Date
July 20, 2025, 11:12 a.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 17.894557] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 17.938137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 17.864756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 18.006708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.818257] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 92.442311] Internal error: Oops: 0000000096000005 [#1] SMP [ 92.447954] Modules linked in: [ 92.448642] CPU: 1 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 92.449255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 92.449657] Hardware name: linux,dummy-virt (DT) [ 92.450025] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 92.450433] pc : kunit_test_null_dereference+0x70/0x170 [ 92.450833] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.451139] sp : ffff800080d67d30 [ 92.451428] x29: ffff800080d67d90 x28: 0000000000000000 x27: 0000000000000000 [ 92.452557] x26: 1ffe000018dfec21 x25: 0000000000000000 x24: 0000000000000004 [ 92.453056] x23: fff00000c6ff610c x22: ffff9f28a3222fb8 x21: fff00000c120b988 [ 92.453522] x20: 1ffff000101acfa6 x19: ffff800080087990 x18: 0000000081dc1b41 [ 92.453997] x17: 0000000000000001 x16: fff00000da475d28 x15: fff00000ff616b08 [ 92.454507] x14: 00000000f1f1f1f1 x13: 1ffe0000181565c4 x12: fffd8000194043a4 [ 92.455518] x11: 1ffe0000194043a3 x10: fffd8000194043a3 x9 : ffff9f28a321a420 [ 92.456052] x8 : ffff800080d67c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 92.456419] x5 : ffff7000101acfa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 92.456792] x2 : dfff800000000000 x1 : fff00000ca021440 x0 : ffff800080087990 [ 92.457334] Call trace: [ 92.457562] kunit_test_null_dereference+0x70/0x170 (P) [ 92.457925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 92.458255] kthread+0x328/0x630 [ 92.458481] ret_from_fork+0x10/0x20 [ 92.459003] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 92.460322] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.840101] ================================================================== [ 48.840157] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 48.840157] [ 48.840247] Use-after-free read at 0x0000000084f60870 (in kfence-#148): [ 48.840297] test_krealloc+0x51c/0x830 [ 48.840344] kunit_try_run_case+0x170/0x3f0 [ 48.840402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.840446] kthread+0x328/0x630 [ 48.840488] ret_from_fork+0x10/0x20 [ 48.840528] [ 48.840553] kfence-#148: 0x0000000084f60870-0x0000000060432a82, size=32, cache=kmalloc-32 [ 48.840553] [ 48.840606] allocated by task 337 on cpu 1 at 48.839403s (0.001200s ago): [ 48.840688] test_alloc+0x29c/0x628 [ 48.840731] test_krealloc+0xc0/0x830 [ 48.840769] kunit_try_run_case+0x170/0x3f0 [ 48.840807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.840851] kthread+0x328/0x630 [ 48.840887] ret_from_fork+0x10/0x20 [ 48.840927] [ 48.840952] freed by task 337 on cpu 1 at 48.839689s (0.001259s ago): [ 48.841015] krealloc_noprof+0x148/0x360 [ 48.841055] test_krealloc+0x1dc/0x830 [ 48.841094] kunit_try_run_case+0x170/0x3f0 [ 48.841132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.841176] kthread+0x328/0x630 [ 48.841210] ret_from_fork+0x10/0x20 [ 48.841250] [ 48.841296] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.841374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.841405] Hardware name: linux,dummy-virt (DT) [ 48.841441] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.775709] ================================================================== [ 48.775809] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.775809] [ 48.775909] Use-after-free read at 0x00000000798c4c54 (in kfence-#147): [ 48.775966] test_memcache_typesafe_by_rcu+0x280/0x560 [ 48.776017] kunit_try_run_case+0x170/0x3f0 [ 48.776064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.776109] kthread+0x328/0x630 [ 48.776150] ret_from_fork+0x10/0x20 [ 48.776189] [ 48.776215] kfence-#147: 0x00000000798c4c54-0x000000003f2b916f, size=32, cache=test [ 48.776215] [ 48.776267] allocated by task 335 on cpu 0 at 48.735736s (0.040527s ago): [ 48.776337] test_alloc+0x230/0x628 [ 48.776383] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 48.776427] kunit_try_run_case+0x170/0x3f0 [ 48.776465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.776508] kthread+0x328/0x630 [ 48.776542] ret_from_fork+0x10/0x20 [ 48.776580] [ 48.776604] freed by task 335 on cpu 0 at 48.735868s (0.040731s ago): [ 48.776672] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 48.776715] kunit_try_run_case+0x170/0x3f0 [ 