Date
July 19, 2025, 11:12 p.m.
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.904432] ================================================================== [ 20.904518] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 20.904518] [ 20.904621] Corrupted memory at 0x000000009bf13ff5 [ ! ] (in kfence-#97): [ 20.904748] test_corruption+0x1d8/0x378 [ 20.904796] kunit_try_run_case+0x170/0x3f0 [ 20.904837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.904883] kthread+0x328/0x630 [ 20.904919] ret_from_fork+0x10/0x20 [ 20.904960] [ 20.904984] kfence-#97: 0x0000000070456a4f-0x000000005790344a, size=32, cache=test [ 20.904984] [ 20.905037] allocated by task 313 on cpu 1 at 20.904291s (0.000742s ago): [ 20.905098] test_alloc+0x230/0x628 [ 20.905139] test_corruption+0x198/0x378 [ 20.905178] kunit_try_run_case+0x170/0x3f0 [ 20.905218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.905261] kthread+0x328/0x630 [ 20.905296] ret_from_fork+0x10/0x20 [ 20.905336] [ 20.905359] freed by task 313 on cpu 1 at 20.904349s (0.001006s ago): [ 20.905418] test_corruption+0x1d8/0x378 [ 20.905456] kunit_try_run_case+0x170/0x3f0 [ 20.905496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.905539] kthread+0x328/0x630 [ 20.905573] ret_from_fork+0x10/0x20 [ 20.905612] [ 20.905660] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.905745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.905776] Hardware name: linux,dummy-virt (DT) [ 20.905808] ================================================================== [ 20.696559] ================================================================== [ 20.696648] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.696648] [ 20.696729] Corrupted memory at 0x00000000c3be96a4 [ ! ] (in kfence-#95): [ 20.696859] test_corruption+0x284/0x378 [ 20.696906] kunit_try_run_case+0x170/0x3f0 [ 20.696949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.696993] kthread+0x328/0x630 [ 20.697031] ret_from_fork+0x10/0x20 [ 20.697072] [ 20.697096] kfence-#95: 0x00000000e001ad2e-0x00000000250b082a, size=32, cache=kmalloc-32 [ 20.697096] [ 20.697150] allocated by task 311 on cpu 1 at 20.696295s (0.000851s ago): [ 20.697210] test_alloc+0x29c/0x628 [ 20.697251] test_corruption+0x198/0x378 [ 20.697291] kunit_try_run_case+0x170/0x3f0 [ 20.697329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.697372] kthread+0x328/0x630 [ 20.697406] ret_from_fork+0x10/0x20 [ 20.697445] [ 20.697468] freed by task 311 on cpu 1 at 20.696396s (0.001068s ago): [ 20.697528] test_corruption+0x284/0x378 [ 20.697568] kunit_try_run_case+0x170/0x3f0 [ 20.697606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.697656] kthread+0x328/0x630 [ 20.697701] ret_from_fork+0x10/0x20 [ 20.697741] [ 20.697780] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.697856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.697886] Hardware name: linux,dummy-virt (DT) [ 20.697919] ================================================================== [ 20.592570] ================================================================== [ 20.592663] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.592663] [ 20.592742] Corrupted memory at 0x000000002f935854 [ ! . . . . . . . . . . . . . . . ] (in kfence-#94): [ 20.593063] test_corruption+0x278/0x378 [ 20.593112] kunit_try_run_case+0x170/0x3f0 [ 20.593156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.593200] kthread+0x328/0x630 [ 20.593239] ret_from_fork+0x10/0x20 [ 20.593281] [ 20.593305] kfence-#94: 0x000000005ea3dabf-0x000000005f923423, size=32, cache=kmalloc-32 [ 20.593305] [ 20.593364] allocated by task 311 on cpu 1 at 20.592370s (0.000990s ago): [ 20.593425] test_alloc+0x29c/0x628 [ 20.593465] test_corruption+0xdc/0x378 [ 20.593506] kunit_try_run_case+0x170/0x3f0 [ 20.593547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.593591] kthread+0x328/0x630 [ 20.593636] ret_from_fork+0x10/0x20 [ 20.593675] [ 20.593710] freed by task 311 on cpu 1 at 20.592475s (0.001231s ago): [ 20.593771] test_corruption+0x278/0x378 [ 20.593811] kunit_try_run_case+0x170/0x3f0 [ 20.593851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.593894] kthread+0x328/0x630 [ 20.593928] ret_from_fork+0x10/0x20 [ 20.593968] [ 20.594016] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.594097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.594128] Hardware name: linux,dummy-virt (DT) [ 20.594165] ================================================================== [ 20.800343] ================================================================== [ 20.800430] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 20.800430] [ 20.800488] Corrupted memory at 0x00000000febddc50 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 20.800821] test_corruption+0x120/0x378 [ 20.800869] kunit_try_run_case+0x170/0x3f0 [ 20.800915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.800960] kthread+0x328/0x630 [ 20.800998] ret_from_fork+0x10/0x20 [ 20.801039] [ 20.801063] kfence-#96: 0x0000000070e6bf06-0x0000000095f6c1f3, size=32, cache=test [ 20.801063] [ 20.801117] allocated by task 313 on cpu 1 at 20.800201s (0.000912s ago): [ 20.801178] test_alloc+0x230/0x628 [ 20.801218] test_corruption+0xdc/0x378 [ 20.801258] kunit_try_run_case+0x170/0x3f0 [ 20.801297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.801341] kthread+0x328/0x630 [ 20.801378] ret_from_fork+0x10/0x20 [ 20.801416] [ 20.801440] freed by task 313 on cpu 1 at 20.800260s (0.001175s ago): [ 20.801500] test_corruption+0x120/0x378 [ 20.801540] kunit_try_run_case+0x170/0x3f0 [ 20.801580] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.801630] kthread+0x328/0x630 [ 20.801666] ret_from_fork+0x10/0x20 [ 20.801715] [ 20.801757] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.801836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.801865] Hardware name: linux,dummy-virt (DT) [ 20.801898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.232822] ================================================================== [ 18.233033] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.233138] Write of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.233331] [ 18.233435] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.233543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.233621] Hardware name: linux,dummy-virt (DT) [ 18.233656] Call trace: [ 18.233747] show_stack+0x20/0x38 (C) [ 18.233829] dump_stack_lvl+0x8c/0xd0 [ 18.234039] print_report+0x118/0x5d0 [ 18.234105] kasan_report+0xdc/0x128 [ 18.234195] kasan_check_range+0x100/0x1a8 [ 18.234249] __kasan_check_write+0x20/0x30 [ 18.234297] strncpy_from_user+0x3c/0x2a0 [ 18.234347] copy_user_test_oob+0x5c0/0xec8 [ 18.234533] kunit_try_run_case+0x170/0x3f0 [ 18.234629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.234744] kthread+0x328/0x630 [ 18.234818] ret_from_fork+0x10/0x20 [ 18.235066] [ 18.235098] Allocated by task 285: [ 18.235143] kasan_save_stack+0x3c/0x68 [ 18.235188] kasan_save_track+0x20/0x40 [ 18.235238] kasan_save_alloc_info+0x40/0x58 [ 18.235281] __kasan_kmalloc+0xd4/0xd8 [ 18.235460] __kmalloc_noprof+0x198/0x4c8 [ 18.235518] kunit_kmalloc_array+0x34/0x88 [ 18.235557] copy_user_test_oob+0xac/0xec8 [ 18.235616] kunit_try_run_case+0x170/0x3f0 [ 18.235664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.235983] kthread+0x328/0x630 [ 18.236098] ret_from_fork+0x10/0x20 [ 18.236199] [ 18.236274] The buggy address belongs to the object at fff00000c790e600 [ 18.236274] which belongs to the cache kmalloc-128 of size 128 [ 18.236426] The buggy address is located 0 bytes inside of [ 18.236426] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.236598] [ 18.236670] The buggy address belongs to the physical page: [ 18.236725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.236781] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.236983] page_type: f5(slab) [ 18.237026] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.237113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.237159] page dumped because: kasan: bad access detected [ 18.237282] [ 18.237361] Memory state around the buggy address: [ 18.237523] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.237854] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238022] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.238110] ^ [ 18.238448] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238597] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.238699] ================================================================== [ 18.239372] ================================================================== [ 18.239424] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.239721] Write of size 1 at addr fff00000c790e678 by task kunit_try_catch/285 [ 18.239791] [ 18.239825] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.240025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.240182] Hardware name: linux,dummy-virt (DT) [ 18.240216] Call trace: [ 18.240241] show_stack+0x20/0x38 (C) [ 18.240473] dump_stack_lvl+0x8c/0xd0 [ 18.240534] print_report+0x118/0x5d0 [ 18.240712] kasan_report+0xdc/0x128 [ 18.240895] __asan_report_store1_noabort+0x20/0x30 [ 18.240980] strncpy_from_user+0x270/0x2a0 [ 18.241192] copy_user_test_oob+0x5c0/0xec8 [ 18.241367] kunit_try_run_case+0x170/0x3f0 [ 18.241453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.241640] kthread+0x328/0x630 [ 18.241755] ret_from_fork+0x10/0x20 [ 18.241929] [ 18.242048] Allocated by task 285: [ 18.242082] kasan_save_stack+0x3c/0x68 [ 18.242330] kasan_save_track+0x20/0x40 [ 18.242546] kasan_save_alloc_info+0x40/0x58 [ 18.242633] __kasan_kmalloc+0xd4/0xd8 [ 18.242729] __kmalloc_noprof+0x198/0x4c8 [ 18.243025] kunit_kmalloc_array+0x34/0x88 [ 18.243134] copy_user_test_oob+0xac/0xec8 [ 18.243242] kunit_try_run_case+0x170/0x3f0 [ 18.243286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.243366] kthread+0x328/0x630 [ 18.243562] ret_from_fork+0x10/0x20 [ 18.243611] [ 18.243681] The buggy address belongs to the object at fff00000c790e600 [ 18.243681] which belongs to the cache kmalloc-128 of size 128 [ 18.243787] The buggy address is located 0 bytes to the right of [ 18.243787] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.244103] [ 18.244218] The buggy address belongs to the physical page: [ 18.244323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.244406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.244467] page_type: f5(slab) [ 18.244545] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.244601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.244671] page dumped because: kasan: bad access detected [ 18.244720] [ 18.244741] Memory state around the buggy address: [ 18.244788] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.244835] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.244892] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.244940] ^ [ 18.244986] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.245031] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.245081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.213235] ================================================================== [ 18.213305] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.213357] Read of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.213413] [ 18.213444] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.213529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.213559] Hardware name: linux,dummy-virt (DT) [ 18.213592] Call trace: [ 18.213621] show_stack+0x20/0x38 (C) [ 18.213669] dump_stack_lvl+0x8c/0xd0 [ 18.213740] print_report+0x118/0x5d0 [ 18.213789] kasan_report+0xdc/0x128 [ 18.213835] kasan_check_range+0x100/0x1a8 [ 18.213892] __kasan_check_read+0x20/0x30 [ 18.213946] copy_user_test_oob+0x3c8/0xec8 [ 18.213995] kunit_try_run_case+0x170/0x3f0 [ 18.214042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.214095] kthread+0x328/0x630 [ 18.214138] ret_from_fork+0x10/0x20 [ 18.214187] [ 18.214210] Allocated by task 285: [ 18.214238] kasan_save_stack+0x3c/0x68 [ 18.214280] kasan_save_track+0x20/0x40 [ 18.214318] kasan_save_alloc_info+0x40/0x58 [ 18.214370] __kasan_kmalloc+0xd4/0xd8 [ 18.214416] __kmalloc_noprof+0x198/0x4c8 [ 18.214465] kunit_kmalloc_array+0x34/0x88 [ 18.214505] copy_user_test_oob+0xac/0xec8 [ 18.214544] kunit_try_run_case+0x170/0x3f0 [ 18.214582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.214627] kthread+0x328/0x630 [ 18.214662] ret_from_fork+0x10/0x20 [ 18.214909] [ 18.214937] The buggy address belongs to the object at fff00000c790e600 [ 18.214937] which belongs to the cache kmalloc-128 of size 128 [ 18.215000] The buggy address is located 0 bytes inside of [ 18.215000] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.215451] [ 18.215702] The buggy address belongs to the physical page: [ 18.215755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.216077] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.216590] page_type: f5(slab) [ 18.216992] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.217306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.217934] page dumped because: kasan: bad access detected [ 18.218013] [ 18.218057] Memory state around the buggy address: [ 18.218377] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.218473] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.219369] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.219424] ^ [ 18.219473] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.219545] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.219608] ================================================================== [ 18.203402] ================================================================== [ 18.203498] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.203669] Write of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.203740] [ 18.203782] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.203873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.204304] Hardware name: linux,dummy-virt (DT) [ 18.204389] Call trace: [ 18.204491] show_stack+0x20/0x38 (C) [ 18.204551] dump_stack_lvl+0x8c/0xd0 [ 18.204627] print_report+0x118/0x5d0 [ 18.204677] kasan_report+0xdc/0x128 [ 18.204736] kasan_check_range+0x100/0x1a8 [ 18.205208] __kasan_check_write+0x20/0x30 [ 18.205304] copy_user_test_oob+0x35c/0xec8 [ 18.205466] kunit_try_run_case+0x170/0x3f0 [ 18.205558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.205945] kthread+0x328/0x630 [ 18.206018] ret_from_fork+0x10/0x20 [ 18.206083] [ 18.206436] Allocated by task 285: [ 18.206507] kasan_save_stack+0x3c/0x68 [ 18.206645] kasan_save_track+0x20/0x40 [ 18.206713] kasan_save_alloc_info+0x40/0x58 [ 18.206832] __kasan_kmalloc+0xd4/0xd8 [ 18.207176] __kmalloc_noprof+0x198/0x4c8 [ 18.207332] kunit_kmalloc_array+0x34/0x88 [ 18.207533] copy_user_test_oob+0xac/0xec8 [ 18.207716] kunit_try_run_case+0x170/0x3f0 [ 18.207796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.207960] kthread+0x328/0x630 [ 18.208027] ret_from_fork+0x10/0x20 [ 18.208065] [ 18.208088] The buggy address belongs to the object at fff00000c790e600 [ 18.208088] which belongs to the cache kmalloc-128 of size 128 [ 18.208156] The buggy address is located 0 bytes inside of [ 18.208156] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.208393] [ 18.208607] The buggy address belongs to the physical page: [ 18.208658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.209070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.209230] page_type: f5(slab) [ 18.209305] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.209384] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.209429] page dumped because: kasan: bad access detected [ 18.209927] [ 18.209966] Memory state around the buggy address: [ 18.210186] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.210253] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.210385] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.210427] ^ [ 18.210475] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.210952] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.211139] ================================================================== [ 18.170657] ================================================================== [ 18.170798] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.170892] Write of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.171546] [ 18.171671] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.172072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.172182] Hardware name: linux,dummy-virt (DT) [ 18.172268] Call trace: [ 18.172627] show_stack+0x20/0x38 (C) [ 18.172713] dump_stack_lvl+0x8c/0xd0 [ 18.172908] print_report+0x118/0x5d0 [ 18.173348] kasan_report+0xdc/0x128 [ 18.173466] kasan_check_range+0x100/0x1a8 [ 18.173585] __kasan_check_write+0x20/0x30 [ 18.173817] copy_user_test_oob+0x234/0xec8 [ 18.173986] kunit_try_run_case+0x170/0x3f0 [ 18.174083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.174186] kthread+0x328/0x630 [ 18.174239] ret_from_fork+0x10/0x20 [ 18.174698] [ 18.174767] Allocated by task 285: [ 18.174822] kasan_save_stack+0x3c/0x68 [ 18.175270] kasan_save_track+0x20/0x40 [ 18.175609] kasan_save_alloc_info+0x40/0x58 [ 18.175762] __kasan_kmalloc+0xd4/0xd8 [ 18.176157] __kmalloc_noprof+0x198/0x4c8 [ 18.176213] kunit_kmalloc_array+0x34/0x88 [ 18.176256] copy_user_test_oob+0xac/0xec8 [ 18.176494] kunit_try_run_case+0x170/0x3f0 [ 18.176929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.177107] kthread+0x328/0x630 [ 18.177217] ret_from_fork+0x10/0x20 [ 18.177391] [ 18.177415] The buggy address belongs to the object at fff00000c790e600 [ 18.177415] which belongs to the cache kmalloc-128 of size 128 [ 18.177629] The buggy address is located 0 bytes inside of [ 18.177629] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.177835] [ 18.177886] The buggy address belongs to the physical page: [ 18.177973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.178060] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.178127] page_type: f5(slab) [ 18.178189] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.178252] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.178309] page dumped because: kasan: bad access detected [ 18.178343] [ 18.178373] Memory state around the buggy address: [ 18.178419] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.178478] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.178536] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.178577] ^ [ 18.178631] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.178675] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.178744] ================================================================== [ 18.221922] ================================================================== [ 18.221987] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.222211] Write of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.222280] [ 18.222312] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.222718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.222770] Hardware name: linux,dummy-virt (DT) [ 18.222804] Call trace: [ 18.223100] show_stack+0x20/0x38 (C) [ 18.223256] dump_stack_lvl+0x8c/0xd0 [ 18.223312] print_report+0x118/0x5d0 [ 18.223359] kasan_report+0xdc/0x128 [ 18.223411] kasan_check_range+0x100/0x1a8 [ 18.223641] __kasan_check_write+0x20/0x30 [ 18.223910] copy_user_test_oob+0x434/0xec8 [ 18.223969] kunit_try_run_case+0x170/0x3f0 [ 18.224017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.224071] kthread+0x328/0x630 [ 18.224115] ret_from_fork+0x10/0x20 [ 18.224787] [ 18.224902] Allocated by task 285: [ 18.224972] kasan_save_stack+0x3c/0x68 [ 18.225131] kasan_save_track+0x20/0x40 [ 18.225174] kasan_save_alloc_info+0x40/0x58 [ 18.225217] __kasan_kmalloc+0xd4/0xd8 [ 18.225266] __kmalloc_noprof+0x198/0x4c8 [ 18.225307] kunit_kmalloc_array+0x34/0x88 [ 18.225356] copy_user_test_oob+0xac/0xec8 [ 18.225403] kunit_try_run_case+0x170/0x3f0 [ 18.225443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.225497] kthread+0x328/0x630 [ 18.225533] ret_from_fork+0x10/0x20 [ 18.225569] [ 18.225593] The buggy address belongs to the object at fff00000c790e600 [ 18.225593] which belongs to the cache kmalloc-128 of size 128 [ 18.225656] The buggy address is located 0 bytes inside of [ 18.225656] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.225739] [ 18.225780] The buggy address belongs to the physical page: [ 18.225820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.225895] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.225958] page_type: f5(slab) [ 18.225997] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.226057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.226108] page dumped because: kasan: bad access detected [ 18.226163] [ 18.226197] Memory state around the buggy address: [ 18.226233] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.226279] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226325] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.226365] ^ [ 18.226409] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226453] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226495] ================================================================== [ 18.227381] ================================================================== [ 18.228084] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.228155] Read of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.228209] [ 18.228242] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.228326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.228356] Hardware name: linux,dummy-virt (DT) [ 18.228387] Call trace: [ 18.228411] show_stack+0x20/0x38 (C) [ 18.228460] dump_stack_lvl+0x8c/0xd0 [ 18.228507] print_report+0x118/0x5d0 [ 18.228554] kasan_report+0xdc/0x128 [ 18.228601] kasan_check_range+0x100/0x1a8 [ 18.228651] __kasan_check_read+0x20/0x30 [ 18.228710] copy_user_test_oob+0x4a0/0xec8 [ 18.228757] kunit_try_run_case+0x170/0x3f0 [ 18.228806] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.228860] kthread+0x328/0x630 [ 18.228904] ret_from_fork+0x10/0x20 [ 18.228952] [ 18.228973] Allocated by task 285: [ 18.229002] kasan_save_stack+0x3c/0x68 [ 18.229044] kasan_save_track+0x20/0x40 [ 18.229083] kasan_save_alloc_info+0x40/0x58 [ 18.229126] __kasan_kmalloc+0xd4/0xd8 [ 18.229165] __kmalloc_noprof+0x198/0x4c8 [ 18.229204] kunit_kmalloc_array+0x34/0x88 [ 18.229242] copy_user_test_oob+0xac/0xec8 [ 18.229281] kunit_try_run_case+0x170/0x3f0 [ 18.229319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.229364] kthread+0x328/0x630 [ 18.229397] ret_from_fork+0x10/0x20 [ 18.229434] [ 18.229455] The buggy address belongs to the object at fff00000c790e600 [ 18.229455] which belongs to the cache kmalloc-128 of size 128 [ 18.229514] The buggy address is located 0 bytes inside of [ 18.229514] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.229576] [ 18.229597] The buggy address belongs to the physical page: [ 18.229636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.229770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.229846] page_type: f5(slab) [ 18.229995] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.230346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.230487] page dumped because: kasan: bad access detected [ 18.230741] [ 18.230803] Memory state around the buggy address: [ 18.230840] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.230895] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.231055] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.231122] ^ [ 18.231228] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.231305] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.231524] ================================================================== [ 18.186618] ================================================================== [ 18.186746] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.187213] Read of size 121 at addr fff00000c790e600 by task kunit_try_catch/285 [ 18.187310] [ 18.187345] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.187743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.187774] Hardware name: linux,dummy-virt (DT) [ 18.187808] Call trace: [ 18.188205] show_stack+0x20/0x38 (C) [ 18.188369] dump_stack_lvl+0x8c/0xd0 [ 18.188492] print_report+0x118/0x5d0 [ 18.188544] kasan_report+0xdc/0x128 [ 18.188591] kasan_check_range+0x100/0x1a8 [ 18.188876] __kasan_check_read+0x20/0x30 [ 18.189046] copy_user_test_oob+0x728/0xec8 [ 18.189146] kunit_try_run_case+0x170/0x3f0 [ 18.189222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.189403] kthread+0x328/0x630 [ 18.189569] ret_from_fork+0x10/0x20 [ 18.189655] [ 18.189677] Allocated by task 285: [ 18.189729] kasan_save_stack+0x3c/0x68 [ 18.190041] kasan_save_track+0x20/0x40 [ 18.190136] kasan_save_alloc_info+0x40/0x58 [ 18.190298] __kasan_kmalloc+0xd4/0xd8 [ 18.190343] __kmalloc_noprof+0x198/0x4c8 [ 18.190383] kunit_kmalloc_array+0x34/0x88 [ 18.190558] copy_user_test_oob+0xac/0xec8 [ 18.190638] kunit_try_run_case+0x170/0x3f0 [ 18.190708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.190754] kthread+0x328/0x630 [ 18.190788] ret_from_fork+0x10/0x20 [ 18.190828] [ 18.190870] The buggy address belongs to the object at fff00000c790e600 [ 18.190870] which belongs to the cache kmalloc-128 of size 128 [ 18.190941] The buggy address is located 0 bytes inside of [ 18.190941] allocated 120-byte region [fff00000c790e600, fff00000c790e678) [ 18.191014] [ 18.191045] The buggy address belongs to the physical page: [ 18.191079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.191152] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.191203] page_type: f5(slab) [ 18.191242] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.191295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.191338] page dumped because: kasan: bad access detected [ 18.191381] [ 18.191403] Memory state around the buggy address: [ 18.191437] fff00000c790e500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.191483] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.191529] >fff00000c790e600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.191570] ^ [ 18.191613] fff00000c790e680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.191659] fff00000c790e700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.191710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.118790] ================================================================== [ 18.118999] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.119128] Read of size 8 at addr fff00000c790e578 by task kunit_try_catch/281 [ 18.119201] [ 18.119244] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.119615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.119720] Hardware name: linux,dummy-virt (DT) [ 18.119761] Call trace: [ 18.119790] show_stack+0x20/0x38 (C) [ 18.120157] dump_stack_lvl+0x8c/0xd0 [ 18.120291] print_report+0x118/0x5d0 [ 18.120346] kasan_report+0xdc/0x128 [ 18.120678] __asan_report_load8_noabort+0x20/0x30 [ 18.120876] copy_to_kernel_nofault+0x204/0x250 [ 18.120979] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.121104] kunit_try_run_case+0x170/0x3f0 [ 18.121163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.121582] kthread+0x328/0x630 [ 18.121916] ret_from_fork+0x10/0x20 [ 18.122054] [ 18.122372] Allocated by task 281: [ 18.122721] kasan_save_stack+0x3c/0x68 [ 18.122834] kasan_save_track+0x20/0x40 [ 18.122962] kasan_save_alloc_info+0x40/0x58 [ 18.123106] __kasan_kmalloc+0xd4/0xd8 [ 18.123217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.123307] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.123519] kunit_try_run_case+0x170/0x3f0 [ 18.123772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.123940] kthread+0x328/0x630 [ 18.123981] ret_from_fork+0x10/0x20 [ 18.124047] [ 18.124073] The buggy address belongs to the object at fff00000c790e500 [ 18.124073] which belongs to the cache kmalloc-128 of size 128 [ 18.124295] The buggy address is located 0 bytes to the right of [ 18.124295] allocated 120-byte region [fff00000c790e500, fff00000c790e578) [ 18.124518] [ 18.124548] The buggy address belongs to the physical page: [ 18.124584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.124651] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.124727] page_type: f5(slab) [ 18.124780] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.124852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.124897] page dumped because: kasan: bad access detected [ 18.124930] [ 18.124952] Memory state around the buggy address: [ 18.124996] fff00000c790e400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.125049] fff00000c790e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.125095] >fff00000c790e500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.125145] ^ [ 18.125190] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.125235] fff00000c790e600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.125285] ================================================================== [ 18.126858] ================================================================== [ 18.127255] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.127334] Write of size 8 at addr fff00000c790e578 by task kunit_try_catch/281 [ 18.127389] [ 18.127448] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.127623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.127655] Hardware name: linux,dummy-virt (DT) [ 18.127845] Call trace: [ 18.127881] show_stack+0x20/0x38 (C) [ 18.128161] dump_stack_lvl+0x8c/0xd0 [ 18.128281] print_report+0x118/0x5d0 [ 18.128497] kasan_report+0xdc/0x128 [ 18.128733] kasan_check_range+0x100/0x1a8 [ 18.128895] __kasan_check_write+0x20/0x30 [ 18.129036] copy_to_kernel_nofault+0x8c/0x250 [ 18.129136] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.129496] kunit_try_run_case+0x170/0x3f0 [ 18.129716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.129882] kthread+0x328/0x630 [ 18.129952] ret_from_fork+0x10/0x20 [ 18.130126] [ 18.130167] Allocated by task 281: [ 18.130509] kasan_save_stack+0x3c/0x68 [ 18.130582] kasan_save_track+0x20/0x40 [ 18.130645] kasan_save_alloc_info+0x40/0x58 [ 18.130817] __kasan_kmalloc+0xd4/0xd8 [ 18.130897] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.131225] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.131315] kunit_try_run_case+0x170/0x3f0 [ 18.131515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.131713] kthread+0x328/0x630 [ 18.131918] ret_from_fork+0x10/0x20 [ 18.132110] [ 18.132232] The buggy address belongs to the object at fff00000c790e500 [ 18.132232] which belongs to the cache kmalloc-128 of size 128 [ 18.132389] The buggy address is located 0 bytes to the right of [ 18.132389] allocated 120-byte region [fff00000c790e500, fff00000c790e578) [ 18.132481] [ 18.132581] The buggy address belongs to the physical page: [ 18.132651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 18.132740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.133169] page_type: f5(slab) [ 18.133505] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.133844] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.133913] page dumped because: kasan: bad access detected [ 18.133967] [ 18.134003] Memory state around the buggy address: [ 18.134054] fff00000c790e400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.134179] fff00000c790e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.134234] >fff00000c790e500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.134291] ^ [ 18.134338] fff00000c790e580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.134384] fff00000c790e600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.134426] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.740520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 17.749212] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 17.745134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 17.780832] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.792584] ================================================================== [ 25.792681] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.792681] [ 25.792796] Out-of-bounds read at 0x00000000e4277de9 (105B right of kfence-#144): [ 25.792858] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.792909] kunit_try_run_case+0x170/0x3f0 [ 25.792955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.792999] kthread+0x328/0x630 [ 25.793039] ret_from_fork+0x10/0x20 [ 25.793080] [ 25.793105] kfence-#144: 0x00000000ab9d7fa2-0x00000000018b7c82, size=73, cache=kmalloc-96 [ 25.793105] [ 25.793160] allocated by task 323 on cpu 0 at 25.792323s (0.000833s ago): [ 25.793232] test_alloc+0x29c/0x628 [ 25.793273] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.793314] kunit_try_run_case+0x170/0x3f0 [ 25.793355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.793400] kthread+0x328/0x630 [ 25.793436] ret_from_fork+0x10/0x20 [ 25.793476] [ 25.793524] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.793605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.793643] Hardware name: linux,dummy-virt (DT) [ 25.793679] ==================================================================
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.369600] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.373482] Modules linked in: [ 94.373928] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 94.374476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.374726] Hardware name: linux,dummy-virt (DT) [ 94.375065] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.375422] pc : kunit_test_null_dereference+0x70/0x170 [ 94.375814] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.376152] sp : ffff800081fb7d30 [ 94.376372] x29: ffff800081fb7d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.376896] x26: 1ffe000018bd9461 x25: 0000000000000000 x24: 0000000000000004 [ 94.377330] x23: fff00000c5eca30c x22: ffff9612d1822f38 x21: fff00000c115f408 [ 94.377712] x20: 1ffff000103f6fa6 x19: ffff800080087990 x18: 000000000b39fa4a [ 94.378168] x17: 0000000000000000 x16: fff00000da474d28 x15: 000000000e4cf548 [ 94.378616] x14: 00000000f0dc133c x13: 1ffe00001b48e989 x12: fffd800018ff2dc4 [ 94.379062] x11: 1ffe000018ff2dc3 x10: fffd800018ff2dc3 x9 : ffff9612d181a3a0 [ 94.379539] x8 : ffff800081fb7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.380008] x5 : ffff7000103f6fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.380388] x2 : dfff800000000000 x1 : fff00000c7f96540 x0 : ffff800080087990 [ 94.380790] Call trace: [ 94.381003] kunit_test_null_dereference+0x70/0x170 (P) [ 94.381330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.381649] kthread+0x328/0x630 [ 94.381891] ret_from_fork+0x10/0x20 [ 94.382502] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.383063] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.821981] ================================================================== [ 49.822083] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.822083] [ 49.822180] Use-after-free read at 0x00000000ca67a30f (in kfence-#152): [ 49.822235] test_krealloc+0x51c/0x830 [ 49.822282] kunit_try_run_case+0x170/0x3f0 [ 49.822328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.822374] kthread+0x328/0x630 [ 49.822416] ret_from_fork+0x10/0x20 [ 49.822457] [ 49.822481] kfence-#152: 0x00000000ca67a30f-0x000000001d64a8f4, size=32, cache=kmalloc-32 [ 49.822481] [ 49.822537] allocated by task 337 on cpu 1 at 49.821278s (0.001254s ago): [ 49.822608] test_alloc+0x29c/0x628 [ 49.822647] test_krealloc+0xc0/0x830 [ 49.822702] kunit_try_run_case+0x170/0x3f0 [ 49.822743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.822786] kthread+0x328/0x630 [ 49.822823] ret_from_fork+0x10/0x20 [ 49.822864] [ 49.822889] freed by task 337 on cpu 1 at 49.821544s (0.001341s ago): [ 49.822953] krealloc_noprof+0x148/0x360 [ 49.822992] test_krealloc+0x1dc/0x830 [ 49.823031] kunit_try_run_case+0x170/0x3f0 [ 49.823071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.823114] kthread+0x328/0x630 [ 49.823150] ret_from_fork+0x10/0x20 [ 49.823189] [ 49.823237] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.823317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.823349] Hardware name: linux,dummy-virt (DT) [ 49.823384] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.741012] ================================================================== [ 49.741124] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.741124] [ 49.741227] Use-after-free read at 0x000000000b264188 (in kfence-#151): [ 49.741286] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.741335] kunit_try_run_case+0x170/0x3f0 [ 49.741380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.741425] kthread+0x328/0x630 [ 49.741463] ret_from_fork+0x10/0x20 [ 49.741503] [ 49.741530] kfence-#151: 0x000000000b264188-0x0000000082e3c610, size=32, cache=test [ 49.741530] [ 49.741585] allocated by task 335 on cpu 0 at 49.712773s (0.028807s ago): [ 49.741661] test_alloc+0x230/0x628 [ 49.741717] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.741761] kunit_try_run_case+0x170/0x3f0 [ 49.741808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.741852] kthread+0x328/0x630 [ 49.741888] ret_from_fork+0x10/0x20 [ 49.741926] [ 49.741951] freed by task 335 on cpu 0 at 49.712957s (0.028991s ago): [ 49.742007] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.742050] kunit_try_run_case+0x170/0x3f0 [ 49.742090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.742133] kthread+0x328/0x630 [ 49.742167] ret_from_fork+0x10/0x20 [ 49.742206] [ 49.742254] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.742333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.742362] Hardware name: linux,dummy-virt (DT) [ 49.742399] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.332305] ================================================================== [ 26.332453] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.332453] [ 26.332552] Invalid read at 0x00000000abf1b34c: [ 26.332739] test_invalid_access+0xdc/0x1f0 [ 26.333023] kunit_try_run_case+0x170/0x3f0 [ 26.333079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.334537] kthread+0x328/0x630 [ 26.334907] ret_from_fork+0x10/0x20 [ 26.334991] [ 26.335046] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.335856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.338549] Hardware name: linux,dummy-virt (DT) [ 26.338628] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.104488] ================================================================== [ 26.104587] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.104587] [ 26.104648] Corrupted memory at 0x00000000d576347b [ ! . . . . . . . . . . . . . . . ] (in kfence-#147): [ 26.104980] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.105029] kunit_try_run_case+0x170/0x3f0 [ 26.105074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.105119] kthread+0x328/0x630 [ 26.105158] ret_from_fork+0x10/0x20 [ 26.105197] [ 26.105221] kfence-#147: 0x00000000576b9f28-0x000000006254fa02, size=73, cache=kmalloc-96 [ 26.105221] [ 26.105276] allocated by task 325 on cpu 0 at 26.104271s (0.001001s ago): [ 26.105338] test_alloc+0x29c/0x628 [ 26.105381] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.105424] kunit_try_run_case+0x170/0x3f0 [ 26.105462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.105505] kthread+0x328/0x630 [ 26.105539] ret_from_fork+0x10/0x20 [ 26.105578] [ 26.105602] freed by task 325 on cpu 0 at 26.104393s (0.001205s ago): [ 26.105667] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.105720] kunit_try_run_case+0x170/0x3f0 [ 26.105759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.105802] kthread+0x328/0x630 [ 26.105838] ret_from_fork+0x10/0x20 [ 26.105876] [ 26.105919] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.105997] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.106025] Hardware name: linux,dummy-virt (DT) [ 26.106060] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.176386] ================================================================== [ 20.176475] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.176475] [ 20.176535] Invalid free of 0x00000000632495f8 (in kfence-#90): [ 20.176586] test_invalid_addr_free+0x1ac/0x238 [ 20.176633] kunit_try_run_case+0x170/0x3f0 [ 20.176679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.176739] kthread+0x328/0x630 [ 20.176778] ret_from_fork+0x10/0x20 [ 20.176820] [ 20.176844] kfence-#90: 0x000000005cdd5abb-0x00000000edb49eb2, size=32, cache=kmalloc-32 [ 20.176844] [ 20.176900] allocated by task 307 on cpu 0 at 20.176244s (0.000652s ago): [ 20.176963] test_alloc+0x29c/0x628 [ 20.177004] test_invalid_addr_free+0xd4/0x238 [ 20.177046] kunit_try_run_case+0x170/0x3f0 [ 20.177086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.177130] kthread+0x328/0x630 [ 20.177165] ret_from_fork+0x10/0x20 [ 20.177206] [ 20.177251] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.177331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.177361] Hardware name: linux,dummy-virt (DT) [ 20.177396] ================================================================== [ 20.280502] ================================================================== [ 20.280596] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.280596] [ 20.280656] Invalid free of 0x00000000e28bb487 (in kfence-#91): [ 20.280728] test_invalid_addr_free+0xec/0x238 [ 20.280777] kunit_try_run_case+0x170/0x3f0 [ 20.280820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.280865] kthread+0x328/0x630 [ 20.280903] ret_from_fork+0x10/0x20 [ 20.280942] [ 20.280966] kfence-#91: 0x00000000666241c3-0x00000000dfd44d06, size=32, cache=test [ 20.280966] [ 20.281020] allocated by task 309 on cpu 0 at 20.280374s (0.000643s ago): [ 20.281081] test_alloc+0x230/0x628 [ 20.281121] test_invalid_addr_free+0xd4/0x238 [ 20.281162] kunit_try_run_case+0x170/0x3f0 [ 20.281203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.281246] kthread+0x328/0x630 [ 20.281281] ret_from_fork+0x10/0x20 [ 20.281321] [ 20.281364] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.281442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.281473] Hardware name: linux,dummy-virt (DT) [ 20.281507] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 19.968817] ================================================================== [ 19.968930] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 19.968930] [ 19.969126] Invalid free of 0x00000000da986a7c (in kfence-#88): [ 19.969191] test_double_free+0x1bc/0x238 [ 19.969263] kunit_try_run_case+0x170/0x3f0 [ 19.969307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.969351] kthread+0x328/0x630 [ 19.969390] ret_from_fork+0x10/0x20 [ 19.969429] [ 19.969480] kfence-#88: 0x00000000da986a7c-0x000000005e953823, size=32, cache=kmalloc-32 [ 19.969480] [ 19.969538] allocated by task 303 on cpu 0 at 19.968517s (0.001017s ago): [ 19.969600] test_alloc+0x29c/0x628 [ 19.969704] test_double_free+0xd4/0x238 [ 19.969746] kunit_try_run_case+0x170/0x3f0 [ 19.969784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.969826] kthread+0x328/0x630 [ 19.969861] ret_from_fork+0x10/0x20 [ 19.969902] [ 19.969925] freed by task 303 on cpu 0 at 19.968584s (0.001338s ago): [ 19.969985] test_double_free+0x1ac/0x238 [ 19.970025] kunit_try_run_case+0x170/0x3f0 [ 19.970064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.970118] kthread+0x328/0x630 [ 19.970153] ret_from_fork+0x10/0x20 [ 19.970191] [ 