Date
July 18, 2025, 11:11 p.m.
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.254013] ================================================================== [ 21.254115] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.254115] [ 21.254183] Corrupted memory at 0x0000000076ccf860 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 21.254522] test_corruption+0x120/0x378 [ 21.254570] kunit_try_run_case+0x170/0x3f0 [ 21.254615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.254661] kthread+0x328/0x630 [ 21.254701] ret_from_fork+0x10/0x20 [ 21.254741] [ 21.254768] kfence-#100: 0x00000000ac901c4b-0x00000000b3808873, size=32, cache=test [ 21.254768] [ 21.254824] allocated by task 313 on cpu 0 at 21.253758s (0.001062s ago): [ 21.254886] test_alloc+0x230/0x628 [ 21.254927] test_corruption+0xdc/0x378 [ 21.254969] kunit_try_run_case+0x170/0x3f0 [ 21.255009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.255053] kthread+0x328/0x630 [ 21.255089] ret_from_fork+0x10/0x20 [ 21.255128] [ 21.255151] freed by task 313 on cpu 0 at 21.253814s (0.001333s ago): [ 21.255212] test_corruption+0x120/0x378 [ 21.255252] kunit_try_run_case+0x170/0x3f0 [ 21.255293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.255346] kthread+0x328/0x630 [ 21.255383] ret_from_fork+0x10/0x20 [ 21.255424] [ 21.255467] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.255544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.255572] Hardware name: linux,dummy-virt (DT) [ 21.255605] ================================================================== [ 20.734100] ================================================================== [ 20.734225] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.734225] [ 20.734297] Corrupted memory at 0x00000000572b48a0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 20.735484] test_corruption+0x278/0x378 [ 20.735537] kunit_try_run_case+0x170/0x3f0 [ 20.735586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.735631] kthread+0x328/0x630 [ 20.735672] ret_from_fork+0x10/0x20 [ 20.735714] [ 20.735739] kfence-#95: 0x00000000854d9250-0x00000000ab24c623, size=32, cache=kmalloc-32 [ 20.735739] [ 20.735798] allocated by task 311 on cpu 0 at 20.733799s (0.001995s ago): [ 20.735862] test_alloc+0x29c/0x628 [ 20.735904] test_corruption+0xdc/0x378 [ 20.735945] kunit_try_run_case+0x170/0x3f0 [ 20.735986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.736030] kthread+0x328/0x630 [ 20.736067] ret_from_fork+0x10/0x20 [ 20.736107] [ 20.736131] freed by task 311 on cpu 0 at 20.733913s (0.002214s ago): [ 20.736192] test_corruption+0x278/0x378 [ 20.736232] kunit_try_run_case+0x170/0x3f0 [ 20.736273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.736317] kthread+0x328/0x630 [ 20.736367] ret_from_fork+0x10/0x20 [ 20.736408] [ 20.736456] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.736536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.736567] Hardware name: linux,dummy-virt (DT) [ 20.736604] ================================================================== [ 21.357930] ================================================================== [ 21.358022] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.358022] [ 21.358087] Corrupted memory at 0x000000000c036a71 [ ! ] (in kfence-#101): [ 21.358206] test_corruption+0x1d8/0x378 [ 21.358252] kunit_try_run_case+0x170/0x3f0 [ 21.358298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.358366] kthread+0x328/0x630 [ 21.358405] ret_from_fork+0x10/0x20 [ 21.358447] [ 21.358472] kfence-#101: 0x00000000ab0e6c3d-0x000000006b441cd7, size=32, cache=test [ 21.358472] [ 21.358527] allocated by task 313 on cpu 0 at 21.357777s (0.000747s ago): [ 21.358590] test_alloc+0x230/0x628 [ 21.358631] test_corruption+0x198/0x378 [ 21.358673] kunit_try_run_case+0x170/0x3f0 [ 21.358715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.358761] kthread+0x328/0x630 [ 21.358797] ret_from_fork+0x10/0x20 [ 21.358837] [ 21.358862] freed by task 313 on cpu 0 at 21.357842s (0.001016s ago): [ 21.358925] test_corruption+0x1d8/0x378 [ 21.358965] kunit_try_run_case+0x170/0x3f0 [ 21.359007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.359050] kthread+0x328/0x630 [ 21.359087] ret_from_fork+0x10/0x20 [ 21.359126] [ 21.359169] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.359247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.359279] Hardware name: linux,dummy-virt (DT) [ 21.359314] ================================================================== [ 21.046035] ================================================================== [ 21.046142] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.046142] [ 21.046208] Corrupted memory at 0x00000000424a473a [ ! ] (in kfence-#98): [ 21.046358] test_corruption+0x284/0x378 [ 21.046406] kunit_try_run_case+0x170/0x3f0 [ 21.046451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.046497] kthread+0x328/0x630 [ 21.046535] ret_from_fork+0x10/0x20 [ 21.046577] [ 21.046601] kfence-#98: 0x00000000f1f87388-0x0000000018c0e920, size=32, cache=kmalloc-32 [ 21.046601] [ 21.046659] allocated by task 311 on cpu 0 at 21.045734s (0.000922s ago): [ 21.046720] test_alloc+0x29c/0x628 [ 21.046762] test_corruption+0x198/0x378 [ 21.046802] kunit_try_run_case+0x170/0x3f0 [ 21.046842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.046887] kthread+0x328/0x630 [ 21.046922] ret_from_fork+0x10/0x20 [ 21.046962] [ 21.046985] freed by task 311 on cpu 0 at 21.045848s (0.001133s ago): [ 21.047045] test_corruption+0x284/0x378 [ 21.047085] kunit_try_run_case+0x170/0x3f0 [ 21.047125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047169] kthread+0x328/0x630 [ 21.047204] ret_from_fork+0x10/0x20 [ 21.047243] [ 21.047287] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.047372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.047403] Hardware name: linux,dummy-virt (DT) [ 21.047439] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.422473] ================================================================== [ 20.422746] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.422746] [ 20.422887] Invalid free of 0x00000000e53ac40b (in kfence-#92): [ 20.422950] test_invalid_addr_free+0xec/0x238 [ 20.423015] kunit_try_run_case+0x170/0x3f0 [ 20.423059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.423104] kthread+0x328/0x630 [ 20.423354] ret_from_fork+0x10/0x20 [ 20.423450] [ 20.423479] kfence-#92: 0x00000000c1702f70-0x0000000037c5cfe6, size=32, cache=test [ 20.423479] [ 20.423779] allocated by task 309 on cpu 0 at 20.422287s (0.001483s ago): [ 20.423916] test_alloc+0x230/0x628 [ 20.423964] test_invalid_addr_free+0xd4/0x238 [ 20.424050] kunit_try_run_case+0x170/0x3f0 [ 20.424255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.424320] kthread+0x328/0x630 [ 20.424431] ret_from_fork+0x10/0x20 [ 20.424477] [ 20.424551] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.424639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.424732] Hardware name: linux,dummy-virt (DT) [ 20.424769] ================================================================== [ 20.318599] ================================================================== [ 20.318669] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.318669] [ 20.319008] Invalid free of 0x000000001e1abe96 (in kfence-#91): [ 20.319155] test_invalid_addr_free+0x1ac/0x238 [ 20.319259] kunit_try_run_case+0x170/0x3f0 [ 20.319361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.319409] kthread+0x328/0x630 [ 20.319450] ret_from_fork+0x10/0x20 [ 20.319507] [ 20.319534] kfence-#91: 0x00000000b6afdf3b-0x0000000096aedd71, size=32, cache=kmalloc-32 [ 20.319534] [ 20.319798] allocated by task 307 on cpu 0 at 20.318369s (0.001217s ago): [ 20.319887] test_alloc+0x29c/0x628 [ 20.319931] test_invalid_addr_free+0xd4/0x238 [ 20.319973] kunit_try_run_case+0x170/0x3f0 [ 20.320013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.320056] kthread+0x328/0x630 [ 20.320289] ret_from_fork+0x10/0x20 [ 20.320432] [ 20.320574] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.320662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.320905] Hardware name: linux,dummy-virt (DT) [ 20.321083] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.112005] ================================================================== [ 20.112103] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.112103] [ 20.112630] Invalid free of 0x000000001a885339 (in kfence-#89): [ 20.112753] test_double_free+0x1bc/0x238 [ 20.112809] kunit_try_run_case+0x170/0x3f0 [ 20.112854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.112898] kthread+0x328/0x630 [ 20.112999] ret_from_fork+0x10/0x20 [ 20.113041] [ 20.113067] kfence-#89: 0x000000001a885339-0x00000000a273b6df, size=32, cache=kmalloc-32 [ 20.113067] [ 20.113121] allocated by task 303 on cpu 0 at 20.111597s (0.001520s ago): [ 20.113184] test_alloc+0x29c/0x628 [ 20.113224] test_double_free+0xd4/0x238 [ 20.113265] kunit_try_run_case+0x170/0x3f0 [ 20.113307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.113490] kthread+0x328/0x630 [ 20.113912] ret_from_fork+0x10/0x20 [ 20.113996] [ 20.114185] freed by task 303 on cpu 0 at 20.111666s (0.002489s ago): [ 20.114276] test_double_free+0x1ac/0x238 [ 20.114638] kunit_try_run_case+0x170/0x3f0 [ 20.114772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.114848] kthread+0x328/0x630 [ 20.115208] ret_from_fork+0x10/0x20 [ 20.115407] [ 20.115570] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.115985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.116061] Hardware name: linux,dummy-virt (DT) [ 20.116121] ================================================================== [ 20.214152] ================================================================== [ 20.214250] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.214250] [ 20.214629] Invalid free of 0x0000000016d2edd1 (in kfence-#90): [ 20.214817] test_double_free+0x100/0x238 [ 20.214867] kunit_try_run_case+0x170/0x3f0 [ 20.214911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.215508] kthread+0x328/0x630 [ 20.215885] ret_from_fork+0x10/0x20 [ 20.216044] [ 20.216139] kfence-#90: 0x0000000016d2edd1-0x000000004a913729, size=32, cache=test [ 20.216139] [ 20.216474] allocated by task 305 on cpu 0 at 20.213950s (0.002416s ago): [ 20.216555] test_alloc+0x230/0x628 [ 20.216722] test_double_free+0xd4/0x238 [ 20.216816] kunit_try_run_case+0x170/0x3f0 [ 20.216860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216912] kthread+0x328/0x630 [ 20.217036] ret_from_fork+0x10/0x20 [ 20.217080] [ 20.217138] freed by task 305 on cpu 0 at 20.214012s (0.003107s ago): [ 20.217509] test_double_free+0xf0/0x238 [ 20.217631] kunit_try_run_case+0x170/0x3f0 [ 20.217727] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.217989] kthread+0x328/0x630 [ 20.218037] ret_from_fork+0x10/0x20 [ 20.218090] [ 20.218137] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.218520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.219184] Hardware name: linux,dummy-virt (DT) [ 20.219379] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.696413] ================================================================== [ 19.696825] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.696825] [ 19.697222] Use-after-free read at 0x0000000092a1220c (in kfence-#85): [ 19.697295] test_use_after_free_read+0x114/0x248 [ 19.697672] kunit_try_run_case+0x170/0x3f0 [ 19.697800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.697850] kthread+0x328/0x630 [ 19.697900] ret_from_fork+0x10/0x20 [ 19.698437] [ 19.698926] kfence-#85: 0x0000000092a1220c-0x000000000b2383d1, size=32, cache=kmalloc-32 [ 19.698926] [ 19.699499] allocated by task 295 on cpu 0 at 19.695999s (0.003453s ago): [ 19.699707] test_alloc+0x29c/0x628 [ 19.699814] test_use_after_free_read+0xd0/0x248 [ 19.700243] kunit_try_run_case+0x170/0x3f0 [ 19.700679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.700737] kthread+0x328/0x630 [ 19.700786] ret_from_fork+0x10/0x20 [ 19.700837] [ 19.700893] freed by task 295 on cpu 0 at 19.696086s (0.004794s ago): [ 19.700971] test_use_after_free_read+0x1c0/0x248 [ 19.701024] kunit_try_run_case+0x170/0x3f0 [ 19.701082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701127] kthread+0x328/0x630 [ 19.701172] ret_from_fork+0x10/0x20 [ 19.701214] [ 19.701280] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.701502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.701836] Hardware name: linux,dummy-virt (DT) [ 19.702121] ================================================================== [ 19.799543] ================================================================== [ 19.799626] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.799626] [ 19.800048] Use-after-free read at 0x000000001c04bd14 (in kfence-#86): [ 19.800128] test_use_after_free_read+0x114/0x248 [ 19.800367] kunit_try_run_case+0x170/0x3f0 [ 19.800536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.800591] kthread+0x328/0x630 [ 19.800632] ret_from_fork+0x10/0x20 [ 19.800816] [ 19.800858] kfence-#86: 0x000000001c04bd14-0x000000001fa2beeb, size=32, cache=test [ 19.800858] [ 19.800915] allocated by task 297 on cpu 0 at 19.799268s (0.001643s ago): [ 19.800995] test_alloc+0x230/0x628 [ 19.801039] test_use_after_free_read+0xd0/0x248 [ 19.801083] kunit_try_run_case+0x170/0x3f0 [ 19.801125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.801173] kthread+0x328/0x630 [ 19.801210] ret_from_fork+0x10/0x20 [ 19.801250] [ 19.801344] freed by task 297 on cpu 0 at 19.799401s (0.001872s ago): [ 19.801457] test_use_after_free_read+0xf0/0x248 [ 19.801503] kunit_try_run_case+0x170/0x3f0 [ 19.801545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.801591] kthread+0x328/0x630 [ 19.801629] ret_from_fork+0x10/0x20 [ 19.801683] [ 19.801728] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.801807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.801841] Hardware name: linux,dummy-virt (DT) [ 19.801874] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.387260] ================================================================== [ 19.388014] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.388014] [ 19.389019] Out-of-bounds write at 0x000000009442c1e3 (1B left of kfence-#82): [ 19.389206] test_out_of_bounds_write+0x100/0x240 [ 19.389659] kunit_try_run_case+0x170/0x3f0 [ 19.389889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.390041] kthread+0x328/0x630 [ 19.390228] ret_from_fork+0x10/0x20 [ 19.390270] [ 19.390296] kfence-#82: 0x0000000056dea523-0x00000000a3b7b734, size=32, cache=kmalloc-32 [ 19.390296] [ 19.390924] allocated by task 291 on cpu 0 at 19.383478s (0.007424s ago): [ 19.392025] test_alloc+0x29c/0x628 [ 19.392387] test_out_of_bounds_write+0xc8/0x240 [ 19.392440] kunit_try_run_case+0x170/0x3f0 [ 19.392986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393157] kthread+0x328/0x630 [ 19.393600] ret_from_fork+0x10/0x20 [ 19.393910] [ 19.393986] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.394069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.394098] Hardware name: linux,dummy-virt (DT) [ 19.394134] ================================================================== [ 19.590383] ================================================================== [ 19.590467] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.590467] [ 19.590552] Out-of-bounds write at 0x00000000a6ae65c2 (1B left of kfence-#84): [ 19.590612] test_out_of_bounds_write+0x100/0x240 [ 19.590669] kunit_try_run_case+0x170/0x3f0 [ 19.590714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.590760] kthread+0x328/0x630 [ 19.590815] ret_from_fork+0x10/0x20 [ 19.590867] [ 19.590895] kfence-#84: 0x000000009147d59b-0x000000004cd4c635, size=32, cache=test [ 19.590895] [ 19.590945] allocated by task 293 on cpu 0 at 19.590287s (0.000655s ago): [ 19.591014] test_alloc+0x230/0x628 [ 19.591054] test_out_of_bounds_write+0xc8/0x240 [ 19.591096] kunit_try_run_case+0x170/0x3f0 [ 19.591144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.591187] kthread+0x328/0x630 [ 19.591232] ret_from_fork+0x10/0x20 [ 19.591278] [ 19.591580] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.591789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.591921] Hardware name: linux,dummy-virt (DT) [ 19.592089] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.858597] ================================================================== [ 18.858723] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.858723] [ 18.858861] Out-of-bounds read at 0x000000005e9f1ea8 (32B right of kfence-#77): [ 18.858934] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.858984] kunit_try_run_case+0x170/0x3f0 [ 18.859027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.859084] kthread+0x328/0x630 [ 18.859131] ret_from_fork+0x10/0x20 [ 18.859173] [ 18.859213] kfence-#77: 0x00000000febe71ef-0x000000003c2ad94b, size=32, cache=kmalloc-32 [ 18.859213] [ 18.859275] allocated by task 287 on cpu 0 at 18.858046s (0.001216s ago): [ 18.859362] test_alloc+0x29c/0x628 [ 18.859417] test_out_of_bounds_read+0x198/0x3e0 [ 18.859461] kunit_try_run_case+0x170/0x3f0 [ 18.859501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.859672] kthread+0x328/0x630 [ 18.859714] ret_from_fork+0x10/0x20 [ 18.861373] [ 18.861503] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.861713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.861745] Hardware name: linux,dummy-virt (DT) [ 18.861779] ================================================================== [ 19.274295] ================================================================== [ 19.274392] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.274392] [ 19.274664] Out-of-bounds read at 0x000000005c4ca283 (32B right of kfence-#81): [ 19.274729] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.274796] kunit_try_run_case+0x170/0x3f0 [ 19.274858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.274902] kthread+0x328/0x630 [ 19.274976] ret_from_fork+0x10/0x20 [ 19.275022] [ 19.275048] kfence-#81: 0x000000008537cd71-0x00000000f55ec8fe, size=32, cache=test [ 19.275048] [ 19.275118] allocated by task 289 on cpu 0 at 19.274097s (0.000998s ago): [ 19.275834] test_alloc+0x230/0x628 [ 19.275950] test_out_of_bounds_read+0x198/0x3e0 [ 19.276002] kunit_try_run_case+0x170/0x3f0 [ 19.276090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.276137] kthread+0x328/0x630 [ 19.276174] ret_from_fork+0x10/0x20 [ 19.276461] [ 19.276524] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.276617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.276724] Hardware name: linux,dummy-virt (DT) [ 19.276762] ================================================================== [ 18.756922] ================================================================== [ 18.757014] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.757014] [ 18.757145] Out-of-bounds read at 0x00000000578d42d4 (1B left of kfence-#76): [ 18.757224] test_out_of_bounds_read+0x114/0x3e0 [ 18.757277] kunit_try_run_case+0x170/0x3f0 [ 18.758088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.758151] kthread+0x328/0x630 [ 18.758194] ret_from_fork+0x10/0x20 [ 18.758544] [ 18.758585] kfence-#76: 0x000000008a65007f-0x0000000098afd92c, size=32, cache=kmalloc-32 [ 18.758585] [ 18.758939] allocated by task 287 on cpu 0 at 18.756413s (0.002504s ago): [ 18.759023] test_alloc+0x29c/0x628 [ 18.759068] test_out_of_bounds_read+0xdc/0x3e0 [ 18.759378] kunit_try_run_case+0x170/0x3f0 [ 18.759464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.759534] kthread+0x328/0x630 [ 18.759590] ret_from_fork+0x10/0x20 [ 18.759653] [ 18.759722] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.759822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.759861] Hardware name: linux,dummy-virt (DT) [ 18.759907] ================================================================== [ 19.066440] ================================================================== [ 19.066520] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.066520] [ 19.066605] Out-of-bounds read at 0x000000009ac222ed (1B left of kfence-#79): [ 19.066918] test_out_of_bounds_read+0x114/0x3e0 [ 19.066980] kunit_try_run_case+0x170/0x3f0 [ 19.067141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.067226] kthread+0x328/0x630 [ 19.067298] ret_from_fork+0x10/0x20 [ 19.067397] [ 19.067423] kfence-#79: 0x00000000a65817a1-0x00000000f3691039, size=32, cache=test [ 19.067423] [ 19.067490] allocated by task 289 on cpu 0 at 19.066282s (0.001197s ago): [ 19.067686] test_alloc+0x230/0x628 [ 19.067758] test_out_of_bounds_read+0xdc/0x3e0 [ 19.067800] kunit_try_run_case+0x170/0x3f0 [ 19.068083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.068142] kthread+0x328/0x630 [ 19.068354] ret_from_fork+0x10/0x20 [ 19.068397] [ 19.068444] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.068530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.068568] Hardware name: linux,dummy-virt (DT) [ 19.068611] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.030939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 17.937247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 17.966144] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 18.053423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.843978] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 17.833242] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 17.850120] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.766287] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 24.893947] ================================================================== [ 24.894051] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 24.894051] [ 24.894156] Out-of-bounds read at 0x000000000cedf711 (105B right of kfence-#135): [ 24.894219] test_kmalloc_aligned_oob_read+0x238/0x468 [ 24.894271] kunit_try_run_case+0x170/0x3f0 [ 24.894319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.894384] kthread+0x328/0x630 [ 24.894425] ret_from_fork+0x10/0x20 [ 24.894468] [ 24.894495] kfence-#135: 0x000000005cc5bfc5-0x00000000dc918404, size=73, cache=kmalloc-96 [ 24.894495] [ 24.894551] allocated by task 323 on cpu 0 at 24.893730s (0.000816s ago): [ 24.894624] test_alloc+0x29c/0x628 [ 24.894666] test_kmalloc_aligned_oob_read+0x100/0x468 [ 24.894712] kunit_try_run_case+0x170/0x3f0 [ 24.894754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.894799] kthread+0x328/0x630 [ 24.894836] ret_from_fork+0x10/0x20 [ 24.894878] [ 24.894927] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 24.895009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.895039] Hardware name: linux,dummy-virt (DT) [ 24.895078] ==================================================================
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 92.976084] Internal error: Oops: 0000000096000005 [#1] SMP [ 92.983711] Modules linked in: [ 92.984255] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 92.985541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 92.985979] Hardware name: linux,dummy-virt (DT) [ 92.986722] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.987056] pc : kunit_test_null_dereference+0x70/0x170 [ 92.987325] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.988179] sp : ffff800080ee7d30 [ 92.988736] x29: ffff800080ee7d90 x28: 0000000000000000 x27: 0000000000000000 [ 92.989659] x26: 1ffe0000194dd061 x25: 0000000000000000 x24: 0000000000000004 [ 92.990505] x23: fff00000ca6e830c x22: ffffa14214c223b8 x21: fff00000c1cca008 [ 92.990972] x20: 1ffff000101dcfa6 x19: ffff800080087990 x18: 000000004aca971c [ 92.991338] x17: 0000000000000001 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 92.991776] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: fffd8000188878b4 [ 92.992203] x11: 1ffe0000188878b3 x10: fffd8000188878b3 x9 : ffffa14214c19820 [ 92.992674] x8 : ffff800080ee7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 92.993150] x5 : ffff7000101dcfa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 92.993745] x2 : dfff800000000000 x1 : fff00000c443bcc0 x0 : ffff800080087990 [ 92.994367] Call trace: [ 92.994591] kunit_test_null_dereference+0x70/0x170 (P) [ 92.994941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.995277] kthread+0x328/0x630 [ 92.995517] ret_from_fork+0x10/0x20 [ 92.996037] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 92.996698] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.718365] ================================================================== [ 48.718420] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 48.718420] [ 48.718507] Use-after-free read at 0x00000000f22d2a73 (in kfence-#143): [ 48.718559] test_krealloc+0x51c/0x830 [ 48.718605] kunit_try_run_case+0x170/0x3f0 [ 48.718650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.718696] kthread+0x328/0x630 [ 48.718737] ret_from_fork+0x10/0x20 [ 48.718779] [ 48.718805] kfence-#143: 0x00000000f22d2a73-0x000000003940418d, size=32, cache=kmalloc-32 [ 48.718805] [ 48.718860] allocated by task 337 on cpu 1 at 48.717729s (0.001127s ago): [ 48.718930] test_alloc+0x29c/0x628 [ 48.718970] test_krealloc+0xc0/0x830 [ 48.719011] kunit_try_run_case+0x170/0x3f0 [ 48.719051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.719096] kthread+0x328/0x630 [ 48.719131] ret_from_fork+0x10/0x20 [ 48.719170] [ 48.719194] freed by task 337 on cpu 1 at 48.717941s (0.001249s ago): [ 48.719257] krealloc_noprof+0x148/0x360 [ 48.719297] test_krealloc+0x1dc/0x830 [ 48.719349] kunit_try_run_case+0x170/0x3f0 [ 48.719390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.719433] kthread+0x328/0x630 [ 48.719471] ret_from_fork+0x10/0x20 [ 48.719510] [ 48.719554] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.719634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.719665] Hardware name: linux,dummy-virt (DT) [ 48.719703] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.657864] ================================================================== [ 48.657971] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.657971] [ 48.658076] Use-after-free read at 0x000000006d9450ab (in kfence-#142): [ 48.658134] test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.658186] kunit_try_run_case+0x170/0x3f0 [ 48.658237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.658281] kthread+0x328/0x630 [ 48.658322] ret_from_fork+0x10/0x20 [ 48.658379] [ 48.658406] kfence-#142: 0x000000006d9450ab-0x0000000011741335, size=32, cache=test [ 48.658406] [ 48.658462] allocated by task 335 on cpu 0 at 48.617999s (0.040459s ago): [ 48.658534] test_alloc+0x230/0x628 [ 48.658575] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 48.658620] kunit_try_run_case+0x170/0x3f0 [ 48.658662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.658706] kthread+0x328/0x630 [ 48.658742] ret_from_fork+0x10/0x20 [ 48.658782] [ 48.658806] freed by task 335 on cpu 0 at 48.618119s (0.040683s ago): [ 48.658863] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 48.658908] kunit_try_run_case+0x170/0x3f0 [ 48.658948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.658992] kthread+0x328/0x630 [ 48.659029] ret_from_fork+0x10/0x20 [ 48.659068] [ 48.659116] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.659196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.659227] Hardware name: linux,dummy-virt (DT) [ 48.659262] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.433625] ================================================================== [ 25.433799] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 25.433799] [ 25.433909] Invalid read at 0x000000002b32c561: [ 25.433975] test_invalid_access+0xdc/0x1f0 [ 25.434029] kunit_try_run_case+0x170/0x3f0 [ 25.434081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.434131] kthread+0x328/0x630 [ 25.434177] ret_from_fork+0x10/0x20 [ 25.434228] [ 25.434278] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.434790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.435461] Hardware name: linux,dummy-virt (DT) [ 25.435509] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.206007] ================================================================== [ 25.206109] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.206109] [ 25.206175] Corrupted memory at 0x000000000cd43d79 [ ! . . . . . . . . . . . . . . . ] (in kfence-#138): [ 25.206510] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.206559] kunit_try_run_case+0x170/0x3f0 [ 25.206604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.206651] kthread+0x328/0x630 [ 25.206689] ret_from_fork+0x10/0x20 [ 25.206729] [ 25.206755] kfence-#138: 0x00000000b0a684b9-0x000000001b03cdb2, size=73, cache=kmalloc-96 [ 25.206755] [ 25.206811] allocated by task 325 on cpu 0 at 25.205770s (0.001037s ago): [ 25.206874] test_alloc+0x29c/0x628 [ 25.206913] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.206957] kunit_try_run_case+0x170/0x3f0 [ 25.206997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.207038] kthread+0x328/0x630 [ 25.207075] ret_from_fork+0x10/0x20 [ 25.207114] [ 25.207138] freed by task 325 on cpu 0 at 25.205906s (0.001228s ago): [ 25.207198] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.207240] kunit_try_run_case+0x170/0x3f0 [ 25.207280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.207323] kthread+0x328/0x630 [ 25.207369] ret_from_fork+0x10/0x20 [ 25.207408] [ 25.207451] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.207528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.207559] Hardware name: linux,dummy-virt (DT) [ 25.207591] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmalloc_uaf_16
[ 15.368423] ================================================================== [ 15.368803] BUG: KFENCE: use-after-free read in kmalloc_uaf_16+0x1fc/0x438 [ 15.368803] [ 15.369209] Use-after-free read at 0x00000000447f8fa9 (in kfence-#54): [ 15.369949] kmalloc_uaf_16+0x1fc/0x438 [ 15.369994] kunit_try_run_case+0x170/0x3f0 [ 15.370035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.370078] kthread+0x328/0x630 [ 15.370122] ret_from_fork+0x10/0x20 [ 15.370164] [ 15.370353] kfence-#54: 0x00000000447f8fa9-0x00000000dcaff8c4, size=16, cache=kmalloc-16 [ 15.370353] [ 15.370611] allocated by task 168 on cpu 1 at 15.366922s (0.003618s ago): [ 15.371065] kmalloc_uaf_16+0x140/0x438 [ 15.371135] kunit_try_run_case+0x170/0x3f0 [ 15.371184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.371226] kthread+0x328/0x630 [ 15.371260] ret_from_fork+0x10/0x20 [ 15.371637] [ 15.372405] freed by task 168 on cpu 1 at 15.366990s (0.004702s ago): [ 15.373405] kmalloc_uaf_16+0x190/0x438 [ 15.373471] kunit_try_run_case+0x170/0x3f0 [ 15.373529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.373602] kthread+0x328/0x630 [ 15.373669] ret_from_fork+0x10/0x20 [ 15.374031] [ 15.374205] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.374295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.374322] Hardware name: linux,dummy-virt (DT) [ 15.374888] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.642385] ================================================================== [ 18.642440] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.643301] Write of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.643392] [ 18.643635] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.643734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.643870] Hardware name: linux,dummy-virt (DT) [ 18.644129] Call trace: [ 18.644172] show_stack+0x20/0x38 (C) [ 18.644311] dump_stack_lvl+0x8c/0xd0 [ 18.644395] print_report+0x118/0x5d0 [ 18.644561] kasan_report+0xdc/0x128 [ 18.644616] kasan_check_range+0x100/0x1a8 [ 18.644685] __kasan_check_write+0x20/0x30 [ 18.644737] strncpy_from_user+0x3c/0x2a0 [ 18.645084] copy_user_test_oob+0x5c0/0xec8 [ 18.645261] kunit_try_run_case+0x170/0x3f0 [ 18.645433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.645493] kthread+0x328/0x630 [ 18.645537] ret_from_fork+0x10/0x20 [ 18.645590] [ 18.645611] Allocated by task 285: [ 18.645989] kasan_save_stack+0x3c/0x68 [ 18.646226] kasan_save_track+0x20/0x40 [ 18.646424] kasan_save_alloc_info+0x40/0x58 [ 18.646520] __kasan_kmalloc+0xd4/0xd8 [ 18.646698] __kmalloc_noprof+0x198/0x4c8 [ 18.646777] kunit_kmalloc_array+0x34/0x88 [ 18.646858] copy_user_test_oob+0xac/0xec8 [ 18.646922] kunit_try_run_case+0x170/0x3f0 [ 18.647193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.647526] kthread+0x328/0x630 [ 18.647659] ret_from_fork+0x10/0x20 [ 18.647747] [ 18.647924] The buggy address belongs to the object at fff00000c771e200 [ 18.647924] which belongs to the cache kmalloc-128 of size 128 [ 18.648028] The buggy address is located 0 bytes inside of [ 18.648028] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.648307] [ 18.648503] The buggy address belongs to the physical page: [ 18.648556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.648797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.648871] page_type: f5(slab) [ 18.649059] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.649151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.649700] page dumped because: kasan: bad access detected [ 18.649743] [ 18.649764] Memory state around the buggy address: [ 18.649832] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.649889] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650262] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.650355] ^ [ 18.650683] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.650745] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.651030] ================================================================== [ 18.652253] ================================================================== [ 18.652857] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.652936] Write of size 1 at addr fff00000c771e278 by task kunit_try_catch/285 [ 18.653183] [ 18.653228] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.653313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.654019] Hardware name: linux,dummy-virt (DT) [ 18.654068] Call trace: [ 18.654112] show_stack+0x20/0x38 (C) [ 18.654195] dump_stack_lvl+0x8c/0xd0 [ 18.654462] print_report+0x118/0x5d0 [ 18.654673] kasan_report+0xdc/0x128 [ 18.654766] __asan_report_store1_noabort+0x20/0x30 [ 18.654846] strncpy_from_user+0x270/0x2a0 [ 18.655057] copy_user_test_oob+0x5c0/0xec8 [ 18.655131] kunit_try_run_case+0x170/0x3f0 [ 18.655202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.655258] kthread+0x328/0x630 [ 18.655686] ret_from_fork+0x10/0x20 [ 18.655779] [ 18.655984] Allocated by task 285: [ 18.656051] kasan_save_stack+0x3c/0x68 [ 18.656250] kasan_save_track+0x20/0x40 [ 18.656298] kasan_save_alloc_info+0x40/0x58 [ 18.656889] __kasan_kmalloc+0xd4/0xd8 [ 18.657116] __kmalloc_noprof+0x198/0x4c8 [ 18.657186] kunit_kmalloc_array+0x34/0x88 [ 18.657340] copy_user_test_oob+0xac/0xec8 [ 18.657432] kunit_try_run_case+0x170/0x3f0 [ 18.657513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.657903] kthread+0x328/0x630 [ 18.657971] ret_from_fork+0x10/0x20 [ 18.658049] [ 18.658342] The buggy address belongs to the object at fff00000c771e200 [ 18.658342] which belongs to the cache kmalloc-128 of size 128 [ 18.658490] The buggy address is located 0 bytes to the right of [ 18.658490] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.658677] [ 18.658713] The buggy address belongs to the physical page: [ 18.658751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.658821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.658872] page_type: f5(slab) [ 18.658923] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.658975] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.659028] page dumped because: kasan: bad access detected [ 18.659062] [ 18.659092] Memory state around the buggy address: [ 18.659135] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.659182] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.659235] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.659276] ^ [ 18.659321] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.659387] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.659428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.611545] ================================================================== [ 18.611604] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.611656] Write of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.611711] [ 18.612272] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.612398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.612747] Hardware name: linux,dummy-virt (DT) [ 18.612825] Call trace: [ 18.612852] show_stack+0x20/0x38 (C) [ 18.612906] dump_stack_lvl+0x8c/0xd0 [ 18.612962] print_report+0x118/0x5d0 [ 18.613106] kasan_report+0xdc/0x128 [ 18.613159] kasan_check_range+0x100/0x1a8 [ 18.613237] __kasan_check_write+0x20/0x30 [ 18.613396] copy_user_test_oob+0x35c/0xec8 [ 18.613447] kunit_try_run_case+0x170/0x3f0 [ 18.613502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.613747] kthread+0x328/0x630 [ 18.614048] ret_from_fork+0x10/0x20 [ 18.614161] [ 18.614259] Allocated by task 285: [ 18.614352] kasan_save_stack+0x3c/0x68 [ 18.614406] kasan_save_track+0x20/0x40 [ 18.614640] kasan_save_alloc_info+0x40/0x58 [ 18.614831] __kasan_kmalloc+0xd4/0xd8 [ 18.614913] __kmalloc_noprof+0x198/0x4c8 [ 18.615106] kunit_kmalloc_array+0x34/0x88 [ 18.615295] copy_user_test_oob+0xac/0xec8 [ 18.615445] kunit_try_run_case+0x170/0x3f0 [ 18.615535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.615773] kthread+0x328/0x630 [ 18.615998] ret_from_fork+0x10/0x20 [ 18.616195] [ 18.616365] The buggy address belongs to the object at fff00000c771e200 [ 18.616365] which belongs to the cache kmalloc-128 of size 128 [ 18.616449] The buggy address is located 0 bytes inside of [ 18.616449] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.616603] [ 18.616663] The buggy address belongs to the physical page: [ 18.616743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.617137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.617231] page_type: f5(slab) [ 18.617518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.617614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.617735] page dumped because: kasan: bad access detected [ 18.617844] [ 18.617914] Memory state around the buggy address: [ 18.618067] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.618163] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.618226] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.618552] ^ [ 18.618741] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.618825] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.618878] ================================================================== [ 18.596106] ================================================================== [ 18.596224] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.596308] Read of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.596553] [ 18.596612] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.596997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.597049] Hardware name: linux,dummy-virt (DT) [ 18.597085] Call trace: [ 18.597110] show_stack+0x20/0x38 (C) [ 18.597240] dump_stack_lvl+0x8c/0xd0 [ 18.597292] print_report+0x118/0x5d0 [ 18.597460] kasan_report+0xdc/0x128 [ 18.597549] kasan_check_range+0x100/0x1a8 [ 18.597701] __kasan_check_read+0x20/0x30 [ 18.597767] copy_user_test_oob+0x728/0xec8 [ 18.597816] kunit_try_run_case+0x170/0x3f0 [ 18.598215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.598362] kthread+0x328/0x630 [ 18.598490] ret_from_fork+0x10/0x20 [ 18.598611] [ 18.598672] Allocated by task 285: [ 18.598767] kasan_save_stack+0x3c/0x68 [ 18.598847] kasan_save_track+0x20/0x40 [ 18.599164] kasan_save_alloc_info+0x40/0x58 [ 18.599233] __kasan_kmalloc+0xd4/0xd8 [ 18.599277] __kmalloc_noprof+0x198/0x4c8 [ 18.599319] kunit_kmalloc_array+0x34/0x88 [ 18.599523] copy_user_test_oob+0xac/0xec8 [ 18.599714] kunit_try_run_case+0x170/0x3f0 [ 18.599911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.600060] kthread+0x328/0x630 [ 18.600099] ret_from_fork+0x10/0x20 [ 18.600156] [ 18.600240] The buggy address belongs to the object at fff00000c771e200 [ 18.600240] which belongs to the cache kmalloc-128 of size 128 [ 18.600622] The buggy address is located 0 bytes inside of [ 18.600622] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.600710] [ 18.600826] The buggy address belongs to the physical page: [ 18.600906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.601056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.601106] page_type: f5(slab) [ 18.601180] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.601406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.601625] page dumped because: kasan: bad access detected [ 18.601874] [ 18.601922] Memory state around the buggy address: [ 18.602177] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.602252] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602316] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.602367] ^ [ 18.602447] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602492] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.602534] ================================================================== [ 18.636261] ================================================================== [ 18.636337] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.636390] Read of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.636844] [ 18.637073] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.637272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.637311] Hardware name: linux,dummy-virt (DT) [ 18.637545] Call trace: [ 18.637594] show_stack+0x20/0x38 (C) [ 18.637659] dump_stack_lvl+0x8c/0xd0 [ 18.637723] print_report+0x118/0x5d0 [ 18.637782] kasan_report+0xdc/0x128 [ 18.637841] kasan_check_range+0x100/0x1a8 [ 18.637902] __kasan_check_read+0x20/0x30 [ 18.637949] copy_user_test_oob+0x4a0/0xec8 [ 18.637999] kunit_try_run_case+0x170/0x3f0 [ 18.638056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638111] kthread+0x328/0x630 [ 18.638154] ret_from_fork+0x10/0x20 [ 18.638213] [ 18.638234] Allocated by task 285: [ 18.638272] kasan_save_stack+0x3c/0x68 [ 18.638316] kasan_save_track+0x20/0x40 [ 18.638369] kasan_save_alloc_info+0x40/0x58 [ 18.638411] __kasan_kmalloc+0xd4/0xd8 [ 18.638452] __kmalloc_noprof+0x198/0x4c8 [ 18.638490] kunit_kmalloc_array+0x34/0x88 [ 18.638530] copy_user_test_oob+0xac/0xec8 [ 18.638578] kunit_try_run_case+0x170/0x3f0 [ 18.638618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638665] kthread+0x328/0x630 [ 18.638699] ret_from_fork+0x10/0x20 [ 18.638747] [ 18.638777] The buggy address belongs to the object at fff00000c771e200 [ 18.638777] which belongs to the cache kmalloc-128 of size 128 [ 18.638836] The buggy address is located 0 bytes inside of [ 18.638836] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.638900] [ 18.638923] The buggy address belongs to the physical page: [ 18.638956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.639010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.639060] page_type: f5(slab) [ 18.639109] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.639163] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.639205] page dumped because: kasan: bad access detected [ 18.639239] [ 18.639260] Memory state around the buggy address: [ 18.639294] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.639349] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.639555] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.639751] ^ [ 18.640013] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.640318] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.640508] ================================================================== [ 18.581300] ================================================================== [ 18.582407] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.582494] Write of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.582909] [ 18.583273] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.583490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.583571] Hardware name: linux,dummy-virt (DT) [ 18.583983] Call trace: [ 18.584039] show_stack+0x20/0x38 (C) [ 18.584365] dump_stack_lvl+0x8c/0xd0 [ 18.584546] print_report+0x118/0x5d0 [ 18.584621] kasan_report+0xdc/0x128 [ 18.584991] kasan_check_range+0x100/0x1a8 [ 18.585070] __kasan_check_write+0x20/0x30 [ 18.585120] copy_user_test_oob+0x234/0xec8 [ 18.585170] kunit_try_run_case+0x170/0x3f0 [ 18.585253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.585362] kthread+0x328/0x630 [ 18.585422] ret_from_fork+0x10/0x20 [ 18.585870] [ 18.585920] Allocated by task 285: [ 18.585991] kasan_save_stack+0x3c/0x68 [ 18.586157] kasan_save_track+0x20/0x40 [ 18.586206] kasan_save_alloc_info+0x40/0x58 [ 18.586255] __kasan_kmalloc+0xd4/0xd8 [ 18.586319] __kmalloc_noprof+0x198/0x4c8 [ 18.586381] kunit_kmalloc_array+0x34/0x88 [ 18.586423] copy_user_test_oob+0xac/0xec8 [ 18.586462] kunit_try_run_case+0x170/0x3f0 [ 18.586503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.586559] kthread+0x328/0x630 [ 18.586596] ret_from_fork+0x10/0x20 [ 18.586636] [ 18.586667] The buggy address belongs to the object at fff00000c771e200 [ 18.586667] which belongs to the cache kmalloc-128 of size 128 [ 18.586731] The buggy address is located 0 bytes inside of [ 18.586731] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.586794] [ 18.586826] The buggy address belongs to the physical page: [ 18.586870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.586941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.587020] page_type: f5(slab) [ 18.587067] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.587121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.587171] page dumped because: kasan: bad access detected [ 18.587207] [ 18.587237] Memory state around the buggy address: [ 18.587285] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.587350] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587897] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.587967] ^ [ 18.588040] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.588119] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.588514] ================================================================== [ 18.627391] ================================================================== [ 18.627659] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.627865] Write