Date
July 19, 2025, 11:11 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.588226] ================================================================== [ 17.588291] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.588346] Write of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.588397] [ 17.588435] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.588518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.589424] Hardware name: linux,dummy-virt (DT) [ 17.589768] Call trace: [ 17.589812] show_stack+0x20/0x38 (C) [ 17.590151] dump_stack_lvl+0x8c/0xd0 [ 17.590332] print_report+0x118/0x5d0 [ 17.590576] kasan_report+0xdc/0x128 [ 17.590641] kasan_check_range+0x100/0x1a8 [ 17.590833] __kasan_check_write+0x20/0x30 [ 17.591044] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.591144] kasan_bitops_generic+0x110/0x1c8 [ 17.591451] kunit_try_run_case+0x170/0x3f0 [ 17.591517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.592172] kthread+0x328/0x630 [ 17.592589] ret_from_fork+0x10/0x20 [ 17.592722] [ 17.592745] Allocated by task 262: [ 17.592952] kasan_save_stack+0x3c/0x68 [ 17.593452] kasan_save_track+0x20/0x40 [ 17.593690] kasan_save_alloc_info+0x40/0x58 [ 17.593886] __kasan_kmalloc+0xd4/0xd8 [ 17.593940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.594101] kasan_bitops_generic+0xa0/0x1c8 [ 17.594296] kunit_try_run_case+0x170/0x3f0 [ 17.594430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.594576] kthread+0x328/0x630 [ 17.594635] ret_from_fork+0x10/0x20 [ 17.594686] [ 17.594963] The buggy address belongs to the object at fff00000c5f9c4e0 [ 17.594963] which belongs to the cache kmalloc-16 of size 16 [ 17.595146] The buggy address is located 8 bytes inside of [ 17.595146] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.595214] [ 17.595583] The buggy address belongs to the physical page: [ 17.595948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 17.596224] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.596375] page_type: f5(slab) [ 17.596497] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.596689] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.596942] page dumped because: kasan: bad access detected [ 17.597081] [ 17.597147] Memory state around the buggy address: [ 17.597186] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.597497] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.597732] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.597787] ^ [ 17.598171] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598515] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598664] ================================================================== [ 17.601219] ================================================================== [ 17.601551] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.601715] Read of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.601794] [ 17.601877] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.601966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.602311] Hardware name: linux,dummy-virt (DT) [ 17.602390] Call trace: [ 17.602477] show_stack+0x20/0x38 (C) [ 17.602562] dump_stack_lvl+0x8c/0xd0 [ 17.602695] print_report+0x118/0x5d0 [ 17.602748] kasan_report+0xdc/0x128 [ 17.602795] __asan_report_load8_noabort+0x20/0x30 [ 17.602855] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.603072] kasan_bitops_generic+0x110/0x1c8 [ 17.603274] kunit_try_run_case+0x170/0x3f0 [ 17.603567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.603781] kthread+0x328/0x630 [ 17.603900] ret_from_fork+0x10/0x20 [ 17.604236] [ 17.604428] Allocated by task 262: [ 17.604494] kasan_save_stack+0x3c/0x68 [ 17.604610] kasan_save_track+0x20/0x40 [ 17.604768] kasan_save_alloc_info+0x40/0x58 [ 17.605017] __kasan_kmalloc+0xd4/0xd8 [ 17.605217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.605341] kasan_bitops_generic+0xa0/0x1c8 [ 17.605476] kunit_try_run_case+0x170/0x3f0 [ 17.605597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.605683] kthread+0x328/0x630 [ 17.605725] ret_from_fork+0x10/0x20 [ 17.605770] [ 17.605964] The buggy address belongs to the object at fff00000c5f9c4e0 [ 17.605964] which belongs to the cache kmalloc-16 of size 16 [ 17.606140] The buggy address is located 8 bytes inside of [ 17.606140] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.606646] [ 17.606727] The buggy address belongs to the physical page: [ 17.606864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 17.606960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.607102] page_type: f5(slab) [ 17.607180] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.607476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.607628] page dumped because: kasan: bad access detected [ 17.607791] [ 17.607871] Memory state around the buggy address: [ 17.607958] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.608078] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.608165] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.608398] ^ [ 17.608719] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.608801] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.608922] ================================================================== [ 17.610359] ================================================================== [ 17.610420] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.610477] Write of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.610526] [ 17.610665] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.610756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.610808] Hardware name: linux,dummy-virt (DT) [ 17.610850] Call trace: [ 17.610881] show_stack+0x20/0x38 (C) [ 17.610932] dump_stack_lvl+0x8c/0xd0 [ 17.610982] print_report+0x118/0x5d0 [ 17.611032] kasan_report+0xdc/0x128 [ 17.611080] kasan_check_range+0x100/0x1a8 [ 17.611128] __kasan_check_write+0x20/0x30 [ 17.611175] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.611227] kasan_bitops_generic+0x110/0x1c8 [ 17.611276] kunit_try_run_case+0x170/0x3f0 [ 17.611325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.611379] kthread+0x328/0x630 [ 17.611422] ret_from_fork+0x10/0x20 [ 17.611471] [ 17.611491] Allocated by task 262: [ 17.611519] kasan_save_stack+0x3c/0x68 [ 17.612174] kasan_save_track+0x20/0x40 [ 17.612248] kasan_save_alloc_info+0x40/0x58 [ 17.612338] __kasan_kmalloc+0xd4/0xd8 [ 17.612382] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.612509] kunit_try_run_case+0x170/0x3f0 [ 17.613847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.614644] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.615853] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.616974] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.618709] print_report+0x118/0x5d0 [ 17.619170] kasan_bitops_generic+0x110/0x1c8 [ 17.621620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.623368] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.624948] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.625465] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.627669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.627830] dump_stack_lvl+0x8c/0xd0 [ 17.628132] kasan_check_range+0x100/0x1a8 [ 17.628296] kasan_bitops_generic+0x110/0x1c8 [ 17.628780] [ 17.629128] kasan_save_track+0x20/0x40 [ 17.629574] kasan_bitops_generic+0xa0/0x1c8 [ 17.630749] [ 17.631092] page_type: f5(slab) [ 17.632320] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.632782] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.634517] [ 17.635002] Hardware name: linux,dummy-virt (DT) [ 17.636065] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.637415] Allocated by task 262: [ 17.638452] [ 17.638564] The buggy address is located 8 bytes inside of [ 17.638564] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.638991] page dumped because: kasan: bad access detected [ 17.639208] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.640940] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.741541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 17.682439] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 92.409618] Internal error: Oops: 0000000096000005 [#1] SMP [ 92.411784] Modules linked in: [ 92.412421] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 92.412877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 92.413067] Hardware name: linux,dummy-virt (DT) [ 92.413346] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.414037] pc : kunit_test_null_dereference+0x70/0x170 [ 92.414824] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.415451] sp : ffff800081f77d30 [ 92.415882] x29: ffff800081f77d90 x28: 0000000000000000 x27: 0000000000000000 [ 92.416795] x26: 1ffe000018bf7c41 x25: 0000000000000000 x24: 0000000000000004 [ 92.417598] x23: fff00000c5fbe20c x22: ffffa6a3eb4223b8 x21: fff00000c3ddda88 [ 92.418563] x20: 1ffff000103eefa6 x19: ffff800080087990 x18: 00000000796c92e9 [ 92.419499] x17: 00000000e939ea7f x16: fff00000c0975c3c x15: fff00000ff616b08 [ 92.420288] x14: 0000000000018fff x13: 1ffe00001b48a789 x12: fffd8000199a48b4 [ 92.421090] x11: 1ffe0000199a48b3 x10: fffd8000199a48b3 x9 : ffffa6a3eb419820 [ 92.421644] x8 : ffff800081f77c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 92.422290] x5 : ffff7000103eefa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 92.423156] x2 : dfff800000000000 x1 : fff00000ccd23cc0 x0 : ffff800080087990 [ 92.423715] Call trace: [ 92.423883] kunit_test_null_dereference+0x70/0x170 (P) [ 92.424126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.424365] kthread+0x328/0x630 [ 92.424555] ret_from_fork+0x10/0x20 [ 92.425031] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 92.426097] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.530770] ================================================================== [ 48.530833] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 48.530833] [ 48.530916] Use-after-free read at 0x000000005a9ef1fb (in kfence-#147): [ 48.530968] test_krealloc+0x51c/0x830 [ 48.531013] kunit_try_run_case+0x170/0x3f0 [ 48.531057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.531102] kthread+0x328/0x630 [ 48.531141] ret_from_fork+0x10/0x20 [ 48.531182] [ 48.531207] kfence-#147: 0x000000005a9ef1fb-0x000000000029d2be, size=32, cache=kmalloc-32 [ 48.531207] [ 48.531260] allocated by task 338 on cpu 0 at 48.530155s (0.001100s ago): [ 48.531327] test_alloc+0x29c/0x628 [ 48.531366] test_krealloc+0xc0/0x830 [ 48.531404] kunit_try_run_case+0x170/0x3f0 [ 48.531444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.531488] kthread+0x328/0x630 [ 48.531524] ret_from_fork+0x10/0x20 [ 48.531578] [ 48.531600] freed by task 338 on cpu 0 at 48.530361s (0.001236s ago): [ 48.531662] krealloc_noprof+0x148/0x360 [ 48.531702] test_krealloc+0x1dc/0x830 [ 48.531741] kunit_try_run_case+0x170/0x3f0 [ 48.531780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.531823] kthread+0x328/0x630 [ 48.531859] ret_from_fork+0x10/0x20 [ 48.531897] [ 48.531940] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.532019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.532048] Hardware name: linux,dummy-virt (DT) [ 48.532084] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.462686] ================================================================== [ 48.462787] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.462787] [ 48.462890] Use-after-free read at 0x00000000ddb8060a (in kfence-#146): [ 48.462943] test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.462994] kunit_try_run_case+0x170/0x3f0 [ 48.463039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.463085] kthread+0x328/0x630 [ 48.463125] ret_from_fork+0x10/0x20 [ 48.463166] [ 48.463191] kfence-#146: 0x00000000ddb8060a-0x00000000781b9d3b, size=32, cache=test [ 48.463191] [ 48.463243] allocated by task 336 on cpu 1 at 48.426420s (0.036819s ago): [ 48.463312] test_alloc+0x230/0x628 [ 48.463355] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 48.463396] kunit_try_run_case+0x170/0x3f0 [ 48.463439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.463481] kthread+0x328/0x630 [ 48.463517] ret_from_fork+0x10/0x20 [ 48.463575] [ 48.463600] freed by task 336 on cpu 1 at 48.426548s (0.037048s ago): [ 48.463659] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 48.463701] kunit_try_run_case+0x170/0x3f0 [ 48.463740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.463784] kthread+0x328/0x630 [ 48.463820] ret_from_fork+0x10/0x20 [ 48.463858] [ 48.463903] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.463981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.464010] Hardware name: linux,dummy-virt (DT) [ 48.464048] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.669466] ================================================================== [ 25.669625] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 25.669625] [ 25.669727] Invalid read at 0x000000004c2cbbcb: [ 25.669833] test_invalid_access+0xdc/0x1f0 [ 25.669899] kunit_try_run_case+0x170/0x3f0 [ 25.670047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.670097] kthread+0x328/0x630 [ 25.670145] ret_from_fork+0x10/0x20 [ 25.670195] [ 25.670246] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.670329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.670373] Hardware name: linux,dummy-virt (DT) [ 25.670613] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.442315] ================================================================== [ 25.442405] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.442405] [ 25.442482] Corrupted memory at 0x0000000077ad714a [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 25.442812] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.442864] kunit_try_run_case+0x170/0x3f0 [ 25.442907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.442950] kthread+0x328/0x630 [ 25.442988] ret_from_fork+0x10/0x20 [ 25.443027] [ 25.443051] kfence-#142: 0x0000000019639268-0x000000005809d05b, size=73, cache=kmalloc-96 [ 25.443051] [ 25.443106] allocated by task 326 on cpu 1 at 25.442089s (0.001014s ago): [ 25.443169] test_alloc+0x29c/0x628 [ 25.443209] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.443252] kunit_try_run_case+0x170/0x3f0 [ 25.443290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.443334] kthread+0x328/0x630 [ 25.443370] ret_from_fork+0x10/0x20 [ 25.443408] [ 25.443433] freed by task 326 on cpu 1 at 25.442228s (0.001202s ago): [ 25.443493] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.443545] kunit_try_run_case+0x170/0x3f0 [ 25.443585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.443627] kthread+0x328/0x630 [ 25.443664] ret_from_fork+0x10/0x20 [ 25.443702] [ 25.443746] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.443822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.443852] Hardware name: linux,dummy-virt (DT) [ 25.443886] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.026451] ================================================================== [ 25.026559] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.026559] [ 25.026663] Out-of-bounds read at 0x00000000fcbb2697 (105B right of kfence-#138): [ 25.026724] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.026774] kunit_try_run_case+0x170/0x3f0 [ 25.026818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.026864] kthread+0x328/0x630 [ 25.026903] ret_from_fork+0x10/0x20 [ 25.026945] [ 25.026970] kfence-#138: 0x000000006e96f44c-0x000000002bceecd8, size=73, cache=kmalloc-96 [ 25.026970] [ 25.027023] allocated by task 324 on cpu 1 at 25.026193s (0.000826s ago): [ 25.027093] test_alloc+0x29c/0x628 [ 25.027134] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.027179] kunit_try_run_case+0x170/0x3f0 [ 25.027221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.027265] kthread+0x328/0x630 [ 25.027301] ret_from_fork+0x10/0x20 [ 25.027341] [ 25.027386] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.027466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.027496] Hardware name: linux,dummy-virt (DT) [ 25.027542] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.658318] ================================================================== [ 20.658406] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 20.658406] [ 20.658480] Corrupted memory at 0x00000000b9d5a5b1 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 20.658811] test_corruption+0x120/0x378 [ 20.658859] kunit_try_run_case+0x170/0x3f0 [ 20.658903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.658948] kthread+0x328/0x630 [ 20.658986] ret_from_fork+0x10/0x20 [ 20.659027] [ 20.659051] kfence-#96: 0x00000000c6b5ab31-0x000000002f879a7c, size=32, cache=test [ 20.659051] [ 20.659105] allocated by task 314 on cpu 0 at 20.658174s (0.000927s ago): [ 20.659166] test_alloc+0x230/0x628 [ 20.659208] test_corruption+0xdc/0x378 [ 20.659249] kunit_try_run_case+0x170/0x3f0 [ 20.659289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.659333] kthread+0x328/0x630 [ 20.659369] ret_from_fork+0x10/0x20 [ 20.659407] [ 20.659431] freed by task 314 on cpu 0 at 20.658233s (0.001195s ago): [ 20.659492] test_corruption+0x120/0x378 [ 20.659541] kunit_try_run_case+0x170/0x3f0 [ 20.659581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.659624] kthread+0x328/0x630 [ 20.659660] ret_from_fork+0x10/0x20 [ 20.659699] [ 20.659742] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.659816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.659845] Hardware name: linux,dummy-virt (DT) [ 20.659878] ================================================================== [ 20.762315] ================================================================== [ 20.762404] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 20.762404] [ 20.762471] Corrupted memory at 0x000000007853c843 [ ! ] (in kfence-#97): [ 20.762603] test_corruption+0x1d8/0x378 [ 20.762648] kunit_try_run_case+0x170/0x3f0 [ 20.762692] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.762735] kthread+0x328/0x630 [ 20.762774] ret_from_fork+0x10/0x20 [ 20.762814] [ 20.762839] kfence-#97: 0x000000004bb6e412-0x00000000621556ae, size=32, cache=test [ 20.762839] [ 20.762891] allocated by task 314 on cpu 0 at 20.762175s (0.000713s ago): [ 20.762952] test_alloc+0x230/0x628 [ 20.762991] test_corruption+0x198/0x378 [ 20.763031] kunit_try_run_case+0x170/0x3f0 [ 20.763071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.763112] kthread+0x328/0x630 [ 20.763149] ret_from_fork+0x10/0x20 [ 20.763186] [ 20.763209] freed by task 314 on cpu 0 at 20.762232s (0.000973s ago): [ 20.763269] test_corruption+0x1d8/0x378 [ 20.763309] kunit_try_run_case+0x170/0x3f0 [ 20.763347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.763390] kthread+0x328/0x630 [ 20.763425] ret_from_fork+0x10/0x20 [ 20.763464] [ 20.763505] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.763592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.763622] Hardware name: linux,dummy-virt (DT) [ 20.763656] ================================================================== [ 20.450517] ================================================================== [ 20.450624] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.450624] [ 20.450683] Corrupted memory at 0x000000002b926d20 [ ! ] (in kfence-#94): [ 20.450815] test_corruption+0x284/0x378 [ 20.450861] kunit_try_run_case+0x170/0x3f0 [ 20.450906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.450949] kthread+0x328/0x630 [ 20.450988] ret_from_fork+0x10/0x20 [ 20.451028] [ 20.451052] kfence-#94: 0x000000005c73a7da-0x00000000506e67ca, size=32, cache=kmalloc-32 [ 20.451052] [ 20.451107] allocated by task 312 on cpu 0 at 20.450201s (0.000902s ago): [ 20.451168] test_alloc+0x29c/0x628 [ 20.451208] test_corruption+0x198/0x378 [ 20.451247] kunit_try_run_case+0x170/0x3f0 [ 20.451286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.451328] kthread+0x328/0x630 [ 20.451364] ret_from_fork+0x10/0x20 [ 20.451402] [ 20.451426] freed by task 312 on cpu 0 at 20.450336s (0.001086s ago): [ 20.451486] test_corruption+0x284/0x378 [ 20.451525] kunit_try_run_case+0x170/0x3f0 [ 20.451577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.451619] kthread+0x328/0x630 [ 20.451655] ret_from_fork+0x10/0x20 [ 20.451694] [ 20.451733] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.451806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.451837] Hardware name: linux,dummy-virt (DT) [ 20.451869] ================================================================== [ 20.346443] ================================================================== [ 20.346577] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.346577] [ 20.346650] Corrupted memory at 0x000000006b639477 [ ! . . . . . . . . . . . . . . . ] (in kfence-#93): [ 20.347758] test_corruption+0x278/0x378 [ 20.347808] kunit_try_run_case+0x170/0x3f0 [ 20.347854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.347899] kthread+0x328/0x630 [ 20.347941] ret_from_fork+0x10/0x20 [ 20.347981] [ 20.348006] kfence-#93: 0x000000000c5542d0-0x000000004a2a869a, size=32, cache=kmalloc-32 [ 20.348006] [ 20.348062] allocated by task 312 on cpu 0 at 20.346128s (0.001930s ago): [ 20.348126] test_alloc+0x29c/0x628 [ 20.348170] test_corruption+0xdc/0x378 [ 20.348210] kunit_try_run_case+0x170/0x3f0 [ 20.348249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.348293] kthread+0x328/0x630 [ 20.348328] ret_from_fork+0x10/0x20 [ 20.348367] [ 20.348390] freed by task 312 on cpu 0 at 20.346254s (0.002132s ago): [ 20.348450] test_corruption+0x278/0x378 [ 20.348490] kunit_try_run_case+0x170/0x3f0 [ 20.348539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.348583] kthread+0x328/0x630 [ 20.348620] ret_from_fork+0x10/0x20 [ 20.348659] [ 20.348706] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.348784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.348814] Hardware name: linux,dummy-virt (DT) [ 20.348850] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.242211] ================================================================== [ 20.242298] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.242298] [ 20.242359] Invalid free of 0x000000003cffa602 (in kfence-#92): [ 20.242408] test_invalid_addr_free+0xec/0x238 [ 20.242461] kunit_try_run_case+0x170/0x3f0 [ 20.242503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.242559] kthread+0x328/0x630 [ 20.242597] ret_from_fork+0x10/0x20 [ 20.242637] [ 20.242661] kfence-#92: 0x00000000ffd8456a-0x0000000057f56297, size=32, cache=test [ 20.242661] [ 20.242713] allocated by task 310 on cpu 1 at 20.242097s (0.000612s ago): [ 20.242774] test_alloc+0x230/0x628 [ 20.242815] test_invalid_addr_free+0xd4/0x238 [ 20.242857] kunit_try_run_case+0x170/0x3f0 [ 20.242897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.242939] kthread+0x328/0x630 [ 20.242975] ret_from_fork+0x10/0x20 [ 20.243013] [ 20.243053] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.243133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.243163] Hardware name: linux,dummy-virt (DT) [ 20.243196] ================================================================== [ 20.141176] ================================================================== [ 20.141264] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.141264] [ 20.141324] Invalid free of 0x00000000ab481706 (in kfence-#91): [ 20.141746] test_invalid_addr_free+0x1ac/0x238 [ 20.142067] kunit_try_run_case+0x170/0x3f0 [ 20.142576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142709] kthread+0x328/0x630 [ 20.142866] ret_from_fork+0x10/0x20 [ 20.143025] [ 20.143088] kfence-#91: 0x00000000c35b3026-0x00000000fd32b922, size=32, cache=kmalloc-32 [ 20.143088] [ 20.143190] allocated by task 308 on cpu 1 at 20.140339s (0.002847s ago): [ 20.143270] test_alloc+0x29c/0x628 [ 20.143322] test_invalid_addr_free+0xd4/0x238 [ 20.143385] kunit_try_run_case+0x170/0x3f0 [ 20.143454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.143499] kthread+0x328/0x630 [ 20.143559] ret_from_fork+0x10/0x20 [ 20.143625] [ 20.143671] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.143767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.143813] Hardware name: linux,dummy-virt (DT) [ 20.143855] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.034742] ================================================================== [ 20.034825] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.034825] [ 20.034881] Invalid free of 0x00000000546391c4 (in kfence-#90): [ 20.034931] test_double_free+0x100/0x238 [ 20.034976] kunit_try_run_case+0x170/0x3f0 [ 20.035019] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.035061] kthread+0x328/0x630 [ 20.035309] ret_from_fork+0x10/0x20 [ 20.035374] [ 20.035399] kfence-#90: 0x00000000546391c4-0x00000000b9c59e6f, size=32, cache=test [ 20.035399] [ 20.035477] allocated by task 306 on cpu 1 at 20.034525s (0.000921s ago): [ 20.035572] test_alloc+0x230/0x628 [ 20.035615] test_double_free+0xd4/0x238 [ 20.035672] kunit_try_run_case+0x170/0x3f0 [ 20.035738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.035782] kthread+0x328/0x630 [ 20.035837] ret_from_fork+0x10/0x20 [ 20.035876] [ 20.035899] freed by task 306 on cpu 1 at 20.034598s (0.001297s ago): [ 20.035959] test_double_free+0xf0/0x238 [ 20.036169] kunit_try_run_case+0x170/0x3f0 [ 20.036212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.036258] kthread+0x328/0x630 [ 20.036294] ret_from_fork+0x10/0x20 [ 20.036363] [ 20.036406] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.036485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.036513] Hardware name: linux,dummy-virt (DT) [ 20.036558] ================================================================== [ 19.931180] ================================================================== [ 19.931292] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 19.931292] [ 19.931419] Invalid free of 0x00000000df401f08 (in kfence-#89): [ 19.931493] test_double_free+0x1bc/0x238 [ 19.931570] kunit_try_run_case+0x170/0x3f0 [ 19.931627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.931671] kthread+0x328/0x630 [ 19.931726] ret_from_fork+0x10/0x20 [ 19.931768] [ 19.931792] kfence-#89: 0x00000000df401f08-0x00000000d144a7aa, size=32, cache=kmalloc-32 [ 19.931792] [ 19.932059] allocated by task 304 on cpu 1 at 19.930829s (0.001130s ago): [ 19.932201] test_alloc+0x29c/0x628 [ 19.932282] test_double_free+0xd4/0x238 [ 19.932394] kunit_try_run_case+0x170/0x3f0 [ 19.932462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932510] kthread+0x328/0x630 [ 19.932635] ret_from_fork+0x10/0x20 [ 19.932722] [ 19.932786] freed by task 304 on cpu 1 at 19.930899s (0.001855s ago): [ 19.932853] test_double_free+0x1ac/0x238 [ 19.932896] kunit_try_run_case+0x170/0x3f0 [ 19.932939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.932982] kthread+0x328/0x630 [ 19.933019] ret_from_fork+0x10/0x20 [ 19.933189] [ 19.933241] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.933322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.933351] Hardware name: linux,dummy-virt (DT) [ 19.933502] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.611998] ================================================================== [ 19.612359] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.612359] [ 19.612463] Use-after-free read at 0x00000000e3df1cbe (in kfence-#86): [ 19.612776] test_use_after_free_read+0x114/0x248 [ 19.612847] kunit_try_run_case+0x170/0x3f0 [ 19.612891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.613066] kthread+0x328/0x630 [ 19.613118] ret_from_fork+0x10/0x20 [ 19.613196] [ 19.613308] kfence-#86: 0x00000000e3df1cbe-0x000000007fe10ce8, size=32, cache=test [ 19.613308] [ 19.613386] allocated by task 298 on cpu 1 at 19.611034s (0.002331s ago): [ 19.613466] test_alloc+0x230/0x628 [ 19.613509] test_use_after_free_read+0xd0/0x248 [ 19.613862] kunit_try_run_case+0x170/0x3f0 [ 19.614030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.614117] kthread+0x328/0x630 [ 19.614317] ret_from_fork+0x10/0x20 [ 19.614707] [ 19.614987] freed by task 298 on cpu 1 at 19.611094s (0.003799s ago): [ 19.615362] test_use_after_free_read+0xf0/0x248 [ 19.615556] kunit_try_run_case+0x170/0x3f0 [ 19.615908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.616078] kthread+0x328/0x630 [ 19.616120] ret_from_fork+0x10/0x20 [ 19.616318] [ 19.616600] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.616712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.616821] Hardware name: linux,dummy-virt (DT) [ 19.616977] ================================================================== [ 19.507746] ================================================================== [ 19.507845] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.507845] [ 19.508567] Use-after-free read at 0x0000000085a1795e (in kfence-#85): [ 19.508671] test_use_after_free_read+0x114/0x248 [ 19.509019] kunit_try_run_case+0x170/0x3f0 [ 19.509081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.509164] kthread+0x328/0x630 [ 19.509215] ret_from_fork+0x10/0x20 [ 19.509525] [ 19.509628] kfence-#85: 0x0000000085a1795e-0x00000000bb32d74a, size=32, cache=kmalloc-32 [ 19.509628] [ 19.509687] allocated by task 296 on cpu 1 at 19.507178s (0.002505s ago): [ 19.509772] test_alloc+0x29c/0x628 [ 19.510105] test_use_after_free_read+0xd0/0x248 [ 19.510241] kunit_try_run_case+0x170/0x3f0 [ 19.510286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.510330] kthread+0x328/0x630 [ 19.510625] ret_from_fork+0x10/0x20 [ 19.510824] [ 19.511423] freed by task 296 on cpu 1 at 19.507521s (0.003583s ago): [ 19.512227] test_use_after_free_read+0x1c0/0x248 [ 19.512397] kunit_try_run_case+0x170/0x3f0 [ 19.512461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.512513] kthread+0x328/0x630 [ 19.512603] ret_from_fork+0x10/0x20 [ 19.512685] [ 19.512753] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.512844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512884] Hardware name: linux,dummy-virt (DT) [ 19.512932] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.292590] ================================================================== [ 19.292721] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.292721] [ 19.292808] Out-of-bounds write at 0x0000000035bde6b5 (1B left of kfence-#83): [ 19.292863] test_out_of_bounds_write+0x100/0x240 [ 19.292909] kunit_try_run_case+0x170/0x3f0 [ 19.292954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.292999] kthread+0x328/0x630 [ 19.293037] ret_from_fork+0x10/0x20 [ 19.293075] [ 19.293101] kfence-#83: 0x0000000090701912-0x0000000060a2e9c7, size=32, cache=kmalloc-32 [ 19.293101] [ 19.293162] allocated by task 292 on cpu 1 at 19.292158s (0.001001s ago): [ 19.293243] test_alloc+0x29c/0x628 [ 19.293286] test_out_of_bounds_write+0xc8/0x240 [ 19.293326] kunit_try_run_case+0x170/0x3f0 [ 19.293373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.293417] kthread+0x328/0x630 [ 19.293459] ret_from_fork+0x10/0x20 [ 19.293508] [ 19.293563] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.293640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.293680] Hardware name: linux,dummy-virt (DT) [ 19.293730] ================================================================== [ 19.399005] ================================================================== [ 19.399340] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.399340] [ 19.399438] Out-of-bounds write at 0x00000000352a7faf (1B left of kfence-#84): [ 19.399807] test_out_of_bounds_write+0x100/0x240 [ 19.399967] kunit_try_run_case+0x170/0x3f0 [ 19.400043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.400106] kthread+0x328/0x630 [ 19.400196] ret_from_fork+0x10/0x20 [ 19.400242] [ 19.400267] kfence-#84: 0x00000000486477e2-0x00000000c218f792, size=32, cache=test [ 19.400267] [ 19.400539] allocated by task 294 on cpu 1 at 19.398925s (0.001426s ago): [ 19.400754] test_alloc+0x230/0x628 [ 19.400858] test_out_of_bounds_write+0xc8/0x240 [ 19.400945] kunit_try_run_case+0x170/0x3f0 [ 19.400988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.401077] kthread+0x328/0x630 [ 19.401173] ret_from_fork+0x10/0x20 [ 19.401221] [ 19.401264] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.401662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.401827] Hardware name: linux,dummy-virt (DT) [ 19.401900] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.980165] ================================================================== [ 18.980243] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.980243] [ 18.980325] Out-of-bounds read at 0x000000003370a403 (32B right of kfence-#80): [ 18.980380] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.980431] kunit_try_run_case+0x170/0x3f0 [ 18.980475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.980527] kthread+0x328/0x630 [ 18.980590] ret_from_fork+0x10/0x20 [ 18.980631] [ 18.980664] kfence-#80: 0x00000000b9ffcffb-0x000000004c3293e7, size=32, cache=test [ 18.980664] [ 18.980720] allocated by task 290 on cpu 1 at 18.980067s (0.000649s ago): [ 18.980788] test_alloc+0x230/0x628 [ 18.980837] test_out_of_bounds_read+0x198/0x3e0 [ 18.980881] kunit_try_run_case+0x170/0x3f0 [ 18.980926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.980976] kthread+0x328/0x630 [ 18.981013] ret_from_fork+0x10/0x20 [ 18.981060] [ 18.981103] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.981180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.981209] Hardware name: linux,dummy-virt (DT) [ 18.981250] ================================================================== [ 18.663880] ================================================================== [ 18.663975] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.663975] [ 18.664113] Out-of-bounds read at 0x000000002af276a7 (1B left of kfence-#77): [ 18.664338] test_out_of_bounds_read+0x114/0x3e0 [ 18.664393] kunit_try_run_case+0x170/0x3f0 [ 18.664436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.664488] kthread+0x328/0x630 [ 18.664543] ret_from_fork+0x10/0x20 [ 18.664788] [ 18.665095] kfence-#77: 0x00000000198c5dd5-0x00000000c74e160e, size=32, cache=kmalloc-32 [ 18.665095] [ 18.665706] allocated by task 288 on cpu 1 at 18.663051s (0.002169s ago): [ 18.668526] test_alloc+0x29c/0x628 [ 18.669292] test_out_of_bounds_read+0xdc/0x3e0 [ 18.669527] kunit_try_run_case+0x170/0x3f0 [ 18.669698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.669852] kthread+0x328/0x630 [ 18.670122] ret_from_fork+0x10/0x20 [ 18.670506] [ 18.670801] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.671174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.671236] Hardware name: linux,dummy-virt (DT) [ 18.671433] ================================================================== [ 18.768498] ================================================================== [ 18.768590] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.768590] [ 18.768935] Out-of-bounds read at 0x000000005d39a13a (32B right of kfence-#78): [ 18.769301] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.769359] kunit_try_run_case+0x170/0x3f0 [ 18.769713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.769994] kthread+0x328/0x630 [ 18.770086] ret_from_fork+0x10/0x20 [ 18.770463] [ 18.770582] kfence-#78: 0x00000000486732ab-0x00000000b46546cd, size=32, cache=kmalloc-32 [ 18.770582] [ 18.770779] allocated by task 288 on cpu 1 at 18.767875s (0.002878s ago): [ 18.770881] test_alloc+0x29c/0x628 [ 18.770957] test_out_of_bounds_read+0x198/0x3e0 [ 18.771032] kunit_try_run_case+0x170/0x3f0 [ 18.771119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771201] kthread+0x328/0x630 [ 18.771625] ret_from_fork+0x10/0x20 [ 18.771831] [ 18.772111] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.772289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.772519] Hardware name: linux,dummy-virt (DT) [ 18.772929] ================================================================== [ 18.873233] ================================================================== [ 18.873447] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.873447] [ 18.873553] Out-of-bounds read at 0x00000000eeb27900 (1B left of kfence-#79): [ 18.873717] test_out_of_bounds_read+0x114/0x3e0 [ 18.874029] kunit_try_run_case+0x170/0x3f0 [ 18.874260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.874335] kthread+0x328/0x630 [ 18.874571] ret_from_fork+0x10/0x20 [ 18.874683] [ 18.874716] kfence-#79: 0x000000004ba2bf38-0x000000006256f305, size=32, cache=test [ 18.874716] [ 18.875177] allocated by task 290 on cpu 1 at 18.872087s (0.002871s ago): [ 18.875840] test_alloc+0x230/0x628 [ 18.876109] test_out_of_bounds_read+0xdc/0x3e0 [ 18.876383] kunit_try_run_case+0x170/0x3f0 [ 18.876647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.876919] kthread+0x328/0x630 [ 18.876968] ret_from_fork+0x10/0x20 [ 18.877505] [ 18.877642] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.878289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.878404] Hardware name: linux,dummy-virt (DT) [ 18.878698] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.574788] ================================================================== [ 18.574842] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.574895] Write of size 1 at addr fff00000c77d3578 by task kunit_try_catch/286 [ 18.574945] [ 18.574978] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.575166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.575205] Hardware name: linux,dummy-virt (DT) [ 18.575238] Call trace: [ 18.575264] show_stack+0x20/0x38 (C) [ 18.575316] dump_stack_lvl+0x8c/0xd0 [ 18.575363] print_report+0x118/0x5d0 [ 18.575433] kasan_report+0xdc/0x128 [ 18.575491] __asan_report_store1_noabort+0x20/0x30 [ 18.575563] strncpy_from_user+0x270/0x2a0 [ 18.575624] copy_user_test_oob+0x5c0/0xec8 [ 18.575675] kunit_try_run_case+0x170/0x3f0 [ 18.575725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.575779] kthread+0x328/0x630 [ 18.575824] ret_from_fork+0x10/0x20 [ 18.575873] [ 18.575895] Allocated by task 286: [ 18.575924] kasan_save_stack+0x3c/0x68 [ 18.575967] kasan_save_track+0x20/0x40 [ 18.576015] kasan_save_alloc_info+0x40/0x58 [ 18.576061] __kasan_kmalloc+0xd4/0xd8 [ 18.576104] __kmalloc_noprof+0x198/0x4c8 [ 18.576145] kunit_kmalloc_array+0x34/0x88 [ 18.576192] copy_user_test_oob+0xac/0xec8 [ 18.576233] kunit_try_run_case+0x170/0x3f0 [ 18.576283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.576335] kthread+0x328/0x630 [ 18.576379] ret_from_fork+0x10/0x20 [ 18.576416] [ 18.576442] The buggy address belongs to the object at fff00000c77d3500 [ 18.576442] which belongs to the cache kmalloc-128 of size 128 [ 18.576502] The buggy address is located 0 bytes to the right of [ 18.576502] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.577744] [ 18.577801] The buggy address belongs to the physical page: [ 18.577992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.578067] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.578290] page_type: f5(slab) [ 18.578343] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.578422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.578871] page dumped because: kasan: bad access detected [ 18.579163] [ 18.579627] Memory state around the buggy address: [ 18.579713] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.579770] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.580105] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.580153] ^ [ 18.580630] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.580685] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.580865] ================================================================== [ 18.563544] ================================================================== [ 18.563596] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.563652] Write of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.564205] [ 18.564253] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.564696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.564738] Hardware name: linux,dummy-virt (DT) [ 18.564771] Call trace: [ 18.565071] show_stack+0x20/0x38 (C) [ 18.565164] dump_stack_lvl+0x8c/0xd0 [ 18.565216] print_report+0x118/0x5d0 [ 18.565578] kasan_report+0xdc/0x128 [ 18.565947] kasan_check_range+0x100/0x1a8 [ 18.566177] __kasan_check_write+0x20/0x30 [ 18.566286] strncpy_from_user+0x3c/0x2a0 [ 18.566581] copy_user_test_oob+0x5c0/0xec8 [ 18.566642] kunit_try_run_case+0x170/0x3f0 [ 18.566873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.567102] kthread+0x328/0x630 [ 18.567587] ret_from_fork+0x10/0x20 [ 18.567692] [ 18.567797] Allocated by task 286: [ 18.567833] kasan_save_stack+0x3c/0x68 [ 18.567928] kasan_save_track+0x20/0x40 [ 18.568158] kasan_save_alloc_info+0x40/0x58 [ 18.568337] __kasan_kmalloc+0xd4/0xd8 [ 18.568618] __kmalloc_noprof+0x198/0x4c8 [ 18.568839] kunit_kmalloc_array+0x34/0x88 [ 18.568952] copy_user_test_oob+0xac/0xec8 [ 18.569032] kunit_try_run_case+0x170/0x3f0 [ 18.569099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.569241] kthread+0x328/0x630 [ 18.569439] ret_from_fork+0x10/0x20 [ 18.569839] [ 18.569994] The buggy address belongs to the object at fff00000c77d3500 [ 18.569994] which belongs to the cache kmalloc-128 of size 128 [ 18.570150] The buggy address is located 0 bytes inside of [ 18.570150] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.570286] [ 18.570394] The buggy address belongs to the physical page: [ 18.570436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.570489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.570727] page_type: f5(slab) [ 18.571386] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.571501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.571722] page dumped because: kasan: bad access detected [ 18.571951] [ 18.572272] Memory state around the buggy address: [ 18.572340] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.572392] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.572839] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.573074] ^ [ 18.573198] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573455] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.536275] ================================================================== [ 18.536543] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.536608] Read of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.536942] [ 18.537156] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.537256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.537294] Hardware name: linux,dummy-virt (DT) [ 18.537328] Call trace: [ 18.537353] show_stack+0x20/0x38 (C) [ 18.537594] dump_stack_lvl+0x8c/0xd0 [ 18.537662] print_report+0x118/0x5d0 [ 18.537710] kasan_report+0xdc/0x128 [ 18.537756] kasan_check_range+0x100/0x1a8 [ 18.537813] __kasan_check_read+0x20/0x30 [ 18.537858] copy_user_test_oob+0x3c8/0xec8 [ 18.537915] kunit_try_run_case+0x170/0x3f0 [ 18.537972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.538027] kthread+0x328/0x630 [ 18.538071] ret_from_fork+0x10/0x20 [ 18.538119] [ 18.538140] Allocated by task 286: [ 18.538169] kasan_save_stack+0x3c/0x68 [ 18.538230] kasan_save_track+0x20/0x40 [ 18.538269] kasan_save_alloc_info+0x40/0x58 [ 18.538321] __kasan_kmalloc+0xd4/0xd8 [ 18.538362] __kmalloc_noprof+0x198/0x4c8 [ 18.538415] kunit_kmalloc_array+0x34/0x88 [ 18.538455] copy_user_test_oob+0xac/0xec8 [ 18.538503] kunit_try_run_case+0x170/0x3f0 [ 18.539138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539816] kthread+0x328/0x630 [ 18.540102] ret_from_fork+0x10/0x20 [ 18.540240] [ 18.540266] The buggy address belongs to the object at fff00000c77d3500 [ 18.540266] which belongs to the cache kmalloc-128 of size 128 [ 18.540414] The buggy address is located 0 bytes inside of [ 18.540414] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.540498] [ 18.540984] The buggy address belongs to the physical page: [ 18.541126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.541502] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.541760] page_type: f5(slab) [ 18.541813] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.541995] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.542164] page dumped because: kasan: bad access detected [ 18.542619] [ 18.542679] Memory state around the buggy address: [ 18.542985] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.543054] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543144] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.543218] ^ [ 18.543411] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.543491] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.544172] ================================================================== [ 18.488611] ================================================================== [ 18.488751] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.488909] Write of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.489444] [ 18.489602] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.489715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.489803] Hardware name: linux,dummy-virt (DT) [ 18.489995] Call trace: [ 18.490084] show_stack+0x20/0x38 (C) [ 18.490291] dump_stack_lvl+0x8c/0xd0 [ 18.490436] print_report+0x118/0x5d0 [ 18.490768] kasan_report+0xdc/0x128 [ 18.490956] kasan_check_range+0x100/0x1a8 [ 18.491082] __kasan_check_write+0x20/0x30 [ 18.491252] copy_user_test_oob+0x234/0xec8 [ 18.491503] kunit_try_run_case+0x170/0x3f0 [ 18.491895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.492021] kthread+0x328/0x630 [ 18.492174] ret_from_fork+0x10/0x20 [ 18.492330] [ 18.492410] Allocated by task 286: [ 18.492446] kasan_save_stack+0x3c/0x68 [ 18.493028] kasan_save_track+0x20/0x40 [ 18.493468] kasan_save_alloc_info+0x40/0x58 [ 18.493728] __kasan_kmalloc+0xd4/0xd8 [ 18.494098] __kmalloc_noprof+0x198/0x4c8 [ 18.494156] kunit_kmalloc_array+0x34/0x88 [ 18.494196] copy_user_test_oob+0xac/0xec8 [ 18.494238] kunit_try_run_case+0x170/0x3f0 [ 18.494476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.494591] kthread+0x328/0x630 [ 18.494966] ret_from_fork+0x10/0x20 [ 18.495121] [ 18.495489] The buggy address belongs to the object at fff00000c77d3500 [ 18.495489] which belongs to the cache kmalloc-128 of size 128 [ 18.495592] The buggy address is located 0 bytes inside of [ 18.495592] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.495891] [ 18.495940] The buggy address belongs to the physical page: [ 18.496010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.496079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.496160] page_type: f5(slab) [ 