19.970258] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.970354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.970383] Hardware name: linux,dummy-virt (DT) [ 19.970419] ================================================================== [ 20.072650] ================================================================== [ 20.072737] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.072737] [ 20.072793] Invalid free of 0x000000003836064d (in kfence-#89): [ 20.072844] test_double_free+0x100/0x238 [ 20.072890] kunit_try_run_case+0x170/0x3f0 [ 20.072932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.072978] kthread+0x328/0x630 [ 20.073021] ret_from_fork+0x10/0x20 [ 20.073061] [ 20.073087] kfence-#89: 0x000000003836064d-0x00000000a41ccfab, size=32, cache=test [ 20.073087] [ 20.073176] allocated by task 305 on cpu 0 at 20.072392s (0.000745s ago): [ 20.073264] test_alloc+0x230/0x628 [ 20.073352] test_double_free+0xd4/0x238 [ 20.073410] kunit_try_run_case+0x170/0x3f0 [ 20.073468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.073510] kthread+0x328/0x630 [ 20.073546] ret_from_fork+0x10/0x20 [ 20.073583] [ 20.073657] freed by task 305 on cpu 0 at 20.072451s (0.001185s ago): [ 20.073737] test_double_free+0xf0/0x238 [ 20.073777] kunit_try_run_case+0x170/0x3f0 [ 20.073843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.073886] kthread+0x328/0x630 [ 20.073929] ret_from_fork+0x10/0x20 [ 20.073974] [ 20.074046] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.074143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.074194] Hardware name: linux,dummy-virt (DT) [ 20.074244] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.656847] ================================================================== [ 19.657012] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.657012] [ 19.657186] Use-after-free read at 0x0000000017c6b58f (in kfence-#85): [ 19.657240] test_use_after_free_read+0x114/0x248 [ 19.657304] kunit_try_run_case+0x170/0x3f0 [ 19.657350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.657394] kthread+0x328/0x630 [ 19.657702] ret_from_fork+0x10/0x20 [ 19.657780] [ 19.657808] kfence-#85: 0x0000000017c6b58f-0x000000007bf89467, size=32, cache=test [ 19.657808] [ 19.657918] allocated by task 297 on cpu 1 at 19.656431s (0.001477s ago): [ 19.657989] test_alloc+0x230/0x628 [ 19.658047] test_use_after_free_read+0xd0/0x248 [ 19.658090] kunit_try_run_case+0x170/0x3f0 [ 19.658195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658281] kthread+0x328/0x630 [ 19.658337] ret_from_fork+0x10/0x20 [ 19.658447] [ 19.658494] freed by task 297 on cpu 1 at 19.656492s (0.001984s ago): [ 19.658604] test_use_after_free_read+0xf0/0x248 [ 19.658870] kunit_try_run_case+0x170/0x3f0 [ 19.658986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.659129] kthread+0x328/0x630 [ 19.659205] ret_from_fork+0x10/0x20 [ 19.659248] [ 19.659300] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.659383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.659412] Hardware name: linux,dummy-virt (DT) [ 19.659705] ================================================================== [ 19.555092] ================================================================== [ 19.555583] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.555583] [ 19.555703] Use-after-free read at 0x000000006f375039 (in kfence-#84): [ 19.555758] test_use_after_free_read+0x114/0x248 [ 19.555805] kunit_try_run_case+0x170/0x3f0 [ 19.555933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.555995] kthread+0x328/0x630 [ 19.556046] ret_from_fork+0x10/0x20 [ 19.556100] [ 19.556136] kfence-#84: 0x000000006f375039-0x00000000c083ec5a, size=32, cache=kmalloc-32 [ 19.556136] [ 19.556197] allocated by task 295 on cpu 1 at 19.554203s (0.001990s ago): [ 19.556278] test_alloc+0x29c/0x628 [ 19.556337] test_use_after_free_read+0xd0/0x248 [ 19.556390] kunit_try_run_case+0x170/0x3f0 [ 19.556428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.556480] kthread+0x328/0x630 [ 19.556516] ret_from_fork+0x10/0x20 [ 19.556556] [ 19.556594] freed by task 295 on cpu 1 at 19.554346s (0.002243s ago): [ 19.556674] test_use_after_free_read+0x1c0/0x248 [ 19.556747] kunit_try_run_case+0x170/0x3f0 [ 19.556794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.556847] kthread+0x328/0x630 [ 19.556897] ret_from_fork+0x10/0x20 [ 19.556936] [ 19.556990] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.557095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.557124] Hardware name: linux,dummy-virt (DT) [ 19.557160] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.448830] ================================================================== [ 19.449650] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.449650] [ 19.449793] Out-of-bounds write at 0x00000000ac6c062c (1B left of kfence-#83): [ 19.449973] test_out_of_bounds_write+0x100/0x240 [ 19.450041] kunit_try_run_case+0x170/0x3f0 [ 19.450268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.450330] kthread+0x328/0x630 [ 19.450679] ret_from_fork+0x10/0x20 [ 19.450891] [ 19.450918] kfence-#83: 0x000000000276c7ae-0x00000000a69e17b4, size=32, cache=test [ 19.450918] [ 19.451253] allocated by task 293 on cpu 1 at 19.448584s (0.002659s ago): [ 19.451362] test_alloc+0x230/0x628 [ 19.451790] test_out_of_bounds_write+0xc8/0x240 [ 19.451918] kunit_try_run_case+0x170/0x3f0 [ 19.452002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.452155] kthread+0x328/0x630 [ 19.452201] ret_from_fork+0x10/0x20 [ 19.452267] [ 19.452469] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.452558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.452650] Hardware name: linux,dummy-virt (DT) [ 19.452866] ================================================================== [ 19.242232] ================================================================== [ 19.242306] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.242306] [ 19.242451] Out-of-bounds write at 0x00000000dcc29d1f (1B left of kfence-#81): [ 19.242536] test_out_of_bounds_write+0x100/0x240 [ 19.242605] kunit_try_run_case+0x170/0x3f0 [ 19.242649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.242707] kthread+0x328/0x630 [ 19.242748] ret_from_fork+0x10/0x20 [ 19.242826] [ 19.242852] kfence-#81: 0x0000000026ade198-0x000000008e8d9837, size=32, cache=kmalloc-32 [ 19.242852] [ 19.242923] allocated by task 291 on cpu 1 at 19.241943s (0.000958s ago): [ 19.242994] test_alloc+0x29c/0x628 [ 19.243037] test_out_of_bounds_write+0xc8/0x240 [ 19.243077] kunit_try_run_case+0x170/0x3f0 [ 19.243118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.243346] kthread+0x328/0x630 [ 19.243425] ret_from_fork+0x10/0x20 [ 19.243466] [ 19.243515] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.243699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.243767] Hardware name: linux,dummy-virt (DT) [ 19.243803] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.825333] ================================================================== [ 18.825433] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.825433] [ 18.826074] Out-of-bounds read at 0x000000009b4e4cb3 (32B right of kfence-#77): [ 18.826147] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.826398] kunit_try_run_case+0x170/0x3f0 [ 18.826626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826842] kthread+0x328/0x630 [ 18.826886] ret_from_fork+0x10/0x20 [ 18.826954] [ 18.826981] kfence-#77: 0x0000000045dd76c8-0x0000000011827ca6, size=32, cache=kmalloc-32 [ 18.826981] [ 18.827280] allocated by task 287 on cpu 1 at 18.824754s (0.002438s ago): [ 18.827378] test_alloc+0x29c/0x628 [ 18.827422] test_out_of_bounds_read+0x198/0x3e0 [ 18.827483] kunit_try_run_case+0x170/0x3f0 [ 18.827526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.827850] kthread+0x328/0x630 [ 18.827910] ret_from_fork+0x10/0x20 [ 18.828046] [ 18.828101] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.828313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.828544] Hardware name: linux,dummy-virt (DT) [ 18.828602] ================================================================== [ 19.136387] ================================================================== [ 19.136766] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.136766] [ 19.136961] Out-of-bounds read at 0x000000002849a9a5 (32B right of kfence-#80): [ 19.137211] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.137296] kunit_try_run_case+0x170/0x3f0 [ 19.137469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.137538] kthread+0x328/0x630 [ 19.138047] ret_from_fork+0x10/0x20 [ 19.138376] [ 19.138495] kfence-#80: 0x00000000ef7ca7cb-0x00000000b53db007, size=32, cache=test [ 19.138495] [ 19.138606] allocated by task 289 on cpu 1 at 19.136306s (0.002288s ago): [ 19.138809] test_alloc+0x230/0x628 [ 19.138852] test_out_of_bounds_read+0x198/0x3e0 [ 19.138895] kunit_try_run_case+0x170/0x3f0 [ 19.138935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.139228] kthread+0x328/0x630 [ 19.139431] ret_from_fork+0x10/0x20 [ 19.139473] [ 19.139517] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.139846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.139939] Hardware name: linux,dummy-virt (DT) [ 19.140030] ================================================================== [ 18.410470] ================================================================== [ 18.410760] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.410760] [ 18.410924] Out-of-bounds read at 0x000000007a69b974 (1B left of kfence-#73): [ 18.411017] test_out_of_bounds_read+0x114/0x3e0 [ 18.411072] kunit_try_run_case+0x170/0x3f0 [ 18.411116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.411162] kthread+0x328/0x630 [ 18.411201] ret_from_fork+0x10/0x20 [ 18.411249] [ 18.411276] kfence-#73: 0x000000005ada08d1-0x00000000c45fab0f, size=32, cache=kmalloc-32 [ 18.411276] [ 18.411330] allocated by task 287 on cpu 1 at 18.409442s (0.001883s ago): [ 18.411411] test_alloc+0x29c/0x628 [ 18.411451] test_out_of_bounds_read+0xdc/0x3e0 [ 18.411493] kunit_try_run_case+0x170/0x3f0 [ 18.411533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.411574] kthread+0x328/0x630 [ 18.411609] ret_from_fork+0x10/0x20 [ 18.411672] [ 18.411731] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.411812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.411841] Hardware name: linux,dummy-virt (DT) [ 18.411875] ================================================================== [ 18.928807] ================================================================== [ 18.928923] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.928923] [ 18.929030] Out-of-bounds read at 0x00000000f4464f92 (1B left of kfence-#78): [ 18.929090] test_out_of_bounds_read+0x114/0x3e0 [ 18.929137] kunit_try_run_case+0x170/0x3f0 [ 18.929179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.929258] kthread+0x328/0x630 [ 18.929322] ret_from_fork+0x10/0x20 [ 18.929364] [ 18.929520] kfence-#78: 0x00000000b604365a-0x0000000084efb5d2, size=32, cache=test [ 18.929520] [ 18.929591] allocated by task 289 on cpu 1 at 18.928726s (0.000843s ago): [ 18.929763] test_alloc+0x230/0x628 [ 18.929838] test_out_of_bounds_read+0xdc/0x3e0 [ 18.929882] kunit_try_run_case+0x170/0x3f0 [ 18.929949] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.930012] kthread+0x328/0x630 [ 18.930049] ret_from_fork+0x10/0x20 [ 18.930106] [ 18.930150] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.930230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.930260] Hardware name: linux,dummy-virt (DT) [ 18.930319] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_16
[ 15.250318] ================================================================== [ 15.250533] BUG: KFENCE: memory corruption in kmalloc_oob_memset_16+0x170/0x2f8 [ 15.250533] [ 15.250715] Corrupted memory at 0x000000009b569d09 [ ! . . . . . . . . . . . . . . . ] (in kfence-#53): [ 15.256273] kmalloc_oob_memset_16+0x170/0x2f8 [ 15.256413] kunit_try_run_case+0x170/0x3f0 [ 15.256545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.256751] kthread+0x328/0x630 [ 15.256822] ret_from_fork+0x10/0x20 [ 15.257167] [ 15.257708] kfence-#53: 0x00000000ec69244c-0x000000005fff3fa9, size=120, cache=kmalloc-128 [ 15.257708] [ 15.258326] allocated by task 178 on cpu 1 at 15.246340s (0.011802s ago): [ 15.258855] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.259091] kunit_try_run_case+0x170/0x3f0 [ 15.259156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.259199] kthread+0x328/0x630 [ 15.259230] ret_from_fork+0x10/0x20 [ 15.259357] [ 15.259501] freed by task 178 on cpu 1 at 15.247799s (0.011600s ago): [ 15.259600] kmalloc_oob_memset_16+0x170/0x2f8 [ 15.259659] kunit_try_run_case+0x170/0x3f0 [ 15.259709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.259750] kthread+0x328/0x630 [ 15.259782] ret_from_fork+0x10/0x20 [ 15.260281] [ 15.260472] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.260581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.260717] Hardware name: linux,dummy-virt (DT) [ 15.260899] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.063437] ================================================================== [ 18.063529] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.063589] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 18.063661] [ 18.063711] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.063807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.063871] Hardware name: linux,dummy-virt (DT) [ 18.063906] Call trace: [ 18.063933] show_stack+0x20/0x38 (C) [ 18.064172] dump_stack_lvl+0x8c/0xd0 [ 18.064225] print_report+0x310/0x5d0 [ 18.064662] kasan_report+0xdc/0x128 [ 18.064960] __asan_report_load1_noabort+0x20/0x30 [ 18.065214] vmalloc_oob+0x578/0x5d0 [ 18.065280] kunit_try_run_case+0x170/0x3f0 [ 18.065365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.065434] kthread+0x328/0x630 [ 18.065503] ret_from_fork+0x10/0x20 [ 18.065560] [ 18.065586] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.065636] The buggy address belongs to the physical page: [ 18.065677] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790b [ 18.065755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.065830] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.065884] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.065936] page dumped because: kasan: bad access detected [ 18.065981] [ 18.066009] Memory state around the buggy address: [ 18.066060] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.066116] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.066161] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.066202] ^ [ 18.066257] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.066312] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.066354] ================================================================== [ 18.068073] ================================================================== [ 18.068317] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.068374] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 18.068501] [ 18.068558] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.068718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.068977] Hardware name: linux,dummy-virt (DT) [ 18.069055] Call trace: [ 18.069224] show_stack+0x20/0x38 (C) [ 18.069310] dump_stack_lvl+0x8c/0xd0 [ 18.069477] print_report+0x310/0x5d0 [ 18.069709] kasan_report+0xdc/0x128 [ 18.070043] __asan_report_load1_noabort+0x20/0x30 [ 18.070260] vmalloc_oob+0x51c/0x5d0 [ 18.070416] kunit_try_run_case+0x170/0x3f0 [ 18.070559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.070761] kthread+0x328/0x630 [ 18.070876] ret_from_fork+0x10/0x20 [ 18.071041] [ 18.071170] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.071289] The buggy address belongs to the physical page: [ 18.071357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790b [ 18.071471] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.071539] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.071926] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.072274] page dumped because: kasan: bad access detected [ 18.072418] [ 18.072533] Memory state around the buggy address: [ 18.072593] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.072736] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.072841] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.072952] ^ [ 18.072999] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.073073] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.073115] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.877550] ================================================================== [ 17.877613] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 17.877711] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.877766] [ 17.877797] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.878049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.878092] Hardware name: linux,dummy-virt (DT) [ 17.878198] Call trace: [ 17.878247] show_stack+0x20/0x38 (C) [ 17.878299] dump_stack_lvl+0x8c/0xd0 [ 17.878348] print_report+0x118/0x5d0 [ 17.878395] kasan_report+0xdc/0x128 [ 17.878449] kasan_check_range+0x100/0x1a8 [ 17.878499] __kasan_check_read+0x20/0x30 [ 17.878544] kasan_atomics_helper+0xdd4/0x4858 [ 17.878595] kasan_atomics+0x198/0x2e0 [ 17.878649] kunit_try_run_case+0x170/0x3f0 [ 17.878708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.878761] kthread+0x328/0x630 [ 17.878805] ret_from_fork+0x10/0x20 [ 17.878861] [ 17.878891] Allocated by task 265: [ 17.878922] kasan_save_stack+0x3c/0x68 [ 17.878964] kasan_save_track+0x20/0x40 [ 17.879019] kasan_save_alloc_info+0x40/0x58 [ 17.879069] __kasan_kmalloc+0xd4/0xd8 [ 17.879123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.879165] kasan_atomics+0xb8/0x2e0 [ 17.879203] kunit_try_run_case+0x170/0x3f0 [ 17.879243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.879288] kthread+0x328/0x630 [ 17.879323] ret_from_fork+0x10/0x20 [ 17.879361] [ 17.879381] The buggy address belongs to the object at fff00000c7915500 [ 17.879381] which belongs to the cache kmalloc-64 of size 64 [ 17.879442] The buggy address is located 0 bytes to the right of [ 17.879442] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.879507] [ 17.879537] The buggy address belongs to the physical page: [ 17.879580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.879641] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.879702] page_type: f5(slab) [ 17.879740] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.879792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.879841] page dumped because: kasan: bad access detected [ 17.879916] [ 17.879939] Memory state around the buggy address: [ 17.879970] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.880014] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.880057] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.880397] ^ [ 17.880455] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.880503] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.880545] ================================================================== [ 17.901761] ================================================================== [ 17.901810] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 17.901860] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.902229] [ 17.902269] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.902406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.902440] Hardware name: linux,dummy-virt (DT) [ 17.902751] Call trace: [ 17.902788] show_stack+0x20/0x38 (C) [ 17.902882] dump_stack_lvl+0x8c/0xd0 [ 17.902969] print_report+0x118/0x5d0 [ 17.903132] kasan_report+0xdc/0x128 [ 17.903237] kasan_check_range+0x100/0x1a8 [ 17.903288] __kasan_check_write+0x20/0x30 [ 17.903353] kasan_atomics_helper+0xf20/0x4858 [ 17.903404] kasan_atomics+0x198/0x2e0 [ 17.903449] kunit_try_run_case+0x170/0x3f0 [ 17.903498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.903552] kthread+0x328/0x630 [ 17.903595] ret_from_fork+0x10/0x20 [ 17.903642] [ 17.903664] Allocated by task 265: [ 17.903705] kasan_save_stack+0x3c/0x68 [ 17.903747] kasan_save_track+0x20/0x40 [ 17.903786] kasan_save_alloc_info+0x40/0x58 [ 17.903828] __kasan_kmalloc+0xd4/0xd8 [ 17.903896] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.903936] kasan_atomics+0xb8/0x2e0 [ 17.903973] kunit_try_run_case+0x170/0x3f0 [ 17.904013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.904059] kthread+0x328/0x630 [ 17.904368] ret_from_fork+0x10/0x20 [ 17.904470] [ 17.904492] The buggy address belongs to the object at fff00000c7915500 [ 17.904492] which belongs to the cache kmalloc-64 of size 64 [ 17.904552] The buggy address is located 0 bytes to the right of [ 17.904552] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.904672] [ 17.904836] The buggy address belongs to the physical page: [ 17.904906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.905091] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.905203] page_type: f5(slab) [ 17.905243] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.905296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.905394] page dumped because: kasan: bad access detected [ 17.905451] [ 17.905471] Memory state around the buggy address: [ 17.905505] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.905552] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.905597] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.905683] ^ [ 17.905730] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.905872] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.905915] ================================================================== [ 17.948286] ================================================================== [ 17.948464] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 17.948614] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.948797] [ 17.948839] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.948926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.948963] Hardware name: linux,dummy-virt (DT) [ 17.948996] Call trace: [ 17.949195] show_stack+0x20/0x38 (C) [ 17.949255] dump_stack_lvl+0x8c/0xd0 [ 17.949302] print_report+0x118/0x5d0 [ 17.949351] kasan_report+0xdc/0x128 [ 17.949524] kasan_check_range+0x100/0x1a8 [ 17.949641] __kasan_check_write+0x20/0x30 [ 17.950036] kasan_atomics_helper+0x126c/0x4858 [ 17.950136] kasan_atomics+0x198/0x2e0 [ 17.950226] kunit_try_run_case+0x170/0x3f0 [ 17.950278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.950372] kthread+0x328/0x630 [ 17.950475] ret_from_fork+0x10/0x20 [ 17.950804] [ 17.950836] Allocated by task 265: [ 17.951123] kasan_save_stack+0x3c/0x68 [ 17.951239] kasan_save_track+0x20/0x40 [ 17.951284] kasan_save_alloc_info+0x40/0x58 [ 17.951332] __kasan_kmalloc+0xd4/0xd8 [ 17.951459] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.951505] kasan_atomics+0xb8/0x2e0 [ 17.951561] kunit_try_run_case+0x170/0x3f0 [ 17.951684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.951754] kthread+0x328/0x630 [ 17.951789] ret_from_fork+0x10/0x20 [ 17.951834] [ 17.952189] The buggy address belongs to the object at fff00000c7915500 [ 17.952189] which belongs to the cache kmalloc-64 of size 64 [ 17.952485] The buggy address is located 0 bytes to the right of [ 17.952485] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.952676] [ 17.952714] The buggy address belongs to the physical page: [ 17.952748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.952810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.953557] page_type: f5(slab) [ 17.953857] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.954095] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.954511] page dumped because: kasan: bad access detected [ 17.954681] [ 17.954891] Memory state around the buggy address: [ 17.955109] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.955266] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.955411] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.955474] ^ [ 17.955808] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.955917] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.956156] ================================================================== [ 17.991382] ================================================================== [ 17.991592] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 17.991653] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.991792] [ 17.991826] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.992132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.992209] Hardware name: linux,dummy-virt (DT) [ 17.992267] Call trace: [ 17.992317] show_stack+0x20/0x38 (C) [ 17.992427] dump_stack_lvl+0x8c/0xd0 [ 17.992514] print_report+0x118/0x5d0 [ 17.992661] kasan_report+0xdc/0x128 [ 17.992746] kasan_check_range+0x100/0x1a8 [ 17.992802] __kasan_check_write+0x20/0x30 [ 17.993175] kasan_atomics_helper+0x15b4/0x4858 [ 17.993294] kasan_atomics+0x198/0x2e0 [ 17.993568] kunit_try_run_case+0x170/0x3f0 [ 17.993752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.993877] kthread+0x328/0x630 [ 17.993983] ret_from_fork+0x10/0x20 [ 17.994067] [ 17.994107] Allocated by task 265: [ 17.994139] kasan_save_stack+0x3c/0x68 [ 17.994185] kasan_save_track+0x20/0x40 [ 17.994223] kasan_save_alloc_info+0x40/0x58 [ 17.994265] __kasan_kmalloc+0xd4/0xd8 [ 17.994314] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.994355] kasan_atomics+0xb8/0x2e0 [ 17.994393] kunit_try_run_case+0x170/0x3f0 [ 17.994433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.994476] kthread+0x328/0x630 [ 17.994526] ret_from_fork+0x10/0x20 [ 17.994564] [ 17.994595] The buggy address belongs to the object at fff00000c7915500 [ 17.994595] which belongs to the cache kmalloc-64 of size 64 [ 17.994655] The buggy address is located 0 bytes to the right of [ 17.994655] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.994890] [ 17.994916] The buggy address belongs to the physical page: [ 17.995187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.995352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.995445] page_type: f5(slab) [ 17.995659] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.995867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.996008] page dumped because: kasan: bad access detected [ 17.996084] [ 17.996105] Memory state around the buggy address: [ 17.996146] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.996192] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.996238] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.996459] ^ [ 17.996504] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.996703] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.996775] ================================================================== [ 17.931419] ================================================================== [ 17.931470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 17.931518] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.931568] [ 17.931637] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.931824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.931938] Hardware name: linux,dummy-virt (DT) [ 17.932131] Call trace: [ 17.932214] show_stack+0x20/0x38 (C) [ 17.932573] dump_stack_lvl+0x8c/0xd0 [ 17.932631] print_report+0x118/0x5d0 [ 17.932678] kasan_report+0xdc/0x128 [ 17.932816] kasan_check_range+0x100/0x1a8 [ 17.933031] __kasan_check_write+0x20/0x30 [ 17.933100] kasan_atomics_helper+0x1190/0x4858 [ 17.933150] kasan_atomics+0x198/0x2e0 [ 17.933219] kunit_try_run_case+0x170/0x3f0 [ 17.933268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.933640] kthread+0x328/0x630 [ 17.933773] ret_from_fork+0x10/0x20 [ 17.934005] [ 17.934054] Allocated by task 265: [ 17.934142] kasan_save_stack+0x3c/0x68 [ 17.934218] kasan_save_track+0x20/0x40 [ 17.934603] kasan_save_alloc_info+0x40/0x58 [ 17.934774] __kasan_kmalloc+0xd4/0xd8 [ 17.934976] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.935094] kasan_atomics+0xb8/0x2e0 [ 17.935196] kunit_try_run_case+0x170/0x3f0 [ 17.935236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.935577] kthread+0x328/0x630 [ 17.935737] ret_from_fork+0x10/0x20 [ 17.936155] [ 17.936240] The buggy address belongs to the object at fff00000c7915500 [ 17.936240] which belongs to the cache kmalloc-64 of size 64 [ 17.936332] The buggy address is located 0 bytes to the right of [ 17.936332] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.936398] [ 17.936437] The buggy address belongs to the physical page: [ 17.936470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.936922] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.937133] page_type: f5(slab) [ 17.937238] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.937336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.937726] page dumped because: kasan: bad access detected [ 17.937825] [ 17.937894] Memory state around the buggy address: [ 17.938090] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.938136] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.938192] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.938289] ^ [ 17.938364] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.938833] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.938939] ================================================================== [ 17.985038] ================================================================== [ 17.985466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 17.985658] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.985742] [ 17.985850] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.985943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.986024] Hardware name: linux,dummy-virt (DT) [ 17.986059] Call trace: [ 17.986086] show_stack+0x20/0x38 (C) [ 17.986136] dump_stack_lvl+0x8c/0xd0 [ 17.986191] print_report+0x118/0x5d0 [ 17.986508] kasan_report+0xdc/0x128 [ 17.986679] kasan_check_range+0x100/0x1a8 [ 17.986746] __kasan_check_write+0x20/0x30 [ 17.986800] kasan_atomics_helper+0x154c/0x4858 [ 17.987023] kasan_atomics+0x198/0x2e0 [ 17.987164] kunit_try_run_case+0x170/0x3f0 [ 17.987268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.987440] kthread+0x328/0x630 [ 17.987535] ret_from_fork+0x10/0x20 [ 17.987618] [ 17.987649] Allocated by task 265: [ 17.987751] kasan_save_stack+0x3c/0x68 [ 17.987817] kasan_save_track+0x20/0x40 [ 17.988030] kasan_save_alloc_info+0x40/0x58 [ 17.988217] __kasan_kmalloc+0xd4/0xd8 [ 17.988297] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.988560] kasan_atomics+0xb8/0x2e0 [ 17.988634] kunit_try_run_case+0x170/0x3f0 [ 17.988715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.988833] kthread+0x328/0x630 [ 17.988980] ret_from_fork+0x10/0x20 [ 17.989099] [ 17.989234] The buggy address belongs to the object at fff00000c7915500 [ 17.989234] which belongs to the cache kmalloc-64 of size 64 [ 17.989334] The buggy address is located 0 bytes to the right of [ 17.989334] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.989400] [ 17.989421] The buggy address belongs to the physical page: [ 17.989454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.989832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.989929] page_type: f5(slab) [ 17.990206] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.990296] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.990419] page dumped because: kasan: bad access detected [ 17.990482] [ 17.990503] Memory state around the buggy address: [ 17.990679] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.990750] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.990851] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.990899] ^ [ 17.990949] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.991007] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.991054] ================================================================== [ 17.927483] ================================================================== [ 17.927532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 17.927580] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.927660] [ 17.927705] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.927787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.927863] Hardware name: linux,dummy-virt (DT) [ 17.927899] Call trace: [ 17.927924] show_stack+0x20/0x38 (C) [ 17.927972] dump_stack_lvl+0x8c/0xd0 [ 17.928020] print_report+0x118/0x5d0 [ 17.928231] kasan_report+0xdc/0x128 [ 17.928282] kasan_check_range+0x100/0x1a8 [ 17.928356] __kasan_check_write+0x20/0x30 [ 17.928618] kasan_atomics_helper+0x1128/0x4858 [ 17.928772] kasan_atomics+0x198/0x2e0 [ 17.928933] kunit_try_run_case+0x170/0x3f0 [ 17.929226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.929430] kthread+0x328/0x630 [ 17.929488] ret_from_fork+0x10/0x20 [ 17.929555] [ 17.929586] Allocated by task 265: [ 17.929624] kasan_save_stack+0x3c/0x68 [ 17.929667] kasan_save_track+0x20/0x40 [ 17.929727] kasan_save_alloc_info+0x40/0x58 [ 17.929779] __kasan_kmalloc+0xd4/0xd8 [ 17.929817] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.929867] kasan_atomics+0xb8/0x2e0 [ 17.929904] kunit_try_run_case+0x170/0x3f0 [ 17.929958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.930024] kthread+0x328/0x630 [ 17.930069] ret_from_fork+0x10/0x20 [ 17.930105] [ 17.930141] The buggy address belongs to the object at fff00000c7915500 [ 17.930141] which belongs to the cache kmalloc-64 of size 64 [ 17.930215] The buggy address is located 0 bytes to the right of [ 17.930215] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.930281] [ 17.930303] The buggy address belongs to the physical page: [ 17.930336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.930388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.930445] page_type: f5(slab) [ 17.930494] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.930546] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.930589] page dumped because: kasan: bad access detected [ 17.930635] [ 17.930664] Memory state around the buggy address: [ 17.930709] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.930753] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.930798] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.930839] ^ [ 17.930874] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930919] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.930959] ================================================================== [ 17.865932] ================================================================== [ 17.865990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 17.866145] Write of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.866198] [ 17.866278] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.866363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.866486] Hardware name: linux,dummy-virt (DT) [ 17.866535] Call trace: [ 17.866560] show_stack+0x20/0x38 (C) [ 17.866673] dump_stack_lvl+0x8c/0xd0 [ 17.866733] print_report+0x118/0x5d0 [ 17.866781] kasan_report+0xdc/0x128 [ 17.866849] kasan_check_range+0x100/0x1a8 [ 17.866900] __kasan_check_write+0x20/0x30 [ 17.866945] kasan_atomics_helper+0xd3c/0x4858 [ 17.867033] kasan_atomics+0x198/0x2e0 [ 17.867080] kunit_try_run_case+0x170/0x3f0 [ 17.867129] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.867182] kthread+0x328/0x630 [ 17.867333] ret_from_fork+0x10/0x20 [ 17.867448] [ 17.867470] Allocated by task 265: [ 17.867530] kasan_save_stack+0x3c/0x68 [ 17.867572] kasan_save_track+0x20/0x40 [ 17.867659] kasan_save_alloc_info+0x40/0x58 [ 17.867723] __kasan_kmalloc+0xd4/0xd8 [ 17.867799] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.867904] kasan_atomics+0xb8/0x2e0 [ 17.867944] kunit_try_run_case+0x170/0x3f0 [ 17.867998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.868044] kthread+0x328/0x630 [ 17.868510] ret_from_fork+0x10/0x20 [ 17.868718] [ 17.868799] The buggy address belongs to the object at fff00000c7915500 [ 17.868799] which belongs to the cache kmalloc-64 of size 64 [ 17.868920] The buggy address is located 0 bytes to the right of [ 17.868920] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.869238] [ 17.869302] The buggy address belongs to the physical page: [ 17.869380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.869567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.869667] page_type: f5(slab) [ 17.869734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.869787] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.869831] page dumped because: kasan: bad access detected [ 17.870090] [ 17.870357] Memory state around the buggy address: [ 17.870425] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.870524] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.870610] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.870897] ^ [ 17.870970] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.871068] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.871300] ================================================================== [ 17.939811] ================================================================== [ 17.940036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 17.940246] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.940364] [ 17.940449] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.940917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.941030] Hardware name: linux,dummy-virt (DT) [ 17.941119] Call trace: [ 17.941297] show_stack+0x20/0x38 (C) [ 17.941353] dump_stack_lvl+0x8c/0xd0 [ 17.941423] print_report+0x118/0x5d0 [ 17.941473] kasan_report+0xdc/0x128 [ 17.941843] kasan_check_range+0x100/0x1a8 [ 17.942105] __kasan_check_write+0x20/0x30 [ 17.942173] kasan_atomics_helper+0x11f8/0x4858 [ 17.942498] kasan_atomics+0x198/0x2e0 [ 17.942723] kunit_try_run_case+0x170/0x3f0 [ 17.942838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.943063] kthread+0x328/0x630 [ 17.943164] ret_from_fork+0x10/0x20 [ 17.943288] [ 17.943310] Allocated by task 265: [ 17.943341] kasan_save_stack+0x3c/0x68 [ 17.943394] kasan_save_track+0x20/0x40 [ 17.943434] kasan_save_alloc_info+0x40/0x58 [ 17.943476] __kasan_kmalloc+0xd4/0xd8 [ 17.943513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.943564] kasan_atomics+0xb8/0x2e0 [ 17.943600] kunit_try_run_case+0x170/0x3f0 [ 17.943643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.943889] kthread+0x328/0x630 [ 17.943949] ret_from_fork+0x10/0x20 [ 17.943999] [ 17.944021] The buggy address belongs to the object at fff00000c7915500 [ 17.944021] which belongs to the cache kmalloc-64 of size 64 [ 17.944385] The buggy address is located 0 bytes to the right of [ 17.944385] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.944734] [ 17.944974] The buggy address belongs to the physical page: [ 17.945046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.945104] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.945839] page_type: f5(slab) [ 17.946242] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.946302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.946381] page dumped because: kasan: bad access detected [ 17.946427] [ 17.946448] Memory state around the buggy address: [ 17.946484] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.946530] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.946594] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.946653] ^ [ 17.946845] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.946951] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.947003] ================================================================== [ 17.956573] ================================================================== [ 17.956625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 17.956673] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.956740] [ 17.956770] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.956853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.956881] Hardware name: linux,dummy-virt (DT) [ 17.956913] Call trace: [ 17.956937] show_stack+0x20/0x38 (C) [ 17.956987] dump_stack_lvl+0x8c/0xd0 [ 17.957033] print_report+0x118/0x5d0 [ 17.957081] kasan_report+0xdc/0x128 [ 17.957127] kasan_check_range+0x100/0x1a8 [ 17.957177] __kasan_check_write+0x20/0x30 [ 17.957223] kasan_atomics_helper+0x12d8/0x4858 [ 17.957271] kasan_atomics+0x198/0x2e0 [ 17.957318] kunit_try_run_case+0x170/0x3f0 [ 17.957366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.957419] kthread+0x328/0x630 [ 17.957462] ret_from_fork+0x10/0x20 [ 17.957510] [ 17.957530] Allocated by task 265: [ 17.957560] kasan_save_stack+0x3c/0x68 [ 17.957601] kasan_save_track+0x20/0x40 [ 17.957645] kasan_save_alloc_info+0x40/0x58 [ 17.957695] __kasan_kmalloc+0xd4/0xd8 [ 17.957733] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.957774] kasan_atomics+0xb8/0x2e0 [ 17.957810] kunit_try_run_case+0x170/0x3f0 [ 17.957852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.957896] kthread+0x328/0x630 [ 17.957930] ret_from_fork+0x10/0x20 [ 17.957968] [ 17.957989] The buggy address belongs to the object at fff00000c7915500 [ 17.957989] which belongs to the cache kmalloc-64 of size 64 [ 17.958048] The buggy address is located 0 bytes to the right of [ 17.958048] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.958113] [ 17.958134] The buggy address belongs to the physical page: [ 17.958166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.958218] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.958268] page_type: f5(slab) [ 17.958306] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.958363] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.958408] page dumped because: kasan: bad access detected [ 17.958443] [ 17.958464] Memory state around the buggy address: [ 17.958499] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.958544] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.958590] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.958630] ^ [ 17.958666] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.958749] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.958819] ================================================================== [ 17.803596] ================================================================== [ 17.803806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 17.803980] Write of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.804281] [ 17.804403] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.804586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.804628] Hardware name: linux,dummy-virt (DT) [ 17.804663] Call trace: [ 17.804698] show_stack+0x20/0x38 (C) [ 17.804775] dump_stack_lvl+0x8c/0xd0 [ 17.804823] print_report+0x118/0x5d0 [ 17.804871] kasan_report+0xdc/0x128 [ 17.804918] kasan_check_range+0x100/0x1a8 [ 17.805195] __kasan_check_write+0x20/0x30 [ 17.805303] kasan_atomics_helper+0x99c/0x4858 [ 17.805364] kasan_atomics+0x198/0x2e0 [ 17.805417] kunit_try_run_case+0x170/0x3f0 [ 17.805474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.805529] kthread+0x328/0x630 [ 17.805572] ret_from_fork+0x10/0x20 [ 17.805625] [ 17.805646] Allocated by task 265: [ 17.805678] kasan_save_stack+0x3c/0x68 [ 17.805732] kasan_save_track+0x20/0x40 [ 17.805786] kasan_save_alloc_info+0x40/0x58 [ 17.805828] __kasan_kmalloc+0xd4/0xd8 [ 17.805876] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.805915] kasan_atomics+0xb8/0x2e0 [ 17.805954] kunit_try_run_case+0x170/0x3f0 [ 17.806007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.806053] kthread+0x328/0x630 [ 17.806086] ret_from_fork+0x10/0x20 [ 17.806124] [ 17.806153] The buggy address belongs to the object at fff00000c7915500 [ 17.806153] which belongs