0x68 [ 15.085671] kasan_save_track+0x20/0x40 [ 15.086082] kasan_save_alloc_info+0x40/0x58 [ 15.086120] __kasan_kmalloc+0xd4/0xd8 [ 15.086155] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.086203] kmalloc_oob_right+0xb0/0x660 [ 15.086237] kunit_try_run_case+0x170/0x3f0 [ 15.086273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.086314] kthread+0x328/0x630 [ 15.086344] ret_from_fork+0x10/0x20 [ 15.086378] [ 15.086396] The buggy address belongs to the object at fff00000c592c600 [ 15.086396] which belongs to the cache kmalloc-128 of size 128 [ 15.086453] The buggy address is located 5 bytes to the right of [ 15.086453] allocated 115-byte region [fff00000c592c600, fff00000c592c673) [ 15.086516] [ 15.086534] The buggy address belongs to the physical page: [ 15.086563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.086615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.086660] page_type: f5(slab) [ 15.086696] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.086744] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.086783] page dumped because: kasan: bad access detected [ 15.086812] [ 15.086828] Memory state around the buggy address: [ 15.086857] fff00000c592c500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.086898] fff00000c592c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086939] >fff00000c592c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.086975] ^ [ 15.087041] fff00000c592c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087088] fff00000c592c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087153] ================================================================== [ 15.088961] ================================================================== [ 15.089013] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.089094] Read of size 1 at addr fff00000c592c680 by task kunit_try_catch/137 [ 15.089145] [ 15.089173] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.089263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.089289] Hardware name: linux,dummy-virt (DT) [ 15.089330] Call trace: [ 15.089350] show_stack+0x20/0x38 (C) [ 15.089588] dump_stack_lvl+0x8c/0xd0 [ 15.089639] print_report+0x118/0x5d0 [ 15.089684] kasan_report+0xdc/0x128 [ 15.089728] __asan_report_load1_noabort+0x20/0x30 [ 15.089778] kmalloc_oob_right+0x5d0/0x660 [ 15.089869] kunit_try_run_case+0x170/0x3f0 [ 15.090058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.090195] kthread+0x328/0x630 [ 15.090435] ret_from_fork+0x10/0x20 [ 15.090520] [ 15.090537] Allocated by task 137: [ 15.090609] kasan_save_stack+0x3c/0x68 [ 15.090704] kasan_save_track+0x20/0x40 [ 15.090772] kasan_save_alloc_info+0x40/0x58 [ 15.090818] __kasan_kmalloc+0xd4/0xd8 [ 15.090948] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.091006] kmalloc_oob_right+0xb0/0x660 [ 15.091114] kunit_try_run_case+0x170/0x3f0 [ 15.091193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.091235] kthread+0x328/0x630 [ 15.091265] ret_from_fork+0x10/0x20 [ 15.091298] [ 15.091315] The buggy address belongs to the object at fff00000c592c600 [ 15.091315] which belongs to the cache kmalloc-128 of size 128 [ 15.091371] The buggy address is located 13 bytes to the right of [ 15.091371] allocated 115-byte region [fff00000c592c600, fff00000c592c673) [ 15.091446] [ 15.091472] The buggy address belongs to the physical page: [ 15.091501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.091872] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.091922] page_type: f5(slab) [ 15.092006] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.092057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.092095] page dumped because: kasan: bad access detected [ 15.092126] [ 15.092395] Memory state around the buggy address: [ 15.092449] fff00000c592c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092745] fff00000c592c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.092921] >fff00000c592c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.092960] ^ [ 15.093005] fff00000c592c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093046] fff00000c592c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093083] ================================================================== [ 15.076331] ================================================================== [ 15.076668] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.077530] Write of size 1 at addr fff00000c592c673 by task kunit_try_catch/137 [ 15.077636] [ 15.078393] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 15.078536] Tainted: [N]=TEST [ 15.078568] Hardware name: linux,dummy-virt (DT) [ 15.078783] Call trace: [ 15.078947] show_stack+0x20/0x38 (C) [ 15.079077] dump_stack_lvl+0x8c/0xd0 [ 15.079137] print_report+0x118/0x5d0 [ 15.079197] kasan_report+0xdc/0x128 [ 15.079242] __asan_report_store1_noabort+0x20/0x30 [ 15.079293] kmalloc_oob_right+0x5a4/0x660 [ 15.079337] kunit_try_run_case+0x170/0x3f0 [ 