18.496205] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.496450] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.496780] page dumped because: kasan: bad access detected [ 18.496831] [ 18.496852] Memory state around the buggy address: [ 18.496911] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.496959] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.497007] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.497049] ^ [ 18.497094] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.497139] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.497179] ================================================================== [ 18.525209] ================================================================== [ 18.525427] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.525503] Write of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.525678] [ 18.526094] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.526290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.526322] Hardware name: linux,dummy-virt (DT) [ 18.526980] Call trace: [ 18.527018] show_stack+0x20/0x38 (C) [ 18.527196] dump_stack_lvl+0x8c/0xd0 [ 18.527364] print_report+0x118/0x5d0 [ 18.527634] kasan_report+0xdc/0x128 [ 18.527900] kasan_check_range+0x100/0x1a8 [ 18.527964] __kasan_check_write+0x20/0x30 [ 18.528167] copy_user_test_oob+0x35c/0xec8 [ 18.528374] kunit_try_run_case+0x170/0x3f0 [ 18.528456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.528618] kthread+0x328/0x630 [ 18.528781] ret_from_fork+0x10/0x20 [ 18.528855] [ 18.528878] Allocated by task 286: [ 18.528955] kasan_save_stack+0x3c/0x68 [ 18.529184] kasan_save_track+0x20/0x40 [ 18.529385] kasan_save_alloc_info+0x40/0x58 [ 18.529542] __kasan_kmalloc+0xd4/0xd8 [ 18.529651] __kmalloc_noprof+0x198/0x4c8 [ 18.529714] kunit_kmalloc_array+0x34/0x88 [ 18.529829] copy_user_test_oob+0xac/0xec8 [ 18.529872] kunit_try_run_case+0x170/0x3f0 [ 18.529912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.530113] kthread+0x328/0x630 [ 18.530499] ret_from_fork+0x10/0x20 [ 18.530609] [ 18.530639] The buggy address belongs to the object at fff00000c77d3500 [ 18.530639] which belongs to the cache kmalloc-128 of size 128 [ 18.530920] The buggy address is located 0 bytes inside of [ 18.530920] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.531159] [ 18.531252] The buggy address belongs to the physical page: [ 18.531365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.531440] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.531491] page_type: f5(slab) [ 18.531548] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.532068] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.532120] page dumped because: kasan: bad access detected [ 18.532253] [ 18.532397] Memory state around the buggy address: [ 18.532915] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.532982] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.533230] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.533504] ^ [ 18.533592] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.534044] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.534182] ================================================================== [ 18.546577] ================================================================== [ 18.546642] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.546876] Write of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.547046] [ 18.547090] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.547183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.547448] Hardware name: linux,dummy-virt (DT) [ 18.547524] Call trace: [ 18.547672] show_stack+0x20/0x38 (C) [ 18.547735] dump_stack_lvl+0x8c/0xd0 [ 18.547991] print_report+0x118/0x5d0 [ 18.548234] kasan_report+0xdc/0x128 [ 18.548296] kasan_check_range+0x100/0x1a8 [ 18.548609] __kasan_check_write+0x20/0x30 [ 18.548687] copy_user_test_oob+0x434/0xec8 [ 18.549035] kunit_try_run_case+0x170/0x3f0 [ 18.549206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.549402] kthread+0x328/0x630 [ 18.549464] ret_from_fork+0x10/0x20 [ 18.549562] [ 18.549612] Allocated by task 286: [ 18.549645] kasan_save_stack+0x3c/0x68 [ 18.549689] kasan_save_track+0x20/0x40 [ 18.549903] kasan_save_alloc_info+0x40/0x58 [ 18.549979] __kasan_kmalloc+0xd4/0xd8 [ 18.550183] __kmalloc_noprof+0x198/0x4c8 [ 18.550388] kunit_kmalloc_array+0x34/0x88 [ 18.550593] copy_user_test_oob+0xac/0xec8 [ 18.550854] kunit_try_run_case+0x170/0x3f0 [ 18.550905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.551099] kthread+0x328/0x630 [ 18.551210] ret_from_fork+0x10/0x20 [ 18.551299] [ 18.551810] The buggy address belongs to the object at fff00000c77d3500 [ 18.551810] which belongs to the cache kmalloc-128 of size 128 [ 18.551927] The buggy address is located 0 bytes inside of [ 18.551927] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.552044] [ 18.552173] The buggy address belongs to the physical page: [ 18.552207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.552285] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.552566] page_type: f5(slab) [ 18.552837] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.552904] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.552969] page dumped because: kasan: bad access detected [ 18.553014] [ 18.553037] Memory state around the buggy address: [ 18.553072] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.553119] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553164] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.553205] ^ [ 18.553273] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553335] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553377] ================================================================== [ 18.556011] ================================================================== [ 18.556410] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.556499] Read of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.556603] [ 18.556638] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.556724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.556754] Hardware name: linux,dummy-virt (DT) [ 18.557014] Call trace: [ 18.557189] show_stack+0x20/0x38 (C) [ 18.557378] dump_stack_lvl+0x8c/0xd0 [ 18.557442] print_report+0x118/0x5d0 [ 18.557714] kasan_report+0xdc/0x128 [ 18.557822] kasan_check_range+0x100/0x1a8 [ 18.558032] __kasan_check_read+0x20/0x30 [ 18.558248] copy_user_test_oob+0x4a0/0xec8 [ 18.558339] kunit_try_run_case+0x170/0x3f0 [ 18.558517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.558915] kthread+0x328/0x630 [ 18.559018] ret_from_fork+0x10/0x20 [ 18.559169] [ 18.559773] Allocated by task 286: [ 18.560003] kasan_save_stack+0x3c/0x68 [ 18.560127] kasan_save_track+0x20/0x40 [ 18.560217] kasan_save_alloc_info+0x40/0x58 [ 18.560356] __kasan_kmalloc+0xd4/0xd8 [ 18.560559] __kmalloc_noprof+0x198/0x4c8 [ 18.560649] kunit_kmalloc_array+0x34/0x88 [ 18.560787] copy_user_test_oob+0xac/0xec8 [ 18.561088] kunit_try_run_case+0x170/0x3f0 [ 18.561182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.561348] kthread+0x328/0x630 [ 18.561491] ret_from_fork+0x10/0x20 [ 18.561597] [ 18.561623] The buggy address belongs to the object at fff00000c77d3500 [ 18.561623] which belongs to the cache kmalloc-128 of size 128 [ 18.561702] The buggy address is located 0 bytes inside of [ 18.561702] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.561783] [ 18.561813] The buggy address belongs to the physical page: [ 18.561847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.561911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.561960] page_type: f5(slab) [ 18.562000] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.562052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.562104] page dumped because: kasan: bad access detected [ 18.562150] [ 18.562180] Memory state around the buggy address: [ 18.562222] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.562269] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562316] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.562356] ^ [ 18.562408] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562472] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562521] ================================================================== [ 18.507104] ================================================================== [ 18.507169] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.507234] Read of size 121 at addr fff00000c77d3500 by task kunit_try_catch/286 [ 18.507288] [ 18.507336] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.507422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.507456] Hardware name: linux,dummy-virt (DT) [ 18.507491] Call trace: [ 18.507524] show_stack+0x20/0x38 (C) [ 18.508275] dump_stack_lvl+0x8c/0xd0 [ 18.508545] print_report+0x118/0x5d0 [ 18.508619] kasan_report+0xdc/0x128 [ 18.508724] kasan_check_range+0x100/0x1a8 [ 18.508779] __kasan_check_read+0x20/0x30 [ 18.508824] copy_user_test_oob+0x728/0xec8 [ 18.509035] kunit_try_run_case+0x170/0x3f0 [ 18.509371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.509440] kthread+0x328/0x630 [ 18.509650] ret_from_fork+0x10/0x20 [ 18.509700] [ 18.510109] Allocated by task 286: [ 18.510237] kasan_save_stack+0x3c/0x68 [ 18.510287] kasan_save_track+0x20/0x40 [ 18.510326] kasan_save_alloc_info+0x40/0x58 [ 18.510569] __kasan_kmalloc+0xd4/0xd8 [ 18.510695] __kmalloc_noprof+0x198/0x4c8 [ 18.510854] kunit_kmalloc_array+0x34/0x88 [ 18.511154] copy_user_test_oob+0xac/0xec8 [ 18.511272] kunit_try_run_case+0x170/0x3f0 [ 18.511334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.511416] kthread+0x328/0x630 [ 18.511484] ret_from_fork+0x10/0x20 [ 18.511555] [ 18.511896] The buggy address belongs to the object at fff00000c77d3500 [ 18.511896] which belongs to the cache kmalloc-128 of size 128 [ 18.512126] The buggy address is located 0 bytes inside of [ 18.512126] allocated 120-byte region [fff00000c77d3500, fff00000c77d3578) [ 18.512525] [ 18.512656] The buggy address belongs to the physical page: [ 18.512693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.512767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.513201] page_type: f5(slab) [ 18.513548] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.513654] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.513822] page dumped because: kasan: bad access detected [ 18.514144] [ 18.514336] Memory state around the buggy address: [ 18.514388] fff00000c77d3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.514442] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.514489] >fff00000c77d3500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.514948] ^ [ 18.515065] fff00000c77d3580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.515117] fff00000c77d3600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.515515] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.428091] ================================================================== [ 18.428156] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.428219] Read of size 8 at addr fff00000c77d3478 by task kunit_try_catch/282 [ 18.428272] [ 18.428311] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.428399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.428428] Hardware name: linux,dummy-virt (DT) [ 18.428464] Call trace: [ 18.428494] show_stack+0x20/0x38 (C) [ 18.428566] dump_stack_lvl+0x8c/0xd0 [ 18.428616] print_report+0x118/0x5d0 [ 18.428664] kasan_report+0xdc/0x128 [ 18.428712] __asan_report_load8_noabort+0x20/0x30 [ 18.428765] copy_to_kernel_nofault+0x204/0x250 [ 18.428815] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.428864] kunit_try_run_case+0x170/0x3f0 [ 18.428914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.428966] kthread+0x328/0x630 [ 18.429009] ret_from_fork+0x10/0x20 [ 18.429060] [ 18.429080] Allocated by task 282: [ 18.429112] kasan_save_stack+0x3c/0x68 [ 18.429153] kasan_save_track+0x20/0x40 [ 18.429192] kasan_save_alloc_info+0x40/0x58 [ 18.429234] __kasan_kmalloc+0xd4/0xd8 [ 18.429273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.429315] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.429354] kunit_try_run_case+0x170/0x3f0 [ 18.429394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.429439] kthread+0x328/0x630 [ 18.429472] ret_from_fork+0x10/0x20 [ 18.429510] [ 18.432844] The buggy address belongs to the object at fff00000c77d3400 [ 18.432844] which belongs to the cache kmalloc-128 of size 128 [ 18.432926] The buggy address is located 0 bytes to the right of [ 18.432926] allocated 120-byte region [fff00000c77d3400, fff00000c77d3478) [ 18.432992] [ 18.433016] The buggy address belongs to the physical page: [ 18.433050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.433110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.433161] page_type: f5(slab) [ 18.433205] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.433257] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.433299] page dumped because: kasan: bad access detected [ 18.433333] [ 18.433353] Memory state around the buggy address: [ 18.433389] fff00000c77d3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.433432] fff00000c77d3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.433478] >fff00000c77d3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.433519] ^ [ 18.433726] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.433877] fff00000c77d3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.433959] ================================================================== [ 18.436173] ================================================================== [ 18.436547] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.436645] Write of size 8 at addr fff00000c77d3478 by task kunit_try_catch/282 [ 18.436708] [ 18.436743] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.436824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.437353] Hardware name: linux,dummy-virt (DT) [ 18.437474] Call trace: [ 18.437559] show_stack+0x20/0x38 (C) [ 18.437675] dump_stack_lvl+0x8c/0xd0 [ 18.437835] print_report+0x118/0x5d0 [ 18.437917] kasan_report+0xdc/0x128 [ 18.437969] kasan_check_range+0x100/0x1a8 [ 18.438278] __kasan_check_write+0x20/0x30 [ 18.438365] copy_to_kernel_nofault+0x8c/0x250 [ 18.438581] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.438687] kunit_try_run_case+0x170/0x3f0 [ 18.438916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439263] kthread+0x328/0x630 [ 18.439413] ret_from_fork+0x10/0x20 [ 18.439603] [ 18.439693] Allocated by task 282: [ 18.439749] kasan_save_stack+0x3c/0x68 [ 18.440189] kasan_save_track+0x20/0x40 [ 18.440284] kasan_save_alloc_info+0x40/0x58 [ 18.440407] __kasan_kmalloc+0xd4/0xd8 [ 18.440518] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.440612] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.440984] kunit_try_run_case+0x170/0x3f0 [ 18.441186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.441239] kthread+0x328/0x630 [ 18.441576] ret_from_fork+0x10/0x20 [ 18.441817] [ 18.441934] The buggy address belongs to the object at fff00000c77d3400 [ 18.441934] which belongs to the cache kmalloc-128 of size 128 [ 18.442048] The buggy address is located 0 bytes to the right of [ 18.442048] allocated 120-byte region [fff00000c77d3400, fff00000c77d3478) [ 18.442289] [ 18.442490] The buggy address belongs to the physical page: [ 18.442590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 18.442711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.442797] page_type: f5(slab) [ 18.442837] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.442891] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.442948] page dumped because: kasan: bad access detected [ 18.442980] [ 18.443011] Memory state around the buggy address: [ 18.443051] fff00000c77d3300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.443111] fff00000c77d3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443164] >fff00000c77d3400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.443205] ^ [ 18.443258] fff00000c77d3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443303] fff00000c77d3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443352] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.364788] ================================================================== [ 18.365431] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.365571] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 18.365630] [ 18.365668] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.366100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.366136] Hardware name: linux,dummy-virt (DT) [ 18.366193] Call trace: [ 18.366495] show_stack+0x20/0x38 (C) [ 18.366659] dump_stack_lvl+0x8c/0xd0 [ 18.367048] print_report+0x310/0x5d0 [ 18.367217] kasan_report+0xdc/0x128 [ 18.367378] __asan_report_load1_noabort+0x20/0x30 [ 18.367439] vmalloc_oob+0x578/0x5d0 [ 18.367659] kunit_try_run_case+0x170/0x3f0 [ 18.367842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.367982] kthread+0x328/0x630 [ 18.368041] ret_from_fork+0x10/0x20 [ 18.368091] [ 18.368133] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.368180] The buggy address belongs to the physical page: [ 18.368223] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10639b [ 18.368279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.368344] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.368396] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.368440] page dumped because: kasan: bad access detected [ 18.368499] [ 18.368520] Memory state around the buggy address: [ 18.368590] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.368664] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.368735] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.368786] ^ [ 18.368888] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.368944] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.368986] ================================================================== [ 18.370162] ================================================================== [ 18.370271] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.370366] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 18.370709] [ 18.370831] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.371157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.371602] Hardware name: linux,dummy-virt (DT) [ 18.371649] Call trace: [ 18.371674] show_stack+0x20/0x38 (C) [ 18.372070] dump_stack_lvl+0x8c/0xd0 [ 18.372410] print_report+0x310/0x5d0 [ 18.372652] kasan_report+0xdc/0x128 [ 18.372739] __asan_report_load1_noabort+0x20/0x30 [ 18.373025] vmalloc_oob+0x51c/0x5d0 [ 18.373226] kunit_try_run_case+0x170/0x3f0 [ 18.373399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.373515] kthread+0x328/0x630 [ 18.373826] ret_from_fork+0x10/0x20 [ 18.374274] [ 18.374310] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.374367] The buggy address belongs to the physical page: [ 18.374399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10639b [ 18.374462] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.375055] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.375250] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.375368] page dumped because: kasan: bad access detected [ 18.375571] [ 18.375630] Memory state around the buggy address: [ 18.375860] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.376062] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.376312] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.376494] ^ [ 18.376634] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.376719] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.376863] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.334883] ================================================================== [ 18.335224] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.335288] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.335340] [ 18.335550] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.335645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.335674] Hardware name: linux,dummy-virt (DT) [ 18.335708] Call trace: [ 18.335733] show_stack+0x20/0x38 (C) [ 18.336356] dump_stack_lvl+0x8c/0xd0 [ 18.336475] print_report+0x118/0x5d0 [ 18.336544] kasan_report+0xdc/0x128 [ 18.336906] kasan_check_range+0x100/0x1a8 [ 18.337033] __kasan_check_write+0x20/0x30 [ 18.337293] kasan_atomics_helper+0x17ec/0x4858 [ 18.337490] kasan_atomics+0x198/0x2e0 [ 18.337575] kunit_try_run_case+0x170/0x3f0 [ 18.337628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.337784] kthread+0x328/0x630 [ 18.337874] ret_from_fork+0x10/0x20 [ 18.338273] [ 18.338331] Allocated by task 266: [ 18.338585] kasan_save_stack+0x3c/0x68 [ 18.338804] kasan_save_track+0x20/0x40 [ 18.338887] kasan_save_alloc_info+0x40/0x58 [ 18.339018] __kasan_kmalloc+0xd4/0xd8 [ 18.339126] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.339269] kasan_atomics+0xb8/0x2e0 [ 18.339309] kunit_try_run_case+0x170/0x3f0 [ 18.339405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.339761] kthread+0x328/0x630 [ 18.340038] ret_from_fork+0x10/0x20 [ 18.340131] [ 18.340303] The buggy address belongs to the object at fff00000c63b4480 [ 18.340303] which belongs to the cache kmalloc-64 of size 64 [ 18.340391] The buggy address is located 0 bytes to the right of [ 18.340391] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.340853] [ 18.340941] The buggy address belongs to the physical page: [ 18.340996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.341271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.341420] page_type: f5(slab) [ 18.341602] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.341860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.342078] page dumped because: kasan: bad access detected [ 18.342247] [ 18.342293] Memory state around the buggy address: [ 18.342331] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.342780] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.343156] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.343226] ^ [ 18.343276] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343525] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.343714] ================================================================== [ 17.994306] ================================================================== [ 17.994379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 17.994706] Write of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 17.994777] [ 17.994812] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.994995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.995052] Hardware name: linux,dummy-virt (DT) [ 17.995228] Call trace: [ 17.995262] show_stack+0x20/0x38 (C) [ 17.995475] dump_stack_lvl+0x8c/0xd0 [ 17.995692] print_report+0x118/0x5d0 [ 17.995929] kasan_report+0xdc/0x128 [ 17.996016] kasan_check_range+0x100/0x1a8 [ 17.996070] __kasan_check_write+0x20/0x30 [ 17.996136] kasan_atomics_helper+0xad4/0x4858 [ 17.996559] kasan_atomics+0x198/0x2e0 [ 17.996716] kunit_try_run_case+0x170/0x3f0 [ 17.996801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.996908] kthread+0x328/0x630 [ 17.996975] ret_from_fork+0x10/0x20 [ 17.997052] [ 17.997092] Allocated by task 266: [ 17.997124] kasan_save_stack+0x3c/0x68 [ 17.997168] kasan_save_track+0x20/0x40 [ 17.997597] kasan_save_alloc_info+0x40/0x58 [ 17.997712] __kasan_kmalloc+0xd4/0xd8 [ 17.997790] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.997932] kasan_atomics+0xb8/0x2e0 [ 17.998010] kunit_try_run_case+0x170/0x3f0 [ 17.998052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.998312] kthread+0x328/0x630 [ 17.998706] ret_from_fork+0x10/0x20 [ 17.998896] [ 17.998953] The buggy address belongs to the object at fff00000c63b4480 [ 17.998953] which belongs to the cache kmalloc-64 of size 64 [ 17.999053] The buggy address is located 0 bytes to the right of [ 17.999053] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.999193] [ 17.999244] The buggy address belongs to the physical page: [ 17.999347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.999444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.999512] page_type: f5(slab) [ 17.999794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.000037] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.000184] page dumped because: kasan: bad access detected [ 18.000277] [ 18.000336] Memory state around the buggy address: [ 18.000471] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.000549] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.000767] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.000943] ^ [ 18.000985] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.003103] [ 18.003393] Call trace: [ 18.003581] dump_stack_lvl+0x8c/0xd0 [ 18.004703] kthread+0x328/0x630 [ 18.005251] kasan_save_track+0x20/0x40 [ 18.005311] kasan_save_alloc_info+0x40/0x58 [ 18.005395] __kasan_kmalloc+0xd4/0xd8 [ 18.005915] kasan_atomics+0xb8/0x2e0 [ 18.006895] The buggy address is located 0 bytes to the right of [ 18.006895] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.007517] page dumped because: kasan: bad access detected [ 18.007770] ^ [ 18.007806] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.008571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 18.009319] show_stack+0x20/0x38 (C) [ 18.012007] ret_from_fork+0x10/0x20 [ 18.013101] kasan_save_alloc_info+0x40/0x58 [ 18.013240] __kasan_kmalloc+0xd4/0xd8 [ 18.013450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.013572] kasan_atomics+0xb8/0x2e0 [ 18.014347] [ 18.014844] [ 18.015255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.016101] page dumped because: kasan: bad access detected [ 18.016778] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.018500] Read of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.020443] kasan_atomics+0x198/0x2e0 [ 18.022061] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.022288] kasan_atomics+0xb8/0x2e0 [ 18.022337] kunit_try_run_case+0x170/0x3f0 [ 18.022550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.023082] [ 18.023507] [ 18.023984] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.024678] page dumped because: kasan: bad access detected [ 18.025165] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.027160] ================================================================== [ 18.292862] ================================================================== [ 18.292960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.293155] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.293223] [ 18.293255] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.293337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.293366] Hardware name: linux,dummy-virt (DT) [ 18.293543] Call trace: [ 18.293598] show_stack+0x20/0x38 (C) [ 18.293714] dump_stack_lvl+0x8c/0xd0 [ 18.293882] print_report+0x118/0x5d0 [ 18.293973] kasan_report+0xdc/0x128 [ 18.294262] __asan_report_load8_noabort+0x20/0x30 [ 18.294324] kasan_atomics_helper+0x3df4/0x4858 [ 18.294453] kasan_atomics+0x198/0x2e0 [ 18.294805] kunit_try_run_case+0x170/0x3f0 [ 18.294953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.295252] kthread+0x328/0x630 [ 18.295393] ret_from_fork+0x10/0x20 [ 18.295613] [ 18.295720] Allocated by task 266: [ 18.295825] kasan_save_stack+0x3c/0x68 [ 18.295869] kasan_save_track+0x20/0x40 [ 18.295910] kasan_save_alloc_info+0x40/0x58 [ 18.295968] __kasan_kmalloc+0xd4/0xd8 [ 18.296363] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.296434] kasan_atomics+0xb8/0x2e0 [ 18.296472] kunit_try_run_case+0x170/0x3f0 [ 18.296513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.296570] kthread+0x328/0x630 [ 18.296604] ret_from_fork+0x10/0x20 [ 18.296652] [ 18.296945] The buggy address belongs to the object at fff00000c63b4480 [ 18.296945] which belongs to the cache kmalloc-64 of size 64 [ 18.297022] The buggy address is located 0 bytes to the right of [ 18.297022] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.297355] [ 18.297459] The buggy address belongs to the physical page: [ 18.297613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.297845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.297902] page_type: f5(slab) [ 18.297943] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.297997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.298209] page dumped because: kasan: bad access detected [ 18.298437] [ 18.298773] Memory state around the buggy address: [ 18.299096] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.299314] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.299380] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.299422] ^ [ 18.299965] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.300139] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.300681] ================================================================== [ 18.301474] ================================================================== [ 18.301528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.301592] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.301644] [ 18.301677] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.302339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.302453] Hardware name: linux,dummy-virt (DT) [ 18.302666] Call trace: [ 18.302714] show_stack+0x20/0x38 (C) [ 18.302771] dump_stack_lvl+0x8c/0xd0 [ 18.302830] print_report+0x118/0x5d0 [ 18.303060] kasan_report+0xdc/0x128 [ 18.303434] kasan_check_range+0x100/0x1a8 [ 18.303721] __kasan_check_write+0x20/0x30 [ 18.303816] kasan_atomics_helper+0x16d0/0x4858 [ 18.303980] kasan_atomics+0x198/0x2e0 [ 18.304061] kunit_try_run_case+0x170/0x3f0 [ 18.304313] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.304815] kthread+0x328/0x630 [ 18.305072] ret_from_fork+0x10/0x20 [ 18.305255] [ 18.305323] Allocated by task 266: [ 18.305356] kasan_save_stack+0x3c/0x68 [ 18.305595] kasan_save_track+0x20/0x40 [ 18.305806] kasan_save_alloc_info+0x40/0x58 [ 18.305900] __kasan_kmalloc+0xd4/0xd8 [ 18.306126] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.306209] kasan_atomics+0xb8/0x2e0 [ 18.306395] kunit_try_run_case+0x170/0x3f0 [ 18.306474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.306687] kthread+0x328/0x630 [ 18.306730] ret_from_fork+0x10/0x20 [ 18.306909] [ 18.307207] The buggy address belongs to the object at fff00000c63b4480 [ 18.307207] which belongs to the cache kmalloc-64 of size 64 [ 18.307391] The buggy address is located 0 bytes to the right of [ 18.307391] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.307639] [ 18.307878] The buggy address belongs to the physical page: [ 18.307922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.308056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.308142] page_type: f5(slab) [ 18.308183] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.308246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.308301] page dumped because: kasan: bad access detected [ 18.308344] [ 18.308374] Memory state around the buggy address: [ 18.308423] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.308469] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.308515] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.308566] ^ [ 18.308613] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.308655] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.308704] ================================================================== [ 17.824388] ================================================================== [ 17.825989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 17.827134] Call trace: [ 17.828146] ret_from_fork+0x10/0x20 [ 17.828653] ret_from_fork+0x10/0x20 [ 17.828861] [ 17.828927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.829147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.829415] ^ [ 17.831929] ================================================================== [ 18.142480] ================================================================== [ 18.142556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.142608] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.143053] [ 18.143105] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.143279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.143325] Hardware name: linux,dummy-virt (DT) [ 18.143361] Call trace: [ 18.143385] show_stack+0x20/0x38 (C) [ 18.143438] dump_stack_lvl+0x8c/0xd0 [ 18.143803] print_report+0x118/0x5d0 [ 18.143872] kasan_report+0xdc/0x128 [ 18.143920] kasan_check_range+0x100/0x1a8 [ 18.143970] __kasan_check_write+0x20/0x30 [ 18.144017] kasan_atomics_helper+0xff0/0x4858 [ 18.144066] kasan_atomics+0x198/0x2e0 [ 18.144114] kunit_try_run_case+0x170/0x3f0 [ 18.144161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.144214] kthread+0x328/0x630 [ 18.144258] ret_from_fork+0x10/0x20 [ 18.144367] [ 18.144390] Allocated by task 266: [ 18.144445] kasan_save_stack+0x3c/0x68 [ 18.144502] kasan_save_track+0x20/0x40 [ 18.144553] kasan_save_alloc_info+0x40/0x58 [ 18.144606] __kasan_kmalloc+0xd4/0xd8 [ 18.144645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.144687] kasan_atomics+0xb8/0x2e0 [ 18.144724] kunit_try_run_case+0x170/0x3f0 [ 18.144764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.144810] kthread+0x328/0x630 [ 18.144854] ret_from_fork+0x10/0x20 [ 18.144908] [ 18.144939] The buggy address belongs to the object at fff00000c63b4480 [ 18.144939] which belongs to the cache kmalloc-64 of size 64 [ 18.145002] The buggy address is located 0 bytes to the right of [ 18.145002] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.145067] [ 18.145090] The buggy address belongs to the physical page: [ 18.145122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.145174] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.145232] page_type: f5(slab) [ 18.145274] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.145327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.145371] page dumped because: kasan: bad access detected [ 18.145413] [ 18.145434] Memory state around the buggy address: [ 18.145476] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.145522] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.146585] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.146955] ^ [ 18.147003] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147155] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.147542] ================================================================== [ 18.159861] ================================================================== [ 18.159924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.159999] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.160361] [ 18.160769] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.160966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.161033] Hardware name: linux,dummy-virt (DT) [ 18.161069] Call trace: [ 18.161096] show_stack+0x20/0x38 (C) [ 18.161356] dump_stack_lvl+0x8c/0xd0 [ 18.161732] print_report+0x118/0x5d0 [ 18.161940] kasan_report+0xdc/0x128 [ 18.162149] kasan_check_range+0x100/0x1a8 [ 18.162277] __kasan_check_write+0x20/0x30 [ 18.162367] kasan_atomics_helper+0x10c0/0x4858 [ 18.162426] kasan_atomics+0x198/0x2e0 [ 18.162473] kunit_try_run_case+0x170/0x3f0 [ 18.162939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.163366] kthread+0x328/0x630 [ 18.163440] ret_from_fork+0x10/0x20 [ 18.163643] [ 18.163713] Allocated by task 266: [ 18.163745] kasan_save_stack+0x3c/0x68 [ 18.163985] kasan_save_track+0x20/0x40 [ 18.164222] kasan_save_alloc_info+0x40/0x58 [ 18.164307] __kasan_kmalloc+0xd4/0xd8 [ 18.164654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.164810] kasan_atomics+0xb8/0x2e0 [ 18.165120] kunit_try_run_case+0x170/0x3f0 [ 18.165345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.165734] kthread+0x328/0x630 [ 18.165906] ret_from_fork+0x10/0x20 [ 18.166111] [ 18.166141] The buggy address belongs to the object at fff00000c63b4480 [ 18.166141] which belongs to the cache kmalloc-64 of size 64 [ 18.166238] The buggy address is located 0 bytes to the right of [ 18.166238] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.166551] [ 18.166700] The buggy address belongs to the physical page: [ 18.166944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.167006] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.167249] page_type: f5(slab) [ 18.167312] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.167368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.167412] page dumped because: kasan: bad access detected [ 18.167447] [ 18.167818] Memory state around the buggy address: [ 18.168009] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168563] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168945] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.168994] ^ [ 18.169031] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169784] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169856] ================================================================== [ 18.231177] ================================================================== [ 18.231231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.231283] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.231336] [ 18.231855] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.232124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.232300] Hardware name: linux,dummy-virt (DT) [ 18.232345] Call trace: [ 18.232372] show_stack+0x20/0x38 (C) [ 18.232659] dump_stack_lvl+0x8c/0xd0 [ 18.232739] print_report+0x118/0x5d0 [ 18.232858] kasan_report+0xdc/0x128 [ 18.232912] kasan_check_range+0x100/0x1a8 [ 18.232969] __kasan_check_write+0x20/0x30 [ 18.233024] kasan_atomics_helper+0x1414/0x4858 [ 18.233074] kasan_atomics+0x198/0x2e0 [ 18.233586] kunit_try_run_case+0x170/0x3f0 [ 18.233664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.233852] kthread+0x328/0x630 [ 18.233952] ret_from_fork+0x10/0x20 [ 18.234004] [ 18.234053] Allocated by task 266: [ 18.234390] kasan_save_stack+0x3c/0x68 [ 18.234739] kasan_save_track+0x20/0x40 [ 18.234924] kasan_save_alloc_info+0x40/0x58 [ 18.235020] __kasan_kmalloc+0xd4/0xd8 [ 18.235109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.235238] kasan_atomics+0xb8/0x2e0 [ 18.235307] kunit_try_run_case+0x170/0x3f0 [ 18.235742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.236066] kthread+0x328/0x630 [ 18.236490] ret_from_fork+0x10/0x20 [ 18.236816] [ 18.236847] The buggy address belongs to the object at fff00000c63b4480 [ 18.236847] which belongs to the cache kmalloc-64 of size 64 [ 18.236944] The buggy address is located 0 bytes to the right of [ 18.236944] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.237152] [ 18.237230] The buggy address belongs to the physical page: [ 18.237490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.237935] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.238027] page_type: f5(slab) [ 18.238327] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.238394] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.238897] page dumped because: kasan: bad access detected [ 18.239397] [ 18.239590] Memory state around the buggy address: [ 18.239816] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.240048] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.240434] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.240649] ^ [ 18.240719] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.241110] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.241592] ================================================================== [ 18.067498] ================================================================== [ 18.067602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.067696] Read of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.067949] [ 18.068067] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.068155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.068193] Hardware name: linux,dummy-virt (DT) [ 18.068226] Call trace: [ 18.068314] show_stack+0x20/0x38 (C) [ 18.068389] dump_stack_lvl+0x8c/0xd0 [ 18.068454] print_report+0x118/0x5d0 [ 18.068699] kasan_report+0xdc/0x128 [ 18.068753] __asan_report_load4_noabort+0x20/0x30 [ 18.068918] kasan_atomics_helper+0x3e04/0x4858 [ 18.069012] kasan_atomics+0x198/0x2e0 [ 18.069059] kunit_try_run_case+0x170/0x3f0 [ 18.069108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.069164] kthread+0x328/0x630 [ 18.069219] ret_from_fork+0x10/0x20 [ 18.069269] [ 18.069289] Allocated by task 266: [ 18.069320] kasan_save_stack+0x3c/0x68 [ 18.069363] kasan_save_track+0x20/0x40 [ 18.069403] kasan_save_alloc_info+0x40/0x58 [ 18.069449] __kasan_kmalloc+0xd4/0xd8 [ 18.069498] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.069707] kasan_atomics+0xb8/0x2e0 [ 18.069929] kunit_try_run_case+0x170/0x3f0 [ 18.070263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.070353] kthread+0x328/0x630 [ 18.070396] ret_from_fork+0x10/0x20 [ 18.070583] [ 18.070686] The buggy address belongs to the object at fff00000c63b4480 [ 18.070686] which belongs to the cache kmalloc-64 of size 64 [ 18.070858] The buggy address is located 0 bytes to the right of [ 18.070858] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.071085] [ 18.071175] The buggy address belongs to the physical page: [ 18.071269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.071406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.071466] page_type: f5(slab) [ 18.071505] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.072161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.072313] page dumped because: kasan: bad access detected [ 18.072433] [ 18.072554] Memory state around the buggy address: [ 18.072661] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.072747] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.073050] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.073235] ^ [ 18.073410] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073482] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073525] ================================================================== [ 18.223630] ================================================================== [ 18.223693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.223746] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.223799] [ 18.223875] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.223962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.223992] Hardware name: linux,dummy-virt (DT) [ 18.224163] Call trace: [ 18.224448] show_stack+0x20/0x38 (C) [ 18.224523] dump_stack_lvl+0x8c/0xd0 [ 18.224921] print_report+0x118/0x5d0 [ 18.225344] kasan_report+0xdc/0x128 [ 18.225563] __asan_report_load8_noabort+0x20/0x30 [ 18.225644] kasan_atomics_helper+0x3f04/0x4858 [ 18.225761] kasan_atomics+0x198/0x2e0 [ 18.225814] kunit_try_run_case+0x170/0x3f0 [ 18.225866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.225927] kthread+0x328/0x630 [ 18.226230] ret_from_fork+0x10/0x20 [ 18.226809] [ 18.226873] Allocated by task 266: [ 18.226988] kasan_save_stack+0x3c/0x68 [ 18.227084] kasan_save_track+0x20/0x40 [ 18.227321] kasan_save_alloc_info+0x40/0x58 [ 18.227382] __kasan_kmalloc+0xd4/0xd8 [ 18.227617] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.227671] kasan_atomics+0xb8/0x2e0 [ 18.227721] kunit_try_run_case+0x170/0x3f0 [ 18.227761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.227826] kthread+0x328/0x630 [ 18.227869] ret_from_fork+0x10/0x20 [ 18.227907] [ 18.227929] The buggy address belongs to the object at fff00000c63b4480 [ 18.227929] which belongs to the cache kmalloc-64 of size 64 [ 18.228000] The buggy address is located 0 bytes to the right of [ 18.228000] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.228077] [ 18.228114] The buggy address belongs to the physical page: [ 18.228170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.228235] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.228284] page_type: f5(slab) [ 18.228331] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.228386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.228429] page dumped because: kasan: bad access detected [ 18.228473] [ 18.228494] Memory state around the buggy address: [ 18.228539] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.228893] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.228965] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.229298] ^ [ 18.229373] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.229705] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.229799] ================================================================== [ 18.132334] ================================================================== [ 18.132431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.132494] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.132606] [ 18.132649] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.132963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.133009] Hardware name: linux,dummy-virt (DT) [ 18.133048] Call trace: [ 18.133074] show_stack+0x20/0x38 (C) [ 18.133125] dump_stack_lvl+0x8c/0xd0 [ 18.133174] print_report+0x118/0x5d0 [ 18.133221] kasan_report+0xdc/0x128 [ 18.133269] kasan_check_range+0x100/0x1a8 [ 18.133317] __kasan_check_write+0x20/0x30 [ 18.133479] kasan_atomics_helper+0xf88/0x4858 [ 18.133558] kasan_atomics+0x198/0x2e0 [ 18.133608] kunit_try_run_case+0x170/0x3f0 [ 18.133657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.134233] kthread+0x328/0x630 [ 18.134345] ret_from_fork+0x10/0x20 [ 18.134464] [ 18.134485] Allocated by task 266: [ 18.134518] kasan_save_stack+0x3c/0x68 [ 18.134573] kasan_save_track+0x20/0x40 [ 18.134614] kasan_save_alloc_info+0x40/0x58 [ 18.135263] __kasan_kmalloc+0xd4/0xd8 [ 18.135476] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.135745] kasan_atomics+0xb8/0x2e0 [ 18.135906] kunit_try_run_case+0x170/0x3f0 [ 18.136394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.136872] kthread+0x328/0x630 [ 18.136942] ret_from_fork+0x10/0x20 [ 18.137146] [ 18.137255] The buggy address belongs to the object at fff00000c63b4480 [ 18.137255] which belongs to the cache kmalloc-64 of size 64 [ 18.137489] The buggy address is located 0 bytes to the right of [ 18.137489] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.137902] [ 18.137929] The buggy address belongs to the physical page: [ 18.137964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.138152] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.138544] page_type: f5(slab) [ 