to the cache kmalloc-64 of size 64 [ 17.806220] The buggy address is located 0 bytes to the right of [ 17.806220] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.806284] [ 17.806310] The buggy address belongs to the physical page: [ 17.806348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.806401] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.806460] page_type: f5(slab) [ 17.806509] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.806576] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.806627] page dumped because: kasan: bad access detected [ 17.806661] [ 17.806708] Memory state around the buggy address: [ 17.806741] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.807915] ================================================================== [ 17.917231] ================================================================== [ 17.917281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 17.917330] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.917381] [ 17.917449] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.917534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.917563] Hardware name: linux,dummy-virt (DT) [ 17.917597] Call trace: [ 17.917624] show_stack+0x20/0x38 (C) [ 17.917674] dump_stack_lvl+0x8c/0xd0 [ 17.917733] print_report+0x118/0x5d0 [ 17.917870] kasan_report+0xdc/0x128 [ 17.917945] kasan_check_range+0x100/0x1a8 [ 17.918007] __kasan_check_write+0x20/0x30 [ 17.918053] kasan_atomics_helper+0x1058/0x4858 [ 17.918104] kasan_atomics+0x198/0x2e0 [ 17.918151] kunit_try_run_case+0x170/0x3f0 [ 17.918214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.918269] kthread+0x328/0x630 [ 17.918313] ret_from_fork+0x10/0x20 [ 17.918361] [ 17.918389] Allocated by task 265: [ 17.918428] kasan_save_stack+0x3c/0x68 [ 17.918470] kasan_save_track+0x20/0x40 [ 17.918510] kasan_save_alloc_info+0x40/0x58 [ 17.918551] __kasan_kmalloc+0xd4/0xd8 [ 17.918598] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.918643] kasan_atomics+0xb8/0x2e0 [ 17.918684] kunit_try_run_case+0x170/0x3f0 [ 17.918734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.918777] kthread+0x328/0x630 [ 17.918813] ret_from_fork+0x10/0x20 [ 17.918850] [ 17.918871] The buggy address belongs to the object at fff00000c7915500 [ 17.918871] which belongs to the cache kmalloc-64 of size 64 [ 17.919424] The buggy address is located 0 bytes to the right of [ 17.919424] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.919649] [ 17.919728] The buggy address belongs to the physical page: [ 17.919762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.919816] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.919922] page_type: f5(slab) [ 17.920009] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.920074] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.920117] page dumped because: kasan: bad access detected [ 17.920215] [ 17.920264] Memory state around the buggy address: [ 17.920346] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.920476] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.920575] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.920647] ^ [ 17.920682] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920750] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920789] ================================================================== [ 17.793572] ================================================================== [ 17.793625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 17.793683] Read of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.793746] [ 17.793785] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.793867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.793897] Hardware name: linux,dummy-virt (DT) [ 17.794267] kasan_atomics+0x198/0x2e0 [ 17.794608] kasan_save_track+0x20/0x40 [ 17.794777] kasan_atomics+0xb8/0x2e0 [ 17.795045] The buggy address is located 0 bytes to the right of [ 17.795045] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.796349] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.798031] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.798121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.798168] Hardware name: linux,dummy-virt (DT) [ 17.798253] Call trace: [ 17.798278] show_stack+0x20/0x38 (C) [ 17.798325] dump_stack_lvl+0x8c/0xd0 [ 17.798373] print_report+0x118/0x5d0 [ 17.798421] kasan_report+0xdc/0x128 [ 17.798469] kasan_check_range+0x100/0x1a8 [ 17.798519] __kasan_check_write+0x20/0x30 [ 17.798907] kasan_atomics_helper+0x934/0x4858 [ 17.798985] kasan_atomics+0x198/0x2e0 [ 17.799034] kunit_try_run_case+0x170/0x3f0 [ 17.799102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.799174] kthread+0x328/0x630 [ 17.799314] ret_from_fork+0x10/0x20 [ 17.799437] [ 17.799463] Allocated by task 265: [ 17.799556] kasan_save_stack+0x3c/0x68 [ 17.799621] kasan_save_track+0x20/0x40 [ 17.799662] kasan_save_alloc_info+0x40/0x58 [ 17.799714] __kasan_kmalloc+0xd4/0xd8 [ 17.799782] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.799824] kasan_atomics+0xb8/0x2e0 [ 17.799867] kunit_try_run_case+0x170/0x3f0 [ 17.799925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.800010] kthread+0x328/0x630 [ 17.800108] ret_from_fork+0x10/0x20 [ 17.800262] [ 17.800346] The buggy address belongs to the object at fff00000c7915500 [ 17.800346] which belongs to the cache kmalloc-64 of size 64 [ 17.800404] The buggy address is located 0 bytes to the right of [ 17.800404] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.800483] [ 17.800506] The buggy address belongs to the physical page: [ 17.800707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.800925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.801054] page_type: f5(slab) [ 17.801135] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.801410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.801525] page dumped because: kasan: bad access detected [ 17.801620] [ 17.801720] Memory state around the buggy address: [ 17.801796] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.801915] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.802000] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.802103] ^ [ 17.802139] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.802186] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.802429] ================================================================== [ 17.890783] ================================================================== [ 17.890878] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 17.891011] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.891062] [ 17.891142] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.891251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.891561] Hardware name: linux,dummy-virt (DT) [ 17.891605] Call trace: [ 17.891630] show_stack+0x20/0x38 (C) [ 17.891681] dump_stack_lvl+0x8c/0xd0 [ 17.891745] print_report+0x118/0x5d0 [ 17.892059] kasan_report+0xdc/0x128 [ 17.892155] __asan_report_store8_noabort+0x20/0x30 [ 17.892323] kasan_atomics_helper+0x3e5c/0x4858 [ 17.892695] kasan_atomics+0x198/0x2e0 [ 17.892797] kunit_try_run_case+0x170/0x3f0 [ 17.892973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.893099] kthread+0x328/0x630 [ 17.893195] ret_from_fork+0x10/0x20 [ 17.893412] [ 17.893481] Allocated by task 265: [ 17.893574] kasan_save_stack+0x3c/0x68 [ 17.893624] kasan_save_track+0x20/0x40 [ 17.893665] kasan_save_alloc_info+0x40/0x58 [ 17.893742] __kasan_kmalloc+0xd4/0xd8 [ 17.893779] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.893820] kasan_atomics+0xb8/0x2e0 [ 17.893858] kunit_try_run_case+0x170/0x3f0 [ 17.893897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.893942] kthread+0x328/0x630 [ 17.893977] ret_from_fork+0x10/0x20 [ 17.894195] [ 17.894265] The buggy address belongs to the object at fff00000c7915500 [ 17.894265] which belongs to the cache kmalloc-64 of size 64 [ 17.894443] The buggy address is located 0 bytes to the right of [ 17.894443] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.894994] [ 17.895036] The buggy address belongs to the physical page: [ 17.895120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.895177] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.895252] page_type: f5(slab) [ 17.895338] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.895397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.895440] page dumped because: kasan: bad access detected [ 17.895475] [ 17.895504] Memory state around the buggy address: [ 17.895537] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.895583] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.895629] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.895669] ^ [ 17.895715] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895761] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.895811] ================================================================== [ 18.042449] ================================================================== [ 18.042626] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.042705] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.042921] [ 18.042965] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.043087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.043119] Hardware name: linux,dummy-virt (DT) [ 18.043150] Call trace: [ 18.043176] show_stack+0x20/0x38 (C) [ 18.043226] dump_stack_lvl+0x8c/0xd0 [ 18.043307] print_report+0x118/0x5d0 [ 18.043374] kasan_report+0xdc/0x128 [ 18.043424] kasan_check_range+0x100/0x1a8 [ 18.043494] __kasan_check_write+0x20/0x30 [ 18.043541] kasan_atomics_helper+0x17ec/0x4858 [ 18.043591] kasan_atomics+0x198/0x2e0 [ 18.043637] kunit_try_run_case+0x170/0x3f0 [ 18.043697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.043751] kthread+0x328/0x630 [ 18.043793] ret_from_fork+0x10/0x20 [ 18.043981] [ 18.044009] Allocated by task 265: [ 18.044262] kasan_save_stack+0x3c/0x68 [ 18.044404] kasan_save_track+0x20/0x40 [ 18.044493] kasan_save_alloc_info+0x40/0x58 [ 18.044700] __kasan_kmalloc+0xd4/0xd8 [ 18.044891] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.044987] kasan_atomics+0xb8/0x2e0 [ 18.045130] kunit_try_run_case+0x170/0x3f0 [ 18.045226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.045488] kthread+0x328/0x630 [ 18.045647] ret_from_fork+0x10/0x20 [ 18.045810] [ 18.045865] The buggy address belongs to the object at fff00000c7915500 [ 18.045865] which belongs to the cache kmalloc-64 of size 64 [ 18.045962] The buggy address is located 0 bytes to the right of [ 18.045962] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.046031] [ 18.046053] The buggy address belongs to the physical page: [ 18.046104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.046172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.046232] page_type: f5(slab) [ 18.046279] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.046340] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.046393] page dumped because: kasan: bad access detected [ 18.046444] [ 18.046464] Memory state around the buggy address: [ 18.046499] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.046553] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.046598] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.046640] ^ [ 18.046677] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.047148] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.047363] ================================================================== [ 17.815054] ================================================================== [ 17.815116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 17.815168] Write of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.815476] [ 17.815518] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.815630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.815729] Hardware name: linux,dummy-virt (DT) [ 17.815763] Call trace: [ 17.815789] show_stack+0x20/0x38 (C) [ 17.815867] dump_stack_lvl+0x8c/0xd0 [ 17.815919] print_report+0x118/0x5d0 [ 17.815967] kasan_report+0xdc/0x128 [ 17.816199] kasan_check_range+0x100/0x1a8 [ 17.816351] __kasan_check_write+0x20/0x30 [ 17.816427] kasan_atomics_helper+0xa6c/0x4858 [ 17.816477] kasan_atomics+0x198/0x2e0 [ 17.816536] kunit_try_run_case+0x170/0x3f0 [ 17.816586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.817127] kthread+0x328/0x630 [ 17.817223] ret_from_fork+0x10/0x20 [ 17.817560] [ 17.817613] Allocated by task 265: [ 17.817751] kasan_save_stack+0x3c/0x68 [ 17.817849] kasan_save_track+0x20/0x40 [ 17.817929] kasan_save_alloc_info+0x40/0x58 [ 17.817973] __kasan_kmalloc+0xd4/0xd8 [ 17.818161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.818374] kasan_atomics+0xb8/0x2e0 [ 17.818432] kunit_try_run_case+0x170/0x3f0 [ 17.818475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.818520] kthread+0x328/0x630 [ 17.818554] ret_from_fork+0x10/0x20 [ 17.818607] [ 17.818630] The buggy address belongs to the object at fff00000c7915500 [ 17.818630] which belongs to the cache kmalloc-64 of size 64 [ 17.818700] The buggy address is located 0 bytes to the right of [ 17.818700] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.818764] [ 17.818795] The buggy address belongs to the physical page: [ 17.818838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.818890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.818949] page_type: f5(slab) [ 17.819003] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.819057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.819108] page dumped because: kasan: bad access detected [ 17.819153] [ 17.819184] Memory state around the buggy address: [ 17.819228] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.819282] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.819327] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.819375] ^ [ 17.819411] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.819471] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.819889] [ 17.820955] __kasan_check_write+0x20/0x30 [ 17.821852] [ 17.821873] Allocated by task 265: [ 17.821903] kasan_save_stack+0x3c/0x68 [ 17.821946] kasan_save_track+0x20/0x40 [ 17.821986] kasan_save_alloc_info+0x40/0x58 [ 17.822028] __kasan_kmalloc+0xd4/0xd8 [ 17.822279] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.822380] kasan_atomics+0xb8/0x2e0 [ 17.822420] kunit_try_run_case+0x170/0x3f0 [ 17.822503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.822590] kthread+0x328/0x630 [ 17.822625] ret_from_fork+0x10/0x20 [ 17.822665] [ 17.822697] The buggy address belongs to the object at fff00000c7915500 [ 17.822697] which belongs to the cache kmalloc-64 of size 64 [ 17.822955] The buggy address is located 0 bytes to the right of [ 17.822955] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.823163] [ 17.823213] The buggy address belongs to the physical page: [ 17.823248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.823303] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.823352] page_type: f5(slab) [ 17.823503] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.823932] page dumped because: kasan: bad access detected [ 17.824459] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.825698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.826117] kasan_atomics_helper+0x3dcc/0x4858 [ 17.827186] kasan_save_stack+0x3c/0x68 [ 17.827341] kasan_save_track+0x20/0x40 [ 17.827435] kasan_save_alloc_info+0x40/0x58 [ 17.827572] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.828912] [ 17.829137] page_type: f5(slab) [ 17.829761] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.831806] ================================================================== [ 17.860869] ================================================================== [ 17.860920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 17.860971] Read of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.861022] [ 17.861064] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.861156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.861187] Hardware name: linux,dummy-virt (DT) [ 17.861221] Call trace: [ 17.861244] show_stack+0x20/0x38 (C) [ 17.861294] dump_stack_lvl+0x8c/0xd0 [ 17.861341] print_report+0x118/0x5d0 [ 17.861389] kasan_report+0xdc/0x128 [ 17.861436] __asan_report_load4_noabort+0x20/0x30 [ 17.861489] kasan_atomics_helper+0x3dd8/0x4858 [ 17.861539] kasan_atomics+0x198/0x2e0 [ 17.861593] kunit_try_run_case+0x170/0x3f0 [ 17.861651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.861717] kthread+0x328/0x630 [ 17.861763] ret_from_fork+0x10/0x20 [ 17.861812] [ 17.861832] Allocated by task 265: [ 17.861861] kasan_save_stack+0x3c/0x68 [ 17.861949] kasan_save_track+0x20/0x40 [ 17.861989] kasan_save_alloc_info+0x40/0x58 [ 17.862030] __kasan_kmalloc+0xd4/0xd8 [ 17.862069] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.862400] kasan_atomics+0xb8/0x2e0 [ 17.862618] kunit_try_run_case+0x170/0x3f0 [ 17.862743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862847] kthread+0x328/0x630 [ 17.862882] ret_from_fork+0x10/0x20 [ 17.862950] [ 17.862988] The buggy address belongs to the object at fff00000c7915500 [ 17.862988] which belongs to the cache kmalloc-64 of size 64 [ 17.863076] The buggy address is located 0 bytes to the right of [ 17.863076] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.863171] [ 17.863319] The buggy address belongs to the physical page: [ 17.863355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.863409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.863524] page_type: f5(slab) [ 17.863592] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.863646] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.863700] page dumped because: kasan: bad access detected [ 17.863732] [ 17.863752] Memory state around the buggy address: [ 17.863970] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.864155] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.864389] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.864872] ^ [ 17.864958] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865075] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865175] ================================================================== [ 18.008293] ================================================================== [ 18.008605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.008982] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.009072] [ 18.009118] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.009354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.009396] Hardware name: linux,dummy-virt (DT) [ 18.009431] Call trace: [ 18.009454] show_stack+0x20/0x38 (C) [ 18.009508] dump_stack_lvl+0x8c/0xd0 [ 18.009555] print_report+0x118/0x5d0 [ 18.009678] kasan_report+0xdc/0x128 [ 18.009764] __asan_report_load8_noabort+0x20/0x30 [ 18.010008] kasan_atomics_helper+0x3df4/0x4858 [ 18.010106] kasan_atomics+0x198/0x2e0 [ 18.010397] kunit_try_run_case+0x170/0x3f0 [ 18.010459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.010522] kthread+0x328/0x630 [ 18.010565] ret_from_fork+0x10/0x20 [ 18.010830] [ 18.010867] Allocated by task 265: [ 18.010904] kasan_save_stack+0x3c/0x68 [ 18.011023] kasan_save_track+0x20/0x40 [ 18.011081] kasan_save_alloc_info+0x40/0x58 [ 18.011125] __kasan_kmalloc+0xd4/0xd8 [ 18.011202] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.011369] kasan_atomics+0xb8/0x2e0 [ 18.011518] kunit_try_run_case+0x170/0x3f0 [ 18.011581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.011636] kthread+0x328/0x630 [ 18.011945] ret_from_fork+0x10/0x20 [ 18.012110] [ 18.012185] The buggy address belongs to the object at fff00000c7915500 [ 18.012185] which belongs to the cache kmalloc-64 of size 64 [ 18.012364] The buggy address is located 0 bytes to the right of [ 18.012364] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.012544] [ 18.012634] The buggy address belongs to the physical page: [ 18.012704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.013057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.013243] page_type: f5(slab) [ 18.013307] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.013722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.013820] page dumped because: kasan: bad access detected [ 18.013882] [ 18.013903] Memory state around the buggy address: [ 18.014146] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.014316] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.014414] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.014813] ^ [ 18.014886] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.014997] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.015040] ================================================================== [ 17.886024] ================================================================== [ 17.886126] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 17.886177] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.886245] [ 17.886276] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.886378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.886773] Hardware name: linux,dummy-virt (DT) [ 17.886848] Call trace: [ 17.886875] show_stack+0x20/0x38 (C) [ 17.886985] dump_stack_lvl+0x8c/0xd0 [ 17.887063] print_report+0x118/0x5d0 [ 17.887130] kasan_report+0xdc/0x128 [ 17.887177] kasan_check_range+0x100/0x1a8 [ 17.887253] __kasan_check_write+0x20/0x30 [ 17.887318] kasan_atomics_helper+0xe44/0x4858 [ 17.887369] kasan_atomics+0x198/0x2e0 [ 17.887414] kunit_try_run_case+0x170/0x3f0 [ 17.887463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.887517] kthread+0x328/0x630 [ 17.887559] ret_from_fork+0x10/0x20 [ 17.887606] [ 17.887628] Allocated by task 265: [ 17.887657] kasan_save_stack+0x3c/0x68 [ 17.888122] kasan_save_track+0x20/0x40 [ 17.888213] kasan_save_alloc_info+0x40/0x58 [ 17.888306] __kasan_kmalloc+0xd4/0xd8 [ 17.888738] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.888835] kasan_atomics+0xb8/0x2e0 [ 17.889020] kunit_try_run_case+0x170/0x3f0 [ 17.889127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.889232] kthread+0x328/0x630 [ 17.889392] ret_from_fork+0x10/0x20 [ 17.889468] [ 17.889493] The buggy address belongs to the object at fff00000c7915500 [ 17.889493] which belongs to the cache kmalloc-64 of size 64 [ 17.889553] The buggy address is located 0 bytes to the right of [ 17.889553] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.889621] [ 17.889643] The buggy address belongs to the physical page: [ 17.890006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.890067] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.890118] page_type: f5(slab) [ 17.890156] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.890208] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.890252] page dumped because: kasan: bad access detected [ 17.890286] [ 17.890307] Memory state around the buggy address: [ 17.890341] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.890386] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.890430] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.890468] ^ [ 17.890504] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.890549] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.890589] ================================================================== [ 17.921585] ================================================================== [ 17.921645] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 17.921979] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.922108] [ 17.922142] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.922224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.922378] Hardware name: linux,dummy-virt (DT) [ 17.922457] Call trace: [ 17.922483] show_stack+0x20/0x38 (C) [ 17.922535] dump_stack_lvl+0x8c/0xd0 [ 17.922630] print_report+0x118/0x5d0 [ 17.922797] kasan_report+0xdc/0x128 [ 17.922853] kasan_check_range+0x100/0x1a8 [ 17.922903] __kasan_check_write+0x20/0x30 [ 17.922948] kasan_atomics_helper+0x10c0/0x4858 [ 17.923054] kasan_atomics+0x198/0x2e0 [ 17.923377] kunit_try_run_case+0x170/0x3f0 [ 17.923577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.923638] kthread+0x328/0x630 [ 17.923693] ret_from_fork+0x10/0x20 [ 17.923896] [ 17.924010] Allocated by task 265: [ 17.924390] kasan_save_stack+0x3c/0x68 [ 17.924437] kasan_save_track+0x20/0x40 [ 17.924477] kasan_save_alloc_info+0x40/0x58 [ 17.924536] __kasan_kmalloc+0xd4/0xd8 [ 17.924643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.925069] kasan_atomics+0xb8/0x2e0 [ 17.925165] kunit_try_run_case+0x170/0x3f0 [ 17.925274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.925758] kthread+0x328/0x630 [ 17.925965] ret_from_fork+0x10/0x20 [ 17.926084] [ 17.926130] The buggy address belongs to the object at fff00000c7915500 [ 17.926130] which belongs to the cache kmalloc-64 of size 64 [ 17.926194] The buggy address is located 0 bytes to the right of [ 17.926194] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.926271] [ 17.926341] The buggy address belongs to the physical page: [ 17.926411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.926464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.926536] page_type: f5(slab) [ 17.926577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.926629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.926673] page dumped because: kasan: bad access detected [ 17.926717] [ 17.926737] Memory state around the buggy address: [ 17.926772] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.926817] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.926864] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.927020] ^ [ 17.927065] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927140] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.927218] ================================================================== [ 17.964164] ================================================================== [ 17.964214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 17.964265] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.964317] [ 17.964380] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.964492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.964539] Hardware name: linux,dummy-virt (DT) [ 17.964590] Call trace: [ 17.964617] show_stack+0x20/0x38 (C) [ 17.964683] dump_stack_lvl+0x8c/0xd0 [ 17.964806] print_report+0x118/0x5d0 [ 17.964896] kasan_report+0xdc/0x128 [ 17.965018] __asan_report_load8_noabort+0x20/0x30 [ 17.965080] kasan_atomics_helper+0x3f04/0x4858 [ 17.965294] kasan_atomics+0x198/0x2e0 [ 17.965356] kunit_try_run_case+0x170/0x3f0 [ 17.965443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.965527] kthread+0x328/0x630 [ 17.965622] ret_from_fork+0x10/0x20 [ 17.965677] [ 17.965756] Allocated by task 265: [ 17.965788] kasan_save_stack+0x3c/0x68 [ 17.965845] kasan_save_track+0x20/0x40 [ 17.965887] kasan_save_alloc_info+0x40/0x58 [ 17.965929] __kasan_kmalloc+0xd4/0xd8 [ 17.965966] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.966024] kasan_atomics+0xb8/0x2e0 [ 17.966166] kunit_try_run_case+0x170/0x3f0 [ 17.966325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.966380] kthread+0x328/0x630 [ 17.966414] ret_from_fork+0x10/0x20 [ 17.966508] [ 17.966530] The buggy address belongs to the object at fff00000c7915500 [ 17.966530] which belongs to the cache kmalloc-64 of size 64 [ 17.966590] The buggy address is located 0 bytes to the right of [ 17.966590] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.966656] [ 17.966677] The buggy address belongs to the physical page: [ 17.966722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.966895] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.966958] page_type: f5(slab) [ 17.967086] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.967175] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.967219] page dumped because: kasan: bad access detected [ 17.967254] [ 17.967274] Memory state around the buggy address: [ 17.967308] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.967354] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.967400] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.967458] ^ [ 17.967514] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967567] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967608] ================================================================== [ 17.997242] ================================================================== [ 17.997293] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 17.997342] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.997638] [ 17.997750] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.997860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.997909] Hardware name: linux,dummy-virt (DT) [ 17.998056] Call trace: [ 17.998163] show_stack+0x20/0x38 (C) [ 17.998242] dump_stack_lvl+0x8c/0xd0 [ 17.998304] print_report+0x118/0x5d0 [ 17.998387] kasan_report+0xdc/0x128 [ 17.998440] __asan_report_load8_noabort+0x20/0x30 [ 17.998494] kasan_atomics_helper+0x3db0/0x4858 [ 17.998678] kasan_atomics+0x198/0x2e0 [ 17.998890] kunit_try_run_case+0x170/0x3f0 [ 17.998953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.999015] kthread+0x328/0x630 [ 17.999060] ret_from_fork+0x10/0x20 [ 17.999265] [ 17.999302] Allocated by task 265: [ 17.999336] kasan_save_stack+0x3c/0x68 [ 17.999468] kasan_save_track+0x20/0x40 [ 17.999534] kasan_save_alloc_info+0x40/0x58 [ 17.999577] __kasan_kmalloc+0xd4/0xd8 [ 17.999623] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.999664] kasan_atomics+0xb8/0x2e0 [ 17.999711] kunit_try_run_case+0x170/0x3f0 [ 17.999752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.999796] kthread+0x328/0x630 [ 18.000074] ret_from_fork+0x10/0x20 [ 18.000294] [ 18.000396] The buggy address belongs to the object at fff00000c7915500 [ 18.000396] which belongs to the cache kmalloc-64 of size 64 [ 18.000468] The buggy address is located 0 bytes to the right of [ 18.000468] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.000553] [ 18.000858] The buggy address belongs to the physical page: [ 18.001043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.001126] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.001357] page_type: f5(slab) [ 18.001406] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.001497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.001543] page dumped because: kasan: bad access detected [ 18.001577] [ 18.001597] Memory state around the buggy address: [ 18.001824] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.001924] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.002035] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.002086] ^ [ 18.002134] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.002193] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.002241] ================================================================== [ 17.896056] ================================================================== [ 17.896340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 17.896422] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.896669] [ 17.896715] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.896800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.896829] Hardware name: linux,dummy-virt (DT) [ 17.896860] Call trace: [ 17.896885] show_stack+0x20/0x38 (C) [ 17.896933] dump_stack_lvl+0x8c/0xd0 [ 17.897063] print_report+0x118/0x5d0 [ 17.897296] kasan_report+0xdc/0x128 [ 17.897362] kasan_check_range+0x100/0x1a8 [ 17.897414] __kasan_check_write+0x20/0x30 [ 17.897463] kasan_atomics_helper+0xeb8/0x4858 [ 17.897533] kasan_atomics+0x198/0x2e0 [ 17.897598] kunit_try_run_case+0x170/0x3f0 [ 17.897921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.898133] kthread+0x328/0x630 [ 17.898178] ret_from_fork+0x10/0x20 [ 17.898250] [ 17.898308] Allocated by task 265: [ 17.898409] kasan_save_stack+0x3c/0x68 [ 17.898452] kasan_save_track+0x20/0x40 [ 17.898530] kasan_save_alloc_info+0x40/0x58 [ 17.898593] __kasan_kmalloc+0xd4/0xd8 [ 17.898649] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.898794] kasan_atomics+0xb8/0x2e0 [ 17.898839] kunit_try_run_case+0x170/0x3f0 [ 17.898880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.898925] kthread+0x328/0x630 [ 17.898971] ret_from_fork+0x10/0x20 [ 17.899028] [ 17.899318] The buggy address belongs to the object at fff00000c7915500 [ 17.899318] which belongs to the cache kmalloc-64 of size 64 [ 17.899388] The buggy address is located 0 bytes to the right of [ 17.899388] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.899505] [ 17.899575] The buggy address belongs to the physical page: [ 17.899609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.899994] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.900110] page_type: f5(slab) [ 17.900180] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.900233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.900294] page dumped because: kasan: bad access detected [ 17.900329] [ 17.900350] Memory state around the buggy address: [ 17.900800] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.900882] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.900965] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.901259] ^ [ 17.901391] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.901440] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.901501] ================================================================== [ 18.034405] ================================================================== [ 18.034455] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.034506] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.034746] [ 18.034793] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.034888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.035077] Hardware name: linux,dummy-virt (DT) [ 18.035224] Call trace: [ 18.035252] show_stack+0x20/0x38 (C) [ 18.035341] dump_stack_lvl+0x8c/0xd0 [ 18.035428] print_report+0x118/0x5d0 [ 18.035495] kasan_report+0xdc/0x128 [ 18.035606] __asan_report_load8_noabort+0x20/0x30 [ 18.035664] kasan_atomics_helper+0x3e20/0x4858 [ 18.036017] kasan_atomics+0x198/0x2e0 [ 18.036111] kunit_try_run_case+0x170/0x3f0 [ 18.036478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.036644] kthread+0x328/0x630 [ 18.036721] ret_from_fork+0x10/0x20 [ 18.036877] [ 18.036984] Allocated by task 265: [ 18.037063] kasan_save_stack+0x3c/0x68 [ 18.037114] kasan_save_track+0x20/0x40 [ 18.037419] kasan_save_alloc_info+0x40/0x58 [ 18.037569] __kasan_kmalloc+0xd4/0xd8 [ 18.037677] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.037994] kasan_atomics+0xb8/0x2e0 [ 18.038108] kunit_try_run_case+0x170/0x3f0 [ 18.038207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.038363] kthread+0x328/0x630 [ 18.038432] ret_from_fork+0x10/0x20 [ 18.038555] [ 18.038627] The buggy address belongs to the object at fff00000c7915500 [ 18.038627] which belongs to the cache kmalloc-64 of size 64 [ 18.039242] The buggy address is located 0 bytes to the right of [ 18.039242] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.039482] [ 18.039697] The buggy address belongs to the physical page: [ 18.039790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.039875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.040103] page_type: f5(slab) [ 18.040156] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.040319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.040649] page dumped because: kasan: bad access detected [ 18.040736] [ 18.040758] Memory state around the buggy address: [ 18.040805] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.040859] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.041175] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.041335] ^ [ 18.041426] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.041636] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.041787] ================================================================== [ 18.028584] ================================================================== [ 18.028644] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.028744] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.028798] [ 18.028847] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.028996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.029055] Hardware name: linux,dummy-virt (DT) [ 18.029090] Call trace: [ 18.029131] show_stack+0x20/0x38 (C) [ 18.029218] dump_stack_lvl+0x8c/0xd0 [ 18.029264] print_report+0x118/0x5d0 [ 18.029340] kasan_report+0xdc/0x128 [ 18.029387] kasan_check_range+0x100/0x1a8 [ 18.029673] __kasan_check_write+0x20/0x30 [ 18.029757] kasan_atomics_helper+0x175c/0x4858 [ 18.030032] kasan_atomics+0x198/0x2e0 [ 18.030100] kunit_try_run_case+0x170/0x3f0 [ 18.030188] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.030286] kthread+0x328/0x630 [ 18.030397] ret_from_fork+0x10/0x20 [ 18.030450] [ 18.030490] Allocated by task 265: [ 18.030525] kasan_save_stack+0x3c/0x68 [ 18.030574] kasan_save_track+0x20/0x40 [ 18.030716] kasan_save_alloc_info+0x40/0x58 [ 18.030765] __kasan_kmalloc+0xd4/0xd8 [ 18.030803] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.030869] kasan_atomics+0xb8/0x2e0 [ 18.030907] kunit_try_run_case+0x170/0x3f0 [ 18.031137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.031200] kthread+0x328/0x630 [ 18.031238] ret_from_fork+0x10/0x20 [ 18.031282] [ 18.031543] The buggy address belongs to the object at fff00000c7915500 [ 18.031543] which belongs to the cache kmalloc-64 of size 64 [ 18.031636] The buggy address is located 0 bytes to the right of [ 18.031636] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.031715] [ 18.031841] The buggy address belongs to the physical page: [ 18.031918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.032188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.032241] page_type: f5(slab) [ 18.032282] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.032334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.032664] page dumped because: kasan: bad access detected [ 18.032791] [ 18.032918] Memory state around the buggy address: [ 18.033047] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.033309] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.033422] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.033473] ^ [ 18.033708] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.033880] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.033966] ================================================================== [ 17.967750] ================================================================== [ 17.967975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 17.968030] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.968081] [ 17.968129] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.968429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.968505] Hardware name: linux,dummy-virt (DT) [ 17.968547] Call trace: [ 17.968621] show_stack+0x20/0x38 (C) [ 17.968760] dump_stack_lvl+0x8c/0xd0 [ 17.968822] print_report+0x118/0x5d0 [ 17.968880] kasan_report+0xdc/0x128 [ 17.968963] kasan_check_range+0x100/0x1a8 [ 17.969028] __kasan_check_write+0x20/0x30 [ 17.969075] kasan_atomics_helper+0x1414/0x4858 [ 17.969124] kasan_atomics+0x198/0x2e0 [ 17.969203] kunit_try_run_case+0x170/0x3f0 [ 17.969279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.969334] kthread+0x328/0x630 [ 17.969378] ret_from_fork+0x10/0x20 [ 17.969549] [ 17.969655] Allocated by task 265: [ 17.969741] kasan_save_stack+0x3c/0x68 [ 17.969807] kasan_save_track+0x20/0x40 [ 17.969893] kasan_save_alloc_info+0x40/0x58 [ 17.970167] __kasan_kmalloc+0xd4/0xd8 [ 17.970252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.970313] kasan_atomics+0xb8/0x2e0 [ 17.970402] kunit_try_run_case+0x170/0x3f0 [ 17.970524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.970580] kthread+0x328/0x630 [ 17.970614] ret_from_fork+0x10/0x20 [ 17.970652] [ 17.970734] The buggy address belongs to the object at fff00000c7915500 [ 17.970734] which belongs to the cache kmalloc-64 of size 64 [ 17.970880] The buggy address is located 0 bytes to the right of [ 17.970880] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.970965] [ 17.970987] The buggy address belongs to the physical page: [ 17.971019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.971071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.971295] page_type: f5(slab) [ 17.971400] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.971453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.971506] page dumped because: kasan: bad access detected [ 17.971550] [ 17.971579] Memory state around the buggy address: [ 17.971613] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.971659] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.971724] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.971767] ^ [ 17.971800] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.971876] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.971915] ================================================================== [ 17.880889] ================================================================== [ 17.880989] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 17.881041] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.881106] [ 17.881137] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.881238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.881275] Hardware name: linux,dummy-virt (DT) [ 17.881334] Call trace: [ 17.881451] show_stack+0x20/0x38 (C) [ 17.881502] dump_stack_lvl+0x8c/0xd0 [ 17.881578] print_report+0x118/0x5d0 [ 17.881964] kasan_report+0xdc/0x128 [ 17.882035] __asan_report_load8_noabort+0x20/0x30 [ 17.882139] kasan_atomics_helper+0x3f58/0x4858 [ 17.882235] kasan_atomics+0x198/0x2e0 [ 17.882290] kunit_try_run_case+0x170/0x3f0 [ 17.882356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.882418] kthread+0x328/0x630 [ 17.882462] ret_from_fork+0x10/0x20 [ 17.882598] [ 17.882638] Allocated by task 265: [ 17.882724] kasan_save_stack+0x3c/0x68 [ 17.882770] kasan_save_track+0x20/0x40 [ 17.882808] kasan_save_alloc_info+0x40/0x58 [ 17.882849] __kasan_kmalloc+0xd4/0xd8 [ 17.883048] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.883175] kasan_atomics+0xb8/0x2e0 [ 17.883291] kunit_try_run_case+0x170/0x3f0 [ 17.883348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.883445] kthread+0x328/0x630 [ 17.883479] ret_from_fork+0x10/0x20 [ 17.883535] [ 17.883575] The buggy address belongs to the object at fff00000c7915500 [ 17.883575] which belongs to the cache kmalloc-64 of size 64 [ 17.883635] The buggy address is located 0 bytes to the right of [ 17.883635] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.883890] [ 17.883919] The buggy address belongs to the physical page: [ 17.884046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.884227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.884280] page_type: f5(slab) [ 17.884343] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.884397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.884440] page dumped because: kasan: bad access detected [ 17.884507] [ 17.884528] Memory state around the buggy address: [ 17.884562] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.884607] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.884864] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.884964] ^ [ 17.885035] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.885102] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.885424] ================================================================== [ 18.022615] ================================================================== [ 