of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.628051] [ 18.628137] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.628265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.628587] Hardware name: linux,dummy-virt (DT) [ 18.628631] Call trace: [ 18.628658] show_stack+0x20/0x38 (C) [ 18.628714] dump_stack_lvl+0x8c/0xd0 [ 18.628812] print_report+0x118/0x5d0 [ 18.628864] kasan_report+0xdc/0x128 [ 18.628911] kasan_check_range+0x100/0x1a8 [ 18.629412] __kasan_check_write+0x20/0x30 [ 18.629517] copy_user_test_oob+0x434/0xec8 [ 18.629592] kunit_try_run_case+0x170/0x3f0 [ 18.629868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.630103] kthread+0x328/0x630 [ 18.630188] ret_from_fork+0x10/0x20 [ 18.630287] [ 18.630411] Allocated by task 285: [ 18.630488] kasan_save_stack+0x3c/0x68 [ 18.630535] kasan_save_track+0x20/0x40 [ 18.630574] kasan_save_alloc_info+0x40/0x58 [ 18.630826] __kasan_kmalloc+0xd4/0xd8 [ 18.630994] __kmalloc_noprof+0x198/0x4c8 [ 18.631068] kunit_kmalloc_array+0x34/0x88 [ 18.631315] copy_user_test_oob+0xac/0xec8 [ 18.631492] kunit_try_run_case+0x170/0x3f0 [ 18.631575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.631706] kthread+0x328/0x630 [ 18.631784] ret_from_fork+0x10/0x20 [ 18.631873] [ 18.631925] The buggy address belongs to the object at fff00000c771e200 [ 18.631925] which belongs to the cache kmalloc-128 of size 128 [ 18.632350] The buggy address is located 0 bytes inside of [ 18.632350] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.632458] [ 18.632785] The buggy address belongs to the physical page: [ 18.632842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.633053] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.633162] page_type: f5(slab) [ 18.633231] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.633489] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.633674] page dumped because: kasan: bad access detected [ 18.633738] [ 18.633917] Memory state around the buggy address: [ 18.634142] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.634214] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.634556] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.634662] ^ [ 18.634814] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.634910] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.635138] ================================================================== [ 18.620248] ================================================================== [ 18.620504] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.620667] Read of size 121 at addr fff00000c771e200 by task kunit_try_catch/285 [ 18.620730] [ 18.620940] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.621145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.621365] Hardware name: linux,dummy-virt (DT) [ 18.621411] Call trace: [ 18.621436] show_stack+0x20/0x38 (C) [ 18.621702] dump_stack_lvl+0x8c/0xd0 [ 18.621856] print_report+0x118/0x5d0 [ 18.621949] kasan_report+0xdc/0x128 [ 18.622046] kasan_check_range+0x100/0x1a8 [ 18.622338] __kasan_check_read+0x20/0x30 [ 18.622602] copy_user_test_oob+0x3c8/0xec8 [ 18.622686] kunit_try_run_case+0x170/0x3f0 [ 18.622760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622989] kthread+0x328/0x630 [ 18.623143] ret_from_fork+0x10/0x20 [ 18.623217] [ 18.623241] Allocated by task 285: [ 18.623345] kasan_save_stack+0x3c/0x68 [ 18.623391] kasan_save_track+0x20/0x40 [ 18.623432] kasan_save_alloc_info+0x40/0x58 [ 18.623476] __kasan_kmalloc+0xd4/0xd8 [ 18.623513] __kmalloc_noprof+0x198/0x4c8 [ 18.623564] kunit_kmalloc_array+0x34/0x88 [ 18.623622] copy_user_test_oob+0xac/0xec8 [ 18.623670] kunit_try_run_case+0x170/0x3f0 [ 18.623716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623762] kthread+0x328/0x630 [ 18.623803] ret_from_fork+0x10/0x20 [ 18.623840] [ 18.623863] The buggy address belongs to the object at fff00000c771e200 [ 18.623863] which belongs to the cache kmalloc-128 of size 128 [ 18.623922] The buggy address is located 0 bytes inside of [ 18.623922] allocated 120-byte region [fff00000c771e200, fff00000c771e278) [ 18.623999] [ 18.624041] The buggy address belongs to the physical page: [ 18.624091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.624144] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.624204] page_type: f5(slab) [ 18.624242] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.624294] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.624370] page dumped because: kasan: bad access detected [ 18.624918] [ 18.625188] Memory state around the buggy address: [ 18.625263] fff00000c771e100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.625372] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625435] >fff00000c771e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.625500] ^ [ 18.625754] fff00000c771e280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626017] fff00000c771e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626066] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.529935] ================================================================== [ 18.529999] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.530062] Read of size 8 at addr fff00000c771e178 by task kunit_try_catch/281 [ 18.530116] [ 18.530289] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.530726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.530781] Hardware name: linux,dummy-virt (DT) [ 18.530969] Call trace: [ 18.531016] show_stack+0x20/0x38 (C) [ 18.531180] dump_stack_lvl+0x8c/0xd0 [ 18.531263] print_report+0x118/0x5d0 [ 18.531369] kasan_report+0xdc/0x128 [ 18.531425] __asan_report_load8_noabort+0x20/0x30 [ 18.531478] copy_to_kernel_nofault+0x204/0x250 [ 18.531806] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.531884] kunit_try_run_case+0x170/0x3f0 [ 18.532265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.532359] kthread+0x328/0x630 [ 18.532451] ret_from_fork+0x10/0x20 [ 18.532506] [ 18.532554] Allocated by task 281: [ 18.532592] kasan_save_stack+0x3c/0x68 [ 18.532683] kasan_save_track+0x20/0x40 [ 18.532723] kasan_save_alloc_info+0x40/0x58 [ 18.533040] __kasan_kmalloc+0xd4/0xd8 [ 18.533113] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.533180] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.533226] kunit_try_run_case+0x170/0x3f0 [ 18.533431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.533608] kthread+0x328/0x630 [ 18.533726] ret_from_fork+0x10/0x20 [ 18.533781] [ 18.533979] The buggy address belongs to the object at fff00000c771e100 [ 18.533979] which belongs to the cache kmalloc-128 of size 128 [ 18.534148] The buggy address is located 0 bytes to the right of [ 18.534148] allocated 120-byte region [fff00000c771e100, fff00000c771e178) [ 18.534526] [ 18.534566] The buggy address belongs to the physical page: [ 18.534619] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.534746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.534841] page_type: f5(slab) [ 18.534974] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.535080] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.535479] page dumped because: kasan: bad access detected [ 18.535614] [ 18.535693] Memory state around the buggy address: [ 18.535758] fff00000c771e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.536156] fff00000c771e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536215] >fff00000c771e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.536314] ^ [ 18.536495] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536601] fff00000c771e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.536813] ================================================================== [ 18.538532] ================================================================== [ 18.538586] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.538640] Write of size 8 at addr fff00000c771e178 by task kunit_try_catch/281 [ 18.538918] [ 18.539057] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.539147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.539306] Hardware name: linux,dummy-virt (DT) [ 18.539382] Call trace: [ 18.539407] show_stack+0x20/0x38 (C) [ 18.539504] dump_stack_lvl+0x8c/0xd0 [ 18.539553] print_report+0x118/0x5d0 [ 18.539602] kasan_report+0xdc/0x128 [ 18.539650] kasan_check_range+0x100/0x1a8 [ 18.539701] __kasan_check_write+0x20/0x30 [ 18.539757] copy_to_kernel_nofault+0x8c/0x250 [ 18.539809] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.539859] kunit_try_run_case+0x170/0x3f0 [ 18.539908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539964] kthread+0x328/0x630 [ 18.540009] ret_from_fork+0x10/0x20 [ 18.540057] [ 18.540077] Allocated by task 281: [ 18.540119] kasan_save_stack+0x3c/0x68 [ 18.540167] kasan_save_track+0x20/0x40 [ 18.540217] kasan_save_alloc_info+0x40/0x58 [ 18.540261] __kasan_kmalloc+0xd4/0xd8 [ 18.540314] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.540537] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.540582] kunit_try_run_case+0x170/0x3f0 [ 18.540826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540894] kthread+0x328/0x630 [ 18.541353] ret_from_fork+0x10/0x20 [ 18.541442] [ 18.541719] The buggy address belongs to the object at fff00000c771e100 [ 18.541719] which belongs to the cache kmalloc-128 of size 128 [ 18.541889] The buggy address is located 0 bytes to the right of [ 18.541889] allocated 120-byte region [fff00000c771e100, fff00000c771e178) [ 18.542054] [ 18.542144] The buggy address belongs to the physical page: [ 18.542321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10771e [ 18.542394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.542444] page_type: f5(slab) [ 18.542526] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.542775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.542854] page dumped because: kasan: bad access detected [ 18.543089] [ 18.543139] Memory state around the buggy address: [ 18.543308] fff00000c771e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.543475] fff00000c771e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543557] >fff00000c771e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.543681] ^ [ 18.543755] fff00000c771e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543803] fff00000c771e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.473612] ================================================================== [ 18.473940] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.474020] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 18.474074] [ 18.474113] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.474678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.475043] Hardware name: linux,dummy-virt (DT) [ 18.475093] Call trace: [ 18.475150] show_stack+0x20/0x38 (C) [ 18.475241] dump_stack_lvl+0x8c/0xd0 [ 18.475366] print_report+0x310/0x5d0 [ 18.475469] kasan_report+0xdc/0x128 [ 18.475547] __asan_report_load1_noabort+0x20/0x30 [ 18.475659] vmalloc_oob+0x578/0x5d0 [ 18.475850] kunit_try_run_case+0x170/0x3f0 [ 18.476200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.476275] kthread+0x328/0x630 [ 18.476570] ret_from_fork+0x10/0x20 [ 18.476735] [ 18.476803] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.477227] The buggy address belongs to the physical page: [ 18.477348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c5a8b000 pfn:0x105a8b [ 18.477428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.477845] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.477953] raw: fff00000c5a8b000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.478017] page dumped because: kasan: bad access detected [ 18.478310] [ 18.478445] Memory state around the buggy address: [ 18.478515] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.478566] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.478928] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.479157] ^ [ 18.479292] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.479400] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.479487] ================================================================== [ 18.481118] ================================================================== [ 18.481172] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.481396] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 18.481556] [ 18.481681] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.481788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.481816] Hardware name: linux,dummy-virt (DT) [ 18.481848] Call trace: [ 18.481872] show_stack+0x20/0x38 (C) [ 18.482092] dump_stack_lvl+0x8c/0xd0 [ 18.482642] print_report+0x310/0x5d0 [ 18.482724] kasan_report+0xdc/0x128 [ 18.482869] __asan_report_load1_noabort+0x20/0x30 [ 18.482973] vmalloc_oob+0x51c/0x5d0 [ 18.483397] kunit_try_run_case+0x170/0x3f0 [ 18.483499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.483580] kthread+0x328/0x630 [ 18.483714] ret_from_fork+0x10/0x20 [ 18.483869] [ 18.483923] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.483970] The buggy address belongs to the physical page: [ 18.484156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c5a8b000 pfn:0x105a8b [ 18.484249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.484640] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.484765] raw: fff00000c5a8b000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.484811] page dumped because: kasan: bad access detected [ 18.484846] [ 18.484867] Memory state around the buggy address: [ 18.484903] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.484956] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.485038] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.485090] ^ [ 18.485142] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.485189] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.485237] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.177452] ================================================================== [ 18.177663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.178024] Write of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.178179] [ 18.178233] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.178325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.178550] Hardware name: linux,dummy-virt (DT) [ 18.178840] Call trace: [ 18.179130] show_stack+0x20/0x38 (C) [ 18.179237] dump_stack_lvl+0x8c/0xd0 [ 18.179612] print_report+0x118/0x5d0 [ 18.179697] kasan_report+0xdc/0x128 [ 18.179747] kasan_check_range+0x100/0x1a8 [ 18.180099] __kasan_check_write+0x20/0x30 [ 18.180461] kasan_atomics_helper+0xd3c/0x4858 [ 18.180569] kasan_atomics+0x198/0x2e0 [ 18.180620] kunit_try_run_case+0x170/0x3f0 [ 18.180961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.181311] kthread+0x328/0x630 [ 18.181490] ret_from_fork+0x10/0x20 [ 18.181713] [ 18.181751] Allocated by task 265: [ 18.182119] kasan_save_stack+0x3c/0x68 [ 18.182388] kasan_save_track+0x20/0x40 [ 18.182493] kasan_save_alloc_info+0x40/0x58 [ 18.182542] __kasan_kmalloc+0xd4/0xd8 [ 18.182958] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.183161] kasan_atomics+0xb8/0x2e0 [ 18.183383] kunit_try_run_case+0x170/0x3f0 [ 18.183432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.183481] kthread+0x328/0x630 [ 18.183882] ret_from_fork+0x10/0x20 [ 18.184307] [ 18.184354] The buggy address belongs to the object at fff00000c784ef80 [ 18.184354] which belongs to the cache kmalloc-64 of size 64 [ 18.184857] The buggy address is located 0 bytes to the right of [ 18.184857] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.185132] [ 18.185240] The buggy address belongs to the physical page: [ 18.185278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.185344] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.185450] page_type: f5(slab) [ 18.185537] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.186075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.186161] page dumped because: kasan: bad access detected [ 18.186312] [ 18.186391] Memory state around the buggy address: [ 18.186590] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.186736] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.186884] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.186980] ^ [ 18.187140] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.187190] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.187232] ================================================================== [ 18.239580] ================================================================== [ 18.239646] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.239700] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.239753] [ 18.239793] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.240092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.240135] Hardware name: linux,dummy-virt (DT) [ 18.240250] Call trace: [ 18.240290] show_stack+0x20/0x38 (C) [ 18.240354] dump_stack_lvl+0x8c/0xd0 [ 18.240412] print_report+0x118/0x5d0 [ 18.240470] kasan_report+0xdc/0x128 [ 18.240819] kasan_check_range+0x100/0x1a8 [ 18.241012] __kasan_check_write+0x20/0x30 [ 18.241259] kasan_atomics_helper+0xf20/0x4858 [ 18.241519] kasan_atomics+0x198/0x2e0 [ 18.241669] kunit_try_run_case+0x170/0x3f0 [ 18.241853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.241910] kthread+0x328/0x630 [ 18.241956] ret_from_fork+0x10/0x20 [ 18.242005] [ 18.242025] Allocated by task 265: [ 18.242295] kasan_save_stack+0x3c/0x68 [ 18.242665] kasan_save_track+0x20/0x40 [ 18.242807] kasan_save_alloc_info+0x40/0x58 [ 18.243135] __kasan_kmalloc+0xd4/0xd8 [ 18.243402] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.243619] kasan_atomics+0xb8/0x2e0 [ 18.243837] kunit_try_run_case+0x170/0x3f0 [ 18.243921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.244237] kthread+0x328/0x630 [ 18.244292] ret_from_fork+0x10/0x20 [ 18.244364] [ 18.244387] The buggy address belongs to the object at fff00000c784ef80 [ 18.244387] which belongs to the cache kmalloc-64 of size 64 [ 18.244468] The buggy address is located 0 bytes to the right of [ 18.244468] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.245081] [ 18.245131] The buggy address belongs to the physical page: [ 18.245295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.245421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.245556] page_type: f5(slab) [ 18.245597] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.245658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.245879] page dumped because: kasan: bad access detected [ 18.246023] [ 18.246283] Memory state around the buggy address: [ 18.246584] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.246655] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.246742] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.246988] ^ [ 18.247308] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.247485] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.247751] ================================================================== [ 18.301060] ================================================================== [ 18.301110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.301171] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.301224] [ 18.301255] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.301861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.302429] Hardware name: linux,dummy-virt (DT) [ 18.302494] Call trace: [ 18.302538] show_stack+0x20/0x38 (C) [ 18.302647] dump_stack_lvl+0x8c/0xd0 [ 18.302746] print_report+0x118/0x5d0 [ 18.302824] kasan_report+0xdc/0x128 [ 18.302966] kasan_check_range+0x100/0x1a8 [ 18.303193] __kasan_check_write+0x20/0x30 [ 18.303557] kasan_atomics_helper+0x11f8/0x4858 [ 18.303703] kasan_atomics+0x198/0x2e0 [ 18.303793] kunit_try_run_case+0x170/0x3f0 [ 18.303876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304361] kthread+0x328/0x630 [ 18.304449] ret_from_fork+0x10/0x20 [ 18.304554] [ 18.304888] Allocated by task 265: [ 18.305166] kasan_save_stack+0x3c/0x68 [ 18.305284] kasan_save_track+0x20/0x40 [ 18.305441] kasan_save_alloc_info+0x40/0x58 [ 18.305485] __kasan_kmalloc+0xd4/0xd8 [ 18.305536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.305726] kasan_atomics+0xb8/0x2e0 [ 18.305847] kunit_try_run_case+0x170/0x3f0 [ 18.306002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.306222] kthread+0x328/0x630 [ 18.306662] ret_from_fork+0x10/0x20 [ 18.306747] [ 18.306789] The buggy address belongs to the object at fff00000c784ef80 [ 18.306789] which belongs to the cache kmalloc-64 of size 64 [ 18.307077] The buggy address is located 0 bytes to the right of [ 18.307077] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.307188] [ 18.307304] The buggy address belongs to the physical page: [ 18.307351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.307648] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.307811] page_type: f5(slab) [ 18.307868] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.307944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.308144] page dumped because: kasan: bad access detected [ 18.308187] [ 18.308518] Memory state around the buggy address: [ 18.308752] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309094] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309161] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.309677] ^ [ 18.309888] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.310096] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.310155] ================================================================== [ 18.374522] ================================================================== [ 18.374584] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.374927] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.375117] [ 18.375163] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.375520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.375581] Hardware name: linux,dummy-virt (DT) [ 18.375653] Call trace: [ 18.375680] show_stack+0x20/0x38 (C) [ 18.375764] dump_stack_lvl+0x8c/0xd0 [ 18.375877] print_report+0x118/0x5d0 [ 18.375929] kasan_report+0xdc/0x128 [ 18.376126] kasan_check_range+0x100/0x1a8 [ 18.376223] __kasan_check_write+0x20/0x30 [ 18.376391] kasan_atomics_helper+0x154c/0x4858 [ 18.376457] kasan_atomics+0x198/0x2e0 [ 18.376503] kunit_try_run_case+0x170/0x3f0 [ 18.376719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.376889] kthread+0x328/0x630 [ 18.377004] ret_from_fork+0x10/0x20 [ 18.377067] [ 18.377090] Allocated by task 265: [ 18.377120] kasan_save_stack+0x3c/0x68 [ 18.377164] kasan_save_track+0x20/0x40 [ 18.377211] kasan_save_alloc_info+0x40/0x58 [ 18.377254] __kasan_kmalloc+0xd4/0xd8 [ 18.377292] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.377785] kasan_atomics+0xb8/0x2e0 [ 18.377876] kunit_try_run_case+0x170/0x3f0 [ 18.377987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.378084] kthread+0x328/0x630 [ 18.378215] ret_from_fork+0x10/0x20 [ 18.378294] [ 18.378350] The buggy address belongs to the object at fff00000c784ef80 [ 18.378350] which belongs to the cache kmalloc-64 of size 64 [ 18.378563] The buggy address is located 0 bytes to the right of [ 18.378563] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.378665] [ 18.378720] The buggy address belongs to the physical page: [ 18.378772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.379183] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.379273] page_type: f5(slab) [ 18.379513] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.379982] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.380084] page dumped because: kasan: bad access detected [ 18.380219] [ 18.380247] Memory state around the buggy address: [ 18.380285] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.380513] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.380880] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.380974] ^ [ 18.381099] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.381181] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.381223] ================================================================== [ 18.188221] ================================================================== [ 18.188275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.188342] Read of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.188408] [ 18.188449] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.188532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.188569] Hardware name: linux,dummy-virt (DT) [ 18.188602] Call trace: [ 18.188626] show_stack+0x20/0x38 (C) [ 18.188676] dump_stack_lvl+0x8c/0xd0 [ 18.188723] print_report+0x118/0x5d0 [ 18.188773] kasan_report+0xdc/0x128 [ 18.188820] __asan_report_load4_noabort+0x20/0x30 [ 18.188875] kasan_atomics_helper+0x3e04/0x4858 [ 18.188932] kasan_atomics+0x198/0x2e0 [ 18.188982] kunit_try_run_case+0x170/0x3f0 [ 18.189042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.189109] kthread+0x328/0x630 [ 18.189155] ret_from_fork+0x10/0x20 [ 18.189205] [ 18.189227] Allocated by task 265: [ 18.189257] kasan_save_stack+0x3c/0x68 [ 18.189300] kasan_save_track+0x20/0x40 [ 18.189493] kasan_save_alloc_info+0x40/0x58 [ 18.190015] __kasan_kmalloc+0xd4/0xd8 [ 18.190351] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.190421] kasan_atomics+0xb8/0x2e0 [ 18.190483] kunit_try_run_case+0x170/0x3f0 [ 18.190549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.191008] kthread+0x328/0x630 [ 18.191276] ret_from_fork+0x10/0x20 [ 18.191342] [ 18.191586] The buggy address belongs to the object at fff00000c784ef80 [ 18.191586] which belongs to the cache kmalloc-64 of size 64 [ 18.191895] The buggy address is located 0 bytes to the right of [ 18.191895] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.192113] [ 18.192139] The buggy address belongs to the physical page: [ 18.192194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.192421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.192718] page_type: f5(slab) [ 18.192854] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.193028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.193074] page dumped because: kasan: bad access detected [ 18.193237] [ 18.193412] Memory state around the buggy address: [ 18.193809] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.194026] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.194097] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.194417] ^ [ 18.194525] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.194684] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.194929] ================================================================== [ 18.063280] ================================================================== [ 18.063347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 18.063702] Read of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.063775] [ 18.063935] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.064244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.064408] Hardware name: linux,dummy-virt (DT) [ 18.064600] Call trace: [ 18.064675] show_stack+0x20/0x38 (C) [ 18.064771] dump_stack_lvl+0x8c/0xd0 [ 18.065224] __asan_report_load4_noabort+0x20/0x30 [ 18.066272] __kasan_kmalloc+0xd4/0xd8 [ 18.066311] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.066382] kasan_atomics+0xb8/0x2e0 [ 18.066708] The buggy address is located 0 bytes to the right of [ 18.066708] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.067130] page dumped because: kasan: bad access detected [ 18.067483] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.069933] Hardware name: linux,dummy-virt (DT) [ 18.070038] Call trace: [ 18.070074] show_stack+0x20/0x38 (C) [ 18.070483] dump_stack_lvl+0x8c/0xd0 [ 18.070584] print_report+0x118/0x5d0 [ 18.070924] kasan_report+0xdc/0x128 [ 18.071103] kasan_check_range+0x100/0x1a8 [ 18.071255] __kasan_check_write+0x20/0x30 [ 18.071591] kasan_atomics_helper+0x934/0x4858 [ 18.071821] kasan_atomics+0x198/0x2e0 [ 18.071926] kunit_try_run_case+0x170/0x3f0 [ 18.072488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.072590] kthread+0x328/0x630 [ 18.072821] ret_from_fork+0x10/0x20 [ 18.073051] [ 18.073078] Allocated by task 265: [ 18.073343] kasan_save_stack+0x3c/0x68 [ 18.073601] kasan_save_track+0x20/0x40 [ 18.073663] kasan_save_alloc_info+0x40/0x58 [ 18.073907] __kasan_kmalloc+0xd4/0xd8 [ 18.074310] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.074555] kasan_atomics+0xb8/0x2e0 [ 18.074646] kunit_try_run_case+0x170/0x3f0 [ 18.074878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.075120] kthread+0x328/0x630 [ 18.075181] ret_from_fork+0x10/0x20 [ 18.075400] [ 18.075771] The buggy address belongs to the object at fff00000c784ef80 [ 18.075771] which belongs to the cache kmalloc-64 of size 64 [ 18.075947] The buggy address is located 0 bytes to the right of [ 18.075947] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.076061] [ 18.076227] The buggy address belongs to the physical page: [ 18.076490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.076731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.076869] page_type: f5(slab) [ 18.076959] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.077014] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.077360] page dumped because: kasan: bad access detected [ 18.077585] [ 18.077628] Memory state around the buggy address: [ 18.077816] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.077998] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.078052] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.078094] ^ [ 18.078131] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.078360] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.078719] ================================================================== [ 18.399405] ================================================================== [ 18.399459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.399615] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.399687] [ 18.399719] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.399803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.399841] Hardware name: linux,dummy-virt (DT) [ 18.399882] Call trace: [ 18.399909] show_stack+0x20/0x38 (C) [ 18.399969] dump_stack_lvl+0x8c/0xd0 [ 18.400023] print_report+0x118/0x5d0 [ 18.400072] kasan_report+0xdc/0x128 [ 18.400129] kasan_check_range+0x100/0x1a8 [ 18.400182] __kasan_check_write+0x20/0x30 [ 18.400228] kasan_atomics_helper+0x1644/0x4858 [ 18.400287] kasan_atomics+0x198/0x2e0 [ 18.400348] kunit_try_run_case+0x170/0x3f0 [ 18.400397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.400467] kthread+0x328/0x630 [ 18.400510] ret_from_fork+0x10/0x20 [ 18.400560] [ 18.400580] Allocated by task 265: [ 18.400617] kasan_save_stack+0x3c/0x68 [ 18.400660] kasan_save_track+0x20/0x40 [ 18.400702] kasan_save_alloc_info+0x40/0x58 [ 18.400744] __kasan_kmalloc+0xd4/0xd8 [ 18.400784] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.400830] kasan_atomics+0xb8/0x2e0 [ 18.400870] kunit_try_run_case+0x170/0x3f0 [ 18.400910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.400959] kthread+0x328/0x630 [ 18.400995] ret_from_fork+0x10/0x20 [ 18.401034] [ 18.401055] The buggy address belongs to the object at fff00000c784ef80 [ 18.401055] which belongs to the cache kmalloc-64 of size 64 [ 18.401116] The buggy address is located 0 bytes to the right of [ 18.401116] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.401191] [ 18.401223] The buggy address belongs to the physical page: [ 18.401256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.401730] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.402156] page_type: f5(slab) [ 18.402610] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.402812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.403095] page dumped because: kasan: bad access detected [ 18.403325] [ 18.403386] Memory state around the buggy address: [ 18.403708] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.403849] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.404149] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.404358] ^ [ 18.404630] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.404815] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.404910] ================================================================== [ 18.311524] ================================================================== [ 18.311608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.311662] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.311917] [ 18.312075] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.312194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.312443] Hardware name: linux,dummy-virt (DT) [ 18.312705] Call trace: [ 18.312742] show_stack+0x20/0x38 (C) [ 18.312962] dump_stack_lvl+0x8c/0xd0 [ 18.313060] print_report+0x118/0x5d0 [ 18.313137] kasan_report+0xdc/0x128 [ 18.313203] kasan_check_range+0x100/0x1a8 [ 18.313256] __kasan_check_write+0x20/0x30 [ 18.313647] kasan_atomics_helper+0x126c/0x4858 [ 18.313741] kasan_atomics+0x198/0x2e0 [ 18.313918] kunit_try_run_case+0x170/0x3f0 [ 18.314116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.314388] kthread+0x328/0x630 [ 18.314736] ret_from_fork+0x10/0x20 [ 18.315006] [ 18.315068] Allocated by task 265: [ 18.315287] kasan_save_stack+0x3c/0x68 [ 18.315376] kasan_save_track+0x20/0x40 [ 18.315480] kasan_save_alloc_info+0x40/0x58 [ 18.315589] __kasan_kmalloc+0xd4/0xd8 [ 18.315667] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.315710] kasan_atomics+0xb8/0x2e0 [ 18.315931] kunit_try_run_case+0x170/0x3f0 [ 18.316093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.316189] kthread+0x328/0x630 [ 18.316632] ret_from_fork+0x10/0x20 [ 18.317061] [ 18.317113] The buggy address belongs to the object at fff00000c784ef80 [ 18.317113] which belongs to the cache kmalloc-64 of size 64 [ 18.317275] The buggy address is located 0 bytes to the right of [ 18.317275] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.317356] [ 18.317942] The buggy address belongs to the physical page: [ 18.318300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.318379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.318431] page_type: f5(slab) [ 18.318473] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.319130] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.319385] page dumped because: kasan: bad access detected [ 18.319450] [ 18.319509] Memory state around the buggy address: [ 18.319830] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.320090] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.320388] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.320665] ^ [ 18.320738] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.320962] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.321006] ================================================================== [ 18.196151] ================================================================== [ 18.196228] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.196281] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.196644] [ 18.196944] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.197040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.197223] Hardware name: linux,dummy-virt (DT) [ 18.197312] Call trace: [ 18.197435] show_stack+0x20/0x38 (C) [ 18.197649] dump_stack_lvl+0x8c/0xd0 [ 18.197712] print_report+0x118/0x5d0 [ 18.198008] kasan_report+0xdc/0x128 [ 18.198322] kasan_check_range+0x100/0x1a8 [ 18.198495] __kasan_check_read+0x20/0x30 [ 18.198637] kasan_atomics_helper+0xdd4/0x4858 [ 18.198783] kasan_atomics+0x198/0x2e0 [ 18.198880] kunit_try_run_case+0x170/0x3f0 [ 18.198957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.199181] kthread+0x328/0x630 [ 18.199567] ret_from_fork+0x10/0x20 [ 18.199857] [ 18.199945] Allocated by task 265: [ 18.200274] kasan_save_stack+0x3c/0x68 [ 18.200352] kasan_save_track+0x20/0x40 [ 18.200578] kasan_save_alloc_info+0x40/0x58 [ 18.200661] __kasan_kmalloc+0xd4/0xd8 [ 18.200789] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.201144] kasan_atomics+0xb8/0x2e0 [ 18.201397] kunit_try_run_case+0x170/0x3f0 [ 18.201608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.201701] kthread+0x328/0x630 [ 18.201862] ret_from_fork+0x10/0x20 [ 18.201916] [ 18.201942] The buggy address belongs to the object at fff00000c784ef80 [ 18.201942] which belongs to the cache kmalloc-64 of size 64 [ 18.202005] The buggy address is located 0 bytes to the right of [ 18.202005] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.202217] [ 18.202653] The buggy address belongs to the physical page: [ 18.202706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.202841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.202896] page_type: f5(slab) [ 18.203219] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.203623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.203675] page dumped because: kasan: bad access detected [ 18.203758] [ 18.203780] Memory state around the buggy address: [ 18.203832] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203880] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203926] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.203967] ^ [ 18.204003] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.204048] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.204089] ================================================================== [ 18.204861] ================================================================== [ 18.204980] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.205248] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.205325] [ 18.205393] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.205893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.206052] Hardware name: linux,dummy-virt (DT) [ 18.206134] Call trace: [ 18.206345] show_stack+0x20/0x38 (C) [ 18.206480] dump_stack_lvl+0x8c/0xd0 [ 18.206715] print_report+0x118/0x5d0 [ 18.206856] kasan_report+0xdc/0x128 [ 18.207131] __asan_report_load8_noabort+0x20/0x30 [ 18.207224] kasan_atomics_helper+0x3f58/0x4858 [ 18.207372] kasan_atomics+0x198/0x2e0 [ 18.207429] kunit_try_run_case+0x170/0x3f0 [ 18.207672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.207880] kthread+0x328/0x630 [ 18.208216] ret_from_fork+0x10/0x20 [ 18.209002] [ 18.209053] Allocated by task 265: [ 18.209124] kasan_save_stack+0x3c/0x68 [ 18.209207] kasan_save_track+0x20/0x40 [ 18.209270] kasan_save_alloc_info+0x40/0x58 [ 18.209324] __kasan_kmalloc+0xd4/0xd8 [ 18.209405] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.209673] kasan_atomics+0xb8/0x2e0 [ 18.209725] kunit_try_run_case+0x170/0x3f0 [ 18.209987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.210078] kthread+0x328/0x630 [ 18.210258] ret_from_fork+0x10/0x20 [ 18.210609] [ 18.210959] The buggy address belongs to the object at fff00000c784ef80 [ 18.210959] which belongs to the cache kmalloc-64 of size 64 [ 18.211053] The buggy address is located 0 bytes to the right of [ 18.211053] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.211389] [ 18.211484] The buggy address belongs to the physical page: [ 18.211521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.211729] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.212154] page_type: f5(slab) [ 18.212373] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.212436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.212848] page dumped because: kasan: bad access detected [ 18.213120] [ 18.213253] Memory state around the buggy address: [ 18.213396] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.213472] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.213689] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.213884] ^ [ 18.214027] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.214164] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.214260] ================================================================== [ 18.165140] ================================================================== [ 18.165197] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.165247] Read of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.165298] [ 18.166490] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.166629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.166693] Hardware name: linux,dummy-virt (DT) [ 18.166745] Call trace: [ 18.166800] show_stack+0x20/0x38 (C) [ 18.166870] dump_stack_lvl+0x8c/0xd0 [ 18.166944] print_report+0x118/0x5d0 [ 18.167377] kasan_report+0xdc/0x128 [ 18.167514] __asan_report_load4_noabort+0x20/0x30 [ 18.167747] kasan_atomics_helper+0x3dd8/0x4858 [ 18.168620] kasan_atomics+0x198/0x2e0 [ 18.168773] kunit_try_run_case+0x170/0x3f0 [ 18.168993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.169093] kthread+0x328/0x630 [ 18.169723] ret_from_fork+0x10/0x20 [ 18.169788] [ 18.169834] Allocated by task 265: [ 18.169893] kasan_save_stack+0x3c/0x68 [ 18.170104] kasan_save_track+0x20/0x40 [ 18.170493] kasan_save_alloc_info+0x40/0x58 [ 18.170567] __kasan_kmalloc+0xd4/0xd8 [ 18.170715] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.170796] kasan_atomics+0xb8/0x2e0 [ 18.170843] kunit_try_run_case+0x170/0x3f0 [ 18.171051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.171356] kthread+0x328/0x630 [ 18.171403] ret_from_fork+0x10/0x20 [ 18.171738] [ 18.171802] The buggy address belongs to the object at fff00000c784ef80 [ 18.171802] which belongs to the cache kmalloc-64 of size 64 [ 18.172097] The buggy address is located 0 bytes to the right of [ 18.172097] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.172648] [ 18.172698] The buggy address belongs to the physical page: [ 18.172770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.173073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.173407] page_type: f5(slab) [ 18.173872] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.173944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.174105] page dumped because: kasan: bad access detected [ 18.174293] [ 18.174396] Memory state around the buggy address: [ 18.174468] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.174900] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.175015] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.175277] ^ [ 18.175550] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.175685] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.175785] ================================================================== [ 18.450890] ================================================================== [ 18.450974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.451167] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.451269] [ 18.451414] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.451616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.451650] Hardware name: linux,dummy-virt (DT) [ 18.451690] Call trace: [ 18.451714] show_stack+0x20/0x38 (C) [ 18.451776] dump_stack_lvl+0x8c/0xd0 [ 18.451823] print_report+0x118/0x5d0 [ 18.451873] kasan_report+0xdc/0x128 [ 18.452169] kasan_check_range+0x100/0x1a8 [ 18.452245] __kasan_check_write+0x20/0x30 [ 18.452319] kasan_atomics_helper+0x17ec/0x4858 [ 18.452385] kasan_atomics+0x198/0x2e0 [ 18.452433] kunit_try_run_case+0x170/0x3f0 [ 18.452480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.452551] kthread+0x328/0x630 [ 18.452599] ret_from_fork+0x10/0x20 [ 18.452649] [ 18.452680] Allocated by task 265: [ 18.452716] kasan_save_stack+0x3c/0x68 [ 18.452760] kasan_save_track+0x20/0x40 [ 18.452799] kasan_save_alloc_info+0x40/0x58 [ 18.452841] __kasan_kmalloc+0xd4/0xd8 [ 18.452879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.452938] kasan_atomics+0xb8/0x2e0 [ 18.452982] kunit_try_run_case+0x170/0x3f0 [ 18.453023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.453069] kthread+0x328/0x630 [ 18.453104] ret_from_fork+0x10/0x20 [ 18.453149] [ 18.453179] The buggy address belongs to the object at fff00000c784ef80 [ 18.453179] which belongs to the cache kmalloc-64 of size 64 [ 18.453240] The buggy address is located 0 bytes to the right of [ 18.453240] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.453796] [ 18.453836] The buggy address belongs to the physical page: [ 18.453888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.453944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.454216] page_type: f5(slab) [ 18.454650] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.454993] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.455063] page dumped because: kasan: bad access detected [ 18.455129] [ 18.455195] Memory state around the buggy address: [ 18.455498] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.455894] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.456220] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.456431] ^ [ 18.456526] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.456611] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.456827] ================================================================== [ 18.322428] ================================================================== [ 18.322482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.322535] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.323190] [ 18.323284] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.323641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.323690] Hardware name: linux,dummy-virt (DT) [ 18.323907] Call trace: [ 18.324089] show_stack+0x20/0x38 (C) [ 18.324181] dump_stack_lvl+0x8c/0xd0 [ 18.324235] print_report+0x118/0x5d0 [ 18.324589] kasan_report+0xdc/0x128 [ 18.324662] kasan_check_range+0x100/0x1a8 [ 18.324722] __kasan_check_write+0x20/0x30 [ 18.324961] kasan_atomics_helper+0x12d8/0x4858 [ 18.325033] kasan_atomics+0x198/0x2e0 [ 18.325294] kunit_try_run_case+0x170/0x3f0 [ 18.325573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.325646] kthread+0x328/0x630 [ 18.325697] ret_from_fork+0x10/0x20 [ 18.325748] [ 18.325963] Allocated by task 265: [ 18.326485] kasan_save_stack+0x3c/0x68 [ 18.326684] kasan_save_track+0x20/0x40 [ 18.326805] kasan_save_alloc_info+0x40/0x58 [ 18.326882] __kasan_kmalloc+0xd4/0xd8 [ 18.327009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.327050] kasan_atomics+0xb8/0x2e0 [ 18.327247] kunit_try_run_case+0x170/0x3f0 [ 18.327447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.327648] kthread+0x328/0x630 [ 18.327699] ret_from_fork+0x10/0x20 [ 18.327740] [ 18.327782] The buggy address belongs to the object at