48.776753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 48.776796] kthread+0x328/0x630 [ 48.776830] ret_from_fork+0x10/0x20 [ 48.776871] [ 48.776917] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 48.776994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.777024] Hardware name: linux,dummy-virt (DT) [ 48.777059] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.875359] ================================================================== [ 25.875500] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 25.875500] [ 25.875598] Invalid read at 0x0000000097976081: [ 25.875680] test_invalid_access+0xdc/0x1f0 [ 25.875738] kunit_try_run_case+0x170/0x3f0 [ 25.875789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.875951] kthread+0x328/0x630 [ 25.876005] ret_from_fork+0x10/0x20 [ 25.876060] [ 25.876793] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.876902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.876947] Hardware name: linux,dummy-virt (DT) [ 25.877022] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.647695] ================================================================== [ 25.647787] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.647787] [ 25.647850] Corrupted memory at 0x00000000ccc3e2b7 [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 25.648166] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.648216] kunit_try_run_case+0x170/0x3f0 [ 25.648257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.648302] kthread+0x328/0x630 [ 25.648339] ret_from_fork+0x10/0x20 [ 25.648383] [ 25.648407] kfence-#142: 0x0000000086b3f28c-0x00000000b11c38e0, size=73, cache=kmalloc-96 [ 25.648407] [ 25.648460] allocated by task 325 on cpu 0 at 25.647432s (0.001025s ago): [ 25.648523] test_alloc+0x29c/0x628 [ 25.648562] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 25.648605] kunit_try_run_case+0x170/0x3f0 [ 25.648645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.648697] kthread+0x328/0x630 [ 25.648733] ret_from_fork+0x10/0x20 [ 25.648771] [ 25.648798] freed by task 325 on cpu 0 at 25.647588s (0.001205s ago): [ 25.648858] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 25.648900] kunit_try_run_case+0x170/0x3f0 [ 25.648940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.648983] kthread+0x328/0x630 [ 25.649017] ret_from_fork+0x10/0x20 [ 25.649056] [ 25.649099] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.649175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.649205] Hardware name: linux,dummy-virt (DT) [ 25.649237] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.543637] ================================================================== [ 25.543749] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.543749] [ 25.543845] Out-of-bounds read at 0x00000000263aa964 (105B right of kfence-#141): [ 25.543908] test_kmalloc_aligned_oob_read+0x238/0x468 [ 25.543959] kunit_try_run_case+0x170/0x3f0 [ 25.544005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.544049] kthread+0x328/0x630 [ 25.544089] ret_from_fork+0x10/0x20 [ 25.544130] [ 25.544155] kfence-#141: 0x000000000a66dc2c-0x00000000ac8c02e8, size=73, cache=kmalloc-96 [ 25.544155] [ 25.544209] allocated by task 323 on cpu 0 at 25.543375s (0.000830s ago): [ 25.544280] test_alloc+0x29c/0x628 [ 25.544320] test_kmalloc_aligned_oob_read+0x100/0x468 [ 25.544365] kunit_try_run_case+0x170/0x3f0 [ 25.544660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.544714] kthread+0x328/0x630 [ 25.544750] ret_from_fork+0x10/0x20 [ 25.544791] [ 25.544840] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 25.544924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.544954] Hardware name: linux,dummy-virt (DT) [ 25.544991] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.759571] ================================================================== [ 20.759678] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 20.759678] [ 20.759741] Corrupted memory at 0x00000000085ed3ea [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 20.760060] test_corruption+0x120/0x378 [ 20.760110] kunit_try_run_case+0x170/0x3f0 [ 20.760154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.760199] kthread+0x328/0x630 [ 20.760237] ret_from_fork+0x10/0x20 [ 20.760278] [ 20.760301] kfence-#95: 0x00000000c49bcd82-0x00000000175abd41, size=32, cache=test [ 20.760301] [ 20.760356] allocated by task 313 on cpu 0 at 20.759419s (0.000934s ago): [ 20.760424] test_alloc+0x230/0x628 [ 20.760463] test_corruption+0xdc/0x378 [ 20.760502] kunit_try_run_case+0x170/0x3f0 [ 20.760542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.760586] kthread+0x328/0x630 [ 20.760621] ret_from_fork+0x10/0x20 [ 