18.022664] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.022952] Read of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.023221] [ 18.023277] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.023508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.023552] Hardware name: linux,dummy-virt (DT) [ 18.023585] Call trace: [ 18.023673] show_stack+0x20/0x38 (C) [ 18.023744] dump_stack_lvl+0x8c/0xd0 [ 18.024050] print_report+0x118/0x5d0 [ 18.024134] kasan_report+0xdc/0x128 [ 18.024263] __asan_report_load8_noabort+0x20/0x30 [ 18.024459] kasan_atomics_helper+0x3e10/0x4858 [ 18.024563] kasan_atomics+0x198/0x2e0 [ 18.024679] kunit_try_run_case+0x170/0x3f0 [ 18.024914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.024981] kthread+0x328/0x630 [ 18.025180] ret_from_fork+0x10/0x20 [ 18.025279] [ 18.025325] Allocated by task 265: [ 18.025366] kasan_save_stack+0x3c/0x68 [ 18.025416] kasan_save_track+0x20/0x40 [ 18.025457] kasan_save_alloc_info+0x40/0x58 [ 18.025499] __kasan_kmalloc+0xd4/0xd8 [ 18.025536] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.025578] kasan_atomics+0xb8/0x2e0 [ 18.025621] kunit_try_run_case+0x170/0x3f0 [ 18.025670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.025731] kthread+0x328/0x630 [ 18.025767] ret_from_fork+0x10/0x20 [ 18.025804] [ 18.025825] The buggy address belongs to the object at fff00000c7915500 [ 18.025825] which belongs to the cache kmalloc-64 of size 64 [ 18.025893] The buggy address is located 0 bytes to the right of [ 18.025893] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.025968] [ 18.025999] The buggy address belongs to the physical page: [ 18.026033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.026096] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.026145] page_type: f5(slab) [ 18.026193] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.026254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.026299] page dumped because: kasan: bad access detected [ 18.026333] [ 18.026361] Memory state around the buggy address: [ 18.026405] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.026458] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.026526] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.026573] ^ [ 18.026609] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.026654] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.027171] ================================================================== [ 17.906190] ================================================================== [ 17.906268] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 17.906355] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.906407] [ 17.906526] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.906628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.906682] Hardware name: linux,dummy-virt (DT) [ 17.906747] Call trace: [ 17.906777] show_stack+0x20/0x38 (C) [ 17.907125] dump_stack_lvl+0x8c/0xd0 [ 17.907269] print_report+0x118/0x5d0 [ 17.907324] kasan_report+0xdc/0x128 [ 17.907489] kasan_check_range+0x100/0x1a8 [ 17.907546] __kasan_check_write+0x20/0x30 [ 17.907599] kasan_atomics_helper+0xf88/0x4858 [ 17.907650] kasan_atomics+0x198/0x2e0 [ 17.907956] kunit_try_run_case+0x170/0x3f0 [ 17.908012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.908238] kthread+0x328/0x630 [ 17.908324] ret_from_fork+0x10/0x20 [ 17.908391] [ 17.908412] Allocated by task 265: [ 17.908443] kasan_save_stack+0x3c/0x68 [ 17.908484] kasan_save_track+0x20/0x40 [ 17.908665] kasan_save_alloc_info+0x40/0x58 [ 17.908735] __kasan_kmalloc+0xd4/0xd8 [ 17.908790] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.908841] kasan_atomics+0xb8/0x2e0 [ 17.908878] kunit_try_run_case+0x170/0x3f0 [ 17.908917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.908964] kthread+0x328/0x630 [ 17.908999] ret_from_fork+0x10/0x20 [ 17.909038] [ 17.909081] The buggy address belongs to the object at fff00000c7915500 [ 17.909081] which belongs to the cache kmalloc-64 of size 64 [ 17.909143] The buggy address is located 0 bytes to the right of [ 17.909143] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.909207] [ 17.909230] The buggy address belongs to the physical page: [ 17.909304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.909356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.909554] page_type: f5(slab) [ 17.909627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.909847] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.909955] page dumped because: kasan: bad access detected [ 17.910059] [ 17.910107] Memory state around the buggy address: [ 17.910498] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.910571] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.910617] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.910877] ^ [ 17.911099] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.911191] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.911530] ================================================================== [ 17.977333] ================================================================== [ 17.977419] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 17.977547] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.977619] [ 17.977706] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.977847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.977906] Hardware name: linux,dummy-virt (DT) [ 17.978037] Call trace: [ 17.978067] show_stack+0x20/0x38 (C) [ 17.978116] dump_stack_lvl+0x8c/0xd0 [ 17.978415] print_report+0x118/0x5d0 [ 17.978491] kasan_report+0xdc/0x128 [ 17.978542] kasan_check_range+0x100/0x1a8 [ 17.978773] __kasan_check_write+0x20/0x30 [ 17.978841] kasan_atomics_helper+0x14e4/0x4858 [ 17.978993] kasan_atomics+0x198/0x2e0 [ 17.979046] kunit_try_run_case+0x170/0x3f0 [ 17.979112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.979197] kthread+0x328/0x630 [ 17.979242] ret_from_fork+0x10/0x20 [ 17.979413] [ 17.979441] Allocated by task 265: [ 17.979471] kasan_save_stack+0x3c/0x68 [ 17.979515] kasan_save_track+0x20/0x40 [ 17.979868] kasan_save_alloc_info+0x40/0x58 [ 17.980204] __kasan_kmalloc+0xd4/0xd8 [ 17.980281] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.980434] kasan_atomics+0xb8/0x2e0 [ 17.980869] kunit_try_run_case+0x170/0x3f0 [ 17.980955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.981176] kthread+0x328/0x630 [ 17.981225] ret_from_fork+0x10/0x20 [ 17.981273] [ 17.981295] The buggy address belongs to the object at fff00000c7915500 [ 17.981295] which belongs to the cache kmalloc-64 of size 64 [ 17.981442] The buggy address is located 0 bytes to the right of [ 17.981442] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.981579] [ 17.981680] The buggy address belongs to the physical page: [ 17.981976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.982050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.982111] page_type: f5(slab) [ 17.982369] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.982574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.982900] page dumped because: kasan: bad access detected [ 17.983053] [ 17.983076] Memory state around the buggy address: [ 17.983112] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983388] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.983459] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.983577] ^ [ 17.983776] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.984042] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.984087] ================================================================== [ 17.912296] ================================================================== [ 17.912372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 17.912442] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.912519] [ 17.912957] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.913190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.913228] Hardware name: linux,dummy-virt (DT) [ 17.913307] Call trace: [ 17.913444] show_stack+0x20/0x38 (C) [ 17.913495] dump_stack_lvl+0x8c/0xd0 [ 17.913544] print_report+0x118/0x5d0 [ 17.913591] kasan_report+0xdc/0x128 [ 17.913647] kasan_check_range+0x100/0x1a8 [ 17.913707] __kasan_check_write+0x20/0x30 [ 17.913755] kasan_atomics_helper+0xff0/0x4858 [ 17.913827] kasan_atomics+0x198/0x2e0 [ 17.913875] kunit_try_run_case+0x170/0x3f0 [ 17.913923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.913977] kthread+0x328/0x630 [ 17.914060] ret_from_fork+0x10/0x20 [ 17.914112] [ 17.914132] Allocated by task 265: [ 17.914239] kasan_save_stack+0x3c/0x68 [ 17.914374] kasan_save_track+0x20/0x40 [ 17.914415] kasan_save_alloc_info+0x40/0x58 [ 17.914520] __kasan_kmalloc+0xd4/0xd8 [ 17.914587] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.914631] kasan_atomics+0xb8/0x2e0 [ 17.914844] kunit_try_run_case+0x170/0x3f0 [ 17.915094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.915159] kthread+0x328/0x630 [ 17.915195] ret_from_fork+0x10/0x20 [ 17.915347] [ 17.915396] The buggy address belongs to the object at fff00000c7915500 [ 17.915396] which belongs to the cache kmalloc-64 of size 64 [ 17.915458] The buggy address is located 0 bytes to the right of [ 17.915458] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.915599] [ 17.915660] The buggy address belongs to the physical page: [ 17.915705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.915758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.915807] page_type: f5(slab) [ 17.915873] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.915928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.915971] page dumped because: kasan: bad access detected [ 17.916004] [ 17.916047] Memory state around the buggy address: [ 17.916203] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.916253] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.916332] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.916528] ^ [ 17.916592] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.916669] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.916722] ================================================================== [ 18.002814] ================================================================== [ 18.002897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.003012] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.003154] [ 18.003213] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.003369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.003418] Hardware name: linux,dummy-virt (DT) [ 18.003453] Call trace: [ 18.003477] show_stack+0x20/0x38 (C) [ 18.003660] dump_stack_lvl+0x8c/0xd0 [ 18.003849] print_report+0x118/0x5d0 [ 18.003911] kasan_report+0xdc/0x128 [ 18.003966] kasan_check_range+0x100/0x1a8 [ 18.004215] __kasan_check_write+0x20/0x30 [ 18.004338] kasan_atomics_helper+0x1644/0x4858 [ 18.004423] kasan_atomics+0x198/0x2e0 [ 18.004578] kunit_try_run_case+0x170/0x3f0 [ 18.004801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.004897] kthread+0x328/0x630 [ 18.005215] ret_from_fork+0x10/0x20 [ 18.005299] [ 18.005347] Allocated by task 265: [ 18.005445] kasan_save_stack+0x3c/0x68 [ 18.005625] kasan_save_track+0x20/0x40 [ 18.005701] kasan_save_alloc_info+0x40/0x58 [ 18.005745] __kasan_kmalloc+0xd4/0xd8 [ 18.006096] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.006205] kasan_atomics+0xb8/0x2e0 [ 18.006408] kunit_try_run_case+0x170/0x3f0 [ 18.006594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.006714] kthread+0x328/0x630 [ 18.006761] ret_from_fork+0x10/0x20 [ 18.006809] [ 18.006831] The buggy address belongs to the object at fff00000c7915500 [ 18.006831] which belongs to the cache kmalloc-64 of size 64 [ 18.006893] The buggy address is located 0 bytes to the right of [ 18.006893] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.006968] [ 18.006999] The buggy address belongs to the physical page: [ 18.007032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.007099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.007165] page_type: f5(slab) [ 18.007212] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.007267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.007320] page dumped because: kasan: bad access detected [ 18.007355] [ 18.007375] Memory state around the buggy address: [ 18.007410] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.007469] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.007514] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.007555] ^ [ 18.007600] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.007652] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.007711] ================================================================== [ 17.972153] ================================================================== [ 17.972220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 17.972270] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.972322] [ 17.972351] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.972459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.972507] Hardware name: linux,dummy-virt (DT) [ 17.972585] Call trace: [ 17.972652] show_stack+0x20/0x38 (C) [ 17.972741] dump_stack_lvl+0x8c/0xd0 [ 17.972826] print_report+0x118/0x5d0 [ 17.973154] kasan_report+0xdc/0x128 [ 17.973219] kasan_check_range+0x100/0x1a8 [ 17.973268] __kasan_check_write+0x20/0x30 [ 17.973315] kasan_atomics_helper+0x147c/0x4858 [ 17.973365] kasan_atomics+0x198/0x2e0 [ 17.973410] kunit_try_run_case+0x170/0x3f0 [ 17.973459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.973512] kthread+0x328/0x630 [ 17.973554] ret_from_fork+0x10/0x20 [ 17.973603] [ 17.973762] Allocated by task 265: [ 17.973891] kasan_save_stack+0x3c/0x68 [ 17.973957] kasan_save_track+0x20/0x40 [ 17.974036] kasan_save_alloc_info+0x40/0x58 [ 17.974345] __kasan_kmalloc+0xd4/0xd8 [ 17.974426] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.974477] kasan_atomics+0xb8/0x2e0 [ 17.974641] kunit_try_run_case+0x170/0x3f0 [ 17.974725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.974863] kthread+0x328/0x630 [ 17.974919] ret_from_fork+0x10/0x20 [ 17.974975] [ 17.974998] The buggy address belongs to the object at fff00000c7915500 [ 17.974998] which belongs to the cache kmalloc-64 of size 64 [ 17.975059] The buggy address is located 0 bytes to the right of [ 17.975059] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.975125] [ 17.975401] The buggy address belongs to the physical page: [ 17.975468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.975734] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.975872] page_type: f5(slab) [ 17.975940] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.975994] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.976088] page dumped because: kasan: bad access detected [ 17.976136] [ 17.976176] Memory state around the buggy address: [ 17.976220] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.976268] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.976329] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.976371] ^ [ 17.976415] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.976465] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.976514] ================================================================== [ 17.959207] ================================================================== [ 17.959286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 17.959351] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.959431] [ 17.959478] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.959584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.959657] Hardware name: linux,dummy-virt (DT) [ 17.959722] Call trace: [ 17.959747] show_stack+0x20/0x38 (C) [ 17.959797] dump_stack_lvl+0x8c/0xd0 [ 17.959871] print_report+0x118/0x5d0 [ 17.959921] kasan_report+0xdc/0x128 [ 17.959967] kasan_check_range+0x100/0x1a8 [ 17.960017] __kasan_check_write+0x20/0x30 [ 17.960064] kasan_atomics_helper+0x1384/0x4858 [ 17.960295] kasan_atomics+0x198/0x2e0 [ 17.960408] kunit_try_run_case+0x170/0x3f0 [ 17.960894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.960999] kthread+0x328/0x630 [ 17.961086] ret_from_fork+0x10/0x20 [ 17.961224] [ 17.961351] Allocated by task 265: [ 17.961430] kasan_save_stack+0x3c/0x68 [ 17.961501] kasan_save_track+0x20/0x40 [ 17.961550] kasan_save_alloc_info+0x40/0x58 [ 17.961593] __kasan_kmalloc+0xd4/0xd8 [ 17.961636] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.961712] kasan_atomics+0xb8/0x2e0 [ 17.961749] kunit_try_run_case+0x170/0x3f0 [ 17.961902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.961954] kthread+0x328/0x630 [ 17.961988] ret_from_fork+0x10/0x20 [ 17.962151] [ 17.962227] The buggy address belongs to the object at fff00000c7915500 [ 17.962227] which belongs to the cache kmalloc-64 of size 64 [ 17.962327] The buggy address is located 0 bytes to the right of [ 17.962327] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.962622] [ 17.962741] The buggy address belongs to the physical page: [ 17.962858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.962967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.963082] page_type: f5(slab) [ 17.963123] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.963188] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.963388] page dumped because: kasan: bad access detected [ 17.963543] [ 17.963570] Memory state around the buggy address: [ 17.963628] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.963674] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.963740] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.963801] ^ [ 17.963881] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.963926] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.963965] ================================================================== [ 17.872288] ================================================================== [ 17.872341] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 17.872423] Read of size 4 at addr fff00000c7915530 by task kunit_try_catch/265 [ 17.872475] [ 17.872564] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.872646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.872674] Hardware name: linux,dummy-virt (DT) [ 17.872722] Call trace: [ 17.872748] show_stack+0x20/0x38 (C) [ 17.872796] dump_stack_lvl+0x8c/0xd0 [ 17.873001] print_report+0x118/0x5d0 [ 17.873224] kasan_report+0xdc/0x128 [ 17.873400] __asan_report_load4_noabort+0x20/0x30 [ 17.873472] kasan_atomics_helper+0x3e04/0x4858 [ 17.873525] kasan_atomics+0x198/0x2e0 [ 17.873589] kunit_try_run_case+0x170/0x3f0 [ 17.874059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.874165] kthread+0x328/0x630 [ 17.874210] ret_from_fork+0x10/0x20 [ 17.874268] [ 17.874317] Allocated by task 265: [ 17.874385] kasan_save_stack+0x3c/0x68 [ 17.874430] kasan_save_track+0x20/0x40 [ 17.874474] kasan_save_alloc_info+0x40/0x58 [ 17.874516] __kasan_kmalloc+0xd4/0xd8 [ 17.874582] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.874722] kasan_atomics+0xb8/0x2e0 [ 17.874781] kunit_try_run_case+0x170/0x3f0 [ 17.874823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.874867] kthread+0x328/0x630 [ 17.874902] ret_from_fork+0x10/0x20 [ 17.875091] [ 17.875199] The buggy address belongs to the object at fff00000c7915500 [ 17.875199] which belongs to the cache kmalloc-64 of size 64 [ 17.875265] The buggy address is located 0 bytes to the right of [ 17.875265] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 17.875395] [ 17.875486] The buggy address belongs to the physical page: [ 17.875520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 17.875583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.875654] page_type: f5(slab) [ 17.875739] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.875896] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.876253] page dumped because: kasan: bad access detected [ 17.876298] [ 17.876319] Memory state around the buggy address: [ 17.876354] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.876400] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.876479] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.876623] ^ [ 17.876664] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.876722] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.876793] ================================================================== [ 18.016393] ================================================================== [ 18.016446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.016569] Write of size 8 at addr fff00000c7915530 by task kunit_try_catch/265 [ 18.016650] [ 18.016680] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.016940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.017080] Hardware name: linux,dummy-virt (DT) [ 18.017317] Call trace: [ 18.017541] show_stack+0x20/0x38 (C) [ 18.017700] dump_stack_lvl+0x8c/0xd0 [ 18.017757] print_report+0x118/0x5d0 [ 18.017821] kasan_report+0xdc/0x128 [ 18.017875] kasan_check_range+0x100/0x1a8 [ 18.017928] __kasan_check_write+0x20/0x30 [ 18.018203] kasan_atomics_helper+0x16d0/0x4858 [ 18.018397] kasan_atomics+0x198/0x2e0 [ 18.018452] kunit_try_run_case+0x170/0x3f0 [ 18.018517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.018643] kthread+0x328/0x630 [ 18.018823] ret_from_fork+0x10/0x20 [ 18.018897] [ 18.018936] Allocated by task 265: [ 18.019195] kasan_save_stack+0x3c/0x68 [ 18.019272] kasan_save_track+0x20/0x40 [ 18.019343] kasan_save_alloc_info+0x40/0x58 [ 18.019431] __kasan_kmalloc+0xd4/0xd8 [ 18.019626] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.019681] kasan_atomics+0xb8/0x2e0 [ 18.019733] kunit_try_run_case+0x170/0x3f0 [ 18.019869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.019936] kthread+0x328/0x630 [ 18.019979] ret_from_fork+0x10/0x20 [ 18.020069] [ 18.020148] The buggy address belongs to the object at fff00000c7915500 [ 18.020148] which belongs to the cache kmalloc-64 of size 64 [ 18.020365] The buggy address is located 0 bytes to the right of [ 18.020365] allocated 48-byte region [fff00000c7915500, fff00000c7915530) [ 18.020592] [ 18.020828] The buggy address belongs to the physical page: [ 18.021152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107915 [ 18.021214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.021266] page_type: f5(slab) [ 18.021349] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.021437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.021536] page dumped because: kasan: bad access detected [ 18.021660] [ 18.021713] Memory state around the buggy address: [ 18.021749] fff00000c7915400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.022025] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.022132] >fff00000c7915500: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.022189] ^ [ 18.022227] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022273] fff00000c7915600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.022320] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.464665] ================================================================== [ 17.464778] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.464837] Read of size 1 at addr ffff800080b57b4a by task kunit_try_catch/253 [ 17.464888] [ 17.464920] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.465152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.465222] Hardware name: linux,dummy-virt (DT) [ 17.465411] Call trace: [ 17.465444] show_stack+0x20/0x38 (C) [ 17.465523] dump_stack_lvl+0x8c/0xd0 [ 17.465596] print_report+0x310/0x5d0 [ 17.465677] kasan_report+0xdc/0x128 [ 17.465762] __asan_report_load1_noabort+0x20/0x30 [ 17.465843] kasan_alloca_oob_right+0x2dc/0x340 [ 17.465944] kunit_try_run_case+0x170/0x3f0 [ 17.465995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.466051] kthread+0x328/0x630 [ 17.466093] ret_from_fork+0x10/0x20 [ 17.466211] [ 17.466237] The buggy address belongs to stack of task kunit_try_catch/253 [ 17.466292] [ 17.466332] The buggy address ffff800080b57b4a belongs to a vmalloc virtual mapping [ 17.466397] The buggy address belongs to the physical page: [ 17.466702] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c7 [ 17.466798] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.466931] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.467005] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.467050] page dumped because: kasan: bad access detected [ 17.467104] [ 17.467142] Memory state around the buggy address: [ 17.467199] ffff800080b57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.467264] ffff800080b57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.467339] >ffff800080b57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.467382] ^ [ 17.467420] ffff800080b57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.473762] # kasan_memchr: EXPECTATION FAILED at mm/kasan/kasan_test_c.c:1535 [ 17.473762] KASAN failure expected in \"kasan_ptr_result = memchr(ptr, '1', size + 1)\", but none occurred [ 17.483144] fff00000c7914000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.491387] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.492606] Allocated by task 259: [ 17.492799] __kasan_kmalloc+0xd4/0xd8 [ 17.493481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.493891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914 [ 17.494551] fff00000c7914300: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.496855] kthread+0x328/0x630 [ 17.498228] kasan_save_track+0x20/0x40 [ 17.499723] The buggy address is located 16 bytes inside of [ 17.499723] freed 32-byte region [fff00000c7914240, fff00000c7914260) [ 17.504866] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.505540] dump_stack_lvl+0x8c/0xd0 [ 17.507161] kunit_try_run_case+0x170/0x3f0 [ 17.507788] kasan_save_free_info+0x4c/0x78 [ 17.508623] [ 17.509573] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.512461] kasan_report+0xdc/0x128 [ 17.513203] kasan_save_stack+0x3c/0x68 [ 17.514641] The buggy address is located 16 bytes inside of [ 17.514641] freed 32-byte region [fff00000c7914240, fff00000c7914260) [ 17.521248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.521739] kasan_bitops_generic+0x110/0x1c8 [ 17.522621] [ 17.523515] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.523971] fff00000c61b2700: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.526207] Call trace: [ 17.526849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.527861] The buggy address is located 8 bytes inside of [ 17.527861] allocated 9-byte region [fff00000c61b27a0, fff00000c61b27a9) [ 17.530224] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.531413] kasan_bitops_generic+0x110/0x1c8 [ 17.534791] ret_from_fork+0x10/0x20 [ 17.536184] page dumped because: kasan: bad access detected [ 17.537467] fff00000c61b2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.541044] __asan_report_load8_noabort+0x20/0x30 [ 17.542949] The buggy address is located 8 bytes inside of [ 17.542949] allocated 9-byte region [fff00000c61b27a0, fff00000c61b27a9) [ 17.544817] Write of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.548336] kunit_try_run_case+0x170/0x3f0 [ 17.550542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.552533] fff00000c61b2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.555774] dump_stack_lvl+0x8c/0xd0 [ 17.558000] [ 17.558797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.559501] [ 17.559565] fff00000c61b2680: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.562194] Read of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.566495] The buggy address is located 8 bytes inside of [ 17.566495] allocated 9-byte region [fff00000c61b27a0, fff00000c61b27a9) [ 17.569836] [ 17.570980] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 17.573483] [ 17.574265] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.574867] fff00000c61b2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.576115] __kasan_check_write+0x20/0x30 [ 17.581353] page_type: f5(slab) [ 17.582724] >fff00000c61b2780: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.585418] Read of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.587422] kasan_bitops_generic+0x110/0x1c8 [ 17.592219] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.594789] Hardware name: linux,dummy-virt (DT) [ 17.598545] The buggy address is located 8 bytes inside of [ 17.598545] allocated 9-byte region [fff00000c61b27a0, fff00000c61b27a9) [ 17.602471] Read of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.604492] kthread+0x328/0x630 [ 17.609207] fff00000c61b2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.611730] dump_stack_lvl+0x8c/0xd0 [ 17.615017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.617077] >fff00000c61b2780: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.620714] show_stack+0x20/0x38 (C) [ 17.624103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.625354] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.626915] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.632900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.634647] fff00000c61b2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.638649] kthread+0x328/0x630 [ 17.640836] The buggy address belongs to the object at fff00000c61b27a0 [ 17.640836] which belongs to the cache kmalloc-16 of size 16 [ 17.643570] fff00000c61b2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.646518] [ 17.647496] [ 17.647695] ^ [ 17.649914] Read of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.654856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1061b2 [ 17.656707] ^ [ 17.658404] Read of size 8 at addr fff00000c61b27a8 by task kunit_try_catch/261 [ 17.661509] ret_from_fork+0x10/0x20 [ 17.663737] ^ [ 17.675280] ok 64 kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 17.681857] kasan_atomics_helper+0x40a8/0x4858 [ 17.685235] page_type: f5(slab) [ 17.686286] fff00000c7915580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.687601] [ 17.688697] kasan_atomics_helper+0x3f7c/0x4858 [ 17.690788] kunit_try_run_case+0x170/0x3f0 [ 17.691710] The buggy address belongs to the physical page: [ 17.693117] fff00000c7915480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.694591] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.458563] ================================================================== [ 17.458654] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.458743] Read of size 1 at addr ffff800080b57b5f by task kunit_try_catch/251 [ 17.458802] [ 17.458839] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.458924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.458963] Hardware name: linux,dummy-virt (DT) [ 17.458997] Call trace: [ 17.459023] show_stack+0x20/0x38 (C) [ 17.459073] dump_stack_lvl+0x8c/0xd0 [ 17.459122] print_report+0x310/0x5d0 [ 17.459170] kasan_report+0xdc/0x128 [ 17.459220] __asan_report_load1_noabort+0x20/0x30 [ 17.459283] kasan_alloca_oob_left+0x2b8/0x310 [ 17.459341] kunit_try_run_case+0x170/0x3f0 [ 17.459389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.459445] kthread+0x328/0x630 [ 17.459493] ret_from_fork+0x10/0x20 [ 17.459543] [ 17.459576] The buggy address belongs to stack of task kunit_try_catch/251 [ 17.459645] [ 17.459665] The buggy address ffff800080b57b5f belongs to a vmalloc virtual mapping [ 17.459733] The buggy address belongs to the physical page: [ 17.459765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c7 [ 17.459821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.459884] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.459935] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.459986] page dumped because: kasan: bad access detected [ 17.460019] [ 17.460047] Memory state around the buggy address: [ 17.460081] ffff800080b57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.460132] ffff800080b57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.460185] >ffff800080b57b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.460228] ^ [ 17.460269] ffff800080b57b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.460313] ffff800080b57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.460353] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.448616] ================================================================== [ 17.448787] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.448841] Read of size 1 at addr ffff800080b57c2a by task kunit_try_catch/249 [ 17.448916] [ 17.448975] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.449077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.449249] Hardware name: linux,dummy-virt (DT) [ 17.449281] Call trace: [ 17.449303] show_stack+0x20/0x38 (C) [ 17.449352] dump_stack_lvl+0x8c/0xd0 [ 17.449398] print_report+0x310/0x5d0 [ 17.449560] kasan_report+0xdc/0x128 [ 17.449636] __asan_report_load1_noabort+0x20/0x30 [ 17.449706] kasan_stack_oob+0x238/0x270 [ 17.449772] kunit_try_run_case+0x170/0x3f0 [ 17.449827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.449898] kthread+0x328/0x630 [ 17.449941] ret_from_fork+0x10/0x20 [ 17.449987] [ 17.450060] The buggy address belongs to stack of task kunit_try_catch/249 [ 17.450167] and is located at offset 138 in frame: [ 17.450201] kasan_stack_oob+0x0/0x270 [ 17.450449] [ 17.450610] This frame has 4 objects: [ 17.450792] [48, 49) '__assertion' [ 17.450839] [64, 72) 'array' [ 17.450898] [96, 112) '__assertion' [ 17.450986] [128, 138) 'stack_array' [ 17.451126] [ 17.451215] The buggy address ffff800080b57c2a belongs to a vmalloc virtual mapping [ 17.451300] The buggy address belongs to the physical page: [ 17.451337] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c7 [ 17.451395] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.451599] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.451656] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.451831] page dumped because: kasan: bad access detected [ 17.451928] [ 17.451953] Memory state around the buggy address: [ 17.451993] ffff800080b57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.452072] ffff800080b57b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.452119] >ffff800080b57c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.452160] ^ [ 17.452195] ffff800080b57c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.452240] ffff800080b57d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.452426] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.436967] ================================================================== [ 17.437031] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.437083] Read of size 1 at addr ffff9612d814f58d by task kunit_try_catch/245 [ 17.437145] [ 17.437190] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.437281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.437309] Hardware name: linux,dummy-virt (DT) [ 17.437340] Call trace: [ 17.437364] show_stack+0x20/0x38 (C) [ 17.437411] dump_stack_lvl+0x8c/0xd0 [ 17.437468] print_report+0x310/0x5d0 [ 17.437515] kasan_report+0xdc/0x128 [ 17.437562] __asan_report_load1_noabort+0x20/0x30 [ 17.437620] kasan_global_oob_right+0x230/0x270 [ 17.437668] kunit_try_run_case+0x170/0x3f0 [ 17.437729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.437780] kthread+0x328/0x630 [ 17.437824] ret_from_fork+0x10/0x20 [ 17.437877] [ 17.437924] The buggy address belongs to the variable: [ 17.437964] global_array+0xd/0x40 [ 17.438027] [ 17.438079] The buggy address ffff9612d814f58d belongs to a vmalloc virtual mapping [ 17.438168] The buggy address belongs to the physical page: [ 17.438202] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.438255] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.438327] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.438379] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.438420] page dumped because: kasan: bad access detected [ 17.438452] [ 17.438470] Memory state around the buggy address: [ 17.438502] ffff9612d814f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.438551] ffff9612d814f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.438595] >ffff9612d814f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.438633] ^ [ 17.438672] ffff9612d814f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.439417] ffff9612d814f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.439637] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.412293] ================================================================== [ 17.412359] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.412416] Free of addr fff00000c790e101 by task kunit_try_catch/241 [ 17.412471] [ 17.412504] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.412612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.412948] Hardware name: linux,dummy-virt (DT) [ 17.413043] Call trace: [ 17.413089] show_stack+0x20/0x38 (C) [ 17.413139] dump_stack_lvl+0x8c/0xd0 [ 17.413197] print_report+0x118/0x5d0 [ 17.413359] kasan_report_invalid_free+0xc0/0xe8 [ 17.413427] check_slab_allocation+0xfc/0x108 [ 17.413488] __kasan_mempool_poison_object+0x78/0x150 [ 17.413703] mempool_free+0x28c/0x328 [ 17.413749] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.413801] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.413871] kunit_try_run_case+0x170/0x3f0 [ 17.414089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.414204] kthread+0x328/0x630 [ 17.414309] ret_from_fork+0x10/0x20 [ 17.414533] [ 17.414607] Allocated by task 241: [ 17.414638] kasan_save_stack+0x3c/0x68 [ 17.414938] kasan_save_track+0x20/0x40 [ 17.415127] kasan_save_alloc_info+0x40/0x58 [ 17.415168] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.415210] remove_element+0x130/0x1f8 [ 17.415245] mempool_alloc_preallocated+0x58/0xc0 [ 17.415283] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.415325] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.415460] kunit_try_run_case+0x170/0x3f0 [ 17.415500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.415542] kthread+0x328/0x630 [ 17.416032] ret_from_fork+0x10/0x20 [ 17.416245] [ 17.416301] The buggy address belongs to the object at fff00000c790e100 [ 17.416301] which belongs to the cache kmalloc-128 of size 128 [ 17.416361] The buggy address is located 1 bytes inside of [ 17.416361] 128-byte region [fff00000c790e100, fff00000c790e180) [ 17.416420] [ 17.416441] The buggy address belongs to the physical page: [ 17.416521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10790e [ 17.416767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.416820] page_type: f5(slab) [ 17.417008] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.417077] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.417119] page dumped because: kasan: bad access detected [ 17.417152] [ 17.417169] Memory state around the buggy address: [ 17.417201] fff00000c790e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.417244] fff00000c790e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.417348] >fff00000c790e100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.417432] ^ [ 17.417506] fff00000c790e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.417583] fff00000c790e200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.418195] ================================================================== [ 17.427304] ================================================================== [ 17.427368] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.427422] Free of addr fff00000c78e8001 by task kunit_try_catch/243 [ 17.427463] [ 17.427492] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.427653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.427679] Hardware name: linux,dummy-virt (DT) [ 17.427722] Call trace: [ 17.427743] show_stack+0x20/0x38 (C) [ 17.427793] dump_stack_lvl+0x8c/0xd0 [ 17.428119] print_report+0x118/0x5d0 [ 17.428245] kasan_report_invalid_free+0xc0/0xe8 [ 17.428302] __kasan_mempool_poison_object+0xfc/0x150 [ 17.428372] mempool_free+0x28c/0x328 [ 17.428417] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.428469] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.428543] kunit_try_run_case+0x170/0x3f0 [ 17.428593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.428645] kthread+0x328/0x630 [ 17.428696] ret_from_fork+0x10/0x20 [ 17.428988] [ 17.429011] The buggy address belongs to the physical page: [ 17.429044] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 17.429098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.429155] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.429208] page_type: f8(unknown) [ 17.429270] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.429611] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.429665] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.429726] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.429776] head: 0bfffe0000000002 ffffc1ffc31e3a01 00000000ffffffff 00000000ffffffff [ 17.429965] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.430028] page dumped because: kasan: bad access detected [ 17.430130] [ 17.430172] Memory state around the buggy address: [ 17.430272] fff00000c78e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.430401] fff00000c78e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.430515] >fff00000c78e8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.430554] ^ [ 17.430612] fff00000c78e8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.430779] fff00000c78e8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.430896] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.385090] ================================================================== [ 17.385148] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.385199] Free of addr fff00000c78e4000 by task kunit_try_catch/237 [ 17.385241] [ 17.385273] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.385352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.385379] Hardware name: linux,dummy-virt (DT) [ 17.385409] Call trace: [ 17.385430] show_stack+0x20/0x38 (C) [ 17.385955] dump_stack_lvl+0x8c/0xd0 [ 17.386303] print_report+0x118/0x5d0 [ 17.386355] kasan_report_invalid_free+0xc0/0xe8 [ 17.386406] __kasan_mempool_poison_object+0x14c/0x150 [ 17.386742] mempool_free+0x28c/0x328 [ 17.386872] mempool_double_free_helper+0x150/0x2e8 [ 17.387112] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.387162] kunit_try_run_case+0x170/0x3f0 [ 17.387213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.387265] kthread+0x328/0x630 [ 17.387306] ret_from_fork+0x10/0x20 [ 17.387360] [ 17.387462] The buggy address belongs to the physical page: [ 17.387513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 17.387971] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.388416] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.388512] page_type: f8(unknown) [ 17.388554] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.388658] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.388745] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.388793] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.388843] head: 0bfffe0000000002 ffffc1ffc31e3901 00000000ffffffff 00000000ffffffff [ 17.388894] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.388935] page dumped because: kasan: bad access detected [ 17.388968] [ 17.388987] Memory state around the buggy address: [ 17.389020] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.389091] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.389222] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.389435] ^ [ 17.389493] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.389545] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.389601] ================================================================== [ 