fff00000c784ef80 [ 18.327782] which belongs to the cache kmalloc-64 of size 64 [ 18.327856] The buggy address is located 0 bytes to the right of [ 18.327856] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.327938] [ 18.327982] The buggy address belongs to the physical page: [ 18.328016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.328071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.328122] page_type: f5(slab) [ 18.328168] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.328231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.328284] page dumped because: kasan: bad access detected [ 18.328342] [ 18.328404] Memory state around the buggy address: [ 18.328588] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.328639] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.329015] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.329763] ^ [ 18.329828] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.329877] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.329941] ================================================================== [ 18.260150] ================================================================== [ 18.260297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.260366] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.260494] [ 18.260530] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.260702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.260736] Hardware name: linux,dummy-virt (DT) [ 18.260768] Call trace: [ 18.260794] show_stack+0x20/0x38 (C) [ 18.261013] dump_stack_lvl+0x8c/0xd0 [ 18.261113] print_report+0x118/0x5d0 [ 18.261413] kasan_report+0xdc/0x128 [ 18.261663] kasan_check_range+0x100/0x1a8 [ 18.261785] __kasan_check_write+0x20/0x30 [ 18.261884] kasan_atomics_helper+0xff0/0x4858 [ 18.261964] kasan_atomics+0x198/0x2e0 [ 18.262013] kunit_try_run_case+0x170/0x3f0 [ 18.262062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.262116] kthread+0x328/0x630 [ 18.262483] ret_from_fork+0x10/0x20 [ 18.262621] [ 18.262776] Allocated by task 265: [ 18.262971] kasan_save_stack+0x3c/0x68 [ 18.263137] kasan_save_track+0x20/0x40 [ 18.263260] kasan_save_alloc_info+0x40/0x58 [ 18.263395] __kasan_kmalloc+0xd4/0xd8 [ 18.263498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.263544] kasan_atomics+0xb8/0x2e0 [ 18.263589] kunit_try_run_case+0x170/0x3f0 [ 18.263630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.263715] kthread+0x328/0x630 [ 18.263750] ret_from_fork+0x10/0x20 [ 18.263798] [ 18.263822] The buggy address belongs to the object at fff00000c784ef80 [ 18.263822] which belongs to the cache kmalloc-64 of size 64 [ 18.263892] The buggy address is located 0 bytes to the right of [ 18.263892] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.263966] [ 18.263993] The buggy address belongs to the physical page: [ 18.264026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.264093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.264143] page_type: f5(slab) [ 18.264184] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.264237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.264280] page dumped because: kasan: bad access detected [ 18.264323] [ 18.264713] Memory state around the buggy address: [ 18.264897] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.265252] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.265369] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.265677] ^ [ 18.265728] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.266030] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.266292] ================================================================== [ 18.234494] ================================================================== [ 18.234775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.235044] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.235250] [ 18.235305] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.235404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.235609] Hardware name: linux,dummy-virt (DT) [ 18.235672] Call trace: [ 18.235961] show_stack+0x20/0x38 (C) [ 18.236066] dump_stack_lvl+0x8c/0xd0 [ 18.236288] print_report+0x118/0x5d0 [ 18.236440] kasan_report+0xdc/0x128 [ 18.236492] kasan_check_range+0x100/0x1a8 [ 18.236543] __kasan_check_write+0x20/0x30 [ 18.236651] kasan_atomics_helper+0xeb8/0x4858 [ 18.236705] kasan_atomics+0x198/0x2e0 [ 18.236755] kunit_try_run_case+0x170/0x3f0 [ 18.236814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.236870] kthread+0x328/0x630 [ 18.236914] ret_from_fork+0x10/0x20 [ 18.236971] [ 18.236993] Allocated by task 265: [ 18.237023] kasan_save_stack+0x3c/0x68 [ 18.237072] kasan_save_track+0x20/0x40 [ 18.237113] kasan_save_alloc_info+0x40/0x58 [ 18.237155] __kasan_kmalloc+0xd4/0xd8 [ 18.237196] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.237238] kasan_atomics+0xb8/0x2e0 [ 18.237277] kunit_try_run_case+0x170/0x3f0 [ 18.237318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.237374] kthread+0x328/0x630 [ 18.237418] ret_from_fork+0x10/0x20 [ 18.237457] [ 18.237480] The buggy address belongs to the object at fff00000c784ef80 [ 18.237480] which belongs to the cache kmalloc-64 of size 64 [ 18.237541] The buggy address is located 0 bytes to the right of [ 18.237541] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.237612] [ 18.237645] The buggy address belongs to the physical page: [ 18.237679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.237741] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.237792] page_type: f5(slab) [ 18.237832] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.237883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.237926] page dumped because: kasan: bad access detected [ 18.237962] [ 18.237982] Memory state around the buggy address: [ 18.238014] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238059] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.238101] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.238151] ^ [ 18.238195] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.238239] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.238279] ================================================================== [ 18.416263] ================================================================== [ 18.416324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.416396] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.416667] [ 18.416747] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.416838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.417083] Hardware name: linux,dummy-virt (DT) [ 18.417133] Call trace: [ 18.417166] show_stack+0x20/0x38 (C) [ 18.417260] dump_stack_lvl+0x8c/0xd0 [ 18.417573] print_report+0x118/0x5d0 [ 18.417750] kasan_report+0xdc/0x128 [ 18.417862] kasan_check_range+0x100/0x1a8 [ 18.417915] __kasan_check_write+0x20/0x30 [ 18.417963] kasan_atomics_helper+0x16d0/0x4858 [ 18.418012] kasan_atomics+0x198/0x2e0 [ 18.418319] kunit_try_run_case+0x170/0x3f0 [ 18.418865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.418947] kthread+0x328/0x630 [ 18.419000] ret_from_fork+0x10/0x20 [ 18.419396] [ 18.419449] Allocated by task 265: [ 18.419889] kasan_save_stack+0x3c/0x68 [ 18.420013] kasan_save_track+0x20/0x40 [ 18.420090] kasan_save_alloc_info+0x40/0x58 [ 18.420210] __kasan_kmalloc+0xd4/0xd8 [ 18.420252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.420502] kasan_atomics+0xb8/0x2e0 [ 18.420578] kunit_try_run_case+0x170/0x3f0 [ 18.420621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.420837] kthread+0x328/0x630 [ 18.420890] ret_from_fork+0x10/0x20 [ 18.420941] [ 18.420964] The buggy address belongs to the object at fff00000c784ef80 [ 18.420964] which belongs to the cache kmalloc-64 of size 64 [ 18.421027] The buggy address is located 0 bytes to the right of [ 18.421027] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.421101] [ 18.421133] The buggy address belongs to the physical page: [ 18.421182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.421244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.421303] page_type: f5(slab) [ 18.421825] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.422107] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.422188] page dumped because: kasan: bad access detected [ 18.422344] [ 18.422483] Memory state around the buggy address: [ 18.422558] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.422607] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.423295] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.423505] ^ [ 18.423569] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.423813] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.423974] ================================================================== [ 18.224105] ================================================================== [ 18.224253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.224312] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.224519] [ 18.224554] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.224696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.224730] Hardware name: linux,dummy-virt (DT) [ 18.225004] Call trace: [ 18.225140] show_stack+0x20/0x38 (C) [ 18.225202] dump_stack_lvl+0x8c/0xd0 [ 18.225344] print_report+0x118/0x5d0 [ 18.225418] kasan_report+0xdc/0x128 [ 18.225537] __asan_report_store8_noabort+0x20/0x30 [ 18.225593] kasan_atomics_helper+0x3e5c/0x4858 [ 18.225645] kasan_atomics+0x198/0x2e0 [ 18.226053] kunit_try_run_case+0x170/0x3f0 [ 18.226380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.226563] kthread+0x328/0x630 [ 18.226671] ret_from_fork+0x10/0x20 [ 18.226873] [ 18.226932] Allocated by task 265: [ 18.227351] kasan_save_stack+0x3c/0x68 [ 18.227577] kasan_save_track+0x20/0x40 [ 18.227771] kasan_save_alloc_info+0x40/0x58 [ 18.228046] __kasan_kmalloc+0xd4/0xd8 [ 18.228479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.228645] kasan_atomics+0xb8/0x2e0 [ 18.228893] kunit_try_run_case+0x170/0x3f0 [ 18.228994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.229177] kthread+0x328/0x630 [ 18.229391] ret_from_fork+0x10/0x20 [ 18.229762] [ 18.229794] The buggy address belongs to the object at fff00000c784ef80 [ 18.229794] which belongs to the cache kmalloc-64 of size 64 [ 18.229858] The buggy address is located 0 bytes to the right of [ 18.229858] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.230103] [ 18.230149] The buggy address belongs to the physical page: [ 18.230285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.230558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.230969] page_type: f5(slab) [ 18.231201] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.231429] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.231687] page dumped because: kasan: bad access detected [ 18.231729] [ 18.231880] Memory state around the buggy address: [ 18.232007] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.232342] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.232474] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.232585] ^ [ 18.232642] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.232689] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.232740] ================================================================== [ 18.341720] ================================================================== [ 18.341771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.341963] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.342305] [ 18.342718] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.343063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.343109] Hardware name: linux,dummy-virt (DT) [ 18.343204] Call trace: [ 18.343251] show_stack+0x20/0x38 (C) [ 18.343364] dump_stack_lvl+0x8c/0xd0 [ 18.343509] print_report+0x118/0x5d0 [ 18.343563] kasan_report+0xdc/0x128 [ 18.343653] __asan_report_load8_noabort+0x20/0x30 [ 18.343710] kasan_atomics_helper+0x3f04/0x4858 [ 18.343941] kasan_atomics+0x198/0x2e0 [ 18.344319] kunit_try_run_case+0x170/0x3f0 [ 18.344406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.344463] kthread+0x328/0x630 [ 18.344507] ret_from_fork+0x10/0x20 [ 18.344557] [ 18.344578] Allocated by task 265: [ 18.344609] kasan_save_stack+0x3c/0x68 [ 18.344796] kasan_save_track+0x20/0x40 [ 18.344862] kasan_save_alloc_info+0x40/0x58 [ 18.344914] __kasan_kmalloc+0xd4/0xd8 [ 18.344962] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.345002] kasan_atomics+0xb8/0x2e0 [ 18.345042] kunit_try_run_case+0x170/0x3f0 [ 18.345080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.345125] kthread+0x328/0x630 [ 18.345160] ret_from_fork+0x10/0x20 [ 18.345198] [ 18.345235] The buggy address belongs to the object at fff00000c784ef80 [ 18.345235] which belongs to the cache kmalloc-64 of size 64 [ 18.345297] The buggy address is located 0 bytes to the right of [ 18.345297] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.346261] [ 18.346350] The buggy address belongs to the physical page: [ 18.346386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.346632] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.346727] page_type: f5(slab) [ 18.346783] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.347145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.347202] page dumped because: kasan: bad access detected [ 18.347237] [ 18.347258] Memory state around the buggy address: [ 18.347665] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.348000] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.348245] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.348483] ^ [ 18.348685] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.348886] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.349058] ================================================================== [ 18.331468] ================================================================== [ 18.331657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.331732] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.331794] [ 18.332169] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.332539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.332590] Hardware name: linux,dummy-virt (DT) [ 18.332653] Call trace: [ 18.332693] show_stack+0x20/0x38 (C) [ 18.332774] dump_stack_lvl+0x8c/0xd0 [ 18.333018] print_report+0x118/0x5d0 [ 18.333105] kasan_report+0xdc/0x128 [ 18.333156] kasan_check_range+0x100/0x1a8 [ 18.333502] __kasan_check_write+0x20/0x30 [ 18.333921] kasan_atomics_helper+0x1384/0x4858 [ 18.334065] kasan_atomics+0x198/0x2e0 [ 18.334173] kunit_try_run_case+0x170/0x3f0 [ 18.334356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.334429] kthread+0x328/0x630 [ 18.334492] ret_from_fork+0x10/0x20 [ 18.334550] [ 18.334768] Allocated by task 265: [ 18.335284] kasan_save_stack+0x3c/0x68 [ 18.335367] kasan_save_track+0x20/0x40 [ 18.335496] kasan_save_alloc_info+0x40/0x58 [ 18.335637] __kasan_kmalloc+0xd4/0xd8 [ 18.335735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.336263] kasan_atomics+0xb8/0x2e0 [ 18.336465] kunit_try_run_case+0x170/0x3f0 [ 18.336551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.336737] kthread+0x328/0x630 [ 18.337121] ret_from_fork+0x10/0x20 [ 18.337533] [ 18.337567] The buggy address belongs to the object at fff00000c784ef80 [ 18.337567] which belongs to the cache kmalloc-64 of size 64 [ 18.337771] The buggy address is located 0 bytes to the right of [ 18.337771] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.338155] [ 18.338185] The buggy address belongs to the physical page: [ 18.338220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.338548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.338736] page_type: f5(slab) [ 18.338877] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.339411] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.339484] page dumped because: kasan: bad access detected [ 18.339680] [ 18.339763] Memory state around the buggy address: [ 18.339855] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.339904] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.340375] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.340600] ^ [ 18.340735] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.340886] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.340952] ================================================================== [ 18.405763] ================================================================== [ 18.405934] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.406161] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.406246] [ 18.406346] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.406432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.406469] Hardware name: linux,dummy-virt (DT) [ 18.406674] Call trace: [ 18.406723] show_stack+0x20/0x38 (C) [ 18.406809] dump_stack_lvl+0x8c/0xd0 [ 18.407182] print_report+0x118/0x5d0 [ 18.407488] kasan_report+0xdc/0x128 [ 18.407765] __asan_report_load8_noabort+0x20/0x30 [ 18.407839] kasan_atomics_helper+0x3df4/0x4858 [ 18.407893] kasan_atomics+0x198/0x2e0 [ 18.408271] kunit_try_run_case+0x170/0x3f0 [ 18.408367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.408579] kthread+0x328/0x630 [ 18.408643] ret_from_fork+0x10/0x20 [ 18.409056] [ 18.409115] Allocated by task 265: [ 18.409150] kasan_save_stack+0x3c/0x68 [ 18.409402] kasan_save_track+0x20/0x40 [ 18.409551] kasan_save_alloc_info+0x40/0x58 [ 18.409791] __kasan_kmalloc+0xd4/0xd8 [ 18.409999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.410190] kasan_atomics+0xb8/0x2e0 [ 18.410588] kunit_try_run_case+0x170/0x3f0 [ 18.410745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.410835] kthread+0x328/0x630 [ 18.410963] ret_from_fork+0x10/0x20 [ 18.411080] [ 18.411132] The buggy address belongs to the object at fff00000c784ef80 [ 18.411132] which belongs to the cache kmalloc-64 of size 64 [ 18.411552] The buggy address is located 0 bytes to the right of [ 18.411552] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.411958] [ 18.412024] The buggy address belongs to the physical page: [ 18.412063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.412161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.412251] page_type: f5(slab) [ 18.412804] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.413289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.413523] page dumped because: kasan: bad access detected [ 18.413710] [ 18.413767] Memory state around the buggy address: [ 18.413818] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.413868] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.413914] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.414515] ^ [ 18.414760] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.414927] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.415001] ================================================================== [ 18.276277] ================================================================== [ 18.276715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.276803] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.276859] [ 18.276890] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.277276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.277551] Hardware name: linux,dummy-virt (DT) [ 18.277714] Call trace: [ 18.277829] show_stack+0x20/0x38 (C) [ 18.277927] dump_stack_lvl+0x8c/0xd0 [ 18.277986] print_report+0x118/0x5d0 [ 18.278036] kasan_report+0xdc/0x128 [ 18.278083] kasan_check_range+0x100/0x1a8 [ 18.278368] __kasan_check_write+0x20/0x30 [ 18.278655] kasan_atomics_helper+0x10c0/0x4858 [ 18.278925] kasan_atomics+0x198/0x2e0 [ 18.279109] kunit_try_run_case+0x170/0x3f0 [ 18.279204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.279262] kthread+0x328/0x630 [ 18.279613] ret_from_fork+0x10/0x20 [ 18.279835] [ 18.279999] Allocated by task 265: [ 18.280291] kasan_save_stack+0x3c/0x68 [ 18.280394] kasan_save_track+0x20/0x40 [ 18.280537] kasan_save_alloc_info+0x40/0x58 [ 18.280723] __kasan_kmalloc+0xd4/0xd8 [ 18.280892] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.281743] kasan_atomics+0xb8/0x2e0 [ 18.281818] kunit_try_run_case+0x170/0x3f0 [ 18.281862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.281934] kthread+0x328/0x630 [ 18.281987] ret_from_fork+0x10/0x20 [ 18.282062] [ 18.282257] The buggy address belongs to the object at fff00000c784ef80 [ 18.282257] which belongs to the cache kmalloc-64 of size 64 [ 18.282395] The buggy address is located 0 bytes to the right of [ 18.282395] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.282991] [ 18.283484] The buggy address belongs to the physical page: [ 18.283629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.283874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.284117] page_type: f5(slab) [ 18.284187] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.284496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.284942] page dumped because: kasan: bad access detected [ 18.284999] [ 18.285188] Memory state around the buggy address: [ 18.285343] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.285506] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.285716] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.285928] ^ [ 18.286017] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.286084] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.286126] ================================================================== [ 18.382096] ================================================================== [ 18.382313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.382457] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.382670] [ 18.382810] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.382920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382956] Hardware name: linux,dummy-virt (DT) [ 18.382990] Call trace: [ 18.383014] show_stack+0x20/0x38 (C) [ 18.383067] dump_stack_lvl+0x8c/0xd0 [ 18.383114] print_report+0x118/0x5d0 [ 18.383162] kasan_report+0xdc/0x128 [ 18.383208] kasan_check_range+0x100/0x1a8 [ 18.383500] __kasan_check_write+0x20/0x30 [ 18.383820] kasan_atomics_helper+0x15b4/0x4858 [ 18.383951] kasan_atomics+0x198/0x2e0 [ 18.384022] kunit_try_run_case+0x170/0x3f0 [ 18.384167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.384243] kthread+0x328/0x630 [ 18.384297] ret_from_fork+0x10/0x20 [ 18.384358] [ 18.384509] Allocated by task 265: [ 18.384875] kasan_save_stack+0x3c/0x68 [ 18.384957] kasan_save_track+0x20/0x40 [ 18.385095] kasan_save_alloc_info+0x40/0x58 [ 18.385149] __kasan_kmalloc+0xd4/0xd8 [ 18.385341] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.385503] kasan_atomics+0xb8/0x2e0 [ 18.385546] kunit_try_run_case+0x170/0x3f0 [ 18.385586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.385805] kthread+0x328/0x630 [ 18.385966] ret_from_fork+0x10/0x20 [ 18.386540] [ 18.386577] The buggy address belongs to the object at fff00000c784ef80 [ 18.386577] which belongs to the cache kmalloc-64 of size 64 [ 18.386643] The buggy address is located 0 bytes to the right of [ 18.386643] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.386939] [ 18.386977] The buggy address belongs to the physical page: [ 18.387012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.387066] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.387118] page_type: f5(slab) [ 18.387160] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.387251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.387294] page dumped because: kasan: bad access detected [ 18.387672] [ 18.387843] Memory state around the buggy address: [ 18.388575] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.388630] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.389268] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.389601] ^ [ 18.389838] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.389992] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.390055] ================================================================== [ 18.432390] ================================================================== [ 18.432467] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.432521] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.432573] [ 18.432603] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.433000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.433054] Hardware name: linux,dummy-virt (DT) [ 18.433088] Call trace: [ 18.433460] show_stack+0x20/0x38 (C) [ 18.433531] dump_stack_lvl+0x8c/0xd0 [ 18.433760] print_report+0x118/0x5d0 [ 18.433878] kasan_report+0xdc/0x128 [ 18.434045] kasan_check_range+0x100/0x1a8 [ 18.434107] __kasan_check_write+0x20/0x30 [ 18.434297] kasan_atomics_helper+0x175c/0x4858 [ 18.434601] kasan_atomics+0x198/0x2e0 [ 18.434849] kunit_try_run_case+0x170/0x3f0 [ 18.435074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.435234] kthread+0x328/0x630 [ 18.435321] ret_from_fork+0x10/0x20 [ 18.435756] [ 18.435970] Allocated by task 265: [ 18.436031] kasan_save_stack+0x3c/0x68 [ 18.436219] kasan_save_track+0x20/0x40 [ 18.436364] kasan_save_alloc_info+0x40/0x58 [ 18.436445] __kasan_kmalloc+0xd4/0xd8 [ 18.436578] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.436632] kasan_atomics+0xb8/0x2e0 [ 18.436688] kunit_try_run_case+0x170/0x3f0 [ 18.436987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.437230] kthread+0x328/0x630 [ 18.437385] ret_from_fork+0x10/0x20 [ 18.437550] [ 18.437703] The buggy address belongs to the object at fff00000c784ef80 [ 18.437703] which belongs to the cache kmalloc-64 of size 64 [ 18.438087] The buggy address is located 0 bytes to the right of [ 18.438087] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.438178] [ 18.438201] The buggy address belongs to the physical page: [ 18.438236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.438291] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.438819] page_type: f5(slab) [ 18.439126] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.439214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.439266] page dumped because: kasan: bad access detected [ 18.439758] [ 18.439900] Memory state around the buggy address: [ 18.440055] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.440116] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.440161] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.440381] ^ [ 18.440573] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.440777] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.440853] ================================================================== [ 18.079957] ================================================================== [ 18.080011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.080063] Write of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.080117] [ 18.080449] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.080826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.080862] Hardware name: linux,dummy-virt (DT) [ 18.080896] Call trace: [ 18.081023] show_stack+0x20/0x38 (C) [ 18.081107] dump_stack_lvl+0x8c/0xd0 [ 18.081159] print_report+0x118/0x5d0 [ 18.081251] kasan_report+0xdc/0x128 [ 18.081298] kasan_check_range+0x100/0x1a8 [ 18.081497] __kasan_check_write+0x20/0x30 [ 18.081653] kasan_atomics_helper+0x99c/0x4858 [ 18.081844] kasan_atomics+0x198/0x2e0 [ 18.082067] kunit_try_run_case+0x170/0x3f0 [ 18.082238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.082349] kthread+0x328/0x630 [ 18.082403] ret_from_fork+0x10/0x20 [ 18.082818] [ 18.083011] Allocated by task 265: [ 18.083081] kasan_save_stack+0x3c/0x68 [ 18.083267] kasan_save_track+0x20/0x40 [ 18.083411] kasan_save_alloc_info+0x40/0x58 [ 18.083467] __kasan_kmalloc+0xd4/0xd8 [ 18.083764] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.084018] kasan_atomics+0xb8/0x2e0 [ 18.084302] kunit_try_run_case+0x170/0x3f0 [ 18.084726] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.084884] kthread+0x328/0x630 [ 18.084980] ret_from_fork+0x10/0x20 [ 18.085041] [ 18.085458] The buggy address belongs to the object at fff00000c784ef80 [ 18.085458] which belongs to the cache kmalloc-64 of size 64 [ 18.085607] The buggy address is located 0 bytes to the right of [ 18.085607] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.085697] [ 18.085720] The buggy address belongs to the physical page: [ 18.085761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.085933] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.086001] page_type: f5(slab) [ 18.086208] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.086825] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.088856] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 18.089845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.089900] kthread+0x328/0x630 [ 18.089943] ret_from_fork+0x10/0x20 [ 18.089990] [ 18.090012] Allocated by task 265: [ 18.090043] kasan_save_stack+0x3c/0x68 [ 18.090091] kasan_save_track+0x20/0x40 [ 18.090130] kasan_save_alloc_info+0x40/0x58 [ 18.090172] __kasan_kmalloc+0xd4/0xd8 [ 18.090210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.090251] kasan_atomics+0xb8/0x2e0 [ 18.090300] kunit_try_run_case+0x170/0x3f0 [ 18.091837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.092285] kthread+0x328/0x630 [ 18.092792] ret_from_fork+0x10/0x20 [ 18.093031] [ 18.093089] The buggy address belongs to the object at fff00000c784ef80 [ 18.093089] which belongs to the cache kmalloc-64 of size 64 [ 18.093236] The buggy address is located 0 bytes to the right of [ 18.093236] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.093427] [ 18.093504] The buggy address belongs to the physical page: [ 18.093593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.093739] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.093799] page_type: f5(slab) [ 18.093840] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.093897] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.094166] page dumped because: kasan: bad access detected [ 18.094383] [ 18.094478] Memory state around the buggy address: [ 18.094515] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.094906] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.095048] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.095243] ^ [ 18.095341] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.095552] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.095853] ================================================================== [ 18.358144] ================================================================== [ 18.358196] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.358379] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.358442] [ 18.358512] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.358921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.358975] Hardware name: linux,dummy-virt (DT) [ 18.359012] Call trace: [ 18.359036] show_stack+0x20/0x38 (C) [ 18.359090] dump_stack_lvl+0x8c/0xd0 [ 18.359304] print_report+0x118/0x5d0 [ 18.359475] kasan_report+0xdc/0x128 [ 18.359586] kasan_check_range+0x100/0x1a8 [ 18.359659] __kasan_check_write+0x20/0x30 [ 18.359727] kasan_atomics_helper+0x147c/0x4858 [ 18.359779] kasan_atomics+0x198/0x2e0 [ 18.359884] kunit_try_run_case+0x170/0x3f0 [ 18.359935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.360139] kthread+0x328/0x630 [ 18.360206] ret_from_fork+0x10/0x20 [ 18.360365] [ 18.360573] Allocated by task 265: [ 18.360796] kasan_save_stack+0x3c/0x68 [ 18.360917] kasan_save_track+0x20/0x40 [ 18.361007] kasan_save_alloc_info+0x40/0x58 [ 18.361053] __kasan_kmalloc+0xd4/0xd8 [ 18.361110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.361207] kasan_atomics+0xb8/0x2e0 [ 18.361244] kunit_try_run_case+0x170/0x3f0 [ 18.361462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.362039] kthread+0x328/0x630 [ 18.362092] ret_from_fork+0x10/0x20 [ 18.362132] [ 18.362157] The buggy address belongs to the object at fff00000c784ef80 [ 18.362157] which belongs to the cache kmalloc-64 of size 64 [ 18.362219] The buggy address is located 0 bytes to the right of [ 18.362219] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.362568] [ 18.362595] The buggy address belongs to the physical page: [ 18.362630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.362705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.362757] page_type: f5(slab) [ 18.362813] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.362875] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.362919] page dumped because: kasan: bad access detected [ 18.362954] [ 18.362990] Memory state around the buggy address: [ 18.363026] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363071] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363116] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.363157] ^ [ 18.363200] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.363253] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.363292] ================================================================== [ 18.248938] ================================================================== [ 18.248992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.249044] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.249532] [ 18.249611] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.250086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.250149] Hardware name: linux,dummy-virt (DT) [ 18.250323] Call trace: [ 18.250370] show_stack+0x20/0x38 (C) [ 18.250802] dump_stack_lvl+0x8c/0xd0 [ 18.250992] print_report+0x118/0x5d0 [ 18.251154] kasan_report+0xdc/0x128 [ 18.251216] kasan_check_range+0x100/0x1a8 [ 18.251853] __kasan_check_write+0x20/0x30 [ 18.251988] kasan_atomics_helper+0xf88/0x4858 [ 18.252256] kasan_atomics+0x198/0x2e0 [ 18.252391] kunit_try_run_case+0x170/0x3f0 [ 18.252472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.252690] kthread+0x328/0x630 [ 18.252912] ret_from_fork+0x10/0x20 [ 18.253314] [ 18.253838] Allocated by task 265: [ 18.253934] kasan_save_stack+0x3c/0x68 [ 18.253986] kasan_save_track+0x20/0x40 [ 18.254028] kasan_save_alloc_info+0x40/0x58 [ 18.254069] __kasan_kmalloc+0xd4/0xd8 [ 18.254144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.254212] kasan_atomics+0xb8/0x2e0 [ 18.254390] kunit_try_run_case+0x170/0x3f0 [ 18.254601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.254704] kthread+0x328/0x630 [ 18.254986] ret_from_fork+0x10/0x20 [ 18.255042] [ 18.255422] The buggy address belongs to the object at fff00000c784ef80 [ 18.255422] which belongs to the cache kmalloc-64 of size 64 [ 18.255639] The buggy address is located 0 bytes to the right of [ 18.255639] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.255743] [ 18.255820] The buggy address belongs to the physical page: [ 18.255981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.256039] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.256128] page_type: f5(slab) [ 18.256419] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.256893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.256955] page dumped because: kasan: bad access detected [ 18.257182] [ 18.257363] Memory state around the buggy address: [ 18.257637] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.257957] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.258017] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.258056] ^ [ 18.258257] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.258462] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.258850] ================================================================== [ 18.267636] ================================================================== [ 18.267695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.267754] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.267806] [ 18.267985] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.268321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.268366] Hardware name: linux,dummy-virt (DT) [ 18.268598] Call trace: [ 18.268753] show_stack+0x20/0x38 (C) [ 18.268849] dump_stack_lvl+0x8c/0xd0 [ 18.268905] print_report+0x118/0x5d0 [ 18.268960] kasan_report+0xdc/0x128 [ 18.269008] kasan_check_range+0x100/0x1a8 [ 18.269287] __kasan_check_write+0x20/0x30 [ 18.269582] kasan_atomics_helper+0x1058/0x4858 [ 18.269841] kasan_atomics+0x198/0x2e0 [ 18.269980] kunit_try_run_case+0x170/0x3f0 [ 18.270074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.270147] kthread+0x328/0x630 [ 18.270368] ret_from_fork+0x10/0x20 [ 18.270616] [ 18.270731] Allocated by task 265: [ 18.270774] kasan_save_stack+0x3c/0x68 [ 18.271017] kasan_save_track+0x20/0x40 [ 18.271082] kasan_save_alloc_info+0x40/0x58 [ 18.271338] __kasan_kmalloc+0xd4/0xd8 [ 18.271455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.271555] kasan_atomics+0xb8/0x2e0 [ 18.271689] kunit_try_run_case+0x170/0x3f0 [ 18.271785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271833] kthread+0x328/0x630 [ 18.272032] ret_from_fork+0x10/0x20 [ 18.272172] [ 18.272374] The buggy address belongs to the object at fff00000c784ef80 [ 18.272374] which belongs to the cache kmalloc-64 of size 64 [ 18.272613] The buggy address is located 0 bytes to the right of [ 18.272613] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.272866] [ 18.272982] The buggy address belongs to the physical page: [ 18.273311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.273636] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.273883] page_type: f5(slab) [ 18.273940] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.274382] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.274565] page dumped because: kasan: bad access detected [ 18.274608] [ 18.274631] Memory state around the buggy address: [ 18.274668] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.274716] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.274803] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.274864] ^ [ 18.274901] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.274952] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.274993] ================================================================== [ 18.424613] ================================================================== [ 18.424738] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.424820] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.425045] [ 18.425082] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.425281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.425410] Hardware name: linux,dummy-virt (DT) [ 18.425512] Call trace: [ 18.425591] show_stack+0x20/0x38 (C) [ 18.425658] dump_stack_lvl+0x8c/0xd0 [ 18.425707] print_report+0x118/0x5d0 [ 18.425756] kasan_report+0xdc/0x128 [ 18.425803] __asan_report_load8_noabort+0x20/0x30 [ 18.426526] kasan_atomics_helper+0x3e10/0x4858 [ 18.426771] kasan_atomics+0x198/0x2e0 [ 18.426851] kunit_try_run_case+0x170/0x3f0 [ 18.426992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.427052] kthread+0x328/0x630 [ 18.427491] ret_from_fork+0x10/0x20 [ 18.427586] [ 18.427810] Allocated by task 265: [ 18.428166] kasan_save_stack+0x3c/0x68 [ 18.428316] kasan_save_track+0x20/0x40 [ 18.428372] kasan_save_alloc_info+0x40/0x58 [ 18.428439] __kasan_kmalloc+0xd4/0xd8 [ 18.428519] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.428759] kasan_atomics+0xb8/0x2e0 [ 18.428870] kunit_try_run_case+0x170/0x3f0 [ 18.429299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.429698] kthread+0x328/0x630 [ 18.429753] ret_from_fork+0x10/0x20 [ 18.429792] [ 18.429978] The buggy address belongs to the object at fff00000c784ef80 [ 18.429978] which belongs to the cache kmalloc-64 of size 64 [ 18.430217] The buggy address is located 0 bytes to the right of [ 18.430217] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.430535] [ 18.430562] The buggy address belongs to the physical page: [ 18.430598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.430686] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.430744] page_type: f5(slab) [ 18.430797] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.430857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.430911] page dumped because: kasan: bad access detected [ 18.430951] [ 18.430973] Memory state around the buggy address: [ 18.431006] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.431064] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.431109] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.431149] ^ [ 18.431187] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.431232] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.431282] ================================================================== [ 18.363704] ================================================================== [ 18.363757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.363828] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.363881] [ 18.363923] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.364241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.364305] Hardware name: linux,dummy-virt (DT) [ 18.364360] Call trace: [ 18.364385] show_stack+0x20/0x38 (C) [ 18.365139] dump_stack_lvl+0x8c/0xd0 [ 18.365549] print_report+0x118/0x5d0 [ 18.365920] kasan_report+0xdc/0x128 [ 18.366019] kasan_check_range+0x100/0x1a8 [ 18.366200] __kasan_check_write+0x20/0x30 [ 18.366518] kasan_atomics_helper+0x14e4/0x4858 [ 18.366749] kasan_atomics+0x198/0x2e0 [ 18.367096] kunit_try_run_case+0x170/0x3f0 [ 18.367175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.367377] kthread+0x328/0x630 [ 18.367511] ret_from_fork+0x10/0x20 [ 18.367607] [ 18.367630] Allocated by task 265: [ 18.367666] kasan_save_stack+0x3c/0x68 [ 18.367972] kasan_save_track+0x20/0x40 [ 18.368269] kasan_save_alloc_info+0x40/0x58 [ 18.368440] __kasan_kmalloc+0xd4/0xd8 [ 18.368634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.368922] kasan_atomics+0xb8/0x2e0 [ 18.369456] kunit_try_run_case+0x170/0x3f0 [ 18.369541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.369617] kthread+0x328/0x630 [ 18.369770] ret_from_fork+0x10/0x20 [ 18.369853] [ 18.369880] The buggy address belongs to the object at fff00000c784ef80 [ 18.369880] which belongs to the cache kmalloc-64 of size 64 [ 18.369952] The buggy address is located 0 bytes to the right of [ 18.369952] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.370018] [ 18.370656] The buggy address belongs to the physical page: [ 18.370754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.370939] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.371239] page_type: f5(slab) [ 18.371450] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.371654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.371823] page dumped because: kasan: bad access detected [ 18.372237] [ 18.372480] Memory state around the buggy address: [ 18.372559] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.372609] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.372826] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.373040] ^ [ 18.373260] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.373347] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.373484] ================================================================== [ 18.295604] ================================================================== [ 18.296021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.296207] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.296423] [ 18.296469] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.296557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.296998] Hardware name: linux,dummy-virt (DT) [ 18.297077] Call trace: [ 18.297128] show_stack+0x20/0x38 (C) [ 18.297194] dump_stack_lvl+0x8c/0xd0 [ 18.297303] print_report+0x118/0x5d0 [ 18.297447] kasan_report+0xdc/0x128 [ 18.297614] kasan_check_range+0x100/0x1a8 [ 18.297678] __kasan_check_write+0x20/0x30 [ 18.297888] kasan_atomics_helper+0x1190/0x4858 [ 18.298055] kasan_atomics+0x198/0x2e0 [ 18.298355] kunit_try_run_case+0x170/0x3f0 [ 18.298609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.298766] kthread+0x328/0x630 [ 18.298819] ret_from_fork+0x10/0x20 [ 18.299093] [ 18.299130] Allocated by task 265: [ 18.299291] kasan_save_stack+0x3c/0x68 [ 18.299457] kasan_save_track+0x20/0x40 [ 18.299500] kasan_save_alloc_info+0x40/0x58 [ 18.299560] __kasan_kmalloc+0xd4/0xd8 [ 18.299598] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.299656] kasan_atomics+0xb8/0x2e0 [ 18.299705] kunit_try_run_case+0x170/0x3f0 [ 18.299754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.299798] kthread+0x328/0x630 [ 18.299841] ret_from_fork+0x10/0x20 [ 18.299880] [ 18.299902] The buggy address belongs to the object at fff00000c784ef80 [ 18.299902] which belongs to the cache kmalloc-64 of size 64 [ 18.299974] The buggy address is located 0 bytes to the right of [ 18.299974] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.300049] [ 18.300081] The buggy address belongs to the physical page: [ 18.300119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.300188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.300237] page_type: f5(slab) [ 18.300278] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.300352] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.300398] page dumped because: kasan: bad access detected [ 18.300448] [ 18.300477] Memory state around the buggy address: [ 18.300520] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.300574] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.300620] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.300662] ^ [ 18.300695] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.300740] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.300779] ================================================================== [ 18.286898] ================================================================== [ 18.287211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.287286] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.287373] [ 18.287406] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.287489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.287739] Hardware name: linux,dummy-virt (DT) [ 18.287790] Call trace: [ 18.287823] show_stack+0x20/0x38 (C) [ 18.287920] dump_stack_lvl+0x8c/0xd0 [ 18.287970] print_report+0x118/0x5d0 [ 18.288413] kasan_report+0xdc/0x128 [ 18.288490] kasan_check_range+0x100/0x1a8 [ 18.288541] __kasan_check_write+0x20/0x30 [ 18.288751] kasan_atomics_helper+0x1128/0x4858 [ 18.288951] kasan_atomics+0x198/0x2e0 [ 18.289017] kunit_try_run_case+0x170/0x3f0 [ 