15.079388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.079440] kthread+0x328/0x630 [ 15.079483] ret_from_fork+0x10/0x20 [ 15.079642] [ 15.079679] Allocated by task 137: [ 15.079820] kasan_save_stack+0x3c/0x68 [ 15.079887] kasan_save_track+0x20/0x40 [ 15.079923] kasan_save_alloc_info+0x40/0x58 [ 15.079962] __kasan_kmalloc+0xd4/0xd8 [ 15.079997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.080037] kmalloc_oob_right+0xb0/0x660 [ 15.080073] kunit_try_run_case+0x170/0x3f0 [ 15.080109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.080151] kthread+0x328/0x630 [ 15.080194] ret_from_fork+0x10/0x20 [ 15.080249] [ 15.080307] The buggy address belongs to the object at fff00000c592c600 [ 15.080307] which belongs to the cache kmalloc-128 of size 128 [ 15.080398] The buggy address is located 0 bytes to the right of [ 15.080398] allocated 115-byte region [fff00000c592c600, fff00000c592c673) [ 15.080469] [ 15.080545] The buggy address belongs to the physical page: [ 15.080733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10592c [ 15.081135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.081452] page_type: f5(slab) [ 15.081745] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.081809] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.081914] page dumped because: kasan: bad access detected [ 15.081955] [ 15.081980] Memory state around the buggy address: [ 15.082213] fff00000c592c500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.082282] fff00000c592c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082336] >fff00000c592c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.082388] ^ [ 15.082467] fff00000c592c680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082509] fff00000c592c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.082570] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.655450] WARNING: CPU: 0 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.658240] Modules linked in: [ 97.658759] CPU: 0 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 97.659930] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.660557] Hardware name: linux,dummy-virt (DT) [ 97.661139] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.661889] pc : intlog10+0x38/0x48 [ 97.662367] lr : intlog10_test+0xe4/0x200 [ 97.662580] sp : ffff8000821d7c10 [ 97.662741] x29: ffff8000821d7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.663096] x26: 1ffe000018ecdb01 x25: 0000000000000000 x24: ffff8000821d7ce0 [ 97.663493] x23: ffff8000821d7d00 x22: 0000000000000000 x21: 1ffff0001043af82 [ 97.663936] x20: ffffa65dac889d80 x19: ffff800080087990 x18: 0000000037f34954 [ 97.664394] x17: 000000003eed471d x16: fff00000c097543c x15: fff00000ff616b08 [ 97.664830] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff74cbb60e3379 [ 97.665405] x11: 1ffff4cbb60e3378 x10: ffff74cbb60e3378 x9 : ffffa65da9e35e5c [ 97.665860] x8 : ffffa65db0719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.666317] x5 : ffff70001043af82 x4 : 1ffff00010010f3a x3 : 1ffff4cbb59113b0 [ 97.666776] x2 : 1ffff4cbb59113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.667244] Call trace: [ 97.667425] intlog10+0x38/0x48 (P) [ 97.667687] kunit_try_run_case+0x170/0x3f0 [ 97.667945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.668278] kthread+0x328/0x630 [ 97.668498] ret_from_fork+0x10/0x20 [ 97.668768] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.608012] WARNING: CPU: 0 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.611321] Modules linked in: [ 97.611917] CPU: 0 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 97.612947] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.613750] Hardware name: linux,dummy-virt (DT) [ 97.614447] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.615009] pc : intlog2+0xd8/0xf8 [ 97.615437] lr : intlog2_test+0xe4/0x200 [ 97.615629] sp : ffff800081fd7c10 [ 97.615784] x29: ffff800081fd7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.616130] x26: 1ffe000018ca76c1 x25: 0000000000000000 x24: ffff800081fd7ce0 [ 97.616542] x23: ffff800081fd7d00 x22: 0000000000000000 x21: 1ffff000103faf82 [ 97.617006] x20: ffffa65dac889c80 x19: ffff800080087990 x18: 00000000b34125e9 [ 97.617765] x17: 00000000c44c6f7e x16: fff00000c097543c x15: 0000000024c875e3 [ 97.618820] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff74cbb60e3379 [ 97.619589] x11: 1ffff4cbb60e3378 x10: ffff74cbb60e3378 x9 : ffffa65da9e3605c [ 97.620348] x8 : ffffa65db0719bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.621129] x5 : ffff7000103faf82 x4 : 1ffff00010010f3a x3 : 1ffff4cbb5911390 [ 97.622002] x2 : 1ffff4cbb5911390 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.622775] Call trace: [ 97.623062] intlog2+0xd8/0xf8 (P) [ 97.623446] kunit_try_run_case+0x170/0x3f0 [ 97.623884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.624426] kthread+0x328/0x630 [ 97.624797] ret_from_fork+0x10/0x20 [ 97.625305] ---[ end trace 0000000000000000 ]---