18.138769] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.138990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.139421] page dumped because: kasan: bad access detected [ 18.139469] [ 18.139821] Memory state around the buggy address: [ 18.140015] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.140381] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.140844] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.141018] ^ [ 18.141161] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.141591] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.141662] ================================================================== [ 18.170687] ================================================================== [ 18.170781] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.170966] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.171028] [ 18.171064] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.171153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.171307] Hardware name: linux,dummy-virt (DT) [ 18.171637] Call trace: [ 18.171762] show_stack+0x20/0x38 (C) [ 18.171823] dump_stack_lvl+0x8c/0xd0 [ 18.171945] print_report+0x118/0x5d0 [ 18.172000] kasan_report+0xdc/0x128 [ 18.172075] kasan_check_range+0x100/0x1a8 [ 18.172202] __kasan_check_write+0x20/0x30 [ 18.172256] kasan_atomics_helper+0x1128/0x4858 [ 18.172313] kasan_atomics+0x198/0x2e0 [ 18.172366] kunit_try_run_case+0x170/0x3f0 [ 18.172798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.172877] kthread+0x328/0x630 [ 18.172923] ret_from_fork+0x10/0x20 [ 18.172971] [ 18.172994] Allocated by task 266: [ 18.173153] kasan_save_stack+0x3c/0x68 [ 18.173221] kasan_save_track+0x20/0x40 [ 18.173262] kasan_save_alloc_info+0x40/0x58 [ 18.173313] __kasan_kmalloc+0xd4/0xd8 [ 18.173351] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.173392] kasan_atomics+0xb8/0x2e0 [ 18.173431] kunit_try_run_case+0x170/0x3f0 [ 18.173478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.173525] kthread+0x328/0x630 [ 18.173994] ret_from_fork+0x10/0x20 [ 18.174036] [ 18.174059] The buggy address belongs to the object at fff00000c63b4480 [ 18.174059] which belongs to the cache kmalloc-64 of size 64 [ 18.174602] The buggy address is located 0 bytes to the right of [ 18.174602] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.174838] [ 18.174910] The buggy address belongs to the physical page: [ 18.174945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.175351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.175563] page_type: f5(slab) [ 18.175639] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.175848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.176195] page dumped because: kasan: bad access detected [ 18.176264] [ 18.176670] Memory state around the buggy address: [ 18.176738] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.177020] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.177205] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.177300] ^ [ 18.177596] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.177655] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.177697] ================================================================== [ 17.797273] ================================================================== [ 17.798272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 17.799017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.799551] print_report+0x118/0x5d0 [ 17.800013] kasan_atomics+0x198/0x2e0 [ 17.801776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.803134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.803625] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.803814] ================================================================== [ 18.112698] ================================================================== [ 18.113332] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.113404] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.113456] [ 18.113499] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.113860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.113912] Hardware name: linux,dummy-virt (DT) [ 18.114378] Call trace: [ 18.114424] show_stack+0x20/0x38 (C) [ 18.114578] dump_stack_lvl+0x8c/0xd0 [ 18.114684] print_report+0x118/0x5d0 [ 18.114736] kasan_report+0xdc/0x128 [ 18.115068] kasan_check_range+0x100/0x1a8 [ 18.115409] __kasan_check_write+0x20/0x30 [ 18.115602] kasan_atomics_helper+0xeb8/0x4858 [ 18.115717] kasan_atomics+0x198/0x2e0 [ 18.115840] kunit_try_run_case+0x170/0x3f0 [ 18.115936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.116051] kthread+0x328/0x630 [ 18.116407] ret_from_fork+0x10/0x20 [ 18.116805] [ 18.116947] Allocated by task 266: [ 18.117113] kasan_save_stack+0x3c/0x68 [ 18.117357] kasan_save_track+0x20/0x40 [ 18.117574] kasan_save_alloc_info+0x40/0x58 [ 18.117735] __kasan_kmalloc+0xd4/0xd8 [ 18.117828] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.117879] kasan_atomics+0xb8/0x2e0 [ 18.117918] kunit_try_run_case+0x170/0x3f0 [ 18.117958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.118628] kthread+0x328/0x630 [ 18.118679] ret_from_fork+0x10/0x20 [ 18.118720] [ 18.118766] The buggy address belongs to the object at fff00000c63b4480 [ 18.118766] which belongs to the cache kmalloc-64 of size 64 [ 18.118840] The buggy address is located 0 bytes to the right of [ 18.118840] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.118916] [ 18.118940] The buggy address belongs to the physical page: [ 18.118982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.119040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.119091] page_type: f5(slab) [ 18.119146] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.119217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.119260] page dumped because: kasan: bad access detected [ 18.119295] [ 18.119331] Memory state around the buggy address: [ 18.119373] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.119423] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.119476] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.119517] ^ [ 18.119564] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.119608] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.119658] ================================================================== [ 18.287364] ================================================================== [ 18.287438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.287670] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.287781] [ 18.287827] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.288107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.288149] Hardware name: linux,dummy-virt (DT) [ 18.288219] Call trace: [ 18.288600] show_stack+0x20/0x38 (C) [ 18.288718] dump_stack_lvl+0x8c/0xd0 [ 18.288770] print_report+0x118/0x5d0 [ 18.288984] kasan_report+0xdc/0x128 [ 18.289224] kasan_check_range+0x100/0x1a8 [ 18.289278] __kasan_check_write+0x20/0x30 [ 18.289353] kasan_atomics_helper+0x1644/0x4858 [ 18.289545] kasan_atomics+0x198/0x2e0 [ 18.289611] kunit_try_run_case+0x170/0x3f0 [ 18.289662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.289832] kthread+0x328/0x630 [ 18.289983] ret_from_fork+0x10/0x20 [ 18.290107] [ 18.290262] Allocated by task 266: [ 18.290358] kasan_save_stack+0x3c/0x68 [ 18.290519] kasan_save_track+0x20/0x40 [ 18.290571] kasan_save_alloc_info+0x40/0x58 [ 18.290648] __kasan_kmalloc+0xd4/0xd8 [ 18.290687] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.290728] kasan_atomics+0xb8/0x2e0 [ 18.290766] kunit_try_run_case+0x170/0x3f0 [ 18.290806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.290849] kthread+0x328/0x630 [ 18.290885] ret_from_fork+0x10/0x20 [ 18.291091] [ 18.291141] The buggy address belongs to the object at fff00000c63b4480 [ 18.291141] which belongs to the cache kmalloc-64 of size 64 [ 18.291263] The buggy address is located 0 bytes to the right of [ 18.291263] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.291377] [ 18.291401] The buggy address belongs to the physical page: [ 18.291435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.291489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.291743] page_type: f5(slab) [ 18.291881] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.291989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.292057] page dumped because: kasan: bad access detected [ 18.292104] [ 18.292124] Memory state around the buggy address: [ 18.292159] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.292205] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.292492] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.292548] ^ [ 18.292597] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.292654] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.292703] ================================================================== [ 18.178868] ================================================================== [ 18.178929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.178994] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.179093] [ 18.179156] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.179426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.179462] Hardware name: linux,dummy-virt (DT) [ 18.179506] Call trace: [ 18.179635] show_stack+0x20/0x38 (C) [ 18.179698] dump_stack_lvl+0x8c/0xd0 [ 18.179986] print_report+0x118/0x5d0 [ 18.180056] kasan_report+0xdc/0x128 [ 18.180224] kasan_check_range+0x100/0x1a8 [ 18.180476] __kasan_check_write+0x20/0x30 [ 18.180557] kasan_atomics_helper+0x1190/0x4858 [ 18.180804] kasan_atomics+0x198/0x2e0 [ 18.180875] kunit_try_run_case+0x170/0x3f0 [ 18.181270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.181565] kthread+0x328/0x630 [ 18.181754] ret_from_fork+0x10/0x20 [ 18.181871] [ 18.181923] Allocated by task 266: [ 18.182007] kasan_save_stack+0x3c/0x68 [ 18.182087] kasan_save_track+0x20/0x40 [ 18.182228] kasan_save_alloc_info+0x40/0x58 [ 18.182291] __kasan_kmalloc+0xd4/0xd8 [ 18.182331] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.182378] kasan_atomics+0xb8/0x2e0 [ 18.182420] kunit_try_run_case+0x170/0x3f0 [ 18.183153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.183379] kthread+0x328/0x630 [ 18.183499] ret_from_fork+0x10/0x20 [ 18.183648] [ 18.183707] The buggy address belongs to the object at fff00000c63b4480 [ 18.183707] which belongs to the cache kmalloc-64 of size 64 [ 18.183836] The buggy address is located 0 bytes to the right of [ 18.183836] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.183970] [ 18.184063] The buggy address belongs to the physical page: [ 18.184128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.184182] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.184237] page_type: f5(slab) [ 18.184313] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.184369] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.184413] page dumped because: kasan: bad access detected [ 18.184456] [ 18.184476] Memory state around the buggy address: [ 18.184525] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.184581] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.184626] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.184666] ^ [ 18.184714] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.184759] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.184798] ================================================================== [ 18.203658] ================================================================== [ 18.203708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.203757] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.203809] [ 18.203862] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.203945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203975] Hardware name: linux,dummy-virt (DT) [ 18.204008] Call trace: [ 18.204043] show_stack+0x20/0x38 (C) [ 18.204094] dump_stack_lvl+0x8c/0xd0 [ 18.204142] print_report+0x118/0x5d0 [ 18.204191] kasan_report+0xdc/0x128 [ 18.204238] kasan_check_range+0x100/0x1a8 [ 18.204293] __kasan_check_write+0x20/0x30 [ 18.204341] kasan_atomics_helper+0x12d8/0x4858 [ 18.204391] kasan_atomics+0x198/0x2e0 [ 18.204445] kunit_try_run_case+0x170/0x3f0 [ 18.204496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.205381] kthread+0x328/0x630 [ 18.205458] ret_from_fork+0x10/0x20 [ 18.205523] [ 18.205563] Allocated by task 266: [ 18.205603] kasan_save_stack+0x3c/0x68 [ 18.205648] kasan_save_track+0x20/0x40 [ 18.206011] kasan_save_alloc_info+0x40/0x58 [ 18.206159] __kasan_kmalloc+0xd4/0xd8 [ 18.206385] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.206448] kasan_atomics+0xb8/0x2e0 [ 18.206488] kunit_try_run_case+0x170/0x3f0 [ 18.206538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.206583] kthread+0x328/0x630 [ 18.207212] ret_from_fork+0x10/0x20 [ 18.207411] [ 18.207543] The buggy address belongs to the object at fff00000c63b4480 [ 18.207543] which belongs to the cache kmalloc-64 of size 64 [ 18.208037] The buggy address is located 0 bytes to the right of [ 18.208037] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.208443] [ 18.208496] The buggy address belongs to the physical page: [ 18.208564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.208805] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.208865] page_type: f5(slab) [ 18.209439] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.209512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.210159] page dumped because: kasan: bad access detected [ 18.210461] [ 18.210502] Memory state around the buggy address: [ 18.210563] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.210612] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.210657] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.211089] ^ [ 18.211446] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.211496] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.211688] ================================================================== [ 18.212813] ================================================================== [ 18.213019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.213223] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.213307] [ 18.213342] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.213846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.214115] Hardware name: linux,dummy-virt (DT) [ 18.214198] Call trace: [ 18.214279] show_stack+0x20/0x38 (C) [ 18.214414] dump_stack_lvl+0x8c/0xd0 [ 18.214468] print_report+0x118/0x5d0 [ 18.214518] kasan_report+0xdc/0x128 [ 18.214580] kasan_check_range+0x100/0x1a8 [ 18.214944] __kasan_check_write+0x20/0x30 [ 18.215198] kasan_atomics_helper+0x1384/0x4858 [ 18.215418] kasan_atomics+0x198/0x2e0 [ 18.215594] kunit_try_run_case+0x170/0x3f0 [ 18.215716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.215774] kthread+0x328/0x630 [ 18.216032] ret_from_fork+0x10/0x20 [ 18.216431] [ 18.216494] Allocated by task 266: [ 18.216698] kasan_save_stack+0x3c/0x68 [ 18.216805] kasan_save_track+0x20/0x40 [ 18.216964] kasan_save_alloc_info+0x40/0x58 [ 18.217010] __kasan_kmalloc+0xd4/0xd8 [ 18.217210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.217273] kasan_atomics+0xb8/0x2e0 [ 18.217483] kunit_try_run_case+0x170/0x3f0 [ 18.217844] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218020] kthread+0x328/0x630 [ 18.218107] ret_from_fork+0x10/0x20 [ 18.218227] [ 18.218251] The buggy address belongs to the object at fff00000c63b4480 [ 18.218251] which belongs to the cache kmalloc-64 of size 64 [ 18.218327] The buggy address is located 0 bytes to the right of [ 18.218327] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.218542] [ 18.218941] The buggy address belongs to the physical page: [ 18.219178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.219303] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.219364] page_type: f5(slab) [ 18.219757] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.219849] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.220180] page dumped because: kasan: bad access detected [ 18.220225] [ 18.220593] Memory state around the buggy address: [ 18.220881] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.221119] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.221386] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.221565] ^ [ 18.221759] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.222016] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.222434] ================================================================== [ 17.966859] ================================================================== [ 17.966959] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 17.967494] Write of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 17.967660] [ 17.967696] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.968156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.968213] Hardware name: linux,dummy-virt (DT) [ 17.968302] Call trace: [ 17.968331] show_stack+0x20/0x38 (C) [ 17.968384] dump_stack_lvl+0x8c/0xd0 [ 17.968431] print_report+0x118/0x5d0 [ 17.968637] kasan_report+0xdc/0x128 [ 17.968753] kasan_check_range+0x100/0x1a8 [ 17.968916] __kasan_check_write+0x20/0x30 [ 17.969231] kasan_atomics_helper+0x99c/0x4858 [ 17.969309] kasan_atomics+0x198/0x2e0 [ 17.969360] kunit_try_run_case+0x170/0x3f0 [ 17.969729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.970019] kthread+0x328/0x630 [ 17.970165] ret_from_fork+0x10/0x20 [ 17.970218] [ 17.970268] Allocated by task 266: [ 17.970300] kasan_save_stack+0x3c/0x68 [ 17.970460] kasan_save_track+0x20/0x40 [ 17.970679] kasan_save_alloc_info+0x40/0x58 [ 17.970833] __kasan_kmalloc+0xd4/0xd8 [ 17.970921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.971080] kasan_atomics+0xb8/0x2e0 [ 17.971169] kunit_try_run_case+0x170/0x3f0 [ 17.971228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.971631] kthread+0x328/0x630 [ 17.971833] ret_from_fork+0x10/0x20 [ 17.971920] [ 17.972038] The buggy address belongs to the object at fff00000c63b4480 [ 17.972038] which belongs to the cache kmalloc-64 of size 64 [ 17.972129] The buggy address is located 0 bytes to the right of [ 17.972129] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.972229] [ 17.972383] The buggy address belongs to the physical page: [ 17.972485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.972650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.972729] page_type: f5(slab) [ 17.972770] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.972829] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.972884] page dumped because: kasan: bad access detected [ 17.972933] [ 17.972954] Memory state around the buggy address: [ 17.973009] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.973055] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.973109] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.973150] ^ [ 17.973186] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973240] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.975294] Write of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 17.978138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.978244] kthread+0x328/0x630 [ 17.978408] ret_from_fork+0x10/0x20 [ 17.978582] [ 17.978660] Allocated by task 266: [ 17.978799] kasan_save_stack+0x3c/0x68 [ 17.978970] kasan_save_track+0x20/0x40 [ 17.979059] kasan_save_alloc_info+0x40/0x58 [ 17.979247] __kasan_kmalloc+0xd4/0xd8 [ 17.979580] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.979701] kasan_atomics+0xb8/0x2e0 [ 17.979750] kunit_try_run_case+0x170/0x3f0 [ 17.980068] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.980192] kthread+0x328/0x630 [ 17.980269] ret_from_fork+0x10/0x20 [ 17.980461] [ 17.980635] The buggy address belongs to the object at fff00000c63b4480 [ 17.980635] which belongs to the cache kmalloc-64 of size 64 [ 17.980742] The buggy address is located 0 bytes to the right of [ 17.980742] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.981015] [ 17.981157] The buggy address belongs to the physical page: [ 17.981381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.981598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.981790] page_type: f5(slab) [ 17.982073] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.982133] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.982337] page dumped because: kasan: bad access detected [ 17.982582] [ 17.982642] Memory state around the buggy address: [ 17.982699] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983106] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983240] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.983312] ^ [ 17.983351] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.983541] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.983754] ================================================================== [ 18.310151] ================================================================== [ 18.310240] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.310295] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.310346] [ 18.310378] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.310898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.311130] Hardware name: linux,dummy-virt (DT) [ 18.311194] Call trace: [ 18.311234] show_stack+0x20/0x38 (C) [ 18.311479] dump_stack_lvl+0x8c/0xd0 [ 18.311642] print_report+0x118/0x5d0 [ 18.311715] kasan_report+0xdc/0x128 [ 18.311763] __asan_report_load8_noabort+0x20/0x30 [ 18.311832] kasan_atomics_helper+0x3e10/0x4858 [ 18.312073] kasan_atomics+0x198/0x2e0 [ 18.312404] kunit_try_run_case+0x170/0x3f0 [ 18.312604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.312674] kthread+0x328/0x630 [ 18.312719] ret_from_fork+0x10/0x20 [ 18.312901] [ 18.312937] Allocated by task 266: [ 18.312970] kasan_save_stack+0x3c/0x68 [ 18.313016] kasan_save_track+0x20/0x40 [ 18.313376] kasan_save_alloc_info+0x40/0x58 [ 18.313647] __kasan_kmalloc+0xd4/0xd8 [ 18.313899] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.313983] kasan_atomics+0xb8/0x2e0 [ 18.314095] kunit_try_run_case+0x170/0x3f0 [ 18.314183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.314231] kthread+0x328/0x630 [ 18.314274] ret_from_fork+0x10/0x20 [ 18.314501] [ 18.314739] The buggy address belongs to the object at fff00000c63b4480 [ 18.314739] which belongs to the cache kmalloc-64 of size 64 [ 18.314840] The buggy address is located 0 bytes to the right of [ 18.314840] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.315260] [ 18.315935] The buggy address belongs to the physical page: [ 18.316007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.316097] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.316149] page_type: f5(slab) [ 18.316441] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.316817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.316968] page dumped because: kasan: bad access detected [ 18.317078] [ 18.317137] Memory state around the buggy address: [ 18.317173] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.317423] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.317521] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.317743] ^ [ 18.317929] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.317984] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318025] ================================================================== [ 18.101236] ================================================================== [ 18.101312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.101366] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.101739] [ 18.101803] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.101895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.102341] Hardware name: linux,dummy-virt (DT) [ 18.102749] Call trace: [ 18.102839] show_stack+0x20/0x38 (C) [ 18.102988] dump_stack_lvl+0x8c/0xd0 [ 18.103074] print_report+0x118/0x5d0 [ 18.103177] kasan_report+0xdc/0x128 [ 18.103464] __asan_report_store8_noabort+0x20/0x30 [ 18.103796] kasan_atomics_helper+0x3e5c/0x4858 [ 18.104058] kasan_atomics+0x198/0x2e0 [ 18.104175] kunit_try_run_case+0x170/0x3f0 [ 18.104393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104465] kthread+0x328/0x630 [ 18.104756] ret_from_fork+0x10/0x20 [ 18.105752] [ 18.105802] Allocated by task 266: [ 18.105862] kasan_save_stack+0x3c/0x68 [ 18.105925] kasan_save_track+0x20/0x40 [ 18.105965] kasan_save_alloc_info+0x40/0x58 [ 18.106009] __kasan_kmalloc+0xd4/0xd8 [ 18.106048] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.106291] kasan_atomics+0xb8/0x2e0 [ 18.106750] kunit_try_run_case+0x170/0x3f0 [ 18.107161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.107326] kthread+0x328/0x630 [ 18.107528] ret_from_fork+0x10/0x20 [ 18.107909] [ 18.108007] The buggy address belongs to the object at fff00000c63b4480 [ 18.108007] which belongs to the cache kmalloc-64 of size 64 [ 18.108228] The buggy address is located 0 bytes to the right of [ 18.108228] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.108422] [ 18.108445] The buggy address belongs to the physical page: [ 18.108878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.109297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.109764] page_type: f5(slab) [ 18.110006] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.110094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.110331] page dumped because: kasan: bad access detected [ 18.110415] [ 18.110673] Memory state around the buggy address: [ 18.110803] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.111086] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.111132] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.111214] ^ [ 18.111251] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111459] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.111524] ================================================================== [ 18.242626] ================================================================== [ 18.242686] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.242740] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.242984] [ 18.243475] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.243589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.243621] Hardware name: linux,dummy-virt (DT) [ 18.243656] Call trace: [ 18.243682] show_stack+0x20/0x38 (C) [ 18.243736] dump_stack_lvl+0x8c/0xd0 [ 18.243782] print_report+0x118/0x5d0 [ 18.243831] kasan_report+0xdc/0x128 [ 18.243899] kasan_check_range+0x100/0x1a8 [ 18.243950] __kasan_check_write+0x20/0x30 [ 18.244002] kasan_atomics_helper+0x147c/0x4858 [ 18.244053] kasan_atomics+0x198/0x2e0 [ 18.244111] kunit_try_run_case+0x170/0x3f0 [ 18.244159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.244213] kthread+0x328/0x630 [ 18.244258] ret_from_fork+0x10/0x20 [ 18.244307] [ 18.244337] Allocated by task 266: [ 18.244375] kasan_save_stack+0x3c/0x68 [ 18.244418] kasan_save_track+0x20/0x40 [ 18.244460] kasan_save_alloc_info+0x40/0x58 [ 18.244514] __kasan_kmalloc+0xd4/0xd8 [ 18.244953] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.245247] kasan_atomics+0xb8/0x2e0 [ 18.245300] kunit_try_run_case+0x170/0x3f0 [ 18.245492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.245619] kthread+0x328/0x630 [ 18.245979] ret_from_fork+0x10/0x20 [ 18.246114] [ 18.246159] The buggy address belongs to the object at fff00000c63b4480 [ 18.246159] which belongs to the cache kmalloc-64 of size 64 [ 18.246228] The buggy address is located 0 bytes to the right of [ 18.246228] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.246521] [ 18.246628] The buggy address belongs to the physical page: [ 18.246892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.247167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.247475] page_type: f5(slab) [ 18.247683] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.247954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.248004] page dumped because: kasan: bad access detected [ 18.248345] [ 18.248523] Memory state around the buggy address: [ 18.248828] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.249084] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.249459] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.249642] ^ [ 18.249683] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.249730] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250209] ================================================================== [ 18.052526] ================================================================== [ 18.052625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.052747] Read of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.052802] [ 18.052832] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.053074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.053351] Hardware name: linux,dummy-virt (DT) [ 18.053414] Call trace: [ 18.053573] show_stack+0x20/0x38 (C) [ 18.053636] dump_stack_lvl+0x8c/0xd0 [ 18.053735] print_report+0x118/0x5d0 [ 18.053974] kasan_report+0xdc/0x128 [ 18.054060] __asan_report_load4_noabort+0x20/0x30 [ 18.054125] kasan_atomics_helper+0x3dd8/0x4858 [ 18.054176] kasan_atomics+0x198/0x2e0 [ 18.054224] kunit_try_run_case+0x170/0x3f0 [ 18.054275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.054629] kthread+0x328/0x630 [ 18.055151] ret_from_fork+0x10/0x20 [ 18.055259] [ 18.055615] Allocated by task 266: [ 18.055700] kasan_save_stack+0x3c/0x68 [ 18.055816] kasan_save_track+0x20/0x40 [ 18.055888] kasan_save_alloc_info+0x40/0x58 [ 18.055938] __kasan_kmalloc+0xd4/0xd8 [ 18.055999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.056040] kasan_atomics+0xb8/0x2e0 [ 18.056079] kunit_try_run_case+0x170/0x3f0 [ 18.056125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.056179] kthread+0x328/0x630 [ 18.056225] ret_from_fork+0x10/0x20 [ 18.056273] [ 18.056304] The buggy address belongs to the object at fff00000c63b4480 [ 18.056304] which belongs to the cache kmalloc-64 of size 64 [ 18.056372] The buggy address is located 0 bytes to the right of [ 18.056372] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.056437] [ 18.056459] The buggy address belongs to the physical page: [ 18.056502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.056892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.056997] page_type: f5(slab) [ 18.057061] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.057492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.057620] page dumped because: kasan: bad access detected [ 18.057848] [ 18.057946] Memory state around the buggy address: [ 18.057984] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.058293] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.058487] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.058627] ^ [ 18.058886] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.059099] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.059195] ================================================================== [ 18.324851] ================================================================== [ 18.324904] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.324956] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.325258] [ 18.325323] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.325418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.325448] Hardware name: linux,dummy-virt (DT) [ 18.325863] Call trace: [ 18.326111] show_stack+0x20/0x38 (C) [ 18.326200] dump_stack_lvl+0x8c/0xd0 [ 18.326389] print_report+0x118/0x5d0 [ 18.326496] kasan_report+0xdc/0x128 [ 18.326705] __asan_report_load8_noabort+0x20/0x30 [ 18.326763] kasan_atomics_helper+0x3e20/0x4858 [ 18.326822] kasan_atomics+0x198/0x2e0 [ 18.327078] kunit_try_run_case+0x170/0x3f0 [ 18.327462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.327775] kthread+0x328/0x630 [ 18.327934] ret_from_fork+0x10/0x20 [ 18.328023] [ 18.328051] Allocated by task 266: [ 18.328104] kasan_save_stack+0x3c/0x68 [ 18.328480] kasan_save_track+0x20/0x40 [ 18.328775] kasan_save_alloc_info+0x40/0x58 [ 18.328996] __kasan_kmalloc+0xd4/0xd8 [ 18.329094] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.329175] kasan_atomics+0xb8/0x2e0 [ 18.329403] kunit_try_run_case+0x170/0x3f0 [ 18.329609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.329695] kthread+0x328/0x630 [ 18.330107] ret_from_fork+0x10/0x20 [ 18.330271] [ 18.330333] The buggy address belongs to the object at fff00000c63b4480 [ 18.330333] which belongs to the cache kmalloc-64 of size 64 [ 18.330483] The buggy address is located 0 bytes to the right of [ 18.330483] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.330566] [ 18.330588] The buggy address belongs to the physical page: [ 18.330802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.330921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.331541] page_type: f5(slab) [ 18.331629] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.331702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.332044] page dumped because: kasan: bad access detected [ 18.332100] [ 18.332502] Memory state around the buggy address: [ 18.332578] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.332627] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.332893] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.333025] ^ [ 18.333303] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333528] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333589] ================================================================== [ 18.251139] ================================================================== [ 18.251398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.251480] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.251550] [ 18.251709] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.251804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.252020] Hardware name: linux,dummy-virt (DT) [ 18.252253] Call trace: [ 18.252296] show_stack+0x20/0x38 (C) [ 18.252546] dump_stack_lvl+0x8c/0xd0 [ 18.252600] print_report+0x118/0x5d0 [ 18.252676] kasan_report+0xdc/0x128 [ 18.252773] kasan_check_range+0x100/0x1a8 [ 18.252851] __kasan_check_write+0x20/0x30 [ 18.252929] kasan_atomics_helper+0x14e4/0x4858 [ 18.252982] kasan_atomics+0x198/0x2e0 [ 18.253029] kunit_try_run_case+0x170/0x3f0 [ 18.253316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.253395] kthread+0x328/0x630 [ 18.253449] ret_from_fork+0x10/0x20 [ 18.253865] [ 18.253968] Allocated by task 266: [ 18.254045] kasan_save_stack+0x3c/0x68 [ 18.254146] kasan_save_track+0x20/0x40 [ 18.254313] kasan_save_alloc_info+0x40/0x58 [ 18.254365] __kasan_kmalloc+0xd4/0xd8 [ 18.254581] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.254760] kasan_atomics+0xb8/0x2e0 [ 18.254839] kunit_try_run_case+0x170/0x3f0 [ 18.255179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.255288] kthread+0x328/0x630 [ 18.255386] ret_from_fork+0x10/0x20 [ 18.255502] [ 18.255561] The buggy address belongs to the object at fff00000c63b4480 [ 18.255561] which belongs to the cache kmalloc-64 of size 64 [ 18.255627] The buggy address is located 0 bytes to the right of [ 18.255627] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.256294] [ 18.256446] The buggy address belongs to the physical page: [ 18.256484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.256764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.257141] page_type: f5(slab) [ 18.257193] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.257365] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.257761] page dumped because: kasan: bad access detected [ 18.258128] [ 18.258183] Memory state around the buggy address: [ 18.258222] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.258271] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.258317] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.258359] ^ [ 18.258394] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.259083] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.259203] ================================================================== [ 17.984798] ================================================================== [ 17.984860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 17.984914] Write of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 17.984968] [ 17.985362] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.985466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.985496] Hardware name: linux,dummy-virt (DT) [ 17.985540] Call trace: [ 17.985565] show_stack+0x20/0x38 (C) [ 17.985650] dump_stack_lvl+0x8c/0xd0 [ 17.985703] print_report+0x118/0x5d0 [ 17.986233] kasan_report+0xdc/0x128 [ 17.986302] kasan_check_range+0x100/0x1a8 [ 17.986525] __kasan_check_write+0x20/0x30 [ 17.986971] kasan_atomics_helper+0xa6c/0x4858 [ 17.987335] kasan_atomics+0x198/0x2e0 [ 17.987645] kunit_try_run_case+0x170/0x3f0 [ 17.987850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.987944] kthread+0x328/0x630 [ 17.988022] ret_from_fork+0x10/0x20 [ 17.988564] [ 17.988590] Allocated by task 266: [ 17.988929] kasan_save_stack+0x3c/0x68 [ 17.989065] kasan_save_track+0x20/0x40 [ 17.989280] kasan_save_alloc_info+0x40/0x58 [ 17.989463] __kasan_kmalloc+0xd4/0xd8 [ 17.989905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.990104] kasan_atomics+0xb8/0x2e0 [ 17.990176] kunit_try_run_case+0x170/0x3f0 [ 17.990371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.990632] kthread+0x328/0x630 [ 17.990792] ret_from_fork+0x10/0x20 [ 17.991016] [ 17.991183] The buggy address belongs to the object at fff00000c63b4480 [ 17.991183] which belongs to the cache kmalloc-64 of size 64 [ 17.991360] The buggy address is located 0 bytes to the right of [ 17.991360] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.991545] [ 17.991583] The buggy address belongs to the physical page: [ 17.991659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.991717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.991766] page_type: f5(slab) [ 17.991808] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.991861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.991903] page dumped because: kasan: bad access detected [ 17.991936] [ 17.991977] Memory state around the buggy address: [ 17.992012] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.992056] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.992100] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.992140] ^ [ 17.992186] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992232] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992271] ================================================================== [ 18.195763] ================================================================== [ 18.195831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.195884] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.195938] [ 18.195974] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.196056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.196508] Hardware name: linux,dummy-virt (DT) [ 18.196571] Call trace: [ 18.196600] show_stack+0x20/0x38 (C) [ 18.196934] dump_stack_lvl+0x8c/0xd0 [ 18.197393] print_report+0x118/0x5d0 [ 18.197590] kasan_report+0xdc/0x128 [ 18.197666] kasan_check_range+0x100/0x1a8 [ 18.197728] __kasan_check_write+0x20/0x30 [ 18.197873] kasan_atomics_helper+0x126c/0x4858 [ 18.197989] kasan_atomics+0x198/0x2e0 [ 18.198097] kunit_try_run_case+0x170/0x3f0 [ 18.198148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.198209] kthread+0x328/0x630 [ 18.198511] ret_from_fork+0x10/0x20 [ 18.199139] [ 18.199229] Allocated by task 266: [ 18.199317] kasan_save_stack+0x3c/0x68 [ 18.199460] kasan_save_track+0x20/0x40 [ 18.199512] kasan_save_alloc_info+0x40/0x58 [ 18.199722] __kasan_kmalloc+0xd4/0xd8 [ 18.199937] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.200009] kasan_atomics+0xb8/0x2e0 [ 18.200214] kunit_try_run_case+0x170/0x3f0 [ 18.200425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.200735] kthread+0x328/0x630 [ 18.200944] ret_from_fork+0x10/0x20 [ 18.201015] [ 18.201166] The buggy address belongs to the object at fff00000c63b4480 [ 18.201166] which belongs to the cache kmalloc-64 of size 64 [ 18.201593] The buggy address is located 0 bytes to the right of [ 18.201593] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.201917] [ 18.202256] The buggy address belongs to the physical page: [ 18.202436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.202696] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.202846] page_type: f5(slab) [ 18.202892] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.202977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.203041] page dumped because: kasan: bad access detected [ 18.203076] [ 18.203097] Memory state around the buggy address: [ 18.203143] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203199] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.203246] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.203305] ^ [ 18.203342] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203386] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203425] ================================================================== [ 18.080934] ================================================================== [ 18.081179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.081262] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.081324] [ 18.081357] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.081738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.081843] Hardware name: linux,dummy-virt (DT) [ 18.082094] Call trace: [ 18.082224] show_stack+0x20/0x38 (C) [ 18.082400] dump_stack_lvl+0x8c/0xd0 [ 18.082505] print_report+0x118/0x5d0 [ 18.082597] kasan_report+0xdc/0x128 [ 18.083022] __asan_report_load8_noabort+0x20/0x30 [ 18.083318] kasan_atomics_helper+0x3f58/0x4858 [ 18.083643] kasan_atomics+0x198/0x2e0 [ 18.083769] kunit_try_run_case+0x170/0x3f0 [ 18.083894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.083974] kthread+0x328/0x630 [ 18.084187] ret_from_fork+0x10/0x20 [ 18.084491] [ 18.084545] Allocated by task 266: [ 18.084781] kasan_save_stack+0x3c/0x68 [ 18.084939] kasan_save_track+0x20/0x40 [ 18.085438] kasan_save_alloc_info+0x40/0x58 [ 18.085856] __kasan_kmalloc+0xd4/0xd8 [ 18.086056] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.086126] kasan_atomics+0xb8/0x2e0 [ 18.086205] kunit_try_run_case+0x170/0x3f0 [ 18.086615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.086952] kthread+0x328/0x630 [ 18.087114] ret_from_fork+0x10/0x20 [ 18.087188] [ 18.087435] The buggy address belongs to the object at fff00000c63b4480 [ 18.087435] which belongs to the cache kmalloc-64 of size 64 [ 18.087746] The buggy address is located 0 bytes to the right of [ 18.087746] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.087836] [ 18.087859] The buggy address belongs to the physical page: [ 18.088090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.088315] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.088639] page_type: f5(slab) [ 18.088696] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.089045] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.089263] page dumped because: kasan: bad access detected [ 18.089378] [ 18.089686] Memory state around the buggy address: [ 18.089893] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.089958] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.090037] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.090078] ^ [ 18.090327] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.090831] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.090993] ================================================================== [ 18.278438] ================================================================== [ 18.278486] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.278560] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.279299] [ 18.279353] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.279448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.279484] Hardware name: linux,dummy-virt (DT) [ 18.279518] Call trace: [ 18.279563] show_stack+0x20/0x38 (C) [ 18.279798] dump_stack_lvl+0x8c/0xd0 [ 18.279881] print_report+0x118/0x5d0 [ 18.279933] kasan_report+0xdc/0x128 [ 18.279986] __asan_report_load8_noabort+0x20/0x30 [ 18.280040] kasan_atomics_helper+0x3db0/0x4858 [ 18.280275] kasan_atomics+0x198/0x2e0 [ 18.280564] kunit_try_run_case+0x170/0x3f0 [ 18.280634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.280690] kthread+0x328/0x630 [ 18.281111] ret_from_fork+0x10/0x20 [ 18.281189] [ 18.281376] Allocated by task 266: [ 18.281505] kasan_save_stack+0x3c/0x68 [ 18.281616] kasan_save_track+0x20/0x40 [ 18.281675] kasan_save_alloc_info+0x40/0x58 [ 18.281741] __kasan_kmalloc+0xd4/0xd8 [ 18.281963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.282186] kasan_atomics+0xb8/0x2e0 [ 18.282268] kunit_try_run_case+0x170/0x3f0 [ 18.282646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.282822] kthread+0x328/0x630 [ 18.282940] ret_from_fork+0x10/0x20 [ 18.283079] [ 18.283160] The buggy address belongs to the object at fff00000c63b4480 [ 18.283160] which belongs to the cache kmalloc-64 of size 64 [ 18.283248] The buggy address is located 0 bytes to the right of [ 18.283248] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.283583] [ 18.283809] The buggy address belongs to the physical page: [ 18.284068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.284170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.284333] page_type: f5(slab) [ 18.284992] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.285124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.285191] page dumped because: kasan: bad access detected [ 18.285226] [ 18.285246] Memory state around the buggy address: [ 18.285444] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.285499] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.285639] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.285709] ^ [ 18.286213] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.286384] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.286562] ================================================================== [ 17.947642] ================================================================== [ 17.947756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 17.947980] Read of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 17.948353] [ 17.948417] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.948754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.948830] Hardware name: linux,dummy-virt (DT) [ 17.948868] Call trace: [ 17.949040] show_stack+0x20/0x38 (C) [ 17.949108] dump_stack_lvl+0x8c/0xd0 [ 17.949568] print_report+0x118/0x5d0 [ 17.949828] kasan_report+0xdc/0x128 [ 17.950015] __asan_report_load4_noabort+0x20/0x30 [ 17.950175] kasan_atomics_helper+0x42d8/0x4858 [ 17.950229] kasan_atomics+0x198/0x2e0 [ 17.950277] kunit_try_run_case+0x170/0x3f0 [ 17.950517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.950788] kthread+0x328/0x630 [ 17.950942] ret_from_fork+0x10/0x20 [ 17.951078] [ 17.951101] Allocated by task 266: [ 17.951275] kasan_save_stack+0x3c/0x68 [ 17.951578] kasan_save_track+0x20/0x40 [ 17.951651] kasan_save_alloc_info+0x40/0x58 [ 17.951857] __kasan_kmalloc+0xd4/0xd8 [ 17.952193] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.952366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.952588] The buggy address is located 0 bytes to the right of [ 17.952588] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.952855] page_type: f5(slab) [ 17.953161] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.953351] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.957439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.957727] Hardware name: linux,dummy-virt (DT) [ 17.957784] Call trace: [ 17.957885] show_stack+0x20/0x38 (C) [ 17.957957] dump_stack_lvl+0x8c/0xd0 [ 17.958013] print_report+0x118/0x5d0 [ 17.958062] kasan_report+0xdc/0x128 [ 17.958109] kasan_check_range+0x100/0x1a8 [ 17.958159] __kasan_check_write+0x20/0x30 [ 17.958421] kasan_atomics_helper+0x934/0x4858 [ 17.959222] kasan_atomics+0x198/0x2e0 [ 17.959467] kunit_try_run_case+0x170/0x3f0 [ 17.959679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959944] kthread+0x328/0x630 [ 17.960024] ret_from_fork+0x10/0x20 [ 17.960177] [ 17.960247] Allocated by task 266: [ 17.960484] kasan_save_stack+0x3c/0x68 [ 17.960578] kasan_save_track+0x20/0x40 [ 17.960758] kasan_save_alloc_info+0x40/0x58 [ 17.960829] __kasan_kmalloc+0xd4/0xd8 [ 17.960868] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.961082] kasan_atomics+0xb8/0x2e0 [ 17.961330] kunit_try_run_case+0x170/0x3f0 [ 17.961394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.961603] kthread+0x328/0x630 [ 17.961961] ret_from_fork+0x10/0x20 [ 17.962169] [ 17.962246] The buggy address belongs to the object at fff00000c63b4480 [ 17.962246] which belongs to the cache kmalloc-64 of size 64 [ 17.962487] The buggy address is located 0 bytes to the right of [ 17.962487] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 17.962572] [ 17.962725] The buggy address belongs to the physical page: [ 17.963156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 17.963255] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.963387] page_type: f5(slab) [ 17.963475] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.963861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.963944] page dumped because: kasan: bad access detected [ 17.964101] [ 17.964169] Memory state around the buggy address: [ 17.964315] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.964442] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.964731] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.964975] ^ [ 17.965100] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.965244] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.965310] ================================================================== [ 18.074832] ================================================================== [ 18.074939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.075136] Read of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.075230] [ 18.075275] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.075607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.075787] Hardware name: linux,dummy-virt (DT) [ 18.075848] Call trace: [ 18.075961] show_stack+0x20/0x38 (C) [ 18.076091] dump_stack_lvl+0x8c/0xd0 [ 18.076186] print_report+0x118/0x5d0 [ 18.076253] kasan_report+0xdc/0x128 [ 18.076335] kasan_check_range+0x100/0x1a8 [ 18.076391] __kasan_check_read+0x20/0x30 [ 18.076437] kasan_atomics_helper+0xdd4/0x4858 [ 18.076489] kasan_atomics+0x198/0x2e0 [ 18.076555] kunit_try_run_case+0x170/0x3f0 [ 18.076603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.076659] kthread+0x328/0x630 [ 18.076704] ret_from_fork+0x10/0x20 [ 18.076755] [ 18.076776] Allocated by task 266: [ 18.076806] kasan_save_stack+0x3c/0x68 [ 18.076852] kasan_save_track+0x20/0x40 [ 18.076892] kasan_save_alloc_info+0x40/0x58 [ 18.076934] __kasan_kmalloc+0xd4/0xd8 [ 18.076973] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.077016] kasan_atomics+0xb8/0x2e0 [ 18.077054] kunit_try_run_case+0x170/0x3f0 [ 18.077094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.077139] kthread+0x328/0x630 [ 18.077174] ret_from_fork+0x10/0x20 [ 18.077211] [ 18.077233] The buggy address belongs to the object at fff00000c63b4480 [ 18.077233] which belongs to the cache kmalloc-64 of size 64 [ 18.077293] The buggy address is located 0 bytes to the right of [ 18.077293] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.077358] [ 18.077381] The buggy address belongs to the physical page: [ 18.077414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.077477] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.077527] page_type: f5(slab) [ 18.077577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.078134] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.078566] page dumped because: kasan: bad access detected [ 18.078677] [ 18.078801] Memory state around the buggy address: [ 18.078888] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.079097] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.079171] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.079412] ^ [ 18.079522] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.079802] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.079848] ================================================================== [ 18.060277] ================================================================== [ 18.060474] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.060570] Write of size 4 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.060630] [ 18.060696] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.060784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.060812] Hardware name: linux,dummy-virt (DT) [ 18.061007] Call trace: [ 18.061142] show_stack+0x20/0x38 (C) [ 18.061220] dump_stack_lvl+0x8c/0xd0 [ 18.061311] print_report+0x118/0x5d0 [ 18.061362] kasan_report+0xdc/0x128 [ 18.061430] kasan_check_range+0x100/0x1a8 [ 18.061646] __kasan_check_write+0x20/0x30 [ 18.061737] kasan_atomics_helper+0xd3c/0x4858 [ 18.061848] kasan_atomics+0x198/0x2e0 [ 18.061943] kunit_try_run_case+0x170/0x3f0 [ 18.062115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.062286] kthread+0x328/0x630 [ 18.062355] ret_from_fork+0x10/0x20 [ 18.062628] [ 18.062818] Allocated by task 266: [ 18.062939] kasan_save_stack+0x3c/0x68 [ 18.063028] kasan_save_track+0x20/0x40 [ 18.063438] kasan_save_alloc_info+0x40/0x58 [ 18.063489] __kasan_kmalloc+0xd4/0xd8 [ 18.063548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.063589] kasan_atomics+0xb8/0x2e0 [ 18.063627] kunit_try_run_case+0x170/0x3f0 [ 18.063668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.063714] kthread+0x328/0x630 [ 18.064098] ret_from_fork+0x10/0x20 [ 18.064165] [ 18.064190] The buggy address belongs to the object at fff00000c63b4480 [ 18.064190] which belongs to the cache kmalloc-64 of size 64 [ 18.064469] The buggy address is located 0 bytes to the right of [ 18.064469] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.064757] [ 18.064818] The buggy address belongs to the physical page: [ 18.064994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.065107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.065158] page_type: f5(slab) [ 18.065198] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.065487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.065699] page dumped because: kasan: bad access detected [ 18.065902] [ 18.065976] Memory state around the buggy address: [ 18.066118] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.066257] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.066396] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.066732] ^ [ 18.066843] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.066902] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.066942] ================================================================== [ 18.259991] ================================================================== [ 18.260111] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.260163] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.260216] [ 18.260249] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.260331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.260360] Hardware name: linux,dummy-virt (DT) [ 18.260393] Call trace: [ 18.260416] show_stack+0x20/0x38 (C) [ 18.260596] dump_stack_lvl+0x8c/0xd0 [ 18.260659] print_report+0x118/0x5d0 [ 18.260712] kasan_report+0xdc/0x128 [ 18.260763] kasan_check_range+0x100/0x1a8 [ 18.260814] __kasan_check_write+0x20/0x30 [ 18.260859] kasan_atomics_helper+0x154c/0x4858 [ 18.260931] kasan_atomics+0x198/0x2e0 [ 18.260994] kunit_try_run_case+0x170/0x3f0 [ 18.261049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.261111] kthread+0x328/0x630 [ 18.261165] ret_from_fork+0x10/0x20 [ 18.261213] [ 18.261234] Allocated by task 266: [ 18.261265] kasan_save_stack+0x3c/0x68 [ 18.261306] kasan_save_track+0x20/0x40 [ 18.261347] kasan_save_alloc_info+0x40/0x58 [ 18.261388] __kasan_kmalloc+0xd4/0xd8 [ 18.261427] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.261469] kasan_atomics+0xb8/0x2e0 [ 18.261506] kunit_try_run_case+0x170/0x3f0 [ 18.262334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.262397] kthread+0x328/0x630 [ 18.262445] ret_from_fork+0x10/0x20 [ 18.262483] [ 18.262739] The buggy address belongs to the object at fff00000c63b4480 [ 18.262739] which belongs to the cache kmalloc-64 of size 64 [ 18.263464] The buggy address is located 0 bytes to the right of [ 18.263464] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.263582] [ 18.263904] The buggy address belongs to the physical page: [ 18.263992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.264072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.264742] page_type: f5(slab) [ 18.264816] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.265319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.265374] page dumped because: kasan: bad access detected [ 18.265647] [ 18.265940] Memory state around the buggy address: [ 18.266260] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.266658] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.266862] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.267154] ^ [ 18.267201] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.267615] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.267960] ================================================================== [ 18.091621] ================================================================== [ 18.091673] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.091726] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.092053] [ 18.092309] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.092406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.092859] Hardware name: linux,dummy-virt (DT) [ 18.092982] Call trace: [ 18.093016] show_stack+0x20/0x38 (C) [ 18.093069] dump_stack_lvl+0x8c/0xd0 [ 18.093165] print_report+0x118/0x5d0 [ 18.093216] kasan_report+0xdc/0x128 [ 18.093265] kasan_check_range+0x100/0x1a8 [ 18.093378] __kasan_check_write+0x20/0x30 [ 18.093437] kasan_atomics_helper+0xe44/0x4858 [ 18.093486] kasan_atomics+0x198/0x2e0 [ 18.093554] kunit_try_run_case+0x170/0x3f0 [ 18.093604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.093665] kthread+0x328/0x630 [ 18.093987] ret_from_fork+0x10/0x20 [ 18.094588] [ 18.094900] Allocated by task 266: [ 18.094970] kasan_save_stack+0x3c/0x68 [ 18.095291] kasan_save_track+0x20/0x40 [ 18.095575] kasan_save_alloc_info+0x40/0x58 [ 18.095790] __kasan_kmalloc+0xd4/0xd8 [ 18.096587] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.096908] kasan_atomics+0xb8/0x2e0 [ 18.097065] kunit_try_run_case+0x170/0x3f0 [ 18.097271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.097558] kthread+0x328/0x630 [ 18.097837] ret_from_fork+0x10/0x20 [ 18.098025] [ 18.098087] The buggy address belongs to the object at fff00000c63b4480 [ 18.098087] which belongs to the cache kmalloc-64 of size 64 [ 18.098202] The buggy address is located 0 bytes to the right of [ 18.098202] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.098269] [ 18.098755] The buggy address belongs to the physical page: [ 18.098836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.099135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.099526] page_type: f5(slab) [ 18.099607] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.099816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.099891] page dumped because: kasan: bad access detected [ 18.099926] [ 18.100068] Memory state around the buggy address: [ 18.100108] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.100156] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.100201] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.100241] ^ [ 18.100279] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.100344] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.100402] ================================================================== [ 18.120765] ================================================================== [ 18.121163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.121234] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.121288] [ 18.121322] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.121404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.121829] Hardware name: linux,dummy-virt (DT) [ 18.121884] Call trace: [ 18.121939] show_stack+0x20/0x38 (C) [ 18.122296] dump_stack_lvl+0x8c/0xd0 [ 18.122451] print_report+0x118/0x5d0 [ 18.122547] kasan_report+0xdc/0x128 [ 18.122874] kasan_check_range+0x100/0x1a8 [ 18.123025] __kasan_check_write+0x20/0x30 [ 18.123137] kasan_atomics_helper+0xf20/0x4858 [ 18.123215] kasan_atomics+0x198/0x2e0 [ 18.123347] kunit_try_run_case+0x170/0x3f0 [ 18.123398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.123828] kthread+0x328/0x630 [ 18.123904] ret_from_fork+0x10/0x20 [ 18.124383] [ 18.124441] Allocated by task 266: [ 18.124504] kasan_save_stack+0x3c/0x68 [ 18.124612] kasan_save_track+0x20/0x40 [ 18.124653] kasan_save_alloc_info+0x40/0x58 [ 18.125012] __kasan_kmalloc+0xd4/0xd8 [ 18.125242] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.125366] kasan_atomics+0xb8/0x2e0 [ 18.125703] kunit_try_run_case+0x170/0x3f0 [ 18.126133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.126324] kthread+0x328/0x630 [ 18.126370] ret_from_fork+0x10/0x20 [ 18.126423] [ 18.126447] The buggy address belongs to the object at fff00000c63b4480 [ 18.126447] which belongs to the cache kmalloc-64 of size 64 [ 18.126728] The buggy address is located 0 bytes to the right of [ 18.126728] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.127328] [ 18.127390] The buggy address belongs to the physical page: [ 18.127523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.127595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.127831] page_type: f5(slab) [ 18.127965] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.128307] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.128450] page dumped because: kasan: bad access detected [ 18.128769] [ 18.129171] Memory state around the buggy address: [ 18.129248] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.129305] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.129478] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.129719] ^ [ 18.129912] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.130416] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.130488] ================================================================== [ 18.148202] ================================================================== [ 18.148443] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.148661] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.148897] [ 18.149180] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.149283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.149340] Hardware name: linux,dummy-virt (DT) [ 18.149668] Call trace: [ 18.149898] show_stack+0x20/0x38 (C) [ 18.149967] dump_stack_lvl+0x8c/0xd0 [ 18.150015] print_report+0x118/0x5d0 [ 18.150271] kasan_report+0xdc/0x128 [ 18.150493] kasan_check_range+0x100/0x1a8 [ 18.150856] __kasan_check_write+0x20/0x30 [ 18.151082] kasan_atomics_helper+0x1058/0x4858 [ 18.151177] kasan_atomics+0x198/0x2e0 [ 18.151308] kunit_try_run_case+0x170/0x3f0 [ 18.151504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.151914] kthread+0x328/0x630 [ 18.152155] ret_from_fork+0x10/0x20 [ 18.152302] [ 18.152378] Allocated by task 266: [ 18.152455] kasan_save_stack+0x3c/0x68 [ 18.152501] kasan_save_track+0x20/0x40 [ 18.152740] kasan_save_alloc_info+0x40/0x58 [ 18.153345] __kasan_kmalloc+0xd4/0xd8 [ 18.153543] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.153617] kasan_atomics+0xb8/0x2e0 [ 18.153759] kunit_try_run_case+0x170/0x3f0 [ 18.153802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.153848] kthread+0x328/0x630 [ 18.153912] ret_from_fork+0x10/0x20 [ 18.154254] [ 18.154548] The buggy address belongs to the object at fff00000c63b4480 [ 18.154548] which belongs to the cache kmalloc-64 of size 64 [ 18.154901] The buggy address is located 0 bytes to the right of [ 18.154901] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.155306] [ 18.155397] The buggy address belongs to the physical page: [ 18.155516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.155907] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.155992] page_type: f5(slab) [ 18.156053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.156338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.156979] page dumped because: kasan: bad access detected [ 18.157228] [ 18.157387] Memory state around the buggy address: [ 18.157464] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.157747] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.157933] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.158159] ^ [ 18.158236] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.158283] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.158589] ================================================================== [ 18.185080] ================================================================== [ 18.185130] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.185179] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.185230] [ 18.185270] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.185353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.185382] Hardware name: linux,dummy-virt (DT) [ 18.185413] Call trace: [ 18.185438] show_stack+0x20/0x38 (C) [ 18.185487] dump_stack_lvl+0x8c/0xd0 [ 18.185988] print_report+0x118/0x5d0 [ 18.186443] kasan_report+0xdc/0x128 [ 18.186554] kasan_check_range+0x100/0x1a8 [ 18.186643] __kasan_check_write+0x20/0x30 [ 18.186740] kasan_atomics_helper+0x11f8/0x4858 [ 18.186965] kasan_atomics+0x198/0x2e0 [ 18.187024] kunit_try_run_case+0x170/0x3f0 [ 18.187257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.187618] kthread+0x328/0x630 [ 18.187933] ret_from_fork+0x10/0x20 [ 18.188151] [ 18.188347] Allocated by task 266: [ 18.188570] kasan_save_stack+0x3c/0x68 [ 18.188652] kasan_save_track+0x20/0x40 [ 18.189041] kasan_save_alloc_info+0x40/0x58 [ 18.189124] __kasan_kmalloc+0xd4/0xd8 [ 18.189212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.189354] kasan_atomics+0xb8/0x2e0 [ 18.189453] kunit_try_run_case+0x170/0x3f0 [ 18.189756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.190120] kthread+0x328/0x630 [ 18.190818] ret_from_fork+0x10/0x20 [ 18.191150] [ 18.191209] The buggy address belongs to the object at fff00000c63b4480 [ 18.191209] which belongs to the cache kmalloc-64 of size 64 [ 18.191346] The buggy address is located 0 bytes to the right of [ 18.191346] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.191604] [ 18.192146] The buggy address belongs to the physical page: [ 18.192303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.192482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.192674] page_type: f5(slab) [ 18.193041] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.193222] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.193351] page dumped because: kasan: bad access detected [ 18.193390] [ 18.193411] Memory state around the buggy address: [ 18.193682] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.194133] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.194290] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.194336] ^ [ 18.194374] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.194425] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.194598] ================================================================== [ 18.319186] ================================================================== [ 18.319415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.319476] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.319735] [ 18.319879] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.319973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.320022] Hardware name: linux,dummy-virt (DT) [ 18.320064] Call trace: [ 18.320098] show_stack+0x20/0x38 (C) [ 18.320152] dump_stack_lvl+0x8c/0xd0 [ 18.320209] print_report+0x118/0x5d0 [ 18.320267] kasan_report+0xdc/0x128 [ 18.320321] kasan_check_range+0x100/0x1a8 [ 18.320370] __kasan_check_write+0x20/0x30 [ 18.320416] kasan_atomics_helper+0x175c/0x4858 [ 18.320474] kasan_atomics+0x198/0x2e0 [ 18.320520] kunit_try_run_case+0x170/0x3f0 [ 18.320580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.320634] kthread+0x328/0x630 [ 18.320676] ret_from_fork+0x10/0x20 [ 18.320734] [ 18.320755] Allocated by task 266: [ 18.320783] kasan_save_stack+0x3c/0x68 [ 18.320826] kasan_save_track+0x20/0x40 [ 18.320864] kasan_save_alloc_info+0x40/0x58 [ 18.320906] __kasan_kmalloc+0xd4/0xd8 [ 18.320944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.320985] kasan_atomics+0xb8/0x2e0 [ 18.321023] kunit_try_run_case+0x170/0x3f0 [ 18.321063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.321110] kthread+0x328/0x630 [ 18.321144] ret_from_fork+0x10/0x20 [ 18.321180] [ 18.321201] The buggy address belongs to the object at fff00000c63b4480 [ 18.321201] which belongs to the cache kmalloc-64 of size 64 [ 18.321266] The buggy address is located 0 bytes to the right of [ 18.321266] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.321334] [ 18.321356] The buggy address belongs to the physical page: [ 18.321389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.321441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.321491] page_type: f5(slab) [ 18.321540] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.321615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.321660] page dumped because: kasan: bad access detected [ 18.321694] [ 18.321714] Memory state around the buggy address: [ 18.322588] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.322660] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.322731] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.322804] ^ [ 18.322843] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.323863] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.323963] ================================================================== [ 18.269476] ================================================================== [ 18.269996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.270072] Write of size 8 at addr fff00000c63b44b0 by task kunit_try_catch/266 [ 18.270290] [ 18.270350] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.270448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.270479] Hardware name: linux,dummy-virt (DT) [ 18.271129] Call trace: [ 18.271401] show_stack+0x20/0x38 (C) [ 18.271578] dump_stack_lvl+0x8c/0xd0 [ 18.271654] print_report+0x118/0x5d0 [ 18.271824] kasan_report+0xdc/0x128 [ 18.271876] kasan_check_range+0x100/0x1a8 [ 18.271953] __kasan_check_write+0x20/0x30 [ 18.272185] kasan_atomics_helper+0x15b4/0x4858 [ 18.272508] kasan_atomics+0x198/0x2e0 [ 18.272925] kunit_try_run_case+0x170/0x3f0 [ 18.273023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.273449] kthread+0x328/0x630 [ 18.273739] ret_from_fork+0x10/0x20 [ 18.273997] [ 18.274069] Allocated by task 266: [ 18.274247] kasan_save_stack+0x3c/0x68 [ 18.274302] kasan_save_track+0x20/0x40 [ 18.274344] kasan_save_alloc_info+0x40/0x58 [ 18.274407] __kasan_kmalloc+0xd4/0xd8 [ 18.274455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.274702] kasan_atomics+0xb8/0x2e0 [ 18.274996] kunit_try_run_case+0x170/0x3f0 [ 18.275202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.275599] kthread+0x328/0x630 [ 18.275717] ret_from_fork+0x10/0x20 [ 18.276164] [ 18.276471] The buggy address belongs to the object at fff00000c63b4480 [ 18.276471] which belongs to the cache kmalloc-64 of size 64 [ 18.276600] The buggy address is located 0 bytes to the right of [ 18.276600] allocated 48-byte region [fff00000c63b4480, fff00000c63b44b0) [ 18.276956] [ 18.277159] The buggy address belongs to the physical page: [ 18.277519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b4 [ 18.277603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.277677] page_type: f5(slab) [ 18.277727] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.277791] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.277834] page dumped because: kasan: bad access detected [ 18.277878] [ 18.277907] Memory state around the buggy address: [ 18.277953] fff00000c63b4380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.278000] fff00000c63b4400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.278055] >fff00000c63b4480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.278096] ^ [ 18.278140] fff00000c63b4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.278199] fff00000c63b4580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.278238] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.567853] ================================================================== [ 17.567907] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.568291] Read of size 1 at addr fff00000c77dfad0 by task kunit_try_catch/260 [ 17.568403] [ 17.568477] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.568573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.568602] Hardware name: linux,dummy-virt (DT) [ 17.568634] Call trace: [ 17.568661] show_stack+0x20/0x38 (C) [ 17.568714] dump_stack_lvl+0x8c/0xd0 [ 17.569123] print_report+0x118/0x5d0 [ 17.569207] kasan_report+0xdc/0x128 [ 17.569259] __asan_report_load1_noabort+0x20/0x30 [ 17.569689] strnlen+0x80/0x88 [ 17.569799] kasan_strings+0x478/0xb00 [ 17.569936] kunit_try_run_case+0x170/0x3f0 [ 17.570088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.570191] kthread+0x328/0x630 [ 17.570281] ret_from_fork+0x10/0x20 [ 17.570438] [ 17.570802] Allocated by task 260: [ 17.570951] kasan_save_stack+0x3c/0x68 [ 17.571112] kasan_save_track+0x20/0x40 [ 17.571228] kasan_save_alloc_info+0x40/0x58 [ 17.571348] __kasan_kmalloc+0xd4/0xd8 [ 17.571447] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.571718] kasan_strings+0xc8/0xb00 [ 17.571898] kunit_try_run_case+0x170/0x3f0 [ 17.571970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.572154] kthread+0x328/0x630 [ 17.572202] ret_from_fork+0x10/0x20 [ 17.572388] [ 17.572608] Freed by task 260: [ 17.572816] kasan_save_stack+0x3c/0x68 [ 17.572976] kasan_save_track+0x20/0x40 [ 17.573576] kasan_save_free_info+0x4c/0x78 [ 17.573797] __kasan_slab_free+0x6c/0x98 [ 17.573886] kfree+0x214/0x3c8 [ 17.573993] kasan_strings+0x24c/0xb00 [ 17.574034] kunit_try_run_case+0x170/0x3f0 [ 17.574074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.574589] kthread+0x328/0x630 [ 17.574683] ret_from_fork+0x10/0x20 [ 17.574834] [ 17.574892] The buggy address belongs to the object at fff00000c77dfac0 [ 17.574892] which belongs to the cache kmalloc-32 of size 32 [ 17.575011] The buggy address is located 16 bytes inside of [ 17.575011] freed 32-byte region [fff00000c77dfac0, fff00000c77dfae0) [ 17.575112] [ 17.575537] The buggy address belongs to the physical page: [ 17.575653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077df [ 17.575748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.575879] page_type: f5(slab) [ 17.575923] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.576008] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.576191] page dumped because: kasan: bad access detected [ 17.576406] [ 17.576470] Memory state around the buggy address: [ 17.576863] fff00000c77df980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.577017] fff00000c77dfa00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.577104] >fff00000c77dfa80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.577237] ^ [ 17.577498] fff00000c77dfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.577683] fff00000c77dfb80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.577771] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.560135] ================================================================== [ 17.560253] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.560646] Read of size 1 at addr fff00000c77dfad0 by task kunit_try_catch/260 [ 17.560731] [ 17.560805] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.560894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.561099] Hardware name: linux,dummy-virt (DT) [ 17.561244] Call trace: [ 17.561310] show_stack+0x20/0x38 (C) [ 17.561385] dump_stack_lvl+0x8c/0xd0 [ 17.561435] print_report+0x118/0x5d0 [ 17.561683] kasan_report+0xdc/0x128 [ 17.561768] __asan_report_load1_noabort+0x20/0x30 [ 17.562126] strlen+0xa8/0xb0 [ 17.562296] kasan_strings+0x418/0xb00 [ 17.562561] kunit_try_run_case+0x170/0x3f0 [ 17.562630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.562688] kthread+0x328/0x630 [ 17.562732] ret_from_fork+0x10/0x20 [ 17.562927] [ 17.562959] Allocated by task 260: [ 17.562993] kasan_save_stack+0x3c/0x68 [ 17.563038] kasan_save_track+0x20/0x40 [ 17.563092] kasan_save_alloc_info+0x40/0x58 [ 17.563136] __kasan_kmalloc+0xd4/0xd8 [ 17.563173] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.563214] kasan_strings+0xc8/0xb00 [ 17.563249] kunit_try_run_case+0x170/0x3f0 [ 17.563291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.563336] kthread+0x328/0x630 [ 17.563371] ret_from_fork+0x10/0x20 [ 17.563409] [ 17.563439] Freed by task 260: [ 17.563474] kasan_save_stack+0x3c/0x68 [ 17.563542] kasan_save_track+0x20/0x40 [ 17.563582] kasan_save_free_info+0x4c/0x78 [ 17.563623] __kasan_slab_free+0x6c/0x98 [ 17.563671] kfree+0x214/0x3c8 [ 17.563707] kasan_strings+0x24c/0xb00 [ 17.563751] kunit_try_run_case+0x170/0x3f0 [ 17.563798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.563842] kthread+0x328/0x630 [ 17.563901] ret_from_fork+0x10/0x20 [ 17.563937] [ 17.563967] The buggy address belongs to the object at fff00000c77dfac0 [ 17.563967] which belongs to the cache kmalloc-32 of size 32 [ 17.564027] The buggy address is located 16 bytes inside of [ 17.564027] freed 32-byte region [fff00000c77dfac0, fff00000c77dfae0) [ 17.564091] [ 17.564117] The buggy address belongs to the physical page: [ 17.564160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077df [ 17.564232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.564289] page_type: f5(slab) [ 17.564329] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.564406] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.564462] page dumped because: kasan: bad access detected [ 17.564497] [ 17.565004] Memory state around the buggy address: [ 17.565442] fff00000c77df980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.565641] fff00000c77dfa00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.565863] >fff00000c77dfa80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.566131] ^ [ 17.566178] fff00000c77dfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.566385] fff00000c77dfb80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.566562] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.547548] ================================================================== [ 17.547655] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.548076] Read of size 1 at addr fff00000c77dfad0 by task kunit_try_catch/260 [ 17.548193] [ 17.548230] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.548398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.548432] Hardware name: linux,dummy-virt (DT) [ 17.548482] Call trace: [ 17.548508] show_stack+0x20/0x38 (C) [ 17.548572] dump_stack_lvl+0x8c/0xd0 [ 17.548796] print_report+0x118/0x5d0 [ 17.549111] kasan_report+0xdc/0x128 [ 17.549176] __asan_report_load1_noabort+0x20/0x30 [ 17.549232] kasan_strings+0x95c/0xb00 [ 17.549480] kunit_try_run_case+0x170/0x3f0 [ 17.549704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.549998] kthread+0x328/0x630 [ 17.550083] ret_from_fork+0x10/0x20 [ 17.550286] [ 17.550311] Allocated by task 260: [ 17.550341] kasan_save_stack+0x3c/0x68 [ 17.550569] kasan_save_track+0x20/0x40 [ 17.550744] kasan_save_alloc_info+0x40/0x58 [ 17.550853] __kasan_kmalloc+0xd4/0xd8 [ 17.550971] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.551096] kasan_strings+0xc8/0xb00 [ 17.551218] kunit_try_run_case+0x170/0x3f0 [ 17.551259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.551328] kthread+0x328/0x630 [ 17.551563] ret_from_fork+0x10/0x20 [ 17.551727] [ 17.551772] Freed by task 260: [ 17.551959] kasan_save_stack+0x3c/0x68 [ 17.552078] kasan_save_track+0x20/0x40 [ 17.552139] kasan_save_free_info+0x4c/0x78 [ 17.552323] __kasan_slab_free+0x6c/0x98 [ 17.552803] kfree+0x214/0x3c8 [ 17.552884] kasan_strings+0x24c/0xb00 [ 17.553033] kunit_try_run_case+0x170/0x3f0 [ 17.553141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.553238] kthread+0x328/0x630 [ 17.553430] ret_from_fork+0x10/0x20 [ 17.553494] [ 17.553518] The buggy address belongs to the object at fff00000c77dfac0 [ 17.553518] which belongs to the cache kmalloc-32 of size 32 [ 17.553784] The buggy address is located 16 bytes inside of [ 17.553784] freed 32-byte region [fff00000c77dfac0, fff00000c77dfae0) [ 17.554049] [ 17.554132] The buggy address belongs to the physical page: [ 17.554247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077df [ 17.554359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.554421] page_type: f5(slab) [ 17.554461] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.554800] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.554979] page dumped because: kasan: bad access detected [ 17.555100] [ 17.555218] Memory state around the buggy address: [ 17.555286] fff00000c77df980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.555433] fff00000c77dfa00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.555645] >fff00000c77dfa80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.555892] ^ [ 17.556012] fff00000c77dfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.556464] fff00000c77dfb80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.556574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.537690] ================================================================== [ 17.538674] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.538837] Read of size 1 at addr fff00000c77dfad0 by task kunit_try_catch/260 [ 17.539257] [ 17.539363] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.539774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.539857] Hardware name: linux,dummy-virt (DT) [ 17.539903] Call trace: [ 17.539942] show_stack+0x20/0x38 (C) [ 17.540009] dump_stack_lvl+0x8c/0xd0 [ 17.540059] print_report+0x118/0x5d0 [ 17.540108] kasan_report+0xdc/0x128 [ 17.540166] __asan_report_load1_noabort+0x20/0x30 [ 17.540229] strcmp+0xc0/0xc8 [ 17.540273] kasan_strings+0x340/0xb00 [ 17.540329] kunit_try_run_case+0x170/0x3f0 [ 17.540379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.540433] kthread+0x328/0x630 [ 17.540477] ret_from_fork+0x10/0x20 [ 17.540526] [ 17.540572] Allocated by task 260: [ 17.540622] kasan_save_stack+0x3c/0x68 [ 17.540668] kasan_save_track+0x20/0x40 [ 17.540709] kasan_save_alloc_info+0x40/0x58 [ 17.540762] __kasan_kmalloc+0xd4/0xd8 [ 17.540802] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.540843] kasan_strings+0xc8/0xb00 [ 17.540881] kunit_try_run_case+0x170/0x3f0 [ 17.540937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.540984] kthread+0x328/0x630 [ 17.541027] ret_from_fork+0x10/0x20 [ 17.541075] [ 17.541104] Freed by task 260: [ 17.541148] kasan_save_stack+0x3c/0x68 [ 17.541189] kasan_save_track+0x20/0x40 [ 17.541230] kasan_save_free_info+0x4c/0x78 [ 17.541274] __kasan_slab_free+0x6c/0x98 [ 17.541319] kfree+0x214/0x3c8 [ 17.541353] kasan_strings+0x24c/0xb00 [ 17.541402] kunit_try_run_case+0x170/0x3f0 [ 17.541449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.541493] kthread+0x328/0x630 [ 17.541879] ret_from_fork+0x10/0x20 [ 17.541944] [ 17.542449] The buggy address belongs to the object at fff00000c77dfac0 [ 17.542449] which belongs to the cache kmalloc-32 of size 32 [ 17.542803] The buggy address is located 16 bytes inside of [ 17.542803] freed 32-byte region [fff00000c77dfac0, fff00000c77dfae0) [ 17.543321] [ 17.543367] The buggy address belongs to the physical page: [ 17.543466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077df [ 17.543610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.543713] page_type: f5(slab) [ 17.544127] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.544210] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.544311] page dumped because: kasan: bad access detected [ 17.544438] [ 17.544497] Memory state around the buggy address: [ 17.544612] fff00000c77df980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.545131] fff00000c77dfa00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.545264] >fff00000c77dfa80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.545344] ^ [ 17.545509] fff00000c77dfb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.545864] fff00000c77dfb80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.546027] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.520140] ================================================================== [ 17.520240] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.520326] Read of size 1 at addr fff00000c77df918 by task kunit_try_catch/258 [ 17.520380] [ 17.520511] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.520617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.520715] Hardware name: linux,dummy-virt (DT) [ 17.520772] Call trace: [ 17.520798] show_stack+0x20/0x38 (C) [ 17.520858] dump_stack_lvl+0x8c/0xd0 [ 17.521093] print_report+0x118/0x5d0 [ 17.521290] kasan_report+0xdc/0x128 [ 17.521345] __asan_report_load1_noabort+0x20/0x30 [ 17.521485] memcmp+0x198/0x1d8 [ 17.521557] kasan_memcmp+0x16c/0x300 [ 17.521680] kunit_try_run_case+0x170/0x3f0 [ 17.521756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.521813] kthread+0x328/0x630 [ 17.521922] ret_from_fork+0x10/0x20 [ 17.521972] [ 17.521996] Allocated by task 258: [ 17.522032] kasan_save_stack+0x3c/0x68 [ 17.522279] kasan_save_track+0x20/0x40 [ 17.522664] kasan_save_alloc_info+0x40/0x58 [ 17.522751] __kasan_kmalloc+0xd4/0xd8 [ 17.522874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.522952] kasan_memcmp+0xbc/0x300 [ 17.522991] kunit_try_run_case+0x170/0x3f0 [ 17.523224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.523298] kthread+0x328/0x630 [ 17.523344] ret_from_fork+0x10/0x20 [ 17.523418] [ 17.523441] The buggy address belongs to the object at fff00000c77df900 [ 17.523441] which belongs to the cache kmalloc-32 of size 32 [ 17.523605] The buggy address is located 0 bytes to the right of [ 17.523605] allocated 24-byte region [fff00000c77df900, fff00000c77df918) [ 17.523779] [ 17.523816] The buggy address belongs to the physical page: [ 17.523856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077df [ 17.523914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.523965] page_type: f5(slab) [ 17.524006] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.524068] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.524111] page dumped because: kasan: bad access detected [ 17.524156] [ 17.524185] Memory state around the buggy address: [ 17.524219] fff00000c77df800: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 17.524265] fff00000c77df880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.524321] >fff00000c77df900: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.524370] ^ [ 17.524402] fff00000c77df980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.524458] fff00000c77dfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.524513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.496944] ================================================================== [ 17.497058] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.497120] Read of size 1 at addr ffff800080a77b4a by task kunit_try_catch/254 [ 17.497437] [ 17.497501] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.497697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.497897] Hardware name: linux,dummy-virt (DT) [ 17.497943] Call trace: [ 17.497994] show_stack+0x20/0x38 (C) [ 17.498113] dump_stack_lvl+0x8c/0xd0 [ 17.498432] print_report+0x310/0x5d0 [ 17.498609] kasan_report+0xdc/0x128 [ 17.498711] __asan_report_load1_noabort+0x20/0x30 [ 17.498997] kasan_alloca_oob_right+0x2dc/0x340 [ 17.499100] kunit_try_run_case+0x170/0x3f0 [ 17.499248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.499587] kthread+0x328/0x630 [ 17.499667] ret_from_fork+0x10/0x20 [ 17.499776] [ 17.499799] The buggy address belongs to stack of task kunit_try_catch/254 [ 17.500125] [ 17.500258] The buggy address ffff800080a77b4a belongs to a vmalloc virtual mapping [ 17.500327] The buggy address belongs to the physical page: [ 17.500493] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e85 [ 17.500570] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.500677] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.500795] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.500877] page dumped because: kasan: bad access detected [ 17.500954] [ 17.500978] Memory state around the buggy address: [ 17.501242] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.501336] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.501561] >ffff800080a77b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.501965] ^ [ 17.502111] ffff800080a77b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.502244] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.502321] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.471261] ================================================================== [ 17.471344] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.471404] Read of size 1 at addr ffff800080a77b5f by task kunit_try_catch/252 [ 17.471457] [ 17.471489] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.472930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.473077] Hardware name: linux,dummy-virt (DT) [ 17.473110] Call trace: [ 17.473136] show_stack+0x20/0x38 (C) [ 17.473193] dump_stack_lvl+0x8c/0xd0 [ 17.473243] print_report+0x310/0x5d0 [ 17.473291] kasan_report+0xdc/0x128 [ 17.473337] __asan_report_load1_noabort+0x20/0x30 [ 17.473393] kasan_alloca_oob_left+0x2b8/0x310 [ 17.474253] kunit_try_run_case+0x170/0x3f0 [ 17.474554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.474615] kthread+0x328/0x630 [ 17.475032] ret_from_fork+0x10/0x20 [ 17.475488] [ 17.475668] The buggy address belongs to stack of task kunit_try_catch/252 [ 17.476014] [ 17.476183] The buggy address ffff800080a77b5f belongs to a vmalloc virtual mapping [ 17.476230] The buggy address belongs to the physical page: [ 17.476763] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e85 [ 17.477032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.477257] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.477609] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.477931] page dumped because: kasan: bad access detected [ 17.477973] [ 17.477993] Memory state around the buggy address: [ 17.478029] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.478074] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.478124] >ffff800080a77b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.478491] ^ [ 17.478547] ffff800080a77b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.478594] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.478636] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.446867] ================================================================== [ 17.446941] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.446994] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/250 [ 17.447140] [ 17.447371] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.447939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.448086] Hardware name: linux,dummy-virt (DT) [ 17.448352] Call trace: [ 17.448376] show_stack+0x20/0x38 (C) [ 17.448429] dump_stack_lvl+0x8c/0xd0 [ 17.448477] print_report+0x310/0x5d0 [ 17.448525] kasan_report+0xdc/0x128 [ 17.448583] __asan_report_load1_noabort+0x20/0x30 [ 17.448635] kasan_stack_oob+0x238/0x270 [ 17.448690] kunit_try_run_case+0x170/0x3f0 [ 17.449076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.449219] kthread+0x328/0x630 [ 17.449787] ret_from_fork+0x10/0x20 [ 17.449847] [ 17.450441] The buggy address belongs to stack of task kunit_try_catch/250 [ 17.450690] and is located at offset 138 in frame: [ 17.450731] kasan_stack_oob+0x0/0x270 [ 17.450859] [ 17.450891] This frame has 4 objects: [ 17.451504] [48, 49) '__assertion' [ 17.451716] [64, 72) 'array' [ 17.451794] [96, 112) '__assertion' [ 17.451937] [128, 138) 'stack_array' [ 17.451985] [ 17.452013] The buggy address ffff800080a77c2a belongs to a vmalloc virtual mapping [ 17.452060] The buggy address belongs to the physical page: [ 17.452094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e85 [ 