18.289069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.289131] kthread+0x328/0x630 [ 18.289174] ret_from_fork+0x10/0x20 [ 18.289224] [ 18.289245] Allocated by task 265: [ 18.289451] kasan_save_stack+0x3c/0x68 [ 18.289757] kasan_save_track+0x20/0x40 [ 18.289844] kasan_save_alloc_info+0x40/0x58 [ 18.289991] __kasan_kmalloc+0xd4/0xd8 [ 18.290068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.290229] kasan_atomics+0xb8/0x2e0 [ 18.290424] kunit_try_run_case+0x170/0x3f0 [ 18.290507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.290883] kthread+0x328/0x630 [ 18.291080] ret_from_fork+0x10/0x20 [ 18.291177] [ 18.291277] The buggy address belongs to the object at fff00000c784ef80 [ 18.291277] which belongs to the cache kmalloc-64 of size 64 [ 18.291465] The buggy address is located 0 bytes to the right of [ 18.291465] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.291540] [ 18.291562] The buggy address belongs to the physical page: [ 18.291756] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.291882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.292158] page_type: f5(slab) [ 18.292424] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.292690] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.293124] page dumped because: kasan: bad access detected [ 18.293337] [ 18.293379] Memory state around the buggy address: [ 18.293700] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.293805] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.293919] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.294131] ^ [ 18.294191] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.294263] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.294316] ================================================================== [ 18.350039] ================================================================== [ 18.350092] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.350354] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.350445] [ 18.350671] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.350761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.350906] Hardware name: linux,dummy-virt (DT) [ 18.350952] Call trace: [ 18.350979] show_stack+0x20/0x38 (C) [ 18.351032] dump_stack_lvl+0x8c/0xd0 [ 18.351401] print_report+0x118/0x5d0 [ 18.351522] kasan_report+0xdc/0x128 [ 18.351577] kasan_check_range+0x100/0x1a8 [ 18.351629] __kasan_check_write+0x20/0x30 [ 18.351711] kasan_atomics_helper+0x1414/0x4858 [ 18.351765] kasan_atomics+0x198/0x2e0 [ 18.351813] kunit_try_run_case+0x170/0x3f0 [ 18.352150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.352223] kthread+0x328/0x630 [ 18.352408] ret_from_fork+0x10/0x20 [ 18.352602] [ 18.352655] Allocated by task 265: [ 18.352690] kasan_save_stack+0x3c/0x68 [ 18.352735] kasan_save_track+0x20/0x40 [ 18.352811] kasan_save_alloc_info+0x40/0x58 [ 18.352857] __kasan_kmalloc+0xd4/0xd8 [ 18.352941] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.353287] kasan_atomics+0xb8/0x2e0 [ 18.353560] kunit_try_run_case+0x170/0x3f0 [ 18.353641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.353704] kthread+0x328/0x630 [ 18.353742] ret_from_fork+0x10/0x20 [ 18.353781] [ 18.354214] The buggy address belongs to the object at fff00000c784ef80 [ 18.354214] which belongs to the cache kmalloc-64 of size 64 [ 18.354447] The buggy address is located 0 bytes to the right of [ 18.354447] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.354524] [ 18.354795] The buggy address belongs to the physical page: [ 18.354992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.355364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.355443] page_type: f5(slab) [ 18.355637] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.355855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.356074] page dumped because: kasan: bad access detected [ 18.356210] [ 18.356394] Memory state around the buggy address: [ 18.356559] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.356644] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.356891] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.356954] ^ [ 18.357169] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.357222] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.357263] ================================================================== [ 18.390792] ================================================================== [ 18.390868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.390923] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.390976] [ 18.391139] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.391274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.391501] Hardware name: linux,dummy-virt (DT) [ 18.391548] Call trace: [ 18.391573] show_stack+0x20/0x38 (C) [ 18.391655] dump_stack_lvl+0x8c/0xd0 [ 18.391909] print_report+0x118/0x5d0 [ 18.392074] kasan_report+0xdc/0x128 [ 18.392252] __asan_report_load8_noabort+0x20/0x30 [ 18.392469] kasan_atomics_helper+0x3db0/0x4858 [ 18.392589] kasan_atomics+0x198/0x2e0 [ 18.392643] kunit_try_run_case+0x170/0x3f0 [ 18.392750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.392815] kthread+0x328/0x630 [ 18.393052] ret_from_fork+0x10/0x20 [ 18.393122] [ 18.393290] Allocated by task 265: [ 18.393353] kasan_save_stack+0x3c/0x68 [ 18.393529] kasan_save_track+0x20/0x40 [ 18.393746] kasan_save_alloc_info+0x40/0x58 [ 18.393817] __kasan_kmalloc+0xd4/0xd8 [ 18.393979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.394067] kasan_atomics+0xb8/0x2e0 [ 18.394394] kunit_try_run_case+0x170/0x3f0 [ 18.394470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.394610] kthread+0x328/0x630 [ 18.394688] ret_from_fork+0x10/0x20 [ 18.395237] [ 18.395287] The buggy address belongs to the object at fff00000c784ef80 [ 18.395287] which belongs to the cache kmalloc-64 of size 64 [ 18.395499] The buggy address is located 0 bytes to the right of [ 18.395499] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.395582] [ 18.395604] The buggy address belongs to the physical page: [ 18.395678] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.395894] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.396274] page_type: f5(slab) [ 18.396368] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.396522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.396744] page dumped because: kasan: bad access detected [ 18.396938] [ 18.396988] Memory state around the buggy address: [ 18.397201] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.397408] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.397765] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.397993] ^ [ 18.398066] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.398302] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.398389] ================================================================== [ 18.099684] ================================================================== [ 18.100107] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.100179] Write of size 4 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.100241] [ 18.100274] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.100372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.100629] Hardware name: linux,dummy-virt (DT) [ 18.101067] Call trace: [ 18.101127] show_stack+0x20/0x38 (C) [ 18.101293] dump_stack_lvl+0x8c/0xd0 [ 18.101361] print_report+0x118/0x5d0 [ 18.101474] kasan_report+0xdc/0x128 [ 18.101564] kasan_check_range+0x100/0x1a8 [ 18.101623] __kasan_check_write+0x20/0x30 [ 18.101670] kasan_atomics_helper+0xa6c/0x4858 [ 18.102003] kasan_atomics+0x198/0x2e0 [ 18.102146] kunit_try_run_case+0x170/0x3f0 [ 18.102381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.102647] kthread+0x328/0x630 [ 18.102732] ret_from_fork+0x10/0x20 [ 18.102787] [ 18.102808] Allocated by task 265: [ 18.102839] kasan_save_stack+0x3c/0x68 [ 18.102883] kasan_save_track+0x20/0x40 [ 18.103293] kasan_save_alloc_info+0x40/0x58 [ 18.103702] __kasan_kmalloc+0xd4/0xd8 [ 18.103914] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.104024] kasan_atomics+0xb8/0x2e0 [ 18.104234] kunit_try_run_case+0x170/0x3f0 [ 18.104480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104631] kthread+0x328/0x630 [ 18.104693] ret_from_fork+0x10/0x20 [ 18.105021] [ 18.105179] The buggy address belongs to the object at fff00000c784ef80 [ 18.105179] which belongs to the cache kmalloc-64 of size 64 [ 18.105713] The buggy address is located 0 bytes to the right of [ 18.105713] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.105895] [ 18.105919] The buggy address belongs to the physical page: [ 18.106198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.106451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.106598] page_type: f5(slab) [ 18.106640] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.106962] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.107027] page dumped because: kasan: bad access detected [ 18.107063] [ 18.107083] Memory state around the buggy address: [ 18.107170] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.107244] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.107290] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.107341] ^ [ 18.107377] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.107422] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.109136] [ 18.110277] Call trace: [ 18.112812] kthread+0x328/0x630 [ 18.113612] kasan_save_track+0x20/0x40 [ 18.113774] kasan_save_alloc_info+0x40/0x58 [ 18.113910] __kasan_kmalloc+0xd4/0xd8 [ 18.113971] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.114402] kasan_atomics+0xb8/0x2e0 [ 18.114475] kunit_try_run_case+0x170/0x3f0 [ 18.114537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.114584] kthread+0x328/0x630 [ 18.114620] ret_from_fork+0x10/0x20 [ 18.114659] [ 18.114692] The buggy address belongs to the object at fff00000c784ef80 [ 18.114692] which belongs to the cache kmalloc-64 of size 64 [ 18.114752] The buggy address is located 0 bytes to the right of [ 18.114752] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.114821] [ 18.114861] The buggy address belongs to the physical page: [ 18.114910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.114963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.115169] page dumped because: kasan: bad access detected [ 18.115639] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.118801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 18.120505] kunit_try_run_case+0x170/0x3f0 [ 18.121450] kasan_save_alloc_info+0x40/0x58 [ 18.121547] __kasan_kmalloc+0xd4/0xd8 [ 18.122415] kthread+0x328/0x630 [ 18.123225] [ 18.123413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.124253] [ 18.125590] ^ [ 18.128089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.128524] print_report+0x118/0x5d0 [ 18.129263] __kasan_kmalloc+0xd4/0xd8 [ 18.129302] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.129849] kunit_try_run_case+0x170/0x3f0 [ 18.131260] [ 18.131644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.132973] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.133719] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.136506] Hardware name: linux,dummy-virt (DT) [ 18.138051] kunit_try_run_case+0x170/0x3f0 [ 18.139706] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.140017] [ 18.140107] The buggy address is located 0 bytes to the right of [ 18.140107] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.140618] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.142241] [ 18.144075] kasan_atomics_helper+0xc08/0x4858 [ 18.145592] kasan_save_alloc_info+0x40/0x58 [ 18.146100] kasan_atomics+0xb8/0x2e0 [ 18.146410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.147079] The buggy address is located 0 bytes to the right of [ 18.147079] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.148852] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.149097] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.151435] [ 18.151826] Call trace: [ 18.152494] kasan_atomics+0x198/0x2e0 [ 18.154650] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.155496] kthread+0x328/0x630 [ 18.155745] [ 18.155978] The buggy address is located 0 bytes to the right of [ 18.155978] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.158361] Memory state around the buggy address: [ 18.158714] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.160362] ================================================================== [ 18.442139] ================================================================== [ 18.442801] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.442887] Read of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.443018] [ 18.443075] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.443167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.443244] Hardware name: linux,dummy-virt (DT) [ 18.443289] Call trace: [ 18.443315] show_stack+0x20/0x38 (C) [ 18.443379] dump_stack_lvl+0x8c/0xd0 [ 18.443615] print_report+0x118/0x5d0 [ 18.443699] kasan_report+0xdc/0x128 [ 18.443851] __asan_report_load8_noabort+0x20/0x30 [ 18.444288] kasan_atomics_helper+0x3e20/0x4858 [ 18.444375] kasan_atomics+0x198/0x2e0 [ 18.444428] kunit_try_run_case+0x170/0x3f0 [ 18.444660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.444916] kthread+0x328/0x630 [ 18.445007] ret_from_fork+0x10/0x20 [ 18.445059] [ 18.445097] Allocated by task 265: [ 18.445128] kasan_save_stack+0x3c/0x68 [ 18.445381] kasan_save_track+0x20/0x40 [ 18.445526] kasan_save_alloc_info+0x40/0x58 [ 18.445614] __kasan_kmalloc+0xd4/0xd8 [ 18.445681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.445725] kasan_atomics+0xb8/0x2e0 [ 18.445762] kunit_try_run_case+0x170/0x3f0 [ 18.445803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.445858] kthread+0x328/0x630 [ 18.445909] ret_from_fork+0x10/0x20 [ 18.445947] [ 18.445969] The buggy address belongs to the object at fff00000c784ef80 [ 18.445969] which belongs to the cache kmalloc-64 of size 64 [ 18.446469] The buggy address is located 0 bytes to the right of [ 18.446469] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.447013] [ 18.447427] The buggy address belongs to the physical page: [ 18.447500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.447597] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.447663] page_type: f5(slab) [ 18.447705] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.448164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.448239] page dumped because: kasan: bad access detected [ 18.448583] [ 18.448802] Memory state around the buggy address: [ 18.448855] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.448906] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.449261] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.449711] ^ [ 18.449764] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.449813] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.449860] ================================================================== [ 18.215528] ================================================================== [ 18.215716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.215781] Write of size 8 at addr fff00000c784efb0 by task kunit_try_catch/265 [ 18.216160] [ 18.216202] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.216289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.216338] Hardware name: linux,dummy-virt (DT) [ 18.216373] Call trace: [ 18.216398] show_stack+0x20/0x38 (C) [ 18.216451] dump_stack_lvl+0x8c/0xd0 [ 18.216498] print_report+0x118/0x5d0 [ 18.216559] kasan_report+0xdc/0x128 [ 18.216607] kasan_check_range+0x100/0x1a8 [ 18.216658] __kasan_check_write+0x20/0x30 [ 18.216703] kasan_atomics_helper+0xe44/0x4858 [ 18.216753] kasan_atomics+0x198/0x2e0 [ 18.216799] kunit_try_run_case+0x170/0x3f0 [ 18.216850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.216903] kthread+0x328/0x630 [ 18.216962] ret_from_fork+0x10/0x20 [ 18.217013] [ 18.217043] Allocated by task 265: [ 18.217074] kasan_save_stack+0x3c/0x68 [ 18.217119] kasan_save_track+0x20/0x40 [ 18.217163] kasan_save_alloc_info+0x40/0x58 [ 18.217205] __kasan_kmalloc+0xd4/0xd8 [ 18.217244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.217305] kasan_atomics+0xb8/0x2e0 [ 18.218307] kunit_try_run_case+0x170/0x3f0 [ 18.218401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218473] kthread+0x328/0x630 [ 18.218526] ret_from_fork+0x10/0x20 [ 18.218605] [ 18.218871] The buggy address belongs to the object at fff00000c784ef80 [ 18.218871] which belongs to the cache kmalloc-64 of size 64 [ 18.219032] The buggy address is located 0 bytes to the right of [ 18.219032] allocated 48-byte region [fff00000c784ef80, fff00000c784efb0) [ 18.219129] [ 18.219582] The buggy address belongs to the physical page: [ 18.220082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784e [ 18.220339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.220539] page_type: f5(slab) [ 18.220626] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.220916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.220994] page dumped because: kasan: bad access detected [ 18.221421] [ 18.221479] Memory state around the buggy address: [ 18.221671] fff00000c784ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.221735] fff00000c784ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.221919] >fff00000c784ef80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.222040] ^ [ 18.222399] fff00000c784f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.222458] fff00000c784f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.222649] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.729773] ================================================================== [ 17.729826] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.729881] Read of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.729934] [ 17.730291] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.730691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.730748] Hardware name: linux,dummy-virt (DT) [ 17.730782] Call trace: [ 17.730826] show_stack+0x20/0x38 (C) [ 17.730966] dump_stack_lvl+0x8c/0xd0 [ 17.731044] print_report+0x118/0x5d0 [ 17.731097] kasan_report+0xdc/0x128 [ 17.731479] __asan_report_load8_noabort+0x20/0x30 [ 17.731559] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.731624] kasan_bitops_generic+0x110/0x1c8 [ 17.731952] kunit_try_run_case+0x170/0x3f0 [ 17.732039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.732115] kthread+0x328/0x630 [ 17.732178] ret_from_fork+0x10/0x20 [ 17.732375] [ 17.732503] Allocated by task 261: [ 17.732547] kasan_save_stack+0x3c/0x68 [ 17.732739] kasan_save_track+0x20/0x40 [ 17.732844] kasan_save_alloc_info+0x40/0x58 [ 17.732959] __kasan_kmalloc+0xd4/0xd8 [ 17.733015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.733058] kasan_bitops_generic+0xa0/0x1c8 [ 17.733098] kunit_try_run_case+0x170/0x3f0 [ 17.733140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.733441] kthread+0x328/0x630 [ 17.733689] ret_from_fork+0x10/0x20 [ 17.733776] [ 17.733885] The buggy address belongs to the object at fff00000c58925e0 [ 17.733885] which belongs to the cache kmalloc-16 of size 16 [ 17.734040] The buggy address is located 8 bytes inside of [ 17.734040] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.734107] [ 17.734428] The buggy address belongs to the physical page: [ 17.734506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.734731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.734871] page_type: f5(slab) [ 17.734951] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.735940] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.736554] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.738858] Call trace: [ 17.739650] kasan_check_range+0x100/0x1a8 [ 17.740419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.741192] kasan_save_stack+0x3c/0x68 [ 17.741916] kasan_bitops_generic+0xa0/0x1c8 [ 17.743098] [ 17.743506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.745372] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.745607] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.747921] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.748787] dump_stack_lvl+0x8c/0xd0 [ 17.748981] kasan_check_range+0x100/0x1a8 [ 17.750047] ret_from_fork+0x10/0x20 [ 17.752387] [ 17.753061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.754683] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756501] ================================================================== [ 17.715234] ================================================================== [ 17.715322] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.715787] Read of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.715871] [ 17.715914] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.716085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.716119] Hardware name: linux,dummy-virt (DT) [ 17.716178] Call trace: [ 17.716203] show_stack+0x20/0x38 (C) [ 17.716546] dump_stack_lvl+0x8c/0xd0 [ 17.716705] print_report+0x118/0x5d0 [ 17.716757] kasan_report+0xdc/0x128 [ 17.716851] __asan_report_load8_noabort+0x20/0x30 [ 17.716906] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.717058] kasan_bitops_generic+0x110/0x1c8 [ 17.717133] kunit_try_run_case+0x170/0x3f0 [ 17.717184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.717253] kthread+0x328/0x630 [ 17.717478] ret_from_fork+0x10/0x20 [ 17.717930] [ 17.717962] Allocated by task 261: [ 17.718008] kasan_save_stack+0x3c/0x68 [ 17.718154] kasan_save_track+0x20/0x40 [ 17.718788] kasan_save_alloc_info+0x40/0x58 [ 17.718970] __kasan_kmalloc+0xd4/0xd8 [ 17.719112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.719788] kasan_bitops_generic+0xa0/0x1c8 [ 17.720076] kunit_try_run_case+0x170/0x3f0 [ 17.720154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.720231] kthread+0x328/0x630 [ 17.720414] ret_from_fork+0x10/0x20 [ 17.720509] [ 17.720566] The buggy address belongs to the object at fff00000c58925e0 [ 17.720566] which belongs to the cache kmalloc-16 of size 16 [ 17.720907] The buggy address is located 8 bytes inside of [ 17.720907] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.721168] [ 17.721196] The buggy address belongs to the physical page: [ 17.721407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.721723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.721893] page_type: f5(slab) [ 17.721958] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.722032] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.722085] page dumped because: kasan: bad access detected [ 17.722120] [ 17.722140] Memory state around the buggy address: [ 17.722175] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.722558] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.722681] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.722754] ^ [ 17.722812] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723199] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723376] ================================================================== [ 17.725343] ================================================================== [ 17.725404] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.725456] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.725516] [ 17.725549] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.726031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.726070] Hardware name: linux,dummy-virt (DT) [ 17.726112] Call trace: [ 17.726140] show_stack+0x20/0x38 (C) [ 17.726240] dump_stack_lvl+0x8c/0xd0 [ 17.726291] print_report+0x118/0x5d0 [ 17.726361] kasan_report+0xdc/0x128 [ 17.726409] kasan_check_range+0x100/0x1a8 [ 17.726460] __kasan_check_write+0x20/0x30 [ 17.726507] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.726571] kasan_bitops_generic+0x110/0x1c8 [ 17.726638] kunit_try_run_case+0x170/0x3f0 [ 17.726688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.726744] kthread+0x328/0x630 [ 17.726786] ret_from_fork+0x10/0x20 [ 17.726843] [ 17.726874] Allocated by task 261: [ 17.726914] kasan_save_stack+0x3c/0x68 [ 17.726960] kasan_save_track+0x20/0x40 [ 17.727001] kasan_save_alloc_info+0x40/0x58 [ 17.727054] __kasan_kmalloc+0xd4/0xd8 [ 17.727102] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.727145] kasan_bitops_generic+0xa0/0x1c8 [ 17.727186] kunit_try_run_case+0x170/0x3f0 [ 17.727225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.727278] kthread+0x328/0x630 [ 17.727313] ret_from_fork+0x10/0x20 [ 17.727359] [ 17.727396] The buggy address belongs to the object at fff00000c58925e0 [ 17.727396] which belongs to the cache kmalloc-16 of size 16 [ 17.727486] The buggy address is located 8 bytes inside of [ 17.727486] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.727549] [ 17.727570] The buggy address belongs to the physical page: [ 17.727622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.727685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.727742] page_type: f5(slab) [ 17.727786] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.727840] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.727899] page dumped because: kasan: bad access detected [ 17.727933] [ 17.727954] Memory state around the buggy address: [ 17.728009] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.728055] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.728107] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.728149] ^ [ 17.728190] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.728247] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.728288] ================================================================== [ 17.706780] ================================================================== [ 17.706947] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.707043] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.707146] [ 17.707213] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.707301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.707413] Hardware name: linux,dummy-virt (DT) [ 17.707450] Call trace: [ 17.707477] show_stack+0x20/0x38 (C) [ 17.707779] dump_stack_lvl+0x8c/0xd0 [ 17.707863] print_report+0x118/0x5d0 [ 17.707921] kasan_report+0xdc/0x128 [ 17.707979] kasan_check_range+0x100/0x1a8 [ 17.708036] __kasan_check_write+0x20/0x30 [ 17.708085] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.708140] kasan_bitops_generic+0x110/0x1c8 [ 17.708191] kunit_try_run_case+0x170/0x3f0 [ 17.708241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708297] kthread+0x328/0x630 [ 17.708352] ret_from_fork+0x10/0x20 [ 17.708441] [ 17.708475] Allocated by task 261: [ 17.708520] kasan_save_stack+0x3c/0x68 [ 17.708573] kasan_save_track+0x20/0x40 [ 17.708627] kasan_save_alloc_info+0x40/0x58 [ 17.708678] __kasan_kmalloc+0xd4/0xd8 [ 17.708717] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.708759] kasan_bitops_generic+0xa0/0x1c8 [ 17.708798] kunit_try_run_case+0x170/0x3f0 [ 17.708839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708892] kthread+0x328/0x630 [ 17.708932] ret_from_fork+0x10/0x20 [ 17.708969] [ 17.708992] The buggy address belongs to the object at fff00000c58925e0 [ 17.708992] which belongs to the cache kmalloc-16 of size 16 [ 17.709052] The buggy address is located 8 bytes inside of [ 17.709052] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.709116] [ 17.709149] The buggy address belongs to the physical page: [ 17.709193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.709249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.709554] page_type: f5(slab) [ 17.709681] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.710147] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.710230] page dumped because: kasan: bad access detected [ 17.710449] [ 17.710488] Memory state around the buggy address: [ 17.710671] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.710988] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.711234] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.711517] ^ [ 17.711596] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711700] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711817] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.686045] ================================================================== [ 17.686313] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.686477] Read of size 1 at addr fff00000c7848510 by task kunit_try_catch/259 [ 17.686700] [ 17.686799] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.686916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.687129] Hardware name: linux,dummy-virt (DT) [ 17.687172] Call trace: [ 17.687389] show_stack+0x20/0x38 (C) [ 17.687482] dump_stack_lvl+0x8c/0xd0 [ 17.687535] print_report+0x118/0x5d0 [ 17.687596] kasan_report+0xdc/0x128 [ 17.687751] __asan_report_load1_noabort+0x20/0x30 [ 17.687812] strnlen+0x80/0x88 [ 17.687872] kasan_strings+0x478/0xb00 [ 17.687923] kunit_try_run_case+0x170/0x3f0 [ 17.688144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.688218] kthread+0x328/0x630 [ 17.688264] ret_from_fork+0x10/0x20 [ 17.688753] [ 17.688794] Allocated by task 259: [ 17.688827] kasan_save_stack+0x3c/0x68 [ 17.688874] kasan_save_track+0x20/0x40 [ 17.688913] kasan_save_alloc_info+0x40/0x58 [ 17.688962] __kasan_kmalloc+0xd4/0xd8 [ 17.689000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.689045] kasan_strings+0xc8/0xb00 [ 17.689082] kunit_try_run_case+0x170/0x3f0 [ 17.689122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.689198] kthread+0x328/0x630 [ 17.689238] ret_from_fork+0x10/0x20 [ 17.689276] [ 17.689298] Freed by task 259: [ 17.689343] kasan_save_stack+0x3c/0x68 [ 17.689655] kasan_save_track+0x20/0x40 [ 17.689733] kasan_save_free_info+0x4c/0x78 [ 17.689795] __kasan_slab_free+0x6c/0x98 [ 17.689873] kfree+0x214/0x3c8 [ 17.689946] kasan_strings+0x24c/0xb00 [ 17.690275] kunit_try_run_case+0x170/0x3f0 [ 17.690618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.690704] kthread+0x328/0x630 [ 17.691074] ret_from_fork+0x10/0x20 [ 17.691311] [ 17.691526] The buggy address belongs to the object at fff00000c7848500 [ 17.691526] which belongs to the cache kmalloc-32 of size 32 [ 17.691641] The buggy address is located 16 bytes inside of [ 17.691641] freed 32-byte region [fff00000c7848500, fff00000c7848520) [ 17.691994] [ 17.692152] The buggy address belongs to the physical page: [ 17.692473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.692550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.692753] page_type: f5(slab) [ 17.692837] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.693172] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.693234] page dumped because: kasan: bad access detected [ 17.693272] [ 17.693627] Memory state around the buggy address: [ 17.693752] fff00000c7848400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.693803] fff00000c7848480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.694230] >fff00000c7848500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.694348] ^ [ 17.694424] fff00000c7848580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.694492] fff00000c7848600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.694662] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.676123] ================================================================== [ 17.676184] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.676424] Read of size 1 at addr fff00000c7848510 by task kunit_try_catch/259 [ 17.676515] [ 17.676559] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.676811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.676853] Hardware name: linux,dummy-virt (DT) [ 17.676888] Call trace: [ 17.676932] show_stack+0x20/0x38 (C) [ 17.677074] dump_stack_lvl+0x8c/0xd0 [ 17.677126] print_report+0x118/0x5d0 [ 17.677321] kasan_report+0xdc/0x128 [ 17.677715] __asan_report_load1_noabort+0x20/0x30 [ 17.677969] strlen+0xa8/0xb0 [ 17.678101] kasan_strings+0x418/0xb00 [ 17.678155] kunit_try_run_case+0x170/0x3f0 [ 17.678205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.678465] kthread+0x328/0x630 [ 17.678603] ret_from_fork+0x10/0x20 [ 17.678656] [ 17.678677] Allocated by task 259: [ 17.678959] kasan_save_stack+0x3c/0x68 [ 17.679245] kasan_save_track+0x20/0x40 [ 17.679401] kasan_save_alloc_info+0x40/0x58 [ 17.679489] __kasan_kmalloc+0xd4/0xd8 [ 17.679595] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.680000] kasan_strings+0xc8/0xb00 [ 17.680198] kunit_try_run_case+0x170/0x3f0 [ 17.680410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.680537] kthread+0x328/0x630 [ 17.680600] ret_from_fork+0x10/0x20 [ 17.680639] [ 17.680663] Freed by task 259: [ 17.680695] kasan_save_stack+0x3c/0x68 [ 17.680736] kasan_save_track+0x20/0x40 [ 17.680826] kasan_save_free_info+0x4c/0x78 [ 17.680880] __kasan_slab_free+0x6c/0x98 [ 17.680927] kfree+0x214/0x3c8 [ 17.680982] kasan_strings+0x24c/0xb00 [ 17.681018] kunit_try_run_case+0x170/0x3f0 [ 17.681067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.681114] kthread+0x328/0x630 [ 17.681153] ret_from_fork+0x10/0x20 [ 17.681205] [ 17.681236] The buggy address belongs to the object at fff00000c7848500 [ 17.681236] which belongs to the cache kmalloc-32 of size 32 [ 17.681586] The buggy address is located 16 bytes inside of [ 17.681586] freed 32-byte region [fff00000c7848500, fff00000c7848520) [ 17.681679] [ 17.681702] The buggy address belongs to the physical page: [ 17.681734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.682337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.682561] page_type: f5(slab) [ 17.682624] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.682684] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.682901] page dumped because: kasan: bad access detected [ 17.683100] [ 17.683224] Memory state around the buggy address: [ 17.683374] fff00000c7848400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.683549] fff00000c7848480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.683780] >fff00000c7848500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.683845] ^ [ 17.683897] fff00000c7848580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.684250] fff00000c7848600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.684409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.667289] ================================================================== [ 17.667398] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.667452] Read of size 1 at addr fff00000c7848510 by task kunit_try_catch/259 [ 17.667504] [ 17.667581] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.667670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.667952] Hardware name: linux,dummy-virt (DT) [ 17.668040] Call trace: [ 17.668080] show_stack+0x20/0x38 (C) [ 17.668400] dump_stack_lvl+0x8c/0xd0 [ 17.668491] print_report+0x118/0x5d0 [ 17.668543] kasan_report+0xdc/0x128 [ 17.668688] __asan_report_load1_noabort+0x20/0x30 [ 17.668764] kasan_strings+0x95c/0xb00 [ 17.668817] kunit_try_run_case+0x170/0x3f0 [ 17.669011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.669211] kthread+0x328/0x630 [ 17.669278] ret_from_fork+0x10/0x20 [ 17.669433] [ 17.669502] Allocated by task 259: [ 17.669690] kasan_save_stack+0x3c/0x68 [ 17.669861] kasan_save_track+0x20/0x40 [ 17.670008] kasan_save_alloc_info+0x40/0x58 [ 17.670114] __kasan_kmalloc+0xd4/0xd8 [ 17.670276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.670352] kasan_strings+0xc8/0xb00 [ 17.670717] kunit_try_run_case+0x170/0x3f0 [ 17.670804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.670909] kthread+0x328/0x630 [ 17.670947] ret_from_fork+0x10/0x20 [ 17.671023] [ 17.671288] Freed by task 259: [ 17.671382] kasan_save_stack+0x3c/0x68 [ 17.671489] kasan_save_track+0x20/0x40 [ 17.671593] kasan_save_free_info+0x4c/0x78 [ 17.671668] __kasan_slab_free+0x6c/0x98 [ 17.671940] kfree+0x214/0x3c8 [ 17.672090] kasan_strings+0x24c/0xb00 [ 17.672150] kunit_try_run_case+0x170/0x3f0 [ 17.672190] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.672491] kthread+0x328/0x630 [ 17.672599] ret_from_fork+0x10/0x20 [ 17.672954] [ 17.673273] The buggy address belongs to the object at fff00000c7848500 [ 17.673273] which belongs to the cache kmalloc-32 of size 32 [ 17.673379] The buggy address is located 16 bytes inside of [ 17.673379] freed 32-byte region [fff00000c7848500, fff00000c7848520) [ 17.673484] [ 17.673584] The buggy address belongs to the physical page: [ 17.673641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.673846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.674038] page_type: f5(slab) [ 17.674084] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.674166] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.674209] page dumped because: kasan: bad access detected [ 17.674242] [ 17.674264] Memory state around the buggy address: [ 17.674298] fff00000c7848400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.674356] fff00000c7848480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.674441] >fff00000c7848500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.674481] ^ [ 17.674546] fff00000c7848580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.674600] fff00000c7848600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.674640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.658732] ================================================================== [ 17.658803] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.658944] Read of size 1 at addr fff00000c7848510 by task kunit_try_catch/259 [ 17.659004] [ 17.659318] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.659432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.659521] Hardware name: linux,dummy-virt (DT) [ 17.659588] Call trace: [ 17.659616] show_stack+0x20/0x38 (C) [ 17.659908] dump_stack_lvl+0x8c/0xd0 [ 17.659977] print_report+0x118/0x5d0 [ 17.660028] kasan_report+0xdc/0x128 [ 17.660170] __asan_report_load1_noabort+0x20/0x30 [ 17.660232] strcmp+0xc0/0xc8 [ 17.660301] kasan_strings+0x340/0xb00 [ 17.660588] kunit_try_run_case+0x170/0x3f0 [ 17.660650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.660801] kthread+0x328/0x630 [ 17.660854] ret_from_fork+0x10/0x20 [ 17.661227] [ 17.661304] Allocated by task 259: [ 17.661400] kasan_save_stack+0x3c/0x68 [ 17.661643] kasan_save_track+0x20/0x40 [ 17.661952] kasan_save_alloc_info+0x40/0x58 [ 17.662077] __kasan_kmalloc+0xd4/0xd8 [ 17.662213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.662270] kasan_strings+0xc8/0xb00 [ 17.662460] kunit_try_run_case+0x170/0x3f0 [ 17.662530] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.662576] kthread+0x328/0x630 [ 17.662622] ret_from_fork+0x10/0x20 [ 17.662661] [ 17.662683] Freed by task 259: [ 17.662723] kasan_save_stack+0x3c/0x68 [ 17.662763] kasan_save_track+0x20/0x40 [ 17.662825] kasan_save_free_info+0x4c/0x78 [ 17.662866] __kasan_slab_free+0x6c/0x98 [ 17.662921] kfree+0x214/0x3c8 [ 17.662956] kasan_strings+0x24c/0xb00 [ 17.662994] kunit_try_run_case+0x170/0x3f0 [ 17.663050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.663095] kthread+0x328/0x630 [ 17.663138] ret_from_fork+0x10/0x20 [ 17.663177] [ 17.663200] The buggy address belongs to the object at fff00000c7848500 [ 17.663200] which belongs to the cache kmalloc-32 of size 32 [ 17.663274] The buggy address is located 16 bytes inside of [ 17.663274] freed 32-byte region [fff00000c7848500, fff00000c7848520) [ 17.663349] [ 17.663372] The buggy address belongs to the physical page: [ 17.663503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.664046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.664128] page_type: f5(slab) [ 17.664314] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.664565] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.664621] page dumped because: kasan: bad access detected [ 17.664783] [ 17.664827] Memory state around the buggy address: [ 17.665115] fff00000c7848400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.665199] fff00000c7848480: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.665519] >fff00000c7848500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.665603] ^ [ 17.665658] fff00000c7848580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.665728] fff00000c7848600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.665768] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.636468] ================================================================== [ 17.636549] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.636687] Read of size 1 at addr fff00000c7848398 by task kunit_try_catch/257 [ 17.636747] [ 17.636807] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.636935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.636965] Hardware name: linux,dummy-virt (DT) [ 17.637325] Call trace: [ 17.637405] show_stack+0x20/0x38 (C) [ 17.637630] dump_stack_lvl+0x8c/0xd0 [ 17.637826] print_report+0x118/0x5d0 [ 17.637955] kasan_report+0xdc/0x128 [ 17.638060] __asan_report_load1_noabort+0x20/0x30 [ 17.638196] memcmp+0x198/0x1d8 [ 17.638344] kasan_memcmp+0x16c/0x300 [ 17.638642] kunit_try_run_case+0x170/0x3f0 [ 17.638772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.638832] kthread+0x328/0x630 [ 17.639150] ret_from_fork+0x10/0x20 [ 17.639267] [ 17.639550] Allocated by task 257: [ 17.639622] kasan_save_stack+0x3c/0x68 [ 17.639701] kasan_save_track+0x20/0x40 [ 17.640091] kasan_save_alloc_info+0x40/0x58 [ 17.640244] __kasan_kmalloc+0xd4/0xd8 [ 17.640727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.640946] kasan_memcmp+0xbc/0x300 [ 17.641033] kunit_try_run_case+0x170/0x3f0 [ 17.641149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.641246] kthread+0x328/0x630 [ 17.641343] ret_from_fork+0x10/0x20 [ 17.641403] [ 17.641427] The buggy address belongs to the object at fff00000c7848380 [ 17.641427] which belongs to the cache kmalloc-32 of size 32 [ 17.641497] The buggy address is located 0 bytes to the right of [ 17.641497] allocated 24-byte region [fff00000c7848380, fff00000c7848398) [ 17.641845] [ 17.641970] The buggy address belongs to the physical page: [ 17.642049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 17.642201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.642618] page_type: f5(slab) [ 17.642707] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.642892] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.642967] page dumped because: kasan: bad access detected [ 17.643091] [ 17.643175] Memory state around the buggy address: [ 17.643311] fff00000c7848280: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 17.643380] fff00000c7848300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.643744] >fff00000c7848380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.643883] ^ [ 17.643939] fff00000c7848400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.644059] fff00000c7848480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.644165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.611702] ================================================================== [ 17.611765] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.611818] Read of size 1 at addr ffff800080a67b4a by task kunit_try_catch/253 [ 17.611872] [ 17.612121] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.612434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.612471] Hardware name: linux,dummy-virt (DT) [ 17.612508] Call trace: [ 17.612536] show_stack+0x20/0x38 (C) [ 17.612632] dump_stack_lvl+0x8c/0xd0 [ 17.612688] print_report+0x310/0x5d0 [ 17.612743] kasan_report+0xdc/0x128 [ 17.612806] __asan_report_load1_noabort+0x20/0x30 [ 17.612861] kasan_alloca_oob_right+0x2dc/0x340 [ 17.612912] kunit_try_run_case+0x170/0x3f0 [ 17.612965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.613020] kthread+0x328/0x630 [ 17.613064] ret_from_fork+0x10/0x20 [ 17.613115] [ 17.613137] The buggy address belongs to stack of task kunit_try_catch/253 [ 17.613193] [ 17.613216] The buggy address ffff800080a67b4a belongs to a vmalloc virtual mapping [ 17.613261] The buggy address belongs to the physical page: [ 17.613294] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f53 [ 17.613621] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.614078] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.614150] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.614193] page dumped because: kasan: bad access detected [ 17.614462] [ 17.614511] Memory state around the buggy address: [ 17.614609] ffff800080a67a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.614729] ffff800080a67a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.614885] >ffff800080a67b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.615006] ^ [ 17.615085] ffff800080a67b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.615239] ffff800080a67c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.615339] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.595242] ================================================================== [ 17.595378] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.596116] Read of size 1 at addr ffff800080a97b5f by task kunit_try_catch/251 [ 17.596428] [ 17.596501] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.596590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.596630] Hardware name: linux,dummy-virt (DT) [ 17.596678] Call trace: [ 17.596704] show_stack+0x20/0x38 (C) [ 17.596994] dump_stack_lvl+0x8c/0xd0 [ 17.597072] print_report+0x310/0x5d0 [ 17.597439] kasan_report+0xdc/0x128 [ 17.597562] __asan_report_load1_noabort+0x20/0x30 [ 17.597925] kasan_alloca_oob_left+0x2b8/0x310 [ 17.598141] kunit_try_run_case+0x170/0x3f0 [ 17.598201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.598550] kthread+0x328/0x630 [ 17.598672] ret_from_fork+0x10/0x20 [ 17.598851] [ 17.598918] The buggy address belongs to stack of task kunit_try_catch/251 [ 17.599027] [ 17.599052] The buggy address ffff800080a97b5f belongs to a vmalloc virtual mapping [ 17.599560] The buggy address belongs to the physical page: [ 17.599615] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107858 [ 17.599776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.599937] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.600032] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.600171] page dumped because: kasan: bad access detected [ 17.600259] [ 17.600389] Memory state around the buggy address: [ 