17.372716] ================================================================== [ 17.372773] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.372828] Free of addr fff00000c63ebd00 by task kunit_try_catch/235 [ 17.372908] [ 17.372956] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.373358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.373389] Hardware name: linux,dummy-virt (DT) [ 17.373422] Call trace: [ 17.373444] show_stack+0x20/0x38 (C) [ 17.373495] dump_stack_lvl+0x8c/0xd0 [ 17.373542] print_report+0x118/0x5d0 [ 17.373589] kasan_report_invalid_free+0xc0/0xe8 [ 17.373644] check_slab_allocation+0xd4/0x108 [ 17.374146] __kasan_mempool_poison_object+0x78/0x150 [ 17.374269] mempool_free+0x28c/0x328 [ 17.374351] mempool_double_free_helper+0x150/0x2e8 [ 17.374401] mempool_kmalloc_double_free+0xc0/0x118 [ 17.374476] kunit_try_run_case+0x170/0x3f0 [ 17.374539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.374592] kthread+0x328/0x630 [ 17.374699] ret_from_fork+0x10/0x20 [ 17.374748] [ 17.374766] Allocated by task 235: [ 17.374797] kasan_save_stack+0x3c/0x68 [ 17.374862] kasan_save_track+0x20/0x40 [ 17.375134] kasan_save_alloc_info+0x40/0x58 [ 17.375182] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.375244] remove_element+0x130/0x1f8 [ 17.375298] mempool_alloc_preallocated+0x58/0xc0 [ 17.375403] mempool_double_free_helper+0x94/0x2e8 [ 17.375481] mempool_kmalloc_double_free+0xc0/0x118 [ 17.375541] kunit_try_run_case+0x170/0x3f0 [ 17.375623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.375664] kthread+0x328/0x630 [ 17.375842] ret_from_fork+0x10/0x20 [ 17.375878] [ 17.375927] Freed by task 235: [ 17.376116] kasan_save_stack+0x3c/0x68 [ 17.376244] kasan_save_track+0x20/0x40 [ 17.376319] kasan_save_free_info+0x4c/0x78 [ 17.376397] __kasan_mempool_poison_object+0xc0/0x150 [ 17.376438] mempool_free+0x28c/0x328 [ 17.376473] mempool_double_free_helper+0x100/0x2e8 [ 17.376512] mempool_kmalloc_double_free+0xc0/0x118 [ 17.376550] kunit_try_run_case+0x170/0x3f0 [ 17.376587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.376638] kthread+0x328/0x630 [ 17.376669] ret_from_fork+0x10/0x20 [ 17.376716] [ 17.376735] The buggy address belongs to the object at fff00000c63ebd00 [ 17.376735] which belongs to the cache kmalloc-128 of size 128 [ 17.376796] The buggy address is located 0 bytes inside of [ 17.376796] 128-byte region [fff00000c63ebd00, fff00000c63ebd80) [ 17.376915] [ 17.376936] The buggy address belongs to the physical page: [ 17.377117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063eb [ 17.377172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.377247] page_type: f5(slab) [ 17.377385] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.377543] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.377704] page dumped because: kasan: bad access detected [ 17.377737] [ 17.377756] Memory state around the buggy address: [ 17.377836] fff00000c63ebc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.377892] fff00000c63ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.377935] >fff00000c63ebd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.377974] ^ [ 17.378025] fff00000c63ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.378085] fff00000c63ebe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.378277] ================================================================== [ 17.400619] ================================================================== [ 17.400675] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.400741] Free of addr fff00000c78e8000 by task kunit_try_catch/239 [ 17.400783] [ 17.401035] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.401137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.401166] Hardware name: linux,dummy-virt (DT) [ 17.401195] Call trace: [ 17.401231] show_stack+0x20/0x38 (C) [ 17.401429] dump_stack_lvl+0x8c/0xd0 [ 17.401502] print_report+0x118/0x5d0 [ 17.401559] kasan_report_invalid_free+0xc0/0xe8 [ 17.401618] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.401669] mempool_free+0x24c/0x328 [ 17.401924] mempool_double_free_helper+0x150/0x2e8 [ 17.402065] mempool_page_alloc_double_free+0xbc/0x118 [ 17.402115] kunit_try_run_case+0x170/0x3f0 [ 17.402165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.402218] kthread+0x328/0x630 [ 17.402259] ret_from_fork+0x10/0x20 [ 17.402327] [ 17.402376] The buggy address belongs to the physical page: [ 17.402406] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 17.402486] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.402547] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.402843] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.403034] page dumped because: kasan: bad access detected [ 17.403189] [ 17.403208] Memory state around the buggy address: [ 17.403246] fff00000c78e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.403348] fff00000c78e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.403407] >fff00000c78e8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.403446] ^ [ 17.403475] fff00000c78e8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.403517] fff00000c78e8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.403557] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.025320] ================================================================== [ 15.025551] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.025609] Write of size 1 at addr fff00000c60ee00a by task kunit_try_catch/146 [ 15.025658] [ 15.025698] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.025787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025879] Hardware name: linux,dummy-virt (DT) [ 15.025908] Call trace: [ 15.025976] show_stack+0x20/0x38 (C) [ 15.026206] dump_stack_lvl+0x8c/0xd0 [ 15.026345] print_report+0x118/0x5d0 [ 15.026479] kasan_report+0xdc/0x128 [ 15.026525] __asan_report_store1_noabort+0x20/0x30 [ 15.026581] kmalloc_large_oob_right+0x278/0x2b8 [ 15.026717] kunit_try_run_case+0x170/0x3f0 [ 15.026763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.026855] kthread+0x328/0x630 [ 15.026900] ret_from_fork+0x10/0x20 [ 15.026953] [ 15.026988] The buggy address belongs to the physical page: [ 15.027247] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060ec [ 15.027337] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.027473] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.027532] page_type: f8(unknown) [ 15.027571] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.027629] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.027678] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.027808] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.027859] head: 0bfffe0000000002 ffffc1ffc3183b01 00000000ffffffff 00000000ffffffff [ 15.027919] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.028055] page dumped because: kasan: bad access detected [ 15.028100] [ 15.028125] Memory state around the buggy address: [ 15.028233] fff00000c60edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.028274] fff00000c60edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.028314] >fff00000c60ee000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.028351] ^ [ 15.028380] fff00000c60ee080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.028422] fff00000c60ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.028585] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.361635] ================================================================== [ 17.361922] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.362116] Read of size 1 at addr fff00000c78e4000 by task kunit_try_catch/233 [ 17.362321] [ 17.362446] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.362590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.362617] Hardware name: linux,dummy-virt (DT) [ 17.362650] Call trace: [ 17.362674] show_stack+0x20/0x38 (C) [ 17.362857] dump_stack_lvl+0x8c/0xd0 [ 17.362940] print_report+0x118/0x5d0 [ 17.363207] kasan_report+0xdc/0x128 [ 17.363419] __asan_report_load1_noabort+0x20/0x30 [ 17.363640] mempool_uaf_helper+0x314/0x340 [ 17.363756] mempool_page_alloc_uaf+0xc0/0x118 [ 17.363802] kunit_try_run_case+0x170/0x3f0 [ 17.363860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.363910] kthread+0x328/0x630 [ 17.363977] ret_from_fork+0x10/0x20 [ 17.364213] [ 17.364236] The buggy address belongs to the physical page: [ 17.364347] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 17.364414] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.364480] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.364529] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.364571] page dumped because: kasan: bad access detected [ 17.364601] [ 17.364621] Memory state around the buggy address: [ 17.364652] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364705] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364748] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364785] ^ [ 17.364824] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364866] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.364904] ================================================================== [ 17.321435] ================================================================== [ 17.321490] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.321537] Read of size 1 at addr fff00000c78e4000 by task kunit_try_catch/229 [ 17.321585] [ 17.321625] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.321758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.321786] Hardware name: linux,dummy-virt (DT) [ 17.321818] Call trace: [ 17.321841] show_stack+0x20/0x38 (C) [ 17.321944] dump_stack_lvl+0x8c/0xd0 [ 17.321991] print_report+0x118/0x5d0 [ 17.322038] kasan_report+0xdc/0x128 [ 17.322351] __asan_report_load1_noabort+0x20/0x30 [ 17.322402] mempool_uaf_helper+0x314/0x340 [ 17.322448] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.322496] kunit_try_run_case+0x170/0x3f0 [ 17.322553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.322606] kthread+0x328/0x630 [ 17.322648] ret_from_fork+0x10/0x20 [ 17.322705] [ 17.322726] The buggy address belongs to the physical page: [ 17.322758] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e4 [ 17.322817] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.322883] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.323140] page_type: f8(unknown) [ 17.323322] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.323564] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.323703] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.323754] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.323803] head: 0bfffe0000000002 ffffc1ffc31e3901 00000000ffffffff 00000000ffffffff [ 17.323854] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.323904] page dumped because: kasan: bad access detected [ 17.323935] [ 17.323953] Memory state around the buggy address: [ 17.323986] fff00000c78e3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.324108] fff00000c78e3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.324153] >fff00000c78e4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.324191] ^ [ 17.324220] fff00000c78e4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.324263] fff00000c78e4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.324302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.333734] ================================================================== [ 17.333794] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.333844] Read of size 1 at addr fff00000c78cc240 by task kunit_try_catch/231 [ 17.333893] [ 17.333924] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.334478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.334508] Hardware name: linux,dummy-virt (DT) [ 17.334544] Call trace: [ 17.334659] show_stack+0x20/0x38 (C) [ 17.334773] dump_stack_lvl+0x8c/0xd0 [ 17.334887] print_report+0x118/0x5d0 [ 17.334957] kasan_report+0xdc/0x128 [ 17.335002] __asan_report_load1_noabort+0x20/0x30 [ 17.335053] mempool_uaf_helper+0x314/0x340 [ 17.335104] mempool_slab_uaf+0xc0/0x118 [ 17.335314] kunit_try_run_case+0x170/0x3f0 [ 17.335394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.335454] kthread+0x328/0x630 [ 17.335650] ret_from_fork+0x10/0x20 [ 17.335724] [ 17.335742] Allocated by task 231: [ 17.335769] kasan_save_stack+0x3c/0x68 [ 17.335810] kasan_save_track+0x20/0x40 [ 17.335846] kasan_save_alloc_info+0x40/0x58 [ 17.335886] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.335928] remove_element+0x16c/0x1f8 [ 17.335965] mempool_alloc_preallocated+0x58/0xc0 [ 17.336004] mempool_uaf_helper+0xa4/0x340 [ 17.336040] mempool_slab_uaf+0xc0/0x118 [ 17.336077] kunit_try_run_case+0x170/0x3f0 [ 17.336120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.336247] kthread+0x328/0x630 [ 17.336314] ret_from_fork+0x10/0x20 [ 17.336351] [ 17.336369] Freed by task 231: [ 17.336402] kasan_save_stack+0x3c/0x68 [ 17.336571] kasan_save_track+0x20/0x40 [ 17.337472] kasan_save_free_info+0x4c/0x78 [ 17.337594] __kasan_mempool_poison_object+0xc0/0x150 [ 17.337640] mempool_free+0x28c/0x328 [ 17.337673] mempool_uaf_helper+0x104/0x340 [ 17.337718] mempool_slab_uaf+0xc0/0x118 [ 17.337756] kunit_try_run_case+0x170/0x3f0 [ 17.337792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.337834] kthread+0x328/0x630 [ 17.337865] ret_from_fork+0x10/0x20 [ 17.337901] [ 17.337931] The buggy address belongs to the object at fff00000c78cc240 [ 17.337931] which belongs to the cache test_cache of size 123 [ 17.337988] The buggy address is located 0 bytes inside of [ 17.337988] freed 123-byte region [fff00000c78cc240, fff00000c78cc2bb) [ 17.338048] [ 17.338068] The buggy address belongs to the physical page: [ 17.338100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cc [ 17.338151] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.338199] page_type: f5(slab) [ 17.338299] raw: 0bfffe0000000000 fff00000c3e3e640 dead000000000122 0000000000000000 [ 17.338368] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.338410] page dumped because: kasan: bad access detected [ 17.338442] [ 17.338460] Memory state around the buggy address: [ 17.338501] fff00000c78cc100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.338659] fff00000c78cc180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.338731] >fff00000c78cc200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.338953] ^ [ 17.338988] fff00000c78cc280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.339033] fff00000c78cc300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.339072] ================================================================== [ 17.311631] ================================================================== [ 17.311710] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.311769] Read of size 1 at addr fff00000c63eb900 by task kunit_try_catch/227 [ 17.311818] [ 17.311852] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.312025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.312054] Hardware name: linux,dummy-virt (DT) [ 17.312085] Call trace: [ 17.312109] show_stack+0x20/0x38 (C) [ 17.312158] dump_stack_lvl+0x8c/0xd0 [ 17.312206] print_report+0x118/0x5d0 [ 17.312252] kasan_report+0xdc/0x128 [ 17.312297] __asan_report_load1_noabort+0x20/0x30 [ 17.312347] mempool_uaf_helper+0x314/0x340 [ 17.312395] mempool_kmalloc_uaf+0xc4/0x120 [ 17.312440] kunit_try_run_case+0x170/0x3f0 [ 17.312494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.312567] kthread+0x328/0x630 [ 17.312610] ret_from_fork+0x10/0x20 [ 17.312659] [ 17.312678] Allocated by task 227: [ 17.312717] kasan_save_stack+0x3c/0x68 [ 17.312757] kasan_save_track+0x20/0x40 [ 17.312795] kasan_save_alloc_info+0x40/0x58 [ 17.312844] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.312887] remove_element+0x130/0x1f8 [ 17.312924] mempool_alloc_preallocated+0x58/0xc0 [ 17.312961] mempool_uaf_helper+0xa4/0x340 [ 17.312998] mempool_kmalloc_uaf+0xc4/0x120 [ 17.313035] kunit_try_run_case+0x170/0x3f0 [ 17.313074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.313161] kthread+0x328/0x630 [ 17.313196] ret_from_fork+0x10/0x20 [ 17.313232] [ 17.313290] Freed by task 227: [ 17.313345] kasan_save_stack+0x3c/0x68 [ 17.313383] kasan_save_track+0x20/0x40 [ 17.313420] kasan_save_free_info+0x4c/0x78 [ 17.313460] __kasan_mempool_poison_object+0xc0/0x150 [ 17.313501] mempool_free+0x28c/0x328 [ 17.313536] mempool_uaf_helper+0x104/0x340 [ 17.313573] mempool_kmalloc_uaf+0xc4/0x120 [ 17.313614] kunit_try_run_case+0x170/0x3f0 [ 17.313652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.313715] kthread+0x328/0x630 [ 17.313772] ret_from_fork+0x10/0x20 [ 17.313913] [ 17.313932] The buggy address belongs to the object at fff00000c63eb900 [ 17.313932] which belongs to the cache kmalloc-128 of size 128 [ 17.314000] The buggy address is located 0 bytes inside of [ 17.314000] freed 128-byte region [fff00000c63eb900, fff00000c63eb980) [ 17.314118] [ 17.314144] The buggy address belongs to the physical page: [ 17.314275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063eb [ 17.314363] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.314466] page_type: f5(slab) [ 17.314564] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.314615] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.314657] page dumped because: kasan: bad access detected [ 17.314721] [ 17.314739] Memory state around the buggy address: [ 17.314813] fff00000c63eb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.315003] fff00000c63eb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.315205] >fff00000c63eb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.315244] ^ [ 17.315273] fff00000c63eb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.315315] fff00000c63eba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.315353] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.249751] ================================================================== [ 17.249808] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.249861] Read of size 1 at addr fff00000c78de001 by task kunit_try_catch/223 [ 17.250073] [ 17.250353] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.250914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.251000] Hardware name: linux,dummy-virt (DT) [ 17.251218] Call trace: [ 17.251252] show_stack+0x20/0x38 (C) [ 17.251304] dump_stack_lvl+0x8c/0xd0 [ 17.251352] print_report+0x118/0x5d0 [ 17.251808] kasan_report+0xdc/0x128 [ 17.251956] __asan_report_load1_noabort+0x20/0x30 [ 17.252016] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.252130] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.252247] kunit_try_run_case+0x170/0x3f0 [ 17.252505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.252569] kthread+0x328/0x630 [ 17.252637] ret_from_fork+0x10/0x20 [ 17.252890] [ 17.252964] The buggy address belongs to the physical page: [ 17.253217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 17.253284] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.253644] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.254330] page_type: f8(unknown) [ 17.254392] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.254444] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.255066] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.255511] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.255567] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 17.255990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.256062] page dumped because: kasan: bad access detected [ 17.256506] [ 17.256615] Memory state around the buggy address: [ 17.256802] fff00000c78ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.256958] fff00000c78ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.257410] >fff00000c78de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.257761] ^ [ 17.257874] fff00000c78de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.258029] fff00000c78de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.258294] ================================================================== [ 17.293881] ================================================================== [ 17.293960] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.294024] Read of size 1 at addr fff00000c78c92bb by task kunit_try_catch/225 [ 17.294074] [ 17.294113] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.294200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.294227] Hardware name: linux,dummy-virt (DT) [ 17.294260] Call trace: [ 17.294294] show_stack+0x20/0x38 (C) [ 17.294353] dump_stack_lvl+0x8c/0xd0 [ 17.294542] print_report+0x118/0x5d0 [ 17.294771] kasan_report+0xdc/0x128 [ 17.294976] __asan_report_load1_noabort+0x20/0x30 [ 17.295057] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.295285] mempool_slab_oob_right+0xc0/0x118 [ 17.295338] kunit_try_run_case+0x170/0x3f0 [ 17.295588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.295727] kthread+0x328/0x630 [ 17.295768] ret_from_fork+0x10/0x20 [ 17.295816] [ 17.295836] Allocated by task 225: [ 17.295864] kasan_save_stack+0x3c/0x68 [ 17.295905] kasan_save_track+0x20/0x40 [ 17.295941] kasan_save_alloc_info+0x40/0x58 [ 17.295981] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.296023] remove_element+0x16c/0x1f8 [ 17.296069] mempool_alloc_preallocated+0x58/0xc0 [ 17.296110] mempool_oob_right_helper+0x98/0x2f0 [ 17.296151] mempool_slab_oob_right+0xc0/0x118 [ 17.296191] kunit_try_run_case+0x170/0x3f0 [ 17.296229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.296273] kthread+0x328/0x630 [ 17.296306] ret_from_fork+0x10/0x20 [ 17.296342] [ 17.296362] The buggy address belongs to the object at fff00000c78c9240 [ 17.296362] which belongs to the cache test_cache of size 123 [ 17.296420] The buggy address is located 0 bytes to the right of [ 17.296420] allocated 123-byte region [fff00000c78c9240, fff00000c78c92bb) [ 17.296483] [ 17.296577] The buggy address belongs to the physical page: [ 17.296666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c9 [ 17.296768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.296827] page_type: f5(slab) [ 17.296868] raw: 0bfffe0000000000 fff00000c3e3e500 dead000000000122 0000000000000000 [ 17.296918] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.297267] page dumped because: kasan: bad access detected [ 17.297305] [ 17.297322] Memory state around the buggy address: [ 17.297368] fff00000c78c9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.297411] fff00000c78c9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.297454] >fff00000c78c9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.297490] ^ [ 17.297627] fff00000c78c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.297753] fff00000c78c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.297791] ================================================================== [ 17.242446] ================================================================== [ 17.242516] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.242590] Read of size 1 at addr fff00000c63eb573 by task kunit_try_catch/221 [ 17.242643] [ 17.242703] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.242792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.242821] Hardware name: linux,dummy-virt (DT) [ 17.242856] Call trace: [ 17.242882] show_stack+0x20/0x38 (C) [ 17.242936] dump_stack_lvl+0x8c/0xd0 [ 17.242986] print_report+0x118/0x5d0 [ 17.243034] kasan_report+0xdc/0x128 [ 17.243084] __asan_report_load1_noabort+0x20/0x30 [ 17.243140] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.243189] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.243239] kunit_try_run_case+0x170/0x3f0 [ 17.243291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.243343] kthread+0x328/0x630 [ 17.243387] ret_from_fork+0x10/0x20 [ 17.243436] [ 17.243455] Allocated by task 221: [ 17.243486] kasan_save_stack+0x3c/0x68 [ 17.243529] kasan_save_track+0x20/0x40 [ 17.243567] kasan_save_alloc_info+0x40/0x58 [ 17.243607] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.243651] remove_element+0x130/0x1f8 [ 17.243699] mempool_alloc_preallocated+0x58/0xc0 [ 17.243738] mempool_oob_right_helper+0x98/0x2f0 [ 17.243779] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.243817] kunit_try_run_case+0x170/0x3f0 [ 17.243967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.244019] kthread+0x328/0x630 [ 17.244051] ret_from_fork+0x10/0x20 [ 17.244086] [ 17.244109] The buggy address belongs to the object at fff00000c63eb500 [ 17.244109] which belongs to the cache kmalloc-128 of size 128 [ 17.244169] The buggy address is located 0 bytes to the right of [ 17.244169] allocated 115-byte region [fff00000c63eb500, fff00000c63eb573) [ 17.244236] [ 17.244259] The buggy address belongs to the physical page: [ 17.244294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063eb [ 17.244349] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.244403] page_type: f5(slab) [ 17.244444] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.244493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.244536] page dumped because: kasan: bad access detected [ 17.244569] [ 17.244587] Memory state around the buggy address: [ 17.244622] fff00000c63eb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.244665] fff00000c63eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.244724] >fff00000c63eb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.244763] ^ [ 17.244803] fff00000c63eb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.244845] fff00000c63eb600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.244884] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.682539] ================================================================== [ 16.682617] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.682701] Read of size 1 at addr fff00000c5b33a00 by task kunit_try_catch/215 [ 16.682753] [ 16.682796] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.682882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.682910] Hardware name: linux,dummy-virt (DT) [ 16.682944] Call trace: [ 16.682969] show_stack+0x20/0x38 (C) [ 16.683022] dump_stack_lvl+0x8c/0xd0 [ 16.683074] print_report+0x118/0x5d0 [ 16.683122] kasan_report+0xdc/0x128 [ 16.683168] __kasan_check_byte+0x54/0x70 [ 16.683216] kmem_cache_destroy+0x34/0x218 [ 16.683266] kmem_cache_double_destroy+0x174/0x300 [ 16.683316] kunit_try_run_case+0x170/0x3f0 [ 16.683366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.683419] kthread+0x328/0x630 [ 16.683463] ret_from_fork+0x10/0x20 [ 16.683512] [ 16.683531] Allocated by task 215: [ 16.683562] kasan_save_stack+0x3c/0x68 [ 16.683603] kasan_save_track+0x20/0x40 [ 16.683642] kasan_save_alloc_info+0x40/0x58 [ 16.683683] __kasan_slab_alloc+0xa8/0xb0 [ 16.683730] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.683773] __kmem_cache_create_args+0x178/0x280 [ 16.683813] kmem_cache_double_destroy+0xc0/0x300 [ 16.683882] kunit_try_run_case+0x170/0x3f0 [ 16.683922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.683965] kthread+0x328/0x630 [ 16.683999] ret_from_fork+0x10/0x20 [ 16.684045] [ 16.684064] Freed by task 215: [ 16.684091] kasan_save_stack+0x3c/0x68 [ 16.684129] kasan_save_track+0x20/0x40 [ 16.684166] kasan_save_free_info+0x4c/0x78 [ 16.684207] __kasan_slab_free+0x6c/0x98 [ 16.684243] kmem_cache_free+0x260/0x468 [ 16.684279] slab_kmem_cache_release+0x38/0x50 [ 16.684318] kmem_cache_release+0x1c/0x30 [ 16.684353] kobject_put+0x17c/0x420 [ 16.684389] sysfs_slab_release+0x1c/0x30 [ 16.684425] kmem_cache_destroy+0x118/0x218 [ 16.684463] kmem_cache_double_destroy+0x128/0x300 [ 16.684503] kunit_try_run_case+0x170/0x3f0 [ 16.684540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.684583] kthread+0x328/0x630 [ 16.684614] ret_from_fork+0x10/0x20 [ 16.684650] [ 16.684668] The buggy address belongs to the object at fff00000c5b33a00 [ 16.684668] which belongs to the cache kmem_cache of size 208 [ 16.684739] The buggy address is located 0 bytes inside of [ 16.684739] freed 208-byte region [fff00000c5b33a00, fff00000c5b33ad0) [ 16.684803] [ 16.684826] The buggy address belongs to the physical page: [ 16.684858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b33 [ 16.684914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.684966] page_type: f5(slab) [ 16.685008] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.685057] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.685101] page dumped because: kasan: bad access detected [ 16.685133] [ 16.685151] Memory state around the buggy address: [ 16.685185] fff00000c5b33900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.685228] fff00000c5b33980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685270] >fff00000c5b33a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.685309] ^ [ 16.685336] fff00000c5b33a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.685379] fff00000c5b33b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.685417] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.573032] ================================================================== [ 16.573134] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.573216] Read of size 1 at addr fff00000c77b1000 by task kunit_try_catch/213 [ 16.574016] [ 16.574187] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.574783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.574813] Hardware name: linux,dummy-virt (DT) [ 16.575201] Call trace: [ 16.575230] show_stack+0x20/0x38 (C) [ 16.575597] dump_stack_lvl+0x8c/0xd0 [ 16.575660] print_report+0x118/0x5d0 [ 16.575937] kasan_report+0xdc/0x128 [ 16.576059] __asan_report_load1_noabort+0x20/0x30 [ 16.576299] kmem_cache_rcu_uaf+0x388/0x468 [ 16.576348] kunit_try_run_case+0x170/0x3f0 [ 16.576742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.577224] kthread+0x328/0x630 [ 16.577326] ret_from_fork+0x10/0x20 [ 16.577530] [ 16.577550] Allocated by task 213: [ 16.577581] kasan_save_stack+0x3c/0x68 [ 16.578021] kasan_save_track+0x20/0x40 [ 16.578135] kasan_save_alloc_info+0x40/0x58 [ 16.578176] __kasan_slab_alloc+0xa8/0xb0 [ 16.578526] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.578578] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.578901] kunit_try_run_case+0x170/0x3f0 [ 16.579061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.579107] kthread+0x328/0x630 [ 16.579703] ret_from_fork+0x10/0x20 [ 16.579917] [ 16.579939] Freed by task 0: [ 16.579969] kasan_save_stack+0x3c/0x68 [ 16.580140] kasan_save_track+0x20/0x40 [ 16.580201] kasan_save_free_info+0x4c/0x78 [ 16.580243] __kasan_slab_free+0x6c/0x98 [ 16.580359] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.580444] rcu_core+0x9f4/0x1e20 [ 16.580602] rcu_core_si+0x18/0x30 [ 16.580725] handle_softirqs+0x374/0xb28 [ 16.580854] __do_softirq+0x1c/0x28 [ 16.581009] [ 16.581032] Last potentially related work creation: [ 16.581061] kasan_save_stack+0x3c/0x68 [ 16.581568] kasan_record_aux_stack+0xb4/0xc8 [ 16.581850] kmem_cache_free+0x120/0x468 [ 16.581948] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.581984] kunit_try_run_case+0x170/0x3f0 [ 16.582080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.582128] kthread+0x328/0x630 [ 16.582765] ret_from_fork+0x10/0x20 [ 16.583195] [ 16.583381] The buggy address belongs to the object at fff00000c77b1000 [ 16.583381] which belongs to the cache test_cache of size 200 [ 16.583722] The buggy address is located 0 bytes inside of [ 16.583722] freed 200-byte region [fff00000c77b1000, fff00000c77b10c8) [ 16.583793] [ 16.584151] The buggy address belongs to the physical page: [ 16.584258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b1 [ 16.584516] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.584579] page_type: f5(slab) [ 16.584624] raw: 0bfffe0000000000 fff00000c5b338c0 dead000000000122 0000000000000000 [ 16.585053] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.585354] page dumped because: kasan: bad access detected [ 16.585392] [ 16.585525] Memory state around the buggy address: [ 16.585731] fff00000c77b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585789] fff00000c77b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.586354] >fff00000c77b1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.586449] ^ [ 16.586481] fff00000c77b1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.587017] fff00000c77b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587281] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 16.080409] ================================================================== [ 16.080880] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 16.080955] Free of addr fff00000c77af001 by task kunit_try_catch/211 [ 16.080999] [ 16.081039] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.081124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.081151] Hardware name: linux,dummy-virt (DT) [ 16.081186] Call trace: [ 16.081210] show_stack+0x20/0x38 (C) [ 16.081262] dump_stack_lvl+0x8c/0xd0 [ 16.081314] print_report+0x118/0x5d0 [ 16.081361] kasan_report_invalid_free+0xc0/0xe8 [ 16.081410] check_slab_allocation+0xfc/0x108 [ 16.081458] __kasan_slab_pre_free+0x2c/0x48 [ 16.081506] kmem_cache_free+0xf0/0x468 [ 16.081553] kmem_cache_invalid_free+0x184/0x3c8 [ 16.081606] kunit_try_run_case+0x170/0x3f0 [ 16.081657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.081723] kthread+0x328/0x630 [ 16.081766] ret_from_fork+0x10/0x20 [ 16.081816] [ 16.081834] Allocated by task 211: [ 16.081865] kasan_save_stack+0x3c/0x68 [ 16.081904] kasan_save_track+0x20/0x40 [ 16.081941] kasan_save_alloc_info+0x40/0x58 [ 16.081990] __kasan_slab_alloc+0xa8/0xb0 [ 16.082028] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.082076] kmem_cache_invalid_free+0x12c/0x3c8 [ 16.082125] kunit_try_run_case+0x170/0x3f0 [ 16.082172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.082215] kthread+0x328/0x630 [ 16.082247] ret_from_fork+0x10/0x20 [ 16.082281] [ 16.082313] The buggy address belongs to the object at fff00000c77af000 [ 16.082313] which belongs to the cache test_cache of size 200 [ 16.082379] The buggy address is located 1 bytes inside of [ 16.082379] 200-byte region [fff00000c77af000, fff00000c77af0c8) [ 16.082439] [ 16.082460] The buggy address belongs to the physical page: [ 16.082491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077af [ 16.082546] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.082598] page_type: f5(slab) [ 16.082638] raw: 0bfffe0000000000 fff00000c5b33780 dead000000000122 0000000000000000 [ 16.082698] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.082740] page dumped because: kasan: bad access detected [ 16.082772] [ 16.082797] Memory state around the buggy address: [ 16.082830] fff00000c77aef00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 16.082879] fff00000c77aef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.082925] >fff00000c77af000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.082963] ^ [ 16.082990] fff00000c77af080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.083032] fff00000c77af100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.083071] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 16.013677] ================================================================== [ 16.016674] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 16.017713] Free of addr fff00000c77ae000 by task kunit_try_catch/209 [ 16.017813] [ 16.018222] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.018373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.018400] Hardware name: linux,dummy-virt (DT) [ 16.018963] Call trace: [ 16.019137] show_stack+0x20/0x38 (C) [ 16.019460] dump_stack_lvl+0x8c/0xd0 [ 16.019830] print_report+0x118/0x5d0 [ 16.020152] kasan_report_invalid_free+0xc0/0xe8 [ 16.020613] check_slab_allocation+0xd4/0x108 [ 16.020675] __kasan_slab_pre_free+0x2c/0x48 [ 16.020737] kmem_cache_free+0xf0/0x468 [ 16.020789] kmem_cache_double_free+0x190/0x3c8 [ 16.020837] kunit_try_run_case+0x170/0x3f0 [ 16.021542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.021650] kthread+0x328/0x630 [ 16.022029] ret_from_fork+0x10/0x20 [ 16.022210] [ 16.022434] Allocated by task 209: [ 16.022626] kasan_save_stack+0x3c/0x68 [ 16.022893] kasan_save_track+0x20/0x40 [ 16.023116] kasan_save_alloc_info+0x40/0x58 [ 16.023463] __kasan_slab_alloc+0xa8/0xb0 [ 16.023825] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.023906] kmem_cache_double_free+0x12c/0x3c8 [ 16.024004] kunit_try_run_case+0x170/0x3f0 [ 16.024043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.024715] kthread+0x328/0x630 [ 16.024756] ret_from_fork+0x10/0x20 [ 16.025125] [ 16.025149] Freed by task 209: [ 16.025188] kasan_save_stack+0x3c/0x68 [ 16.025550] kasan_save_track+0x20/0x40 [ 16.025605] kasan_save_free_info+0x4c/0x78 [ 16.025646] __kasan_slab_free+0x6c/0x98 [ 16.026014] kmem_cache_free+0x260/0x468 [ 16.026061] kmem_cache_double_free+0x140/0x3c8 [ 16.026529] kunit_try_run_case+0x170/0x3f0 [ 16.026667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.026723] kthread+0x328/0x630 [ 16.027071] ret_from_fork+0x10/0x20 [ 16.027349] [ 16.027517] The buggy address belongs to the object at fff00000c77ae000 [ 16.027517] which belongs to the cache test_cache of size 200 [ 16.027636] The buggy address is located 0 bytes inside of [ 16.027636] 200-byte region [fff00000c77ae000, fff00000c77ae0c8) [ 16.027705] [ 16.028033] The buggy address belongs to the physical page: [ 16.028083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ae [ 16.028452] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.028509] page_type: f5(slab) [ 16.028554] raw: 0bfffe0000000000 fff00000c5b33640 dead000000000122 0000000000000000 [ 16.028606] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.028648] page dumped because: kasan: bad access detected [ 16.028681] [ 16.029325] Memory state around the buggy address: [ 16.029650] fff00000c77adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.029888] fff00000c77adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.030164] >fff00000c77ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.030609] ^ [ 16.030845] fff00000c77ae080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.030966] fff00000c77ae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031007] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.757559] ================================================================== [ 15.757627] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.757682] Read of size 1 at addr fff00000c77c40c8 by task kunit_try_catch/207 [ 15.757747] [ 15.757782] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.757879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.757907] Hardware name: linux,dummy-virt (DT) [ 15.757940] Call trace: [ 15.758000] show_stack+0x20/0x38 (C) [ 15.758289] dump_stack_lvl+0x8c/0xd0 [ 15.758749] print_report+0x118/0x5d0 [ 15.758808] kasan_report+0xdc/0x128 [ 15.758862] __asan_report_load1_noabort+0x20/0x30 [ 15.759019] kmem_cache_oob+0x344/0x430 [ 15.759390] kunit_try_run_case+0x170/0x3f0 [ 15.759455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.759510] kthread+0x328/0x630 [ 15.759551] ret_from_fork+0x10/0x20 [ 15.759600] [ 15.759620] Allocated by task 207: [ 15.759649] kasan_save_stack+0x3c/0x68 [ 15.759702] kasan_save_track+0x20/0x40 [ 15.759738] kasan_save_alloc_info+0x40/0x58 [ 15.759780] __kasan_slab_alloc+0xa8/0xb0 [ 15.759818] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.759973] kmem_cache_oob+0x12c/0x430 [ 15.760303] kunit_try_run_case+0x170/0x3f0 [ 15.760351] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.760489] kthread+0x328/0x630 [ 15.760531] ret_from_fork+0x10/0x20 [ 15.760571] [ 15.760791] The buggy address belongs to the object at fff00000c77c4000 [ 15.760791] which belongs to the cache test_cache of size 200 [ 15.761117] The buggy address is located 0 bytes to the right of [ 15.761117] allocated 200-byte region [fff00000c77c4000, fff00000c77c40c8) [ 15.761205] [ 15.761271] The buggy address belongs to the physical page: [ 15.761318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077c4 [ 15.761374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.761423] page_type: f5(slab) [ 15.761470] raw: 0bfffe0000000000 fff00000c5b33500 dead000000000122 0000000000000000 [ 15.761519] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.761637] page dumped because: kasan: bad access detected [ 15.761953] [ 15.762125] Memory state around the buggy address: [ 15.762164] fff00000c77c3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.762269] fff00000c77c4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.762320] >fff00000c77c4080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.762382] ^ [ 15.762429] fff00000c77c4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762471] fff00000c77c4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.762510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.725166] ================================================================== [ 15.725360] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.725429] Read of size 8 at addr fff00000c779ef80 by task kunit_try_catch/200 [ 15.725485] [ 15.725709] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.725797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.725829] Hardware name: linux,dummy-virt (DT) [ 15.725955] Call trace: [ 15.725977] show_stack+0x20/0x38 (C) [ 15.726173] dump_stack_lvl+0x8c/0xd0 [ 15.726299] print_report+0x118/0x5d0 [ 15.726346] kasan_report+0xdc/0x128 [ 15.726391] __asan_report_load8_noabort+0x20/0x30 [ 15.726447] workqueue_uaf+0x480/0x4a8 [ 15.726579] kunit_try_run_case+0x170/0x3f0 [ 15.726761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.727062] kthread+0x328/0x630 [ 15.727382] ret_from_fork+0x10/0x20 [ 15.727440] [ 15.727459] Allocated by task 200: [ 15.727491] kasan_save_stack+0x3c/0x68 [ 15.728008] kasan_save_track+0x20/0x40 [ 15.728221] kasan_save_alloc_info+0x40/0x58 [ 15.728328] __kasan_kmalloc+0xd4/0xd8 [ 15.728366] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.728406] workqueue_uaf+0x13c/0x4a8 [ 15.728442] kunit_try_run_case+0x170/0x3f0 [ 15.728480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.728522] kthread+0x328/0x630 [ 15.728566] ret_from_fork+0x10/0x20 [ 15.728604] [ 15.728623] Freed by task 24: [ 15.728652] kasan_save_stack+0x3c/0x68 [ 15.728952] kasan_save_track+0x20/0x40 [ 15.728992] kasan_save_free_info+0x4c/0x78 [ 15.729268] __kasan_slab_free+0x6c/0x98 [ 15.729448] kfree+0x214/0x3c8 [ 15.729498] workqueue_uaf_work+0x18/0x30 [ 15.729550] process_one_work+0x530/0xf98 [ 15.729588] worker_thread+0x618/0xf38 [ 15.729642] kthread+0x328/0x630 [ 15.729674] ret_from_fork+0x10/0x20 [ 15.729721] [ 15.729958] Last potentially related work creation: [ 15.730011] kasan_save_stack+0x3c/0x68 [ 15.730164] kasan_record_aux_stack+0xb4/0xc8 [ 15.730212] __queue_work+0x65c/0x1008 [ 15.730250] queue_work_on+0xbc/0xf8 [ 15.730335] workqueue_uaf+0x210/0x4a8 [ 15.730379] kunit_try_run_case+0x170/0x3f0 [ 15.730418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.730659] kthread+0x328/0x630 [ 15.730854] ret_from_fork+0x10/0x20 [ 15.730964] [ 15.731011] The buggy address belongs to the object at fff00000c779ef80 [ 15.731011] which belongs to the cache kmalloc-32 of size 32 [ 15.731080] The buggy address is located 0 bytes inside of [ 15.731080] freed 32-byte region [fff00000c779ef80, fff00000c779efa0) [ 15.731231] [ 15.731259] The buggy address belongs to the physical page: [ 15.731292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10779e [ 