17.452154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.452219] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.452720] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.452771] page dumped because: kasan: bad access detected [ 17.453095] [ 17.453198] Memory state around the buggy address: [ 17.453309] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.453357] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.453472] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.453664] ^ [ 17.454033] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.454298] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.454340] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.427158] ================================================================== [ 17.427226] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.427281] Read of size 1 at addr ffffa6a3f1d4f58d by task kunit_try_catch/246 [ 17.427330] [ 17.427365] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.427445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.427473] Hardware name: linux,dummy-virt (DT) [ 17.427505] Call trace: [ 17.427564] show_stack+0x20/0x38 (C) [ 17.427614] dump_stack_lvl+0x8c/0xd0 [ 17.427661] print_report+0x310/0x5d0 [ 17.427706] kasan_report+0xdc/0x128 [ 17.428030] __asan_report_load1_noabort+0x20/0x30 [ 17.428170] kasan_global_oob_right+0x230/0x270 [ 17.428218] kunit_try_run_case+0x170/0x3f0 [ 17.428266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.428418] kthread+0x328/0x630 [ 17.428512] ret_from_fork+0x10/0x20 [ 17.428585] [ 17.428637] The buggy address belongs to the variable: [ 17.428667] global_array+0xd/0x40 [ 17.428719] [ 17.428784] The buggy address ffffa6a3f1d4f58d belongs to a vmalloc virtual mapping [ 17.428868] The buggy address belongs to the physical page: [ 17.429171] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.429487] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.429787] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.429969] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.430028] page dumped because: kasan: bad access detected [ 17.430060] [ 17.430079] Memory state around the buggy address: [ 17.430111] ffffa6a3f1d4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.430156] ffffa6a3f1d4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.430337] >ffffa6a3f1d4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.430581] ^ [ 17.430627] ffffa6a3f1d4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.430868] ffffa6a3f1d4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.431080] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.403555] ================================================================== [ 17.403612] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.403666] Free of addr fff00000c77d3001 by task kunit_try_catch/242 [ 17.403710] [ 17.403742] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.403820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.403848] Hardware name: linux,dummy-virt (DT) [ 17.403879] Call trace: [ 17.403902] show_stack+0x20/0x38 (C) [ 17.403949] dump_stack_lvl+0x8c/0xd0 [ 17.403996] print_report+0x118/0x5d0 [ 17.404056] kasan_report_invalid_free+0xc0/0xe8 [ 17.404108] check_slab_allocation+0xfc/0x108 [ 17.404154] __kasan_mempool_poison_object+0x78/0x150 [ 17.404207] mempool_free+0x28c/0x328 [ 17.404744] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.404818] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.404868] kunit_try_run_case+0x170/0x3f0 [ 17.405276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.405335] kthread+0x328/0x630 [ 17.405389] ret_from_fork+0x10/0x20 [ 17.405554] [ 17.405621] Allocated by task 242: [ 17.405652] kasan_save_stack+0x3c/0x68 [ 17.405696] kasan_save_track+0x20/0x40 [ 17.405765] kasan_save_alloc_info+0x40/0x58 [ 17.406002] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.406224] remove_element+0x130/0x1f8 [ 17.406318] mempool_alloc_preallocated+0x58/0xc0 [ 17.406359] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.406448] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.406572] kunit_try_run_case+0x170/0x3f0 [ 17.406612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.406655] kthread+0x328/0x630 [ 17.406687] ret_from_fork+0x10/0x20 [ 17.406747] [ 17.406769] The buggy address belongs to the object at fff00000c77d3000 [ 17.406769] which belongs to the cache kmalloc-128 of size 128 [ 17.406828] The buggy address is located 1 bytes inside of [ 17.406828] 128-byte region [fff00000c77d3000, fff00000c77d3080) [ 17.407037] [ 17.407058] The buggy address belongs to the physical page: [ 17.407249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d3 [ 17.407485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.407575] page_type: f5(slab) [ 17.407627] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.407754] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.407845] page dumped because: kasan: bad access detected [ 17.407930] [ 17.407954] Memory state around the buggy address: [ 17.408030] fff00000c77d2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.408106] fff00000c77d2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.408149] >fff00000c77d3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.408187] ^ [ 17.408216] fff00000c77d3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.408295] fff00000c77d3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.408426] ================================================================== [ 17.415329] ================================================================== [ 17.415384] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.415438] Free of addr fff00000c77b8001 by task kunit_try_catch/244 [ 17.415498] [ 17.415542] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.415663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.415692] Hardware name: linux,dummy-virt (DT) [ 17.415723] Call trace: [ 17.415746] show_stack+0x20/0x38 (C) [ 17.415882] dump_stack_lvl+0x8c/0xd0 [ 17.416138] print_report+0x118/0x5d0 [ 17.416379] kasan_report_invalid_free+0xc0/0xe8 [ 17.416450] __kasan_mempool_poison_object+0xfc/0x150 [ 17.416857] mempool_free+0x28c/0x328 [ 17.416912] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.417099] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.417193] kunit_try_run_case+0x170/0x3f0 [ 17.417340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.417396] kthread+0x328/0x630 [ 17.417441] ret_from_fork+0x10/0x20 [ 17.417486] [ 17.417506] The buggy address belongs to the physical page: [ 17.417549] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b8 [ 17.417613] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.417661] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.417811] page_type: f8(unknown) [ 17.417852] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.417915] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.418052] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.418160] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.418210] head: 0bfffe0000000002 ffffc1ffc31dee01 00000000ffffffff 00000000ffffffff [ 17.418258] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.418455] page dumped because: kasan: bad access detected [ 17.418489] [ 17.418507] Memory state around the buggy address: [ 17.418554] fff00000c77b7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.418598] fff00000c77b7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.418640] >fff00000c77b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.418678] ^ [ 17.418706] fff00000c77b8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.418890] fff00000c77b8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.418929] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.391192] ================================================================== [ 17.391370] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.391611] Free of addr fff00000c776c000 by task kunit_try_catch/240 [ 17.391825] [ 17.391997] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.392078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.392105] Hardware name: linux,dummy-virt (DT) [ 17.392144] Call trace: [ 17.392264] show_stack+0x20/0x38 (C) [ 17.392367] dump_stack_lvl+0x8c/0xd0 [ 17.392486] print_report+0x118/0x5d0 [ 17.392544] kasan_report_invalid_free+0xc0/0xe8 [ 17.392594] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.392644] mempool_free+0x24c/0x328 [ 17.392733] mempool_double_free_helper+0x150/0x2e8 [ 17.392785] mempool_page_alloc_double_free+0xbc/0x118 [ 17.393156] kunit_try_run_case+0x170/0x3f0 [ 17.393415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.393505] kthread+0x328/0x630 [ 17.393810] ret_from_fork+0x10/0x20 [ 17.393876] [ 17.393920] The buggy address belongs to the physical page: [ 17.394073] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 17.394126] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.394188] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.394276] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.394527] page dumped because: kasan: bad access detected [ 17.394572] [ 17.394620] Memory state around the buggy address: [ 17.394652] fff00000c776bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.394696] fff00000c776bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.394739] >fff00000c776c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.394778] ^ [ 17.394805] fff00000c776c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.395153] fff00000c776c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.395248] ================================================================== [ 17.378051] ================================================================== [ 17.378132] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.378184] Free of addr fff00000c776c000 by task kunit_try_catch/238 [ 17.378720] [ 17.378758] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.378879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.378918] Hardware name: linux,dummy-virt (DT) [ 17.378949] Call trace: [ 17.378970] show_stack+0x20/0x38 (C) [ 17.379023] dump_stack_lvl+0x8c/0xd0 [ 17.379070] print_report+0x118/0x5d0 [ 17.379119] kasan_report_invalid_free+0xc0/0xe8 [ 17.379213] __kasan_mempool_poison_object+0x14c/0x150 [ 17.379478] mempool_free+0x28c/0x328 [ 17.379542] mempool_double_free_helper+0x150/0x2e8 [ 17.379592] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.379866] kunit_try_run_case+0x170/0x3f0 [ 17.379921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.379978] kthread+0x328/0x630 [ 17.380021] ret_from_fork+0x10/0x20 [ 17.380091] [ 17.380205] The buggy address belongs to the physical page: [ 17.380378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 17.380640] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.380785] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.380841] page_type: f8(unknown) [ 17.380880] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.380932] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.380981] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.381064] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.381269] head: 0bfffe0000000002 ffffc1ffc31ddb01 00000000ffffffff 00000000ffffffff [ 17.381325] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.381390] page dumped because: kasan: bad access detected [ 17.381420] [ 17.381440] Memory state around the buggy address: [ 17.381470] fff00000c776bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.381635] fff00000c776bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.381680] >fff00000c776c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.381923] ^ [ 17.381953] fff00000c776c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.382085] fff00000c776c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.382157] ================================================================== [ 17.364765] ================================================================== [ 17.364825] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.364876] Free of addr fff00000c6e65c00 by task kunit_try_catch/236 [ 17.364918] [ 17.364949] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.365029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.365055] Hardware name: linux,dummy-virt (DT) [ 17.365104] Call trace: [ 17.365127] show_stack+0x20/0x38 (C) [ 17.365176] dump_stack_lvl+0x8c/0xd0 [ 17.365312] print_report+0x118/0x5d0 [ 17.365625] kasan_report_invalid_free+0xc0/0xe8 [ 17.365722] check_slab_allocation+0xd4/0x108 [ 17.365773] __kasan_mempool_poison_object+0x78/0x150 [ 17.366149] mempool_free+0x28c/0x328 [ 17.366219] mempool_double_free_helper+0x150/0x2e8 [ 17.366269] mempool_kmalloc_double_free+0xc0/0x118 [ 17.366320] kunit_try_run_case+0x170/0x3f0 [ 17.366366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.366424] kthread+0x328/0x630 [ 17.366477] ret_from_fork+0x10/0x20 [ 17.366526] [ 17.366555] Allocated by task 236: [ 17.366696] kasan_save_stack+0x3c/0x68 [ 17.366741] kasan_save_track+0x20/0x40 [ 17.366866] kasan_save_alloc_info+0x40/0x58 [ 17.367067] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.367123] remove_element+0x130/0x1f8 [ 17.367158] mempool_alloc_preallocated+0x58/0xc0 [ 17.367275] mempool_double_free_helper+0x94/0x2e8 [ 17.367314] mempool_kmalloc_double_free+0xc0/0x118 [ 17.367355] kunit_try_run_case+0x170/0x3f0 [ 17.367393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.367471] kthread+0x328/0x630 [ 17.367504] ret_from_fork+0x10/0x20 [ 17.367872] [ 17.367896] Freed by task 236: [ 17.368198] kasan_save_stack+0x3c/0x68 [ 17.368242] kasan_save_track+0x20/0x40 [ 17.368280] kasan_save_free_info+0x4c/0x78 [ 17.368320] __kasan_mempool_poison_object+0xc0/0x150 [ 17.368364] mempool_free+0x28c/0x328 [ 17.368717] mempool_double_free_helper+0x100/0x2e8 [ 17.368775] mempool_kmalloc_double_free+0xc0/0x118 [ 17.368815] kunit_try_run_case+0x170/0x3f0 [ 17.368853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.368896] kthread+0x328/0x630 [ 17.368929] ret_from_fork+0x10/0x20 [ 17.368963] [ 17.368984] The buggy address belongs to the object at fff00000c6e65c00 [ 17.368984] which belongs to the cache kmalloc-128 of size 128 [ 17.369045] The buggy address is located 0 bytes inside of [ 17.369045] 128-byte region [fff00000c6e65c00, fff00000c6e65c80) [ 17.369106] [ 17.369135] The buggy address belongs to the physical page: [ 17.369164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 17.369376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.369429] page_type: f5(slab) [ 17.369467] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.369641] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.369934] page dumped because: kasan: bad access detected [ 17.369965] [ 17.369984] Memory state around the buggy address: [ 17.370015] fff00000c6e65b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.370060] fff00000c6e65b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.370133] >fff00000c6e65c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.370266] ^ [ 17.370298] fff00000c6e65c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.370463] fff00000c6e65d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.370501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.353599] ================================================================== [ 17.353693] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.353921] Read of size 1 at addr fff00000c776c000 by task kunit_try_catch/234 [ 17.353972] [ 17.354023] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.354108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.354301] Hardware name: linux,dummy-virt (DT) [ 17.354399] Call trace: [ 17.354466] show_stack+0x20/0x38 (C) [ 17.354618] dump_stack_lvl+0x8c/0xd0 [ 17.354698] print_report+0x118/0x5d0 [ 17.354808] kasan_report+0xdc/0x128 [ 17.354853] __asan_report_load1_noabort+0x20/0x30 [ 17.354927] mempool_uaf_helper+0x314/0x340 [ 17.355225] mempool_page_alloc_uaf+0xc0/0x118 [ 17.355367] kunit_try_run_case+0x170/0x3f0 [ 17.355461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.355515] kthread+0x328/0x630 [ 17.355854] ret_from_fork+0x10/0x20 [ 17.355996] [ 17.356096] The buggy address belongs to the physical page: [ 17.356165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 17.356217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.356318] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.356600] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.356724] page dumped because: kasan: bad access detected [ 17.356802] [ 17.356897] Memory state around the buggy address: [ 17.356975] fff00000c776bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.357020] fff00000c776bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.357401] >fff00000c776c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.357500] ^ [ 17.357629] fff00000c776c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.357738] fff00000c776c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.357780] ================================================================== [ 17.314707] ================================================================== [ 17.314766] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.314816] Read of size 1 at addr fff00000c776c000 by task kunit_try_catch/230 [ 17.314866] [ 17.315134] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.315470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.315501] Hardware name: linux,dummy-virt (DT) [ 17.315869] Call trace: [ 17.315924] show_stack+0x20/0x38 (C) [ 17.316140] dump_stack_lvl+0x8c/0xd0 [ 17.316302] print_report+0x118/0x5d0 [ 17.316439] kasan_report+0xdc/0x128 [ 17.316759] __asan_report_load1_noabort+0x20/0x30 [ 17.317184] mempool_uaf_helper+0x314/0x340 [ 17.317288] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.317489] kunit_try_run_case+0x170/0x3f0 [ 17.317547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.317601] kthread+0x328/0x630 [ 17.317643] ret_from_fork+0x10/0x20 [ 17.317690] [ 17.317717] The buggy address belongs to the physical page: [ 17.317751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10776c [ 17.317805] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.317851] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.317904] page_type: f8(unknown) [ 17.317942] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.317992] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.318041] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.318090] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.318137] head: 0bfffe0000000002 ffffc1ffc31ddb01 00000000ffffffff 00000000ffffffff [ 17.318187] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.318227] page dumped because: kasan: bad access detected [ 17.318258] [ 17.318275] Memory state around the buggy address: [ 17.318307] fff00000c776bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.318377] fff00000c776bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.318429] >fff00000c776c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.318465] ^ [ 17.318503] fff00000c776c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.318556] fff00000c776c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.318844] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.297004] ================================================================== [ 17.297290] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.297353] Read of size 1 at addr fff00000c6e65800 by task kunit_try_catch/228 [ 17.297402] [ 17.297436] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.297933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.298009] Hardware name: linux,dummy-virt (DT) [ 17.298043] Call trace: [ 17.298202] show_stack+0x20/0x38 (C) [ 17.298264] dump_stack_lvl+0x8c/0xd0 [ 17.298327] print_report+0x118/0x5d0 [ 17.298375] kasan_report+0xdc/0x128 [ 17.298427] __asan_report_load1_noabort+0x20/0x30 [ 17.298629] mempool_uaf_helper+0x314/0x340 [ 17.298678] mempool_kmalloc_uaf+0xc4/0x120 [ 17.298725] kunit_try_run_case+0x170/0x3f0 [ 17.298776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.298828] kthread+0x328/0x630 [ 17.298946] ret_from_fork+0x10/0x20 [ 17.299083] [ 17.299153] Allocated by task 228: [ 17.299196] kasan_save_stack+0x3c/0x68 [ 17.299309] kasan_save_track+0x20/0x40 [ 17.299395] kasan_save_alloc_info+0x40/0x58 [ 17.299437] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.299480] remove_element+0x130/0x1f8 [ 17.299551] mempool_alloc_preallocated+0x58/0xc0 [ 17.299594] mempool_uaf_helper+0xa4/0x340 [ 17.299679] mempool_kmalloc_uaf+0xc4/0x120 [ 17.299718] kunit_try_run_case+0x170/0x3f0 [ 17.299802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.299860] kthread+0x328/0x630 [ 17.299895] ret_from_fork+0x10/0x20 [ 17.299977] [ 17.300032] Freed by task 228: [ 17.300104] kasan_save_stack+0x3c/0x68 [ 17.300181] kasan_save_track+0x20/0x40 [ 17.300217] kasan_save_free_info+0x4c/0x78 [ 17.300297] __kasan_mempool_poison_object+0xc0/0x150 [ 17.300454] mempool_free+0x28c/0x328 [ 17.300488] mempool_uaf_helper+0x104/0x340 [ 17.301009] mempool_kmalloc_uaf+0xc4/0x120 [ 17.301242] kunit_try_run_case+0x170/0x3f0 [ 17.301490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.301601] kthread+0x328/0x630 [ 17.301635] ret_from_fork+0x10/0x20 [ 17.301671] [ 17.301691] The buggy address belongs to the object at fff00000c6e65800 [ 17.301691] which belongs to the cache kmalloc-128 of size 128 [ 17.301958] The buggy address is located 0 bytes inside of [ 17.301958] freed 128-byte region [fff00000c6e65800, fff00000c6e65880) [ 17.302285] [ 17.302351] The buggy address belongs to the physical page: [ 17.302423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 17.302478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.302546] page_type: f5(slab) [ 17.302590] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.302642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.302696] page dumped because: kasan: bad access detected [ 17.302732] [ 17.302756] Memory state around the buggy address: [ 17.302885] fff00000c6e65700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.303021] fff00000c6e65780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.303116] >fff00000c6e65800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.303166] ^ [ 17.303255] fff00000c6e65880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.303297] fff00000c6e65900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.303335] ================================================================== [ 17.331859] ================================================================== [ 17.331989] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.332086] Read of size 1 at addr fff00000c6e5f240 by task kunit_try_catch/232 [ 17.332137] [ 17.332172] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.332355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.332435] Hardware name: linux,dummy-virt (DT) [ 17.332511] Call trace: [ 17.332592] show_stack+0x20/0x38 (C) [ 17.332678] dump_stack_lvl+0x8c/0xd0 [ 17.332734] print_report+0x118/0x5d0 [ 17.332814] kasan_report+0xdc/0x128 [ 17.332861] __asan_report_load1_noabort+0x20/0x30 [ 17.332946] mempool_uaf_helper+0x314/0x340 [ 17.332995] mempool_slab_uaf+0xc0/0x118 [ 17.333059] kunit_try_run_case+0x170/0x3f0 [ 17.333147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.333290] kthread+0x328/0x630 [ 17.333333] ret_from_fork+0x10/0x20 [ 17.333410] [ 17.333475] Allocated by task 232: [ 17.333527] kasan_save_stack+0x3c/0x68 [ 17.333577] kasan_save_track+0x20/0x40 [ 17.333624] kasan_save_alloc_info+0x40/0x58 [ 17.333698] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.334102] remove_element+0x16c/0x1f8 [ 17.334215] mempool_alloc_preallocated+0x58/0xc0 [ 17.334346] mempool_uaf_helper+0xa4/0x340 [ 17.334451] mempool_slab_uaf+0xc0/0x118 [ 17.334605] kunit_try_run_case+0x170/0x3f0 [ 17.334703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.334861] kthread+0x328/0x630 [ 17.334907] ret_from_fork+0x10/0x20 [ 17.334943] [ 17.334962] Freed by task 232: [ 17.334991] kasan_save_stack+0x3c/0x68 [ 17.335282] kasan_save_track+0x20/0x40 [ 17.335325] kasan_save_free_info+0x4c/0x78 [ 17.335428] __kasan_mempool_poison_object+0xc0/0x150 [ 17.335507] mempool_free+0x28c/0x328 [ 17.335650] mempool_uaf_helper+0x104/0x340 [ 17.335729] mempool_slab_uaf+0xc0/0x118 [ 17.335830] kunit_try_run_case+0x170/0x3f0 [ 17.335919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.336056] kthread+0x328/0x630 [ 17.336115] ret_from_fork+0x10/0x20 [ 17.336202] [ 17.336222] The buggy address belongs to the object at fff00000c6e5f240 [ 17.336222] which belongs to the cache test_cache of size 123 [ 17.336627] The buggy address is located 0 bytes inside of [ 17.336627] freed 123-byte region [fff00000c6e5f240, fff00000c6e5f2bb) [ 17.336875] [ 17.336992] The buggy address belongs to the physical page: [ 17.337077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e5f [ 17.337206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.337322] page_type: f5(slab) [ 17.337475] raw: 0bfffe0000000000 fff00000c5b79b40 dead000000000122 0000000000000000 [ 17.337590] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.337633] page dumped because: kasan: bad access detected [ 17.337674] [ 17.337692] Memory state around the buggy address: [ 17.337733] fff00000c6e5f100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.337777] fff00000c6e5f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.337819] >fff00000c6e5f200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.338039] ^ [ 17.338138] fff00000c6e5f280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.338301] fff00000c6e5f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.338425] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.235983] ================================================================== [ 17.236058] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.236131] Read of size 1 at addr fff00000c6e65473 by task kunit_try_catch/222 [ 17.236179] [ 17.236220] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.236308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.236337] Hardware name: linux,dummy-virt (DT) [ 17.236370] Call trace: [ 17.236395] show_stack+0x20/0x38 (C) [ 17.236446] dump_stack_lvl+0x8c/0xd0 [ 17.236496] print_report+0x118/0x5d0 [ 17.236558] kasan_report+0xdc/0x128 [ 17.236604] __asan_report_load1_noabort+0x20/0x30 [ 17.236654] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.236702] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.236751] kunit_try_run_case+0x170/0x3f0 [ 17.236800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.236853] kthread+0x328/0x630 [ 17.236897] ret_from_fork+0x10/0x20 [ 17.236946] [ 17.236964] Allocated by task 222: [ 17.236995] kasan_save_stack+0x3c/0x68 [ 17.237036] kasan_save_track+0x20/0x40 [ 17.237074] kasan_save_alloc_info+0x40/0x58 [ 17.237113] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.237158] remove_element+0x130/0x1f8 [ 17.237195] mempool_alloc_preallocated+0x58/0xc0 [ 17.237235] mempool_oob_right_helper+0x98/0x2f0 [ 17.237274] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.237313] kunit_try_run_case+0x170/0x3f0 [ 17.237352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.237396] kthread+0x328/0x630 [ 17.237427] ret_from_fork+0x10/0x20 [ 17.237463] [ 17.237484] The buggy address belongs to the object at fff00000c6e65400 [ 17.237484] which belongs to the cache kmalloc-128 of size 128 [ 17.237556] The buggy address is located 0 bytes to the right of [ 17.237556] allocated 115-byte region [fff00000c6e65400, fff00000c6e65473) [ 17.237620] [ 17.237642] The buggy address belongs to the physical page: [ 17.237675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 17.237833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.237889] page_type: f5(slab) [ 17.237933] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.237983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.238025] page dumped because: kasan: bad access detected [ 17.238055] [ 17.238073] Memory state around the buggy address: [ 17.238108] fff00000c6e65300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.238152] fff00000c6e65380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238195] >fff00000c6e65400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.238234] ^ [ 17.238275] fff00000c6e65480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238318] fff00000c6e65500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.238356] ================================================================== [ 17.253511] ================================================================== [ 17.253587] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.253643] Read of size 1 at addr fff00000c7766001 by task kunit_try_catch/224 [ 17.254036] [ 17.254329] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.254589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.254645] Hardware name: linux,dummy-virt (DT) [ 17.254845] Call trace: [ 17.254878] show_stack+0x20/0x38 (C) [ 17.255181] dump_stack_lvl+0x8c/0xd0 [ 17.255378] print_report+0x118/0x5d0 [ 17.255448] kasan_report+0xdc/0x128 [ 17.255635] __asan_report_load1_noabort+0x20/0x30 [ 17.255870] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.256012] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.256066] kunit_try_run_case+0x170/0x3f0 [ 17.256551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.256616] kthread+0x328/0x630 [ 17.256661] ret_from_fork+0x10/0x20 [ 17.256707] [ 17.256728] The buggy address belongs to the physical page: [ 17.256761] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107764 [ 17.257086] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.257384] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.257448] page_type: f8(unknown) [ 17.257614] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.257772] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.258128] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.258195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.258294] head: 0bfffe0000000002 ffffc1ffc31dd901 00000000ffffffff 00000000ffffffff [ 17.258354] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.258401] page dumped because: kasan: bad access detected [ 17.258441] [ 17.258459] Memory state around the buggy address: [ 17.258492] fff00000c7765f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.258547] fff00000c7765f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.258589] >fff00000c7766000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.258627] ^ [ 17.258655] fff00000c7766080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.258696] fff00000c7766100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.258734] ================================================================== [ 17.268126] ================================================================== [ 17.268373] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.268572] Read of size 1 at addr fff00000c6e882bb by task kunit_try_catch/226 [ 17.268797] [ 17.268983] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.269257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.269291] Hardware name: linux,dummy-virt (DT) [ 17.269321] Call trace: [ 17.269343] show_stack+0x20/0x38 (C) [ 17.269392] dump_stack_lvl+0x8c/0xd0 [ 17.269437] print_report+0x118/0x5d0 [ 17.269684] kasan_report+0xdc/0x128 [ 17.269901] __asan_report_load1_noabort+0x20/0x30 [ 17.270024] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.270113] mempool_slab_oob_right+0xc0/0x118 [ 17.270160] kunit_try_run_case+0x170/0x3f0 [ 17.270208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.270260] kthread+0x328/0x630 [ 17.270301] ret_from_fork+0x10/0x20 [ 17.270362] [ 17.270381] Allocated by task 226: [ 17.270409] kasan_save_stack+0x3c/0x68 [ 17.270481] kasan_save_track+0x20/0x40 [ 17.270520] kasan_save_alloc_info+0x40/0x58 [ 17.270571] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.270616] remove_element+0x16c/0x1f8 [ 17.270654] mempool_alloc_preallocated+0x58/0xc0 [ 17.270692] mempool_oob_right_helper+0x98/0x2f0 [ 17.270732] mempool_slab_oob_right+0xc0/0x118 [ 17.270935] kunit_try_run_case+0x170/0x3f0 [ 17.270997] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.271053] kthread+0x328/0x630 [ 17.271086] ret_from_fork+0x10/0x20 [ 17.271183] [ 17.271275] The buggy address belongs to the object at fff00000c6e88240 [ 17.271275] which belongs to the cache test_cache of size 123 [ 17.271336] The buggy address is located 0 bytes to the right of [ 17.271336] allocated 123-byte region [fff00000c6e88240, fff00000c6e882bb) [ 17.271400] [ 17.271419] The buggy address belongs to the physical page: [ 17.271450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e88 [ 17.271510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.271569] page_type: f5(slab) [ 17.271630] raw: 0bfffe0000000000 fff00000c5b79a00 dead000000000122 0000000000000000 [ 17.272040] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.272092] page dumped because: kasan: bad access detected [ 17.272211] [ 17.272292] Memory state around the buggy address: [ 17.272325] fff00000c6e88180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.272368] fff00000c6e88200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.272410] >fff00000c6e88280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.272447] ^ [ 17.272481] fff00000c6e88300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272522] fff00000c6e88380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.668607] ================================================================== [ 16.668695] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.668770] Read of size 1 at addr fff00000c1b47640 by task kunit_try_catch/216 [ 16.668823] [ 16.668865] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.668951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.668978] Hardware name: linux,dummy-virt (DT) [ 16.669013] Call trace: [ 16.669039] show_stack+0x20/0x38 (C) [ 16.669094] dump_stack_lvl+0x8c/0xd0 [ 16.669146] print_report+0x118/0x5d0 [ 16.669192] kasan_report+0xdc/0x128 [ 16.669237] __kasan_check_byte+0x54/0x70 [ 16.669284] kmem_cache_destroy+0x34/0x218 [ 16.669331] kmem_cache_double_destroy+0x174/0x300 [ 16.669383] kunit_try_run_case+0x170/0x3f0 [ 16.669438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669490] kthread+0x328/0x630 [ 16.669546] ret_from_fork+0x10/0x20 [ 16.669597] [ 16.669616] Allocated by task 216: [ 16.669646] kasan_save_stack+0x3c/0x68 [ 16.669690] kasan_save_track+0x20/0x40 [ 16.669730] kasan_save_alloc_info+0x40/0x58 [ 16.669771] __kasan_slab_alloc+0xa8/0xb0 [ 16.669812] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.669855] __kmem_cache_create_args+0x178/0x280 [ 16.669893] kmem_cache_double_destroy+0xc0/0x300 [ 16.669932] kunit_try_run_case+0x170/0x3f0 [ 16.669969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.670012] kthread+0x328/0x630 [ 16.670044] ret_from_fork+0x10/0x20 [ 16.670080] [ 16.670099] Freed by task 216: [ 16.670125] kasan_save_stack+0x3c/0x68 [ 16.670163] kasan_save_track+0x20/0x40 [ 16.670198] kasan_save_free_info+0x4c/0x78 [ 16.670238] __kasan_slab_free+0x6c/0x98 [ 16.670274] kmem_cache_free+0x260/0x468 [ 16.670312] slab_kmem_cache_release+0x38/0x50 [ 16.670351] kmem_cache_release+0x1c/0x30 [ 16.670386] kobject_put+0x17c/0x420 [ 16.670429] sysfs_slab_release+0x1c/0x30 [ 16.670465] kmem_cache_destroy+0x118/0x218 [ 16.670505] kmem_cache_double_destroy+0x128/0x300 [ 16.670555] kunit_try_run_case+0x170/0x3f0 [ 16.670593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.670638] kthread+0x328/0x630 [ 16.670671] ret_from_fork+0x10/0x20 [ 16.670708] [ 16.670727] The buggy address belongs to the object at fff00000c1b47640 [ 16.670727] which belongs to the cache kmem_cache of size 208 [ 16.670788] The buggy address is located 0 bytes inside of [ 16.670788] freed 208-byte region [fff00000c1b47640, fff00000c1b47710) [ 16.670848] [ 16.670869] The buggy address belongs to the physical page: [ 16.670903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b47 [ 16.670958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.671009] page_type: f5(slab) [ 16.671052] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.671103] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.671147] page dumped because: kasan: bad access detected [ 16.671184] [ 16.671203] Memory state around the buggy address: [ 16.671238] fff00000c1b47500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671282] fff00000c1b47580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.671326] >fff00000c1b47600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 16.671364] ^ [ 16.671400] fff00000c1b47680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671443] fff00000c1b47700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671482] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.574280] ================================================================== [ 16.574393] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.574477] Read of size 1 at addr fff00000c63c2000 by task kunit_try_catch/214 [ 16.574544] [ 16.574589] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.574674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.574702] Hardware name: linux,dummy-virt (DT) [ 16.574736] Call trace: [ 16.574762] show_stack+0x20/0x38 (C) [ 16.574816] dump_stack_lvl+0x8c/0xd0 [ 16.574867] print_report+0x118/0x5d0 [ 16.574914] kasan_report+0xdc/0x128 [ 16.574960] __asan_report_load1_noabort+0x20/0x30 [ 16.575012] kmem_cache_rcu_uaf+0x388/0x468 [ 16.575058] kunit_try_run_case+0x170/0x3f0 [ 16.575110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.575163] kthread+0x328/0x630 [ 16.575207] ret_from_fork+0x10/0x20 [ 16.575256] [ 16.575274] Allocated by task 214: [ 16.575306] kasan_save_stack+0x3c/0x68 [ 16.575349] kasan_save_track+0x20/0x40 [ 16.575386] kasan_save_alloc_info+0x40/0x58 [ 16.575426] __kasan_slab_alloc+0xa8/0xb0 [ 16.575464] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.575505] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.575558] kunit_try_run_case+0x170/0x3f0 [ 16.575594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.575638] kthread+0x328/0x630 [ 16.575669] ret_from_fork+0x10/0x20 [ 16.575705] [ 16.575724] Freed by task 0: [ 16.575752] kasan_save_stack+0x3c/0x68 [ 16.575789] kasan_save_track+0x20/0x40 [ 16.575828] kasan_save_free_info+0x4c/0x78 [ 16.575867] __kasan_slab_free+0x6c/0x98 [ 16.575906] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.575945] rcu_core+0x9f4/0x1e20 [ 16.575984] rcu_core_si+0x18/0x30 [ 16.576018] handle_softirqs+0x374/0xb28 [ 16.576057] __do_softirq+0x1c/0x28 [ 16.576091] [ 16.576111] Last potentially related work creation: [ 16.576138] kasan_save_stack+0x3c/0x68 [ 16.576175] kasan_record_aux_stack+0xb4/0xc8 [ 16.576216] kmem_cache_free+0x120/0x468 [ 16.576251] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.576290] kunit_try_run_case+0x170/0x3f0 [ 16.576328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.576369] kthread+0x328/0x630 [ 16.576402] ret_from_fork+0x10/0x20 [ 16.576436] [ 16.576457] The buggy address belongs to the object at fff00000c63c2000 [ 16.576457] which belongs to the cache test_cache of size 200 [ 16.576517] The buggy address is located 0 bytes inside of [ 16.576517] freed 200-byte region [fff00000c63c2000, fff00000c63c20c8) [ 16.576586] [ 16.576608] The buggy address belongs to the physical page: [ 16.576642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c2 [ 16.576697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.576750] page_type: f5(slab) [ 16.576793] raw: 0bfffe0000000000 fff00000c1b47500 dead000000000122 0000000000000000 [ 16.576845] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.576887] page dumped because: kasan: bad access detected [ 16.576917] [ 16.576936] Memory state around the buggy address: [ 16.576970] fff00000c63c1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577015] fff00000c63c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577059] >fff00000c63c2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.577099] ^ [ 16.577128] fff00000c63c2080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.577170] fff00000c63c2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577209] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.114272] ================================================================== [ 16.114336] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.114408] Free of addr fff00000c63c0001 by task kunit_try_catch/212 [ 16.114458] [ 16.114499] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.114598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.114626] Hardware name: linux,dummy-virt (DT) [ 16.114662] Call trace: [ 16.114687] show_stack+0x20/0x38 (C) [ 16.114740] dump_stack_lvl+0x8c/0xd0 [ 16.114793] print_report+0x118/0x5d0 [ 16.114840] kasan_report_invalid_free+0xc0/0xe8 [ 16.114890] check_slab_allocation+0xfc/0x108 [ 16.114937] __kasan_slab_pre_free+0x2c/0x48 [ 16.114986] kmem_cache_free+0xf0/0x468 [ 16.115032] kmem_cache_invalid_free+0x184/0x3c8 [ 16.115080] kunit_try_run_case+0x170/0x3f0 [ 16.115131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.115183] kthread+0x328/0x630 [ 16.115226] ret_from_fork+0x10/0x20 [ 16.115275] [ 16.115293] Allocated by task 212: [ 16.115324] kasan_save_stack+0x3c/0x68 [ 16.115363] kasan_save_track+0x20/0x40 [ 16.115398] kasan_save_alloc_info+0x40/0x58 [ 16.115438] __kasan_slab_alloc+0xa8/0xb0 [ 16.115476] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.115515] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.119586] kunit_try_run_case+0x170/0x3f0 [ 16.119633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.119677] kthread+0x328/0x630 [ 16.119710] ret_from_fork+0x10/0x20 [ 16.119744] [ 16.119766] The buggy address belongs to the object at fff00000c63c0000 [ 16.119766] which belongs to the cache test_cache of size 200 [ 16.119825] The buggy address is located 1 bytes inside of [ 16.119825] 200-byte region [fff00000c63c0000, fff00000c63c00c8) [ 16.119885] [ 16.119906] The buggy address belongs to the physical page: [ 16.119941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063c0 [ 16.119997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.120049] page_type: f5(slab) [ 16.120092] raw: 0bfffe0000000000 fff00000c1b473c0 dead000000000122 0000000000000000 [ 16.120143] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.120184] page dumped because: kasan: bad access detected [ 16.120214] [ 16.120232] Memory state around the buggy address: [ 16.120265] fff00000c63bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.120308] fff00000c63bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.120351] >fff00000c63c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.120389] ^ [ 16.120416] fff00000c63c0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.120459] fff00000c63c0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.120497] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.043933] ================================================================== [ 16.044113] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.044186] Free of addr fff00000c6e6e000 by task kunit_try_catch/210 [ 16.044232] [ 16.044275] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.044363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.044394] Hardware name: linux,dummy-virt (DT) [ 16.044432] Call trace: [ 16.044456] show_stack+0x20/0x38 (C) [ 16.044509] dump_stack_lvl+0x8c/0xd0 [ 16.044573] print_report+0x118/0x5d0 [ 16.046577] kasan_report_invalid_free+0xc0/0xe8 [ 16.047103] check_slab_allocation+0xd4/0x108 [ 16.047504] __kasan_slab_pre_free+0x2c/0x48 [ 16.048139] kmem_cache_free+0xf0/0x468 [ 16.048360] kmem_cache_double_free+0x190/0x3c8 [ 16.048934] kunit_try_run_case+0x170/0x3f0 [ 16.049152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.049454] kthread+0x328/0x630 [ 16.049677] ret_from_fork+0x10/0x20 [ 16.049729] [ 16.049747] Allocated by task 210: [ 16.050477] kasan_save_stack+0x3c/0x68 [ 16.050728] kasan_save_track+0x20/0x40 [ 16.050798] kasan_save_alloc_info+0x40/0x58 [ 16.051547] __kasan_slab_alloc+0xa8/0xb0 [ 16.052008] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.053139] kmem_cache_double_free+0x12c/0x3c8 [ 16.053181] kunit_try_run_case+0x170/0x3f0 [ 16.053219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.053668] kthread+0x328/0x630 [ 16.053810] ret_from_fork+0x10/0x20 [ 16.054515] [ 16.054558] Freed by task 210: [ 16.054588] kasan_save_stack+0x3c/0x68 [ 16.054628] kasan_save_track+0x20/0x40 [ 16.055194] kasan_save_free_info+0x4c/0x78 [ 16.055640] __kasan_slab_free+0x6c/0x98 [ 16.056278] kmem_cache_free+0x260/0x468 [ 16.056325] kmem_cache_double_free+0x140/0x3c8 [ 16.056670] kunit_try_run_case+0x170/0x3f0 [ 16.056792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.056838] kthread+0x328/0x630 [ 16.056869] ret_from_fork+0x10/0x20 [ 16.056906] [ 16.057863] The buggy address belongs to the object at fff00000c6e6e000 [ 16.057863] which belongs to the cache test_cache of size 200 [ 16.058114] The buggy address is located 0 bytes inside of [ 16.058114] 200-byte region [fff00000c6e6e000, fff00000c6e6e0c8) [ 16.058181] [ 16.058203] The buggy address belongs to the physical page: [ 16.058857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e6e [ 16.059244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.059630] page_type: f5(slab) [ 16.059882] raw: 0bfffe0000000000 fff00000c5b79780 dead000000000122 0000000000000000 [ 16.060260] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.060351] page dumped because: kasan: bad access detected [ 16.060384] [ 16.060402] Memory state around the buggy address: [ 16.060437] fff00000c6e6df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.060482] fff00000c6e6df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.061661] >fff00000c6e6e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.061858] ^ [ 16.061909] fff00000c6e6e080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.061985] fff00000c6e6e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.062024] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.783115] ================================================================== [ 15.783178] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.783400] Read of size 1 at addr fff00000c6e6a0c8 by task kunit_try_catch/208 [ 15.784189] [ 15.784484] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.784698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.784966] Hardware name: linux,dummy-virt (DT) [ 15.785064] Call trace: [ 15.785184] show_stack+0x20/0x38 (C) [ 15.785288] dump_stack_lvl+0x8c/0xd0 [ 15.785420] print_report+0x118/0x5d0 [ 15.785551] kasan_report+0xdc/0x128 [ 15.785599] __asan_report_load1_noabort+0x20/0x30 [ 15.785651] kmem_cache_oob+0x344/0x430 [ 15.785813] kunit_try_run_case+0x170/0x3f0 [ 15.785973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.786094] kthread+0x328/0x630 [ 15.786321] ret_from_fork+0x10/0x20 [ 15.786380] [ 15.786446] Allocated by task 208: [ 15.786475] kasan_save_stack+0x3c/0x68 [ 15.786640] kasan_save_track+0x20/0x40 [ 15.786678] kasan_save_alloc_info+0x40/0x58 [ 15.786756] __kasan_slab_alloc+0xa8/0xb0 [ 15.786792] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.786832] kmem_cache_oob+0x12c/0x430 [ 15.786866] kunit_try_run_case+0x170/0x3f0 [ 15.786904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.786946] kthread+0x328/0x630 [ 15.787030] ret_from_fork+0x10/0x20 [ 15.787088] [ 15.787108] The buggy address belongs to the object at fff00000c6e6a000 [ 15.787108] which belongs to the cache test_cache of size 200 [ 15.787167] The buggy address is located 0 bytes to the right of [ 15.787167] allocated 200-byte region [fff00000c6e6a000, fff00000c6e6a0c8) [ 15.787480] [ 15.787523] The buggy address belongs to the physical page: [ 15.787573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e6a [ 15.787668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.787769] page_type: f5(slab) [ 15.787881] raw: 0bfffe0000000000 fff00000c5b79640 dead000000000122 0000000000000000 [ 15.787931] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.787971] page dumped because: kasan: bad access detected [ 15.788003] [ 15.788021] Memory state around the buggy address: [ 15.788053] fff00000c6e69f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.788282] fff00000c6e6a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.788425] >fff00000c6e6a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.788505] ^ [ 15.788559] fff00000c6e6a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.788612] fff00000c6e6a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.788650] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.744664] ================================================================== [ 15.744884] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.745088] Read of size 8 at addr fff00000c6e664c0 by task kunit_try_catch/201 [ 15.745681] [ 15.745720] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.746033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.746172] Hardware name: linux,dummy-virt (DT) [ 15.746265] Call trace: [ 15.746290] show_stack+0x20/0x38 (C) [ 15.746339] dump_stack_lvl+0x8c/0xd0 [ 15.746387] print_report+0x118/0x5d0 [ 15.746439] kasan_report+0xdc/0x128 [ 15.746484] __asan_report_load8_noabort+0x20/0x30 [ 15.746545] workqueue_uaf+0x480/0x4a8 [ 15.746591] kunit_try_run_case+0x170/0x3f0 [ 15.746643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.746698] kthread+0x328/0x630 [ 15.746740] ret_from_fork+0x10/0x20 [ 15.746786] [ 15.746806] Allocated by task 201: [ 15.746835] kasan_save_stack+0x3c/0x68 [ 15.746884] kasan_save_track+0x20/0x40 [ 15.747082] kasan_save_alloc_info+0x40/0x58 [ 15.747129] __kasan_kmalloc+0xd4/0xd8 [ 15.747166] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.747212] workqueue_uaf+0x13c/0x4a8 [ 15.747304] kunit_try_run_case+0x170/0x3f0 [ 15.747392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.747555] kthread+0x328/0x630 [ 15.747589] ret_from_fork+0x10/0x20 [ 15.747625] [ 15.747643] Freed by task 24: [ 15.747786] kasan_save_stack+0x3c/0x68 [ 15.748278] kasan_save_track+0x20/0x40 [ 15.748389] kasan_save_free_info+0x4c/0x78 [ 15.748433] __kasan_slab_free+0x6c/0x98 [ 15.748515] kfree+0x214/0x3c8 [ 15.748560] workqueue_uaf_work+0x18/0x30 [ 15.748596] process_one_work+0x530/0xf98 [ 15.748633] worker_thread+0x618/0xf38 [ 15.748667] kthread+0x328/0x630 [ 15.748700] ret_from_fork+0x10/0x20 [ 15.748736] [ 15.748756] Last potentially related work creation: [ 15.748783] kasan_save_stack+0x3c/0x68 [ 15.748820] kasan_record_aux_stack+0xb4/0xc8 [ 15.748861] __queue_work+0x65c/0x1008 [ 15.748900] queue_work_on+0xbc/0xf8 [ 15.748936] workqueue_uaf+0x210/0x4a8 [ 15.748970] kunit_try_run_case+0x170/0x3f0 [ 15.749194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.749294] kthread+0x328/0x630 [ 15.749348] ret_from_fork+0x10/0x20 [ 15.749477] [ 15.749609] The buggy address belongs to the object at fff00000c6e664c0 [ 15.749609] which belongs to the cache kmalloc-32 of size 32 [ 15.749777] The buggy address is located 0 bytes inside of [ 15.749777] freed 32-byte region [fff00000c6e664c0, fff00000c6e664e0) [ 15.749843] [ 15.749872] The buggy address belongs to the physical page: [ 15.749903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e66 [ 15.749954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.750001] page_type: f5(slab) [ 15.750038] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.750087] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.750127] page dumped because: kasan: bad access detected [ 15.750158] [ 15.750175] Memory state around the buggy address: [ 15.750205] fff00000c6e66380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.750248] fff00000c6e66400: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.750291] >fff00000c6e66480: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.750328] ^ [ 15.750362] fff00000c6e66500: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750406] fff00000c6e66580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.719182] ================================================================== [ 15.719323] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.719390] Read of size 4 at addr fff00000c6e662c0 by task swapper/1/0 [ 15.719437] [ 15.719478] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.719574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719600] Hardware name: linux,dummy-virt (DT) [ 15.719661] Call trace: [ 15.719693] show_stack+0x20/0x38 (C) [ 15.719821] dump_stack_lvl+0x8c/0xd0 [ 15.719870] print_report+0x118/0x5d0 [ 15.719916] kasan_report+0xdc/0x128 [ 15.719962] __asan_report_load4_noabort+0x20/0x30 [ 15.720011] rcu_uaf_reclaim+0x64/0x70 [ 15.720060] rcu_core+0x9f4/0x1e20 [ 15.720315] rcu_core_si+0x18/0x30 [ 15.720545] handle_softirqs+0x374/0xb28 [ 15.720643] __do_softirq+0x1c/0x28 [ 15.720866] ____do_softirq+0x18/0x30 [ 15.720913] call_on_irq_stack+0x24/0x30 [ 15.720963] do_softirq_own_stack+0x24/0x38 [ 15.721147] __irq_exit_rcu+0x1fc/0x318 [ 15.721205] irq_exit_rcu+0x1c/0x80 [ 15.721409] el1_interrupt+0x38/0x58 [ 15.721463] el1h_64_irq_handler+0x18/0x28 [ 15.722036] el1h_64_irq+0x6c/0x70 [ 15.722470] arch_local_irq_enable+0x4/0x8 (P) [ 15.722550] do_idle+0x384/0x4e8 [ 15.722696] cpu_startup_entry+0x64/0x80 [ 15.722921] secondary_start_kernel+0x288/0x340 [ 15.723005] __secondary_switched+0xc0/0xc8 [ 15.723061] [ 15.723079] Allocated by task 199: [ 15.723115] kasan_save_stack+0x3c/0x68 [ 15.723184] kasan_save_track+0x20/0x40 [ 15.723324] kasan_save_alloc_info+0x40/0x58 [ 15.723522] __kasan_kmalloc+0xd4/0xd8 [ 15.723681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.723759] rcu_uaf+0xb0/0x2d8 [ 15.723843] kunit_try_run_case+0x170/0x3f0 [ 15.723964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.724010] kthread+0x328/0x630 [ 15.724065] ret_from_fork+0x10/0x20 [ 15.724252] [ 15.724321] Freed by task 0: [ 15.724347] kasan_save_stack+0x3c/0x68 [ 15.724385] kasan_save_track+0x20/0x40 [ 15.724422] kasan_save_free_info+0x4c/0x78 [ 15.724460] __kasan_slab_free+0x6c/0x98 [ 15.724518] kfree+0x214/0x3c8 [ 15.725232] rcu_uaf_reclaim+0x28/0x70 [ 15.725721] rcu_core+0x9f4/0x1e20 [ 15.726010] rcu_core_si+0x18/0x30 [ 15.726053] handle_softirqs+0x374/0xb28 [ 15.726091] __do_softirq+0x1c/0x28 [ 15.726363] [ 15.726494] Last potentially related work creation: [ 15.726543] kasan_save_stack+0x3c/0x68 [ 15.726589] kasan_record_aux_stack+0xb4/0xc8 [ 15.726631] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.726685] call_rcu+0x18/0x30 [ 15.726765] rcu_uaf+0x14c/0x2d8 [ 15.726800] kunit_try_run_case+0x170/0x3f0 [ 15.726860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.726904] kthread+0x328/0x630 [ 15.726936] ret_from_fork+0x10/0x20 [ 15.727208] [ 15.727240] The buggy address belongs to the object at fff00000c6e662c0 [ 15.727240] which belongs to the cache kmalloc-32 of size 32 [ 15.727561] The buggy address is located 0 bytes inside of [ 15.727561] freed 32-byte region [fff00000c6e662c0, fff00000c6e662e0) [ 15.727809] [ 15.727856] The buggy address belongs to the physical page: [ 15.727894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e66 [ 15.728129] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.728321] page_type: f5(slab) [ 15.728364] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.728444] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.728484] page dumped because: kasan: bad access detected [ 15.728516] [ 15.728629] Memory state around the buggy address: [ 15.728863] fff00000c6e66180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.728915] fff00000c6e66200: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.728958] >fff00000c6e66280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.728996] ^ [ 15.729117] fff00000c6e66300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.729381] fff00000c6e66380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.729424] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.571769] ================================================================== [ 15.571822] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.571869] Read of size 1 at addr fff00000c6e65100 by task kunit_try_catch/197 [ 15.571919] [ 15.571949] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.572028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.572055] Hardware name: linux,dummy-virt (DT) [ 15.572084] Call trace: [ 15.572106] show_stack+0x20/0x38 (C) [ 15.572153] dump_stack_lvl+0x8c/0xd0 [ 15.572198] print_report+0x118/0x5d0 [ 15.572245] kasan_report+0xdc/0x128 [ 15.572288] __asan_report_load1_noabort+0x20/0x30 [ 15.572338] ksize_uaf+0x598/0x5f8 [ 15.572382] kunit_try_run_case+0x170/0x3f0 [ 15.572429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.572480] kthread+0x328/0x630 [ 15.572520] ret_from_fork+0x10/0x20 [ 15.573011] [ 15.573068] Allocated by task 197: [ 15.573132] kasan_save_stack+0x3c/0x68 [ 15.573186] kasan_save_track+0x20/0x40 [ 15.573232] kasan_save_alloc_info+0x40/0x58 [ 15.573274] __kasan_kmalloc+0xd4/0xd8 [ 15.573338] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.573378] ksize_uaf+0xb8/0x5f8 [ 15.573414] kunit_try_run_case+0x170/0x3f0 [ 15.573458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.573502] kthread+0x328/0x630 [ 15.573704] ret_from_fork+0x10/0x20 [ 15.573895] [ 15.573935] Freed by task 197: [ 15.574033] kasan_save_stack+0x3c/0x68 [ 15.574099] kasan_save_track+0x20/0x40 [ 15.574196] kasan_save_free_info+0x4c/0x78 [ 15.574285] __kasan_slab_free+0x6c/0x98 [ 15.574359] kfree+0x214/0x3c8 [ 15.574452] ksize_uaf+0x11c/0x5f8 [ 15.574510] kunit_try_run_case+0x170/0x3f0 [ 15.574641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.574688] kthread+0x328/0x630 [ 15.574721] ret_from_fork+0x10/0x20 [ 15.574769] [ 15.574789] The buggy address belongs to the object at fff00000c6e65100 [ 15.574789] which belongs to the cache kmalloc-128 of size 128 [ 15.574847] The buggy address is located 0 bytes inside of [ 15.574847] freed 128-byte region [fff00000c6e65100, fff00000c6e65180) [ 15.574909] [ 15.574928] The buggy address belongs to the physical page: [ 15.574959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.575140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.575217] page_type: f5(slab) [ 15.575289] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.575354] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.575461] page dumped because: kasan: bad access detected [ 15.575570] [ 15.575662] Memory state around the buggy address: [ 15.575740] fff00000c6e65000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.575828] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.575905] >fff00000c6e65100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.575958] ^ [ 15.576001] fff00000c6e65180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.576044] fff00000c6e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.576097] ================================================================== [ 15.576751] ================================================================== [ 15.576803] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.576864] Read of size 1 at addr fff00000c6e65178 by task kunit_try_catch/197 [ 15.576914] [ 15.576942] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.577195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.577255] Hardware name: linux,dummy-virt (DT) [ 15.577289] Call trace: [ 15.577320] show_stack+0x20/0x38 (C) [ 15.577369] dump_stack_lvl+0x8c/0xd0 [ 15.577416] print_report+0x118/0x5d0 [ 15.577471] kasan_report+0xdc/0x128 [ 15.577518] __asan_report_load1_noabort+0x20/0x30 [ 15.577583] ksize_uaf+0x544/0x5f8 [ 15.577626] kunit_try_run_case+0x170/0x3f0 [ 15.577672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.577735] kthread+0x328/0x630 [ 15.577813] ret_from_fork+0x10/0x20 [ 15.577889] [ 15.577960] Allocated by task 197: [ 15.578000] kasan_save_stack+0x3c/0x68 [ 15.578059] kasan_save_track+0x20/0x40 [ 15.578095] kasan_save_alloc_info+0x40/0x58 [ 15.578135] __kasan_kmalloc+0xd4/0xd8 [ 15.578170] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.578365] ksize_uaf+0xb8/0x5f8 [ 15.578437] kunit_try_run_case+0x170/0x3f0 [ 15.578576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.578674] kthread+0x328/0x630 [ 15.578731] ret_from_fork+0x10/0x20 [ 15.578795] [ 15.578843] Freed by task 197: [ 15.578892] kasan_save_stack+0x3c/0x68 [ 15.578955] kasan_save_track+0x20/0x40 [ 15.579043] kasan_save_free_info+0x4c/0x78 [ 15.579852] __kasan_slab_free+0x6c/0x98 [ 15.579902] kfree+0x214/0x3c8 [ 15.579938] ksize_uaf+0x11c/0x5f8 [ 15.579971] kunit_try_run_case+0x170/0x3f0 [ 15.580018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.580062] kthread+0x328/0x630 [ 15.580094] ret_from_fork+0x10/0x20 [ 15.580133] [ 15.580153] The buggy address belongs to the object at fff00000c6e65100 [ 15.580153] which belongs to the cache kmalloc-128 of size 128 [ 15.580213] The buggy address is located 120 bytes inside of [ 15.580213] freed 128-byte region [fff00000c6e65100, fff00000c6e65180) [ 15.580276] [ 15.580296] The buggy address belongs to the physical page: [ 15.580326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.580376] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.580423] page_type: f5(slab) [ 15.580459] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.580509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.581750] page dumped because: kasan: bad access detected [ 15.582383] [ 15.582432] Memory state around the buggy address: [ 15.582469] fff00000c6e65000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.582516] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583023] >fff00000c6e65100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.583063] ^ [ 15.583106] fff00000c6e65180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583355] fff00000c6e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583696] ================================================================== [ 15.566937] ================================================================== [ 15.567001] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.567055] Read of size 1 at addr fff00000c6e65100 by task kunit_try_catch/197 [ 15.567106] [ 15.567138] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.567221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.567248] Hardware name: linux,dummy-virt (DT) [ 15.567279] Call trace: [ 15.567303] show_stack+0x20/0x38 (C) [ 15.567350] dump_stack_lvl+0x8c/0xd0 [ 15.567396] print_report+0x118/0x5d0 [ 15.567442] kasan_report+0xdc/0x128 [ 15.567488] __kasan_check_byte+0x54/0x70 [ 15.567549] ksize+0x30/0x88 [ 15.567591] ksize_uaf+0x168/0x5f8 [ 15.567636] kunit_try_run_case+0x170/0x3f0 [ 15.567684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.567735] kthread+0x328/0x630 [ 15.567778] ret_from_fork+0x10/0x20 [ 15.567823] [ 15.567843] Allocated by task 197: [ 15.567870] kasan_save_stack+0x3c/0x68 [ 15.567908] kasan_save_track+0x20/0x40 [ 15.567947] kasan_save_alloc_info+0x40/0x58 [ 15.567987] __kasan_kmalloc+0xd4/0xd8 [ 15.568024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.568062] ksize_uaf+0xb8/0x5f8 [ 15.568130] kunit_try_run_case+0x170/0x3f0 [ 15.568176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.568219] kthread+0x328/0x630 [ 15.568250] ret_from_fork+0x10/0x20 [ 15.568287] [ 15.568305] Freed by task 197: [ 15.568331] kasan_save_stack+0x3c/0x68 [ 15.568367] kasan_save_track+0x20/0x40 [ 15.568404] kasan_save_free_info+0x4c/0x78 [ 15.568442] __kasan_slab_free+0x6c/0x98 [ 15.568479] kfree+0x214/0x3c8 [ 15.568511] ksize_uaf+0x11c/0x5f8 [ 15.568564] kunit_try_run_case+0x170/0x3f0 [ 15.568618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.568774] kthread+0x328/0x630 [ 15.568947] ret_from_fork+0x10/0x20 [ 15.569046] [ 15.569065] The buggy address belongs to the object at fff00000c6e65100 [ 15.569065] which belongs to the cache kmalloc-128 of size 128 [ 15.569307] The buggy address is located 0 bytes inside of [ 15.569307] freed 128-byte region [fff00000c6e65100, fff00000c6e65180) [ 15.569480] [ 15.569519] The buggy address belongs to the physical page: [ 15.569947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.570268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.570318] page_type: f5(slab) [ 15.570360] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.570416] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.570458] page dumped because: kasan: bad access detected [ 15.570738] [ 15.570804] Memory state around the buggy address: [ 15.570841] fff00000c6e65000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.570931] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570998] >fff00000c6e65100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.571096] ^ [ 15.571128] fff00000c6e65180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.571174] fff00000c6e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.571223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.545070] ================================================================== [ 15.545363] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.545497] Read of size 1 at addr fff00000c6e6507f by task kunit_try_catch/195 [ 15.545559] [ 15.545588] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.545923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.545955] Hardware name: linux,dummy-virt (DT) [ 15.546274] Call trace: [ 15.546475] show_stack+0x20/0x38 (C) [ 15.547623] dump_stack_lvl+0x8c/0xd0 [ 15.547686] print_report+0x118/0x5d0 [ 15.548031] kasan_report+0xdc/0x128 [ 15.548158] __asan_report_load1_noabort+0x20/0x30 [ 15.548209] ksize_unpoisons_memory+0x690/0x740 [ 15.548586] kunit_try_run_case+0x170/0x3f0 [ 15.548771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.548896] kthread+0x328/0x630 [ 15.548939] ret_from_fork+0x10/0x20 [ 15.548989] [ 15.549027] Allocated by task 195: [ 15.549133] kasan_save_stack+0x3c/0x68 [ 15.549174] kasan_save_track+0x20/0x40 [ 15.549212] kasan_save_alloc_info+0x40/0x58 [ 15.549251] __kasan_kmalloc+0xd4/0xd8 [ 15.549289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.549327] ksize_unpoisons_memory+0xc0/0x740 [ 15.549406] kunit_try_run_case+0x170/0x3f0 [ 15.549614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.550132] kthread+0x328/0x630 [ 15.550205] ret_from_fork+0x10/0x20 [ 15.550245] [ 15.550264] The buggy address belongs to the object at fff00000c6e65000 [ 15.550264] which belongs to the cache kmalloc-128 of size 128 [ 15.550322] The buggy address is located 12 bytes to the right of [ 15.550322] allocated 115-byte region [fff00000c6e65000, fff00000c6e65073) [ 15.550703] [ 15.550730] The buggy address belongs to the physical page: [ 15.550763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.550857] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.550905] page_type: f5(slab) [ 15.550943] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.550994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.551043] page dumped because: kasan: bad access detected [ 15.551162] [ 15.551180] Memory state around the buggy address: [ 15.551212] fff00000c6e64f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.551257] fff00000c6e64f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.551300] >fff00000c6e65000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.551668] ^ [ 15.551734] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553290] fff00000c6e65100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.553337] ================================================================== [ 15.534586] ================================================================== [ 15.534829] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.534884] Read of size 1 at addr fff00000c6e65078 by task kunit_try_catch/195 [ 15.534931] [ 15.534968] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.535048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.535085] Hardware name: linux,dummy-virt (DT) [ 15.535117] Call trace: [ 15.535139] show_stack+0x20/0x38 (C) [ 15.535487] dump_stack_lvl+0x8c/0xd0 [ 15.536032] print_report+0x118/0x5d0 [ 15.536284] kasan_report+0xdc/0x128 [ 15.536344] __asan_report_load1_noabort+0x20/0x30 [ 15.536449] ksize_unpoisons_memory+0x618/0x740 [ 15.536497] kunit_try_run_case+0x170/0x3f0 [ 15.536557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.536609] kthread+0x328/0x630 [ 15.536651] ret_from_fork+0x10/0x20 [ 15.537516] [ 15.537550] Allocated by task 195: [ 15.537580] kasan_save_stack+0x3c/0x68 [ 15.537670] kasan_save_track+0x20/0x40 [ 15.537709] kasan_save_alloc_info+0x40/0x58 [ 15.538171] __kasan_kmalloc+0xd4/0xd8 [ 15.538391] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.538441] ksize_unpoisons_memory+0xc0/0x740 [ 15.538518] kunit_try_run_case+0x170/0x3f0 [ 15.538569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.539019] kthread+0x328/0x630 [ 15.539253] ret_from_fork+0x10/0x20 [ 15.539381] [ 15.539420] The buggy address belongs to the object at fff00000c6e65000 [ 15.539420] which belongs to the cache kmalloc-128 of size 128 [ 15.539481] The buggy address is located 5 bytes to the right of [ 15.539481] allocated 115-byte region [fff00000c6e65000, fff00000c6e65073) [ 15.539565] [ 15.539584] The buggy address belongs to the physical page: [ 15.539615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.540071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.540144] page_type: f5(slab) [ 15.540501] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.540699] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.540743] page dumped because: kasan: bad access detected [ 15.540792] [ 15.540810] Memory state around the buggy address: [ 15.540842] fff00000c6e64f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.541149] fff00000c6e64f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.541251] >fff00000c6e65000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.541292] ^ [ 15.541334] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.541377] fff00000c6e65100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.543210] ================================================================== [ 15.524436] ================================================================== [ 15.524497] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.524562] Read of size 1 at addr fff00000c6e65073 by task kunit_try_catch/195 [ 15.524614] [ 15.524648] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.525125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525278] Hardware name: linux,dummy-virt (DT) [ 15.525328] Call trace: [ 15.526401] show_stack+0x20/0x38 (C) [ 15.526790] dump_stack_lvl+0x8c/0xd0 [ 15.527184] print_report+0x118/0x5d0 [ 15.527800] kasan_report+0xdc/0x128 [ 15.527859] __asan_report_load1_noabort+0x20/0x30 [ 15.527941] ksize_unpoisons_memory+0x628/0x740 [ 15.528167] kunit_try_run_case+0x170/0x3f0 [ 15.528325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.528480] kthread+0x328/0x630 [ 15.528522] ret_from_fork+0x10/0x20 [ 15.528611] [ 15.528630] Allocated by task 195: [ 15.528660] kasan_save_stack+0x3c/0x68 [ 15.528701] kasan_save_track+0x20/0x40 [ 15.528767] kasan_save_alloc_info+0x40/0x58 [ 15.529004] __kasan_kmalloc+0xd4/0xd8 [ 15.529082] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.529186] ksize_unpoisons_memory+0xc0/0x740 [ 15.529262] kunit_try_run_case+0x170/0x3f0 [ 15.529300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.529378] kthread+0x328/0x630 [ 15.529411] ret_from_fork+0x10/0x20 [ 15.529492] [ 15.530162] The buggy address belongs to the object at fff00000c6e65000 [ 15.530162] which belongs to the cache kmalloc-128 of size 128 [ 15.530240] The buggy address is located 0 bytes to the right of [ 15.530240] allocated 115-byte region [fff00000c6e65000, fff00000c6e65073) [ 15.530309] [ 15.530332] The buggy address belongs to the physical page: [ 15.530363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65 [ 15.530421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.530563] page_type: f5(slab) [ 15.530632] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.530681] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.530722] page dumped because: kasan: bad access detected [ 15.530753] [ 15.530771] Memory state around the buggy address: [ 15.531123] fff00000c6e64f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531260] fff00000c6e64f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531304] >fff00000c6e65000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.531380] ^ [ 15.531421] fff00000c6e65080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531691] fff00000c6e65100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531751] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.507429] ================================================================== [ 15.507766] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.507826] Free of addr fff00000c5f9c4c0 by task kunit_try_catch/193 [ 15.507869] [ 15.507898] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.507987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.508023] Hardware name: linux,dummy-virt (DT) [ 15.508054] Call trace: [ 15.508075] show_stack+0x20/0x38 (C) [ 15.508488] dump_stack_lvl+0x8c/0xd0 [ 15.508663] print_report+0x118/0x5d0 [ 15.508940] kasan_report_invalid_free+0xc0/0xe8 [ 15.509246] check_slab_allocation+0xd4/0x108 [ 15.509299] __kasan_slab_pre_free+0x2c/0x48 [ 15.509345] kfree+0xe8/0x3c8 [ 15.509388] kfree_sensitive+0x3c/0xb0 [ 15.509445] kmalloc_double_kzfree+0x168/0x308 [ 15.509494] kunit_try_run_case+0x170/0x3f0 [ 15.509678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.509829] kthread+0x328/0x630 [ 15.509885] ret_from_fork+0x10/0x20 [ 15.509934] [ 15.509952] Allocated by task 193: [ 15.509986] kasan_save_stack+0x3c/0x68 [ 15.510063] kasan_save_track+0x20/0x40 [ 15.510263] kasan_save_alloc_info+0x40/0x58 [ 15.510309] __kasan_kmalloc+0xd4/0xd8 [ 15.510345] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.510475] kmalloc_double_kzfree+0xb8/0x308 [ 15.510574] kunit_try_run_case+0x170/0x3f0 [ 15.510679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.512225] kthread+0x328/0x630 [ 15.512280] ret_from_fork+0x10/0x20 [ 15.512325] [ 15.512351] Freed by task 193: [ 15.512408] kasan_save_stack+0x3c/0x68 [ 15.512589] kasan_save_track+0x20/0x40 [ 15.512630] kasan_save_free_info+0x4c/0x78 [ 15.512671] __kasan_slab_free+0x6c/0x98 [ 15.512710] kfree+0x214/0x3c8 [ 15.512743] kfree_sensitive+0x80/0xb0 [ 15.513140] kmalloc_double_kzfree+0x11c/0x308 [ 15.513291] kunit_try_run_case+0x170/0x3f0 [ 15.513332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.513376] kthread+0x328/0x630 [ 15.513700] ret_from_fork+0x10/0x20 [ 15.513766] [ 15.513788] The buggy address belongs to the object at fff00000c5f9c4c0 [ 15.513788] which belongs to the cache kmalloc-16 of size 16 [ 15.513939] The buggy address is located 0 bytes inside of [ 15.513939] 16-byte region [fff00000c5f9c4c0, fff00000c5f9c4d0) [ 15.514006] [ 15.514026] The buggy address belongs to the physical page: [ 15.514082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 15.514133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.514179] page_type: f5(slab) [ 15.514373] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.514494] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.514553] page dumped because: kasan: bad access detected [ 15.514585] [ 15.514603] Memory state around the buggy address: [ 15.515114] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.515159] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.515596] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 15.515638] ^ [ 15.515675] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.515717] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.515762] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.493386] ================================================================== [ 15.493448] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.493507] Read of size 1 at addr fff00000c5f9c4c0 by task kunit_try_catch/193 [ 15.493577] [ 15.493613] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.494581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.494910] Hardware name: linux,dummy-virt (DT) [ 15.495141] Call trace: [ 15.497171] show_stack+0x20/0x38 (C) [ 15.497285] dump_stack_lvl+0x8c/0xd0 [ 15.497334] print_report+0x118/0x5d0 [ 15.497381] kasan_report+0xdc/0x128 [ 15.497427] __kasan_check_byte+0x54/0x70 [ 15.497474] kfree_sensitive+0x30/0xb0 [ 15.497525] kmalloc_double_kzfree+0x168/0x308 [ 15.497582] kunit_try_run_case+0x170/0x3f0 [ 15.498347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.499003] kthread+0x328/0x630 [ 15.499046] ret_from_fork+0x10/0x20 [ 15.499433] [ 15.499453] Allocated by task 193: [ 15.499498] kasan_save_stack+0x3c/0x68 [ 15.499557] kasan_save_track+0x20/0x40 [ 15.499602] kasan_save_alloc_info+0x40/0x58 [ 15.499648] __kasan_kmalloc+0xd4/0xd8 [ 15.499685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.499730] kmalloc_double_kzfree+0xb8/0x308 [ 15.501018] kunit_try_run_case+0x170/0x3f0 [ 15.501071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.501416] kthread+0x328/0x630 [ 15.501596] ret_from_fork+0x10/0x20 [ 15.501644] [ 15.501673] Freed by task 193: [ 15.501701] kasan_save_stack+0x3c/0x68 [ 15.501741] kasan_save_track+0x20/0x40 [ 15.501776] kasan_save_free_info+0x4c/0x78 [ 15.501816] __kasan_slab_free+0x6c/0x98 [ 15.502183] kfree+0x214/0x3c8 [ 15.502251] kfree_sensitive+0x80/0xb0 [ 15.502295] kmalloc_double_kzfree+0x11c/0x308 [ 15.502345] kunit_try_run_case+0x170/0x3f0 [ 15.502382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.502434] kthread+0x328/0x630 [ 15.502466] ret_from_fork+0x10/0x20 [ 15.502595] [ 15.502627] The buggy address belongs to the object at fff00000c5f9c4c0 [ 15.502627] which belongs to the cache kmalloc-16 of size 16 [ 15.502789] The buggy address is located 0 bytes inside of [ 15.502789] freed 16-byte region [fff00000c5f9c4c0, fff00000c5f9c4d0) [ 15.502850] [ 15.503101] The buggy address belongs to the physical page: [ 15.503297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 15.503402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.503569] page_type: f5(slab) [ 15.503611] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.503785] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.503834] page dumped because: kasan: bad access detected [ 15.504114] [ 15.504138] Memory state around the buggy address: [ 15.504173] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.504216] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.504259] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 15.505839] ^ [ 15.506009] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.506061] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.506100] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.455257] ================================================================== [ 15.455320] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.455375] Read of size 1 at addr fff00000c63a85a8 by task kunit_try_catch/189 [ 15.456198] [ 15.456513] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.456697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.456736] Hardware name: linux,dummy-virt (DT) [ 15.456769] Call trace: [ 15.456873] show_stack+0x20/0x38 (C) [ 15.456950] dump_stack_lvl+0x8c/0xd0 [ 15.456996] print_report+0x118/0x5d0 [ 15.457043] kasan_report+0xdc/0x128 [ 15.457099] __asan_report_load1_noabort+0x20/0x30 [ 15.457211] kmalloc_uaf2+0x3f4/0x468 [ 15.457486] kunit_try_run_case+0x170/0x3f0 [ 15.457566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.458101] kthread+0x328/0x630 [ 15.458265] ret_from_fork+0x10/0x20 [ 15.458321] [ 15.458340] Allocated by task 189: [ 15.458369] kasan_save_stack+0x3c/0x68 [ 15.458415] kasan_save_track+0x20/0x40 [ 15.458453] kasan_save_alloc_info+0x40/0x58 [ 15.459033] __kasan_kmalloc+0xd4/0xd8 [ 15.459084] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.459313] kmalloc_uaf2+0xc4/0x468 [ 15.459349] kunit_try_run_case+0x170/0x3f0 [ 15.459803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.459870] kthread+0x328/0x630 [ 15.459902] ret_from_fork+0x10/0x20 [ 15.459949] [ 15.459968] Freed by task 189: [ 15.459996] kasan_save_stack+0x3c/0x68 [ 15.460034] kasan_save_track+0x20/0x40 [ 15.460069] kasan_save_free_info+0x4c/0x78 [ 15.460109] __kasan_slab_free+0x6c/0x98 [ 15.460387] kfree+0x214/0x3c8 [ 15.460430] kmalloc_uaf2+0x134/0x468 [ 15.460496] kunit_try_run_case+0x170/0x3f0 [ 15.460546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.460717] kthread+0x328/0x630 [ 15.460961] ret_from_fork+0x10/0x20 [ 15.461054] [ 15.461076] The buggy address belongs to the object at fff00000c63a8580 [ 15.461076] which belongs to the cache kmalloc-64 of size 64 [ 15.461136] The buggy address is located 40 bytes inside of [ 15.461136] freed 64-byte region [fff00000c63a8580, fff00000c63a85c0) [ 15.461460] [ 15.461481] The buggy address belongs to the physical page: [ 15.461513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a8 [ 15.462962] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.463020] page_type: f5(slab) [ 15.463062] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.463113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.463518] page dumped because: kasan: bad access detected [ 15.463573] [ 15.464936] Memory state around the buggy address: [ 15.464971] fff00000c63a8480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.465498] fff00000c63a8500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.465569] >fff00000c63a8580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.465660] ^ [ 15.465925] fff00000c63a8600: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.465998] fff00000c63a8680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.466037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.432825] ================================================================== [ 15.432883] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.433063] Write of size 33 at addr fff00000c63a8400 by task kunit_try_catch/187 [ 15.433126] [ 15.433168] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.433335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.433585] Hardware name: linux,dummy-virt (DT) [ 15.433677] Call trace: [ 15.433701] show_stack+0x20/0x38 (C) [ 15.433755] dump_stack_lvl+0x8c/0xd0 [ 15.433806] print_report+0x118/0x5d0 [ 15.433866] kasan_report+0xdc/0x128 [ 15.433912] kasan_check_range+0x100/0x1a8 [ 15.434179] __asan_memset+0x34/0x78 [ 15.434341] kmalloc_uaf_memset+0x170/0x310 [ 15.434393] kunit_try_run_case+0x170/0x3f0 [ 15.434447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.434506] kthread+0x328/0x630 [ 15.434559] ret_from_fork+0x10/0x20 [ 15.435743] [ 15.435885] Allocated by task 187: [ 15.436209] kasan_save_stack+0x3c/0x68 [ 15.436364] kasan_save_track+0x20/0x40 [ 15.436460] kasan_save_alloc_info+0x40/0x58 [ 15.436543] __kasan_kmalloc+0xd4/0xd8 [ 15.436581] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.436620] kmalloc_uaf_memset+0xb8/0x310 [ 15.436735] kunit_try_run_case+0x170/0x3f0 [ 15.437799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.437859] kthread+0x328/0x630 [ 15.437894] ret_from_fork+0x10/0x20 [ 15.437929] [ 15.437949] Freed by task 187: [ 15.437977] kasan_save_stack+0x3c/0x68 [ 15.438141] kasan_save_track+0x20/0x40 [ 15.438267] kasan_save_free_info+0x4c/0x78 [ 15.438308] __kasan_slab_free+0x6c/0x98 [ 15.438399] kfree+0x214/0x3c8 [ 15.438495] kmalloc_uaf_memset+0x11c/0x310 [ 15.438543] kunit_try_run_case+0x170/0x3f0 [ 15.438582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.438625] kthread+0x328/0x630 [ 15.438656] ret_from_fork+0x10/0x20 [ 15.438692] [ 15.438712] The buggy address belongs to the object at fff00000c63a8400 [ 15.438712] which belongs to the cache kmalloc-64 of size 64 [ 15.439007] The buggy address is located 0 bytes inside of [ 15.439007] freed 64-byte region [fff00000c63a8400, fff00000c63a8440) [ 15.439393] [ 15.439418] The buggy address belongs to the physical page: [ 15.439555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a8 [ 15.439776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.439833] page_type: f5(slab) [ 15.439872] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.440236] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.440283] page dumped because: kasan: bad access detected [ 15.440342] [ 15.440370] Memory state around the buggy address: [ 15.440475] fff00000c63a8300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.440518] fff00000c63a8380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.440572] >fff00000c63a8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.440693] ^ [ 15.440730] fff00000c63a8480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440808] fff00000c63a8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.440985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.410122] ================================================================== [ 15.410182] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.410247] Read of size 1 at addr fff00000c5f9c4a8 by task kunit_try_catch/185 [ 15.411204] [ 15.411303] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.411486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.411515] Hardware name: linux,dummy-virt (DT) [ 15.411556] Call trace: [ 15.411579] show_stack+0x20/0x38 (C) [ 15.411626] dump_stack_lvl+0x8c/0xd0 [ 15.411672] print_report+0x118/0x5d0 [ 15.411718] kasan_report+0xdc/0x128 [ 15.411827] __asan_report_load1_noabort+0x20/0x30 [ 15.412097] kmalloc_uaf+0x300/0x338 [ 15.412317] kunit_try_run_case+0x170/0x3f0 [ 15.412688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.414155] kthread+0x328/0x630 [ 15.414214] ret_from_fork+0x10/0x20 [ 15.414493] [ 15.414543] Allocated by task 185: [ 15.414576] kasan_save_stack+0x3c/0x68 [ 15.414620] kasan_save_track+0x20/0x40 [ 15.414658] kasan_save_alloc_info+0x40/0x58 [ 15.414977] __kasan_kmalloc+0xd4/0xd8 [ 15.415895] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.416457] kmalloc_uaf+0xb8/0x338 [ 15.416507] kunit_try_run_case+0x170/0x3f0 [ 15.416913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.416970] kthread+0x328/0x630 [ 15.417023] ret_from_fork+0x10/0x20 [ 15.417060] [ 15.417146] Freed by task 185: [ 15.417230] kasan_save_stack+0x3c/0x68 [ 15.417267] kasan_save_track+0x20/0x40 [ 15.417484] kasan_save_free_info+0x4c/0x78 [ 15.417523] __kasan_slab_free+0x6c/0x98 [ 15.417579] kfree+0x214/0x3c8 [ 15.417639] kmalloc_uaf+0x11c/0x338 [ 15.417675] kunit_try_run_case+0x170/0x3f0 [ 15.417723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.417766] kthread+0x328/0x630 [ 15.417873] ret_from_fork+0x10/0x20 [ 15.418226] [ 15.418511] The buggy address belongs to the object at fff00000c5f9c4a0 [ 15.418511] which belongs to the cache kmalloc-16 of size 16 [ 15.418588] The buggy address is located 8 bytes inside of [ 15.418588] freed 16-byte region [fff00000c5f9c4a0, fff00000c5f9c4b0) [ 15.419020] [ 15.419134] The buggy address belongs to the physical page: [ 15.419167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 15.419225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.419346] page_type: f5(slab) [ 15.419456] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.419507] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.419593] page dumped because: kasan: bad access detected [ 15.419827] [ 15.420000] Memory state around the buggy address: [ 15.420036] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.420324] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.420462] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.420556] ^ [ 15.420589] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.420632] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.420671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.392510] ================================================================== [ 15.392581] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.392634] Read of size 64 at addr fff00000c63a8104 by task kunit_try_catch/183 [ 15.392684] [ 15.392715] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.392797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.392824] Hardware name: linux,dummy-virt (DT) [ 15.392853] Call trace: [ 15.392878] show_stack+0x20/0x38 (C) [ 15.392942] dump_stack_lvl+0x8c/0xd0 [ 15.393011] print_report+0x118/0x5d0 [ 15.393157] kasan_report+0xdc/0x128 [ 15.393334] kasan_check_range+0x100/0x1a8 [ 15.393494] __asan_memmove+0x3c/0x98 [ 15.393549] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.393597] kunit_try_run_case+0x170/0x3f0 [ 15.393642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.393693] kthread+0x328/0x630 [ 15.393733] ret_from_fork+0x10/0x20 [ 15.393786] [ 15.393886] Allocated by task 183: [ 15.393975] kasan_save_stack+0x3c/0x68 [ 15.394640] kasan_save_track+0x20/0x40 [ 15.394848] kasan_save_alloc_info+0x40/0x58 [ 15.394896] __kasan_kmalloc+0xd4/0xd8 [ 15.394932] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.395299] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.395350] kunit_try_run_case+0x170/0x3f0 [ 15.395601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.395653] kthread+0x328/0x630 [ 15.395685] ret_from_fork+0x10/0x20 [ 15.395733] [ 15.395760] The buggy address belongs to the object at fff00000c63a8100 [ 15.395760] which belongs to the cache kmalloc-64 of size 64 [ 15.395817] The buggy address is located 4 bytes inside of [ 15.395817] allocated 64-byte region [fff00000c63a8100, fff00000c63a8140) [ 15.395877] [ 15.396121] The buggy address belongs to the physical page: [ 15.396179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a8 [ 15.396247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.396295] page_type: f5(slab) [ 15.396334] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.396421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.396526] page dumped because: kasan: bad access detected [ 15.396600] [ 15.396619] Memory state around the buggy address: [ 15.396653] fff00000c63a8000: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.396730] fff00000c63a8080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.396773] >fff00000c63a8100: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.398025] ^ [ 15.398067] fff00000c63a8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398111] fff00000c63a8200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.384224] ================================================================== [ 15.384290] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.384340] Read of size 18446744073709551614 at addr fff00000c63bcf04 by task kunit_try_catch/181 [ 15.384418] [ 15.384449] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.384540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.384566] Hardware name: linux,dummy-virt (DT) [ 15.384597] Call trace: [ 15.384620] show_stack+0x20/0x38 (C) [ 15.384667] dump_stack_lvl+0x8c/0xd0 [ 15.384711] print_report+0x118/0x5d0 [ 15.384756] kasan_report+0xdc/0x128 [ 15.384800] kasan_check_range+0x100/0x1a8 [ 15.384846] __asan_memmove+0x3c/0x98 [ 15.385427] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.385504] kunit_try_run_case+0x170/0x3f0 [ 15.385596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.385650] kthread+0x328/0x630 [ 15.385691] ret_from_fork+0x10/0x20 [ 15.385765] [ 15.385783] Allocated by task 181: [ 15.385811] kasan_save_stack+0x3c/0x68 [ 15.385851] kasan_save_track+0x20/0x40 [ 15.385887] kasan_save_alloc_info+0x40/0x58 [ 15.385925] __kasan_kmalloc+0xd4/0xd8 [ 15.385961] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.386197] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.386241] kunit_try_run_case+0x170/0x3f0 [ 15.386277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.386319] kthread+0x328/0x630 [ 15.386350] ret_from_fork+0x10/0x20 [ 15.386388] [ 15.386409] The buggy address belongs to the object at fff00000c63bcf00 [ 15.386409] which belongs to the cache kmalloc-64 of size 64 [ 15.386483] The buggy address is located 4 bytes inside of [ 15.386483] 64-byte region [fff00000c63bcf00, fff00000c63bcf40) [ 15.386694] [ 15.386718] The buggy address belongs to the physical page: [ 15.386817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063bc [ 15.386904] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.386988] page_type: f5(slab) [ 15.387027] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.387078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.387117] page dumped because: kasan: bad access detected [ 15.387151] [ 15.387169] Memory state around the buggy address: [ 15.387226] fff00000c63bce00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.387276] fff00000c63bce80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.387328] >fff00000c63bcf00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.387375] ^ [ 