17.600549] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.600960] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.601064] >ffff800080a97b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.601126] ^ [ 17.601449] ffff800080a97b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.601586] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.601684] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.575929] ================================================================== [ 17.576096] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.576172] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/249 [ 17.576227] [ 17.576263] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.576605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.576696] Hardware name: linux,dummy-virt (DT) [ 17.576732] Call trace: [ 17.576802] show_stack+0x20/0x38 (C) [ 17.577107] dump_stack_lvl+0x8c/0xd0 [ 17.577170] print_report+0x310/0x5d0 [ 17.577276] kasan_report+0xdc/0x128 [ 17.577369] __asan_report_load1_noabort+0x20/0x30 [ 17.577637] kasan_stack_oob+0x238/0x270 [ 17.577795] kunit_try_run_case+0x170/0x3f0 [ 17.577977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.578143] kthread+0x328/0x630 [ 17.578190] ret_from_fork+0x10/0x20 [ 17.578596] [ 17.579001] The buggy address belongs to stack of task kunit_try_catch/249 [ 17.579509] and is located at offset 138 in frame: [ 17.579559] kasan_stack_oob+0x0/0x270 [ 17.580477] [ 17.580579] This frame has 4 objects: [ 17.581295] [48, 49) '__assertion' [ 17.581424] [64, 72) 'array' [ 17.581527] [96, 112) '__assertion' [ 17.582062] [128, 138) 'stack_array' [ 17.582181] [ 17.582211] The buggy address ffff800080a77c2a belongs to a vmalloc virtual mapping [ 17.582267] The buggy address belongs to the physical page: [ 17.582301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f67 [ 17.582398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.582465] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.582803] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.582901] page dumped because: kasan: bad access detected [ 17.582999] [ 17.583126] Memory state around the buggy address: [ 17.583472] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.583835] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.583899] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.584209] ^ [ 17.584351] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.584430] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.584756] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.553068] ================================================================== [ 17.553696] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.554013] Read of size 1 at addr ffffa1421b54f58d by task kunit_try_catch/245 [ 17.554119] [ 17.554239] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.554368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.554404] Hardware name: linux,dummy-virt (DT) [ 17.554435] Call trace: [ 17.554458] show_stack+0x20/0x38 (C) [ 17.554780] dump_stack_lvl+0x8c/0xd0 [ 17.554911] print_report+0x310/0x5d0 [ 17.554989] kasan_report+0xdc/0x128 [ 17.555324] __asan_report_load1_noabort+0x20/0x30 [ 17.555399] kasan_global_oob_right+0x230/0x270 [ 17.555695] kunit_try_run_case+0x170/0x3f0 [ 17.555833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.555909] kthread+0x328/0x630 [ 17.555952] ret_from_fork+0x10/0x20 [ 17.556031] [ 17.556099] The buggy address belongs to the variable: [ 17.556138] global_array+0xd/0x40 [ 17.556218] [ 17.556289] The buggy address ffffa1421b54f58d belongs to a vmalloc virtual mapping [ 17.556412] The buggy address belongs to the physical page: [ 17.556460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.556524] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.556593] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.556644] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.556683] page dumped because: kasan: bad access detected [ 17.556715] [ 17.556735] Memory state around the buggy address: [ 17.556779] ffffa1421b54f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.556822] ffffa1421b54f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.556875] >ffffa1421b54f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.556928] ^ [ 17.556972] ffffa1421b54f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.557023] ffffa1421b54f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.557072] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.537436] ================================================================== [ 17.537493] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.537549] Free of addr fff00000c7820001 by task kunit_try_catch/243 [ 17.537608] [ 17.537641] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.537731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.537760] Hardware name: linux,dummy-virt (DT) [ 17.537792] Call trace: [ 17.537813] show_stack+0x20/0x38 (C) [ 17.537863] dump_stack_lvl+0x8c/0xd0 [ 17.537909] print_report+0x118/0x5d0 [ 17.537956] kasan_report_invalid_free+0xc0/0xe8 [ 17.538014] __kasan_mempool_poison_object+0xfc/0x150 [ 17.538066] mempool_free+0x28c/0x328 [ 17.538110] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.538171] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.538233] kunit_try_run_case+0x170/0x3f0 [ 17.538281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.539154] kthread+0x328/0x630 [ 17.539256] ret_from_fork+0x10/0x20 [ 17.539350] [ 17.539688] The buggy address belongs to the physical page: [ 17.539737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107820 [ 17.539826] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.539893] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.540436] page_type: f8(unknown) [ 17.540516] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.540625] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.540732] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.541078] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.541177] head: 0bfffe0000000002 ffffc1ffc31e0801 00000000ffffffff 00000000ffffffff [ 17.541381] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.541515] page dumped because: kasan: bad access detected [ 17.541596] [ 17.541738] Memory state around the buggy address: [ 17.541839] fff00000c781ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542243] fff00000c781ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.542384] >fff00000c7820000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.542508] ^ [ 17.542601] fff00000c7820080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.542770] fff00000c7820100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.542849] ================================================================== [ 17.519933] ================================================================== [ 17.520045] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.520099] Free of addr fff00000c7711d01 by task kunit_try_catch/241 [ 17.520144] [ 17.520368] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.520465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.520493] Hardware name: linux,dummy-virt (DT) [ 17.520634] Call trace: [ 17.520911] show_stack+0x20/0x38 (C) [ 17.521016] dump_stack_lvl+0x8c/0xd0 [ 17.521072] print_report+0x118/0x5d0 [ 17.521485] kasan_report_invalid_free+0xc0/0xe8 [ 17.521635] check_slab_allocation+0xfc/0x108 [ 17.521778] __kasan_mempool_poison_object+0x78/0x150 [ 17.521886] mempool_free+0x28c/0x328 [ 17.521961] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.522466] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.522563] kunit_try_run_case+0x170/0x3f0 [ 17.522699] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.522875] kthread+0x328/0x630 [ 17.522998] ret_from_fork+0x10/0x20 [ 17.523050] [ 17.523348] Allocated by task 241: [ 17.523655] kasan_save_stack+0x3c/0x68 [ 17.523732] kasan_save_track+0x20/0x40 [ 17.523845] kasan_save_alloc_info+0x40/0x58 [ 17.523977] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.524024] remove_element+0x130/0x1f8 [ 17.524353] mempool_alloc_preallocated+0x58/0xc0 [ 17.524443] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.524540] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.524640] kunit_try_run_case+0x170/0x3f0 [ 17.524702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.525008] kthread+0x328/0x630 [ 17.525143] ret_from_fork+0x10/0x20 [ 17.525286] [ 17.525367] The buggy address belongs to the object at fff00000c7711d00 [ 17.525367] which belongs to the cache kmalloc-128 of size 128 [ 17.525516] The buggy address is located 1 bytes inside of [ 17.525516] 128-byte region [fff00000c7711d00, fff00000c7711d80) [ 17.525633] [ 17.525679] The buggy address belongs to the physical page: [ 17.525713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711 [ 17.525767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.525817] page_type: f5(slab) [ 17.526300] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.526395] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.526559] page dumped because: kasan: bad access detected [ 17.526668] [ 17.527060] Memory state around the buggy address: [ 17.527127] fff00000c7711c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.527196] fff00000c7711c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.527371] >fff00000c7711d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.527514] ^ [ 17.527585] fff00000c7711d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.527663] fff00000c7711e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.528011] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.487524] ================================================================== [ 17.487612] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.487666] Free of addr fff00000c781c000 by task kunit_try_catch/237 [ 17.487718] [ 17.487753] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.487960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.488129] Hardware name: linux,dummy-virt (DT) [ 17.488165] Call trace: [ 17.488536] show_stack+0x20/0x38 (C) [ 17.488835] dump_stack_lvl+0x8c/0xd0 [ 17.489008] print_report+0x118/0x5d0 [ 17.489068] kasan_report_invalid_free+0xc0/0xe8 [ 17.489511] __kasan_mempool_poison_object+0x14c/0x150 [ 17.489836] mempool_free+0x28c/0x328 [ 17.489935] mempool_double_free_helper+0x150/0x2e8 [ 17.489988] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.490039] kunit_try_run_case+0x170/0x3f0 [ 17.490204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.490265] kthread+0x328/0x630 [ 17.490308] ret_from_fork+0x10/0x20 [ 17.490369] [ 17.490391] The buggy address belongs to the physical page: [ 17.490423] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10781c [ 17.490490] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.490542] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.490594] page_type: f8(unknown) [ 17.490633] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.490691] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.490750] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.490808] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.490859] head: 0bfffe0000000002 ffffc1ffc31e0701 00000000ffffffff 00000000ffffffff [ 17.490908] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.490958] page dumped because: kasan: bad access detected [ 17.490990] [ 17.491008] Memory state around the buggy address: [ 17.491058] fff00000c781bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.491101] fff00000c781bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.491159] >fff00000c781c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.491196] ^ [ 17.491226] fff00000c781c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.491271] fff00000c781c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.491311] ================================================================== [ 17.467766] ================================================================== [ 17.467828] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.467883] Free of addr fff00000c7711900 by task kunit_try_catch/235 [ 17.467926] [ 17.468517] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.468869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.469001] Hardware name: linux,dummy-virt (DT) [ 17.469170] Call trace: [ 17.469268] show_stack+0x20/0x38 (C) [ 17.469369] dump_stack_lvl+0x8c/0xd0 [ 17.469539] print_report+0x118/0x5d0 [ 17.469591] kasan_report_invalid_free+0xc0/0xe8 [ 17.469640] check_slab_allocation+0xd4/0x108 [ 17.469694] __kasan_mempool_poison_object+0x78/0x150 [ 17.469931] mempool_free+0x28c/0x328 [ 17.470090] mempool_double_free_helper+0x150/0x2e8 [ 17.470268] mempool_kmalloc_double_free+0xc0/0x118 [ 17.470410] kunit_try_run_case+0x170/0x3f0 [ 17.470527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.470662] kthread+0x328/0x630 [ 17.470709] ret_from_fork+0x10/0x20 [ 17.470950] [ 17.471111] Allocated by task 235: [ 17.471239] kasan_save_stack+0x3c/0x68 [ 17.471404] kasan_save_track+0x20/0x40 [ 17.471544] kasan_save_alloc_info+0x40/0x58 [ 17.471634] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.471690] remove_element+0x130/0x1f8 [ 17.471886] mempool_alloc_preallocated+0x58/0xc0 [ 17.472029] mempool_double_free_helper+0x94/0x2e8 [ 17.472091] mempool_kmalloc_double_free+0xc0/0x118 [ 17.472243] kunit_try_run_case+0x170/0x3f0 [ 17.472396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.472543] kthread+0x328/0x630 [ 17.472579] ret_from_fork+0x10/0x20 [ 17.472926] [ 17.473071] Freed by task 235: [ 17.473103] kasan_save_stack+0x3c/0x68 [ 17.473315] kasan_save_track+0x20/0x40 [ 17.473479] kasan_save_free_info+0x4c/0x78 [ 17.473588] __kasan_mempool_poison_object+0xc0/0x150 [ 17.473652] mempool_free+0x28c/0x328 [ 17.473687] mempool_double_free_helper+0x100/0x2e8 [ 17.473780] mempool_kmalloc_double_free+0xc0/0x118 [ 17.473841] kunit_try_run_case+0x170/0x3f0 [ 17.473880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.474199] kthread+0x328/0x630 [ 17.474266] ret_from_fork+0x10/0x20 [ 17.474389] [ 17.474449] The buggy address belongs to the object at fff00000c7711900 [ 17.474449] which belongs to the cache kmalloc-128 of size 128 [ 17.474610] The buggy address is located 0 bytes inside of [ 17.474610] 128-byte region [fff00000c7711900, fff00000c7711980) [ 17.474704] [ 17.474753] The buggy address belongs to the physical page: [ 17.474817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711 [ 17.474902] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.474975] page_type: f5(slab) [ 17.475321] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.475492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.475580] page dumped because: kasan: bad access detected [ 17.475714] [ 17.475827] Memory state around the buggy address: [ 17.475875] fff00000c7711800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.475985] fff00000c7711880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.476027] >fff00000c7711900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.476353] ^ [ 17.476422] fff00000c7711980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.476570] fff00000c7711a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.476703] ================================================================== [ 17.504165] ================================================================== [ 17.504514] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.504648] Free of addr fff00000c781c000 by task kunit_try_catch/239 [ 17.504695] [ 17.504752] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.504991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.505029] Hardware name: linux,dummy-virt (DT) [ 17.505062] Call trace: [ 17.505090] show_stack+0x20/0x38 (C) [ 17.505142] dump_stack_lvl+0x8c/0xd0 [ 17.505187] print_report+0x118/0x5d0 [ 17.505572] kasan_report_invalid_free+0xc0/0xe8 [ 17.505674] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.505728] mempool_free+0x24c/0x328 [ 17.505774] mempool_double_free_helper+0x150/0x2e8 [ 17.506305] mempool_page_alloc_double_free+0xbc/0x118 [ 17.506419] kunit_try_run_case+0x170/0x3f0 [ 17.506470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.506930] kthread+0x328/0x630 [ 17.507025] ret_from_fork+0x10/0x20 [ 17.507321] [ 17.507364] The buggy address belongs to the physical page: [ 17.507405] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10781c [ 17.507525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.507590] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.507933] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.508069] page dumped because: kasan: bad access detected [ 17.508119] [ 17.508139] Memory state around the buggy address: [ 17.508587] fff00000c781bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.508693] fff00000c781bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.508738] >fff00000c781c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.509346] ^ [ 17.509383] fff00000c781c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.509804] fff00000c781c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.509865] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.394974] ================================================================== [ 17.395639] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.395722] Read of size 1 at addr fff00000c7818000 by task kunit_try_catch/229 [ 17.395773] [ 17.395808] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.396204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.396349] Hardware name: linux,dummy-virt (DT) [ 17.396405] Call trace: [ 17.396441] show_stack+0x20/0x38 (C) [ 17.396762] dump_stack_lvl+0x8c/0xd0 [ 17.396827] print_report+0x118/0x5d0 [ 17.396929] kasan_report+0xdc/0x128 [ 17.396980] __asan_report_load1_noabort+0x20/0x30 [ 17.397032] mempool_uaf_helper+0x314/0x340 [ 17.397281] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.397491] kunit_try_run_case+0x170/0x3f0 [ 17.397616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.397732] kthread+0x328/0x630 [ 17.397786] ret_from_fork+0x10/0x20 [ 17.398088] [ 17.398137] The buggy address belongs to the physical page: [ 17.398232] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 17.398325] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.398689] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.398789] page_type: f8(unknown) [ 17.398881] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.399184] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.399444] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.399617] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.399731] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 17.399901] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.399983] page dumped because: kasan: bad access detected [ 17.400071] [ 17.400358] Memory state around the buggy address: [ 17.400431] fff00000c7817f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.400500] fff00000c7817f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.400662] >fff00000c7818000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.400716] ^ [ 17.401054] fff00000c7818080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.401143] fff00000c7818100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.401289] ================================================================== [ 17.447631] ================================================================== [ 17.447959] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.448156] Read of size 1 at addr fff00000c781c000 by task kunit_try_catch/233 [ 17.448252] [ 17.448402] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.448512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.448573] Hardware name: linux,dummy-virt (DT) [ 17.448607] Call trace: [ 17.448632] show_stack+0x20/0x38 (C) [ 17.448934] dump_stack_lvl+0x8c/0xd0 [ 17.449174] print_report+0x118/0x5d0 [ 17.449235] kasan_report+0xdc/0x128 [ 17.449279] __asan_report_load1_noabort+0x20/0x30 [ 17.449445] mempool_uaf_helper+0x314/0x340 [ 17.449604] mempool_page_alloc_uaf+0xc0/0x118 [ 17.449877] kunit_try_run_case+0x170/0x3f0 [ 17.450222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.450413] kthread+0x328/0x630 [ 17.450502] ret_from_fork+0x10/0x20 [ 17.450758] [ 17.450794] The buggy address belongs to the physical page: [ 17.451660] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10781c [ 17.451824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.452172] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.452824] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.452971] page dumped because: kasan: bad access detected [ 17.453086] [ 17.453313] Memory state around the buggy address: [ 17.453533] fff00000c781bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.453761] fff00000c781bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.453830] >fff00000c781c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.453901] ^ [ 17.454011] fff00000c781c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.454210] fff00000c781c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.454454] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.378484] ================================================================== [ 17.378546] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.378605] Read of size 1 at addr fff00000c7711500 by task kunit_try_catch/227 [ 17.378789] [ 17.378855] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.379437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.379630] Hardware name: linux,dummy-virt (DT) [ 17.379671] Call trace: [ 17.379696] show_stack+0x20/0x38 (C) [ 17.379749] dump_stack_lvl+0x8c/0xd0 [ 17.379798] print_report+0x118/0x5d0 [ 17.380014] kasan_report+0xdc/0x128 [ 17.380195] __asan_report_load1_noabort+0x20/0x30 [ 17.380284] mempool_uaf_helper+0x314/0x340 [ 17.380346] mempool_kmalloc_uaf+0xc4/0x120 [ 17.380488] kunit_try_run_case+0x170/0x3f0 [ 17.380563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.380627] kthread+0x328/0x630 [ 17.380896] ret_from_fork+0x10/0x20 [ 17.381035] [ 17.381061] Allocated by task 227: [ 17.381138] kasan_save_stack+0x3c/0x68 [ 17.381236] kasan_save_track+0x20/0x40 [ 17.381487] kasan_save_alloc_info+0x40/0x58 [ 17.381752] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.382085] remove_element+0x130/0x1f8 [ 17.382170] mempool_alloc_preallocated+0x58/0xc0 [ 17.382315] mempool_uaf_helper+0xa4/0x340 [ 17.382512] mempool_kmalloc_uaf+0xc4/0x120 [ 17.382630] kunit_try_run_case+0x170/0x3f0 [ 17.382759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.383064] kthread+0x328/0x630 [ 17.383130] ret_from_fork+0x10/0x20 [ 17.383199] [ 17.383468] Freed by task 227: [ 17.383525] kasan_save_stack+0x3c/0x68 [ 17.383586] kasan_save_track+0x20/0x40 [ 17.383634] kasan_save_free_info+0x4c/0x78 [ 17.383705] __kasan_mempool_poison_object+0xc0/0x150 [ 17.383771] mempool_free+0x28c/0x328 [ 17.383808] mempool_uaf_helper+0x104/0x340 [ 17.383850] mempool_kmalloc_uaf+0xc4/0x120 [ 17.383889] kunit_try_run_case+0x170/0x3f0 [ 17.383926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.383973] kthread+0x328/0x630 [ 17.384007] ret_from_fork+0x10/0x20 [ 17.384052] [ 17.384092] The buggy address belongs to the object at fff00000c7711500 [ 17.384092] which belongs to the cache kmalloc-128 of size 128 [ 17.384153] The buggy address is located 0 bytes inside of [ 17.384153] freed 128-byte region [fff00000c7711500, fff00000c7711580) [ 17.384227] [ 17.384262] The buggy address belongs to the physical page: [ 17.384306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711 [ 17.384782] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.384868] page_type: f5(slab) [ 17.385076] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.385233] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.385533] page dumped because: kasan: bad access detected [ 17.385612] [ 17.385631] Memory state around the buggy address: [ 17.385695] fff00000c7711400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.385942] fff00000c7711480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.386027] >fff00000c7711500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.386177] ^ [ 17.386241] fff00000c7711580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.386347] fff00000c7711600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.386710] ================================================================== [ 17.413042] ================================================================== [ 17.413135] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.413197] Read of size 1 at addr fff00000c784b240 by task kunit_try_catch/231 [ 17.413507] [ 17.413575] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.413788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.413878] Hardware name: linux,dummy-virt (DT) [ 17.414061] Call trace: [ 17.414116] show_stack+0x20/0x38 (C) [ 17.414306] dump_stack_lvl+0x8c/0xd0 [ 17.414410] print_report+0x118/0x5d0 [ 17.414459] kasan_report+0xdc/0x128 [ 17.414854] __asan_report_load1_noabort+0x20/0x30 [ 17.415001] mempool_uaf_helper+0x314/0x340 [ 17.415099] mempool_slab_uaf+0xc0/0x118 [ 17.415282] kunit_try_run_case+0x170/0x3f0 [ 17.415639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.415739] kthread+0x328/0x630 [ 17.415801] ret_from_fork+0x10/0x20 [ 17.416565] [ 17.416619] Allocated by task 231: [ 17.416685] kasan_save_stack+0x3c/0x68 [ 17.416831] kasan_save_track+0x20/0x40 [ 17.416945] kasan_save_alloc_info+0x40/0x58 [ 17.416988] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.417043] remove_element+0x16c/0x1f8 [ 17.417129] mempool_alloc_preallocated+0x58/0xc0 [ 17.417366] mempool_uaf_helper+0xa4/0x340 [ 17.417489] mempool_slab_uaf+0xc0/0x118 [ 17.417781] kunit_try_run_case+0x170/0x3f0 [ 17.417958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.418146] kthread+0x328/0x630 [ 17.418350] ret_from_fork+0x10/0x20 [ 17.418934] [ 17.418995] Freed by task 231: [ 17.419073] kasan_save_stack+0x3c/0x68 [ 17.419181] kasan_save_track+0x20/0x40 [ 17.419443] kasan_save_free_info+0x4c/0x78 [ 17.419531] __kasan_mempool_poison_object+0xc0/0x150 [ 17.419919] mempool_free+0x28c/0x328 [ 17.419975] mempool_uaf_helper+0x104/0x340 [ 17.420030] mempool_slab_uaf+0xc0/0x118 [ 17.420069] kunit_try_run_case+0x170/0x3f0 [ 17.420159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.420211] kthread+0x328/0x630 [ 17.420245] ret_from_fork+0x10/0x20 [ 17.420296] [ 17.420345] The buggy address belongs to the object at fff00000c784b240 [ 17.420345] which belongs to the cache test_cache of size 123 [ 17.420416] The buggy address is located 0 bytes inside of [ 17.420416] freed 123-byte region [fff00000c784b240, fff00000c784b2bb) [ 17.420477] [ 17.420505] The buggy address belongs to the physical page: [ 17.420539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784b [ 17.420601] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.420657] page_type: f5(slab) [ 17.420696] raw: 0bfffe0000000000 fff00000c5a563c0 dead000000000122 0000000000000000 [ 17.420745] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.420786] page dumped because: kasan: bad access detected [ 17.420828] [ 17.420847] Memory state around the buggy address: [ 17.420880] fff00000c784b100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.420940] fff00000c784b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.420984] >fff00000c784b200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.421039] ^ [ 17.421074] fff00000c784b280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.421125] fff00000c784b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.421163] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.332385] ================================================================== [ 17.332445] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.333766] Read of size 1 at addr fff00000c781a001 by task kunit_try_catch/223 [ 17.333862] [ 17.333897] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.333979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.334006] Hardware name: linux,dummy-virt (DT) [ 17.334036] Call trace: [ 17.334060] show_stack+0x20/0x38 (C) [ 17.334109] dump_stack_lvl+0x8c/0xd0 [ 17.335935] print_report+0x118/0x5d0 [ 17.336781] kasan_report+0xdc/0x128 [ 17.337034] __asan_report_load1_noabort+0x20/0x30 [ 17.337673] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.337828] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.337878] kunit_try_run_case+0x170/0x3f0 [ 17.337926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.337978] kthread+0x328/0x630 [ 17.338019] ret_from_fork+0x10/0x20 [ 17.339204] [ 17.339603] The buggy address belongs to the physical page: [ 17.340070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 17.340605] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.341038] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.341183] page_type: f8(unknown) [ 17.341226] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.341278] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.341937] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.342343] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.342961] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 17.343352] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.343401] page dumped because: kasan: bad access detected [ 17.343940] [ 17.344120] Memory state around the buggy address: [ 17.344158] fff00000c7819f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.344204] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.344248] >fff00000c781a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.345130] ^ [ 17.345422] fff00000c781a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.345466] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.345504] ================================================================== [ 17.363299] ================================================================== [ 17.363384] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.363440] Read of size 1 at addr fff00000c5a8b2bb by task kunit_try_catch/225 [ 17.363491] [ 17.363524] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.363720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.363753] Hardware name: linux,dummy-virt (DT) [ 17.363783] Call trace: [ 17.363808] show_stack+0x20/0x38 (C) [ 17.363860] dump_stack_lvl+0x8c/0xd0 [ 17.363910] print_report+0x118/0x5d0 [ 17.364002] kasan_report+0xdc/0x128 [ 17.364048] __asan_report_load1_noabort+0x20/0x30 [ 17.364138] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.364191] mempool_slab_oob_right+0xc0/0x118 [ 17.364253] kunit_try_run_case+0x170/0x3f0 [ 17.364311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.364458] kthread+0x328/0x630 [ 17.364502] ret_from_fork+0x10/0x20 [ 17.364551] [ 17.364569] Allocated by task 225: [ 17.364599] kasan_save_stack+0x3c/0x68 [ 17.364639] kasan_save_track+0x20/0x40 [ 17.364701] kasan_save_alloc_info+0x40/0x58 [ 17.364751] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.364804] remove_element+0x16c/0x1f8 [ 17.364841] mempool_alloc_preallocated+0x58/0xc0 [ 17.364879] mempool_oob_right_helper+0x98/0x2f0 [ 17.364933] mempool_slab_oob_right+0xc0/0x118 [ 17.364971] kunit_try_run_case+0x170/0x3f0 [ 17.365009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.365053] kthread+0x328/0x630 [ 17.365085] ret_from_fork+0x10/0x20 [ 17.365122] [ 17.365147] The buggy address belongs to the object at fff00000c5a8b240 [ 17.365147] which belongs to the cache test_cache of size 123 [ 17.365213] The buggy address is located 0 bytes to the right of [ 17.365213] allocated 123-byte region [fff00000c5a8b240, fff00000c5a8b2bb) [ 17.365284] [ 17.365305] The buggy address belongs to the physical page: [ 17.365356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8b [ 17.365408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.365459] page_type: f5(slab) [ 17.365498] raw: 0bfffe0000000000 fff00000c5a56280 dead000000000122 0000000000000000 [ 17.365613] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.365659] page dumped because: kasan: bad access detected [ 17.365692] [ 17.365829] Memory state around the buggy address: [ 17.365868] fff00000c5a8b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.365973] fff00000c5a8b200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.366049] >fff00000c5a8b280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.366158] ^ [ 17.366222] fff00000c5a8b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.366268] fff00000c5a8b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.366307] ================================================================== [ 17.317305] ================================================================== [ 17.317402] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.317478] Read of size 1 at addr fff00000c7711173 by task kunit_try_catch/221 [ 17.317530] [ 17.317574] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.317661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.317689] Hardware name: linux,dummy-virt (DT) [ 17.317723] Call trace: [ 17.317750] show_stack+0x20/0x38 (C) [ 17.317801] dump_stack_lvl+0x8c/0xd0 [ 17.317852] print_report+0x118/0x5d0 [ 17.317900] kasan_report+0xdc/0x128 [ 17.317945] __asan_report_load1_noabort+0x20/0x30 [ 17.317997] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.318044] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.318092] kunit_try_run_case+0x170/0x3f0 [ 17.318143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.318196] kthread+0x328/0x630 [ 17.318243] ret_from_fork+0x10/0x20 [ 17.318294] [ 17.318312] Allocated by task 221: [ 17.318355] kasan_save_stack+0x3c/0x68 [ 17.318399] kasan_save_track+0x20/0x40 [ 17.318438] kasan_save_alloc_info+0x40/0x58 [ 17.318479] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.318523] remove_element+0x130/0x1f8 [ 17.318562] mempool_alloc_preallocated+0x58/0xc0 [ 17.318601] mempool_oob_right_helper+0x98/0x2f0 [ 17.318641] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.318682] kunit_try_run_case+0x170/0x3f0 [ 17.318720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.318763] kthread+0x328/0x630 [ 17.318797] ret_from_fork+0x10/0x20 [ 17.318833] [ 17.318853] The buggy address belongs to the object at fff00000c7711100 [ 17.318853] which belongs to the cache kmalloc-128 of size 128 [ 17.318915] The buggy address is located 0 bytes to the right of [ 17.318915] allocated 115-byte region [fff00000c7711100, fff00000c7711173) [ 17.318979] [ 17.319002] The buggy address belongs to the physical page: [ 17.319037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711 [ 17.319089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.319142] page_type: f5(slab) [ 17.319184] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.319235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.319276] page dumped because: kasan: bad access detected [ 17.319308] [ 17.319335] Memory state around the buggy address: [ 17.319370] fff00000c7711000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.319413] fff00000c7711080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.319456] >fff00000c7711100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.319493] ^ [ 17.319533] fff00000c7711180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.319575] fff00000c7711200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.319613] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.744135] ================================================================== [ 16.744209] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.744289] Read of size 1 at addr fff00000c5a56000 by task kunit_try_catch/215 [ 16.744355] [ 16.744400] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.744489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.744515] Hardware name: linux,dummy-virt (DT) [ 16.744551] Call trace: [ 16.744578] show_stack+0x20/0x38 (C) [ 16.744631] dump_stack_lvl+0x8c/0xd0 [ 16.744685] print_report+0x118/0x5d0 [ 16.744732] kasan_report+0xdc/0x128 [ 16.744778] __kasan_check_byte+0x54/0x70 [ 16.744825] kmem_cache_destroy+0x34/0x218 [ 16.744875] kmem_cache_double_destroy+0x174/0x300 [ 16.744931] kunit_try_run_case+0x170/0x3f0 [ 16.744982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.745034] kthread+0x328/0x630 [ 16.745079] ret_from_fork+0x10/0x20 [ 16.745128] [ 16.745147] Allocated by task 215: [ 16.745180] kasan_save_stack+0x3c/0x68 [ 16.745221] kasan_save_track+0x20/0x40 [ 16.745258] kasan_save_alloc_info+0x40/0x58 [ 16.745299] __kasan_slab_alloc+0xa8/0xb0 [ 16.745548] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.745594] __kmem_cache_create_args+0x178/0x280 [ 16.745635] kmem_cache_double_destroy+0xc0/0x300 [ 16.745676] kunit_try_run_case+0x170/0x3f0 [ 16.745714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.745758] kthread+0x328/0x630 [ 16.745792] ret_from_fork+0x10/0x20 [ 16.745829] [ 16.745850] Freed by task 215: [ 16.745879] kasan_save_stack+0x3c/0x68 [ 16.745918] kasan_save_track+0x20/0x40 [ 16.745954] kasan_save_free_info+0x4c/0x78 [ 16.745994] __kasan_slab_free+0x6c/0x98 [ 16.746033] kmem_cache_free+0x260/0x468 [ 16.746071] slab_kmem_cache_release+0x38/0x50 [ 16.746110] kmem_cache_release+0x1c/0x30 [ 16.746147] kobject_put+0x17c/0x420 [ 16.746184] sysfs_slab_release+0x1c/0x30 [ 16.746223] kmem_cache_destroy+0x118/0x218 [ 16.746261] kmem_cache_double_destroy+0x128/0x300 [ 16.746301] kunit_try_run_case+0x170/0x3f0 [ 16.746354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.746399] kthread+0x328/0x630 [ 16.746431] ret_from_fork+0x10/0x20 [ 16.746468] [ 16.746489] The buggy address belongs to the object at fff00000c5a56000 [ 16.746489] which belongs to the cache kmem_cache of size 208 [ 16.746548] The buggy address is located 0 bytes inside of [ 16.746548] freed 208-byte region [fff00000c5a56000, fff00000c5a560d0) [ 16.746609] [ 16.746631] The buggy address belongs to the physical page: [ 16.746666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a56 [ 16.746722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.746776] page_type: f5(slab) [ 16.746818] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.746869] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.746910] page dumped because: kasan: bad access detected [ 16.746941] [ 16.746961] Memory state around the buggy address: [ 16.746994] fff00000c5a55f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.747037] fff00000c5a55f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.747079] >fff00000c5a56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.747117] ^ [ 16.747145] fff00000c5a56080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.747187] fff00000c5a56100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.747226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.514090] ================================================================== [ 16.514205] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.514286] Read of size 1 at addr fff00000c3f28000 by task kunit_try_catch/213 [ 16.514351] [ 16.515694] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.515860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.516689] Hardware name: linux,dummy-virt (DT) [ 16.516851] Call trace: [ 16.517088] show_stack+0x20/0x38 (C) [ 16.517743] dump_stack_lvl+0x8c/0xd0 [ 16.517896] print_report+0x118/0x5d0 [ 16.518371] kasan_report+0xdc/0x128 [ 16.518608] __asan_report_load1_noabort+0x20/0x30 [ 16.518663] kmem_cache_rcu_uaf+0x388/0x468 [ 16.518709] kunit_try_run_case+0x170/0x3f0 [ 16.519464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.519533] kthread+0x328/0x630 [ 16.520117] ret_from_fork+0x10/0x20 [ 16.520548] [ 16.521080] Allocated by task 213: [ 16.521119] kasan_save_stack+0x3c/0x68 [ 16.521169] kasan_save_track+0x20/0x40 [ 16.521208] kasan_save_alloc_info+0x40/0x58 [ 16.521247] __kasan_slab_alloc+0xa8/0xb0 [ 16.521981] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.522226] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.522796] kunit_try_run_case+0x170/0x3f0 [ 16.523158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.523976] kthread+0x328/0x630 [ 16.524139] ret_from_fork+0x10/0x20 [ 16.524180] [ 16.524570] Freed by task 0: [ 16.524607] kasan_save_stack+0x3c/0x68 [ 16.524952] kasan_save_track+0x20/0x40 [ 16.525158] kasan_save_free_info+0x4c/0x78 [ 16.525200] __kasan_slab_free+0x6c/0x98 [ 16.525765] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.525925] rcu_core+0x9f4/0x1e20 [ 16.526243] rcu_core_si+0x18/0x30 [ 16.527148] handle_softirqs+0x374/0xb28 [ 16.527302] __do_softirq+0x1c/0x28 [ 16.527450] [ 16.527586] Last potentially related work creation: [ 16.527651] kasan_save_stack+0x3c/0x68 [ 16.527792] kasan_record_aux_stack+0xb4/0xc8 [ 16.528008] kmem_cache_free+0x120/0x468 [ 16.528050] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.528134] kunit_try_run_case+0x170/0x3f0 [ 16.528232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.528276] kthread+0x328/0x630 [ 16.528309] ret_from_fork+0x10/0x20 [ 16.528450] [ 16.528471] The buggy address belongs to the object at fff00000c3f28000 [ 16.528471] which belongs to the cache test_cache of size 200 [ 16.529525] The buggy address is located 0 bytes inside of [ 16.529525] freed 200-byte region [fff00000c3f28000, fff00000c3f280c8) [ 16.530088] [ 16.530850] The buggy address belongs to the physical page: [ 16.530975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f28 [ 16.531050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.531106] page_type: f5(slab) [ 16.531152] raw: 0bfffe0000000000 fff00000c3e97dc0 dead000000000122 0000000000000000 [ 16.531558] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.532139] page dumped because: kasan: bad access detected [ 16.532688] [ 16.532709] Memory state around the buggy address: [ 16.532750] fff00000c3f27f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.533196] fff00000c3f27f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.533368] >fff00000c3f28000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.533613] ^ [ 16.533647] fff00000c3f28080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.533709] fff00000c3f28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.534003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.056866] ================================================================== [ 16.057051] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.057579] Free of addr fff00000c3f2a001 by task kunit_try_catch/211 [ 16.057892] [ 16.057935] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.058021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.058047] Hardware name: linux,dummy-virt (DT) [ 16.058269] Call trace: [ 16.058297] show_stack+0x20/0x38 (C) [ 16.058571] dump_stack_lvl+0x8c/0xd0 [ 16.058622] print_report+0x118/0x5d0 [ 16.058747] kasan_report_invalid_free+0xc0/0xe8 [ 16.058799] check_slab_allocation+0xfc/0x108 [ 16.058848] __kasan_slab_pre_free+0x2c/0x48 [ 16.058991] kmem_cache_free+0xf0/0x468 [ 16.059039] kmem_cache_invalid_free+0x184/0x3c8 [ 16.059090] kunit_try_run_case+0x170/0x3f0 [ 16.059138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.059192] kthread+0x328/0x630 [ 16.059656] ret_from_fork+0x10/0x20 [ 16.059832] [ 16.059853] Allocated by task 211: [ 16.059885] kasan_save_stack+0x3c/0x68 [ 16.059954] kasan_save_track+0x20/0x40 [ 16.060013] kasan_save_alloc_info+0x40/0x58 [ 16.060126] __kasan_slab_alloc+0xa8/0xb0 [ 16.060165] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.060211] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.061091] kunit_try_run_case+0x170/0x3f0 [ 16.061572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.061633] kthread+0x328/0x630 [ 16.061668] ret_from_fork+0x10/0x20 [ 16.061706] [ 16.061726] The buggy address belongs to the object at fff00000c3f2a000 [ 16.061726] which belongs to the cache test_cache of size 200 [ 16.061785] The buggy address is located 1 bytes inside of [ 16.061785] 200-byte region [fff00000c3f2a000, fff00000c3f2a0c8) [ 16.061845] [ 16.061867] The buggy address belongs to the physical page: [ 16.061901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f2a [ 16.061955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.062006] page_type: f5(slab) [ 16.062047] raw: 0bfffe0000000000 fff00000c3e97c80 dead000000000122 0000000000000000 [ 16.062098] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.062138] page dumped because: kasan: bad access detected [ 16.062167] [ 16.062187] Memory state around the buggy address: [ 16.062219] fff00000c3f29f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.062262] fff00000c3f29f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.062305] >fff00000c3f2a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.062364] ^ [ 16.062392] fff00000c3f2a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.062434] fff00000c3f2a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.062473] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.022768] ================================================================== [ 16.022842] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.022916] Free of addr fff00000c5a4d000 by task kunit_try_catch/209 [ 16.022960] [ 16.023167] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.023835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.024164] Hardware name: linux,dummy-virt (DT) [ 16.024205] Call trace: [ 16.024230] show_stack+0x20/0x38 (C) [ 16.024293] dump_stack_lvl+0x8c/0xd0 [ 16.024419] print_report+0x118/0x5d0 [ 16.024468] kasan_report_invalid_free+0xc0/0xe8 [ 16.024643] check_slab_allocation+0xd4/0x108 [ 16.024796] __kasan_slab_pre_free+0x2c/0x48 [ 16.024845] kmem_cache_free+0xf0/0x468 [ 16.024894] kmem_cache_double_free+0x190/0x3c8 [ 16.024949] kunit_try_run_case+0x170/0x3f0 [ 16.025000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.025060] kthread+0x328/0x630 [ 16.025291] ret_from_fork+0x10/0x20 [ 16.025610] [ 16.025669] Allocated by task 209: [ 16.025991] kasan_save_stack+0x3c/0x68 [ 16.026042] kasan_save_track+0x20/0x40 [ 16.026080] kasan_save_alloc_info+0x40/0x58 [ 16.026121] __kasan_slab_alloc+0xa8/0xb0 [ 16.026157] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.026378] kmem_cache_double_free+0x12c/0x3c8 [ 16.026528] kunit_try_run_case+0x170/0x3f0 [ 16.026644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.026691] kthread+0x328/0x630 [ 16.026765] ret_from_fork+0x10/0x20 [ 16.026802] [ 16.026821] Freed by task 209: [ 16.026848] kasan_save_stack+0x3c/0x68 [ 16.026954] kasan_save_track+0x20/0x40 [ 