15.731348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.731398] page_type: f5(slab) [ 15.731655] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.731807] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.731939] page dumped because: kasan: bad access detected [ 15.732012] [ 15.732030] Memory state around the buggy address: [ 15.732084] fff00000c779ee80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.732220] fff00000c779ef00: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 15.732270] >fff00000c779ef80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.732333] ^ [ 15.732418] fff00000c779f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.732522] fff00000c779f080: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 15.732562] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.700465] ================================================================== [ 15.700605] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.700678] Read of size 4 at addr fff00000c779ed80 by task swapper/1/0 [ 15.700741] [ 15.700782] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.700868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.700895] Hardware name: linux,dummy-virt (DT) [ 15.700929] Call trace: [ 15.700954] show_stack+0x20/0x38 (C) [ 15.701006] dump_stack_lvl+0x8c/0xd0 [ 15.701054] print_report+0x118/0x5d0 [ 15.701101] kasan_report+0xdc/0x128 [ 15.701147] __asan_report_load4_noabort+0x20/0x30 [ 15.701198] rcu_uaf_reclaim+0x64/0x70 [ 15.701240] rcu_core+0x9f4/0x1e20 [ 15.701285] rcu_core_si+0x18/0x30 [ 15.701330] handle_softirqs+0x374/0xb28 [ 15.701375] __do_softirq+0x1c/0x28 [ 15.701417] ____do_softirq+0x18/0x30 [ 15.701462] call_on_irq_stack+0x24/0x30 [ 15.701507] do_softirq_own_stack+0x24/0x38 [ 15.701554] __irq_exit_rcu+0x1fc/0x318 [ 15.701604] irq_exit_rcu+0x1c/0x80 [ 15.701648] el1_interrupt+0x38/0x58 [ 15.703727] el1h_64_irq_handler+0x18/0x28 [ 15.703800] el1h_64_irq+0x6c/0x70 [ 15.703902] arch_local_irq_enable+0x4/0x8 (P) [ 15.703954] do_idle+0x384/0x4e8 [ 15.703998] cpu_startup_entry+0x68/0x80 [ 15.704043] secondary_start_kernel+0x288/0x340 [ 15.704090] __secondary_switched+0xc0/0xc8 [ 15.704143] [ 15.704162] Allocated by task 198: [ 15.704194] kasan_save_stack+0x3c/0x68 [ 15.704236] kasan_save_track+0x20/0x40 [ 15.704274] kasan_save_alloc_info+0x40/0x58 [ 15.704313] __kasan_kmalloc+0xd4/0xd8 [ 15.704350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.704389] rcu_uaf+0xb0/0x2d8 [ 15.704422] kunit_try_run_case+0x170/0x3f0 [ 15.704461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.704505] kthread+0x328/0x630 [ 15.704540] ret_from_fork+0x10/0x20 [ 15.704576] [ 15.704594] Freed by task 0: [ 15.704621] kasan_save_stack+0x3c/0x68 [ 15.704656] kasan_save_track+0x20/0x40 [ 15.704705] kasan_save_free_info+0x4c/0x78 [ 15.704803] __kasan_slab_free+0x6c/0x98 [ 15.704954] kfree+0x214/0x3c8 [ 15.705063] rcu_uaf_reclaim+0x28/0x70 [ 15.705115] rcu_core+0x9f4/0x1e20 [ 15.705157] rcu_core_si+0x18/0x30 [ 15.705190] handle_softirqs+0x374/0xb28 [ 15.705229] __do_softirq+0x1c/0x28 [ 15.705262] [ 15.705290] Last potentially related work creation: [ 15.705323] kasan_save_stack+0x3c/0x68 [ 15.705363] kasan_record_aux_stack+0xb4/0xc8 [ 15.705403] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.705455] call_rcu+0x18/0x30 [ 15.705497] rcu_uaf+0x14c/0x2d8 [ 15.705530] kunit_try_run_case+0x170/0x3f0 [ 15.705568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.705614] kthread+0x328/0x630 [ 15.705648] ret_from_fork+0x10/0x20 [ 15.705707] [ 15.705741] The buggy address belongs to the object at fff00000c779ed80 [ 15.705741] which belongs to the cache kmalloc-32 of size 32 [ 15.705831] The buggy address is located 0 bytes inside of [ 15.705831] freed 32-byte region [fff00000c779ed80, fff00000c779eda0) [ 15.705893] [ 15.705952] The buggy address belongs to the physical page: [ 15.705985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10779e [ 15.706051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.706103] page_type: f5(slab) [ 15.706159] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.706219] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.706263] page dumped because: kasan: bad access detected [ 15.706295] [ 15.706314] Memory state around the buggy address: [ 15.706348] fff00000c779ec80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.706392] fff00000c779ed00: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.706446] >fff00000c779ed80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706503] ^ [ 15.706540] fff00000c779ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706594] fff00000c779ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.706630] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.451790] ================================================================== [ 15.451854] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.451906] Read of size 1 at addr fff00000c6417c78 by task kunit_try_catch/196 [ 15.451955] [ 15.451991] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.452959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.453211] Hardware name: linux,dummy-virt (DT) [ 15.453300] Call trace: [ 15.453424] show_stack+0x20/0x38 (C) [ 15.453680] dump_stack_lvl+0x8c/0xd0 [ 15.454120] print_report+0x118/0x5d0 [ 15.454277] kasan_report+0xdc/0x128 [ 15.454385] __asan_report_load1_noabort+0x20/0x30 [ 15.454637] ksize_uaf+0x544/0x5f8 [ 15.454861] kunit_try_run_case+0x170/0x3f0 [ 15.455026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.455204] kthread+0x328/0x630 [ 15.455435] ret_from_fork+0x10/0x20 [ 15.455860] [ 15.455899] Allocated by task 196: [ 15.456053] kasan_save_stack+0x3c/0x68 [ 15.456137] kasan_save_track+0x20/0x40 [ 15.456277] kasan_save_alloc_info+0x40/0x58 [ 15.456462] __kasan_kmalloc+0xd4/0xd8 [ 15.456713] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.456783] ksize_uaf+0xb8/0x5f8 [ 15.456836] kunit_try_run_case+0x170/0x3f0 [ 15.457063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.457289] kthread+0x328/0x630 [ 15.457505] ret_from_fork+0x10/0x20 [ 15.457770] [ 15.457817] Freed by task 196: [ 15.457931] kasan_save_stack+0x3c/0x68 [ 15.458087] kasan_save_track+0x20/0x40 [ 15.458223] kasan_save_free_info+0x4c/0x78 [ 15.458305] __kasan_slab_free+0x6c/0x98 [ 15.458343] kfree+0x214/0x3c8 [ 15.458431] ksize_uaf+0x11c/0x5f8 [ 15.458466] kunit_try_run_case+0x170/0x3f0 [ 15.458504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.458558] kthread+0x328/0x630 [ 15.458590] ret_from_fork+0x10/0x20 [ 15.458626] [ 15.458669] The buggy address belongs to the object at fff00000c6417c00 [ 15.458669] which belongs to the cache kmalloc-128 of size 128 [ 15.458771] The buggy address is located 120 bytes inside of [ 15.458771] freed 128-byte region [fff00000c6417c00, fff00000c6417c80) [ 15.458842] [ 15.458862] The buggy address belongs to the physical page: [ 15.458903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.458963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.459023] page_type: f5(slab) [ 15.459063] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.459125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.459177] page dumped because: kasan: bad access detected [ 15.459220] [ 15.459249] Memory state around the buggy address: [ 15.459282] fff00000c6417b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.459340] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459383] >fff00000c6417c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.459431] ^ [ 15.459490] fff00000c6417c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459542] fff00000c6417d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459591] ================================================================== [ 15.429635] ================================================================== [ 15.429730] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.429796] Read of size 1 at addr fff00000c6417c00 by task kunit_try_catch/196 [ 15.429865] [ 15.429908] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.429995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.430023] Hardware name: linux,dummy-virt (DT) [ 15.430066] Call trace: [ 15.430100] show_stack+0x20/0x38 (C) [ 15.430154] dump_stack_lvl+0x8c/0xd0 [ 15.430203] print_report+0x118/0x5d0 [ 15.430250] kasan_report+0xdc/0x128 [ 15.430295] __kasan_check_byte+0x54/0x70 [ 15.430342] ksize+0x30/0x88 [ 15.430385] ksize_uaf+0x168/0x5f8 [ 15.430430] kunit_try_run_case+0x170/0x3f0 [ 15.430486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.430539] kthread+0x328/0x630 [ 15.430582] ret_from_fork+0x10/0x20 [ 15.430631] [ 15.430658] Allocated by task 196: [ 15.430700] kasan_save_stack+0x3c/0x68 [ 15.430899] kasan_save_track+0x20/0x40 [ 15.431097] kasan_save_alloc_info+0x40/0x58 [ 15.431697] __kasan_kmalloc+0xd4/0xd8 [ 15.431758] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.431801] ksize_uaf+0xb8/0x5f8 [ 15.432178] kunit_try_run_case+0x170/0x3f0 [ 15.432290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.432488] kthread+0x328/0x630 [ 15.432652] ret_from_fork+0x10/0x20 [ 15.432828] [ 15.432905] Freed by task 196: [ 15.433066] kasan_save_stack+0x3c/0x68 [ 15.433501] kasan_save_track+0x20/0x40 [ 15.433585] kasan_save_free_info+0x4c/0x78 [ 15.434050] __kasan_slab_free+0x6c/0x98 [ 15.434144] kfree+0x214/0x3c8 [ 15.434448] ksize_uaf+0x11c/0x5f8 [ 15.434540] kunit_try_run_case+0x170/0x3f0 [ 15.434646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.435152] kthread+0x328/0x630 [ 15.435234] ret_from_fork+0x10/0x20 [ 15.435683] [ 15.435736] The buggy address belongs to the object at fff00000c6417c00 [ 15.435736] which belongs to the cache kmalloc-128 of size 128 [ 15.435947] The buggy address is located 0 bytes inside of [ 15.435947] freed 128-byte region [fff00000c6417c00, fff00000c6417c80) [ 15.436033] [ 15.436063] The buggy address belongs to the physical page: [ 15.436383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.436515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.436734] page_type: f5(slab) [ 15.436782] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.437186] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.437248] page dumped because: kasan: bad access detected [ 15.437586] [ 15.437697] Memory state around the buggy address: [ 15.437743] fff00000c6417b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.438273] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438349] >fff00000c6417c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.438454] ^ [ 15.438705] fff00000c6417c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438788] fff00000c6417d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.439260] ================================================================== [ 15.441369] ================================================================== [ 15.442035] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.442113] Read of size 1 at addr fff00000c6417c00 by task kunit_try_catch/196 [ 15.442210] [ 15.442303] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.442677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.442729] Hardware name: linux,dummy-virt (DT) [ 15.442850] Call trace: [ 15.442877] show_stack+0x20/0x38 (C) [ 15.442930] dump_stack_lvl+0x8c/0xd0 [ 15.443062] print_report+0x118/0x5d0 [ 15.443116] kasan_report+0xdc/0x128 [ 15.443172] __asan_report_load1_noabort+0x20/0x30 [ 15.443225] ksize_uaf+0x598/0x5f8 [ 15.443268] kunit_try_run_case+0x170/0x3f0 [ 15.443581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.443852] kthread+0x328/0x630 [ 15.444046] ret_from_fork+0x10/0x20 [ 15.444268] [ 15.444290] Allocated by task 196: [ 15.444342] kasan_save_stack+0x3c/0x68 [ 15.444417] kasan_save_track+0x20/0x40 [ 15.444633] kasan_save_alloc_info+0x40/0x58 [ 15.444806] __kasan_kmalloc+0xd4/0xd8 [ 15.444943] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.445112] ksize_uaf+0xb8/0x5f8 [ 15.445219] kunit_try_run_case+0x170/0x3f0 [ 15.445391] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.445619] kthread+0x328/0x630 [ 15.445708] ret_from_fork+0x10/0x20 [ 15.445988] [ 15.446078] Freed by task 196: [ 15.446196] kasan_save_stack+0x3c/0x68 [ 15.446432] kasan_save_track+0x20/0x40 [ 15.446517] kasan_save_free_info+0x4c/0x78 [ 15.446596] __kasan_slab_free+0x6c/0x98 [ 15.446865] kfree+0x214/0x3c8 [ 15.447031] ksize_uaf+0x11c/0x5f8 [ 15.447166] kunit_try_run_case+0x170/0x3f0 [ 15.447354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.447432] kthread+0x328/0x630 [ 15.447553] ret_from_fork+0x10/0x20 [ 15.447592] [ 15.447614] The buggy address belongs to the object at fff00000c6417c00 [ 15.447614] which belongs to the cache kmalloc-128 of size 128 [ 15.447723] The buggy address is located 0 bytes inside of [ 15.447723] freed 128-byte region [fff00000c6417c00, fff00000c6417c80) [ 15.448064] [ 15.448213] The buggy address belongs to the physical page: [ 15.448272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.448500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.448582] page_type: f5(slab) [ 15.448621] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.448673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.449053] page dumped because: kasan: bad access detected [ 15.449279] [ 15.449385] Memory state around the buggy address: [ 15.449491] fff00000c6417b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.449556] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449677] >fff00000c6417c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.449793] ^ [ 15.450355] fff00000c6417c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450505] fff00000c6417d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.450699] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.409395] ================================================================== [ 15.409444] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.409506] Read of size 1 at addr fff00000c6417b7f by task kunit_try_catch/194 [ 15.409555] [ 15.409584] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.409672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.409712] Hardware name: linux,dummy-virt (DT) [ 15.410074] Call trace: [ 15.410372] show_stack+0x20/0x38 (C) [ 15.410461] dump_stack_lvl+0x8c/0xd0 [ 15.410514] print_report+0x118/0x5d0 [ 15.410712] kasan_report+0xdc/0x128 [ 15.410981] __asan_report_load1_noabort+0x20/0x30 [ 15.411052] ksize_unpoisons_memory+0x690/0x740 [ 15.411398] kunit_try_run_case+0x170/0x3f0 [ 15.411526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.411641] kthread+0x328/0x630 [ 15.411873] ret_from_fork+0x10/0x20 [ 15.412085] [ 15.412152] Allocated by task 194: [ 15.412504] kasan_save_stack+0x3c/0x68 [ 15.412600] kasan_save_track+0x20/0x40 [ 15.412772] kasan_save_alloc_info+0x40/0x58 [ 15.412906] __kasan_kmalloc+0xd4/0xd8 [ 15.412976] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.413039] ksize_unpoisons_memory+0xc0/0x740 [ 15.413368] kunit_try_run_case+0x170/0x3f0 [ 15.413664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.413752] kthread+0x328/0x630 [ 15.413852] ret_from_fork+0x10/0x20 [ 15.413932] [ 15.414153] The buggy address belongs to the object at fff00000c6417b00 [ 15.414153] which belongs to the cache kmalloc-128 of size 128 [ 15.414441] The buggy address is located 12 bytes to the right of [ 15.414441] allocated 115-byte region [fff00000c6417b00, fff00000c6417b73) [ 15.414658] [ 15.414711] The buggy address belongs to the physical page: [ 15.415108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.415184] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.415341] page_type: f5(slab) [ 15.415390] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.415592] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.415682] page dumped because: kasan: bad access detected [ 15.416111] [ 15.416200] Memory state around the buggy address: [ 15.416355] fff00000c6417a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.416462] fff00000c6417a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416583] >fff00000c6417b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.416624] ^ [ 15.416701] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416747] fff00000c6417c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.416935] ================================================================== [ 15.390360] ================================================================== [ 15.390519] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.390622] Read of size 1 at addr fff00000c6417b73 by task kunit_try_catch/194 [ 15.391071] [ 15.391122] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.391465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.391667] Hardware name: linux,dummy-virt (DT) [ 15.391753] Call trace: [ 15.391777] show_stack+0x20/0x38 (C) [ 15.391832] dump_stack_lvl+0x8c/0xd0 [ 15.392297] print_report+0x118/0x5d0 [ 15.392377] kasan_report+0xdc/0x128 [ 15.392430] __asan_report_load1_noabort+0x20/0x30 [ 15.392681] ksize_unpoisons_memory+0x628/0x740 [ 15.392984] kunit_try_run_case+0x170/0x3f0 [ 15.393113] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.393248] kthread+0x328/0x630 [ 15.393591] ret_from_fork+0x10/0x20 [ 15.394091] [ 15.394196] Allocated by task 194: [ 15.394254] kasan_save_stack+0x3c/0x68 [ 15.394573] kasan_save_track+0x20/0x40 [ 15.394868] kasan_save_alloc_info+0x40/0x58 [ 15.394940] __kasan_kmalloc+0xd4/0xd8 [ 15.395149] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.395372] ksize_unpoisons_memory+0xc0/0x740 [ 15.395794] kunit_try_run_case+0x170/0x3f0 [ 15.395974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.396027] kthread+0x328/0x630 [ 15.396061] ret_from_fork+0x10/0x20 [ 15.396123] [ 15.396144] The buggy address belongs to the object at fff00000c6417b00 [ 15.396144] which belongs to the cache kmalloc-128 of size 128 [ 15.396359] The buggy address is located 0 bytes to the right of [ 15.396359] allocated 115-byte region [fff00000c6417b00, fff00000c6417b73) [ 15.396531] [ 15.396554] The buggy address belongs to the physical page: [ 15.396648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.396745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.396813] page_type: f5(slab) [ 15.396853] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.396905] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.396958] page dumped because: kasan: bad access detected [ 15.396989] [ 15.397019] Memory state around the buggy address: [ 15.397063] fff00000c6417a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.397110] fff00000c6417a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397155] >fff00000c6417b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.397205] ^ [ 15.397256] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397297] fff00000c6417c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397347] ================================================================== [ 15.403079] ================================================================== [ 15.403154] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.403291] Read of size 1 at addr fff00000c6417b78 by task kunit_try_catch/194 [ 15.403406] [ 15.403440] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.403707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.403909] Hardware name: linux,dummy-virt (DT) [ 15.404266] Call trace: [ 15.404330] show_stack+0x20/0x38 (C) [ 15.404445] dump_stack_lvl+0x8c/0xd0 [ 15.404495] print_report+0x118/0x5d0 [ 15.404543] kasan_report+0xdc/0x128 [ 15.404947] __asan_report_load1_noabort+0x20/0x30 [ 15.405072] ksize_unpoisons_memory+0x618/0x740 [ 15.405346] kunit_try_run_case+0x170/0x3f0 [ 15.405558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.405983] kthread+0x328/0x630 [ 15.406110] ret_from_fork+0x10/0x20 [ 15.406207] [ 15.406306] Allocated by task 194: [ 15.406524] kasan_save_stack+0x3c/0x68 [ 15.406569] kasan_save_track+0x20/0x40 [ 15.406631] kasan_save_alloc_info+0x40/0x58 [ 15.406925] __kasan_kmalloc+0xd4/0xd8 [ 15.407080] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.407242] ksize_unpoisons_memory+0xc0/0x740 [ 15.407428] kunit_try_run_case+0x170/0x3f0 [ 15.407483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.407978] kthread+0x328/0x630 [ 15.408042] ret_from_fork+0x10/0x20 [ 15.408079] [ 15.408120] The buggy address belongs to the object at fff00000c6417b00 [ 15.408120] which belongs to the cache kmalloc-128 of size 128 [ 15.408180] The buggy address is located 5 bytes to the right of [ 15.408180] allocated 115-byte region [fff00000c6417b00, fff00000c6417b73) [ 15.408245] [ 15.408266] The buggy address belongs to the physical page: [ 15.408298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.408362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.408412] page_type: f5(slab) [ 15.408449] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.408502] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.408553] page dumped because: kasan: bad access detected [ 15.408585] [ 15.408602] Memory state around the buggy address: [ 15.408651] fff00000c6417a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.408715] fff00000c6417a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408760] >fff00000c6417b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.408798] ^ [ 15.408839] fff00000c6417b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408891] fff00000c6417c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.408929] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.369319] ================================================================== [ 15.369739] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.369808] Free of addr fff00000c5eb7c60 by task kunit_try_catch/192 [ 15.370063] [ 15.370399] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.370670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.370905] Hardware name: linux,dummy-virt (DT) [ 15.370948] Call trace: [ 15.370976] show_stack+0x20/0x38 (C) [ 15.371117] dump_stack_lvl+0x8c/0xd0 [ 15.371191] print_report+0x118/0x5d0 [ 15.371346] kasan_report_invalid_free+0xc0/0xe8 [ 15.371449] check_slab_allocation+0xd4/0x108 [ 15.371608] __kasan_slab_pre_free+0x2c/0x48 [ 15.371661] kfree+0xe8/0x3c8 [ 15.371771] kfree_sensitive+0x3c/0xb0 [ 15.371820] kmalloc_double_kzfree+0x168/0x308 [ 15.371900] kunit_try_run_case+0x170/0x3f0 [ 15.371954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.372006] kthread+0x328/0x630 [ 15.372227] ret_from_fork+0x10/0x20 [ 15.372540] [ 15.372606] Allocated by task 192: [ 15.372924] kasan_save_stack+0x3c/0x68 [ 15.373036] kasan_save_track+0x20/0x40 [ 15.373201] kasan_save_alloc_info+0x40/0x58 [ 15.373276] __kasan_kmalloc+0xd4/0xd8 [ 15.373702] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.373870] kmalloc_double_kzfree+0xb8/0x308 [ 15.374110] kunit_try_run_case+0x170/0x3f0 [ 15.374333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.374536] kthread+0x328/0x630 [ 15.374624] ret_from_fork+0x10/0x20 [ 15.374710] [ 15.374818] Freed by task 192: [ 15.374917] kasan_save_stack+0x3c/0x68 [ 15.375015] kasan_save_track+0x20/0x40 [ 15.375121] kasan_save_free_info+0x4c/0x78 [ 15.375191] __kasan_slab_free+0x6c/0x98 [ 15.375228] kfree+0x214/0x3c8 [ 15.375614] kfree_sensitive+0x80/0xb0 [ 15.375800] kmalloc_double_kzfree+0x11c/0x308 [ 15.375935] kunit_try_run_case+0x170/0x3f0 [ 15.375976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.376018] kthread+0x328/0x630 [ 15.376267] ret_from_fork+0x10/0x20 [ 15.376765] [ 15.376924] The buggy address belongs to the object at fff00000c5eb7c60 [ 15.376924] which belongs to the cache kmalloc-16 of size 16 [ 15.377020] The buggy address is located 0 bytes inside of [ 15.377020] 16-byte region [fff00000c5eb7c60, fff00000c5eb7c70) [ 15.377221] [ 15.377296] The buggy address belongs to the physical page: [ 15.377356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 15.377457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.377535] page_type: f5(slab) [ 15.377587] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.377645] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.377704] page dumped because: kasan: bad access detected [ 15.377746] [ 15.377765] Memory state around the buggy address: [ 15.377814] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 15.377869] fff00000c5eb7b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.377915] >fff00000c5eb7c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.377955] ^ [ 15.378010] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.378054] fff00000c5eb7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.378091] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.356577] ================================================================== [ 15.356724] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.356831] Read of size 1 at addr fff00000c5eb7c60 by task kunit_try_catch/192 [ 15.356947] [ 15.357093] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.357198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.357246] Hardware name: linux,dummy-virt (DT) [ 15.357278] Call trace: [ 15.357303] show_stack+0x20/0x38 (C) [ 15.357506] dump_stack_lvl+0x8c/0xd0 [ 15.357602] print_report+0x118/0x5d0 [ 15.357683] kasan_report+0xdc/0x128 [ 15.357831] __kasan_check_byte+0x54/0x70 [ 15.357932] kfree_sensitive+0x30/0xb0 [ 15.358044] kmalloc_double_kzfree+0x168/0x308 [ 15.358143] kunit_try_run_case+0x170/0x3f0 [ 15.358209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.358497] kthread+0x328/0x630 [ 15.358635] ret_from_fork+0x10/0x20 [ 15.358824] [ 15.358889] Allocated by task 192: [ 15.359008] kasan_save_stack+0x3c/0x68 [ 15.359093] kasan_save_track+0x20/0x40 [ 15.359240] kasan_save_alloc_info+0x40/0x58 [ 15.359355] __kasan_kmalloc+0xd4/0xd8 [ 15.359477] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.359516] kmalloc_double_kzfree+0xb8/0x308 [ 15.359609] kunit_try_run_case+0x170/0x3f0 [ 15.360043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.360189] kthread+0x328/0x630 [ 15.360317] ret_from_fork+0x10/0x20 [ 15.360447] [ 15.360505] Freed by task 192: [ 15.360580] kasan_save_stack+0x3c/0x68 [ 15.360623] kasan_save_track+0x20/0x40 [ 15.360660] kasan_save_free_info+0x4c/0x78 [ 15.360710] __kasan_slab_free+0x6c/0x98 [ 15.361193] kfree+0x214/0x3c8 [ 15.361861] kfree_sensitive+0x80/0xb0 [ 15.361939] kmalloc_double_kzfree+0x11c/0x308 [ 15.362320] kunit_try_run_case+0x170/0x3f0 [ 15.362379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.362455] kthread+0x328/0x630 [ 15.362489] ret_from_fork+0x10/0x20 [ 15.362957] [ 15.363014] The buggy address belongs to the object at fff00000c5eb7c60 [ 15.363014] which belongs to the cache kmalloc-16 of size 16 [ 15.363199] The buggy address is located 0 bytes inside of [ 15.363199] freed 16-byte region [fff00000c5eb7c60, fff00000c5eb7c70) [ 15.363273] [ 15.363305] The buggy address belongs to the physical page: [ 15.363337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 15.363413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.363474] page_type: f5(slab) [ 15.363537] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.363599] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.363642] page dumped because: kasan: bad access detected [ 15.363673] [ 15.363723] Memory state around the buggy address: [ 15.363801] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 15.363881] fff00000c5eb7b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.364601] >fff00000c5eb7c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.365260] ^ [ 15.365318] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.365388] fff00000c5eb7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.365837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.339426] ================================================================== [ 15.339605] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.339659] Read of size 1 at addr fff00000c77cb9a8 by task kunit_try_catch/188 [ 15.339723] [ 15.339791] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.339995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.340083] Hardware name: linux,dummy-virt (DT) [ 15.340165] Call trace: [ 15.340224] show_stack+0x20/0x38 (C) [ 15.340326] dump_stack_lvl+0x8c/0xd0 [ 15.340375] print_report+0x118/0x5d0 [ 15.340439] kasan_report+0xdc/0x128 [ 15.340856] __asan_report_load1_noabort+0x20/0x30 [ 15.340957] kmalloc_uaf2+0x3f4/0x468 [ 15.341057] kunit_try_run_case+0x170/0x3f0 [ 15.341119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.341209] kthread+0x328/0x630 [ 15.341464] ret_from_fork+0x10/0x20 [ 15.341679] [ 15.341790] Allocated by task 188: [ 15.341861] kasan_save_stack+0x3c/0x68 [ 15.341940] kasan_save_track+0x20/0x40 [ 15.342047] kasan_save_alloc_info+0x40/0x58 [ 15.342169] __kasan_kmalloc+0xd4/0xd8 [ 15.342286] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.342464] kmalloc_uaf2+0xc4/0x468 [ 15.342636] kunit_try_run_case+0x170/0x3f0 [ 15.342786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.342911] kthread+0x328/0x630 [ 15.343017] ret_from_fork+0x10/0x20 [ 15.343104] [ 15.343170] Freed by task 188: [ 15.343278] kasan_save_stack+0x3c/0x68 [ 15.343371] kasan_save_track+0x20/0x40 [ 15.343523] kasan_save_free_info+0x4c/0x78 [ 15.343575] __kasan_slab_free+0x6c/0x98 [ 15.343611] kfree+0x214/0x3c8 [ 15.343879] kmalloc_uaf2+0x134/0x468 [ 15.343998] kunit_try_run_case+0x170/0x3f0 [ 15.344132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.344208] kthread+0x328/0x630 [ 15.344344] ret_from_fork+0x10/0x20 [ 15.344430] [ 15.344577] The buggy address belongs to the object at fff00000c77cb980 [ 15.344577] which belongs to the cache kmalloc-64 of size 64 [ 15.344747] The buggy address is located 40 bytes inside of [ 15.344747] freed 64-byte region [fff00000c77cb980, fff00000c77cb9c0) [ 15.344834] [ 15.344861] The buggy address belongs to the physical page: [ 15.344894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077cb [ 15.344972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.345022] page_type: f5(slab) [ 15.345098] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.345293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.345348] page dumped because: kasan: bad access detected [ 15.345381] [ 15.345398] Memory state around the buggy address: [ 15.345438] fff00000c77cb880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.345489] fff00000c77cb900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.345551] >fff00000c77cb980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.345603] ^ [ 15.345636] fff00000c77cba00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.345679] fff00000c77cba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.345730] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.329504] ================================================================== [ 15.329626] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.329678] Write of size 33 at addr fff00000c77cb800 by task kunit_try_catch/186 [ 15.329817] [ 15.329994] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.330097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.330171] Hardware name: linux,dummy-virt (DT) [ 15.330210] Call trace: [ 15.330260] show_stack+0x20/0x38 (C) [ 15.330312] dump_stack_lvl+0x8c/0xd0 [ 15.330388] print_report+0x118/0x5d0 [ 15.330453] kasan_report+0xdc/0x128 [ 15.330501] kasan_check_range+0x100/0x1a8 [ 15.330549] __asan_memset+0x34/0x78 [ 15.330726] kmalloc_uaf_memset+0x170/0x310 [ 15.330882] kunit_try_run_case+0x170/0x3f0 [ 15.330966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.331021] kthread+0x328/0x630 [ 15.331063] ret_from_fork+0x10/0x20 [ 15.331111] [ 15.331135] Allocated by task 186: [ 15.331175] kasan_save_stack+0x3c/0x68 [ 15.331217] kasan_save_track+0x20/0x40 [ 15.331272] kasan_save_alloc_info+0x40/0x58 [ 15.331319] __kasan_kmalloc+0xd4/0xd8 [ 15.331459] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.331595] kmalloc_uaf_memset+0xb8/0x310 [ 15.331639] kunit_try_run_case+0x170/0x3f0 [ 15.331683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.331766] kthread+0x328/0x630 [ 15.331830] ret_from_fork+0x10/0x20 [ 15.331953] [ 15.331988] Freed by task 186: [ 15.332015] kasan_save_stack+0x3c/0x68 [ 15.332052] kasan_save_track+0x20/0x40 [ 15.332089] kasan_save_free_info+0x4c/0x78 [ 15.332424] __kasan_slab_free+0x6c/0x98 [ 15.332480] kfree+0x214/0x3c8 [ 15.332523] kmalloc_uaf_memset+0x11c/0x310 [ 15.332566] kunit_try_run_case+0x170/0x3f0 [ 15.332603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.332646] kthread+0x328/0x630 [ 15.332677] ret_from_fork+0x10/0x20 [ 15.332724] [ 15.332743] The buggy address belongs to the object at fff00000c77cb800 [ 15.332743] which belongs to the cache kmalloc-64 of size 64 [ 15.332811] The buggy address is located 0 bytes inside of [ 15.332811] freed 64-byte region [fff00000c77cb800, fff00000c77cb840) [ 15.332872] [ 15.332895] The buggy address belongs to the physical page: [ 15.332925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077cb [ 15.332989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.333046] page_type: f5(slab) [ 15.333100] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.333152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.333211] page dumped because: kasan: bad access detected [ 15.333241] [ 15.333269] Memory state around the buggy address: [ 15.333317] fff00000c77cb700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.333368] fff00000c77cb780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.333427] >fff00000c77cb800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.333491] ^ [ 15.333521] fff00000c77cb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333575] fff00000c77cb900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333628] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.314081] ================================================================== [ 15.314143] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.314511] Read of size 1 at addr fff00000c5eb7c48 by task kunit_try_catch/184 [ 15.314856] [ 15.315342] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.315448] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.315474] Hardware name: linux,dummy-virt (DT) [ 15.315959] Call trace: [ 15.316113] show_stack+0x20/0x38 (C) [ 15.316221] dump_stack_lvl+0x8c/0xd0 [ 15.316380] print_report+0x118/0x5d0 [ 15.316508] kasan_report+0xdc/0x128 [ 15.317159] __asan_report_load1_noabort+0x20/0x30 [ 15.317272] kmalloc_uaf+0x300/0x338 [ 15.317478] kunit_try_run_case+0x170/0x3f0 [ 15.317623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.317985] kthread+0x328/0x630 [ 15.318132] ret_from_fork+0x10/0x20 [ 15.318260] [ 15.318385] Allocated by task 184: [ 15.318539] kasan_save_stack+0x3c/0x68 [ 15.318598] kasan_save_track+0x20/0x40 [ 15.318698] kasan_save_alloc_info+0x40/0x58 [ 15.319048] __kasan_kmalloc+0xd4/0xd8 [ 15.319121] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.319449] kmalloc_uaf+0xb8/0x338 [ 15.319625] kunit_try_run_case+0x170/0x3f0 [ 15.319803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.319941] kthread+0x328/0x630 [ 15.320051] ret_from_fork+0x10/0x20 [ 15.320217] [ 15.320438] Freed by task 184: [ 15.320525] kasan_save_stack+0x3c/0x68 [ 15.320588] kasan_save_track+0x20/0x40 [ 15.320638] kasan_save_free_info+0x4c/0x78 [ 15.320678] __kasan_slab_free+0x6c/0x98 [ 15.320743] kfree+0x214/0x3c8 [ 15.320795] kmalloc_uaf+0x11c/0x338 [ 15.320829] kunit_try_run_case+0x170/0x3f0 [ 15.320868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.320911] kthread+0x328/0x630 [ 15.320971] ret_from_fork+0x10/0x20 [ 15.321015] [ 15.321035] The buggy address belongs to the object at fff00000c5eb7c40 [ 15.321035] which belongs to the cache kmalloc-16 of size 16 [ 15.321101] The buggy address is located 8 bytes inside of [ 15.321101] freed 16-byte region [fff00000c5eb7c40, fff00000c5eb7c50) [ 15.321162] [ 15.321184] The buggy address belongs to the physical page: [ 15.321230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 15.321286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.321336] page_type: f5(slab) [ 15.321384] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.321449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.321499] page dumped because: kasan: bad access detected [ 15.321531] [ 15.321550] Memory state around the buggy address: [ 15.321591] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 15.321656] fff00000c5eb7b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.321726] >fff00000c5eb7c00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 15.321775] ^ [ 15.321818] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321870] fff00000c5eb7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.321908] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.294341] ================================================================== [ 15.294522] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.294584] Read of size 64 at addr fff00000c77cb504 by task kunit_try_catch/182 [ 15.294742] [ 15.294790] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.295155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.295288] Hardware name: linux,dummy-virt (DT) [ 15.295327] Call trace: [ 15.295369] show_stack+0x20/0x38 (C) [ 15.295422] dump_stack_lvl+0x8c/0xd0 [ 15.295475] print_report+0x118/0x5d0 [ 15.295522] kasan_report+0xdc/0x128 [ 15.295890] kasan_check_range+0x100/0x1a8 [ 15.296232] __asan_memmove+0x3c/0x98 [ 15.296284] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.296355] kunit_try_run_case+0x170/0x3f0 [ 15.296764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.296862] kthread+0x328/0x630 [ 15.297021] ret_from_fork+0x10/0x20 [ 15.297176] [ 15.297270] Allocated by task 182: [ 15.297323] kasan_save_stack+0x3c/0x68 [ 15.297641] kasan_save_track+0x20/0x40 [ 15.297766] kasan_save_alloc_info+0x40/0x58 [ 15.297929] __kasan_kmalloc+0xd4/0xd8 [ 15.298044] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.298201] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.298545] kunit_try_run_case+0x170/0x3f0 [ 15.298624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.298751] kthread+0x328/0x630 [ 15.298836] ret_from_fork+0x10/0x20 [ 15.298873] [ 15.298920] The buggy address belongs to the object at fff00000c77cb500 [ 15.298920] which belongs to the cache kmalloc-64 of size 64 [ 15.299121] The buggy address is located 4 bytes inside of [ 15.299121] allocated 64-byte region [fff00000c77cb500, fff00000c77cb540) [ 15.299381] [ 15.299420] The buggy address belongs to the physical page: [ 15.299564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077cb [ 15.299629] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.299804] page_type: f5(slab) [ 15.299913] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.300300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.300373] page dumped because: kasan: bad access detected [ 15.300710] [ 15.300734] Memory state around the buggy address: [ 15.300770] fff00000c77cb400: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.300817] fff00000c77cb480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.301125] >fff00000c77cb500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.301199] ^ [ 15.301513] fff00000c77cb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301561] fff00000c77cb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301630] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.271530] ================================================================== [ 15.272223] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.272302] Read of size 18446744073709551614 at addr fff00000c77cb304 by task kunit_try_catch/180 [ 15.273121] [ 15.273592] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.273751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.273863] Hardware name: linux,dummy-virt (DT) [ 15.273962] Call trace: [ 15.274043] show_stack+0x20/0x38 (C) [ 15.274222] dump_stack_lvl+0x8c/0xd0 [ 15.274349] print_report+0x118/0x5d0 [ 15.274537] kasan_report+0xdc/0x128 [ 15.274595] kasan_check_range+0x100/0x1a8 [ 15.274921] __asan_memmove+0x3c/0x98 [ 15.275007] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.275059] kunit_try_run_case+0x170/0x3f0 [ 15.275117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.275168] kthread+0x328/0x630 [ 15.275224] ret_from_fork+0x10/0x20 [ 15.275271] [ 15.275296] Allocated by task 180: [ 15.275336] kasan_save_stack+0x3c/0x68 [ 15.275376] kasan_save_track+0x20/0x40 [ 15.275414] kasan_save_alloc_info+0x40/0x58 [ 15.275452] __kasan_kmalloc+0xd4/0xd8 [ 15.275488] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.275525] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.275585] kunit_try_run_case+0x170/0x3f0 [ 15.275623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.275664] kthread+0x328/0x630 [ 15.276005] ret_from_fork+0x10/0x20 [ 15.276078] [ 15.276117] The buggy address belongs to the object at fff00000c77cb300 [ 15.276117] which belongs to the cache kmalloc-64 of size 64 [ 15.276433] The buggy address is located 4 bytes inside of [ 15.276433] 64-byte region [fff00000c77cb300, fff00000c77cb340) [ 15.276513] [ 15.276545] The buggy address belongs to the physical page: [ 15.276585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077cb [ 15.276770] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.276832] page_type: f5(slab) [ 15.276871] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.277143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.278584] page dumped because: kasan: bad access detected [ 15.278678] [ 15.279029] Memory state around the buggy address: [ 15.279092] fff00000c77cb200: 00 00 00 00 05 fc fc fc fc fc fc fc fc fc fc fc [ 15.279291] fff00000c77cb280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.279366] >fff00000c77cb300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.279737] ^ [ 15.279881] fff00000c77cb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280010] fff00000c77cb400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.227900] ================================================================== [ 15.227968] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.228018] Write of size 8 at addr fff00000c6417a71 by task kunit_try_catch/176 [ 15.228066] [ 15.228162] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.228479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228506] Hardware name: linux,dummy-virt (DT) [ 15.228542] Call trace: [ 15.228625] show_stack+0x20/0x38 (C) [ 15.228671] dump_stack_lvl+0x8c/0xd0 [ 15.228754] print_report+0x118/0x5d0 [ 15.228800] kasan_report+0xdc/0x128 [ 15.228884] kasan_check_range+0x100/0x1a8 [ 15.229100] __asan_memset+0x34/0x78 [ 15.229142] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.229187] kunit_try_run_case+0x170/0x3f0 [ 15.229234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.229285] kthread+0x328/0x630 [ 15.229326] ret_from_fork+0x10/0x20 [ 15.229433] [ 15.229505] Allocated by task 176: [ 15.229539] kasan_save_stack+0x3c/0x68 [ 15.229640] kasan_save_track+0x20/0x40 [ 15.232226] kasan_save_alloc_info+0x40/0x58 [ 15.232612] __kasan_kmalloc+0xd4/0xd8 [ 15.232784] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.233255] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.233357] kunit_try_run_case+0x170/0x3f0 [ 15.233535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.233644] kthread+0x328/0x630 [ 15.233772] ret_from_fork+0x10/0x20 [ 15.233871] [ 15.233975] The buggy address belongs to the object at fff00000c6417a00 [ 15.233975] which belongs to the cache kmalloc-128 of size 128 [ 15.234066] The