20.760660] [ 20.760694] freed by task 313 on cpu 0 at 20.759484s (0.001206s ago): [ 20.760755] test_corruption+0x120/0x378 [ 20.760795] kunit_try_run_case+0x170/0x3f0 [ 20.760834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.760877] kthread+0x328/0x630 [ 20.760912] ret_from_fork+0x10/0x20 [ 20.760951] [ 20.760992] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.761069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.761098] Hardware name: linux,dummy-virt (DT) [ 20.761133] ================================================================== [ 20.655827] ================================================================== [ 20.655917] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.655917] [ 20.655980] Corrupted memory at 0x000000001f877959 [ ! ] (in kfence-#94): [ 20.656115] test_corruption+0x284/0x378 [ 20.656161] kunit_try_run_case+0x170/0x3f0 [ 20.656203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.656249] kthread+0x328/0x630 [ 20.656286] ret_from_fork+0x10/0x20 [ 20.656327] [ 20.656350] kfence-#94: 0x00000000c7330e99-0x00000000fd4b6b4b, size=32, cache=kmalloc-32 [ 20.656350] [ 20.656413] allocated by task 311 on cpu 0 at 20.655526s (0.000884s ago): [ 20.656475] test_alloc+0x29c/0x628 [ 20.656515] test_corruption+0x198/0x378 [ 20.656554] kunit_try_run_case+0x170/0x3f0 [ 20.656595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.656639] kthread+0x328/0x630 [ 20.656686] ret_from_fork+0x10/0x20 [ 20.656725] [ 20.656749] freed by task 311 on cpu 0 at 20.655630s (0.001116s ago): [ 20.656809] test_corruption+0x284/0x378 [ 20.656848] kunit_try_run_case+0x170/0x3f0 [ 20.656888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.656931] kthread+0x328/0x630 [ 20.656965] ret_from_fork+0x10/0x20 [ 20.657003] [ 20.657044] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.657120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.657150] Hardware name: linux,dummy-virt (DT) [ 20.657184] ================================================================== [ 20.551627] ================================================================== [ 20.551734] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.551734] [ 20.551799] Corrupted memory at 0x00000000d69ff65d [ ! . . . . . . . . . . . . . . . ] (in kfence-#93): [ 20.552114] test_corruption+0x278/0x378 [ 20.552159] kunit_try_run_case+0x170/0x3f0 [ 20.552203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.552248] kthread+0x328/0x630 [ 20.552287] ret_from_fork+0x10/0x20 [ 20.552328] [ 20.552355] kfence-#93: 0x0000000044facffe-0x000000002178a230, size=32, cache=kmalloc-32 [ 20.552355] [ 20.552558] allocated by task 311 on cpu 0 at 20.551430s (0.001125s ago): [ 20.552620] test_alloc+0x29c/0x628 [ 20.552659] test_corruption+0xdc/0x378 [ 20.552711] kunit_try_run_case+0x170/0x3f0 [ 20.552750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.552794] kthread+0x328/0x630 [ 20.552830] ret_from_fork+0x10/0x20 [ 20.552869] [ 20.552891] freed by task 311 on cpu 0 at 20.551539s (0.001349s ago): [ 20.552952] test_corruption+0x278/0x378 [ 20.552992] kunit_try_run_case+0x170/0x3f0 [ 20.553031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.553074] kthread+0x328/0x630 [ 20.553110] ret_from_fork+0x10/0x20 [ 20.553149] [ 20.553195] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.553270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.553300] Hardware name: linux,dummy-virt (DT) [ 20.553336] ================================================================== [ 21.071616] ================================================================== [ 21.071728] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.071728] [ 21.071792] Corrupted memory at 0x000000003fd02db8 [ ! ] (in kfence-#98): [ 21.071910] test_corruption+0x1d8/0x378 [ 21.071955] kunit_try_run_case+0x170/0x3f0 [ 21.071998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.072042] kthread+0x328/0x630 [ 21.072079] ret_from_fork+0x10/0x20 [ 21.072119] [ 21.072144] kfence-#98: 0x0000000077e5fc7a-0x00000000b44e9e9c, size=32, cache=test [ 21.072144] [ 21.072197] allocated by task 313 on cpu 0 at 21.071466s (0.000728s ago): [ 21.072259] test_alloc+0x230/0x628 [ 21.072299] test_corruption+0x198/0x378 [ 21.072340] kunit_try_run_case+0x170/0x3f0 [ 21.072383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.072426] kthread+0x328/0x630 [ 21.072462] ret_from_fork+0x10/0x20 [ 21.072499] [ 21.072523] freed by task 313 on cpu 0 at 21.071528s (0.000992s ago): [ 21.072583] test_corruption+0x1d8/0x378 [ 21.072622] kunit_try_run_case+0x170/0x3f0 [ 21.072661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.072712] kthread+0x328/0x630 [ 