16.026992] kasan_save_free_info+0x4c/0x78 [ 16.027035] __kasan_slab_free+0x6c/0x98 [ 16.027071] kmem_cache_free+0x260/0x468 [ 16.027107] kmem_cache_double_free+0x140/0x3c8 [ 16.027146] kunit_try_run_case+0x170/0x3f0 [ 16.027193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.027238] kthread+0x328/0x630 [ 16.027492] ret_from_fork+0x10/0x20 [ 16.027539] [ 16.027692] The buggy address belongs to the object at fff00000c5a4d000 [ 16.027692] which belongs to the cache test_cache of size 200 [ 16.027873] The buggy address is located 0 bytes inside of [ 16.027873] 200-byte region [fff00000c5a4d000, fff00000c5a4d0c8) [ 16.028378] [ 16.028579] The buggy address belongs to the physical page: [ 16.028641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 16.028751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.028952] page_type: f5(slab) [ 16.029003] raw: 0bfffe0000000000 fff00000c3e97b40 dead000000000122 0000000000000000 [ 16.029114] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.029250] page dumped because: kasan: bad access detected [ 16.029305] [ 16.029323] Memory state around the buggy address: [ 16.029367] fff00000c5a4cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.029410] fff00000c5a4cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.029510] >fff00000c5a4d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.029787] ^ [ 16.029824] fff00000c5a4d080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.030121] fff00000c5a4d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.030543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.804078] ================================================================== [ 15.804202] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.804265] Read of size 1 at addr fff00000c5a650c8 by task kunit_try_catch/207 [ 15.804342] [ 15.804417] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.804784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.804846] Hardware name: linux,dummy-virt (DT) [ 15.804956] Call trace: [ 15.804983] show_stack+0x20/0x38 (C) [ 15.805057] dump_stack_lvl+0x8c/0xd0 [ 15.805163] print_report+0x118/0x5d0 [ 15.805631] kasan_report+0xdc/0x128 [ 15.805709] __asan_report_load1_noabort+0x20/0x30 [ 15.805852] kmem_cache_oob+0x344/0x430 [ 15.806083] kunit_try_run_case+0x170/0x3f0 [ 15.806294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.806632] kthread+0x328/0x630 [ 15.806717] ret_from_fork+0x10/0x20 [ 15.806908] [ 15.807121] Allocated by task 207: [ 15.807247] kasan_save_stack+0x3c/0x68 [ 15.807355] kasan_save_track+0x20/0x40 [ 15.807401] kasan_save_alloc_info+0x40/0x58 [ 15.807620] __kasan_slab_alloc+0xa8/0xb0 [ 15.807851] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.808015] kmem_cache_oob+0x12c/0x430 [ 15.808175] kunit_try_run_case+0x170/0x3f0 [ 15.808313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.808582] kthread+0x328/0x630 [ 15.808705] ret_from_fork+0x10/0x20 [ 15.808894] [ 15.808961] The buggy address belongs to the object at fff00000c5a65000 [ 15.808961] which belongs to the cache test_cache of size 200 [ 15.809139] The buggy address is located 0 bytes to the right of [ 15.809139] allocated 200-byte region [fff00000c5a65000, fff00000c5a650c8) [ 15.809298] [ 15.809351] The buggy address belongs to the physical page: [ 15.809387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a65 [ 15.809446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.809743] page_type: f5(slab) [ 15.809903] raw: 0bfffe0000000000 fff00000c3e97a00 dead000000000122 0000000000000000 [ 15.810024] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.810103] page dumped because: kasan: bad access detected [ 15.810193] [ 15.810309] Memory state around the buggy address: [ 15.810356] fff00000c5a64f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.810438] fff00000c5a65000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.810777] >fff00000c5a65080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.810875] ^ [ 15.811033] fff00000c5a65100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.811192] fff00000c5a65180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.811321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.771587] ================================================================== [ 15.771666] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.771812] Read of size 8 at addr fff00000c7713f80 by task kunit_try_catch/200 [ 15.771867] [ 15.772005] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.772095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.772159] Hardware name: linux,dummy-virt (DT) [ 15.772325] Call trace: [ 15.772372] show_stack+0x20/0x38 (C) [ 15.772564] dump_stack_lvl+0x8c/0xd0 [ 15.772762] print_report+0x118/0x5d0 [ 15.772835] kasan_report+0xdc/0x128 [ 15.772938] __asan_report_load8_noabort+0x20/0x30 [ 15.773038] workqueue_uaf+0x480/0x4a8 [ 15.773125] kunit_try_run_case+0x170/0x3f0 [ 15.773177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.773230] kthread+0x328/0x630 [ 15.773321] ret_from_fork+0x10/0x20 [ 15.773425] [ 15.773453] Allocated by task 200: [ 15.773482] kasan_save_stack+0x3c/0x68 [ 15.773528] kasan_save_track+0x20/0x40 [ 15.773865] kasan_save_alloc_info+0x40/0x58 [ 15.774012] __kasan_kmalloc+0xd4/0xd8 [ 15.774088] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.774153] workqueue_uaf+0x13c/0x4a8 [ 15.774252] kunit_try_run_case+0x170/0x3f0 [ 15.774300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.774354] kthread+0x328/0x630 [ 15.774387] ret_from_fork+0x10/0x20 [ 15.774423] [ 15.774443] Freed by task 56: [ 15.774470] kasan_save_stack+0x3c/0x68 [ 15.774508] kasan_save_track+0x20/0x40 [ 15.774545] kasan_save_free_info+0x4c/0x78 [ 15.774586] __kasan_slab_free+0x6c/0x98 [ 15.774622] kfree+0x214/0x3c8 [ 15.774656] workqueue_uaf_work+0x18/0x30 [ 15.774690] process_one_work+0x530/0xf98 [ 15.774728] worker_thread+0x618/0xf38 [ 15.774772] kthread+0x328/0x630 [ 15.774806] ret_from_fork+0x10/0x20 [ 15.774840] [ 15.774860] Last potentially related work creation: [ 15.774908] kasan_save_stack+0x3c/0x68 [ 15.774953] kasan_record_aux_stack+0xb4/0xc8 [ 15.774992] __queue_work+0x65c/0x1008 [ 15.775030] queue_work_on+0xbc/0xf8 [ 15.775068] workqueue_uaf+0x210/0x4a8 [ 15.775112] kunit_try_run_case+0x170/0x3f0 [ 15.775151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.775196] kthread+0x328/0x630 [ 15.775229] ret_from_fork+0x10/0x20 [ 15.775265] [ 15.775304] The buggy address belongs to the object at fff00000c7713f80 [ 15.775304] which belongs to the cache kmalloc-32 of size 32 [ 15.775873] The buggy address is located 0 bytes inside of [ 15.775873] freed 32-byte region [fff00000c7713f80, fff00000c7713fa0) [ 15.775961] [ 15.776017] The buggy address belongs to the physical page: [ 15.776069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107713 [ 15.776165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.776663] page_type: f5(slab) [ 15.776787] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.776934] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.777060] page dumped because: kasan: bad access detected [ 15.777094] [ 15.777113] Memory state around the buggy address: [ 15.777322] fff00000c7713e80: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 15.777432] fff00000c7713f00: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 15.777505] >fff00000c7713f80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 15.777670] ^ [ 15.777750] fff00000c7714000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.777872] fff00000c7714080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.777968] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.694471] ================================================================== [ 15.694585] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.696634] Read of size 4 at addr fff00000c7713d00 by task swapper/1/0 [ 15.697139] [ 15.697266] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.697922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.697955] Hardware name: linux,dummy-virt (DT) [ 15.698728] Call trace: [ 15.698985] show_stack+0x20/0x38 (C) [ 15.699547] dump_stack_lvl+0x8c/0xd0 [ 15.699886] print_report+0x118/0x5d0 [ 15.700524] kasan_report+0xdc/0x128 [ 15.701290] __asan_report_load4_noabort+0x20/0x30 [ 15.701490] rcu_uaf_reclaim+0x64/0x70 [ 15.701830] rcu_core+0x9f4/0x1e20 [ 15.702250] rcu_core_si+0x18/0x30 [ 15.702523] handle_softirqs+0x374/0xb28 [ 15.702814] __do_softirq+0x1c/0x28 [ 15.702862] ____do_softirq+0x18/0x30 [ 15.703702] call_on_irq_stack+0x24/0x30 [ 15.703975] do_softirq_own_stack+0x24/0x38 [ 15.704025] __irq_exit_rcu+0x1fc/0x318 [ 15.704074] irq_exit_rcu+0x1c/0x80 [ 15.704866] el1_interrupt+0x38/0x58 [ 15.705572] el1h_64_irq_handler+0x18/0x28 [ 15.705636] el1h_64_irq+0x6c/0x70 [ 15.707362] arch_local_irq_enable+0x4/0x8 (P) [ 15.707590] do_idle+0x384/0x4e8 [ 15.708062] cpu_startup_entry+0x64/0x80 [ 15.708121] secondary_start_kernel+0x288/0x340 [ 15.708956] __secondary_switched+0xc0/0xc8 [ 15.709909] [ 15.710020] Allocated by task 198: [ 15.710053] kasan_save_stack+0x3c/0x68 [ 15.710913] kasan_save_track+0x20/0x40 [ 15.711400] kasan_save_alloc_info+0x40/0x58 [ 15.711592] __kasan_kmalloc+0xd4/0xd8 [ 15.711657] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.711705] rcu_uaf+0xb0/0x2d8 [ 15.711793] kunit_try_run_case+0x170/0x3f0 [ 15.711837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.712344] kthread+0x328/0x630 [ 15.712391] ret_from_fork+0x10/0x20 [ 15.712427] [ 15.712448] Freed by task 0: [ 15.713044] kasan_save_stack+0x3c/0x68 [ 15.713485] kasan_save_track+0x20/0x40 [ 15.713523] kasan_save_free_info+0x4c/0x78 [ 15.713564] __kasan_slab_free+0x6c/0x98 [ 15.714401] kfree+0x214/0x3c8 [ 15.714950] rcu_uaf_reclaim+0x28/0x70 [ 15.715313] rcu_core+0x9f4/0x1e20 [ 15.715900] rcu_core_si+0x18/0x30 [ 15.716377] handle_softirqs+0x374/0xb28 [ 15.716481] __do_softirq+0x1c/0x28 [ 15.716646] [ 15.716768] Last potentially related work creation: [ 15.717548] kasan_save_stack+0x3c/0x68 [ 15.717898] kasan_record_aux_stack+0xb4/0xc8 [ 15.717944] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.718477] call_rcu+0x18/0x30 [ 15.719074] rcu_uaf+0x14c/0x2d8 [ 15.719213] kunit_try_run_case+0x170/0x3f0 [ 15.719539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.719589] kthread+0x328/0x630 [ 15.720257] ret_from_fork+0x10/0x20 [ 15.720699] [ 15.720737] The buggy address belongs to the object at fff00000c7713d00 [ 15.720737] which belongs to the cache kmalloc-32 of size 32 [ 15.721584] The buggy address is located 0 bytes inside of [ 15.721584] freed 32-byte region [fff00000c7713d00, fff00000c7713d20) [ 15.722747] [ 15.722800] The buggy address belongs to the physical page: [ 15.722941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107713 [ 15.723801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.724162] page_type: f5(slab) [ 15.724485] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.724582] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.724774] page dumped because: kasan: bad access detected [ 15.725553] [ 15.725710] Memory state around the buggy address: [ 15.725965] fff00000c7713c00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.726187] fff00000c7713c80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.726246] >fff00000c7713d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.726891] ^ [ 15.726934] fff00000c7713d80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.727274] fff00000c7713e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.728079] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.662409] ================================================================== [ 15.662465] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.662514] Read of size 1 at addr fff00000c3f56278 by task kunit_try_catch/196 [ 15.662567] [ 15.662600] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.663019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.663137] Hardware name: linux,dummy-virt (DT) [ 15.663492] Call trace: [ 15.663559] show_stack+0x20/0x38 (C) [ 15.663682] dump_stack_lvl+0x8c/0xd0 [ 15.663738] print_report+0x118/0x5d0 [ 15.663790] kasan_report+0xdc/0x128 [ 15.663839] __asan_report_load1_noabort+0x20/0x30 [ 15.664358] ksize_uaf+0x544/0x5f8 [ 15.664555] kunit_try_run_case+0x170/0x3f0 [ 15.664831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.665026] kthread+0x328/0x630 [ 15.665082] ret_from_fork+0x10/0x20 [ 15.665132] [ 15.665152] Allocated by task 196: [ 15.665353] kasan_save_stack+0x3c/0x68 [ 15.665601] kasan_save_track+0x20/0x40 [ 15.666021] kasan_save_alloc_info+0x40/0x58 [ 15.666166] __kasan_kmalloc+0xd4/0xd8 [ 15.666349] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.666721] ksize_uaf+0xb8/0x5f8 [ 15.666836] kunit_try_run_case+0x170/0x3f0 [ 15.666882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.667252] kthread+0x328/0x630 [ 15.667321] ret_from_fork+0x10/0x20 [ 15.667370] [ 15.667392] Freed by task 196: [ 15.667471] kasan_save_stack+0x3c/0x68 [ 15.667537] kasan_save_track+0x20/0x40 [ 15.667582] kasan_save_free_info+0x4c/0x78 [ 15.667627] __kasan_slab_free+0x6c/0x98 [ 15.667667] kfree+0x214/0x3c8 [ 15.667715] ksize_uaf+0x11c/0x5f8 [ 15.667752] kunit_try_run_case+0x170/0x3f0 [ 15.667791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.667846] kthread+0x328/0x630 [ 15.667880] ret_from_fork+0x10/0x20 [ 15.667927] [ 15.667953] The buggy address belongs to the object at fff00000c3f56200 [ 15.667953] which belongs to the cache kmalloc-128 of size 128 [ 15.668015] The buggy address is located 120 bytes inside of [ 15.668015] freed 128-byte region [fff00000c3f56200, fff00000c3f56280) [ 15.668078] [ 15.668098] The buggy address belongs to the physical page: [ 15.668149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.668210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.668258] page_type: f5(slab) [ 15.668297] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.668642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.668781] page dumped because: kasan: bad access detected [ 15.668854] [ 15.669478] Memory state around the buggy address: [ 15.669592] fff00000c3f56100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.669641] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.669687] >fff00000c3f56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.670085] ^ [ 15.670422] fff00000c3f56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.670581] fff00000c3f56300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.670650] ================================================================== [ 15.651121] ================================================================== [ 15.651183] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.651240] Read of size 1 at addr fff00000c3f56200 by task kunit_try_catch/196 [ 15.651486] [ 15.651530] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.651831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.651945] Hardware name: linux,dummy-virt (DT) [ 15.652104] Call trace: [ 15.652172] show_stack+0x20/0x38 (C) [ 15.652324] dump_stack_lvl+0x8c/0xd0 [ 15.652389] print_report+0x118/0x5d0 [ 15.652604] kasan_report+0xdc/0x128 [ 15.652837] __asan_report_load1_noabort+0x20/0x30 [ 15.652908] ksize_uaf+0x598/0x5f8 [ 15.652962] kunit_try_run_case+0x170/0x3f0 [ 15.653085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.653193] kthread+0x328/0x630 [ 15.653246] ret_from_fork+0x10/0x20 [ 15.653516] [ 15.653598] Allocated by task 196: [ 15.653737] kasan_save_stack+0x3c/0x68 [ 15.653932] kasan_save_track+0x20/0x40 [ 15.654022] kasan_save_alloc_info+0x40/0x58 [ 15.654183] __kasan_kmalloc+0xd4/0xd8 [ 15.654238] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.654286] ksize_uaf+0xb8/0x5f8 [ 15.654321] kunit_try_run_case+0x170/0x3f0 [ 15.654519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.654799] kthread+0x328/0x630 [ 15.655039] ret_from_fork+0x10/0x20 [ 15.655173] [ 15.655197] Freed by task 196: [ 15.655262] kasan_save_stack+0x3c/0x68 [ 15.655541] kasan_save_track+0x20/0x40 [ 15.655662] kasan_save_free_info+0x4c/0x78 [ 15.655914] __kasan_slab_free+0x6c/0x98 [ 15.656091] kfree+0x214/0x3c8 [ 15.656153] ksize_uaf+0x11c/0x5f8 [ 15.656231] kunit_try_run_case+0x170/0x3f0 [ 15.656494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.656621] kthread+0x328/0x630 [ 15.656800] ret_from_fork+0x10/0x20 [ 15.656982] [ 15.657054] The buggy address belongs to the object at fff00000c3f56200 [ 15.657054] which belongs to the cache kmalloc-128 of size 128 [ 15.657278] The buggy address is located 0 bytes inside of [ 15.657278] freed 128-byte region [fff00000c3f56200, fff00000c3f56280) [ 15.657522] [ 15.657711] The buggy address belongs to the physical page: [ 15.657865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.658113] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.658348] page_type: f5(slab) [ 15.658414] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.658918] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.659228] page dumped because: kasan: bad access detected [ 15.659299] [ 15.659383] Memory state around the buggy address: [ 15.659438] fff00000c3f56100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.659531] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660191] >fff00000c3f56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.660299] ^ [ 15.660593] fff00000c3f56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660974] fff00000c3f56300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.661200] ================================================================== [ 15.642848] ================================================================== [ 15.642969] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.643031] Read of size 1 at addr fff00000c3f56200 by task kunit_try_catch/196 [ 15.643083] [ 15.643121] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.643208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.643238] Hardware name: linux,dummy-virt (DT) [ 15.643270] Call trace: [ 15.643312] show_stack+0x20/0x38 (C) [ 15.643378] dump_stack_lvl+0x8c/0xd0 [ 15.643428] print_report+0x118/0x5d0 [ 15.643477] kasan_report+0xdc/0x128 [ 15.643536] __kasan_check_byte+0x54/0x70 [ 15.643593] ksize+0x30/0x88 [ 15.643638] ksize_uaf+0x168/0x5f8 [ 15.643694] kunit_try_run_case+0x170/0x3f0 [ 15.643744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.643806] kthread+0x328/0x630 [ 15.643850] ret_from_fork+0x10/0x20 [ 15.643899] [ 15.643919] Allocated by task 196: [ 15.643956] kasan_save_stack+0x3c/0x68 [ 15.644000] kasan_save_track+0x20/0x40 [ 15.644041] kasan_save_alloc_info+0x40/0x58 [ 15.644085] __kasan_kmalloc+0xd4/0xd8 [ 15.644129] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.644180] ksize_uaf+0xb8/0x5f8 [ 15.644218] kunit_try_run_case+0x170/0x3f0 [ 15.644256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.644312] kthread+0x328/0x630 [ 15.645098] ret_from_fork+0x10/0x20 [ 15.645222] [ 15.645252] Freed by task 196: [ 15.645315] kasan_save_stack+0x3c/0x68 [ 15.645536] kasan_save_track+0x20/0x40 [ 15.645670] kasan_save_free_info+0x4c/0x78 [ 15.645716] __kasan_slab_free+0x6c/0x98 [ 15.645756] kfree+0x214/0x3c8 [ 15.645792] ksize_uaf+0x11c/0x5f8 [ 15.646236] kunit_try_run_case+0x170/0x3f0 [ 15.646382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.646499] kthread+0x328/0x630 [ 15.646594] ret_from_fork+0x10/0x20 [ 15.646684] [ 15.646805] The buggy address belongs to the object at fff00000c3f56200 [ 15.646805] which belongs to the cache kmalloc-128 of size 128 [ 15.646885] The buggy address is located 0 bytes inside of [ 15.646885] freed 128-byte region [fff00000c3f56200, fff00000c3f56280) [ 15.647285] [ 15.647393] The buggy address belongs to the physical page: [ 15.647531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.647690] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.647811] page_type: f5(slab) [ 15.647852] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.648288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.648392] page dumped because: kasan: bad access detected [ 15.648522] [ 15.648603] Memory state around the buggy address: [ 15.648746] fff00000c3f56100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.648821] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.648887] >fff00000c3f56200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.649180] ^ [ 15.649393] fff00000c3f56280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.649582] fff00000c3f56300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.649672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.620538] ================================================================== [ 15.620595] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.620651] Read of size 1 at addr fff00000c3f5617f by task kunit_try_catch/194 [ 15.621142] [ 15.621567] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.622192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.622348] Hardware name: linux,dummy-virt (DT) [ 15.622503] Call trace: [ 15.622531] show_stack+0x20/0x38 (C) [ 15.622718] dump_stack_lvl+0x8c/0xd0 [ 15.623019] print_report+0x118/0x5d0 [ 15.623096] kasan_report+0xdc/0x128 [ 15.623386] __asan_report_load1_noabort+0x20/0x30 [ 15.623487] ksize_unpoisons_memory+0x690/0x740 [ 15.623732] kunit_try_run_case+0x170/0x3f0 [ 15.623821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.624011] kthread+0x328/0x630 [ 15.624257] ret_from_fork+0x10/0x20 [ 15.624517] [ 15.624617] Allocated by task 194: [ 15.624654] kasan_save_stack+0x3c/0x68 [ 15.624938] kasan_save_track+0x20/0x40 [ 15.625138] kasan_save_alloc_info+0x40/0x58 [ 15.625359] __kasan_kmalloc+0xd4/0xd8 [ 15.625588] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.625656] ksize_unpoisons_memory+0xc0/0x740 [ 15.625700] kunit_try_run_case+0x170/0x3f0 [ 15.625740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.626074] kthread+0x328/0x630 [ 15.626210] ret_from_fork+0x10/0x20 [ 15.626257] [ 15.626303] The buggy address belongs to the object at fff00000c3f56100 [ 15.626303] which belongs to the cache kmalloc-128 of size 128 [ 15.626386] The buggy address is located 12 bytes to the right of [ 15.626386] allocated 115-byte region [fff00000c3f56100, fff00000c3f56173) [ 15.626468] [ 15.626499] The buggy address belongs to the physical page: [ 15.626539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.626619] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.626680] page_type: f5(slab) [ 15.626746] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.626802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.626843] page dumped because: kasan: bad access detected [ 15.626876] [ 15.626896] Memory state around the buggy address: [ 15.626951] fff00000c3f56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.627022] fff00000c3f56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.627067] >fff00000c3f56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.627108] ^ [ 15.627153] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.627199] fff00000c3f56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.627240] ================================================================== [ 15.611712] ================================================================== [ 15.612086] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.612160] Read of size 1 at addr fff00000c3f56178 by task kunit_try_catch/194 [ 15.612217] [ 15.612436] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.612606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.612652] Hardware name: linux,dummy-virt (DT) [ 15.612703] Call trace: [ 15.612729] show_stack+0x20/0x38 (C) [ 15.612782] dump_stack_lvl+0x8c/0xd0 [ 15.613130] print_report+0x118/0x5d0 [ 15.613278] kasan_report+0xdc/0x128 [ 15.613380] __asan_report_load1_noabort+0x20/0x30 [ 15.613481] ksize_unpoisons_memory+0x618/0x740 [ 15.613636] kunit_try_run_case+0x170/0x3f0 [ 15.613866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.614091] kthread+0x328/0x630 [ 15.614231] ret_from_fork+0x10/0x20 [ 15.614449] [ 15.614511] Allocated by task 194: [ 15.614581] kasan_save_stack+0x3c/0x68 [ 15.614717] kasan_save_track+0x20/0x40 [ 15.614891] kasan_save_alloc_info+0x40/0x58 [ 15.614997] __kasan_kmalloc+0xd4/0xd8 [ 15.615300] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.615431] ksize_unpoisons_memory+0xc0/0x740 [ 15.615542] kunit_try_run_case+0x170/0x3f0 [ 15.615990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.616066] kthread+0x328/0x630 [ 15.616165] ret_from_fork+0x10/0x20 [ 15.616253] [ 15.616308] The buggy address belongs to the object at fff00000c3f56100 [ 15.616308] which belongs to the cache kmalloc-128 of size 128 [ 15.616493] The buggy address is located 5 bytes to the right of [ 15.616493] allocated 115-byte region [fff00000c3f56100, fff00000c3f56173) [ 15.616581] [ 15.616611] The buggy address belongs to the physical page: [ 15.616851] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.617058] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.617209] page_type: f5(slab) [ 15.617290] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.617444] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.617489] page dumped because: kasan: bad access detected [ 15.617523] [ 15.617541] Memory state around the buggy address: [ 15.617959] fff00000c3f56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.618175] fff00000c3f56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.618266] >fff00000c3f56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.618404] ^ [ 15.618479] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.618533] fff00000c3f56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.618794] ================================================================== [ 15.604173] ================================================================== [ 15.604238] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.604295] Read of size 1 at addr fff00000c3f56173 by task kunit_try_catch/194 [ 15.604370] [ 15.604403] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.604485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.604511] Hardware name: linux,dummy-virt (DT) [ 15.604543] Call trace: [ 15.604573] show_stack+0x20/0x38 (C) [ 15.604626] dump_stack_lvl+0x8c/0xd0 [ 15.604674] print_report+0x118/0x5d0 [ 15.604722] kasan_report+0xdc/0x128 [ 15.604769] __asan_report_load1_noabort+0x20/0x30 [ 15.604834] ksize_unpoisons_memory+0x628/0x740 [ 15.604885] kunit_try_run_case+0x170/0x3f0 [ 15.604941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.605005] kthread+0x328/0x630 [ 15.605049] ret_from_fork+0x10/0x20 [ 15.605097] [ 15.605114] Allocated by task 194: [ 15.605143] kasan_save_stack+0x3c/0x68 [ 15.605192] kasan_save_track+0x20/0x40 [ 15.605230] kasan_save_alloc_info+0x40/0x58 [ 15.605271] __kasan_kmalloc+0xd4/0xd8 [ 15.605619] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.605881] ksize_unpoisons_memory+0xc0/0x740 [ 15.606276] kunit_try_run_case+0x170/0x3f0 [ 15.606755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.606854] kthread+0x328/0x630 [ 15.606907] ret_from_fork+0x10/0x20 [ 15.607022] [ 15.607103] The buggy address belongs to the object at fff00000c3f56100 [ 15.607103] which belongs to the cache kmalloc-128 of size 128 [ 15.607571] The buggy address is located 0 bytes to the right of [ 15.607571] allocated 115-byte region [fff00000c3f56100, fff00000c3f56173) [ 15.607694] [ 15.607745] The buggy address belongs to the physical page: [ 15.607861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.607958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.608132] page_type: f5(slab) [ 15.608212] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.608606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.608847] page dumped because: kasan: bad access detected [ 15.608920] [ 15.609053] Memory state around the buggy address: [ 15.609124] fff00000c3f56000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.609224] fff00000c3f56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609467] >fff00000c3f56100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.609643] ^ [ 15.609819] fff00000c3f56180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609900] fff00000c3f56200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610054] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.582699] ================================================================== [ 15.582950] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.583537] Free of addr fff00000c3ef7e00 by task kunit_try_catch/192 [ 15.583591] [ 15.583626] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.583709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.583892] Hardware name: linux,dummy-virt (DT) [ 15.583942] Call trace: [ 15.584184] show_stack+0x20/0x38 (C) [ 15.584374] dump_stack_lvl+0x8c/0xd0 [ 15.584670] print_report+0x118/0x5d0 [ 15.584740] kasan_report_invalid_free+0xc0/0xe8 [ 15.584872] check_slab_allocation+0xd4/0x108 [ 15.584948] __kasan_slab_pre_free+0x2c/0x48 [ 15.584999] kfree+0xe8/0x3c8 [ 15.585349] kfree_sensitive+0x3c/0xb0 [ 15.585510] kmalloc_double_kzfree+0x168/0x308 [ 15.585604] kunit_try_run_case+0x170/0x3f0 [ 15.585676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.585731] kthread+0x328/0x630 [ 15.585775] ret_from_fork+0x10/0x20 [ 15.585823] [ 15.585842] Allocated by task 192: [ 15.586130] kasan_save_stack+0x3c/0x68 [ 15.586192] kasan_save_track+0x20/0x40 [ 15.586554] kasan_save_alloc_info+0x40/0x58 [ 15.586795] __kasan_kmalloc+0xd4/0xd8 [ 15.587030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.587427] kmalloc_double_kzfree+0xb8/0x308 [ 15.587589] kunit_try_run_case+0x170/0x3f0 [ 15.587634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.587852] kthread+0x328/0x630 [ 15.588069] ret_from_fork+0x10/0x20 [ 15.588112] [ 15.588174] Freed by task 192: [ 15.588206] kasan_save_stack+0x3c/0x68 [ 15.588247] kasan_save_track+0x20/0x40 [ 15.588296] kasan_save_free_info+0x4c/0x78 [ 15.588348] __kasan_slab_free+0x6c/0x98 [ 15.588387] kfree+0x214/0x3c8 [ 15.588431] kfree_sensitive+0x80/0xb0 [ 15.588467] kmalloc_double_kzfree+0x11c/0x308 [ 15.588504] kunit_try_run_case+0x170/0x3f0 [ 15.588552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.588605] kthread+0x328/0x630 [ 15.588637] ret_from_fork+0x10/0x20 [ 15.588673] [ 15.588694] The buggy address belongs to the object at fff00000c3ef7e00 [ 15.588694] which belongs to the cache kmalloc-16 of size 16 [ 15.588762] The buggy address is located 0 bytes inside of [ 15.588762] 16-byte region [fff00000c3ef7e00, fff00000c3ef7e10) [ 15.588822] [ 15.588841] The buggy address belongs to the physical page: [ 15.588879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef7 [ 15.588946] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.589002] page_type: f5(slab) [ 15.589049] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.589112] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.589154] page dumped because: kasan: bad access detected [ 15.589186] [ 15.589205] Memory state around the buggy address: [ 15.589237] fff00000c3ef7d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.589289] fff00000c3ef7d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.589993] >fff00000c3ef7e00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590042] ^ [ 15.590073] fff00000c3ef7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590117] fff00000c3ef7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.569746] ================================================================== [ 15.569849] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.570068] Read of size 1 at addr fff00000c3ef7e00 by task kunit_try_catch/192 [ 15.570269] [ 15.570588] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.570714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.570808] Hardware name: linux,dummy-virt (DT) [ 15.570879] Call trace: [ 15.570980] show_stack+0x20/0x38 (C) [ 15.571063] dump_stack_lvl+0x8c/0xd0 [ 15.571205] print_report+0x118/0x5d0 [ 15.571266] kasan_report+0xdc/0x128 [ 15.571764] __kasan_check_byte+0x54/0x70 [ 15.571879] kfree_sensitive+0x30/0xb0 [ 15.572035] kmalloc_double_kzfree+0x168/0x308 [ 15.572132] kunit_try_run_case+0x170/0x3f0 [ 15.572203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.572472] kthread+0x328/0x630 [ 15.572662] ret_from_fork+0x10/0x20 [ 15.572779] [ 15.572849] Allocated by task 192: [ 15.573001] kasan_save_stack+0x3c/0x68 [ 15.573080] kasan_save_track+0x20/0x40 [ 15.573138] kasan_save_alloc_info+0x40/0x58 [ 15.573338] __kasan_kmalloc+0xd4/0xd8 [ 15.573568] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.573695] kmalloc_double_kzfree+0xb8/0x308 [ 15.573851] kunit_try_run_case+0x170/0x3f0 [ 15.573899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.573944] kthread+0x328/0x630 [ 15.573976] ret_from_fork+0x10/0x20 [ 15.574308] [ 15.574555] Freed by task 192: [ 15.574782] kasan_save_stack+0x3c/0x68 [ 15.575104] kasan_save_track+0x20/0x40 [ 15.575310] kasan_save_free_info+0x4c/0x78 [ 15.575456] __kasan_slab_free+0x6c/0x98 [ 15.575548] kfree+0x214/0x3c8 [ 15.575730] kfree_sensitive+0x80/0xb0 [ 15.575771] kmalloc_double_kzfree+0x11c/0x308 [ 15.576020] kunit_try_run_case+0x170/0x3f0 [ 15.576237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.576421] kthread+0x328/0x630 [ 15.576500] ret_from_fork+0x10/0x20 [ 15.576655] [ 15.576680] The buggy address belongs to the object at fff00000c3ef7e00 [ 15.576680] which belongs to the cache kmalloc-16 of size 16 [ 15.576793] The buggy address is located 0 bytes inside of [ 15.576793] freed 16-byte region [fff00000c3ef7e00, fff00000c3ef7e10) [ 15.577072] [ 15.577455] The buggy address belongs to the physical page: [ 15.577569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef7 [ 15.577635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.577685] page_type: f5(slab) [ 15.577982] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.578388] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.578436] page dumped because: kasan: bad access detected [ 15.578470] [ 15.578555] Memory state around the buggy address: [ 15.578798] fff00000c3ef7d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.579023] fff00000c3ef7d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.579094] >fff00000c3ef7e00: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.579134] ^ [ 15.579162] fff00000c3ef7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.579215] fff00000c3ef7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.579253] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.540552] ================================================================== [ 15.540812] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.541108] Read of size 1 at addr fff00000c3f548a8 by task kunit_try_catch/188 [ 15.541174] [ 15.541211] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.541460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.541531] Hardware name: linux,dummy-virt (DT) [ 15.541693] Call trace: [ 15.541755] show_stack+0x20/0x38 (C) [ 15.541889] dump_stack_lvl+0x8c/0xd0 [ 15.541946] print_report+0x118/0x5d0 [ 15.541995] kasan_report+0xdc/0x128 [ 15.542042] __asan_report_load1_noabort+0x20/0x30 [ 15.542095] kmalloc_uaf2+0x3f4/0x468 [ 15.542723] kunit_try_run_case+0x170/0x3f0 [ 15.543161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.543545] kthread+0x328/0x630 [ 15.544039] ret_from_fork+0x10/0x20 [ 15.544312] [ 15.544611] Allocated by task 188: [ 15.544796] kasan_save_stack+0x3c/0x68 [ 15.545201] kasan_save_track+0x20/0x40 [ 15.545652] kasan_save_alloc_info+0x40/0x58 [ 15.545786] __kasan_kmalloc+0xd4/0xd8 [ 15.545903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.545983] kmalloc_uaf2+0xc4/0x468 [ 15.546080] kunit_try_run_case+0x170/0x3f0 [ 15.546160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.546308] kthread+0x328/0x630 [ 15.546406] ret_from_fork+0x10/0x20 [ 15.546499] [ 15.546521] Freed by task 188: [ 15.546549] kasan_save_stack+0x3c/0x68 [ 15.546604] kasan_save_track+0x20/0x40 [ 15.546942] kasan_save_free_info+0x4c/0x78 [ 15.547066] __kasan_slab_free+0x6c/0x98 [ 15.547155] kfree+0x214/0x3c8 [ 15.547617] kmalloc_uaf2+0x134/0x468 [ 15.547656] kunit_try_run_case+0x170/0x3f0 [ 15.547706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.547759] kthread+0x328/0x630 [ 15.547818] ret_from_fork+0x10/0x20 [ 15.547879] [ 15.547903] The buggy address belongs to the object at fff00000c3f54880 [ 15.547903] which belongs to the cache kmalloc-64 of size 64 [ 15.547963] The buggy address is located 40 bytes inside of [ 15.547963] freed 64-byte region [fff00000c3f54880, fff00000c3f548c0) [ 15.548026] [ 15.548061] The buggy address belongs to the physical page: [ 15.548111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f54 [ 15.548165] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.548213] page_type: f5(slab) [ 15.548258] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.548309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.548600] page dumped because: kasan: bad access detected [ 15.548867] [ 15.548922] Memory state around the buggy address: [ 15.548974] fff00000c3f54780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549043] fff00000c3f54800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549416] >fff00000c3f54880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549740] ^ [ 15.549961] fff00000c3f54900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.550084] fff00000c3f54980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550177] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.525086] ================================================================== [ 15.525148] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.525205] Write of size 33 at addr fff00000c3f54700 by task kunit_try_catch/186 [ 15.525259] [ 15.525879] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.526002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.526352] Hardware name: linux,dummy-virt (DT) [ 15.526461] Call trace: [ 15.526568] show_stack+0x20/0x38 (C) [ 15.526678] dump_stack_lvl+0x8c/0xd0 [ 15.526854] print_report+0x118/0x5d0 [ 15.526988] kasan_report+0xdc/0x128 [ 15.527051] kasan_check_range+0x100/0x1a8 [ 15.527135] __asan_memset+0x34/0x78 [ 15.527397] kmalloc_uaf_memset+0x170/0x310 [ 15.527603] kunit_try_run_case+0x170/0x3f0 [ 15.527713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.527898] kthread+0x328/0x630 [ 15.527969] ret_from_fork+0x10/0x20 [ 15.528049] [ 15.528221] Allocated by task 186: [ 15.528498] kasan_save_stack+0x3c/0x68 [ 15.528604] kasan_save_track+0x20/0x40 [ 15.528698] kasan_save_alloc_info+0x40/0x58 [ 15.528762] __kasan_kmalloc+0xd4/0xd8 [ 15.528802] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.528843] kmalloc_uaf_memset+0xb8/0x310 [ 15.528880] kunit_try_run_case+0x170/0x3f0 [ 15.528938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.528994] kthread+0x328/0x630 [ 15.529035] ret_from_fork+0x10/0x20 [ 15.529072] [ 15.529091] Freed by task 186: [ 15.529119] kasan_save_stack+0x3c/0x68 [ 15.529159] kasan_save_track+0x20/0x40 [ 15.529197] kasan_save_free_info+0x4c/0x78 [ 15.529236] __kasan_slab_free+0x6c/0x98 [ 15.529274] kfree+0x214/0x3c8 [ 15.529307] kmalloc_uaf_memset+0x11c/0x310 [ 15.529585] kunit_try_run_case+0x170/0x3f0 [ 15.529820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.529872] kthread+0x328/0x630 [ 15.530099] ret_from_fork+0x10/0x20 [ 15.530288] [ 15.530428] The buggy address belongs to the object at fff00000c3f54700 [ 15.530428] which belongs to the cache kmalloc-64 of size 64 [ 15.530525] The buggy address is located 0 bytes inside of [ 15.530525] freed 64-byte region [fff00000c3f54700, fff00000c3f54740) [ 15.530711] [ 15.530751] The buggy address belongs to the physical page: [ 15.530788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f54 [ 15.530925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.531012] page_type: f5(slab) [ 15.531248] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.531561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.531664] page dumped because: kasan: bad access detected [ 15.531832] [ 15.531911] Memory state around the buggy address: [ 15.531971] fff00000c3f54600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.532282] fff00000c3f54680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.532504] >fff00000c3f54700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.532630] ^ [ 15.532669] fff00000c3f54780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532781] fff00000c3f54800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532882] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.505217] ================================================================== [ 15.505299] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.505438] Read of size 1 at addr fff00000c3ef7de8 by task kunit_try_catch/184 [ 15.505493] [ 15.505829] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.505957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.506215] Hardware name: linux,dummy-virt (DT) [ 15.506436] Call trace: [ 15.506537] show_stack+0x20/0x38 (C) [ 15.506638] dump_stack_lvl+0x8c/0xd0 [ 15.506752] print_report+0x118/0x5d0 [ 15.506845] kasan_report+0xdc/0x128 [ 15.506970] __asan_report_load1_noabort+0x20/0x30 [ 15.507070] kmalloc_uaf+0x300/0x338 [ 15.507150] kunit_try_run_case+0x170/0x3f0 [ 15.507252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.507628] kthread+0x328/0x630 [ 15.508012] ret_from_fork+0x10/0x20 [ 15.508202] [ 15.508344] Allocated by task 184: [ 15.508418] kasan_save_stack+0x3c/0x68 [ 15.508734] kasan_save_track+0x20/0x40 [ 15.508984] kasan_save_alloc_info+0x40/0x58 [ 15.509143] __kasan_kmalloc+0xd4/0xd8 [ 15.509261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.509478] kmalloc_uaf+0xb8/0x338 [ 15.509660] kunit_try_run_case+0x170/0x3f0 [ 15.509736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.509882] kthread+0x328/0x630 [ 15.509942] ret_from_fork+0x10/0x20 [ 15.510005] [ 15.510025] Freed by task 184: [ 15.510177] kasan_save_stack+0x3c/0x68 [ 15.510422] kasan_save_track+0x20/0x40 [ 15.510631] kasan_save_free_info+0x4c/0x78 [ 15.510838] __kasan_slab_free+0x6c/0x98 [ 15.510945] kfree+0x214/0x3c8 [ 15.511023] kmalloc_uaf+0x11c/0x338 [ 15.511065] kunit_try_run_case+0x170/0x3f0 [ 15.511246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.511454] kthread+0x328/0x630 [ 15.511604] ret_from_fork+0x10/0x20 [ 15.511679] [ 15.511699] The buggy address belongs to the object at fff00000c3ef7de0 [ 15.511699] which belongs to the cache kmalloc-16 of size 16 [ 15.512143] The buggy address is located 8 bytes inside of [ 15.512143] freed 16-byte region [fff00000c3ef7de0, fff00000c3ef7df0) [ 15.512299] [ 15.512591] The buggy address belongs to the physical page: [ 15.512650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef7 [ 15.512777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.512857] page_type: f5(slab) [ 15.513198] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.513391] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.513481] page dumped because: kasan: bad access detected [ 15.513514] [ 15.513532] Memory state around the buggy address: [ 15.513566] fff00000c3ef7c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.513925] fff00000c3ef7d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.514065] >fff00000c3ef7d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.514173] ^ [ 15.514294] fff00000c3ef7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514572] fff00000c3ef7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514741] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.485045] ================================================================== [ 15.485106] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.485157] Read of size 64 at addr fff00000c3f54404 by task kunit_try_catch/182 [ 15.485209] [ 15.485240] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.485367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.485426] Hardware name: linux,dummy-virt (DT) [ 15.485978] Call trace: [ 15.486025] show_stack+0x20/0x38 (C) [ 15.486083] dump_stack_lvl+0x8c/0xd0 [ 15.486132] print_report+0x118/0x5d0 [ 15.486351] kasan_report+0xdc/0x128 [ 15.486736] kasan_check_range+0x100/0x1a8 [ 15.486892] __asan_memmove+0x3c/0x98 [ 15.487099] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.487177] kunit_try_run_case+0x170/0x3f0 [ 15.487409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.487743] kthread+0x328/0x630 [ 15.487826] ret_from_fork+0x10/0x20 [ 15.487997] [ 15.488057] Allocated by task 182: [ 15.488258] kasan_save_stack+0x3c/0x68 [ 15.488522] kasan_save_track+0x20/0x40 [ 15.488719] kasan_save_alloc_info+0x40/0x58 [ 15.488952] __kasan_kmalloc+0xd4/0xd8 [ 15.489129] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.489216] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.489301] kunit_try_run_case+0x170/0x3f0 [ 15.489441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.489668] kthread+0x328/0x630 [ 15.489937] ret_from_fork+0x10/0x20 [ 15.490057] [ 15.490154] The buggy address belongs to the object at fff00000c3f54400 [ 15.490154] which belongs to the cache kmalloc-64 of size 64 [ 15.490307] The buggy address is located 4 bytes inside of [ 15.490307] allocated 64-byte region [fff00000c3f54400, fff00000c3f54440) [ 15.490439] [ 15.490497] The buggy address belongs to the physical page: [ 15.490603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f54 [ 15.490702] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.490904] page_type: f5(slab) [ 15.491114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.491272] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.491369] page dumped because: kasan: bad access detected [ 15.491476] [ 15.491519] Memory state around the buggy address: [ 15.491601] fff00000c3f54300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.491718] fff00000c3f54380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.491764] >fff00000c3f54400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.491837] ^ [ 15.492061] fff00000c3f54480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.492266] fff00000c3f54500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.492424] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.470988] ================================================================== [ 15.471070] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.471125] Read