15.387410] fff00000c63bcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.387451] fff00000c63bd000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.387505] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.368892] ================================================================== [ 15.368947] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.368996] Write of size 16 at addr fff00000c5f9df69 by task kunit_try_catch/179 [ 15.369045] [ 15.369073] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.369152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.369177] Hardware name: linux,dummy-virt (DT) [ 15.369206] Call trace: [ 15.369227] show_stack+0x20/0x38 (C) [ 15.369290] dump_stack_lvl+0x8c/0xd0 [ 15.369335] print_report+0x118/0x5d0 [ 15.369385] kasan_report+0xdc/0x128 [ 15.369429] kasan_check_range+0x100/0x1a8 [ 15.369475] __asan_memset+0x34/0x78 [ 15.369516] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.370490] kunit_try_run_case+0x170/0x3f0 [ 15.370615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.370670] kthread+0x328/0x630 [ 15.370734] ret_from_fork+0x10/0x20 [ 15.371197] [ 15.371323] Allocated by task 179: [ 15.371418] kasan_save_stack+0x3c/0x68 [ 15.371486] kasan_save_track+0x20/0x40 [ 15.371524] kasan_save_alloc_info+0x40/0x58 [ 15.371576] __kasan_kmalloc+0xd4/0xd8 [ 15.372073] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.372156] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.372212] kunit_try_run_case+0x170/0x3f0 [ 15.372250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.372292] kthread+0x328/0x630 [ 15.372323] ret_from_fork+0x10/0x20 [ 15.372373] [ 15.372394] The buggy address belongs to the object at fff00000c5f9df00 [ 15.372394] which belongs to the cache kmalloc-128 of size 128 [ 15.372451] The buggy address is located 105 bytes inside of [ 15.372451] allocated 120-byte region [fff00000c5f9df00, fff00000c5f9df78) [ 15.372519] [ 15.372565] The buggy address belongs to the physical page: [ 15.372596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.372656] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.372703] page_type: f5(slab) [ 15.372762] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.372820] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.372859] page dumped because: kasan: bad access detected [ 15.372895] [ 15.372912] Memory state around the buggy address: [ 15.372942] fff00000c5f9de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.372984] fff00000c5f9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373024] >fff00000c5f9df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.373068] ^ [ 15.373116] fff00000c5f9df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373157] fff00000c5f9e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.373204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.357552] ================================================================== [ 15.357626] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.357678] Write of size 8 at addr fff00000c5f9de71 by task kunit_try_catch/177 [ 15.358051] [ 15.358127] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.358351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.358383] Hardware name: linux,dummy-virt (DT) [ 15.358422] Call trace: [ 15.358628] show_stack+0x20/0x38 (C) [ 15.358985] dump_stack_lvl+0x8c/0xd0 [ 15.359055] print_report+0x118/0x5d0 [ 15.359165] kasan_report+0xdc/0x128 [ 15.359252] kasan_check_range+0x100/0x1a8 [ 15.359409] __asan_memset+0x34/0x78 [ 15.359496] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.359890] kunit_try_run_case+0x170/0x3f0 [ 15.359949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.360053] kthread+0x328/0x630 [ 15.360096] ret_from_fork+0x10/0x20 [ 15.360143] [ 15.360161] Allocated by task 177: [ 15.360191] kasan_save_stack+0x3c/0x68 [ 15.360230] kasan_save_track+0x20/0x40 [ 15.360267] kasan_save_alloc_info+0x40/0x58 [ 15.360316] __kasan_kmalloc+0xd4/0xd8 [ 15.360353] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.360392] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.360429] kunit_try_run_case+0x170/0x3f0 [ 15.360471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.360524] kthread+0x328/0x630 [ 15.360567] ret_from_fork+0x10/0x20 [ 15.360611] [ 15.360630] The buggy address belongs to the object at fff00000c5f9de00 [ 15.360630] which belongs to the cache kmalloc-128 of size 128 [ 15.360709] The buggy address is located 113 bytes inside of [ 15.360709] allocated 120-byte region [fff00000c5f9de00, fff00000c5f9de78) [ 15.360768] [ 15.360788] The buggy address belongs to the physical page: [ 15.360839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.360890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.360942] page_type: f5(slab) [ 15.360979] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.361027] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.361065] page dumped because: kasan: bad access detected [ 15.361095] [ 15.361113] Memory state around the buggy address: [ 15.361152] fff00000c5f9dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.361193] fff00000c5f9dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361234] >fff00000c5f9de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.361277] ^ [ 15.361326] fff00000c5f9de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361367] fff00000c5f9df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.361403] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.341692] ================================================================== [ 15.341955] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.342052] Write of size 4 at addr fff00000c5f9dd75 by task kunit_try_catch/175 [ 15.342171] [ 15.342212] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.342358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.342441] Hardware name: linux,dummy-virt (DT) [ 15.342620] Call trace: [ 15.342679] show_stack+0x20/0x38 (C) [ 15.342768] dump_stack_lvl+0x8c/0xd0 [ 15.342897] print_report+0x118/0x5d0 [ 15.342974] kasan_report+0xdc/0x128 [ 15.343026] kasan_check_range+0x100/0x1a8 [ 15.343219] __asan_memset+0x34/0x78 [ 15.343292] kmalloc_oob_memset_4+0x150/0x300 [ 15.343346] kunit_try_run_case+0x170/0x3f0 [ 15.343462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.343573] kthread+0x328/0x630 [ 15.343649] ret_from_fork+0x10/0x20 [ 15.343770] [ 15.343841] Allocated by task 175: [ 15.343891] kasan_save_stack+0x3c/0x68 [ 15.343972] kasan_save_track+0x20/0x40 [ 15.344233] kasan_save_alloc_info+0x40/0x58 [ 15.344431] __kasan_kmalloc+0xd4/0xd8 [ 15.344589] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.344666] kmalloc_oob_memset_4+0xb0/0x300 [ 15.344889] kunit_try_run_case+0x170/0x3f0 [ 15.345082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.345177] kthread+0x328/0x630 [ 15.345211] ret_from_fork+0x10/0x20 [ 15.345484] [ 15.345642] The buggy address belongs to the object at fff00000c5f9dd00 [ 15.345642] which belongs to the cache kmalloc-128 of size 128 [ 15.345823] The buggy address is located 117 bytes inside of [ 15.345823] allocated 120-byte region [fff00000c5f9dd00, fff00000c5f9dd78) [ 15.345887] [ 15.346047] The buggy address belongs to the physical page: [ 15.346224] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.346341] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.346467] page_type: f5(slab) [ 15.346525] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.346894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.347132] page dumped because: kasan: bad access detected [ 15.347311] [ 15.347452] Memory state around the buggy address: [ 15.347500] fff00000c5f9dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.347887] fff00000c5f9dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347966] >fff00000c5f9dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.348014] ^ [ 15.348055] fff00000c5f9dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348095] fff00000c5f9de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.327331] ================================================================== [ 15.327450] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.327503] Write of size 2 at addr fff00000c5f9dc77 by task kunit_try_catch/173 [ 15.327861] [ 15.327918] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.328012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.328039] Hardware name: linux,dummy-virt (DT) [ 15.328145] Call trace: [ 15.328171] show_stack+0x20/0x38 (C) [ 15.328250] dump_stack_lvl+0x8c/0xd0 [ 15.328369] print_report+0x118/0x5d0 [ 15.328421] kasan_report+0xdc/0x128 [ 15.328468] kasan_check_range+0x100/0x1a8 [ 15.328567] __asan_memset+0x34/0x78 [ 15.328614] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.328848] kunit_try_run_case+0x170/0x3f0 [ 15.328914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.329165] kthread+0x328/0x630 [ 15.329226] ret_from_fork+0x10/0x20 [ 15.329291] [ 15.329367] Allocated by task 173: [ 15.329397] kasan_save_stack+0x3c/0x68 [ 15.329438] kasan_save_track+0x20/0x40 [ 15.329474] kasan_save_alloc_info+0x40/0x58 [ 15.329513] __kasan_kmalloc+0xd4/0xd8 [ 15.329558] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.329595] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.329631] kunit_try_run_case+0x170/0x3f0 [ 15.329668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.329716] kthread+0x328/0x630 [ 15.329747] ret_from_fork+0x10/0x20 [ 15.329936] [ 15.329970] The buggy address belongs to the object at fff00000c5f9dc00 [ 15.329970] which belongs to the cache kmalloc-128 of size 128 [ 15.330326] The buggy address is located 119 bytes inside of [ 15.330326] allocated 120-byte region [fff00000c5f9dc00, fff00000c5f9dc78) [ 15.330559] [ 15.330630] The buggy address belongs to the physical page: [ 15.330699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.330877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.330925] page_type: f5(slab) [ 15.330983] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.331346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.331490] page dumped because: kasan: bad access detected [ 15.331654] [ 15.331687] Memory state around the buggy address: [ 15.332036] fff00000c5f9db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.332117] fff00000c5f9db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332192] >fff00000c5f9dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.332291] ^ [ 15.332422] fff00000c5f9dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332577] fff00000c5f9dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332653] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.308504] ================================================================== [ 15.308599] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.308929] Write of size 128 at addr fff00000c5f9db00 by task kunit_try_catch/171 [ 15.308986] [ 15.309021] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.309100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.309127] Hardware name: linux,dummy-virt (DT) [ 15.309606] Call trace: [ 15.309674] show_stack+0x20/0x38 (C) [ 15.310169] dump_stack_lvl+0x8c/0xd0 [ 15.310298] print_report+0x118/0x5d0 [ 15.310392] kasan_report+0xdc/0x128 [ 15.310445] kasan_check_range+0x100/0x1a8 [ 15.310777] __asan_memset+0x34/0x78 [ 15.310873] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.311144] kunit_try_run_case+0x170/0x3f0 [ 15.311427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.311523] kthread+0x328/0x630 [ 15.311742] ret_from_fork+0x10/0x20 [ 15.311941] [ 15.311986] Allocated by task 171: [ 15.312081] kasan_save_stack+0x3c/0x68 [ 15.312180] kasan_save_track+0x20/0x40 [ 15.312218] kasan_save_alloc_info+0x40/0x58 [ 15.312563] __kasan_kmalloc+0xd4/0xd8 [ 15.312631] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.312733] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.312772] kunit_try_run_case+0x170/0x3f0 [ 15.312838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.313184] kthread+0x328/0x630 [ 15.313255] ret_from_fork+0x10/0x20 [ 15.313351] [ 15.313373] The buggy address belongs to the object at fff00000c5f9db00 [ 15.313373] which belongs to the cache kmalloc-128 of size 128 [ 15.313842] The buggy address is located 0 bytes inside of [ 15.313842] allocated 120-byte region [fff00000c5f9db00, fff00000c5f9db78) [ 15.314034] [ 15.314057] The buggy address belongs to the physical page: [ 15.314088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.314163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.314569] page_type: f5(slab) [ 15.314679] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.314741] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.315110] page dumped because: kasan: bad access detected [ 15.315174] [ 15.315262] Memory state around the buggy address: [ 15.315333] fff00000c5f9da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.315755] fff00000c5f9da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.315897] >fff00000c5f9db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.316034] ^ [ 15.316102] fff00000c5f9db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316326] fff00000c5f9dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316496] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.292232] ================================================================== [ 15.292598] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.292706] Read of size 16 at addr fff00000c5f9c480 by task kunit_try_catch/169 [ 15.292791] [ 15.292850] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.292973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.293038] Hardware name: linux,dummy-virt (DT) [ 15.293307] Call trace: [ 15.293422] show_stack+0x20/0x38 (C) [ 15.293503] dump_stack_lvl+0x8c/0xd0 [ 15.293570] print_report+0x118/0x5d0 [ 15.293684] kasan_report+0xdc/0x128 [ 15.293894] __asan_report_load16_noabort+0x20/0x30 [ 15.293950] kmalloc_uaf_16+0x3bc/0x438 [ 15.294377] kunit_try_run_case+0x170/0x3f0 [ 15.294539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.294969] kthread+0x328/0x630 [ 15.295103] ret_from_fork+0x10/0x20 [ 15.295277] [ 15.295348] Allocated by task 169: [ 15.295432] kasan_save_stack+0x3c/0x68 [ 15.295521] kasan_save_track+0x20/0x40 [ 15.295618] kasan_save_alloc_info+0x40/0x58 [ 15.295991] __kasan_kmalloc+0xd4/0xd8 [ 15.296057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.296118] kmalloc_uaf_16+0x140/0x438 [ 15.296264] kunit_try_run_case+0x170/0x3f0 [ 15.296410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.296469] kthread+0x328/0x630 [ 15.296501] ret_from_fork+0x10/0x20 [ 15.296565] [ 15.296752] Freed by task 169: [ 15.296914] kasan_save_stack+0x3c/0x68 [ 15.296976] kasan_save_track+0x20/0x40 [ 15.297098] kasan_save_free_info+0x4c/0x78 [ 15.297177] __kasan_slab_free+0x6c/0x98 [ 15.297310] kfree+0x214/0x3c8 [ 15.297371] kmalloc_uaf_16+0x190/0x438 [ 15.297416] kunit_try_run_case+0x170/0x3f0 [ 15.297760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.298226] kthread+0x328/0x630 [ 15.298611] ret_from_fork+0x10/0x20 [ 15.298682] [ 15.298720] The buggy address belongs to the object at fff00000c5f9c480 [ 15.298720] which belongs to the cache kmalloc-16 of size 16 [ 15.298812] The buggy address is located 0 bytes inside of [ 15.298812] freed 16-byte region [fff00000c5f9c480, fff00000c5f9c490) [ 15.298893] [ 15.298990] The buggy address belongs to the physical page: [ 15.299023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 15.299124] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.299209] page_type: f5(slab) [ 15.299555] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.299643] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.299816] page dumped because: kasan: bad access detected [ 15.300057] [ 15.300080] Memory state around the buggy address: [ 15.300269] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.300328] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 15.300499] >fff00000c5f9c480: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.300758] ^ [ 15.300826] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301330] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301388] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.279961] ================================================================== [ 15.280226] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.280283] Write of size 16 at addr fff00000c5f9c420 by task kunit_try_catch/167 [ 15.280370] [ 15.280466] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.280649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.280679] Hardware name: linux,dummy-virt (DT) [ 15.280711] Call trace: [ 15.280752] show_stack+0x20/0x38 (C) [ 15.281019] dump_stack_lvl+0x8c/0xd0 [ 15.281098] print_report+0x118/0x5d0 [ 15.281196] kasan_report+0xdc/0x128 [ 15.281247] __asan_report_store16_noabort+0x20/0x30 [ 15.281298] kmalloc_oob_16+0x3a0/0x3f8 [ 15.281560] kunit_try_run_case+0x170/0x3f0 [ 15.281636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.281700] kthread+0x328/0x630 [ 15.281775] ret_from_fork+0x10/0x20 [ 15.281823] [ 15.281842] Allocated by task 167: [ 15.282012] kasan_save_stack+0x3c/0x68 [ 15.282064] kasan_save_track+0x20/0x40 [ 15.282153] kasan_save_alloc_info+0x40/0x58 [ 15.282205] __kasan_kmalloc+0xd4/0xd8 [ 15.282354] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.282462] kmalloc_oob_16+0xb4/0x3f8 [ 15.282522] kunit_try_run_case+0x170/0x3f0 [ 15.282569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.282620] kthread+0x328/0x630 [ 15.282652] ret_from_fork+0x10/0x20 [ 15.282695] [ 15.282714] The buggy address belongs to the object at fff00000c5f9c420 [ 15.282714] which belongs to the cache kmalloc-16 of size 16 [ 15.282772] The buggy address is located 0 bytes inside of [ 15.282772] allocated 13-byte region [fff00000c5f9c420, fff00000c5f9c42d) [ 15.282832] [ 15.282850] The buggy address belongs to the physical page: [ 15.282888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 15.282949] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.283002] page_type: f5(slab) [ 15.283049] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.283103] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.283151] page dumped because: kasan: bad access detected [ 15.283191] [ 15.283208] Memory state around the buggy address: [ 15.283238] fff00000c5f9c300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.283278] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.283328] >fff00000c5f9c400: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 15.283365] ^ [ 15.283404] fff00000c5f9c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283451] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.259067] ================================================================== [ 15.259156] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.259346] Read of size 1 at addr fff00000c175d000 by task kunit_try_catch/165 [ 15.259398] [ 15.259485] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.259580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.259606] Hardware name: linux,dummy-virt (DT) [ 15.259646] Call trace: [ 15.259669] show_stack+0x20/0x38 (C) [ 15.259720] dump_stack_lvl+0x8c/0xd0 [ 15.259764] print_report+0x118/0x5d0 [ 15.259809] kasan_report+0xdc/0x128 [ 15.259853] __kasan_check_byte+0x54/0x70 [ 15.259899] krealloc_noprof+0x44/0x360 [ 15.259944] krealloc_uaf+0x180/0x520 [ 15.259987] kunit_try_run_case+0x170/0x3f0 [ 15.260213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.260283] kthread+0x328/0x630 [ 15.260472] ret_from_fork+0x10/0x20 [ 15.260660] [ 15.260684] Allocated by task 165: [ 15.260714] kasan_save_stack+0x3c/0x68 [ 15.260757] kasan_save_track+0x20/0x40 [ 15.260838] kasan_save_alloc_info+0x40/0x58 [ 15.260897] __kasan_kmalloc+0xd4/0xd8 [ 15.260934] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.261181] krealloc_uaf+0xc8/0x520 [ 15.261228] kunit_try_run_case+0x170/0x3f0 [ 15.261350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.261397] kthread+0x328/0x630 [ 15.261466] ret_from_fork+0x10/0x20 [ 15.261579] [ 15.261616] Freed by task 165: [ 15.261674] kasan_save_stack+0x3c/0x68 [ 15.261789] kasan_save_track+0x20/0x40 [ 15.261864] kasan_save_free_info+0x4c/0x78 [ 15.261999] __kasan_slab_free+0x6c/0x98 [ 15.262233] kfree+0x214/0x3c8 [ 15.262279] krealloc_uaf+0x12c/0x520 [ 15.262315] kunit_try_run_case+0x170/0x3f0 [ 15.262540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.262663] kthread+0x328/0x630 [ 15.262731] ret_from_fork+0x10/0x20 [ 15.262916] [ 15.262994] The buggy address belongs to the object at fff00000c175d000 [ 15.262994] which belongs to the cache kmalloc-256 of size 256 [ 15.263252] The buggy address is located 0 bytes inside of [ 15.263252] freed 256-byte region [fff00000c175d000, fff00000c175d100) [ 15.263628] [ 15.263765] The buggy address belongs to the physical page: [ 15.263843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.263911] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.263956] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.264006] page_type: f5(slab) [ 15.264044] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.264102] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264165] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.264213] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264266] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.264323] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.264361] page dumped because: kasan: bad access detected [ 15.264392] [ 15.264411] Memory state around the buggy address: [ 15.264443] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264485] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264546] >fff00000c175d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.264811] ^ [ 15.264867] fff00000c175d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.264925] fff00000c175d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264979] ================================================================== [ 15.266440] ================================================================== [ 15.266593] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.266644] Read of size 1 at addr fff00000c175d000 by task kunit_try_catch/165 [ 15.266692] [ 15.266721] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.267042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.267083] Hardware name: linux,dummy-virt (DT) [ 15.267143] Call trace: [ 15.267267] show_stack+0x20/0x38 (C) [ 15.267351] dump_stack_lvl+0x8c/0xd0 [ 15.267454] print_report+0x118/0x5d0 [ 15.267520] kasan_report+0xdc/0x128 [ 15.267603] __asan_report_load1_noabort+0x20/0x30 [ 15.267657] krealloc_uaf+0x4c8/0x520 [ 15.267701] kunit_try_run_case+0x170/0x3f0 [ 15.267747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.268014] kthread+0x328/0x630 [ 15.268158] ret_from_fork+0x10/0x20 [ 15.268235] [ 15.268262] Allocated by task 165: [ 15.268289] kasan_save_stack+0x3c/0x68 [ 15.268347] kasan_save_track+0x20/0x40 [ 15.268599] kasan_save_alloc_info+0x40/0x58 [ 15.268678] __kasan_kmalloc+0xd4/0xd8 [ 15.268724] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.268850] krealloc_uaf+0xc8/0x520 [ 15.268896] kunit_try_run_case+0x170/0x3f0 [ 15.269040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.269117] kthread+0x328/0x630 [ 15.269151] ret_from_fork+0x10/0x20 [ 15.269211] [ 15.269232] Freed by task 165: [ 15.269487] kasan_save_stack+0x3c/0x68 [ 15.269590] kasan_save_track+0x20/0x40 [ 15.269635] kasan_save_free_info+0x4c/0x78 [ 15.269716] __kasan_slab_free+0x6c/0x98 [ 15.269790] kfree+0x214/0x3c8 [ 15.269937] krealloc_uaf+0x12c/0x520 [ 15.270035] kunit_try_run_case+0x170/0x3f0 [ 15.270159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.270227] kthread+0x328/0x630 [ 15.270271] ret_from_fork+0x10/0x20 [ 15.270314] [ 15.270636] The buggy address belongs to the object at fff00000c175d000 [ 15.270636] which belongs to the cache kmalloc-256 of size 256 [ 15.270790] The buggy address is located 0 bytes inside of [ 15.270790] freed 256-byte region [fff00000c175d000, fff00000c175d100) [ 15.270909] [ 15.271009] The buggy address belongs to the physical page: [ 15.271090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.271257] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.271348] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.271418] page_type: f5(slab) [ 15.271467] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.271604] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.271662] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.271726] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.271790] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.271837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.271882] page dumped because: kasan: bad access detected [ 15.271920] [ 15.271938] Memory state around the buggy address: [ 15.271968] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.272009] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.272050] >fff00000c175d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.272096] ^ [ 15.272123] fff00000c175d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.272172] fff00000c175d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.272208] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.245140] ================================================================== [ 15.245196] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.247346] Write of size 1 at addr fff00000c64160da by task kunit_try_catch/163 [ 15.247624] [ 15.247659] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.247736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.247761] Hardware name: linux,dummy-virt (DT) [ 15.247792] Call trace: [ 15.247813] show_stack+0x20/0x38 (C) [ 15.247863] dump_stack_lvl+0x8c/0xd0 [ 15.247909] print_report+0x118/0x5d0 [ 15.247954] kasan_report+0xdc/0x128 [ 15.247999] __asan_report_store1_noabort+0x20/0x30 [ 15.248049] krealloc_less_oob_helper+0xa80/0xc50 [ 15.248096] krealloc_large_less_oob+0x20/0x38 [ 15.248143] kunit_try_run_case+0x170/0x3f0 [ 15.248188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.248239] kthread+0x328/0x630 [ 15.248280] ret_from_fork+0x10/0x20 [ 15.248326] [ 15.248346] The buggy address belongs to the physical page: [ 15.248376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.248427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.249055] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.249119] page_type: f8(unknown) [ 15.249157] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.249205] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.249282] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.249339] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.249387] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.249433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.249471] page dumped because: kasan: bad access detected [ 15.249501] [ 15.249518] Memory state around the buggy address: [ 15.249557] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.249599] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.249639] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.249677] ^ [ 15.249759] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.249835] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.249872] ================================================================== [ 15.230559] ================================================================== [ 15.230606] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.230655] Write of size 1 at addr fff00000c64160d0 by task kunit_try_catch/163 [ 15.230703] [ 15.231286] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.231474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.231501] Hardware name: linux,dummy-virt (DT) [ 15.231542] Call trace: [ 15.231564] show_stack+0x20/0x38 (C) [ 15.231614] dump_stack_lvl+0x8c/0xd0 [ 15.231659] print_report+0x118/0x5d0 [ 15.231705] kasan_report+0xdc/0x128 [ 15.231750] __asan_report_store1_noabort+0x20/0x30 [ 15.231800] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.231847] krealloc_large_less_oob+0x20/0x38 [ 15.231893] kunit_try_run_case+0x170/0x3f0 [ 15.232604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.233390] kthread+0x328/0x630 [ 15.234038] ret_from_fork+0x10/0x20 [ 15.234233] [ 15.234254] The buggy address belongs to the physical page: [ 15.234285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.234335] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.234381] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.234436] page_type: f8(unknown) [ 15.234475] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.234524] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.234585] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.234632] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.234680] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.234726] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.236976] page dumped because: kasan: bad access detected [ 15.237231] [ 15.237744] Memory state around the buggy address: [ 15.238333] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.238827] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.238880] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.238918] ^ [ 15.239426] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.239959] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.240457] ================================================================== [ 15.165921] ================================================================== [ 15.166001] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.166162] Write of size 1 at addr fff00000c175ceea by task kunit_try_catch/159 [ 15.166237] [ 15.166267] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.166352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.166685] Hardware name: linux,dummy-virt (DT) [ 15.166779] Call trace: [ 15.166850] show_stack+0x20/0x38 (C) [ 15.166965] dump_stack_lvl+0x8c/0xd0 [ 15.167012] print_report+0x118/0x5d0 [ 15.167092] kasan_report+0xdc/0x128 [ 15.167362] __asan_report_store1_noabort+0x20/0x30 [ 15.167459] krealloc_less_oob_helper+0xae4/0xc50 [ 15.167582] krealloc_less_oob+0x20/0x38 [ 15.167658] kunit_try_run_case+0x170/0x3f0 [ 15.167974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.168059] kthread+0x328/0x630 [ 15.168155] ret_from_fork+0x10/0x20 [ 15.168316] [ 15.168338] Allocated by task 159: [ 15.168366] kasan_save_stack+0x3c/0x68 [ 15.168429] kasan_save_track+0x20/0x40 [ 15.168738] kasan_save_alloc_info+0x40/0x58 [ 15.168829] __kasan_krealloc+0x118/0x178 [ 15.168942] krealloc_noprof+0x128/0x360 [ 15.169019] krealloc_less_oob_helper+0x168/0xc50 [ 15.169281] krealloc_less_oob+0x20/0x38 [ 15.169409] kunit_try_run_case+0x170/0x3f0 [ 15.169520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.169656] kthread+0x328/0x630 [ 15.169871] ret_from_fork+0x10/0x20 [ 15.170012] [ 15.170074] The buggy address belongs to the object at fff00000c175ce00 [ 15.170074] which belongs to the cache kmalloc-256 of size 256 [ 15.170228] The buggy address is located 33 bytes to the right of [ 15.170228] allocated 201-byte region [fff00000c175ce00, fff00000c175cec9) [ 15.170326] [ 15.170496] The buggy address belongs to the physical page: [ 15.170555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.170665] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.170722] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.170827] page_type: f5(slab) [ 15.171101] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.171181] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.171377] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.171439] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.171611] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.171709] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.171889] page dumped because: kasan: bad access detected [ 15.171919] [ 15.171954] Memory state around the buggy address: [ 15.172350] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.172489] fff00000c175ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.172569] >fff00000c175ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.172704] ^ [ 15.172822] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173097] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173233] ================================================================== [ 15.174108] ================================================================== [ 15.174157] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.174205] Write of size 1 at addr fff00000c175ceeb by task kunit_try_catch/159 [ 15.174253] [ 15.174282] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.174359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.174385] Hardware name: linux,dummy-virt (DT) [ 15.174420] Call trace: [ 15.174442] show_stack+0x20/0x38 (C) [ 15.174488] dump_stack_lvl+0x8c/0xd0 [ 15.174547] print_report+0x118/0x5d0 [ 15.174592] kasan_report+0xdc/0x128 [ 15.174636] __asan_report_store1_noabort+0x20/0x30 [ 15.174686] krealloc_less_oob_helper+0xa58/0xc50 [ 15.174734] krealloc_less_oob+0x20/0x38 [ 15.174779] kunit_try_run_case+0x170/0x3f0 [ 15.174826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.174878] kthread+0x328/0x630 [ 15.174919] ret_from_fork+0x10/0x20 [ 15.174965] [ 15.174982] Allocated by task 159: [ 15.175008] kasan_save_stack+0x3c/0x68 [ 15.175046] kasan_save_track+0x20/0x40 [ 15.175082] kasan_save_alloc_info+0x40/0x58 [ 15.175120] __kasan_krealloc+0x118/0x178 [ 15.175156] krealloc_noprof+0x128/0x360 [ 15.175192] krealloc_less_oob_helper+0x168/0xc50 [ 15.175229] krealloc_less_oob+0x20/0x38 [ 15.175263] kunit_try_run_case+0x170/0x3f0 [ 15.175299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.175340] kthread+0x328/0x630 [ 15.175372] ret_from_fork+0x10/0x20 [ 15.175407] [ 15.175425] The buggy address belongs to the object at fff00000c175ce00 [ 15.175425] which belongs to the cache kmalloc-256 of size 256 [ 15.175481] The buggy address is located 34 bytes to the right of [ 15.175481] allocated 201-byte region [fff00000c175ce00, fff00000c175cec9) [ 15.175581] [ 15.175675] The buggy address belongs to the physical page: [ 15.175770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.175865] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.175949] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.176019] page_type: f5(slab) [ 15.176056] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.176122] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.176482] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.176558] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.176609] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.176657] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.176697] page dumped because: kasan: bad access detected [ 15.176739] [ 15.176757] Memory state around the buggy address: [ 15.176836] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.176901] fff00000c175ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.176943] >fff00000c175ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.176989] ^ [ 15.177026] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177067] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177105] ================================================================== [ 15.249995] ================================================================== [ 15.250073] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.250122] Write of size 1 at addr fff00000c64160ea by task kunit_try_catch/163 [ 15.250169] [ 15.250196] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.250273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.250298] Hardware name: linux,dummy-virt (DT) [ 15.250327] Call trace: [ 15.250348] show_stack+0x20/0x38 (C) [ 15.250526] dump_stack_lvl+0x8c/0xd0 [ 15.250588] print_report+0x118/0x5d0 [ 15.250714] kasan_report+0xdc/0x128 [ 15.250776] __asan_report_store1_noabort+0x20/0x30 [ 15.250867] krealloc_less_oob_helper+0xae4/0xc50 [ 15.250920] krealloc_large_less_oob+0x20/0x38 [ 15.250969] kunit_try_run_case+0x170/0x3f0 [ 15.251015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.251066] kthread+0x328/0x630 [ 15.251107] ret_from_fork+0x10/0x20 [ 15.251153] [ 15.251208] The buggy address belongs to the physical page: [ 15.251241] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.251291] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.251347] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.251424] page_type: f8(unknown) [ 15.251461] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.251566] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.251618] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.251668] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.251763] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.251838] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.251877] page dumped because: kasan: bad access detected [ 15.251907] [ 15.251924] Memory state around the buggy address: [ 15.251954] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.251994] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.252034] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.252070] ^ [ 15.252143] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.252185] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.252220] ================================================================== [ 15.139318] ================================================================== [ 15.139374] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.139429] Write of size 1 at addr fff00000c175cec9 by task kunit_try_catch/159 [ 15.142198] [ 15.142368] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.143042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143162] Hardware name: linux,dummy-virt (DT) [ 15.143524] Call trace: [ 15.143983] show_stack+0x20/0x38 (C) [ 15.144039] dump_stack_lvl+0x8c/0xd0 [ 15.144908] print_report+0x118/0x5d0 [ 15.145442] kasan_report+0xdc/0x128 [ 15.145973] __asan_report_store1_noabort+0x20/0x30 [ 15.146042] krealloc_less_oob_helper+0xa48/0xc50 [ 15.146091] krealloc_less_oob+0x20/0x38 [ 15.146962] kunit_try_run_case+0x170/0x3f0 [ 15.147230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.147557] kthread+0x328/0x630 [ 15.148208] ret_from_fork+0x10/0x20 [ 15.148397] [ 15.148815] Allocated by task 159: [ 15.148955] kasan_save_stack+0x3c/0x68 [ 15.149098] kasan_save_track+0x20/0x40 [ 15.149298] kasan_save_alloc_info+0x40/0x58 [ 15.149425] __kasan_krealloc+0x118/0x178 [ 15.149864] krealloc_noprof+0x128/0x360 [ 15.150048] krealloc_less_oob_helper+0x168/0xc50 [ 15.150087] krealloc_less_oob+0x20/0x38 [ 15.150122] kunit_try_run_case+0x170/0x3f0 [ 15.150161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.150204] kthread+0x328/0x630 [ 15.150236] ret_from_fork+0x10/0x20 [ 15.150271] [ 15.150292] The buggy address belongs to the object at fff00000c175ce00 [ 15.150292] which belongs to the cache kmalloc-256 of size 256 [ 15.150348] The buggy address is located 0 bytes to the right of [ 15.150348] allocated 201-byte region [fff00000c175ce00, fff00000c175cec9) [ 15.150420] [ 15.150440] The buggy address belongs to the physical page: [ 15.150471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.150523] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.151722] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.151785] page_type: f5(slab) [ 15.151826] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.151875] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.151924] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.151971] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.152018] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.152065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.152103] page dumped because: kasan: bad access detected [ 15.152133] [ 15.152151] Memory state around the buggy address: [ 15.152182] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.152226] fff00000c175ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.152268] >fff00000c175ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.152304] ^ [ 15.152338] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.152379] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.152415] ================================================================== [ 15.252304] ================================================================== [ 15.252340] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.252418] Write of size 1 at addr fff00000c64160eb by task kunit_try_catch/163 [ 15.252466] [ 15.252492] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.252595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.252622] Hardware name: linux,dummy-virt (DT) [ 15.252650] Call trace: [ 15.252691] show_stack+0x20/0x38 (C) [ 15.252756] dump_stack_lvl+0x8c/0xd0 [ 15.252801] print_report+0x118/0x5d0 [ 15.252846] kasan_report+0xdc/0x128 [ 15.252901] __asan_report_store1_noabort+0x20/0x30 [ 15.252952] krealloc_less_oob_helper+0xa58/0xc50 [ 15.252999] krealloc_large_less_oob+0x20/0x38 [ 15.253044] kunit_try_run_case+0x170/0x3f0 [ 15.253090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.253142] kthread+0x328/0x630 [ 15.253186] ret_from_fork+0x10/0x20 [ 15.253235] [ 15.253264] The buggy address belongs to the physical page: [ 15.253303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.253361] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.253407] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.253454] page_type: f8(unknown) [ 15.253496] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.253554] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.253602] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.253802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.253880] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.253986] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.254024] page dumped because: kasan: bad access detected [ 15.254054] [ 15.254072] Memory state around the buggy address: [ 15.254134] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.254177] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.254217] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.254253] ^ [ 15.254289] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.254344] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.254381] ================================================================== [ 15.153297] ================================================================== [ 15.153344] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.153391] Write of size 1 at addr fff00000c175ced0 by task kunit_try_catch/159 [ 15.153439] [ 15.153470] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.153564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.153590] Hardware name: linux,dummy-virt (DT) [ 15.153620] Call trace: [ 15.153641] show_stack+0x20/0x38 (C) [ 15.153688] dump_stack_lvl+0x8c/0xd0 [ 15.153767] print_report+0x118/0x5d0 [ 15.153813] kasan_report+0xdc/0x128 [ 15.153881] __asan_report_store1_noabort+0x20/0x30 [ 15.153947] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.153995] krealloc_less_oob+0x20/0x38 [ 15.154039] kunit_try_run_case+0x170/0x3f0 [ 15.154085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.154136] kthread+0x328/0x630 [ 15.154250] ret_from_fork+0x10/0x20 [ 15.154328] [ 15.154346] Allocated by task 159: [ 15.154372] kasan_save_stack+0x3c/0x68 [ 15.154417] kasan_save_track+0x20/0x40 [ 15.154453] kasan_save_alloc_info+0x40/0x58 [ 15.154515] __kasan_krealloc+0x118/0x178 [ 15.154563] krealloc_noprof+0x128/0x360 [ 15.154599] krealloc_less_oob_helper+0x168/0xc50 [ 15.154637] krealloc_less_oob+0x20/0x38 [ 15.154671] kunit_try_run_case+0x170/0x3f0 [ 15.154707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.154748] kthread+0x328/0x630 [ 15.154800] ret_from_fork+0x10/0x20 [ 15.154834] [ 15.154852] The buggy address belongs to the object at fff00000c175ce00 [ 15.154852] which belongs to the cache kmalloc-256 of size 256 [ 15.154950] The buggy address is located 7 bytes to the right of [ 15.154950] allocated 201-byte region [fff00000c175ce00, fff00000c175cec9) [ 15.155046] [ 15.155143] The buggy address belongs to the physical page: [ 15.155213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.155304] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.155431] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.155524] page_type: f5(slab) [ 15.155632] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.155729] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.155835] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.155952] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.156000] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.156076] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.156462] page dumped because: kasan: bad access detected [ 15.156630] [ 15.156748] Memory state around the buggy address: [ 15.156827] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.156990] fff00000c175ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.157085] >fff00000c175ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.157172] ^ [ 15.157289] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157330] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157376] ================================================================== [ 15.220869] ================================================================== [ 15.220923] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.220974] Write of size 1 at addr fff00000c64160c9 by task kunit_try_catch/163 [ 15.221022] [ 15.221054] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.221132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.221158] Hardware name: linux,dummy-virt (DT) [ 15.221876] Call trace: [ 15.222011] show_stack+0x20/0x38 (C) [ 15.222201] dump_stack_lvl+0x8c/0xd0 [ 15.222250] print_report+0x118/0x5d0 [ 15.222296] kasan_report+0xdc/0x128 [ 15.222545] __asan_report_store1_noabort+0x20/0x30 [ 15.222712] krealloc_less_oob_helper+0xa48/0xc50 [ 15.222869] krealloc_large_less_oob+0x20/0x38 [ 15.223374] kunit_try_run_case+0x170/0x3f0 [ 15.223503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.223568] kthread+0x328/0x630 [ 15.224122] ret_from_fork+0x10/0x20 [ 15.224415] [ 15.224437] The buggy address belongs to the physical page: [ 15.224468] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.225231] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.225295] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.225514] page_type: f8(unknown) [ 15.225879] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.225974] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.226032] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.226079] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.226207] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.226678] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.226880] page dumped because: kasan: bad access detected [ 15.227137] [ 15.227193] Memory state around the buggy address: [ 15.227246] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.227670] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.227900] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.228015] ^ [ 15.228298] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.228730] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.228899] ================================================================== [ 15.158146] ================================================================== [ 15.158216] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.158415] Write of size 1 at addr fff00000c175ceda by task kunit_try_catch/159 [ 15.158541] [ 15.158577] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.158818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158910] Hardware name: linux,dummy-virt (DT) [ 15.158944] Call trace: [ 15.158967] show_stack+0x20/0x38 (C) [ 15.159316] dump_stack_lvl+0x8c/0xd0 [ 15.159472] print_report+0x118/0x5d0 [ 15.159641] kasan_report+0xdc/0x128 [ 15.159773] __asan_report_store1_noabort+0x20/0x30 [ 15.159879] krealloc_less_oob_helper+0xa80/0xc50 [ 15.160028] krealloc_less_oob+0x20/0x38 [ 15.160091] kunit_try_run_case+0x170/0x3f0 [ 15.160370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.160560] kthread+0x328/0x630 [ 15.160685] ret_from_fork+0x10/0x20 [ 15.161117] [ 15.161219] Allocated by task 159: [ 15.161254] kasan_save_stack+0x3c/0x68 [ 15.161555] kasan_save_track+0x20/0x40 [ 15.161621] kasan_save_alloc_info+0x40/0x58 [ 15.161669] __kasan_krealloc+0x118/0x178 [ 15.161862] krealloc_noprof+0x128/0x360 [ 15.161941] krealloc_less_oob_helper+0x168/0xc50 [ 15.162068] krealloc_less_oob+0x20/0x38 [ 15.162116] kunit_try_run_case+0x170/0x3f0 [ 15.162289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.162333] kthread+0x328/0x630 [ 15.162365] ret_from_fork+0x10/0x20 [ 15.162457] [ 15.162664] The buggy address belongs to the object at fff00000c175ce00 [ 15.162664] which belongs to the cache kmalloc-256 of size 256 [ 15.162752] The buggy address is located 17 bytes to the right of [ 15.162752] allocated 201-byte region [fff00000c175ce00, fff00000c175cec9) [ 15.162993] [ 15.163123] The buggy address belongs to the physical page: [ 15.163165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.163226] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.163306] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.163356] page_type: f5(slab) [ 15.163399] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.163467] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.163525] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.163592] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.163640] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.163695] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.163736] page dumped because: kasan: bad access detected [ 15.163785] [ 15.163803] Memory state around the buggy address: [ 15.163833] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163873] fff00000c175ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.163914] >fff00000c175ce80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.163959] ^ [ 15.163997] fff00000c175cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164040] fff00000c175cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.108204] ================================================================== [ 15.108259] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.108309] Write of size 1 at addr fff00000c175cceb by task kunit_try_catch/157 [ 15.108357] [ 15.108388] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.108466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.108500] Hardware name: linux,dummy-virt (DT) [ 15.108659] Call trace: [ 15.108681] show_stack+0x20/0x38 (C) [ 15.108866] dump_stack_lvl+0x8c/0xd0 [ 15.108912] print_report+0x118/0x5d0 [ 15.108957] kasan_report+0xdc/0x128 [ 15.109002] __asan_report_store1_noabort+0x20/0x30 [ 15.109051] krealloc_more_oob_helper+0x60c/0x678 [ 15.109099] krealloc_more_oob+0x20/0x38 [ 15.109143] kunit_try_run_case+0x170/0x3f0 [ 15.109191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.109241] kthread+0x328/0x630 [ 15.109282] ret_from_fork+0x10/0x20 [ 15.109329] [ 15.109347] Allocated by task 157: [ 15.109374] kasan_save_stack+0x3c/0x68 [ 15.109413] kasan_save_track+0x20/0x40 [ 15.109449] kasan_save_alloc_info+0x40/0x58 [ 15.109487] __kasan_krealloc+0x118/0x178 [ 15.109523] krealloc_noprof+0x128/0x360 [ 15.109568] krealloc_more_oob_helper+0x168/0x678 [ 15.109605] krealloc_more_oob+0x20/0x38 [ 15.109640] kunit_try_run_case+0x170/0x3f0 [ 15.109675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.109716] kthread+0x328/0x630 [ 15.109747] ret_from_fork+0x10/0x20 [ 15.109782] [ 15.109800] The buggy address belongs to the object at fff00000c175cc00 [ 15.109800] which belongs to the cache kmalloc-256 of size 256 [ 15.110050] The buggy address is located 0 bytes to the right of [ 15.110050] allocated 235-byte region [fff00000c175cc00, fff00000c175cceb) [ 15.110299] [ 15.110321] The buggy address belongs to the physical page: [ 15.110499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.110905] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.111050] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.111218] page_type: f5(slab) [ 15.111257] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.111308] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.111392] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.111537] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.111619] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.111699] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.111738] page dumped because: kasan: bad access detected [ 15.111768] [ 15.111786] Memory state around the buggy address: [ 15.112120] fff00000c175cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112196] fff00000c175cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.112239] >fff00000c175cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.112323] ^ [ 15.112672] fff00000c175cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112779] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112915] ================================================================== [ 15.203252] ================================================================== [ 15.203308] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.203357] Write of size 1 at addr fff00000c64160f0 by task kunit_try_catch/161 [ 15.203405] [ 15.203745] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.204115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.204143] Hardware name: linux,dummy-virt (DT) [ 15.204172] Call trace: [ 15.204195] show_stack+0x20/0x38 (C) [ 15.204244] dump_stack_lvl+0x8c/0xd0 [ 15.204487] print_report+0x118/0x5d0 [ 15.204589] kasan_report+0xdc/0x128 [ 15.204845] __asan_report_store1_noabort+0x20/0x30 [ 15.205083] krealloc_more_oob_helper+0x5c0/0x678 [ 15.205144] krealloc_large_more_oob+0x20/0x38 [ 15.205191] kunit_try_run_case+0x170/0x3f0 [ 15.205242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.205293] kthread+0x328/0x630 [ 15.205334] ret_from_fork+0x10/0x20 [ 15.205379] [ 15.205841] The buggy address belongs to the physical page: [ 15.206080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.206135] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.206369] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.206688] page_type: f8(unknown) [ 15.206930] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.207005] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.207086] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.207528] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.207783] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.207833] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.207873] page dumped because: kasan: bad access detected [ 15.207903] [ 15.207921] Memory state around the buggy address: [ 15.208073] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.208122] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.208563] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.208606] ^ [ 15.208647] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.208687] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.209292] ================================================================== [ 15.117408] ================================================================== [ 15.117556] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.117654] Write of size 1 at addr fff00000c175ccf0 by task kunit_try_catch/157 [ 15.117704] [ 15.117761] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.117863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.117889] Hardware name: linux,dummy-virt (DT) [ 15.117965] Call trace: [ 15.118091] show_stack+0x20/0x38 (C) [ 15.118142] dump_stack_lvl+0x8c/0xd0 [ 15.118424] print_report+0x118/0x5d0 [ 15.118491] kasan_report+0xdc/0x128 [ 15.118547] __asan_report_store1_noabort+0x20/0x30 [ 15.118598] krealloc_more_oob_helper+0x5c0/0x678 [ 15.118646] krealloc_more_oob+0x20/0x38 [ 15.118690] kunit_try_run_case+0x170/0x3f0 [ 15.118736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.118787] kthread+0x328/0x630 [ 15.118828] ret_from_fork+0x10/0x20 [ 15.118886] [ 15.118904] Allocated by task 157: [ 15.118931] kasan_save_stack+0x3c/0x68 [ 15.118972] kasan_save_track+0x20/0x40 [ 15.119008] kasan_save_alloc_info+0x40/0x58 [ 15.119343] __kasan_krealloc+0x118/0x178 [ 15.119384] krealloc_noprof+0x128/0x360 [ 15.119465] krealloc_more_oob_helper+0x168/0x678 [ 15.119524] krealloc_more_oob+0x20/0x38 [ 15.119752] kunit_try_run_case+0x170/0x3f0 [ 15.119788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.119830] kthread+0x328/0x630 [ 15.119860] ret_from_fork+0x10/0x20 [ 15.119894] [ 15.119913] The buggy address belongs to the object at fff00000c175cc00 [ 15.119913] which belongs to the cache kmalloc-256 of size 256 [ 15.119979] The buggy address is located 5 bytes to the right of [ 15.119979] allocated 235-byte region [fff00000c175cc00, fff00000c175cceb) [ 15.120041] [ 15.120167] The buggy address belongs to the physical page: [ 15.120252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10175c [ 15.120507] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.120565] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.120617] page_type: f5(slab) [ 15.120655] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.120705] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.120753] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.120800] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.120846] head: 0bfffe0000000001 ffffc1ffc305d701 00000000ffffffff 00000000ffffffff [ 15.120904] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.120942] page dumped because: kasan: bad access detected [ 15.120972] [ 15.121094] Memory state around the buggy address: [ 15.121128] fff00000c175cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121170] fff00000c175cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.121285] >fff00000c175cc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.121874] ^ [ 15.121934] fff00000c175cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122039] fff00000c175cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122108] ================================================================== [ 15.194156] ================================================================== [ 15.194254] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.194346] Write of size 1 at addr fff00000c64160eb by task kunit_try_catch/161 [ 15.194395] [ 15.194539] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.195156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.195213] Hardware name: linux,dummy-virt (DT) [ 15.195246] Call trace: [ 15.195455] show_stack+0x20/0x38 (C) [ 15.195512] dump_stack_lvl+0x8c/0xd0 [ 15.195817] print_report+0x118/0x5d0 [ 15.195940] kasan_report+0xdc/0x128 [ 15.196272] __asan_report_store1_noabort+0x20/0x30 [ 15.196649] krealloc_more_oob_helper+0x60c/0x678 [ 15.197300] krealloc_large_more_oob+0x20/0x38 [ 15.197350] kunit_try_run_case+0x170/0x3f0 [ 15.197738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.198163] kthread+0x328/0x630 [ 15.198212] ret_from_fork+0x10/0x20 [ 15.198318] [ 15.198339] The buggy address belongs to the physical page: [ 15.198476] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106414 [ 15.198894] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.199134] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.199317] page_type: f8(unknown) [ 15.199714] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.200132] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.200210] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.200540] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.200659] head: 0bfffe0000000002 ffffc1ffc3190501 00000000ffffffff 00000000ffffffff [ 15.200710] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.200749] page dumped because: kasan: bad access detected [ 15.200785] [ 15.200805] Memory state around the buggy address: [ 15.200836] fff00000c6415f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.201471] fff00000c6416000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.201520] >fff00000c6416080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.201861] ^ [ 15.202044] fff00000c6416100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.202097] fff00000c6416180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.202300] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.098707] ================================================================== [ 15.098762] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.098814] Read of size 1 at addr fff00000c7710000 by task kunit_try_catch/155 [ 15.098863] [ 15.098896] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.098982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.099008] Hardware name: linux,dummy-virt (DT) [ 15.099039] Call trace: [ 15.099060] show_stack+0x20/0x38 (C) [ 15.099108] dump_stack_lvl+0x8c/0xd0 [ 15.099153] print_report+0x118/0x5d0 [ 15.099198] kasan_report+0xdc/0x128 [ 15.099593] __asan_report_load1_noabort+0x20/0x30 [ 15.099650] page_alloc_uaf+0x328/0x350 [ 15.099790] kunit_try_run_case+0x170/0x3f0 [ 15.099855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.099974] kthread+0x328/0x630 [ 15.100078] ret_from_fork+0x10/0x20 [ 15.100130] [ 15.100242] The buggy address belongs to the physical page: [ 15.100328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107710 [ 15.100379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.100433] page_type: f0(buddy) [ 15.100576] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 15.100717] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.100757] page dumped because: kasan: bad access detected [ 15.100792] [ 15.100883] Memory state around the buggy address: [ 15.100950] fff00000c770ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.101080] fff00000c770ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.101122] >fff00000c7710000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.101158] ^ [ 15.101185] fff00000c7710080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.101225] fff00000c7710100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.101260] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.067481] ================================================================== [ 15.067616] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.067685] Free of addr fff00000c6410001 by task kunit_try_catch/151 [ 15.067730] [ 15.068242] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.068546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.068590] Hardware name: linux,dummy-virt (DT) [ 15.068731] Call trace: [ 15.068800] show_stack+0x20/0x38 (C) [ 15.068998] dump_stack_lvl+0x8c/0xd0 [ 15.069077] print_report+0x118/0x5d0 [ 15.069231] kasan_report_invalid_free+0xc0/0xe8 [ 15.069617] __kasan_kfree_large+0x5c/0xa8 [ 15.069768] free_large_kmalloc+0x64/0x190 [ 15.069824] kfree+0x270/0x3c8 [ 15.069865] kmalloc_large_invalid_free+0x108/0x270 [ 15.070210] kunit_try_run_case+0x170/0x3f0 [ 15.070284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.070461] kthread+0x328/0x630 [ 15.070890] ret_from_fork+0x10/0x20 [ 15.071035] [ 15.071058] The buggy address belongs to the physical page: [ 15.071095] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106410 [ 15.071441] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.071522] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.071646] page_type: f8(unknown) [ 15.071698] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.071898] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.071962] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.072180] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.072569] head: 0bfffe0000000002 ffffc1ffc3190401 00000000ffffffff 00000000ffffffff [ 15.072689] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.072789] page dumped because: kasan: bad access detected [ 15.072833] [ 15.072852] Memory state around the buggy address: [ 15.073034] fff00000c640ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073280] fff00000c640ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073351] >fff00000c6410000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.073487] ^ [ 15.073548] fff00000c6410080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.073590] fff00000c6410100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.073960] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.049467] ================================================================== [ 15.049877] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.049972] Read of size 1 at addr fff00000c6410000 by task kunit_try_catch/149 [ 15.050112] [ 15.050162] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.050313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.050428] Hardware name: linux,dummy-virt (DT) [ 15.050459] Call trace: [ 15.050839] show_stack+0x20/0x38 (C) [ 15.050955] dump_stack_lvl+0x8c/0xd0 [ 15.051102] print_report+0x118/0x5d0 [ 15.051191] kasan_report+0xdc/0x128 [ 15.051266] __asan_report_load1_noabort+0x20/0x30 [ 15.051708] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.051880] kunit_try_run_case+0x170/0x3f0 [ 15.052013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.052080] kthread+0x328/0x630 [ 15.052149] ret_from_fork+0x10/0x20 [ 15.052431] [ 15.052641] The buggy address belongs to the physical page: [ 15.052778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106410 [ 15.052918] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.053007] raw: 0bfffe0000000000 ffffc1ffc3190508 fff00000da479c40 0000000000000000 [ 15.053360] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.053437] page dumped because: kasan: bad access detected [ 15.053471] [ 15.053500] Memory state around the buggy address: [ 15.053562] fff00000c640ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.053618] fff00000c640ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.053658] >fff00000c6410000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.053694] ^ [ 15.054989] fff00000c6410080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.055451] fff00000c6410100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.055682] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.035111] ================================================================== [ 15.035187] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.035302] Write of size 1 at addr fff00000c640e00a by task kunit_try_catch/147 [ 15.035355] [ 15.035401] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.035481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.035506] Hardware name: linux,dummy-virt (DT) [ 15.035549] Call trace: [ 15.035580] show_stack+0x20/0x38 (C) [ 15.035630] dump_stack_lvl+0x8c/0xd0 [ 15.035691] print_report+0x118/0x5d0 [ 15.035736] kasan_report+0xdc/0x128 [ 15.035780] __asan_report_store1_noabort+0x20/0x30 [ 15.035829] kmalloc_large_oob_right+0x278/0x2b8 [ 15.035874] kunit_try_run_case+0x170/0x3f0 [ 15.035920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.035972] kthread+0x328/0x630 [ 15.036013] ret_from_fork+0x10/0x20 [ 15.036059] [ 15.036095] The buggy address belongs to the physical page: [ 15.036135] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10640c [ 15.036193] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.036239] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.036295] page_type: f8(unknown) [ 15.036333] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.036380] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.036430] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.036477] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.036525] head: 0bfffe0000000002 ffffc1ffc3190301 00000000ffffffff 00000000ffffffff [ 15.037101] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.037903] page dumped because: kasan: bad access detected [ 15.038257] [ 15.038306] Memory state around the buggy address: [ 15.038359] fff00000c640df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.038550] fff00000c640df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.038769] >fff00000c640e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.038863] ^ [ 15.039002] fff00000c640e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.039073] fff00000c640e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.039250] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.015957] ================================================================== [ 15.016017] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.016067] Write of size 1 at addr fff00000c646df00 by task kunit_try_catch/145 [ 15.016117] [ 15.016150] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.016248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.016275] Hardware name: linux,dummy-virt (DT) [ 15.016305] Call trace: [ 15.016326] show_stack+0x20/0x38 (C) [ 15.016373] dump_stack_lvl+0x8c/0xd0 [ 15.016418] print_report+0x118/0x5d0 [ 15.016462] kasan_report+0xdc/0x128 [ 15.016520] __asan_report_store1_noabort+0x20/0x30 [ 15.017418] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.017488] kunit_try_run_case+0x170/0x3f0 [ 15.017558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.017611] kthread+0x328/0x630 [ 15.017661] ret_from_fork+0x10/0x20 [ 15.017889] [ 15.017990] Allocated by task 145: [ 15.018176] kasan_save_stack+0x3c/0x68 [ 15.018445] kasan_save_track+0x20/0x40 [ 15.018494] kasan_save_alloc_info+0x40/0x58 [ 15.018833] __kasan_kmalloc+0xd4/0xd8 [ 15.018895] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.019014] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.019114] kunit_try_run_case+0x170/0x3f0 [ 15.019314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.019382] kthread+0x328/0x630 [ 15.019441] ret_from_fork+0x10/0x20 [ 15.019481] [ 15.019774] The buggy address belongs to the object at fff00000c646c000 [ 15.019774] which belongs to the cache kmalloc-8k of size 8192 [ 15.019908] The buggy address is located 0 bytes to the right of [ 15.019908] allocated 7936-byte region [fff00000c646c000, fff00000c646df00) [ 15.020035] [ 15.020148] The buggy address belongs to the physical page: [ 15.020185] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106468 [ 15.020316] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.020420] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.020482] page_type: f5(slab) [ 15.020816] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.020878] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.021102] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.021296] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.021413] head: 0bfffe0000000003 ffffc1ffc3191a01 00000000ffffffff 00000000ffffffff [ 15.021572] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.021751] page dumped because: kasan: bad access detected [ 15.021784] [ 15.021803] Memory state around the buggy address: [ 15.021978] fff00000c646de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.022186] fff00000c646de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.022255] >fff00000c646df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.022360] ^ [ 15.022453] fff00000c646df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.022544] fff00000c646e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.022704] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 14.988408] ================================================================== [ 14.988462] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 14.988513] Write of size 1 at addr fff00000c5f9d978 by task kunit_try_catch/143 [ 14.989726] [ 14.989925] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.990180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.990461] Hardware name: linux,dummy-virt (DT) [ 14.990516] Call trace: [ 14.990566] show_stack+0x20/0x38 (C) [ 14.990692] dump_stack_lvl+0x8c/0xd0 [ 14.990789] print_report+0x118/0x5d0 [ 14.990957] kasan_report+0xdc/0x128 [ 14.991045] __asan_report_store1_noabort+0x20/0x30 [ 14.991307] kmalloc_track_caller_oob_right+0x40c/0x488 [ 14.991551] kunit_try_run_case+0x170/0x3f0 [ 14.991625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.992416] kthread+0x328/0x630 [ 14.992498] ret_from_fork+0x10/0x20 [ 14.992634] [ 14.992718] Allocated by task 143: [ 14.992790] kasan_save_stack+0x3c/0x68 [ 14.993026] kasan_save_track+0x20/0x40 [ 14.993200] kasan_save_alloc_info+0x40/0x58 [ 14.993612] __kasan_kmalloc+0xd4/0xd8 [ 14.993689] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.993994] kmalloc_track_caller_oob_right+0xa8/0x488 [ 14.994180] kunit_try_run_case+0x170/0x3f0 [ 14.994227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.994270] kthread+0x328/0x630 [ 14.994628] ret_from_fork+0x10/0x20 [ 14.994690] [ 14.994802] The buggy address belongs to the object at fff00000c5f9d900 [ 14.994802] which belongs to the cache kmalloc-128 of size 128 [ 14.994997] The buggy address is located 0 bytes to the right of [ 14.994997] allocated 120-byte region [fff00000c5f9d900, fff00000c5f9d978) [ 14.995165] [ 14.995226] The buggy address belongs to the physical page: [ 14.995324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 14.995451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.995511] page_type: f5(slab) [ 14.995689] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.995918] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.995999] page dumped because: kasan: bad access detected [ 14.996194] [ 14.996467] Memory state around the buggy address: [ 14.996637] fff00000c5f9d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.996712] fff00000c5f9d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996771] >fff00000c5f9d900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 14.997055] ^ [ 14.997105] fff00000c5f9d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.997493] fff00000c5f9da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.997751] ================================================================== [ 15.000224] ================================================================== [ 15.000359] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.000441] Write of size 1 at addr fff00000c5f9da78 by task kunit_try_catch/143 [ 15.000718] [ 15.000891] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.000981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.001008] Hardware name: linux,dummy-virt (DT) [ 15.001046] Call trace: [ 15.001256] show_stack+0x20/0x38 (C) [ 15.001450] dump_stack_lvl+0x8c/0xd0 [ 15.001576] print_report+0x118/0x5d0 [ 15.001624] kasan_report+0xdc/0x128 [ 15.001677] __asan_report_store1_noabort+0x20/0x30 [ 15.001869] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.002085] kunit_try_run_case+0x170/0x3f0 [ 15.002243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.002313] kthread+0x328/0x630 [ 15.002525] ret_from_fork+0x10/0x20 [ 15.002815] [ 15.002838] Allocated by task 143: [ 15.003050] kasan_save_stack+0x3c/0x68 [ 15.003296] kasan_save_track+0x20/0x40 [ 15.003682] kasan_save_alloc_info+0x40/0x58 [ 15.003903] __kasan_kmalloc+0xd4/0xd8 [ 15.004047] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.004113] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.004476] kunit_try_run_case+0x170/0x3f0 [ 15.004584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.004629] kthread+0x328/0x630 [ 15.004939] ret_from_fork+0x10/0x20 [ 15.005104] [ 15.005160] The buggy address belongs to the object at fff00000c5f9da00 [ 15.005160] which belongs to the cache kmalloc-128 of size 128 [ 15.005246] The buggy address is located 0 bytes to the right of [ 15.005246] allocated 120-byte region [fff00000c5f9da00, fff00000c5f9da78) [ 15.005309] [ 15.005329] The buggy address belongs to the physical page: [ 15.005372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 15.005423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.005470] page_type: f5(slab) [ 15.005523] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.005584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.005631] page dumped because: kasan: bad access detected [ 15.005676] [ 15.005694] Memory state around the buggy address: [ 15.006069] fff00000c5f9d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.006395] fff00000c5f9d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.006467] >fff00000c5f9da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.006680] ^ [ 15.006922] fff00000c5f9da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007049] fff00000c5f9db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 14.972312] ================================================================== [ 14.972375] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 14.972428] Read of size 1 at addr fff00000c60bf000 by task kunit_try_catch/141 [ 14.972653] [ 14.973109] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.973246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.973273] Hardware name: linux,dummy-virt (DT) [ 14.973304] Call trace: [ 14.973346] show_stack+0x20/0x38 (C) [ 14.973399] dump_stack_lvl+0x8c/0xd0 [ 14.973667] print_report+0x118/0x5d0 [ 14.973820] kasan_report+0xdc/0x128 [ 14.974209] __asan_report_load1_noabort+0x20/0x30 [ 14.974449] kmalloc_node_oob_right+0x2f4/0x330 [ 14.974524] kunit_try_run_case+0x170/0x3f0 [ 14.974584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.974766] kthread+0x328/0x630 [ 14.974934] ret_from_fork+0x10/0x20 [ 14.975182] [ 14.975252] Allocated by task 141: [ 14.975292] kasan_save_stack+0x3c/0x68 [ 14.975650] kasan_save_track+0x20/0x40 [ 14.975712] kasan_save_alloc_info+0x40/0x58 [ 14.975950] __kasan_kmalloc+0xd4/0xd8 [ 14.976189] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 14.976260] kmalloc_node_oob_right+0xbc/0x330 [ 14.976602] kunit_try_run_case+0x170/0x3f0 [ 14.976657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.976736] kthread+0x328/0x630 [ 14.976789] ret_from_fork+0x10/0x20 [ 14.976840] [ 14.976871] The buggy address belongs to the object at fff00000c60be000 [ 14.976871] which belongs to the cache kmalloc-4k of size 4096 [ 14.976929] The buggy address is located 0 bytes to the right of [ 14.976929] allocated 4096-byte region [fff00000c60be000, fff00000c60bf000) [ 14.976991] [ 14.977017] The buggy address belongs to the physical page: [ 14.977111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060b8 [ 14.977315] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.977371] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.977475] page_type: f5(slab) [ 14.977541] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.977611] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.977684] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.978950] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.979185] head: 0bfffe0000000003 ffffc1ffc3182e01 00000000ffffffff 00000000ffffffff [ 14.979247] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 14.979371] page dumped because: kasan: bad access detected [ 14.979418] [ 14.979511] Memory state around the buggy address: [ 14.979851] fff00000c60bef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.979911] fff00000c60bef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.980027] >fff00000c60bf000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980193] ^ [ 14.980283] fff00000c60bf080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980416] fff00000c60bf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 14.956321] ================================================================== [ 14.956382] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 14.956435] Read of size 1 at addr fff00000c5f9c3ff by task kunit_try_catch/139 [ 14.956484] [ 14.956514] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.956610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.956637] Hardware name: linux,dummy-virt (DT) [ 14.956824] Call trace: [ 14.956865] show_stack+0x20/0x38 (C) [ 14.956915] dump_stack_lvl+0x8c/0xd0 [ 14.956961] print_report+0x118/0x5d0 [ 14.957146] kasan_report+0xdc/0x128 [ 14.957360] __asan_report_load1_noabort+0x20/0x30 [ 14.957430] kmalloc_oob_left+0x2ec/0x320 [ 14.957476] kunit_try_run_case+0x170/0x3f0 [ 14.957523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.957596] kthread+0x328/0x630 [ 14.957857] ret_from_fork+0x10/0x20 [ 14.957994] [ 14.958217] Allocated by task 24: [ 14.958309] kasan_save_stack+0x3c/0x68 [ 14.958520] kasan_save_track+0x20/0x40 [ 14.958581] kasan_save_alloc_info+0x40/0x58 [ 14.958623] __kasan_kmalloc+0xd4/0xd8 [ 14.958664] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.958874] kvasprintf+0xe0/0x180 [ 14.959075] __kthread_create_on_node+0x16c/0x350 [ 14.959236] kthread_create_on_node+0xe4/0x130 [ 14.959366] create_worker+0x380/0x6b8 [ 14.959446] worker_thread+0x808/0xf38 [ 14.959716] kthread+0x328/0x630 [ 14.960005] ret_from_fork+0x10/0x20 [ 14.960080] [ 14.960129] The buggy address belongs to the object at fff00000c5f9c3e0 [ 14.960129] which belongs to the cache kmalloc-16 of size 16 [ 14.960671] The buggy address is located 19 bytes to the right of [ 14.960671] allocated 12-byte region [fff00000c5f9c3e0, fff00000c5f9c3ec) [ 14.960970] [ 14.961051] The buggy address belongs to the physical page: [ 14.961099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 14.961299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.961360] page_type: f5(slab) [ 14.961400] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 14.961496] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.961548] page dumped because: kasan: bad access detected [ 14.961587] [ 14.961605] Memory state around the buggy address: [ 14.961650] fff00000c5f9c280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.961692] fff00000c5f9c300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.962210] >fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 14.962320] ^ [ 14.962396] fff00000c5f9c400: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962487] fff00000c5f9c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962598] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 14.926334] ================================================================== [ 14.926495] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 14.926735] Read of size 1 at addr fff00000c5f9d880 by task kunit_try_catch/136 [ 14.926816] [ 14.926857] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.927143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.927177] Hardware name: linux,dummy-virt (DT) [ 14.927207] Call trace: [ 14.927228] show_stack+0x20/0x38 (C) [ 14.927277] dump_stack_lvl+0x8c/0xd0 [ 14.927352] print_report+0x118/0x5d0 [ 14.927398] kasan_report+0xdc/0x128 [ 14.927444] __asan_report_load1_noabort+0x20/0x30 [ 14.927567] kmalloc_oob_right+0x5d0/0x660 [ 14.927617] kunit_try_run_case+0x170/0x3f0 [ 14.927675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.927728] kthread+0x328/0x630 [ 14.927769] ret_from_fork+0x10/0x20 [ 14.927815] [ 14.927832] Allocated by task 136: [ 14.927858] kasan_save_stack+0x3c/0x68 [ 14.927982] kasan_save_track+0x20/0x40 [ 14.928026] kasan_save_alloc_info+0x40/0x58 [ 14.928107] __kasan_kmalloc+0xd4/0xd8 [ 14.928143] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.928179] kmalloc_oob_right+0xb0/0x660 [ 14.928214] kunit_try_run_case+0x170/0x3f0 [ 14.928275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.928374] kthread+0x328/0x630 [ 14.928409] ret_from_fork+0x10/0x20 [ 14.928511] [ 14.928559] The buggy address belongs to the object at fff00000c5f9d800 [ 14.928559] which belongs to the cache kmalloc-128 of size 128 [ 14.928615] The buggy address is located 13 bytes to the right of [ 14.928615] allocated 115-byte region [fff00000c5f9d800, fff00000c5f9d873) [ 14.928721] [ 14.928781] The buggy address belongs to the physical page: [ 14.928828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 14.928903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.928948] page_type: f5(slab) [ 14.928984] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.929052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.929092] page dumped because: kasan: bad access detected [ 14.929121] [ 14.929138] Memory state around the buggy address: [ 14.929166] fff00000c5f9d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929207] fff00000c5f9d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.929247] >fff00000c5f9d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929282] ^ [ 14.929308] fff00000c5f9d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929438] fff00000c5f9d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.929491] ================================================================== [ 14.916276] ================================================================== [ 14.916635] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 14.917449] Write of size 1 at addr fff00000c5f9d873 by task kunit_try_catch/136 [ 14.917570] [ 14.918331] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 14.918490] Tainted: [N]=TEST [ 14.918524] Hardware name: linux,dummy-virt (DT) [ 14.918756] Call trace: [ 14.918923] show_stack+0x20/0x38 (C) [ 14.919054] dump_stack_lvl+0x8c/0xd0 [ 14.919115] print_report+0x118/0x5d0 [ 14.919163] kasan_report+0xdc/0x128 [ 14.919208] __asan_report_store1_noabort+0x20/0x30 [ 14.919259] kmalloc_oob_right+0x5a4/0x660 [ 14.919305] kunit_try_run_case+0x170/0x3f0 [ 14.919355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.919407] kthread+0x328/0x630 [ 14.919450] ret_from_fork+0x10/0x20 [ 14.919613] [ 14.919651] Allocated by task 136: [ 14.919788] kasan_save_stack+0x3c/0x68 [ 14.919857] kasan_save_track+0x20/0x40 [ 14.919894] kasan_save_alloc_info+0x40/0x58 [ 14.919933] __kasan_kmalloc+0xd4/0xd8 [ 14.919969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.920008] kmalloc_oob_right+0xb0/0x660 [ 14.920044] kunit_try_run_case+0x170/0x3f0 [ 14.920080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.920121] kthread+0x328/0x630 [ 14.920153] ret_from_fork+0x10/0x20 [ 14.920206] [ 14.920265] The buggy address belongs to the object at fff00000c5f9d800 [ 14.920265] which belongs to the cache kmalloc-128 of size 128 [ 14.920356] The buggy address is located 0 bytes to the right of [ 14.920356] allocated 115-byte region [fff00000c5f9d800, fff00000c5f9d873) [ 14.920421] [ 14.920500] The buggy address belongs to the physical page: [ 14.920714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 14.920977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.921255] page_type: f5(slab) [ 14.921552] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.921616] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.921736] page dumped because: kasan: bad access detected [ 14.921778] [ 14.921824] Memory state around the buggy address: [ 14.922044] fff00000c5f9d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.922108] fff00000c5f9d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922161] >fff00000c5f9d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.922214] ^ [ 14.922293] fff00000c5f9d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922334] fff00000c5f9d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.922393] ================================================================== [ 14.922960] ================================================================== [ 14.923029] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 14.923076] Write of size 1 at addr fff00000c5f9d878 by task kunit_try_catch/136 [ 14.923174] [ 14.923255] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.923334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.923360] Hardware name: linux,dummy-virt (DT) [ 14.923389] Call trace: [ 14.923419] show_stack+0x20/0x38 (C) [ 14.923467] dump_stack_lvl+0x8c/0xd0 [ 14.923511] print_report+0x118/0x5d0 [ 14.923598] kasan_report+0xdc/0x128 [ 14.923652] __asan_report_store1_noabort+0x20/0x30 [ 14.923703] kmalloc_oob_right+0x538/0x660 [ 14.924098] kunit_try_run_case+0x170/0x3f0 [ 14.924176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.924230] kthread+0x328/0x630 [ 14.924271] ret_from_fork+0x10/0x20 [ 14.924317] [ 14.924334] Allocated by task 136: [ 14.924361] kasan_save_stack+0x3c/0x68 [ 14.924429] kasan_save_track+0x20/0x40 [ 14.924468] kasan_save_alloc_info+0x40/0x58 [ 14.924508] __kasan_kmalloc+0xd4/0xd8 [ 14.924553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.924592] kmalloc_oob_right+0xb0/0x660 [ 14.924627] kunit_try_run_case+0x170/0x3f0 [ 14.924663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.924718] kthread+0x328/0x630 [ 14.924782] ret_from_fork+0x10/0x20 [ 14.924903] [ 14.924979] The buggy address belongs to the object at fff00000c5f9d800 [ 14.924979] which belongs to the cache kmalloc-128 of size 128 [ 14.925106] The buggy address is located 5 bytes to the right of [ 14.925106] allocated 115-byte region [fff00000c5f9d800, fff00000c5f9d873) [ 14.925168] [ 14.925187] The buggy address belongs to the physical page: [ 14.925217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9d [ 14.925276] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.925323] page_type: f5(slab) [ 14.925360] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.925416] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.925455] page dumped because: kasan: bad access detected [ 14.925484] [ 14.925512] Memory state around the buggy address: [ 14.925552] fff00000c5f9d700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.925593] fff00000c5f9d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925633] >fff00000c5f9d800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.925669] ^ [ 14.925706] fff00000c5f9d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925837] fff00000c5f9d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925876] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 93.311621] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 93.313152] Modules linked in: [ 93.313548] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 93.314690] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 93.315345] Hardware name: linux,dummy-virt (DT) [ 93.315816] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.316475] pc : intlog10+0x38/0x48 [ 93.316884] lr : intlog10_test+0xe4/0x200 [ 93.317391] sp : ffff800082387c10 [ 93.317763] x29: ffff800082387c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.318733] x26: 1ffe00001969e0a1 x25: 0000000000000000 x24: ffff800082387ce0 [ 93.319637] x23: ffff800082387d00 x22: 0000000000000000 x21: 1ffff00010470f82 [ 93.320427] x20: ffffa6a3ede89d80 x19: ffff800080087990 x18: 000000005181587b [ 93.321176] x17: 000000001de1f559 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 93.322045] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff74d47e3a3379 [ 93.322877] x11: 1ffff4d47e3a3378 x10: ffff74d47e3a3378 x9 : ffffa6a3eb434ddc [ 93.323553] x8 : ffffa6a3f1d19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.324155] x5 : ffff700010470f82 x4 : 1ffff00010010f3a x3 : 1ffff4d47dbd13b0 [ 93.324502] x2 : 1ffff4d47dbd13b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.324857] Call trace: [ 93.324994] intlog10+0x38/0x48 (P) [ 93.325187] kunit_try_run_case+0x170/0x3f0 [ 93.325390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.325872] kthread+0x328/0x630 [ 93.326270] ret_from_fork+0x10/0x20 [ 93.326815] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 93.263741] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 93.266746] Modules linked in: [ 93.266987] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 93.268679] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 93.269492] Hardware name: linux,dummy-virt (DT) [ 93.270110] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.270974] pc : intlog2+0xd8/0xf8 [ 93.271487] lr : intlog2_test+0xe4/0x200 [ 93.272117] sp : ffff800082287c10 [ 93.272415] x29: ffff800082287c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.272788] x26: 1ffe000018f54461 x25: 0000000000000000 x24: ffff800082287ce0 [ 93.273133] x23: ffff800082287d00 x22: 0000000000000000 x21: 1ffff00010450f82 [ 93.273477] x20: ffffa6a3ede89c80 x19: ffff800080087990 x18: 00000000459d7194 [ 93.273833] x17: 000000007c6b8a7d x16: fff00000c0975c3c x15: 0000000059599b49 [ 93.274510] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff74d47e3a3379 [ 93.275082] x11: 1ffff4d47e3a3378 x10: ffff74d47e3a3378 x9 : ffffa6a3eb434fdc [ 93.276081] x8 : ffffa6a3f1d19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.276894] x5 : ffff700010450f82 x4 : 1ffff00010010f3a x3 : 1ffff4d47dbd1390 [ 93.277617] x2 : 1ffff4d47dbd1390 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.278219] Call trace: [ 93.278562] intlog2+0xd8/0xf8 (P) [ 93.279025] kunit_try_run_case+0x170/0x3f0 [ 93.279433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.279686] kthread+0x328/0x630 [ 93.279862] ret_from_fork+0x10/0x20 [ 93.280070] ---[ end trace 0000000000000000 ]---