21.072748] ret_from_fork+0x10/0x20 [ 21.072785] [ 21.072826] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.072904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.072933] Hardware name: linux,dummy-virt (DT) [ 21.072967] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.348119] ================================================================== [ 20.348194] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.348194] [ 20.348253] Invalid free of 0x000000001e3c47ea (in kfence-#91): [ 20.348306] test_invalid_addr_free+0x1ac/0x238 [ 20.348353] kunit_try_run_case+0x170/0x3f0 [ 20.348402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.348446] kthread+0x328/0x630 [ 20.348483] ret_from_fork+0x10/0x20 [ 20.348521] [ 20.348682] kfence-#91: 0x000000003a473fd7-0x000000004ff40023, size=32, cache=kmalloc-32 [ 20.348682] [ 20.348756] allocated by task 307 on cpu 0 at 20.347967s (0.000777s ago): [ 20.348821] test_alloc+0x29c/0x628 [ 20.348871] test_invalid_addr_free+0xd4/0x238 [ 20.348912] kunit_try_run_case+0x170/0x3f0 [ 20.348961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.349011] kthread+0x328/0x630 [ 20.349047] ret_from_fork+0x10/0x20 [ 20.349096] [ 20.349378] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.349474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.349511] Hardware name: linux,dummy-virt (DT) [ 20.349600] ================================================================== [ 20.447602] ================================================================== [ 20.447706] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.447706] [ 20.447767] Invalid free of 0x0000000052ee1042 (in kfence-#92): [ 20.447821] test_invalid_addr_free+0xec/0x238 [ 20.447867] kunit_try_run_case+0x170/0x3f0 [ 20.447908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.447953] kthread+0x328/0x630 [ 20.447989] ret_from_fork+0x10/0x20 [ 20.448027] [ 20.448052] kfence-#92: 0x00000000126a9155-0x00000000c60d422a, size=32, cache=test [ 20.448052] [ 20.448105] allocated by task 309 on cpu 0 at 20.447478s (0.000624s ago): [ 20.448166] test_alloc+0x230/0x628 [ 20.448205] test_invalid_addr_free+0xd4/0x238 [ 20.448246] kunit_try_run_case+0x170/0x3f0 [ 20.448286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.448330] kthread+0x328/0x630 [ 20.448364] ret_from_fork+0x10/0x20 [ 20.448407] [ 20.448450] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.448527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.448558] Hardware name: linux,dummy-virt (DT) [ 20.448590] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.138354] ================================================================== [ 20.138480] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.138480] [ 20.138827] Invalid free of 0x0000000035096842 (in kfence-#89): [ 20.138982] test_double_free+0x1bc/0x238 [ 20.139572] kunit_try_run_case+0x170/0x3f0 [ 20.139708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.140082] kthread+0x328/0x630 [ 20.140419] ret_from_fork+0x10/0x20 [ 20.140492] [ 20.140524] kfence-#89: 0x0000000035096842-0x000000006036d3af, size=32, cache=kmalloc-32 [ 20.140524] [ 20.140977] allocated by task 303 on cpu 0 at 20.137329s (0.003640s ago): [ 20.141261] test_alloc+0x29c/0x628 [ 20.141704] test_double_free+0xd4/0x238 [ 20.141880] kunit_try_run_case+0x170/0x3f0 [ 20.142443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142557] kthread+0x328/0x630 [ 20.142809] ret_from_fork+0x10/0x20 [ 20.142973] [ 20.143339] freed by task 303 on cpu 0 at 20.137409s (0.005854s ago): [ 20.143456] test_double_free+0x1ac/0x238 [ 20.143661] kunit_try_run_case+0x170/0x3f0 [ 20.143877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.144064] kthread+0x328/0x630 [ 20.144235] ret_from_fork+0x10/0x20 [ 20.144603] [ 20.144854] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.145152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.145193] Hardware name: linux,dummy-virt (DT) [ 20.145826] ================================================================== [ 20.244010] ================================================================== [ 20.244086] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.244086] [ 20.244158] Invalid free of 0x00000000476b073b (in kfence-#90): [ 20.244213] test_double_free+0x100/0x238 [ 20.244258] kunit_try_run_case+0x170/0x3f0 [ 20.244329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.244375] kthread+0x328/0x630 [ 20.244418] ret_from_fork+0x10/0x20 [ 20.244483] [ 20.244508] kfence-#90: 0x00000000476b073b-0x00000000f8c16408, size=32, cache=test [ 20.244508] [ 20.244560] allocated by task 305 on cpu 0 at 20.243633s (0.000923s ago): [ 20.244620] test_alloc+0x230/0x628 [ 20.244660] test_double_free+0xd4/0x238 [ 20.244737] kunit_try_run_case+0x170/0x3f0 [ 20.244815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.244869] kthread+0x328/0x630 [ 20.244904] ret_from_fork+0x10/0x20 [ 20.244952] [ 20.244977] freed by task 305 on cpu 0 at 20.243707s (0.001266s ago): [ 20.245037] test_double_free+0xf0/0x238 [ 20.245077] kunit_try_run_case+0x170/0x3f0 [ 20.245116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.245167] kthread+0x328/0x630 [ 20.245204] ret_from_fork+0x10/0x20 [ 20.245243] [ 20.245284] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.245361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.245388] Hardware name: linux,dummy-virt (DT) [ 20.245432] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.712693] ================================================================== [ 19.712817] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.712817] [ 19.712910] Use-after-free read at 0x0000000049ba45af (in kfence-#85): [ 19.713174] test_use_after_free_read+0x114/0x248 [ 19.713248] kunit_try_run_case+0x170/0x3f0 [ 19.713300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.713343] kthread+0x328/0x630 [ 19.713579] ret_from_fork+0x10/0x20 [ 19.713715] [ 19.713749] kfence-#85: 0x0000000049ba45af-0x00000000d101b7c8, size=32, cache=kmalloc-32 [ 19.713749] [ 19.713806] allocated by task 295 on cpu 0 at 19.712018s (0.001783s ago): [ 19.713877] test_alloc+0x29c/0x628 [ 19.713918] test_use_after_free_read+0xd0/0x248 [ 19.713959] kunit_try_run_case+0x170/0x3f0 [ 19.714009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714051] kthread+0x328/0x630 [ 19.714088] ret_from_fork+0x10/0x20 [ 19.714125] [ 19.714150] freed by task 295 on cpu 0 at 19.712343s (0.001803s ago): [ 19.714222] test_use_after_free_read+0x1c0/0x248 [ 19.714265] kunit_try_run_case+0x170/0x3f0 [ 19.714305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714347] kthread+0x328/0x630 [ 19.714381] ret_from_fork+0x10/0x20 [ 19.714419] [ 19.714464] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.714543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.714572] Hardware name: linux,dummy-virt (DT) [ 19.714608] ================================================================== [ 19.822486] ================================================================== [ 19.823153] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.823153] [ 19.823294] Use-after-free read at 0x00000000c38d06e6 (in kfence-#86): [ 19.823433] test_use_after_free_read+0x114/0x248 [ 19.823770] kunit_try_run_case+0x170/0x3f0 [ 19.823879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.823940] kthread+0x328/0x630 [ 19.824345] ret_from_fork+0x10/0x20 [ 19.824724] [ 19.824793] kfence-#86: 0x00000000c38d06e6-0x0000000027fed03b, size=32, cache=test [ 19.824793] [ 19.824871] allocated by task 297 on cpu 0 at 19.821916s (0.002952s ago): [ 19.825257] test_alloc+0x230/0x628 [ 19.825326] test_use_after_free_read+0xd0/0x248 [ 19.825432] kunit_try_run_case+0x170/0x3f0 [ 19.825990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.826249] kthread+0x328/0x630 [ 19.826375] ret_from_fork+0x10/0x20 [ 19.826430] [ 19.826456] freed by task 297 on cpu 0 at 19.821995s (0.004457s ago): [ 19.826879] test_use_after_free_read+0xf0/0x248 [ 19.826999] kunit_try_run_case+0x170/0x3f0 [ 19.827321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.827420] kthread+0x328/0x630 [ 19.827503] ret_from_fork+0x10/0x20 [ 19.827624] [ 19.827864] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.828359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.828406] Hardware name: linux,dummy-virt (DT) [ 19.828942] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.608325] ================================================================== [ 19.608449] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.608449] [ 19.608549] Out-of-bounds write at 0x00000000be8a8d34 (1B left of kfence-#84): [ 19.608606] test_out_of_bounds_write+0x100/0x240 [ 19.608834] kunit_try_run_case+0x170/0x3f0 [ 19.608930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.608977] kthread+0x328/0x630 [ 19.609059] ret_from_fork+0x10/0x20 [ 19.609117] [ 19.609159] kfence-#84: 0x00000000e3112cf0-0x0000000087342108, size=32, cache=test [ 19.609159] [ 19.609248] allocated by task 293 on cpu 0 at 19.608007s (0.001236s ago): [ 19.609503] test_alloc+0x230/0x628 [ 19.609697] test_out_of_bounds_write+0xc8/0x240 [ 19.609749] kunit_try_run_case+0x170/0x3f0 [ 19.609798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.609869] kthread+0x328/0x630 [ 19.609912] ret_from_fork+0x10/0x20 [ 19.609981] [ 