buggy address is located 113 bytes inside of [ 15.234066] allocated 120-byte region [fff00000c6417a00, fff00000c6417a78) [ 15.234203] [ 15.234246] The buggy address belongs to the physical page: [ 15.234304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.234706] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.234816] page_type: f5(slab) [ 15.234870] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.235125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.235258] page dumped because: kasan: bad access detected [ 15.235325] [ 15.235502] Memory state around the buggy address: [ 15.235545] fff00000c6417900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.236041] fff00000c6417980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236263] >fff00000c6417a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.236370] ^ [ 15.236455] fff00000c6417a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236561] fff00000c6417b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.217231] ================================================================== [ 15.217286] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.217336] Write of size 4 at addr fff00000c6417975 by task kunit_try_catch/174 [ 15.217571] [ 15.217808] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.217918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.217944] Hardware name: linux,dummy-virt (DT) [ 15.217973] Call trace: [ 15.217995] show_stack+0x20/0x38 (C) [ 15.218043] dump_stack_lvl+0x8c/0xd0 [ 15.218199] print_report+0x118/0x5d0 [ 15.218472] kasan_report+0xdc/0x128 [ 15.218517] kasan_check_range+0x100/0x1a8 [ 15.218563] __asan_memset+0x34/0x78 [ 15.218604] kmalloc_oob_memset_4+0x150/0x300 [ 15.218649] kunit_try_run_case+0x170/0x3f0 [ 15.218714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.218790] kthread+0x328/0x630 [ 15.219019] ret_from_fork+0x10/0x20 [ 15.219072] [ 15.219109] Allocated by task 174: [ 15.219199] kasan_save_stack+0x3c/0x68 [ 15.219386] kasan_save_track+0x20/0x40 [ 15.219457] kasan_save_alloc_info+0x40/0x58 [ 15.219526] __kasan_kmalloc+0xd4/0xd8 [ 15.219701] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.219831] kmalloc_oob_memset_4+0xb0/0x300 [ 15.219875] kunit_try_run_case+0x170/0x3f0 [ 15.219912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.219954] kthread+0x328/0x630 [ 15.220080] ret_from_fork+0x10/0x20 [ 15.220161] [ 15.220260] The buggy address belongs to the object at fff00000c6417900 [ 15.220260] which belongs to the cache kmalloc-128 of size 128 [ 15.220360] The buggy address is located 117 bytes inside of [ 15.220360] allocated 120-byte region [fff00000c6417900, fff00000c6417978) [ 15.220523] [ 15.220549] The buggy address belongs to the physical page: [ 15.220587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.220637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.220684] page_type: f5(slab) [ 15.220750] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.220823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.220891] page dumped because: kasan: bad access detected [ 15.220923] [ 15.220941] Memory state around the buggy address: [ 15.220978] fff00000c6417800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.221176] fff00000c6417880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221342] >fff00000c6417900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.221379] ^ [ 15.221460] fff00000c6417980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221501] fff00000c6417a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.221661] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.207028] ================================================================== [ 15.207084] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.207571] Write of size 2 at addr fff00000c6417877 by task kunit_try_catch/172 [ 15.207679] [ 15.207718] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.207836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.207961] Hardware name: linux,dummy-virt (DT) [ 15.207992] Call trace: [ 15.208014] show_stack+0x20/0x38 (C) [ 15.208063] dump_stack_lvl+0x8c/0xd0 [ 15.208109] print_report+0x118/0x5d0 [ 15.208153] kasan_report+0xdc/0x128 [ 15.208198] kasan_check_range+0x100/0x1a8 [ 15.208244] __asan_memset+0x34/0x78 [ 15.208285] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.208330] kunit_try_run_case+0x170/0x3f0 [ 15.208501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.208576] kthread+0x328/0x630 [ 15.208618] ret_from_fork+0x10/0x20 [ 15.208663] [ 15.208681] Allocated by task 172: [ 15.208752] kasan_save_stack+0x3c/0x68 [ 15.208828] kasan_save_track+0x20/0x40 [ 15.208879] kasan_save_alloc_info+0x40/0x58 [ 15.208939] __kasan_kmalloc+0xd4/0xd8 [ 15.209068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.209169] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.209245] kunit_try_run_case+0x170/0x3f0 [ 15.209281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.209332] kthread+0x328/0x630 [ 15.209364] ret_from_fork+0x10/0x20 [ 15.209399] [ 15.209417] The buggy address belongs to the object at fff00000c6417800 [ 15.209417] which belongs to the cache kmalloc-128 of size 128 [ 15.209727] The buggy address is located 119 bytes inside of [ 15.209727] allocated 120-byte region [fff00000c6417800, fff00000c6417878) [ 15.209828] [ 15.209847] The buggy address belongs to the physical page: [ 15.209876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.209927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.209973] page_type: f5(slab) [ 15.210008] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.210057] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.210096] page dumped because: kasan: bad access detected [ 15.210136] [ 15.210154] Memory state around the buggy address: [ 15.210184] fff00000c6417700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.210373] fff00000c6417780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210438] >fff00000c6417800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.210475] ^ [ 15.210600] fff00000c6417880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210654] fff00000c6417900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210699] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.198866] ================================================================== [ 15.199023] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.199073] Write of size 128 at addr fff00000c6417700 by task kunit_try_catch/170 [ 15.199122] [ 15.199158] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.199342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.199461] Hardware name: linux,dummy-virt (DT) [ 15.199491] Call trace: [ 15.199559] show_stack+0x20/0x38 (C) [ 15.199825] dump_stack_lvl+0x8c/0xd0 [ 15.199887] print_report+0x118/0x5d0 [ 15.199932] kasan_report+0xdc/0x128 [ 15.200011] kasan_check_range+0x100/0x1a8 [ 15.200059] __asan_memset+0x34/0x78 [ 15.200100] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.200145] kunit_try_run_case+0x170/0x3f0 [ 15.200192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.200243] kthread+0x328/0x630 [ 15.200556] ret_from_fork+0x10/0x20 [ 15.200698] [ 15.200717] Allocated by task 170: [ 15.200813] kasan_save_stack+0x3c/0x68 [ 15.200855] kasan_save_track+0x20/0x40 [ 15.200891] kasan_save_alloc_info+0x40/0x58 [ 15.200929] __kasan_kmalloc+0xd4/0xd8 [ 15.200965] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.201002] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.201038] kunit_try_run_case+0x170/0x3f0 [ 15.201075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.201116] kthread+0x328/0x630 [ 15.201148] ret_from_fork+0x10/0x20 [ 15.201184] [ 15.201213] The buggy address belongs to the object at fff00000c6417700 [ 15.201213] which belongs to the cache kmalloc-128 of size 128 [ 15.201269] The buggy address is located 0 bytes inside of [ 15.201269] allocated 120-byte region [fff00000c6417700, fff00000c6417778) [ 15.201366] [ 15.201386] The buggy address belongs to the physical page: [ 15.201454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.201561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.201611] page_type: f5(slab) [ 15.201648] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.201743] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.201828] page dumped because: kasan: bad access detected [ 15.201858] [ 15.201876] Memory state around the buggy address: [ 15.201906] fff00000c6417600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.201948] fff00000c6417680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202032] >fff00000c6417700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.202071] ^ [ 15.202248] fff00000c6417780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202347] fff00000c6417800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.202413] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.187825] ================================================================== [ 15.187888] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.188077] Read of size 16 at addr fff00000c5eb7c20 by task kunit_try_catch/168 [ 15.188137] [ 15.188220] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.188299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.188325] Hardware name: linux,dummy-virt (DT) [ 15.188384] Call trace: [ 15.188419] show_stack+0x20/0x38 (C) [ 15.188504] dump_stack_lvl+0x8c/0xd0 [ 15.188552] print_report+0x118/0x5d0 [ 15.188597] kasan_report+0xdc/0x128 [ 15.188651] __asan_report_load16_noabort+0x20/0x30 [ 15.188822] kmalloc_uaf_16+0x3bc/0x438 [ 15.188908] kunit_try_run_case+0x170/0x3f0 [ 15.189072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.189124] kthread+0x328/0x630 [ 15.189220] ret_from_fork+0x10/0x20 [ 15.189267] [ 15.189285] Allocated by task 168: [ 15.189314] kasan_save_stack+0x3c/0x68 [ 15.189478] kasan_save_track+0x20/0x40 [ 15.189561] kasan_save_alloc_info+0x40/0x58 [ 15.189634] __kasan_kmalloc+0xd4/0xd8 [ 15.189743] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.189780] kmalloc_uaf_16+0x140/0x438 [ 15.189853] kunit_try_run_case+0x170/0x3f0 [ 15.189955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.189997] kthread+0x328/0x630 [ 15.190156] ret_from_fork+0x10/0x20 [ 15.190244] [ 15.190311] Freed by task 168: [ 15.190381] kasan_save_stack+0x3c/0x68 [ 15.190417] kasan_save_track+0x20/0x40 [ 15.190492] kasan_save_free_info+0x4c/0x78 [ 15.190595] __kasan_slab_free+0x6c/0x98 [ 15.190664] kfree+0x214/0x3c8 [ 15.190750] kmalloc_uaf_16+0x190/0x438 [ 15.190876] kunit_try_run_case+0x170/0x3f0 [ 15.190972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.191047] kthread+0x328/0x630 [ 15.191078] ret_from_fork+0x10/0x20 [ 15.191111] [ 15.191130] The buggy address belongs to the object at fff00000c5eb7c20 [ 15.191130] which belongs to the cache kmalloc-16 of size 16 [ 15.191185] The buggy address is located 0 bytes inside of [ 15.191185] freed 16-byte region [fff00000c5eb7c20, fff00000c5eb7c30) [ 15.191242] [ 15.191312] The buggy address belongs to the physical page: [ 15.191454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 15.191692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.191740] page_type: f5(slab) [ 15.191778] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.191826] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.191866] page dumped because: kasan: bad access detected [ 15.191895] [ 15.191912] Memory state around the buggy address: [ 15.191941] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 15.192105] fff00000c5eb7b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.192148] >fff00000c5eb7c00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.192197] ^ [ 15.192261] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.192314] fff00000c5eb7d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.193145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.176804] ================================================================== [ 15.176870] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.176922] Write of size 16 at addr fff00000c5eb7bc0 by task kunit_try_catch/166 [ 15.176979] [ 15.177127] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.177309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.177442] Hardware name: linux,dummy-virt (DT) [ 15.177475] Call trace: [ 15.177497] show_stack+0x20/0x38 (C) [ 15.177553] dump_stack_lvl+0x8c/0xd0 [ 15.178179] print_report+0x118/0x5d0 [ 15.178696] kasan_report+0xdc/0x128 [ 15.178745] __asan_report_store16_noabort+0x20/0x30 [ 15.178796] kmalloc_oob_16+0x3a0/0x3f8 [ 15.178839] kunit_try_run_case+0x170/0x3f0 [ 15.178918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.178971] kthread+0x328/0x630 [ 15.179073] ret_from_fork+0x10/0x20 [ 15.179120] [ 15.179138] Allocated by task 166: [ 15.179166] kasan_save_stack+0x3c/0x68 [ 15.179259] kasan_save_track+0x20/0x40 [ 15.179296] kasan_save_alloc_info+0x40/0x58 [ 15.179588] __kasan_kmalloc+0xd4/0xd8 [ 15.179630] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.179667] kmalloc_oob_16+0xb4/0x3f8 [ 15.179710] kunit_try_run_case+0x170/0x3f0 [ 15.179746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.179820] kthread+0x328/0x630 [ 15.179919] ret_from_fork+0x10/0x20 [ 15.179988] [ 15.180051] The buggy address belongs to the object at fff00000c5eb7bc0 [ 15.180051] which belongs to the cache kmalloc-16 of size 16 [ 15.180141] The buggy address is located 0 bytes inside of [ 15.180141] allocated 13-byte region [fff00000c5eb7bc0, fff00000c5eb7bcd) [ 15.180201] [ 15.180221] The buggy address belongs to the physical page: [ 15.180251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 15.180302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.180392] page_type: f5(slab) [ 15.180431] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.180492] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.180532] page dumped because: kasan: bad access detected [ 15.180563] [ 15.180609] Memory state around the buggy address: [ 15.180645] fff00000c5eb7a80: fa fb fc fc fa fb fc fc 00 01 fc fc 00 01 fc fc [ 15.180762] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 15.180881] >fff00000c5eb7b80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 15.181006] ^ [ 15.181095] fff00000c5eb7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181181] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.160144] ================================================================== [ 15.160233] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.160388] Read of size 1 at addr fff00000c5c3ca00 by task kunit_try_catch/164 [ 15.160436] [ 15.160471] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.160778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.160864] Hardware name: linux,dummy-virt (DT) [ 15.160990] Call trace: [ 15.161013] show_stack+0x20/0x38 (C) [ 15.161064] dump_stack_lvl+0x8c/0xd0 [ 15.161121] print_report+0x118/0x5d0 [ 15.161326] kasan_report+0xdc/0x128 [ 15.161372] __kasan_check_byte+0x54/0x70 [ 15.161418] krealloc_noprof+0x44/0x360 [ 15.161464] krealloc_uaf+0x180/0x520 [ 15.161507] kunit_try_run_case+0x170/0x3f0 [ 15.161553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.161613] kthread+0x328/0x630 [ 15.161655] ret_from_fork+0x10/0x20 [ 15.161711] [ 15.161730] Allocated by task 164: [ 15.161759] kasan_save_stack+0x3c/0x68 [ 15.161799] kasan_save_track+0x20/0x40 [ 15.161835] kasan_save_alloc_info+0x40/0x58 [ 15.161874] __kasan_kmalloc+0xd4/0xd8 [ 15.161909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.161947] krealloc_uaf+0xc8/0x520 [ 15.161981] kunit_try_run_case+0x170/0x3f0 [ 15.162017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.162058] kthread+0x328/0x630 [ 15.162089] ret_from_fork+0x10/0x20 [ 15.162124] [ 15.162142] Freed by task 164: [ 15.162167] kasan_save_stack+0x3c/0x68 [ 15.162213] kasan_save_track+0x20/0x40 [ 15.162249] kasan_save_free_info+0x4c/0x78 [ 15.162287] __kasan_slab_free+0x6c/0x98 [ 15.162382] kfree+0x214/0x3c8 [ 15.162423] krealloc_uaf+0x12c/0x520 [ 15.162457] kunit_try_run_case+0x170/0x3f0 [ 15.162493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.162706] kthread+0x328/0x630 [ 15.162828] ret_from_fork+0x10/0x20 [ 15.162863] [ 15.162883] The buggy address belongs to the object at fff00000c5c3ca00 [ 15.162883] which belongs to the cache kmalloc-256 of size 256 [ 15.163083] The buggy address is located 0 bytes inside of [ 15.163083] freed 256-byte region [fff00000c5c3ca00, fff00000c5c3cb00) [ 15.163327] [ 15.163348] The buggy address belongs to the physical page: [ 15.163415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.163475] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.163661] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.163721] page_type: f5(slab) [ 15.163758] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.163806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.163862] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.163909] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.164000] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.164085] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.164135] page dumped because: kasan: bad access detected [ 15.164166] [ 15.164198] Memory state around the buggy address: [ 15.164241] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164355] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164413] >fff00000c5c3ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.164457] ^ [ 15.164538] fff00000c5c3ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.164579] fff00000c5c3cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164615] ================================================================== [ 15.165149] ================================================================== [ 15.165197] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.165284] Read of size 1 at addr fff00000c5c3ca00 by task kunit_try_catch/164 [ 15.165333] [ 15.165360] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.165437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.165464] Hardware name: linux,dummy-virt (DT) [ 15.165494] Call trace: [ 15.165515] show_stack+0x20/0x38 (C) [ 15.165563] dump_stack_lvl+0x8c/0xd0 [ 15.165616] print_report+0x118/0x5d0 [ 15.165666] kasan_report+0xdc/0x128 [ 15.165729] __asan_report_load1_noabort+0x20/0x30 [ 15.165779] krealloc_uaf+0x4c8/0x520 [ 15.165833] kunit_try_run_case+0x170/0x3f0 [ 15.165879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.165931] kthread+0x328/0x630 [ 15.165971] ret_from_fork+0x10/0x20 [ 15.166139] [ 15.166158] Allocated by task 164: [ 15.166187] kasan_save_stack+0x3c/0x68 [ 15.166241] kasan_save_track+0x20/0x40 [ 15.166277] kasan_save_alloc_info+0x40/0x58 [ 15.166436] __kasan_kmalloc+0xd4/0xd8 [ 15.166472] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.166509] krealloc_uaf+0xc8/0x520 [ 15.166542] kunit_try_run_case+0x170/0x3f0 [ 15.166584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.166828] kthread+0x328/0x630 [ 15.166867] ret_from_fork+0x10/0x20 [ 15.166902] [ 15.166952] Freed by task 164: [ 15.167059] kasan_save_stack+0x3c/0x68 [ 15.167101] kasan_save_track+0x20/0x40 [ 15.167296] kasan_save_free_info+0x4c/0x78 [ 15.167421] __kasan_slab_free+0x6c/0x98 [ 15.167529] kfree+0x214/0x3c8 [ 15.167566] krealloc_uaf+0x12c/0x520 [ 15.167644] kunit_try_run_case+0x170/0x3f0 [ 15.167734] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.167776] kthread+0x328/0x630 [ 15.167813] ret_from_fork+0x10/0x20 [ 15.167874] [ 15.167892] The buggy address belongs to the object at fff00000c5c3ca00 [ 15.167892] which belongs to the cache kmalloc-256 of size 256 [ 15.167947] The buggy address is located 0 bytes inside of [ 15.167947] freed 256-byte region [fff00000c5c3ca00, fff00000c5c3cb00) [ 15.168133] [ 15.168154] The buggy address belongs to the physical page: [ 15.168194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.168245] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.168291] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.168340] page_type: f5(slab) [ 15.168377] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.168508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.168581] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.168628] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.168718] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.168767] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.168824] page dumped because: kasan: bad access detected [ 15.168854] [ 15.168886] Memory state around the buggy address: [ 15.168920] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.168962] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.169003] >fff00000c5c3ca00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.169039] ^ [ 15.169079] fff00000c5c3ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.169218] fff00000c5c3cb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.169255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.150049] ================================================================== [ 15.150093] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.150137] Write of size 1 at addr fff00000c60f60eb by task kunit_try_catch/162 [ 15.150192] [ 15.150325] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.150565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.150659] Hardware name: linux,dummy-virt (DT) [ 15.150700] Call trace: [ 15.150721] show_stack+0x20/0x38 (C) [ 15.150767] dump_stack_lvl+0x8c/0xd0 [ 15.150812] print_report+0x118/0x5d0 [ 15.150863] kasan_report+0xdc/0x128 [ 15.151073] __asan_report_store1_noabort+0x20/0x30 [ 15.151160] krealloc_less_oob_helper+0xa58/0xc50 [ 15.151383] krealloc_large_less_oob+0x20/0x38 [ 15.151605] kunit_try_run_case+0x170/0x3f0 [ 15.151715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.151766] kthread+0x328/0x630 [ 15.151806] ret_from_fork+0x10/0x20 [ 15.151852] [ 15.151871] The buggy address belongs to the physical page: [ 15.151900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.152014] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.152061] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.152122] page_type: f8(unknown) [ 15.152159] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.152206] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.152298] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.152345] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.152393] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.152440] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.152518] page dumped because: kasan: bad access detected [ 15.152548] [ 15.152577] Memory state around the buggy address: [ 15.152681] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.152735] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.152776] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.152822] ^ [ 15.152883] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.152980] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.153039] ================================================================== [ 15.136359] ================================================================== [ 15.136413] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.136464] Write of size 1 at addr fff00000c60f60c9 by task kunit_try_catch/162 [ 15.136632] [ 15.136668] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.136814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.136853] Hardware name: linux,dummy-virt (DT) [ 15.136882] Call trace: [ 15.136911] show_stack+0x20/0x38 (C) [ 15.136961] dump_stack_lvl+0x8c/0xd0 [ 15.137006] print_report+0x118/0x5d0 [ 15.137051] kasan_report+0xdc/0x128 [ 15.137095] __asan_report_store1_noabort+0x20/0x30 [ 15.137145] krealloc_less_oob_helper+0xa48/0xc50 [ 15.137192] krealloc_large_less_oob+0x20/0x38 [ 15.137238] kunit_try_run_case+0x170/0x3f0 [ 15.137284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.137336] kthread+0x328/0x630 [ 15.137377] ret_from_fork+0x10/0x20 [ 15.137423] [ 15.137443] The buggy address belongs to the physical page: [ 15.137482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.137535] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.137581] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.137637] page_type: f8(unknown) [ 15.137979] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.138222] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.138273] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.138320] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.138367] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.138420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.138597] page dumped because: kasan: bad access detected [ 15.138967] [ 15.139092] Memory state around the buggy address: [ 15.139142] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.139185] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.139281] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.139318] ^ [ 15.139353] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.139491] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.139540] ================================================================== [ 15.146554] ================================================================== [ 15.146600] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.146647] Write of size 1 at addr fff00000c60f60ea by task kunit_try_catch/162 [ 15.146707] [ 15.146733] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.146811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.146836] Hardware name: linux,dummy-virt (DT) [ 15.146875] Call trace: [ 15.146897] show_stack+0x20/0x38 (C) [ 15.146944] dump_stack_lvl+0x8c/0xd0 [ 15.147100] print_report+0x118/0x5d0 [ 15.147194] kasan_report+0xdc/0x128 [ 15.147246] __asan_report_store1_noabort+0x20/0x30 [ 15.147414] krealloc_less_oob_helper+0xae4/0xc50 [ 15.147470] krealloc_large_less_oob+0x20/0x38 [ 15.147620] kunit_try_run_case+0x170/0x3f0 [ 15.147666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.147724] kthread+0x328/0x630 [ 15.147784] ret_from_fork+0x10/0x20 [ 15.147875] [ 15.147894] The buggy address belongs to the physical page: [ 15.147934] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.147986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.148116] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.148327] page_type: f8(unknown) [ 15.148485] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.148534] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.148775] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.148836] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.148883] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.148930] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.148969] page dumped because: kasan: bad access detected [ 15.149000] [ 15.149017] Memory state around the buggy address: [ 15.149046] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.149120] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.149161] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.149197] ^ [ 15.149234] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.149466] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.149518] ================================================================== [ 15.097729] ================================================================== [ 15.098161] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.098228] Write of size 1 at addr fff00000c5c3c8d0 by task kunit_try_catch/158 [ 15.098365] [ 15.098395] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.098623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.098679] Hardware name: linux,dummy-virt (DT) [ 15.098812] Call trace: [ 15.098851] show_stack+0x20/0x38 (C) [ 15.098899] dump_stack_lvl+0x8c/0xd0 [ 15.098944] print_report+0x118/0x5d0 [ 15.098995] kasan_report+0xdc/0x128 [ 15.099106] __asan_report_store1_noabort+0x20/0x30 [ 15.099273] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.099321] krealloc_less_oob+0x20/0x38 [ 15.099366] kunit_try_run_case+0x170/0x3f0 [ 15.099411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.099463] kthread+0x328/0x630 [ 15.099503] ret_from_fork+0x10/0x20 [ 15.099549] [ 15.099574] Allocated by task 158: [ 15.099699] kasan_save_stack+0x3c/0x68 [ 15.099738] kasan_save_track+0x20/0x40 [ 15.099774] kasan_save_alloc_info+0x40/0x58 [ 15.099811] __kasan_krealloc+0x118/0x178 [ 15.099915] krealloc_noprof+0x128/0x360 [ 15.100006] krealloc_less_oob_helper+0x168/0xc50 [ 15.100045] krealloc_less_oob+0x20/0x38 [ 15.100091] kunit_try_run_case+0x170/0x3f0 [ 15.100126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.100167] kthread+0x328/0x630 [ 15.100198] ret_from_fork+0x10/0x20 [ 15.100256] [ 15.100275] The buggy address belongs to the object at fff00000c5c3c800 [ 15.100275] which belongs to the cache kmalloc-256 of size 256 [ 15.100374] The buggy address is located 7 bytes to the right of [ 15.100374] allocated 201-byte region [fff00000c5c3c800, fff00000c5c3c8c9) [ 15.100466] [ 15.100484] The buggy address belongs to the physical page: [ 15.100576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.100659] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.100757] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.100812] page_type: f5(slab) [ 15.100848] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.100911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.100960] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.101008] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.101055] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.101199] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.101240] page dumped because: kasan: bad access detected [ 15.101282] [ 15.101299] Memory state around the buggy address: [ 15.101328] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.101435] fff00000c5c3c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.101526] >fff00000c5c3c880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.101676] ^ [ 15.101729] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.101808] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.101892] ================================================================== [ 15.102474] ================================================================== [ 15.102548] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.102594] Write of size 1 at addr fff00000c5c3c8da by task kunit_try_catch/158 [ 15.102641] [ 15.102668] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.102979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.103059] Hardware name: linux,dummy-virt (DT) [ 15.103142] Call trace: [ 15.103224] show_stack+0x20/0x38 (C) [ 15.103274] dump_stack_lvl+0x8c/0xd0 [ 15.103325] print_report+0x118/0x5d0 [ 15.103447] kasan_report+0xdc/0x128 [ 15.103534] __asan_report_store1_noabort+0x20/0x30 [ 15.103783] krealloc_less_oob_helper+0xa80/0xc50 [ 15.103883] krealloc_less_oob+0x20/0x38 [ 15.103928] kunit_try_run_case+0x170/0x3f0 [ 15.103973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.104126] kthread+0x328/0x630 [ 15.104187] ret_from_fork+0x10/0x20 [ 15.104233] [ 15.104251] Allocated by task 158: [ 15.104295] kasan_save_stack+0x3c/0x68 [ 15.104453] kasan_save_track+0x20/0x40 [ 15.104490] kasan_save_alloc_info+0x40/0x58 [ 15.104528] __kasan_krealloc+0x118/0x178 [ 15.104564] krealloc_noprof+0x128/0x360 [ 15.104600] krealloc_less_oob_helper+0x168/0xc50 [ 15.104647] krealloc_less_oob+0x20/0x38 [ 15.104681] kunit_try_run_case+0x170/0x3f0 [ 15.104726] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.104767] kthread+0x328/0x630 [ 15.104798] ret_from_fork+0x10/0x20 [ 15.105157] [ 15.105203] The buggy address belongs to the object at fff00000c5c3c800 [ 15.105203] which belongs to the cache kmalloc-256 of size 256 [ 15.105259] The buggy address is located 17 bytes to the right of [ 15.105259] allocated 201-byte region [fff00000c5c3c800, fff00000c5c3c8c9) [ 15.105321] [ 15.105339] The buggy address belongs to the physical page: [ 15.105378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.105522] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.105566] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.105621] page_type: f5(slab) [ 15.105706] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.105758] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.105891] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.106005] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.106053] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.106102] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.106189] page dumped because: kasan: bad access detected [ 15.106222] [ 15.106240] Memory state around the buggy address: [ 15.106276] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106378] fff00000c5c3c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.106424] >fff00000c5c3c880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.106612] ^ [ 15.106649] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106751] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.106795] ================================================================== [ 15.139590] ================================================================== [ 15.139623] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.139733] Write of size 1 at addr fff00000c60f60d0 by task kunit_try_catch/162 [ 15.139969] [ 15.140080] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.140191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.140217] Hardware name: linux,dummy-virt (DT) [ 15.140246] Call trace: [ 15.140266] show_stack+0x20/0x38 (C) [ 15.140314] dump_stack_lvl+0x8c/0xd0 [ 15.140368] print_report+0x118/0x5d0 [ 15.140413] kasan_report+0xdc/0x128 [ 15.140456] __asan_report_store1_noabort+0x20/0x30 [ 15.140506] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.140648] krealloc_large_less_oob+0x20/0x38 [ 15.140716] kunit_try_run_case+0x170/0x3f0 [ 15.140762] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.140876] kthread+0x328/0x630 [ 15.140917] ret_from_fork+0x10/0x20 [ 15.140977] [ 15.140995] The buggy address belongs to the physical page: [ 15.141024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.141073] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.141160] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.141271] page_type: f8(unknown) [ 15.141316] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.141364] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.141426] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.141507] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.141648] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.141757] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.141824] page dumped because: kasan: bad access detected [ 15.141886] [ 15.141926] Memory state around the buggy address: [ 15.142038] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.142108] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.142149] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.142245] ^ [ 15.142280] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.142322] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.142660] ================================================================== [ 15.143163] ================================================================== [ 15.143207] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.143253] Write of size 1 at addr fff00000c60f60da by task kunit_try_catch/162 [ 15.143300] [ 15.143327] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.143403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.143429] Hardware name: linux,dummy-virt (DT) [ 15.143479] Call trace: [ 15.143585] show_stack+0x20/0x38 (C) [ 15.143631] dump_stack_lvl+0x8c/0xd0 [ 15.143676] print_report+0x118/0x5d0 [ 15.143732] kasan_report+0xdc/0x128 [ 15.143777] __asan_report_store1_noabort+0x20/0x30 [ 15.144131] krealloc_less_oob_helper+0xa80/0xc50 [ 15.144182] krealloc_large_less_oob+0x20/0x38 [ 15.144228] kunit_try_run_case+0x170/0x3f0 [ 15.144273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.144324] kthread+0x328/0x630 [ 15.144365] ret_from_fork+0x10/0x20 [ 15.144410] [ 15.144429] The buggy address belongs to the physical page: [ 15.144458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.144507] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.144551] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.144600] page_type: f8(unknown) [ 15.144636] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.144696] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.144755] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.144802] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.144850] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.145137] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.145336] page dumped because: kasan: bad access detected [ 15.145467] [ 15.145485] Memory state around the buggy address: [ 15.145516] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.145697] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.145739] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.145776] ^ [ 15.145811] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.145853] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.145891] ================================================================== [ 15.107745] ================================================================== [ 15.107931] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.107978] Write of size 1 at addr fff00000c5c3c8ea by task kunit_try_catch/158 [ 15.108167] [ 15.108195] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.108272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.108297] Hardware name: linux,dummy-virt (DT) [ 15.108326] Call trace: [ 15.108444] show_stack+0x20/0x38 (C) [ 15.108695] dump_stack_lvl+0x8c/0xd0 [ 15.108741] print_report+0x118/0x5d0 [ 15.108786] kasan_report+0xdc/0x128 [ 15.108830] __asan_report_store1_noabort+0x20/0x30 [ 15.108882] krealloc_less_oob_helper+0xae4/0xc50 [ 15.108974] krealloc_less_oob+0x20/0x38 [ 15.109020] kunit_try_run_case+0x170/0x3f0 [ 15.109067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.109118] kthread+0x328/0x630 [ 15.109208] ret_from_fork+0x10/0x20 [ 15.109268] [ 15.109285] Allocated by task 158: [ 15.109356] kasan_save_stack+0x3c/0x68 [ 15.109415] kasan_save_track+0x20/0x40 [ 15.109551] kasan_save_alloc_info+0x40/0x58 [ 15.109616] __kasan_krealloc+0x118/0x178 [ 15.109652] krealloc_noprof+0x128/0x360 [ 15.109702] krealloc_less_oob_helper+0x168/0xc50 [ 15.109740] krealloc_less_oob+0x20/0x38 [ 15.109775] kunit_try_run_case+0x170/0x3f0 [ 15.109810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.109852] kthread+0x328/0x630 [ 15.109883] ret_from_fork+0x10/0x20 [ 15.109917] [ 15.109935] The buggy address belongs to the object at fff00000c5c3c800 [ 15.109935] which belongs to the cache kmalloc-256 of size 256 [ 15.109988] The buggy address is located 33 bytes to the right of [ 15.109988] allocated 201-byte region [fff00000c5c3c800, fff00000c5c3c8c9) [ 15.110358] [ 15.110386] The buggy address belongs to the physical page: [ 15.110534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.110614] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.110764] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.110942] page_type: f5(slab) [ 15.110985] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.111033] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.111081] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.111138] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.111186] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.111287] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.111328] page dumped because: kasan: bad access detected [ 15.111487] [ 15.111504] Memory state around the buggy address: [ 15.111534] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111576] fff00000c5c3c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.111715] >fff00000c5c3c880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.111877] ^ [ 15.111926] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111968] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112005] ================================================================== [ 15.093136] ================================================================== [ 15.093209] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.093262] Write of size 1 at addr fff00000c5c3c8c9 by task kunit_try_catch/158 [ 15.093311] [ 15.093341] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.093419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.093445] Hardware name: linux,dummy-virt (DT) [ 15.093475] Call trace: [ 15.093498] show_stack+0x20/0x38 (C) [ 15.093584] dump_stack_lvl+0x8c/0xd0 [ 15.093639] print_report+0x118/0x5d0 [ 15.093694] kasan_report+0xdc/0x128 [ 15.093739] __asan_report_store1_noabort+0x20/0x30 [ 15.093799] krealloc_less_oob_helper+0xa48/0xc50 [ 15.093846] krealloc_less_oob+0x20/0x38 [ 15.093944] kunit_try_run_case+0x170/0x3f0 [ 15.094004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.094056] kthread+0x328/0x630 [ 15.094124] ret_from_fork+0x10/0x20 [ 15.094173] [ 15.094242] Allocated by task 158: [ 15.094271] kasan_save_stack+0x3c/0x68 [ 15.094311] kasan_save_track+0x20/0x40 [ 15.094420] kasan_save_alloc_info+0x40/0x58 [ 15.094465] __kasan_krealloc+0x118/0x178 [ 15.094501] krealloc_noprof+0x128/0x360 [ 15.094792] krealloc_less_oob_helper+0x168/0xc50 [ 15.094857] krealloc_less_oob+0x20/0x38 [ 15.094903] kunit_try_run_case+0x170/0x3f0 [ 15.094960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.095001] kthread+0x328/0x630 [ 15.095032] ret_from_fork+0x10/0x20 [ 15.095075] [ 15.095123] The buggy address belongs to the object at fff00000c5c3c800 [ 15.095123] which belongs to the cache kmalloc-256 of size 256 [ 15.095212] The buggy address is located 0 bytes to the right of [ 15.095212] allocated 201-byte region [fff00000c5c3c800, fff00000c5c3c8c9) [ 15.095458] [ 15.095782] The buggy address belongs to the physical page: [ 15.095815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.095878] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.095944] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.095995] page_type: f5(slab) [ 15.096065] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.096333] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.096389] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.096437] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.096485] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.096535] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.096583] page dumped because: kasan: bad access detected [ 15.096613] [ 15.096631] Memory state around the buggy address: [ 15.096660] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.096823] fff00000c5c3c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.096871] >fff00000c5c3c880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.096908] ^ [ 15.096972] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.097105] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.097142] ================================================================== [ 15.112549] ================================================================== [ 15.112698] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.112831] Write of size 1 at addr fff00000c5c3c8eb by task kunit_try_catch/158 [ 15.112953] [ 15.112982] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.113060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.113123] Hardware