of size 18446744073709551614 at addr fff00000c3f54284 by task kunit_try_catch/180 [ 15.471497] [ 15.471551] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.471687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.471725] Hardware name: linux,dummy-virt (DT) [ 15.471757] Call trace: [ 15.471801] show_stack+0x20/0x38 (C) [ 15.472146] dump_stack_lvl+0x8c/0xd0 [ 15.472211] print_report+0x118/0x5d0 [ 15.472293] kasan_report+0xdc/0x128 [ 15.472356] kasan_check_range+0x100/0x1a8 [ 15.472404] __asan_memmove+0x3c/0x98 [ 15.472465] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.472516] kunit_try_run_case+0x170/0x3f0 [ 15.472566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.472619] kthread+0x328/0x630 [ 15.472672] ret_from_fork+0x10/0x20 [ 15.472730] [ 15.472750] Allocated by task 180: [ 15.472778] kasan_save_stack+0x3c/0x68 [ 15.472831] kasan_save_track+0x20/0x40 [ 15.472869] kasan_save_alloc_info+0x40/0x58 [ 15.472908] __kasan_kmalloc+0xd4/0xd8 [ 15.472950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.472988] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.473028] kunit_try_run_case+0x170/0x3f0 [ 15.473064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.473107] kthread+0x328/0x630 [ 15.473144] ret_from_fork+0x10/0x20 [ 15.473180] [ 15.473199] The buggy address belongs to the object at fff00000c3f54280 [ 15.473199] which belongs to the cache kmalloc-64 of size 64 [ 15.473256] The buggy address is located 4 bytes inside of [ 15.473256] 64-byte region [fff00000c3f54280, fff00000c3f542c0) [ 15.473625] [ 15.473743] The buggy address belongs to the physical page: [ 15.473777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f54 [ 15.473833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.473881] page_type: f5(slab) [ 15.473922] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.474553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.474727] page dumped because: kasan: bad access detected [ 15.474976] [ 15.475107] Memory state around the buggy address: [ 15.475145] fff00000c3f54180: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.475571] fff00000c3f54200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.475662] >fff00000c3f54280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.475702] ^ [ 15.475995] fff00000c3f54300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477189] fff00000c3f54380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.477372] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.448857] ================================================================== [ 15.448986] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.449300] Write of size 16 at addr fff00000c3f56069 by task kunit_try_catch/178 [ 15.449398] [ 15.449595] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.449695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.449850] Hardware name: linux,dummy-virt (DT) [ 15.449884] Call trace: [ 15.449907] show_stack+0x20/0x38 (C) [ 15.449966] dump_stack_lvl+0x8c/0xd0 [ 15.450305] print_report+0x118/0x5d0 [ 15.450653] kasan_report+0xdc/0x128 [ 15.450765] kasan_check_range+0x100/0x1a8 [ 15.450817] __asan_memset+0x34/0x78 [ 15.450880] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.450927] kunit_try_run_case+0x170/0x3f0 [ 15.450987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.451051] kthread+0x328/0x630 [ 15.451094] ret_from_fork+0x10/0x20 [ 15.451141] [ 15.451168] Allocated by task 178: [ 15.451196] kasan_save_stack+0x3c/0x68 [ 15.451238] kasan_save_track+0x20/0x40 [ 15.451281] kasan_save_alloc_info+0x40/0x58 [ 15.451336] __kasan_kmalloc+0xd4/0xd8 [ 15.451374] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.451412] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.451450] kunit_try_run_case+0x170/0x3f0 [ 15.451495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.451536] kthread+0x328/0x630 [ 15.451568] ret_from_fork+0x10/0x20 [ 15.451610] [ 15.451630] The buggy address belongs to the object at fff00000c3f56000 [ 15.451630] which belongs to the cache kmalloc-128 of size 128 [ 15.451700] The buggy address is located 105 bytes inside of [ 15.451700] allocated 120-byte region [fff00000c3f56000, fff00000c3f56078) [ 15.451760] [ 15.451788] The buggy address belongs to the physical page: [ 15.451832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f56 [ 15.451883] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.451929] page_type: f5(slab) [ 15.451967] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.452015] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.452054] page dumped because: kasan: bad access detected [ 15.452083] [ 15.452110] Memory state around the buggy address: [ 15.452150] fff00000c3f55f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452192] fff00000c3f55f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452242] >fff00000c3f56000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.452279] ^ [ 15.452317] fff00000c3f56080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452733] fff00000c3f56100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.453183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.433118] ================================================================== [ 15.433180] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.433535] Write of size 8 at addr fff00000c3f17f71 by task kunit_try_catch/176 [ 15.433671] [ 15.433736] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.433983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.434073] Hardware name: linux,dummy-virt (DT) [ 15.434288] Call trace: [ 15.434429] show_stack+0x20/0x38 (C) [ 15.434772] dump_stack_lvl+0x8c/0xd0 [ 15.434914] print_report+0x118/0x5d0 [ 15.435293] kasan_report+0xdc/0x128 [ 15.435481] kasan_check_range+0x100/0x1a8 [ 15.435624] __asan_memset+0x34/0x78 [ 15.435726] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.435799] kunit_try_run_case+0x170/0x3f0 [ 15.436022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.436085] kthread+0x328/0x630 [ 15.436146] ret_from_fork+0x10/0x20 [ 15.436219] [ 15.436266] Allocated by task 176: [ 15.436294] kasan_save_stack+0x3c/0x68 [ 15.436346] kasan_save_track+0x20/0x40 [ 15.436393] kasan_save_alloc_info+0x40/0x58 [ 15.436446] __kasan_kmalloc+0xd4/0xd8 [ 15.436482] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.436521] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.436565] kunit_try_run_case+0x170/0x3f0 [ 15.436607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.436664] kthread+0x328/0x630 [ 15.436696] ret_from_fork+0x10/0x20 [ 15.436731] [ 15.436759] The buggy address belongs to the object at fff00000c3f17f00 [ 15.436759] which belongs to the cache kmalloc-128 of size 128 [ 15.436815] The buggy address is located 113 bytes inside of [ 15.436815] allocated 120-byte region [fff00000c3f17f00, fff00000c3f17f78) [ 15.436876] [ 15.436896] The buggy address belongs to the physical page: [ 15.436940] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.436991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.437036] page_type: f5(slab) [ 15.437081] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.437138] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.437176] page dumped because: kasan: bad access detected [ 15.437222] [ 15.437250] Memory state around the buggy address: [ 15.437280] fff00000c3f17e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.437810] fff00000c3f17e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.437869] >fff00000c3f17f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.437907] ^ [ 15.437949] fff00000c3f17f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438194] fff00000c3f18000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.439039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.157103] ================================================================== [ 15.157413] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.157473] Read of size 1 at addr fff00000c7790000 by task kunit_try_catch/154 [ 15.157541] [ 15.157574] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.158011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158066] Hardware name: linux,dummy-virt (DT) [ 15.158456] Call trace: [ 15.158551] show_stack+0x20/0x38 (C) [ 15.159142] dump_stack_lvl+0x8c/0xd0 [ 15.159587] print_report+0x118/0x5d0 [ 15.159969] kasan_report+0xdc/0x128 [ 15.160527] __asan_report_load1_noabort+0x20/0x30 [ 15.160609] page_alloc_uaf+0x328/0x350 [ 15.160982] kunit_try_run_case+0x170/0x3f0 [ 15.161495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.161685] kthread+0x328/0x630 [ 15.161734] ret_from_fork+0x10/0x20 [ 15.162071] [ 15.162221] The buggy address belongs to the physical page: [ 15.162537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 15.162827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.162888] page_type: f0(buddy) [ 15.162928] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 15.163181] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.163246] page dumped because: kasan: bad access detected [ 15.163278] [ 15.163296] Memory state around the buggy address: [ 15.163351] fff00000c778ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.163399] fff00000c778ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.163458] >fff00000c7790000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.163501] ^ [ 15.163529] fff00000c7790080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.163579] fff00000c7790100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.163616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.419389] ================================================================== [ 15.419712] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.419774] Write of size 4 at addr fff00000c3f17e75 by task kunit_try_catch/174 [ 15.419845] [ 15.419885] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.420028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.420068] Hardware name: linux,dummy-virt (DT) [ 15.420138] Call trace: [ 15.420163] show_stack+0x20/0x38 (C) [ 15.420231] dump_stack_lvl+0x8c/0xd0 [ 15.420287] print_report+0x118/0x5d0 [ 15.420351] kasan_report+0xdc/0x128 [ 15.420396] kasan_check_range+0x100/0x1a8 [ 15.420454] __asan_memset+0x34/0x78 [ 15.420505] kmalloc_oob_memset_4+0x150/0x300 [ 15.420562] kunit_try_run_case+0x170/0x3f0 [ 15.420855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.420940] kthread+0x328/0x630 [ 15.420986] ret_from_fork+0x10/0x20 [ 15.421033] [ 15.421076] Allocated by task 174: [ 15.421116] kasan_save_stack+0x3c/0x68 [ 15.421158] kasan_save_track+0x20/0x40 [ 15.421217] kasan_save_alloc_info+0x40/0x58 [ 15.421372] __kasan_kmalloc+0xd4/0xd8 [ 15.421588] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.421671] kmalloc_oob_memset_4+0xb0/0x300 [ 15.421842] kunit_try_run_case+0x170/0x3f0 [ 15.421924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.421983] kthread+0x328/0x630 [ 15.422017] ret_from_fork+0x10/0x20 [ 15.422053] [ 15.422073] The buggy address belongs to the object at fff00000c3f17e00 [ 15.422073] which belongs to the cache kmalloc-128 of size 128 [ 15.422412] The buggy address is located 117 bytes inside of [ 15.422412] allocated 120-byte region [fff00000c3f17e00, fff00000c3f17e78) [ 15.422534] [ 15.422646] The buggy address belongs to the physical page: [ 15.422677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.422764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.422941] page_type: f5(slab) [ 15.423132] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.423288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.423432] page dumped because: kasan: bad access detected [ 15.423491] [ 15.423523] Memory state around the buggy address: [ 15.423562] fff00000c3f17d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.423604] fff00000c3f17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423646] >fff00000c3f17e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.423734] ^ [ 15.423775] fff00000c3f17e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423816] fff00000c3f17f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423852] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.402873] ================================================================== [ 15.402932] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.403229] Write of size 2 at addr fff00000c3f17d77 by task kunit_try_catch/172 [ 15.403682] [ 15.403859] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.404003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.404063] Hardware name: linux,dummy-virt (DT) [ 15.404097] Call trace: [ 15.404147] show_stack+0x20/0x38 (C) [ 15.404207] dump_stack_lvl+0x8c/0xd0 [ 15.404528] print_report+0x118/0x5d0 [ 15.404667] kasan_report+0xdc/0x128 [ 15.404729] kasan_check_range+0x100/0x1a8 [ 15.405013] __asan_memset+0x34/0x78 [ 15.405074] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.405305] kunit_try_run_case+0x170/0x3f0 [ 15.405480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.405927] kthread+0x328/0x630 [ 15.406038] ret_from_fork+0x10/0x20 [ 15.406116] [ 15.406135] Allocated by task 172: [ 15.406164] kasan_save_stack+0x3c/0x68 [ 15.406204] kasan_save_track+0x20/0x40 [ 15.406242] kasan_save_alloc_info+0x40/0x58 [ 15.406301] __kasan_kmalloc+0xd4/0xd8 [ 15.406360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.406407] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.406444] kunit_try_run_case+0x170/0x3f0 [ 15.406490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.406532] kthread+0x328/0x630 [ 15.406564] ret_from_fork+0x10/0x20 [ 15.406615] [ 15.406634] The buggy address belongs to the object at fff00000c3f17d00 [ 15.406634] which belongs to the cache kmalloc-128 of size 128 [ 15.406704] The buggy address is located 119 bytes inside of [ 15.406704] allocated 120-byte region [fff00000c3f17d00, fff00000c3f17d78) [ 15.406766] [ 15.406786] The buggy address belongs to the physical page: [ 15.406816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.406867] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.406912] page_type: f5(slab) [ 15.406950] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.407007] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.407046] page dumped because: kasan: bad access detected [ 15.407076] [ 15.407093] Memory state around the buggy address: [ 15.407131] fff00000c3f17c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.407173] fff00000c3f17c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407222] >fff00000c3f17d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.407258] ^ [ 15.407296] fff00000c3f17d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407345] fff00000c3f17e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407382] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.387060] ================================================================== [ 15.387118] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.387169] Write of size 128 at addr fff00000c3f17c00 by task kunit_try_catch/170 [ 15.387238] [ 15.387271] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.387364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.387391] Hardware name: linux,dummy-virt (DT) [ 15.387422] Call trace: [ 15.387446] show_stack+0x20/0x38 (C) [ 15.387494] dump_stack_lvl+0x8c/0xd0 [ 15.387542] print_report+0x118/0x5d0 [ 15.387588] kasan_report+0xdc/0x128 [ 15.387634] kasan_check_range+0x100/0x1a8 [ 15.387693] __asan_memset+0x34/0x78 [ 15.387744] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.387790] kunit_try_run_case+0x170/0x3f0 [ 15.387837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.387888] kthread+0x328/0x630 [ 15.387929] ret_from_fork+0x10/0x20 [ 15.387977] [ 15.387995] Allocated by task 170: [ 15.388022] kasan_save_stack+0x3c/0x68 [ 15.388061] kasan_save_track+0x20/0x40 [ 15.388097] kasan_save_alloc_info+0x40/0x58 [ 15.388137] __kasan_kmalloc+0xd4/0xd8 [ 15.388182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.388220] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.388256] kunit_try_run_case+0x170/0x3f0 [ 15.388293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.388790] kthread+0x328/0x630 [ 15.388843] ret_from_fork+0x10/0x20 [ 15.388881] [ 15.388902] The buggy address belongs to the object at fff00000c3f17c00 [ 15.388902] which belongs to the cache kmalloc-128 of size 128 [ 15.389462] The buggy address is located 0 bytes inside of [ 15.389462] allocated 120-byte region [fff00000c3f17c00, fff00000c3f17c78) [ 15.389802] [ 15.389903] The buggy address belongs to the physical page: [ 15.389938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.390003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.390390] page_type: f5(slab) [ 15.390544] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.390641] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.390776] page dumped because: kasan: bad access detected [ 15.390847] [ 15.390966] Memory state around the buggy address: [ 15.391032] fff00000c3f17b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.391081] fff00000c3f17b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391379] >fff00000c3f17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.391449] ^ [ 15.391597] fff00000c3f17c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391662] fff00000c3f17d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.391827] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.348542] ================================================================== [ 15.348878] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.349144] Write of size 16 at addr fff00000c3ef7d80 by task kunit_try_catch/166 [ 15.349215] [ 15.349587] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.349981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.350034] Hardware name: linux,dummy-virt (DT) [ 15.350135] Call trace: [ 15.350198] show_stack+0x20/0x38 (C) [ 15.350615] dump_stack_lvl+0x8c/0xd0 [ 15.350902] print_report+0x118/0x5d0 [ 15.350998] kasan_report+0xdc/0x128 [ 15.351151] __asan_report_store16_noabort+0x20/0x30 [ 15.351300] kmalloc_oob_16+0x3a0/0x3f8 [ 15.351431] kunit_try_run_case+0x170/0x3f0 [ 15.351624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.351935] kthread+0x328/0x630 [ 15.352152] ret_from_fork+0x10/0x20 [ 15.352349] [ 15.352439] Allocated by task 166: [ 15.352542] kasan_save_stack+0x3c/0x68 [ 15.352641] kasan_save_track+0x20/0x40 [ 15.352780] kasan_save_alloc_info+0x40/0x58 [ 15.352821] __kasan_kmalloc+0xd4/0xd8 [ 15.353026] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.353244] kmalloc_oob_16+0xb4/0x3f8 [ 15.353378] kunit_try_run_case+0x170/0x3f0 [ 15.353438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.353810] kthread+0x328/0x630 [ 15.353929] ret_from_fork+0x10/0x20 [ 15.354035] [ 15.354138] The buggy address belongs to the object at fff00000c3ef7d80 [ 15.354138] which belongs to the cache kmalloc-16 of size 16 [ 15.354410] The buggy address is located 0 bytes inside of [ 15.354410] allocated 13-byte region [fff00000c3ef7d80, fff00000c3ef7d8d) [ 15.354732] [ 15.354825] The buggy address belongs to the physical page: [ 15.355047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef7 [ 15.355145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.355511] page_type: f5(slab) [ 15.355566] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.356087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.356178] page dumped because: kasan: bad access detected [ 15.356378] [ 15.356530] Memory state around the buggy address: [ 15.356587] fff00000c3ef7c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.356939] fff00000c3ef7d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.357004] >fff00000c3ef7d80: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.357129] ^ [ 15.357204] fff00000c3ef7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357500] fff00000c3ef7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357619] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.322888] ================================================================== [ 15.323222] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.323278] Read of size 1 at addr fff00000c1735800 by task kunit_try_catch/164 [ 15.323730] [ 15.323782] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.324024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324063] Hardware name: linux,dummy-virt (DT) [ 15.324402] Call trace: [ 15.324428] show_stack+0x20/0x38 (C) [ 15.324482] dump_stack_lvl+0x8c/0xd0 [ 15.324572] print_report+0x118/0x5d0 [ 15.324658] kasan_report+0xdc/0x128 [ 15.324750] __kasan_check_byte+0x54/0x70 [ 15.324827] krealloc_noprof+0x44/0x360 [ 15.324899] krealloc_uaf+0x180/0x520 [ 15.325016] kunit_try_run_case+0x170/0x3f0 [ 15.325069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.325159] kthread+0x328/0x630 [ 15.325234] ret_from_fork+0x10/0x20 [ 15.325297] [ 15.325316] Allocated by task 164: [ 15.325609] kasan_save_stack+0x3c/0x68 [ 15.325797] kasan_save_track+0x20/0x40 [ 15.325842] kasan_save_alloc_info+0x40/0x58 [ 15.326252] __kasan_kmalloc+0xd4/0xd8 [ 15.326381] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.326499] krealloc_uaf+0xc8/0x520 [ 15.326574] kunit_try_run_case+0x170/0x3f0 [ 15.326943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.327256] kthread+0x328/0x630 [ 15.327323] ret_from_fork+0x10/0x20 [ 15.327481] [ 15.327504] Freed by task 164: [ 15.327550] kasan_save_stack+0x3c/0x68 [ 15.327932] kasan_save_track+0x20/0x40 [ 15.327977] kasan_save_free_info+0x4c/0x78 [ 15.328349] __kasan_slab_free+0x6c/0x98 [ 15.328475] kfree+0x214/0x3c8 [ 15.328512] krealloc_uaf+0x12c/0x520 [ 15.328548] kunit_try_run_case+0x170/0x3f0 [ 15.328745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.328944] kthread+0x328/0x630 [ 15.329002] ret_from_fork+0x10/0x20 [ 15.329162] [ 15.329345] The buggy address belongs to the object at fff00000c1735800 [ 15.329345] which belongs to the cache kmalloc-256 of size 256 [ 15.329483] The buggy address is located 0 bytes inside of [ 15.329483] freed 256-byte region [fff00000c1735800, fff00000c1735900) [ 15.329582] [ 15.329639] The buggy address belongs to the physical page: [ 15.329670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.329998] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.330073] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.330188] page_type: f5(slab) [ 15.330229] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.330277] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.330325] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.330387] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.330436] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.330482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.330520] page dumped because: kasan: bad access detected [ 15.330560] [ 15.330578] Memory state around the buggy address: [ 15.330611] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.330661] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.330703] >fff00000c1735800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.330755] ^ [ 15.330782] fff00000c1735880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.330824] fff00000c1735900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.330861] ================================================================== [ 15.332564] ================================================================== [ 15.332706] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.332759] Read of size 1 at addr fff00000c1735800 by task kunit_try_catch/164 [ 15.332807] [ 15.332835] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.333093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.333243] Hardware name: linux,dummy-virt (DT) [ 15.333369] Call trace: [ 15.333491] show_stack+0x20/0x38 (C) [ 15.333670] dump_stack_lvl+0x8c/0xd0 [ 15.333800] print_report+0x118/0x5d0 [ 15.333852] kasan_report+0xdc/0x128 [ 15.333897] __asan_report_load1_noabort+0x20/0x30 [ 15.334080] krealloc_uaf+0x4c8/0x520 [ 15.334307] kunit_try_run_case+0x170/0x3f0 [ 15.334433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.334642] kthread+0x328/0x630 [ 15.334769] ret_from_fork+0x10/0x20 [ 15.334853] [ 15.334871] Allocated by task 164: [ 15.335378] kasan_save_stack+0x3c/0x68 [ 15.335500] kasan_save_track+0x20/0x40 [ 15.335578] kasan_save_alloc_info+0x40/0x58 [ 15.335714] __kasan_kmalloc+0xd4/0xd8 [ 15.336083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.336160] krealloc_uaf+0xc8/0x520 [ 15.336268] kunit_try_run_case+0x170/0x3f0 [ 15.336308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.336672] kthread+0x328/0x630 [ 15.336754] ret_from_fork+0x10/0x20 [ 15.336874] [ 15.336940] Freed by task 164: [ 15.337054] kasan_save_stack+0x3c/0x68 [ 15.337134] kasan_save_track+0x20/0x40 [ 15.337261] kasan_save_free_info+0x4c/0x78 [ 15.337304] __kasan_slab_free+0x6c/0x98 [ 15.337398] kfree+0x214/0x3c8 [ 15.337910] krealloc_uaf+0x12c/0x520 [ 15.338007] kunit_try_run_case+0x170/0x3f0 [ 15.338111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.338197] kthread+0x328/0x630 [ 15.338277] ret_from_fork+0x10/0x20 [ 15.338646] [ 15.338692] The buggy address belongs to the object at fff00000c1735800 [ 15.338692] which belongs to the cache kmalloc-256 of size 256 [ 15.338824] The buggy address is located 0 bytes inside of [ 15.338824] freed 256-byte region [fff00000c1735800, fff00000c1735900) [ 15.338919] [ 15.339064] The buggy address belongs to the physical page: [ 15.339142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.339258] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.339325] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.339556] page_type: f5(slab) [ 15.339604] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.339668] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.339727] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.339778] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.339826] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.339873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.339911] page dumped because: kasan: bad access detected [ 15.339949] [ 15.339967] Memory state around the buggy address: [ 15.339997] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340039] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340079] >fff00000c1735800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.340129] ^ [ 15.340157] fff00000c1735880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.340206] fff00000c1735900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.340257] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.228779] ================================================================== [ 15.228966] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.229126] Write of size 1 at addr fff00000c17356da by task kunit_try_catch/158 [ 15.229355] [ 15.229487] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.229587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.229615] Hardware name: linux,dummy-virt (DT) [ 15.229646] Call trace: [ 15.229668] show_stack+0x20/0x38 (C) [ 15.229720] dump_stack_lvl+0x8c/0xd0 [ 15.229839] print_report+0x118/0x5d0 [ 15.229896] kasan_report+0xdc/0x128 [ 15.229943] __asan_report_store1_noabort+0x20/0x30 [ 15.229995] krealloc_less_oob_helper+0xa80/0xc50 [ 15.230044] krealloc_less_oob+0x20/0x38 [ 15.230091] kunit_try_run_case+0x170/0x3f0 [ 15.230157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.230218] kthread+0x328/0x630 [ 15.230260] ret_from_fork+0x10/0x20 [ 15.230341] [ 15.230373] Allocated by task 158: [ 15.230401] kasan_save_stack+0x3c/0x68 [ 15.230457] kasan_save_track+0x20/0x40 [ 15.230495] kasan_save_alloc_info+0x40/0x58 [ 15.230541] __kasan_krealloc+0x118/0x178 [ 15.230578] krealloc_noprof+0x128/0x360 [ 15.230629] krealloc_less_oob_helper+0x168/0xc50 [ 15.230668] krealloc_less_oob+0x20/0x38 [ 15.230705] kunit_try_run_case+0x170/0x3f0 [ 15.230751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.230793] kthread+0x328/0x630 [ 15.230843] ret_from_fork+0x10/0x20 [ 15.230878] [ 15.230898] The buggy address belongs to the object at fff00000c1735600 [ 15.230898] which belongs to the cache kmalloc-256 of size 256 [ 15.230955] The buggy address is located 17 bytes to the right of [ 15.230955] allocated 201-byte region [fff00000c1735600, fff00000c17356c9) [ 15.231019] [ 15.231039] The buggy address belongs to the physical page: [ 15.231076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.231154] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.231201] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.231250] page_type: f5(slab) [ 15.231300] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.231799] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.232243] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.232335] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.232410] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.232482] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.232544] page dumped because: kasan: bad access detected [ 15.232799] [ 15.232933] Memory state around the buggy address: [ 15.233065] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233473] fff00000c1735600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.233728] >fff00000c1735680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.233845] ^ [ 15.233905] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.234064] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.234370] ================================================================== [ 15.245953] ================================================================== [ 15.246096] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.246390] Write of size 1 at addr fff00000c17356eb by task kunit_try_catch/158 [ 15.246454] [ 15.246531] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.246618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.246645] Hardware name: linux,dummy-virt (DT) [ 15.246840] Call trace: [ 15.247130] show_stack+0x20/0x38 (C) [ 15.247300] dump_stack_lvl+0x8c/0xd0 [ 15.247365] print_report+0x118/0x5d0 [ 15.247418] kasan_report+0xdc/0x128 [ 15.247515] __asan_report_store1_noabort+0x20/0x30 [ 15.247587] krealloc_less_oob_helper+0xa58/0xc50 [ 15.247637] krealloc_less_oob+0x20/0x38 [ 15.247710] kunit_try_run_case+0x170/0x3f0 [ 15.247926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.248196] kthread+0x328/0x630 [ 15.248282] ret_from_fork+0x10/0x20 [ 15.248406] [ 15.248443] Allocated by task 158: [ 15.248510] kasan_save_stack+0x3c/0x68 [ 15.248552] kasan_save_track+0x20/0x40 [ 15.249049] kasan_save_alloc_info+0x40/0x58 [ 15.249112] __kasan_krealloc+0x118/0x178 [ 15.249177] krealloc_noprof+0x128/0x360 [ 15.249235] krealloc_less_oob_helper+0x168/0xc50 [ 15.249308] krealloc_less_oob+0x20/0x38 [ 15.249486] kunit_try_run_case+0x170/0x3f0 [ 15.249526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.249746] kthread+0x328/0x630 [ 15.249970] ret_from_fork+0x10/0x20 [ 15.250039] [ 15.250099] The buggy address belongs to the object at fff00000c1735600 [ 15.250099] which belongs to the cache kmalloc-256 of size 256 [ 15.250538] The buggy address is located 34 bytes to the right of [ 15.250538] allocated 201-byte region [fff00000c1735600, fff00000c17356c9) [ 15.250864] [ 15.250924] The buggy address belongs to the physical page: [ 15.251000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.251077] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.251921] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.252024] page_type: f5(slab) [ 15.252074] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.252182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.252355] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.252448] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.252498] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.252950] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.253028] page dumped because: kasan: bad access detected [ 15.253060] [ 15.253079] Memory state around the buggy address: [ 15.253121] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253164] fff00000c1735600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.253205] >fff00000c1735680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.253241] ^ [ 15.253280] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253430] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253664] ================================================================== [ 15.286741] ================================================================== [ 15.286795] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.286846] Write of size 1 at addr fff00000c77560c9 by task kunit_try_catch/162 [ 15.287041] [ 15.287227] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.287460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.287643] Hardware name: linux,dummy-virt (DT) [ 15.287706] Call trace: [ 15.287738] show_stack+0x20/0x38 (C) [ 15.287859] dump_stack_lvl+0x8c/0xd0 [ 15.287947] print_report+0x118/0x5d0 [ 15.288166] kasan_report+0xdc/0x128 [ 15.288232] __asan_report_store1_noabort+0x20/0x30 [ 15.288555] krealloc_less_oob_helper+0xa48/0xc50 [ 15.288730] krealloc_large_less_oob+0x20/0x38 [ 15.288928] kunit_try_run_case+0x170/0x3f0 [ 15.289125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.289193] kthread+0x328/0x630 [ 15.289309] ret_from_fork+0x10/0x20 [ 15.289683] [ 15.289736] The buggy address belongs to the physical page: [ 15.289769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.289825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.290272] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.290345] page_type: f8(unknown) [ 15.290728] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.290825] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.290950] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.290999] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.291318] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.291438] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.291545] page dumped because: kasan: bad access detected [ 15.291870] [ 15.291914] Memory state around the buggy address: [ 15.292013] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.292116] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.292274] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.292505] ^ [ 15.292565] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.292679] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.292748] ================================================================== [ 15.217324] ================================================================== [ 15.217646] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.217755] Write of size 1 at addr fff00000c17356d0 by task kunit_try_catch/158 [ 15.217863] [ 15.218160] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.218460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.218749] Hardware name: linux,dummy-virt (DT) [ 15.218883] Call trace: [ 15.218987] show_stack+0x20/0x38 (C) [ 15.219070] dump_stack_lvl+0x8c/0xd0 [ 15.219153] print_report+0x118/0x5d0 [ 15.219508] kasan_report+0xdc/0x128 [ 15.219677] __asan_report_store1_noabort+0x20/0x30 [ 15.219737] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.219906] krealloc_less_oob+0x20/0x38 [ 15.220013] kunit_try_run_case+0x170/0x3f0 [ 15.220069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.220136] kthread+0x328/0x630 [ 15.220194] ret_from_fork+0x10/0x20 [ 15.220255] [ 15.220275] Allocated by task 158: [ 15.220304] kasan_save_stack+0x3c/0x68 [ 15.220365] kasan_save_track+0x20/0x40 [ 15.220687] kasan_save_alloc_info+0x40/0x58 [ 15.220873] __kasan_krealloc+0x118/0x178 [ 15.220953] krealloc_noprof+0x128/0x360 [ 15.221325] krealloc_less_oob_helper+0x168/0xc50 [ 15.221473] krealloc_less_oob+0x20/0x38 [ 15.221831] kunit_try_run_case+0x170/0x3f0 [ 15.221882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.222203] kthread+0x328/0x630 [ 15.222362] ret_from_fork+0x10/0x20 [ 15.222432] [ 15.222459] The buggy address belongs to the object at fff00000c1735600 [ 15.222459] which belongs to the cache kmalloc-256 of size 256 [ 15.222911] The buggy address is located 7 bytes to the right of [ 15.222911] allocated 201-byte region [fff00000c1735600, fff00000c17356c9) [ 15.223119] [ 15.223398] The buggy address belongs to the physical page: [ 15.223758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.223883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.224019] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.224107] page_type: f5(slab) [ 15.224463] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.224646] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.224772] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.224822] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.225278] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.225418] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.225481] page dumped because: kasan: bad access detected [ 15.225513] [ 15.225547] Memory state around the buggy address: [ 15.225702] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225899] fff00000c1735600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.225969] >fff00000c1735680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.226077] ^ [ 15.226163] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.226205] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.226678] ================================================================== [ 15.204816] ================================================================== [ 15.205274] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.205501] Write of size 1 at addr fff00000c17356c9 by task kunit_try_catch/158 [ 15.205630] [ 15.205786] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.205928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.205955] Hardware name: linux,dummy-virt (DT) [ 15.206005] Call trace: [ 15.206035] show_stack+0x20/0x38 (C) [ 15.206236] dump_stack_lvl+0x8c/0xd0 [ 15.206432] print_report+0x118/0x5d0 [ 15.206623] kasan_report+0xdc/0x128 [ 15.206793] __asan_report_store1_noabort+0x20/0x30 [ 15.206869] krealloc_less_oob_helper+0xa48/0xc50 [ 15.206925] krealloc_less_oob+0x20/0x38 [ 15.207020] kunit_try_run_case+0x170/0x3f0 [ 15.207072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.207133] kthread+0x328/0x630 [ 15.207175] ret_from_fork+0x10/0x20 [ 15.207229] [ 15.207249] Allocated by task 158: [ 15.207283] kasan_save_stack+0x3c/0x68 [ 15.207339] kasan_save_track+0x20/0x40 [ 15.207625] kasan_save_alloc_info+0x40/0x58 [ 15.208019] __kasan_krealloc+0x118/0x178 [ 15.208089] krealloc_noprof+0x128/0x360 [ 15.208266] krealloc_less_oob_helper+0x168/0xc50 [ 15.208647] krealloc_less_oob+0x20/0x38 [ 15.208808] kunit_try_run_case+0x170/0x3f0 [ 15.208934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.209110] kthread+0x328/0x630 [ 15.209145] ret_from_fork+0x10/0x20 [ 15.209309] [ 15.209384] The buggy address belongs to the object at fff00000c1735600 [ 15.209384] which belongs to the cache kmalloc-256 of size 256 [ 15.209629] The buggy address is located 0 bytes to the right of [ 15.209629] allocated 201-byte region [fff00000c1735600, fff00000c17356c9) [ 15.210063] [ 15.210090] The buggy address belongs to the physical page: [ 15.210338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.210494] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.210666] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.210818] page_type: f5(slab) [ 15.210906] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.210981] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.211286] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.211441] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.211566] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.211747] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.211846] page dumped because: kasan: bad access detected [ 15.212035] [ 15.212114] Memory state around the buggy address: [ 15.212214] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212371] fff00000c1735600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.212549] >fff00000c1735680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.212656] ^ [ 15.212775] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.212983] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.213176] ================================================================== [ 15.296813] ================================================================== [ 15.296848] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.296893] Write of size 1 at addr fff00000c77560da by task kunit_try_catch/162 [ 15.296948] [ 15.296975] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.297052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.297078] Hardware name: linux,dummy-virt (DT) [ 15.297108] Call trace: [ 15.297141] show_stack+0x20/0x38 (C) [ 15.297197] dump_stack_lvl+0x8c/0xd0 [ 15.297248] print_report+0x118/0x5d0 [ 15.297294] kasan_report+0xdc/0x128 [ 15.297639] __asan_report_store1_noabort+0x20/0x30 [ 15.297932] krealloc_less_oob_helper+0xa80/0xc50 [ 15.297994] krealloc_large_less_oob+0x20/0x38 [ 15.298471] kunit_try_run_case+0x170/0x3f0 [ 15.298954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.299296] kthread+0x328/0x630 [ 15.299555] ret_from_fork+0x10/0x20 [ 15.299763] [ 15.299896] The buggy address belongs to the physical page: [ 15.300070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.300468] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.300524] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.300700] page_type: f8(unknown) [ 15.300964] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.301027] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.301150] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.301238] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.301324] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.301661] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.301784] page dumped because: kasan: bad access detected [ 15.301859] [ 15.301901] Memory state around the buggy address: [ 15.302036] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.302102] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.302166] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.302324] ^ [ 15.302574] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.302659] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.302791] ================================================================== [ 15.293669] ================================================================== [ 15.293716] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.293763] Write of size 1 at addr fff00000c77560d0 by task kunit_try_catch/162 [ 15.293811] [ 15.293841] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.293919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.293944] Hardware name: linux,dummy-virt (DT) [ 15.293974] Call trace: [ 15.293995] show_stack+0x20/0x38 (C) [ 15.294041] dump_stack_lvl+0x8c/0xd0 [ 15.294086] print_report+0x118/0x5d0 [ 15.294131] kasan_report+0xdc/0x128 [ 15.294175] __asan_report_store1_noabort+0x20/0x30 [ 15.294225] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.294272] krealloc_large_less_oob+0x20/0x38 [ 15.294318] kunit_try_run_case+0x170/0x3f0 [ 15.294383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.294765] kthread+0x328/0x630 [ 15.294864] ret_from_fork+0x10/0x20 [ 15.295310] [ 15.295369] The buggy address belongs to the physical page: [ 15.295584] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.295665] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.295713] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.295893] page_type: f8(unknown) [ 15.295942] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.296094] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.296156] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.296261] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.296318] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.296380] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.296419] page dumped because: kasan: bad access detected [ 15.296450] [ 15.296468] Memory state around the buggy address: [ 15.296498] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.296540] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.296581] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.296617] ^ [ 15.296673] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.296717] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.296755] ================================================================== [ 15.310848] ================================================================== [ 15.310896] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.310943] Write of size 1 at addr fff00000c77560eb by task kunit_try_catch/162 [ 15.310992] [ 15.311033] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.311122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.311149] Hardware name: linux,dummy-virt (DT) [ 15.311184] Call trace: [ 15.311207] show_stack+0x20/0x38 (C) [ 15.311255] dump_stack_lvl+0x8c/0xd0 [ 15.311300] print_report+0x118/0x5d0 [ 15.311364] kasan_report+0xdc/0x128 [ 15.311410] __asan_report_store1_noabort+0x20/0x30 [ 15.311461] krealloc_less_oob_helper+0xa58/0xc50 [ 15.311519] krealloc_large_less_oob+0x20/0x38 [ 15.311567] kunit_try_run_case+0x170/0x3f0 [ 15.311619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.311680] kthread+0x328/0x630 [ 15.311722] ret_from_fork+0x10/0x20 [ 15.311769] [ 15.311788] The buggy address belongs to the physical page: [ 15.311827] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.311886] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.311940] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.311988] page_type: f8(unknown) [ 15.312026] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.312076] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.312124] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.312171] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.312219] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.312272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.312319] page dumped because: kasan: bad access detected [ 15.312731] [ 15.312760] Memory state around the buggy address: [ 