19.610025] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.610108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.610137] Hardware name: linux,dummy-virt (DT) [ 19.610170] ================================================================== [ 19.293997] ================================================================== [ 19.294378] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.294378] [ 19.294513] Out-of-bounds write at 0x00000000b2901723 (1B left of kfence-#81): [ 19.294575] test_out_of_bounds_write+0x100/0x240 [ 19.294986] kunit_try_run_case+0x170/0x3f0 [ 19.295104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.295218] kthread+0x328/0x630 [ 19.295337] ret_from_fork+0x10/0x20 [ 19.295510] [ 19.295627] kfence-#81: 0x000000005c7e1bd6-0x00000000afd816a2, size=32, cache=kmalloc-32 [ 19.295627] [ 19.296006] allocated by task 291 on cpu 0 at 19.293748s (0.002238s ago): [ 19.296170] test_alloc+0x29c/0x628 [ 19.296320] test_out_of_bounds_write+0xc8/0x240 [ 19.296390] kunit_try_run_case+0x170/0x3f0 [ 19.296764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.296873] kthread+0x328/0x630 [ 19.296976] ret_from_fork+0x10/0x20 [ 19.297155] [ 19.297248] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.297424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.297500] Hardware name: linux,dummy-virt (DT) [ 19.297878] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 19.186030] ================================================================== [ 19.186356] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.186356] [ 19.186447] Out-of-bounds read at 0x00000000da3d016f (32B right of kfence-#80): [ 19.186856] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.186953] kunit_try_run_case+0x170/0x3f0 [ 19.186996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187284] kthread+0x328/0x630 [ 19.187441] ret_from_fork+0x10/0x20 [ 19.187504] [ 19.187540] kfence-#80: 0x00000000a3e2fce7-0x0000000061da2b9d, size=32, cache=test [ 19.187540] [ 19.187613] allocated by task 289 on cpu 0 at 19.185567s (0.002042s ago): [ 19.187712] test_alloc+0x230/0x628 [ 19.187762] test_out_of_bounds_read+0x198/0x3e0 [ 19.187819] kunit_try_run_case+0x170/0x3f0 [ 19.187873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187978] kthread+0x328/0x630 [ 19.188040] ret_from_fork+0x10/0x20 [ 19.188091] [ 19.188141] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.188233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.188280] Hardware name: linux,dummy-virt (DT) [ 19.188323] ================================================================== [ 18.977953] ================================================================== [ 18.978065] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.978065] [ 18.978236] Out-of-bounds read at 0x00000000bcc08987 (32B right of kfence-#78): [ 18.978602] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.978703] kunit_try_run_case+0x170/0x3f0 [ 18.978756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.978800] kthread+0x328/0x630 [ 18.978838] ret_from_fork+0x10/0x20 [ 18.978878] [ 18.978903] kfence-#78: 0x00000000c00df569-0x000000009d716409, size=32, cache=kmalloc-32 [ 18.978903] [ 18.979299] allocated by task 287 on cpu 0 at 18.977330s (0.001623s ago): [ 18.979562] test_alloc+0x29c/0x628 [ 18.979659] test_out_of_bounds_read+0x198/0x3e0 [ 18.979784] kunit_try_run_case+0x170/0x3f0 [ 18.979853] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.979923] kthread+0x328/0x630 [ 18.980263] ret_from_fork+0x10/0x20 [ 18.980427] [ 18.980574] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.980702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.981035] Hardware name: linux,dummy-virt (DT) [ 18.981099] ================================================================== [ 19.082061] ================================================================== [ 19.082147] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.082147] [ 19.082527] Out-of-bounds read at 0x00000000a5d9da96 (1B left of kfence-#79): [ 19.082658] test_out_of_bounds_read+0x114/0x3e0 [ 19.082730] kunit_try_run_case+0x170/0x3f0 [ 19.083044] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.083128] kthread+0x328/0x630 [ 19.083412] ret_from_fork+0x10/0x20 [ 19.083557] [ 19.083605] kfence-#79: 0x00000000a80a7402-0x00000000fb6a4cb7, size=32, cache=test [ 19.083605] [ 19.083686] allocated by task 289 on cpu 0 at 19.081637s (0.002037s ago): [ 19.083758] test_alloc+0x230/0x628 [ 19.083814] test_out_of_bounds_read+0xdc/0x3e0 [ 19.083876] kunit_try_run_case+0x170/0x3f0 [ 19.083915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.083959] kthread+0x328/0x630 [ 19.084026] ret_from_fork+0x10/0x20 [ 19.084075] [ 19.084137] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.084231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.084272] Hardware name: linux,dummy-virt (DT) [ 19.084310] ================================================================== [ 18.766932] ================================================================== [ 18.767145] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.767145] [ 18.767401] Out-of-bounds read at 0x000000003c26d6f1 (1B left of kfence-#76): [ 18.767998] test_out_of_bounds_read+0x114/0x3e0 [ 18.768257] kunit_try_run_case+0x170/0x3f0 [ 18.768314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.768690] kthread+0x328/0x630 [ 18.768896] ret_from_fork+0x10/0x20 [ 18.768992] [ 18.769149] kfence-#76: 0x0000000052e1c939-0x00000000944f9d53, size=32, cache=kmalloc-32 [ 18.769149] [ 18.769229] allocated by task 287 on cpu 0 at 18.765833s (0.003391s ago): [ 18.769495] test_alloc+0x29c/0x628 [ 18.769746] test_out_of_bounds_read+0xdc/0x3e0 [ 18.769875] kunit_try_run_case+0x170/0x3f0 [ 18.769941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770100] kthread+0x328/0x630 [ 18.770164] ret_from_fork+0x10/0x20 [ 18.770472] [ 18.770705] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.771436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.771681] Hardware name: linux,dummy-virt (DT) [ 18.771982] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-strcmp
[ 17.604360] ================================================================== [ 17.604520] BUG: KFENCE: use-after-free read in strcmp+0x50/0xc8 [ 17.604520] [ 17.604585] Use-after-free read at 0x00000000493a7be2 (in kfence-#71): [ 17.604635] strcmp+0x50/0xc8 [ 17.604682] kasan_strings+0x340/0xb00 [ 17.605566] kunit_try_run_case+0x170/0x3f0 [ 17.605647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.605825] kthread+0x328/0x630 [ 17.605862] ret_from_fork+0x10/0x20 [ 17.605901] [ 17.606407] kfence-#71: 0x00000000a0ff1a74-0x000000005ed6b2ea, size=24, cache=kmalloc-32 [ 17.606407] [ 17.606518] allocated by task 259 on cpu 0 at 17.594550s (0.011963s ago): [ 17.606609] kasan_strings+0xc8/0xb00 [ 17.606973] kunit_try_run_case+0x170/0x3f0 [ 17.607015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.607378] kthread+0x328/0x630 [ 17.607421] ret_from_fork+0x10/0x20 [ 17.607773] [ 17.607856] freed by task 259 on cpu 0 at 17.595465s (0.012380s ago): [ 17.608287] kasan_strings+0x24c/0xb00 [ 17.608333] kunit_try_run_case+0x170/0x3f0 [ 17.608376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.609018] kthread+0x328/0x630 [ 17.609238] ret_from_fork+0x10/0x20 [ 17.609554] [ 17.609775] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.610153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.610186] Hardware name: linux,dummy-virt (DT) [ 17.610830] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy
[ 16.648437] ================================================================== [ 16.649075] BUG: KFENCE: use-after-free read in kmem_cache_destroy+0x50/0x218 [ 16.649075] [ 16.649547] Use-after-free read at 0x000000000ed34f3e (in kfence-#62): [ 16.649676] kmem_cache_destroy+0x50/0x218 [ 16.649939] kmem_cache_double_destroy+0x174/0x300 [ 16.650008] kunit_try_run_case+0x170/0x3f0 [ 16.650051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.650094] kthread+0x328/0x630 [ 16.650129] ret_from_fork+0x10/0x20 [ 16.650166] [ 16.650187] kfence-#62: 0x00000000bf5ae28f-0x00000000cd4ed60a, size=208, cache=kmem_cache [ 16.650187] [ 16.650243] allocated by task 215 on cpu 0 at 16.644113s (0.006127s ago): [ 16.650355] __kmem_cache_create_args+0x178/0x280 [ 16.650396] kmem_cache_double_destroy+0xc0/0x300 [ 16.650437] kunit_try_run_case+0x170/0x3f0 [ 16.650473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.650516] kthread+0x328/0x630 [ 16.650546] ret_from_fork+0x10/0x20 [ 16.650581] [ 16.651209] freed by task 215 on cpu 0 at 16.647971s (0.003142s ago): [ 16.652129] slab_kmem_cache_release+0x38/0x50 [ 16.652347] kmem_cache_release+0x1c/0x30 [ 16.652522] kobject_put+0x17c/0x420 [ 16.652570] sysfs_slab_release+0x1c/0x30 [ 16.652610] kmem_cache_destroy+0x118/0x218 [ 16.652645] kmem_cache_double_destroy+0x128/0x300 [ 16.652797] kunit_try_run_case+0x170/0x3f0 [ 16.652849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.652906] kthread+0x328/0x630 [ 16.652992] ret_from_fork+0x10/0x20 [ 16.653031] [ 16.653439] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.653801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.653993] Hardware name: linux,dummy-virt (DT) [ 16.654098] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-rcu_uaf_reclaim