name: linux,dummy-virt (DT) [ 15.113153] Call trace: [ 15.113174] show_stack+0x20/0x38 (C) [ 15.113220] dump_stack_lvl+0x8c/0xd0 [ 15.113276] print_report+0x118/0x5d0 [ 15.113322] kasan_report+0xdc/0x128 [ 15.113366] __asan_report_store1_noabort+0x20/0x30 [ 15.113488] krealloc_less_oob_helper+0xa58/0xc50 [ 15.113541] krealloc_less_oob+0x20/0x38 [ 15.113604] kunit_try_run_case+0x170/0x3f0 [ 15.113678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.113738] kthread+0x328/0x630 [ 15.113779] ret_from_fork+0x10/0x20 [ 15.113825] [ 15.113842] Allocated by task 158: [ 15.113870] kasan_save_stack+0x3c/0x68 [ 15.113908] kasan_save_track+0x20/0x40 [ 15.113943] kasan_save_alloc_info+0x40/0x58 [ 15.113989] __kasan_krealloc+0x118/0x178 [ 15.114166] krealloc_noprof+0x128/0x360 [ 15.114335] krealloc_less_oob_helper+0x168/0xc50 [ 15.114513] krealloc_less_oob+0x20/0x38 [ 15.114548] kunit_try_run_case+0x170/0x3f0 [ 15.114680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.115075] kthread+0x328/0x630 [ 15.115176] ret_from_fork+0x10/0x20 [ 15.115320] [ 15.115340] The buggy address belongs to the object at fff00000c5c3c800 [ 15.115340] which belongs to the cache kmalloc-256 of size 256 [ 15.115400] The buggy address is located 34 bytes to the right of [ 15.115400] allocated 201-byte region [fff00000c5c3c800, fff00000c5c3c8c9) [ 15.115512] [ 15.115530] The buggy address belongs to the physical page: [ 15.115559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.115628] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.115673] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.115796] page_type: f5(slab) [ 15.115832] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.115901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.116058] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.116106] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.116153] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.116234] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.116303] page dumped because: kasan: bad access detected [ 15.116332] [ 15.116350] Memory state around the buggy address: [ 15.116398] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116439] fff00000c5c3c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.116513] >fff00000c5c3c880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.116550] ^ [ 15.116587] fff00000c5c3c900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116667] fff00000c5c3c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.116723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.126083] ================================================================== [ 15.126213] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.126307] Write of size 1 at addr fff00000c60f60f0 by task kunit_try_catch/160 [ 15.126371] [ 15.126500] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.127305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.127339] Hardware name: linux,dummy-virt (DT) [ 15.127368] Call trace: [ 15.127395] show_stack+0x20/0x38 (C) [ 15.127500] dump_stack_lvl+0x8c/0xd0 [ 15.127597] print_report+0x118/0x5d0 [ 15.127659] kasan_report+0xdc/0x128 [ 15.127713] __asan_report_store1_noabort+0x20/0x30 [ 15.127763] krealloc_more_oob_helper+0x5c0/0x678 [ 15.127903] krealloc_large_more_oob+0x20/0x38 [ 15.127962] kunit_try_run_case+0x170/0x3f0 [ 15.128045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.128097] kthread+0x328/0x630 [ 15.128138] ret_from_fork+0x10/0x20 [ 15.128196] [ 15.128268] The buggy address belongs to the physical page: [ 15.128322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.128373] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.128417] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.128466] page_type: f8(unknown) [ 15.128554] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.128615] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.128664] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.128755] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.128936] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.129064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.129130] page dumped because: kasan: bad access detected [ 15.129164] [ 15.129181] Memory state around the buggy address: [ 15.129211] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.129251] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.129292] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.129330] ^ [ 15.129509] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.129586] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.129775] ================================================================== [ 15.122385] ================================================================== [ 15.122438] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.122488] Write of size 1 at addr fff00000c60f60eb by task kunit_try_catch/160 [ 15.122536] [ 15.122566] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.122653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.122768] Hardware name: linux,dummy-virt (DT) [ 15.122799] Call trace: [ 15.122877] show_stack+0x20/0x38 (C) [ 15.123114] dump_stack_lvl+0x8c/0xd0 [ 15.123167] print_report+0x118/0x5d0 [ 15.123221] kasan_report+0xdc/0x128 [ 15.123404] __asan_report_store1_noabort+0x20/0x30 [ 15.123489] krealloc_more_oob_helper+0x60c/0x678 [ 15.123581] krealloc_large_more_oob+0x20/0x38 [ 15.124215] kunit_try_run_case+0x170/0x3f0 [ 15.124298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.124426] kthread+0x328/0x630 [ 15.124489] ret_from_fork+0x10/0x20 [ 15.124616] [ 15.124674] The buggy address belongs to the physical page: [ 15.124715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4 [ 15.124766] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.124831] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.124923] page_type: f8(unknown) [ 15.124961] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.125022] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.125071] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.125130] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.125178] head: 0bfffe0000000002 ffffc1ffc3183d01 00000000ffffffff 00000000ffffffff [ 15.125224] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.125282] page dumped because: kasan: bad access detected [ 15.125321] [ 15.125393] Memory state around the buggy address: [ 15.125423] fff00000c60f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.125486] fff00000c60f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.125563] >fff00000c60f6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.125747] ^ [ 15.125784] fff00000c60f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.125826] fff00000c60f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.125862] ================================================================== [ 15.075311] ================================================================== [ 15.075365] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.075466] Write of size 1 at addr fff00000c5c3c6eb by task kunit_try_catch/156 [ 15.075516] [ 15.075546] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.075635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.075741] Hardware name: linux,dummy-virt (DT) [ 15.075772] Call trace: [ 15.075794] show_stack+0x20/0x38 (C) [ 15.075850] dump_stack_lvl+0x8c/0xd0 [ 15.075904] print_report+0x118/0x5d0 [ 15.075997] kasan_report+0xdc/0x128 [ 15.076045] __asan_report_store1_noabort+0x20/0x30 [ 15.076131] krealloc_more_oob_helper+0x60c/0x678 [ 15.076294] krealloc_more_oob+0x20/0x38 [ 15.076372] kunit_try_run_case+0x170/0x3f0 [ 15.076420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.076602] kthread+0x328/0x630 [ 15.076647] ret_from_fork+0x10/0x20 [ 15.076722] [ 15.076740] Allocated by task 156: [ 15.076770] kasan_save_stack+0x3c/0x68 [ 15.076835] kasan_save_track+0x20/0x40 [ 15.076871] kasan_save_alloc_info+0x40/0x58 [ 15.076929] __kasan_krealloc+0x118/0x178 [ 15.076994] krealloc_noprof+0x128/0x360 [ 15.077126] krealloc_more_oob_helper+0x168/0x678 [ 15.077163] krealloc_more_oob+0x20/0x38 [ 15.077198] kunit_try_run_case+0x170/0x3f0 [ 15.077234] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.077313] kthread+0x328/0x630 [ 15.077362] ret_from_fork+0x10/0x20 [ 15.077408] [ 15.077428] The buggy address belongs to the object at fff00000c5c3c600 [ 15.077428] which belongs to the cache kmalloc-256 of size 256 [ 15.077584] The buggy address is located 0 bytes to the right of [ 15.077584] allocated 235-byte region [fff00000c5c3c600, fff00000c5c3c6eb) [ 15.077652] [ 15.077680] The buggy address belongs to the physical page: [ 15.077766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.077826] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.078233] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.078334] page_type: f5(slab) [ 15.078406] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.078473] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.078522] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.078570] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.078712] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.078763] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.078802] page dumped because: kasan: bad access detected [ 15.078848] [ 15.078866] Memory state around the buggy address: [ 15.078992] fff00000c5c3c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.079164] fff00000c5c3c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.079206] >fff00000c5c3c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.079249] ^ [ 15.079287] fff00000c5c3c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.079447] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.079485] ================================================================== [ 15.081365] ================================================================== [ 15.081413] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.081459] Write of size 1 at addr fff00000c5c3c6f0 by task kunit_try_catch/156 [ 15.081506] [ 15.081533] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.081619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.082090] Hardware name: linux,dummy-virt (DT) [ 15.082135] Call trace: [ 15.082157] show_stack+0x20/0x38 (C) [ 15.082217] dump_stack_lvl+0x8c/0xd0 [ 15.082349] print_report+0x118/0x5d0 [ 15.082395] kasan_report+0xdc/0x128 [ 15.082549] __asan_report_store1_noabort+0x20/0x30 [ 15.082668] krealloc_more_oob_helper+0x5c0/0x678 [ 15.082725] krealloc_more_oob+0x20/0x38 [ 15.082769] kunit_try_run_case+0x170/0x3f0 [ 15.082814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.082866] kthread+0x328/0x630 [ 15.082908] ret_from_fork+0x10/0x20 [ 15.082954] [ 15.082978] Allocated by task 156: [ 15.083113] kasan_save_stack+0x3c/0x68 [ 15.083158] kasan_save_track+0x20/0x40 [ 15.083305] kasan_save_alloc_info+0x40/0x58 [ 15.083481] __kasan_krealloc+0x118/0x178 [ 15.083523] krealloc_noprof+0x128/0x360 [ 15.083652] krealloc_more_oob_helper+0x168/0x678 [ 15.084449] krealloc_more_oob+0x20/0x38 [ 15.084519] kunit_try_run_case+0x170/0x3f0 [ 15.084568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.084610] kthread+0x328/0x630 [ 15.084657] ret_from_fork+0x10/0x20 [ 15.084702] [ 15.084721] The buggy address belongs to the object at fff00000c5c3c600 [ 15.084721] which belongs to the cache kmalloc-256 of size 256 [ 15.084775] The buggy address is located 5 bytes to the right of [ 15.084775] allocated 235-byte region [fff00000c5c3c600, fff00000c5c3c6eb) [ 15.084928] [ 15.084987] The buggy address belongs to the physical page: [ 15.085022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105c3c [ 15.085148] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.085194] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.085243] page_type: f5(slab) [ 15.085278] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.085422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.085485] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.085737] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.085790] head: 0bfffe0000000001 ffffc1ffc3170f01 00000000ffffffff 00000000ffffffff [ 15.085837] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.085876] page dumped because: kasan: bad access detected [ 15.085905] [ 15.085925] Memory state around the buggy address: [ 15.085955] fff00000c5c3c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085995] fff00000c5c3c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.086037] >fff00000c5c3c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.086074] ^ [ 15.086111] fff00000c5c3c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086152] fff00000c5c3c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.086198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.063556] ================================================================== [ 15.063611] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.063663] Read of size 1 at addr fff00000c7810000 by task kunit_try_catch/154 [ 15.063723] [ 15.063804] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.063969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.064060] Hardware name: linux,dummy-virt (DT) [ 15.064097] Call trace: [ 15.064291] show_stack+0x20/0x38 (C) [ 15.064406] dump_stack_lvl+0x8c/0xd0 [ 15.064500] print_report+0x118/0x5d0 [ 15.064555] kasan_report+0xdc/0x128 [ 15.064674] __asan_report_load1_noabort+0x20/0x30 [ 15.064733] page_alloc_uaf+0x328/0x350 [ 15.064778] kunit_try_run_case+0x170/0x3f0 [ 15.064954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.065062] kthread+0x328/0x630 [ 15.065105] ret_from_fork+0x10/0x20 [ 15.065167] [ 15.065211] The buggy address belongs to the physical page: [ 15.065257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107810 [ 15.065377] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.065470] page_type: f0(buddy) [ 15.065548] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 15.065701] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.065768] page dumped because: kasan: bad access detected [ 15.065843] [ 15.065861] Memory state around the buggy address: [ 15.065898] fff00000c780ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.065954] fff00000c780ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.065995] >fff00000c7810000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.066075] ^ [ 15.066176] fff00000c7810080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.066219] fff00000c7810100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.066255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.049226] ================================================================== [ 15.049309] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.049370] Free of addr fff00000c60f0001 by task kunit_try_catch/150 [ 15.049413] [ 15.049443] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.049523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.049563] Hardware name: linux,dummy-virt (DT) [ 15.049599] Call trace: [ 15.049622] show_stack+0x20/0x38 (C) [ 15.050058] dump_stack_lvl+0x8c/0xd0 [ 15.050113] print_report+0x118/0x5d0 [ 15.050165] kasan_report_invalid_free+0xc0/0xe8 [ 15.050236] __kasan_kfree_large+0x5c/0xa8 [ 15.050281] free_large_kmalloc+0x64/0x190 [ 15.050431] kfree+0x270/0x3c8 [ 15.050595] kmalloc_large_invalid_free+0x108/0x270 [ 15.050649] kunit_try_run_case+0x170/0x3f0 [ 15.050720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.050794] kthread+0x328/0x630 [ 15.051012] ret_from_fork+0x10/0x20 [ 15.051126] [ 15.051148] The buggy address belongs to the physical page: [ 15.051178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f0 [ 15.051230] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.051274] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.051324] page_type: f8(unknown) [ 15.051378] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.051498] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.051547] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.051594] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.051800] head: 0bfffe0000000002 ffffc1ffc3183c01 00000000ffffffff 00000000ffffffff [ 15.051852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.051990] page dumped because: kasan: bad access detected [ 15.052021] [ 15.052038] Memory state around the buggy address: [ 15.052078] fff00000c60eff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052201] fff00000c60eff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052243] >fff00000c60f0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.052280] ^ [ 15.052307] fff00000c60f0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.052400] fff00000c60f0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.052464] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.038353] ================================================================== [ 15.038451] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.038669] Read of size 1 at addr fff00000c60f0000 by task kunit_try_catch/148 [ 15.038729] [ 15.038758] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.038849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038875] Hardware name: linux,dummy-virt (DT) [ 15.038904] Call trace: [ 15.038926] show_stack+0x20/0x38 (C) [ 15.039029] dump_stack_lvl+0x8c/0xd0 [ 15.039127] print_report+0x118/0x5d0 [ 15.039286] kasan_report+0xdc/0x128 [ 15.039425] __asan_report_load1_noabort+0x20/0x30 [ 15.039475] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.039519] kunit_try_run_case+0x170/0x3f0 [ 15.039602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.039671] kthread+0x328/0x630 [ 15.039830] ret_from_fork+0x10/0x20 [ 15.039894] [ 15.039974] The buggy address belongs to the physical page: [ 15.040025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f0 [ 15.040076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.040184] raw: 0bfffe0000000000 ffffc1ffc3183d08 fff00000da478c40 0000000000000000 [ 15.040245] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.040347] page dumped because: kasan: bad access detected [ 15.040377] [ 15.040395] Memory state around the buggy address: [ 15.040426] fff00000c60eff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040466] fff00000c60eff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040507] >fff00000c60f0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.040543] ^ [ 15.040586] fff00000c60f0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.040774] fff00000c60f0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.040850] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.016277] ================================================================== [ 15.016336] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.016385] Write of size 1 at addr fff00000c6115f00 by task kunit_try_catch/144 [ 15.016432] [ 15.016463] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.016678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.016739] Hardware name: linux,dummy-virt (DT) [ 15.016903] Call trace: [ 15.016933] show_stack+0x20/0x38 (C) [ 15.016981] dump_stack_lvl+0x8c/0xd0 [ 15.017027] print_report+0x118/0x5d0 [ 15.017072] kasan_report+0xdc/0x128 [ 15.017116] __asan_report_store1_noabort+0x20/0x30 [ 15.017223] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.017284] kunit_try_run_case+0x170/0x3f0 [ 15.017332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.017382] kthread+0x328/0x630 [ 15.017423] ret_from_fork+0x10/0x20 [ 15.017491] [ 15.017510] Allocated by task 144: [ 15.017537] kasan_save_stack+0x3c/0x68 [ 15.017584] kasan_save_track+0x20/0x40 [ 15.017659] kasan_save_alloc_info+0x40/0x58 [ 15.017819] __kasan_kmalloc+0xd4/0xd8 [ 15.017865] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.017903] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.017939] kunit_try_run_case+0x170/0x3f0 [ 15.017975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.018016] kthread+0x328/0x630 [ 15.018055] ret_from_fork+0x10/0x20 [ 15.018092] [ 15.018111] The buggy address belongs to the object at fff00000c6114000 [ 15.018111] which belongs to the cache kmalloc-8k of size 8192 [ 15.018193] The buggy address is located 0 bytes to the right of [ 15.018193] allocated 7936-byte region [fff00000c6114000, fff00000c6115f00) [ 15.018450] [ 15.018470] The buggy address belongs to the physical page: [ 15.018514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106110 [ 15.018605] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.018744] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.018797] page_type: f5(slab) [ 15.018834] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.018882] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.018931] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.018978] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.019036] head: 0bfffe0000000003 ffffc1ffc3184401 00000000ffffffff 00000000ffffffff [ 15.019085] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.019123] page dumped because: kasan: bad access detected [ 15.019214] [ 15.019236] Memory state around the buggy address: [ 15.019279] fff00000c6115e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.019321] fff00000c6115e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.019362] >fff00000c6115f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.019398] ^ [ 15.019425] fff00000c6115f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.019579] fff00000c6116000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.019870] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.006047] ================================================================== [ 15.006113] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.006162] Write of size 1 at addr fff00000c6417678 by task kunit_try_catch/142 [ 15.006209] [ 15.006238] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.006446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.006566] Hardware name: linux,dummy-virt (DT) [ 15.006616] Call trace: [ 15.006672] show_stack+0x20/0x38 (C) [ 15.006769] dump_stack_lvl+0x8c/0xd0 [ 15.006850] print_report+0x118/0x5d0 [ 15.006897] kasan_report+0xdc/0x128 [ 15.006942] __asan_report_store1_noabort+0x20/0x30 [ 15.006997] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.007088] kunit_try_run_case+0x170/0x3f0 [ 15.007154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.007206] kthread+0x328/0x630 [ 15.007247] ret_from_fork+0x10/0x20 [ 15.007369] [ 15.007415] Allocated by task 142: [ 15.007531] kasan_save_stack+0x3c/0x68 [ 15.007660] kasan_save_track+0x20/0x40 [ 15.007785] kasan_save_alloc_info+0x40/0x58 [ 15.007854] __kasan_kmalloc+0xd4/0xd8 [ 15.007925] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.007968] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.008151] kunit_try_run_case+0x170/0x3f0 [ 15.008196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.008238] kthread+0x328/0x630 [ 15.008413] ret_from_fork+0x10/0x20 [ 15.008493] [ 15.008579] The buggy address belongs to the object at fff00000c6417600 [ 15.008579] which belongs to the cache kmalloc-128 of size 128 [ 15.008701] The buggy address is located 0 bytes to the right of [ 15.008701] allocated 120-byte region [fff00000c6417600, fff00000c6417678) [ 15.008775] [ 15.008794] The buggy address belongs to the physical page: [ 15.008823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.008874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.008920] page_type: f5(slab) [ 15.008956] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.009067] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.009133] page dumped because: kasan: bad access detected [ 15.009260] [ 15.009278] Memory state around the buggy address: [ 15.009347] fff00000c6417500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.009390] fff00000c6417580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009431] >fff00000c6417600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.009467] ^ [ 15.009562] fff00000c6417680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009616] fff00000c6417700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009792] ================================================================== [ 15.000906] ================================================================== [ 15.000982] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.001078] Write of size 1 at addr fff00000c6417578 by task kunit_try_catch/142 [ 15.001126] [ 15.001155] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.001252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.001409] Hardware name: linux,dummy-virt (DT) [ 15.001444] Call trace: [ 15.001479] show_stack+0x20/0x38 (C) [ 15.001534] dump_stack_lvl+0x8c/0xd0 [ 15.001704] print_report+0x118/0x5d0 [ 15.001771] kasan_report+0xdc/0x128 [ 15.001817] __asan_report_store1_noabort+0x20/0x30 [ 15.001868] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.001918] kunit_try_run_case+0x170/0x3f0 [ 15.002108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.002234] kthread+0x328/0x630 [ 15.002313] ret_from_fork+0x10/0x20 [ 15.002389] [ 15.002427] Allocated by task 142: [ 15.002474] kasan_save_stack+0x3c/0x68 [ 15.002520] kasan_save_track+0x20/0x40 [ 15.002590] kasan_save_alloc_info+0x40/0x58 [ 15.002629] __kasan_kmalloc+0xd4/0xd8 [ 15.002778] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.002872] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.002987] kunit_try_run_case+0x170/0x3f0 [ 15.003055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.003104] kthread+0x328/0x630 [ 15.003137] ret_from_fork+0x10/0x20 [ 15.003188] [ 15.003237] The buggy address belongs to the object at fff00000c6417500 [ 15.003237] which belongs to the cache kmalloc-128 of size 128 [ 15.003308] The buggy address is located 0 bytes to the right of [ 15.003308] allocated 120-byte region [fff00000c6417500, fff00000c6417578) [ 15.003371] [ 15.003392] The buggy address belongs to the physical page: [ 15.003421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 15.003600] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.003695] page_type: f5(slab) [ 15.003734] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.003824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.003935] page dumped because: kasan: bad access detected [ 15.004056] [ 15.004135] Memory state around the buggy address: [ 15.004236] fff00000c6417400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.004280] fff00000c6417480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004322] >fff00000c6417500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.004510] ^ [ 15.004558] fff00000c6417580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004600] fff00000c6417600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004637] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 14.985561] ================================================================== [ 14.985634] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 14.985698] Read of size 1 at addr fff00000c610f000 by task kunit_try_catch/140 [ 14.985784] [ 14.985853] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.985939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.985966] Hardware name: linux,dummy-virt (DT) [ 14.985995] Call trace: [ 14.986017] show_stack+0x20/0x38 (C) [ 14.986065] dump_stack_lvl+0x8c/0xd0 [ 14.986112] print_report+0x118/0x5d0 [ 14.986158] kasan_report+0xdc/0x128 [ 14.986203] __asan_report_load1_noabort+0x20/0x30 [ 14.986254] kmalloc_node_oob_right+0x2f4/0x330 [ 14.986306] kunit_try_run_case+0x170/0x3f0 [ 14.986363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.986415] kthread+0x328/0x630 [ 14.986457] ret_from_fork+0x10/0x20 [ 14.986504] [ 14.986521] Allocated by task 140: [ 14.986549] kasan_save_stack+0x3c/0x68 [ 14.986587] kasan_save_track+0x20/0x40 [ 14.986634] kasan_save_alloc_info+0x40/0x58 [ 14.986681] __kasan_kmalloc+0xd4/0xd8 [ 14.986867] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 14.986910] kmalloc_node_oob_right+0xbc/0x330 [ 14.987135] kunit_try_run_case+0x170/0x3f0 [ 14.987324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.987456] kthread+0x328/0x630 [ 14.987489] ret_from_fork+0x10/0x20 [ 14.987523] [ 14.987559] The buggy address belongs to the object at fff00000c610e000 [ 14.987559] which belongs to the cache kmalloc-4k of size 4096 [ 14.987644] The buggy address is located 0 bytes to the right of [ 14.987644] allocated 4096-byte region [fff00000c610e000, fff00000c610f000) [ 14.987716] [ 14.987736] The buggy address belongs to the physical page: [ 14.987828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106108 [ 14.988073] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.988127] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 14.988241] page_type: f5(slab) [ 14.988284] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.988390] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.988586] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 14.988635] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 14.988683] head: 0bfffe0000000003 ffffc1ffc3184201 00000000ffffffff 00000000ffffffff [ 14.988744] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 14.988789] page dumped because: kasan: bad access detected [ 14.988819] [ 14.988838] Memory state around the buggy address: [ 14.988868] fff00000c610ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.989037] fff00000c610ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.989112] >fff00000c610f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.989217] ^ [ 14.989308] fff00000c610f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.989350] fff00000c610f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.989415] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 14.975440] ================================================================== [ 14.975524] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 14.975574] Read of size 1 at addr fff00000c5eb7b9f by task kunit_try_catch/138 [ 14.975621] [ 14.975654] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.975751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.975778] Hardware name: linux,dummy-virt (DT) [ 14.975825] Call trace: [ 14.975854] show_stack+0x20/0x38 (C) [ 14.975902] dump_stack_lvl+0x8c/0xd0 [ 14.975948] print_report+0x118/0x5d0 [ 14.976016] kasan_report+0xdc/0x128 [ 14.976064] __asan_report_load1_noabort+0x20/0x30 [ 14.976115] kmalloc_oob_left+0x2ec/0x320 [ 14.976199] kunit_try_run_case+0x170/0x3f0 [ 14.976271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.976323] kthread+0x328/0x630 [ 14.976371] ret_from_fork+0x10/0x20 [ 14.976417] [ 14.976435] Allocated by task 26: [ 14.976464] kasan_save_stack+0x3c/0x68 [ 14.976503] kasan_save_track+0x20/0x40 [ 14.976539] kasan_save_alloc_info+0x40/0x58 [ 14.976617] __kasan_kmalloc+0xd4/0xd8 [ 14.976700] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 14.976766] kstrdup+0x54/0xc8 [ 14.976847] devtmpfs_work_loop+0x6f8/0xa58 [ 14.976947] devtmpfsd+0x50/0x58 [ 14.977024] kthread+0x328/0x630 [ 14.977133] ret_from_fork+0x10/0x20 [ 14.977221] [ 14.977366] Freed by task 26: [ 14.977438] kasan_save_stack+0x3c/0x68 [ 14.977475] kasan_save_track+0x20/0x40 [ 14.977511] kasan_save_free_info+0x4c/0x78 [ 14.977548] __kasan_slab_free+0x6c/0x98 [ 14.977763] kfree+0x214/0x3c8 [ 14.977799] devtmpfs_work_loop+0x804/0xa58 [ 14.977834] devtmpfsd+0x50/0x58 [ 14.977886] kthread+0x328/0x630 [ 14.977917] ret_from_fork+0x10/0x20 [ 14.977962] [ 14.977985] The buggy address belongs to the object at fff00000c5eb7b80 [ 14.977985] which belongs to the cache kmalloc-16 of size 16 [ 14.978070] The buggy address is located 15 bytes to the right of [ 14.978070] allocated 16-byte region [fff00000c5eb7b80, fff00000c5eb7b90) [ 14.978183] [ 14.978217] The buggy address belongs to the physical page: [ 14.978247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105eb7 [ 14.978343] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.978485] page_type: f5(slab) [ 14.978619] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 14.978754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.978855] page dumped because: kasan: bad access detected [ 14.978958] [ 14.979037] Memory state around the buggy address: [ 14.979114] fff00000c5eb7a80: fa fb fc fc fa fb fc fc 00 01 fc fc 00 01 fc fc [ 14.979176] fff00000c5eb7b00: fa fb fc fc 00 01 fc fc 00 01 fc fc fa fb fc fc [ 14.979218] >fff00000c5eb7b80: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 14.979385] ^ [ 14.979417] fff00000c5eb7c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979459] fff00000c5eb7c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979532] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 14.943666] ================================================================== [ 14.944263] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 14.946302] Write of size 1 at addr fff00000c6417473 by task kunit_try_catch/136 [ 14.946627] [ 14.948880] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 14.949133] Tainted: [N]=TEST [ 14.949169] Hardware name: linux,dummy-virt (DT) [ 14.949960] Call trace: [ 14.950382] show_stack+0x20/0x38 (C) [ 14.950579] dump_stack_lvl+0x8c/0xd0 [ 14.950654] print_report+0x118/0x5d0 [ 14.950729] kasan_report+0xdc/0x128 [ 14.950775] __asan_report_store1_noabort+0x20/0x30 [ 14.950828] kmalloc_oob_right+0x5a4/0x660 [ 14.950874] kunit_try_run_case+0x170/0x3f0 [ 14.950925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.950976] kthread+0x328/0x630 [ 14.951030] ret_from_fork+0x10/0x20 [ 14.951231] [ 14.951300] Allocated by task 136: [ 14.951447] kasan_save_stack+0x3c/0x68 [ 14.951543] kasan_save_track+0x20/0x40 [ 14.951589] kasan_save_alloc_info+0x40/0x58 [ 14.951627] __kasan_kmalloc+0xd4/0xd8 [ 14.951671] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.952251] kmalloc_oob_right+0xb0/0x660 [ 14.952405] kunit_try_run_case+0x170/0x3f0 [ 14.952448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.952511] kthread+0x328/0x630 [ 14.952543] ret_from_fork+0x10/0x20 [ 14.952610] [ 14.952676] The buggy address belongs to the object at fff00000c6417400 [ 14.952676] which belongs to the cache kmalloc-128 of size 128 [ 14.953082] The buggy address is located 0 bytes to the right of [ 14.953082] allocated 115-byte region [fff00000c6417400, fff00000c6417473) [ 14.953200] [ 14.953317] The buggy address belongs to the physical page: [ 14.953864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 14.954703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.955458] page_type: f5(slab) [ 14.956305] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.956430] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.956573] page dumped because: kasan: bad access detected [ 14.956616] [ 14.956642] Memory state around the buggy address: [ 14.957163] fff00000c6417300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.957347] fff00000c6417380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957499] >fff00000c6417400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.957555] ^ [ 14.957851] fff00000c6417480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957902] fff00000c6417500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.958087] ================================================================== [ 14.966947] ================================================================== [ 14.967001] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 14.967050] Read of size 1 at addr fff00000c6417480 by task kunit_try_catch/136 [ 14.967097] [ 14.967128] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.967206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.967260] Hardware name: linux,dummy-virt (DT) [ 14.967291] Call trace: [ 14.967318] show_stack+0x20/0x38 (C) [ 14.967367] dump_stack_lvl+0x8c/0xd0 [ 14.967412] print_report+0x118/0x5d0 [ 14.967457] kasan_report+0xdc/0x128 [ 14.967502] __asan_report_load1_noabort+0x20/0x30 [ 14.967561] kmalloc_oob_right+0x5d0/0x660 [ 14.967607] kunit_try_run_case+0x170/0x3f0 [ 14.967654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.967716] kthread+0x328/0x630 [ 14.967757] ret_from_fork+0x10/0x20 [ 14.967826] [ 14.967866] Allocated by task 136: [ 14.968132] kasan_save_stack+0x3c/0x68 [ 14.968197] kasan_save_track+0x20/0x40 [ 14.968310] kasan_save_alloc_info+0x40/0x58 [ 14.968434] __kasan_kmalloc+0xd4/0xd8 [ 14.968497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.968652] kmalloc_oob_right+0xb0/0x660 [ 14.968776] kunit_try_run_case+0x170/0x3f0 [ 14.968903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.969041] kthread+0x328/0x630 [ 14.969166] ret_from_fork+0x10/0x20 [ 14.969255] [ 14.969459] The buggy address belongs to the object at fff00000c6417400 [ 14.969459] which belongs to the cache kmalloc-128 of size 128 [ 14.969619] The buggy address is located 13 bytes to the right of [ 14.969619] allocated 115-byte region [fff00000c6417400, fff00000c6417473) [ 14.969682] [ 14.969713] The buggy address belongs to the physical page: [ 14.969741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 14.969917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.970053] page_type: f5(slab) [ 14.970129] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.970223] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.970319] page dumped because: kasan: bad access detected [ 14.970413] [ 14.970443] Memory state around the buggy address: [ 14.970524] fff00000c6417380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.970632] fff00000c6417400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.970678] >fff00000c6417480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.970783] ^ [ 14.971111] fff00000c6417500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.971210] fff00000c6417580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.971294] ================================================================== [ 14.959475] ================================================================== [ 14.959517] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 14.959755] Write of size 1 at addr fff00000c6417478 by task kunit_try_catch/136 [ 14.960184] [ 14.960267] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.960389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.960461] Hardware name: linux,dummy-virt (DT) [ 14.960493] Call trace: [ 14.960514] show_stack+0x20/0x38 (C) [ 14.960564] dump_stack_lvl+0x8c/0xd0 [ 14.960609] print_report+0x118/0x5d0 [ 14.960655] kasan_report+0xdc/0x128 [ 14.960711] __asan_report_store1_noabort+0x20/0x30 [ 14.960762] kmalloc_oob_right+0x538/0x660 [ 14.960807] kunit_try_run_case+0x170/0x3f0 [ 14.960855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.960908] kthread+0x328/0x630 [ 14.960949] ret_from_fork+0x10/0x20 [ 14.961267] [ 14.961357] Allocated by task 136: [ 14.961444] kasan_save_stack+0x3c/0x68 [ 14.961532] kasan_save_track+0x20/0x40 [ 14.961644] kasan_save_alloc_info+0x40/0x58 [ 14.961730] __kasan_kmalloc+0xd4/0xd8 [ 14.961765] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.961831] kmalloc_oob_right+0xb0/0x660 [ 14.961865] kunit_try_run_case+0x170/0x3f0 [ 14.961901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.962182] kthread+0x328/0x630 [ 14.962247] ret_from_fork+0x10/0x20 [ 14.962339] [ 14.962418] The buggy address belongs to the object at fff00000c6417400 [ 14.962418] which belongs to the cache kmalloc-128 of size 128 [ 14.962547] The buggy address is located 5 bytes to the right of [ 14.962547] allocated 115-byte region [fff00000c6417400, fff00000c6417473) [ 14.962628] [ 14.962647] The buggy address belongs to the physical page: [ 14.962675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106417 [ 14.962885] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.962999] page_type: f5(slab) [ 14.963066] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.963124] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.963199] page dumped because: kasan: bad access detected [ 14.963265] [ 14.963283] Memory state around the buggy address: [ 14.963322] fff00000c6417300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.963618] fff00000c6417380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963695] >fff00000c6417400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.963801] ^ [ 14.964027] fff00000c6417480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964077] fff00000c6417500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964114] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.289383] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.290540] Modules linked in: [ 95.290942] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 95.291471] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.292105] Hardware name: linux,dummy-virt (DT) [ 95.292602] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.292988] pc : intlog10+0x38/0x48 [ 95.293409] lr : intlog10_test+0xe4/0x200 [ 95.293804] sp : ffff8000822b7c10 [ 95.294288] x29: ffff8000822b7c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.295177] x26: 1ffe0000187af341 x25: 0000000000000000 x24: ffff8000822b7ce0 [ 95.296122] x23: ffff8000822b7d00 x22: 0000000000000000 x21: 1ffff00010456f82 [ 95.297012] x20: ffff9612d4289e80 x19: ffff800080087990 x18: 0000000064200072 [ 95.297815] x17: 0000000047f9f203 x16: 00000000344c3dc5 x15: 00000000496ec812 [ 95.298601] x14: 0000000018ca6500 x13: 1ffe00001b48e989 x12: ffff72c25b023379 [ 95.299118] x11: 1ffff2c25b023378 x10: ffff72c25b023378 x9 : ffff9612d183595c [ 95.299468] x8 : ffff9612d8119bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.299826] x5 : ffff700010456f82 x4 : 1ffff00010010f3a x3 : 1ffff2c25a8513d0 [ 95.300350] x2 : 1ffff2c25a8513d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.300812] Call trace: [ 95.301019] intlog10+0x38/0x48 (P) [ 95.301255] kunit_try_run_case+0x170/0x3f0 [ 95.301510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.301793] kthread+0x328/0x630 [ 95.302024] ret_from_fork+0x10/0x20 [ 95.302291] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.240378] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.243920] Modules linked in: [ 95.244536] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 95.244960] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.245170] Hardware name: linux,dummy-virt (DT) [ 95.245371] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.245658] pc : intlog2+0xd8/0xf8 [ 95.246493] lr : intlog2_test+0xe4/0x200 [ 95.246983] sp : ffff800082207c10 [ 95.247371] x29: ffff800082207c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.248279] x26: 1ffe000018ff9561 x25: 0000000000000000 x24: ffff800082207ce0 [ 95.249200] x23: ffff800082207d00 x22: 0000000000000000 x21: 1ffff00010440f82 [ 95.249993] x20: ffff9612d4289d80 x19: ffff800080087990 x18: 00000000c2579df6 [ 95.250768] x17: 00000000a977f2b2 x16: fff00000c097583c x15: fff00000ff616b08 [ 95.251531] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff72c25b023379 [ 95.252523] x11: 1ffff2c25b023378 x10: ffff72c25b023378 x9 : ffff9612d1835b5c [ 95.253517] x8 : ffff9612d8119bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.254273] x5 : ffff700010440f82 x4 : 1ffff00010010f3a x3 : 1ffff2c25a8513b0 [ 95.254632] x2 : 1ffff2c25a8513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.255073] Call trace: [ 95.255256] intlog2+0xd8/0xf8 (P) [ 95.255508] kunit_try_run_case+0x170/0x3f0 [ 95.255788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.256122] kthread+0x328/0x630 [ 95.256452] ret_from_fork+0x10/0x20 [ 95.256720] ---[ end trace 0000000000000000 ]---