15.312794] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.312993] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.313045] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.313082] ^ [ 15.313365] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.313465] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.313507] ================================================================== [ 15.304170] ================================================================== [ 15.304599] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.304708] Write of size 1 at addr fff00000c77560ea by task kunit_try_catch/162 [ 15.304762] [ 15.304796] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.305038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305237] Hardware name: linux,dummy-virt (DT) [ 15.305280] Call trace: [ 15.305382] show_stack+0x20/0x38 (C) [ 15.305468] dump_stack_lvl+0x8c/0xd0 [ 15.305579] print_report+0x118/0x5d0 [ 15.305725] kasan_report+0xdc/0x128 [ 15.305869] __asan_report_store1_noabort+0x20/0x30 [ 15.306027] krealloc_less_oob_helper+0xae4/0xc50 [ 15.306241] krealloc_large_less_oob+0x20/0x38 [ 15.306403] kunit_try_run_case+0x170/0x3f0 [ 15.306511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.306637] kthread+0x328/0x630 [ 15.306733] ret_from_fork+0x10/0x20 [ 15.306914] [ 15.306935] The buggy address belongs to the physical page: [ 15.306985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.307228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.307514] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.307628] page_type: f8(unknown) [ 15.307794] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.307847] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.307930] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.308118] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.308619] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.308736] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.308856] page dumped because: kasan: bad access detected [ 15.309035] [ 15.309146] Memory state around the buggy address: [ 15.309362] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.309638] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.309770] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.309847] ^ [ 15.309934] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.310038] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.310127] ================================================================== [ 15.235595] ================================================================== [ 15.235704] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.235758] Write of size 1 at addr fff00000c17356ea by task kunit_try_catch/158 [ 15.235806] [ 15.236136] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.236426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.236567] Hardware name: linux,dummy-virt (DT) [ 15.236665] Call trace: [ 15.236693] show_stack+0x20/0x38 (C) [ 15.236748] dump_stack_lvl+0x8c/0xd0 [ 15.236963] print_report+0x118/0x5d0 [ 15.237142] kasan_report+0xdc/0x128 [ 15.237258] __asan_report_store1_noabort+0x20/0x30 [ 15.237401] krealloc_less_oob_helper+0xae4/0xc50 [ 15.237566] krealloc_less_oob+0x20/0x38 [ 15.237687] kunit_try_run_case+0x170/0x3f0 [ 15.237737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.238118] kthread+0x328/0x630 [ 15.238240] ret_from_fork+0x10/0x20 [ 15.238379] [ 15.238440] Allocated by task 158: [ 15.238518] kasan_save_stack+0x3c/0x68 [ 15.238873] kasan_save_track+0x20/0x40 [ 15.238948] kasan_save_alloc_info+0x40/0x58 [ 15.239011] __kasan_krealloc+0x118/0x178 [ 15.239189] krealloc_noprof+0x128/0x360 [ 15.239418] krealloc_less_oob_helper+0x168/0xc50 [ 15.239523] krealloc_less_oob+0x20/0x38 [ 15.239662] kunit_try_run_case+0x170/0x3f0 [ 15.239779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.239897] kthread+0x328/0x630 [ 15.240009] ret_from_fork+0x10/0x20 [ 15.240064] [ 15.240084] The buggy address belongs to the object at fff00000c1735600 [ 15.240084] which belongs to the cache kmalloc-256 of size 256 [ 15.240481] The buggy address is located 33 bytes to the right of [ 15.240481] allocated 201-byte region [fff00000c1735600, fff00000c17356c9) [ 15.240637] [ 15.240717] The buggy address belongs to the physical page: [ 15.240841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.240944] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.241038] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.241379] page_type: f5(slab) [ 15.241471] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.241598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.241715] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.242165] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.242247] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.242481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.242574] page dumped because: kasan: bad access detected [ 15.242763] [ 15.242807] Memory state around the buggy address: [ 15.243180] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243396] fff00000c1735600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.243468] >fff00000c1735680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.243640] ^ [ 15.243717] fff00000c1735700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.243825] fff00000c1735780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.244108] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.185676] ================================================================== [ 15.185725] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.185774] Write of size 1 at addr fff00000c17354f0 by task kunit_try_catch/156 [ 15.186124] [ 15.186478] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.187170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.187268] Hardware name: linux,dummy-virt (DT) [ 15.187390] Call trace: [ 15.187485] show_stack+0x20/0x38 (C) [ 15.187865] dump_stack_lvl+0x8c/0xd0 [ 15.188017] print_report+0x118/0x5d0 [ 15.188132] kasan_report+0xdc/0x128 [ 15.188458] __asan_report_store1_noabort+0x20/0x30 [ 15.188580] krealloc_more_oob_helper+0x5c0/0x678 [ 15.188851] krealloc_more_oob+0x20/0x38 [ 15.189022] kunit_try_run_case+0x170/0x3f0 [ 15.189204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.189287] kthread+0x328/0x630 [ 15.189537] ret_from_fork+0x10/0x20 [ 15.189703] [ 15.189727] Allocated by task 156: [ 15.189755] kasan_save_stack+0x3c/0x68 [ 15.189821] kasan_save_track+0x20/0x40 [ 15.190042] kasan_save_alloc_info+0x40/0x58 [ 15.190095] __kasan_krealloc+0x118/0x178 [ 15.190133] krealloc_noprof+0x128/0x360 [ 15.190169] krealloc_more_oob_helper+0x168/0x678 [ 15.190351] krealloc_more_oob+0x20/0x38 [ 15.190432] kunit_try_run_case+0x170/0x3f0 [ 15.190484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.190526] kthread+0x328/0x630 [ 15.190570] ret_from_fork+0x10/0x20 [ 15.190607] [ 15.190626] The buggy address belongs to the object at fff00000c1735400 [ 15.190626] which belongs to the cache kmalloc-256 of size 256 [ 15.190699] The buggy address is located 5 bytes to the right of [ 15.190699] allocated 235-byte region [fff00000c1735400, fff00000c17354eb) [ 15.190766] [ 15.190785] The buggy address belongs to the physical page: [ 15.190816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.190883] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.190928] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.190977] page_type: f5(slab) [ 15.191015] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.191072] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.191130] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.191186] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.191247] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.191303] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.191351] page dumped because: kasan: bad access detected [ 15.191414] [ 15.191662] Memory state around the buggy address: [ 15.192413] fff00000c1735380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192533] fff00000c1735400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.192596] >fff00000c1735480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.192833] ^ [ 15.193356] fff00000c1735500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193435] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193558] ================================================================== [ 15.271806] ================================================================== [ 15.272041] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.272132] Write of size 1 at addr fff00000c77560f0 by task kunit_try_catch/160 [ 15.272398] [ 15.272453] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.272540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.272700] Hardware name: linux,dummy-virt (DT) [ 15.272917] Call trace: [ 15.272952] show_stack+0x20/0x38 (C) [ 15.273006] dump_stack_lvl+0x8c/0xd0 [ 15.273192] print_report+0x118/0x5d0 [ 15.273275] kasan_report+0xdc/0x128 [ 15.273363] __asan_report_store1_noabort+0x20/0x30 [ 15.273416] krealloc_more_oob_helper+0x5c0/0x678 [ 15.273662] krealloc_large_more_oob+0x20/0x38 [ 15.273816] kunit_try_run_case+0x170/0x3f0 [ 15.273941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.274014] kthread+0x328/0x630 [ 15.274406] ret_from_fork+0x10/0x20 [ 15.274510] [ 15.274588] The buggy address belongs to the physical page: [ 15.274665] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.274783] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.274925] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.275013] page_type: f8(unknown) [ 15.275517] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.275649] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.275774] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.275824] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.276046] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.276423] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.276513] page dumped because: kasan: bad access detected [ 15.276622] [ 15.276661] Memory state around the buggy address: [ 15.276693] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.277352] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.277425] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.277532] ^ [ 15.277729] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.277816] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.277985] ================================================================== [ 15.176273] ================================================================== [ 15.176351] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.176613] Write of size 1 at addr fff00000c17354eb by task kunit_try_catch/156 [ 15.176831] [ 15.176874] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.176959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.176993] Hardware name: linux,dummy-virt (DT) [ 15.177137] Call trace: [ 15.177163] show_stack+0x20/0x38 (C) [ 15.177217] dump_stack_lvl+0x8c/0xd0 [ 15.177271] print_report+0x118/0x5d0 [ 15.177322] kasan_report+0xdc/0x128 [ 15.177376] __asan_report_store1_noabort+0x20/0x30 [ 15.177428] krealloc_more_oob_helper+0x60c/0x678 [ 15.177831] krealloc_more_oob+0x20/0x38 [ 15.177992] kunit_try_run_case+0x170/0x3f0 [ 15.178045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.178484] kthread+0x328/0x630 [ 15.178624] ret_from_fork+0x10/0x20 [ 15.178805] [ 15.178858] Allocated by task 156: [ 15.178991] kasan_save_stack+0x3c/0x68 [ 15.179094] kasan_save_track+0x20/0x40 [ 15.179133] kasan_save_alloc_info+0x40/0x58 [ 15.179477] __kasan_krealloc+0x118/0x178 [ 15.179849] krealloc_noprof+0x128/0x360 [ 15.180121] krealloc_more_oob_helper+0x168/0x678 [ 15.180230] krealloc_more_oob+0x20/0x38 [ 15.180317] kunit_try_run_case+0x170/0x3f0 [ 15.180478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.180702] kthread+0x328/0x630 [ 15.180817] ret_from_fork+0x10/0x20 [ 15.180987] [ 15.181043] The buggy address belongs to the object at fff00000c1735400 [ 15.181043] which belongs to the cache kmalloc-256 of size 256 [ 15.181153] The buggy address is located 0 bytes to the right of [ 15.181153] allocated 235-byte region [fff00000c1735400, fff00000c17354eb) [ 15.181218] [ 15.181247] The buggy address belongs to the physical page: [ 15.181279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101734 [ 15.182025] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.182119] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.182177] page_type: f5(slab) [ 15.182917] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.183122] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.183249] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.183403] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.183545] head: 0bfffe0000000001 ffffc1ffc305cd01 00000000ffffffff 00000000ffffffff [ 15.183608] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.183690] page dumped because: kasan: bad access detected [ 15.183721] [ 15.183739] Memory state around the buggy address: [ 15.183784] fff00000c1735380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183827] fff00000c1735400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.183868] >fff00000c1735480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.183905] ^ [ 15.183943] fff00000c1735500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183983] fff00000c1735580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184021] ================================================================== [ 15.263584] ================================================================== [ 15.263791] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.263859] Write of size 1 at addr fff00000c77560eb by task kunit_try_catch/160 [ 15.264234] [ 15.264287] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.264388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.264416] Hardware name: linux,dummy-virt (DT) [ 15.264763] Call trace: [ 15.264804] show_stack+0x20/0x38 (C) [ 15.264978] dump_stack_lvl+0x8c/0xd0 [ 15.265070] print_report+0x118/0x5d0 [ 15.265260] kasan_report+0xdc/0x128 [ 15.265401] __asan_report_store1_noabort+0x20/0x30 [ 15.265790] krealloc_more_oob_helper+0x60c/0x678 [ 15.265990] krealloc_large_more_oob+0x20/0x38 [ 15.266150] kunit_try_run_case+0x170/0x3f0 [ 15.266246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.266601] kthread+0x328/0x630 [ 15.266807] ret_from_fork+0x10/0x20 [ 15.267049] [ 15.267129] The buggy address belongs to the physical page: [ 15.267283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.267456] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.267616] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.267832] page_type: f8(unknown) [ 15.267916] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.267974] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.268419] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.268526] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.268710] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.269090] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.269255] page dumped because: kasan: bad access detected [ 15.269419] [ 15.269451] Memory state around the buggy address: [ 15.269621] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.269683] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.269940] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.270009] ^ [ 15.270480] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.270640] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.270695] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.143401] ================================================================== [ 15.143489] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.143582] Free of addr fff00000c7750001 by task kunit_try_catch/150 [ 15.143629] [ 15.143671] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.143752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143778] Hardware name: linux,dummy-virt (DT) [ 15.143808] Call trace: [ 15.143830] show_stack+0x20/0x38 (C) [ 15.143879] dump_stack_lvl+0x8c/0xd0 [ 15.143924] print_report+0x118/0x5d0 [ 15.143977] kasan_report_invalid_free+0xc0/0xe8 [ 15.144035] __kasan_kfree_large+0x5c/0xa8 [ 15.144082] free_large_kmalloc+0x64/0x190 [ 15.144142] kfree+0x270/0x3c8 [ 15.144185] kmalloc_large_invalid_free+0x108/0x270 [ 15.144281] kunit_try_run_case+0x170/0x3f0 [ 15.144454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.144567] kthread+0x328/0x630 [ 15.144740] ret_from_fork+0x10/0x20 [ 15.144795] [ 15.144839] The buggy address belongs to the physical page: [ 15.144877] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.144936] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.144981] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.145035] page_type: f8(unknown) [ 15.145074] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.145122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.145170] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.145404] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.145500] head: 0bfffe0000000002 ffffc1ffc31dd401 00000000ffffffff 00000000ffffffff [ 15.145671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.145716] page dumped because: kasan: bad access detected [ 15.145790] [ 15.145809] Memory state around the buggy address: [ 15.145842] fff00000c774ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145886] fff00000c774ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.145929] >fff00000c7750000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.145967] ^ [ 15.145995] fff00000c7750080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.146207] fff00000c7750100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.146273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.134788] ================================================================== [ 15.134849] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.134898] Read of size 1 at addr fff00000c7750000 by task kunit_try_catch/148 [ 15.134947] [ 15.134979] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.135060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.135086] Hardware name: linux,dummy-virt (DT) [ 15.135115] Call trace: [ 15.135137] show_stack+0x20/0x38 (C) [ 15.135185] dump_stack_lvl+0x8c/0xd0 [ 15.135230] print_report+0x118/0x5d0 [ 15.135276] kasan_report+0xdc/0x128 [ 15.135321] __asan_report_load1_noabort+0x20/0x30 [ 15.135388] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.135432] kunit_try_run_case+0x170/0x3f0 [ 15.135479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.135530] kthread+0x328/0x630 [ 15.135574] ret_from_fork+0x10/0x20 [ 15.135621] [ 15.135640] The buggy address belongs to the physical page: [ 15.135671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.135721] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.135781] raw: 0bfffe0000000000 ffffc1ffc31dd508 fff00000da478c40 0000000000000000 [ 15.135829] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.135867] page dumped because: kasan: bad access detected [ 15.135897] [ 15.135915] Memory state around the buggy address: [ 15.135946] fff00000c774ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.135987] fff00000c774ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.136028] >fff00000c7750000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.136064] ^ [ 15.136091] fff00000c7750080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.136131] fff00000c7750100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.136168] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.125962] ================================================================== [ 15.126030] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.126081] Write of size 1 at addr fff00000c775200a by task kunit_try_catch/146 [ 15.126167] [ 15.127207] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.127388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.127417] Hardware name: linux,dummy-virt (DT) [ 15.127448] Call trace: [ 15.127509] show_stack+0x20/0x38 (C) [ 15.127579] dump_stack_lvl+0x8c/0xd0 [ 15.127818] print_report+0x118/0x5d0 [ 15.127880] kasan_report+0xdc/0x128 [ 15.128026] __asan_report_store1_noabort+0x20/0x30 [ 15.128085] kmalloc_large_oob_right+0x278/0x2b8 [ 15.128131] kunit_try_run_case+0x170/0x3f0 [ 15.128189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.128243] kthread+0x328/0x630 [ 15.128295] ret_from_fork+0x10/0x20 [ 15.128368] [ 15.128412] The buggy address belongs to the physical page: [ 15.128454] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.128516] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.128562] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.128620] page_type: f8(unknown) [ 15.128658] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.128706] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.128754] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.128811] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.128864] head: 0bfffe0000000002 ffffc1ffc31dd401 00000000ffffffff 00000000ffffffff [ 15.128919] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.128957] page dumped because: kasan: bad access detected [ 15.128996] [ 15.129014] Memory state around the buggy address: [ 15.129054] fff00000c7751f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.129112] fff00000c7751f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.129155] >fff00000c7752000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.129191] ^ [ 15.129220] fff00000c7752080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.129263] fff00000c7752100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.129300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.111968] ================================================================== [ 15.112297] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.112398] Write of size 1 at addr fff00000c7741f00 by task kunit_try_catch/144 [ 15.112485] [ 15.112559] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.112660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.112687] Hardware name: linux,dummy-virt (DT) [ 15.112736] Call trace: [ 15.112759] show_stack+0x20/0x38 (C) [ 15.112844] dump_stack_lvl+0x8c/0xd0 [ 15.112892] print_report+0x118/0x5d0 [ 15.112944] kasan_report+0xdc/0x128 [ 15.113143] __asan_report_store1_noabort+0x20/0x30 [ 15.113252] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.113505] kunit_try_run_case+0x170/0x3f0 [ 15.113582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.113636] kthread+0x328/0x630 [ 15.113694] ret_from_fork+0x10/0x20 [ 15.113853] [ 15.113892] Allocated by task 144: [ 15.113931] kasan_save_stack+0x3c/0x68 [ 15.113993] kasan_save_track+0x20/0x40 [ 15.114033] kasan_save_alloc_info+0x40/0x58 [ 15.114073] __kasan_kmalloc+0xd4/0xd8 [ 15.114109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.114147] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.114184] kunit_try_run_case+0x170/0x3f0 [ 15.114221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.114402] kthread+0x328/0x630 [ 15.114539] ret_from_fork+0x10/0x20 [ 15.114634] [ 15.114747] The buggy address belongs to the object at fff00000c7740000 [ 15.114747] which belongs to the cache kmalloc-8k of size 8192 [ 15.114827] The buggy address is located 0 bytes to the right of [ 15.114827] allocated 7936-byte region [fff00000c7740000, fff00000c7741f00) [ 15.115109] [ 15.115169] The buggy address belongs to the physical page: [ 15.115218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107740 [ 15.115305] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.115426] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.115499] page_type: f5(slab) [ 15.115538] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.115866] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.115931] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.116001] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.116280] head: 0bfffe0000000003 ffffc1ffc31dd001 00000000ffffffff 00000000ffffffff [ 15.116354] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.116489] page dumped because: kasan: bad access detected [ 15.116577] [ 15.116652] Memory state around the buggy address: [ 15.116767] fff00000c7741e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.116856] fff00000c7741e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.116957] >fff00000c7741f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.117024] ^ [ 15.117428] fff00000c7741f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.117496] fff00000c7742000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.117535] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.087760] ================================================================== [ 15.087816] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.087891] Write of size 1 at addr fff00000c3f17978 by task kunit_try_catch/142 [ 15.087949] [ 15.087981] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.088066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.088092] Hardware name: linux,dummy-virt (DT) [ 15.088124] Call trace: [ 15.088155] show_stack+0x20/0x38 (C) [ 15.088205] dump_stack_lvl+0x8c/0xd0 [ 15.088253] print_report+0x118/0x5d0 [ 15.088299] kasan_report+0xdc/0x128 [ 15.088708] __asan_report_store1_noabort+0x20/0x30 [ 15.089079] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.089167] kunit_try_run_case+0x170/0x3f0 [ 15.089234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.089287] kthread+0x328/0x630 [ 15.089347] ret_from_fork+0x10/0x20 [ 15.089428] [ 15.089952] Allocated by task 142: [ 15.090034] kasan_save_stack+0x3c/0x68 [ 15.090099] kasan_save_track+0x20/0x40 [ 15.090265] kasan_save_alloc_info+0x40/0x58 [ 15.090346] __kasan_kmalloc+0xd4/0xd8 [ 15.090402] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.090454] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.090495] kunit_try_run_case+0x170/0x3f0 [ 15.090863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.090941] kthread+0x328/0x630 [ 15.091150] ret_from_fork+0x10/0x20 [ 15.091371] [ 15.091778] The buggy address belongs to the object at fff00000c3f17900 [ 15.091778] which belongs to the cache kmalloc-128 of size 128 [ 15.091955] The buggy address is located 0 bytes to the right of [ 15.091955] allocated 120-byte region [fff00000c3f17900, fff00000c3f17978) [ 15.092079] [ 15.092189] The buggy address belongs to the physical page: [ 15.092298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.092414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.092799] page_type: f5(slab) [ 15.093051] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.093149] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.093360] page dumped because: kasan: bad access detected [ 15.093396] [ 15.093414] Memory state around the buggy address: [ 15.093461] fff00000c3f17800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.093687] fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093872] >fff00000c3f17900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.093946] ^ [ 15.094139] fff00000c3f17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.094278] fff00000c3f17a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.094374] ================================================================== [ 15.096114] ================================================================== [ 15.096256] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.096478] Write of size 1 at addr fff00000c3f17a78 by task kunit_try_catch/142 [ 15.096572] [ 15.096606] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.096688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.096715] Hardware name: linux,dummy-virt (DT) [ 15.097034] Call trace: [ 15.097177] show_stack+0x20/0x38 (C) [ 15.097880] dump_stack_lvl+0x8c/0xd0 [ 15.097980] print_report+0x118/0x5d0 [ 15.098118] kasan_report+0xdc/0x128 [ 15.098167] __asan_report_store1_noabort+0x20/0x30 [ 15.098787] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.098894] kunit_try_run_case+0x170/0x3f0 [ 15.099044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.099197] kthread+0x328/0x630 [ 15.099241] ret_from_fork+0x10/0x20 [ 15.099498] [ 15.099523] Allocated by task 142: [ 15.099672] kasan_save_stack+0x3c/0x68 [ 15.099742] kasan_save_track+0x20/0x40 [ 15.100081] kasan_save_alloc_info+0x40/0x58 [ 15.100207] __kasan_kmalloc+0xd4/0xd8 [ 15.100431] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.100587] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.100918] kunit_try_run_case+0x170/0x3f0 [ 15.101206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.101386] kthread+0x328/0x630 [ 15.101423] ret_from_fork+0x10/0x20 [ 15.101457] [ 15.101478] The buggy address belongs to the object at fff00000c3f17a00 [ 15.101478] which belongs to the cache kmalloc-128 of size 128 [ 15.101800] The buggy address is located 0 bytes to the right of [ 15.101800] allocated 120-byte region [fff00000c3f17a00, fff00000c3f17a78) [ 15.101980] [ 15.102086] The buggy address belongs to the physical page: [ 15.102125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.102473] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.102679] page_type: f5(slab) [ 15.102795] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.103013] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.103058] page dumped because: kasan: bad access detected [ 15.103431] [ 15.103482] Memory state around the buggy address: [ 15.103569] fff00000c3f17900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.103698] fff00000c3f17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104196] >fff00000c3f17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.104279] ^ [ 15.104477] fff00000c3f17a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104533] fff00000c3f17b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104581] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.063906] ================================================================== [ 15.063965] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.064015] Read of size 1 at addr fff00000c634d000 by task kunit_try_catch/140 [ 15.064064] [ 15.064141] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.064224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.064250] Hardware name: linux,dummy-virt (DT) [ 15.064289] Call trace: [ 15.064311] show_stack+0x20/0x38 (C) [ 15.064785] dump_stack_lvl+0x8c/0xd0 [ 15.065043] print_report+0x118/0x5d0 [ 15.065108] kasan_report+0xdc/0x128 [ 15.065438] __asan_report_load1_noabort+0x20/0x30 [ 15.065764] kmalloc_node_oob_right+0x2f4/0x330 [ 15.065833] kunit_try_run_case+0x170/0x3f0 [ 15.065885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.066247] kthread+0x328/0x630 [ 15.066408] ret_from_fork+0x10/0x20 [ 15.066481] [ 15.066726] Allocated by task 140: [ 15.066828] kasan_save_stack+0x3c/0x68 [ 15.067104] kasan_save_track+0x20/0x40 [ 15.067530] kasan_save_alloc_info+0x40/0x58 [ 15.067641] __kasan_kmalloc+0xd4/0xd8 [ 15.067793] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.068079] kmalloc_node_oob_right+0xbc/0x330 [ 15.068315] kunit_try_run_case+0x170/0x3f0 [ 15.068477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.068656] kthread+0x328/0x630 [ 15.068694] ret_from_fork+0x10/0x20 [ 15.068729] [ 15.068786] The buggy address belongs to the object at fff00000c634c000 [ 15.068786] which belongs to the cache kmalloc-4k of size 4096 [ 15.069154] The buggy address is located 0 bytes to the right of [ 15.069154] allocated 4096-byte region [fff00000c634c000, fff00000c634d000) [ 15.069252] [ 15.069295] The buggy address belongs to the physical page: [ 15.069716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106348 [ 15.070401] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.070533] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.070773] page_type: f5(slab) [ 15.070816] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.070892] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.071255] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.072868] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.072938] head: 0bfffe0000000003 ffffc1ffc318d201 00000000ffffffff 00000000ffffffff [ 15.073312] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.074062] page dumped because: kasan: bad access detected [ 15.074462] [ 15.074828] Memory state around the buggy address: [ 15.074896] fff00000c634cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.074942] fff00000c634cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.075874] >fff00000c634d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.075943] ^ [ 15.075983] fff00000c634d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076032] fff00000c634d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.076101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.045228] ================================================================== [ 15.046186] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.046417] Read of size 1 at addr fff00000c3ef7d5f by task kunit_try_catch/138 [ 15.046477] [ 15.046511] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.046598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.046625] Hardware name: linux,dummy-virt (DT) [ 15.046658] Call trace: [ 15.046681] show_stack+0x20/0x38 (C) [ 15.046733] dump_stack_lvl+0x8c/0xd0 [ 15.046971] print_report+0x118/0x5d0 [ 15.047067] kasan_report+0xdc/0x128 [ 15.047240] __asan_report_load1_noabort+0x20/0x30 [ 15.047405] kmalloc_oob_left+0x2ec/0x320 [ 15.047522] kunit_try_run_case+0x170/0x3f0 [ 15.047609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.047945] kthread+0x328/0x630 [ 15.048028] ret_from_fork+0x10/0x20 [ 15.048128] [ 15.048259] Allocated by task 26: [ 15.048633] kasan_save_stack+0x3c/0x68 [ 15.048695] kasan_save_track+0x20/0x40 [ 15.048758] kasan_save_alloc_info+0x40/0x58 [ 15.048999] __kasan_kmalloc+0xd4/0xd8 [ 15.049202] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.049395] kstrdup+0x54/0xc8 [ 15.049541] devtmpfs_work_loop+0x6f8/0xa58 [ 15.049591] devtmpfsd+0x50/0x58 [ 15.049915] kthread+0x328/0x630 [ 15.050044] ret_from_fork+0x10/0x20 [ 15.050206] [ 15.050294] Freed by task 26: [ 15.050518] kasan_save_stack+0x3c/0x68 [ 15.050978] kasan_save_track+0x20/0x40 [ 15.051050] kasan_save_free_info+0x4c/0x78 [ 15.051208] __kasan_slab_free+0x6c/0x98 [ 15.051380] kfree+0x214/0x3c8 [ 15.051458] devtmpfs_work_loop+0x804/0xa58 [ 15.051833] devtmpfsd+0x50/0x58 [ 15.051918] kthread+0x328/0x630 [ 15.052022] ret_from_fork+0x10/0x20 [ 15.052134] [ 15.052507] The buggy address belongs to the object at fff00000c3ef7d40 [ 15.052507] which belongs to the cache kmalloc-16 of size 16 [ 15.052614] The buggy address is located 15 bytes to the right of [ 15.052614] allocated 16-byte region [fff00000c3ef7d40, fff00000c3ef7d50) [ 15.052757] [ 15.052855] The buggy address belongs to the physical page: [ 15.052973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ef7 [ 15.053047] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.053441] page_type: f5(slab) [ 15.053518] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.053670] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.053765] page dumped because: kasan: bad access detected [ 15.053893] [ 15.053961] Memory state around the buggy address: [ 15.054071] fff00000c3ef7c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.054114] fff00000c3ef7c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.054477] >fff00000c3ef7d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 15.054621] ^ [ 15.054669] fff00000c3ef7d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.054750] fff00000c3ef7e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.054892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.033237] ================================================================== [ 15.033325] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.033399] Read of size 1 at addr fff00000c3f17880 by task kunit_try_catch/136 [ 15.033494] [ 15.033582] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.033726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.033817] Hardware name: linux,dummy-virt (DT) [ 15.033917] Call trace: [ 15.034007] show_stack+0x20/0x38 (C) [ 15.034156] dump_stack_lvl+0x8c/0xd0 [ 15.034231] print_report+0x118/0x5d0 [ 15.034277] kasan_report+0xdc/0x128 [ 15.034352] __asan_report_load1_noabort+0x20/0x30 [ 15.034403] kmalloc_oob_right+0x5d0/0x660 [ 15.034447] kunit_try_run_case+0x170/0x3f0 [ 15.034519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.034570] kthread+0x328/0x630 [ 15.034612] ret_from_fork+0x10/0x20 [ 15.034657] [ 15.034675] Allocated by task 136: [ 15.034702] kasan_save_stack+0x3c/0x68 [ 15.034740] kasan_save_track+0x20/0x40 [ 15.034776] kasan_save_alloc_info+0x40/0x58 [ 15.034815] __kasan_kmalloc+0xd4/0xd8 [ 15.034850] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.034887] kmalloc_oob_right+0xb0/0x660 [ 15.034921] kunit_try_run_case+0x170/0x3f0 [ 15.034957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.034998] kthread+0x328/0x630 [ 15.035029] ret_from_fork+0x10/0x20 [ 15.035063] [ 15.035081] The buggy address belongs to the object at fff00000c3f17800 [ 15.035081] which belongs to the cache kmalloc-128 of size 128 [ 15.035135] The buggy address is located 13 bytes to the right of [ 15.035135] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.035197] [ 15.035216] The buggy address belongs to the physical page: [ 15.035245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.035293] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.035347] page_type: f5(slab) [ 15.035383] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.035431] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.035540] page dumped because: kasan: bad access detected [ 15.035664] [ 15.035682] Memory state around the buggy address: [ 15.035752] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035810] fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.035960] >fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035997] ^ [ 15.036024] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036065] fff00000c3f17980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036102] ================================================================== [ 15.015603] ================================================================== [ 15.015929] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.016817] Write of size 1 at addr fff00000c3f17873 by task kunit_try_catch/136 [ 15.017199] [ 15.018392] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 15.018850] Tainted: [N]=TEST [ 15.019018] Hardware name: linux,dummy-virt (DT) [ 15.019494] Call trace: [ 15.019964] show_stack+0x20/0x38 (C) [ 15.020920] dump_stack_lvl+0x8c/0xd0 [ 15.021216] print_report+0x118/0x5d0 [ 15.021282] kasan_report+0xdc/0x128 [ 15.021339] __asan_report_store1_noabort+0x20/0x30 [ 15.021391] kmalloc_oob_right+0x5a4/0x660 [ 15.021437] kunit_try_run_case+0x170/0x3f0 [ 15.021488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.021540] kthread+0x328/0x630 [ 15.021760] ret_from_fork+0x10/0x20 [ 15.022870] [ 15.022914] Allocated by task 136: [ 15.023085] kasan_save_stack+0x3c/0x68 [ 15.023159] kasan_save_track+0x20/0x40 [ 15.023196] kasan_save_alloc_info+0x40/0x58 [ 15.023235] __kasan_kmalloc+0xd4/0xd8 [ 15.023271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.023310] kmalloc_oob_right+0xb0/0x660 [ 15.023358] kunit_try_run_case+0x170/0x3f0 [ 15.023395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.023436] kthread+0x328/0x630 [ 15.023489] ret_from_fork+0x10/0x20 [ 15.023547] [ 15.023681] The buggy address belongs to the object at fff00000c3f17800 [ 15.023681] which belongs to the cache kmalloc-128 of size 128 [ 15.023885] The buggy address is located 0 bytes to the right of [ 15.023885] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.024005] [ 15.024250] The buggy address belongs to the physical page: [ 15.024798] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.025883] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.026574] page_type: f5(slab) [ 15.027232] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.027311] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.027480] page dumped because: kasan: bad access detected [ 15.027525] [ 15.027551] Memory state around the buggy address: [ 15.028131] fff00000c3f17700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.028201] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.028255] >fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.028586] ^ [ 15.028985] fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029029] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.029135] ================================================================== [ 15.030370] ================================================================== [ 15.030412] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.030485] Write of size 1 at addr fff00000c3f17878 by task kunit_try_catch/136 [ 15.030657] [ 15.030729] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.030832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.030859] Hardware name: linux,dummy-virt (DT) [ 15.030926] Call trace: [ 15.030955] show_stack+0x20/0x38 (C) [ 15.031022] dump_stack_lvl+0x8c/0xd0 [ 15.031077] print_report+0x118/0x5d0 [ 15.031178] kasan_report+0xdc/0x128 [ 15.031242] __asan_report_store1_noabort+0x20/0x30 [ 15.031294] kmalloc_oob_right+0x538/0x660 [ 15.031350] kunit_try_run_case+0x170/0x3f0 [ 15.031399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.031450] kthread+0x328/0x630 [ 15.031515] ret_from_fork+0x10/0x20 [ 15.031562] [ 15.031579] Allocated by task 136: [ 15.031606] kasan_save_stack+0x3c/0x68 [ 15.031663] kasan_save_track+0x20/0x40 [ 15.031700] kasan_save_alloc_info+0x40/0x58 [ 15.031766] __kasan_kmalloc+0xd4/0xd8 [ 15.031842] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.031898] kmalloc_oob_right+0xb0/0x660 [ 15.031934] kunit_try_run_case+0x170/0x3f0 [ 15.032020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.032063] kthread+0x328/0x630 [ 15.032160] ret_from_fork+0x10/0x20 [ 15.032203] [ 15.032221] The buggy address belongs to the object at fff00000c3f17800 [ 15.032221] which belongs to the cache kmalloc-128 of size 128 [ 15.032283] The buggy address is located 5 bytes to the right of [ 15.032283] allocated 115-byte region [fff00000c3f17800, fff00000c3f17873) [ 15.032353] [ 15.032372] The buggy address belongs to the physical page: [ 15.032402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f17 [ 15.032452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.032520] page_type: f5(slab) [ 15.032557] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.032605] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.032644] page dumped because: kasan: bad access detected [ 15.032673] [ 15.032690] Memory state around the buggy address: [ 15.032759] fff00000c3f17700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.032826] fff00000c3f17780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032869] >fff00000c3f17800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.032906] ^ [ 15.032966] fff00000c3f17880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033044] fff00000c3f17900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033109] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 93.894801] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 93.897650] Modules linked in: [ 93.898610] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 93.899863] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 93.900566] Hardware name: linux,dummy-virt (DT) [ 93.901104] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.901951] pc : intlog10+0x38/0x48 [ 93.902382] lr : intlog10_test+0xe4/0x200 [ 93.902879] sp : ffff800082297c10 [ 93.903239] x29: ffff800082297c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.903989] x26: 1ffe000018a6a921 x25: 0000000000000000 x24: ffff800082297ce0 [ 93.904362] x23: ffff800082297d00 x22: 0000000000000000 x21: 1ffff00010452f82 [ 93.904703] x20: ffffa14217689d80 x19: ffff800080087990 x18: 000000006d89b754 [ 93.905050] x17: 0000000047b0ccb6 x16: fff00000c097583c x15: fff00000ff616b08 [ 93.905535] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7428436a3379 [ 93.906323] x11: 1ffff428436a3378 x10: ffff7428436a3378 x9 : ffffa14214c34ddc [ 93.907249] x8 : ffffa1421b519bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.907672] x5 : ffff700010452f82 x4 : 1ffff00010010f3a x3 : 1ffff42842ed13b0 [ 93.908014] x2 : 1ffff42842ed13b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.908423] Call trace: [ 93.908594] intlog10+0x38/0x48 (P) [ 93.908814] kunit_try_run_case+0x170/0x3f0 [ 93.909042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.909410] kthread+0x328/0x630 [ 93.909648] ret_from_fork+0x10/0x20 [ 93.909864] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 93.850153] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 93.851891] Modules linked in: [ 93.852437] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 93.853648] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 93.854004] Hardware name: linux,dummy-virt (DT) [ 93.854206] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.854487] pc : intlog2+0xd8/0xf8 [ 93.854875] lr : intlog2_test+0xe4/0x200 [ 93.855372] sp : ffff800082257c10 [ 93.855910] x29: ffff800082257c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.856839] x26: 1ffe0000188477c1 x25: 0000000000000000 x24: ffff800082257ce0 [ 93.857731] x23: ffff800082257d00 x22: 0000000000000000 x21: 1ffff0001044af82 [ 93.858654] x20: ffffa14217689c80 x19: ffff800080087990 x18: 00000000d4659c0e [ 93.859455] x17: 000000007c6a2491 x16: fff00000c097583c x15: fff00000ff616b08 [ 93.860218] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7428436a3379 [ 93.860580] x11: 1ffff428436a3378 x10: ffff7428436a3378 x9 : ffffa14214c34fdc [ 93.860915] x8 : ffffa1421b519bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.861255] x5 : ffff70001044af82 x4 : 1ffff00010010f3a x3 : 1ffff42842ed1390 [ 93.862135] x2 : 1ffff42842ed1390 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.862918] Call trace: [ 93.863221] intlog2+0xd8/0xf8 (P) [ 93.863629] kunit_try_run_case+0x170/0x3f0 [ 93.864061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.864609] kthread+0x328/0x630 [ 93.864988] ret_from_fork+0x10/0x20 [ 93.865461] ---[ end trace 0000000000000000 ]---