[ 15.599421] ================================================================== [ 15.602942] BUG: KFENCE: use-after-free read in rcu_uaf_reclaim+0x48/0x70 [ 15.602942] [ 15.603466] Use-after-free read at 0x0000000088637f4a (in kfence-#55): [ 15.603685] rcu_uaf_reclaim+0x48/0x70 [ 15.603731] rcu_core+0x9f4/0x1e20 [ 15.603773] rcu_core_si+0x18/0x30 [ 15.603808] handle_softirqs+0x374/0xb28 [ 15.605201] __do_softirq+0x1c/0x28 [ 15.605394] ____do_softirq+0x18/0x30 [ 15.606307] call_on_irq_stack+0x24/0x30 [ 15.606428] do_softirq_own_stack+0x24/0x38 [ 15.607150] __irq_exit_rcu+0x1fc/0x318 [ 15.607227] irq_exit_rcu+0x1c/0x80 [ 15.607284] el1_interrupt+0x38/0x58 [ 15.607356] el1h_64_irq_handler+0x18/0x28 [ 15.607480] el1h_64_irq+0x6c/0x70 [ 15.607512] arch_local_irq_enable+0x4/0x8 [ 15.607555] do_idle+0x384/0x4e8 [ 15.607758] cpu_startup_entry+0x64/0x80 [ 15.608360] rest_init+0x160/0x188 [ 15.608427] start_kernel+0x30c/0x3d0 [ 15.608475] __primary_switched+0x8c/0xa0 [ 15.608513] [ 15.608535] kfence-#55: 0x0000000088637f4a-0x000000000fcceb00, size=24, cache=kmalloc-32 [ 15.608535] [ 15.610353] allocated by task 198 on cpu 0 at 15.580197s (0.028395s ago): [ 15.610788] rcu_uaf+0xb0/0x2d8 [ 15.610835] kunit_try_run_case+0x170/0x3f0 [ 15.610874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.611170] kthread+0x328/0x630 [ 15.611386] ret_from_fork+0x10/0x20 [ 15.611443] [ 15.611465] freed by task 0 on cpu 0 at 15.595963s (0.015498s ago): [ 15.612095] rcu_uaf_reclaim+0x28/0x70 [ 15.612137] rcu_core+0x9f4/0x1e20 [ 15.612171] rcu_core_si+0x18/0x30 [ 15.612208] handle_softirqs+0x374/0xb28 [ 15.613253] __do_softirq+0x1c/0x28 [ 15.613300] ____do_softirq+0x18/0x30 [ 15.613768] call_on_irq_stack+0x24/0x30 [ 15.613954] do_softirq_own_stack+0x24/0x38 [ 15.614371] __irq_exit_rcu+0x1fc/0x318 [ 15.615334] irq_exit_rcu+0x1c/0x80 [ 15.615810] el1_interrupt+0x38/0x58 [ 15.615930] el1h_64_irq_handler+0x18/0x28 [ 15.615993] el1h_64_irq+0x6c/0x70 [ 15.616039] arch_local_irq_enable+0x4/0x8 [ 15.616485] do_idle+0x384/0x4e8 [ 15.616591] cpu_startup_entry+0x64/0x80 [ 15.616629] rest_init+0x160/0x188 [ 15.616672] start_kernel+0x30c/0x3d0 [ 15.616709] __primary_switched+0x8c/0xa0 [ 15.618365] [ 15.618442] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.618871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.618947] Hardware name: linux,dummy-virt (DT) [ 15.619054] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 15.169813] ================================================================== [ 15.169894] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 15.169894] [ 15.169974] Corrupted memory at 0x0000000011b904c7 [ ! . . . . . . . . . . . . . . . ] (in kfence-#51): [ 15.172004] kmalloc_track_caller_oob_right+0x224/0x488 [ 15.172176] kunit_try_run_case+0x170/0x3f0 [ 15.172216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.172390] kthread+0x328/0x630 [ 15.172454] ret_from_fork+0x10/0x20 [ 15.172587] [ 15.172884] kfence-#51: 0x00000000cebb0bad-0x0000000035dc6c1d, size=120, cache=kmalloc-128 [ 15.172884] [ 15.173481] allocated by task 142 on cpu 0 at 15.168453s (0.004910s ago): [ 15.174037] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.174116] kunit_try_run_case+0x170/0x3f0 [ 15.174154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.174207] kthread+0x328/0x630 [ 15.174238] ret_from_fork+0x10/0x20 [ 15.174335] [ 15.174464] freed by task 142 on cpu 0 at 15.169155s (0.005238s ago): [ 15.174563] kmalloc_track_caller_oob_right+0x224/0x488 [ 15.174615] kunit_try_run_case+0x170/0x3f0 [ 15.174673] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.174715] kthread+0x328/0x630 [ 15.174745] ret_from_fork+0x10/0x20 [ 15.174801] [ 15.174853] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.174947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.174974] Hardware name: linux,dummy-virt (DT) [ 15.175161] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.644359] ================================================================== [ 18.644420] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.644480] Write of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.644534] [ 18.644565] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.644648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.644688] Hardware name: linux,dummy-virt (DT) [ 18.644719] Call trace: [ 18.644743] show_stack+0x20/0x38 (C) [ 18.644804] dump_stack_lvl+0x8c/0xd0 [ 18.644852] print_report+0x118/0x5d0 [ 18.644899] kasan_report+0xdc/0x128 [ 18.644947] kasan_check_range+0x100/0x1a8 [ 18.644996] __kasan_check_write+0x20/0x30 [ 18.645084] strncpy_from_user+0x3c/0x2a0 [ 18.645383] copy_user_test_oob+0x5c0/0xec8 [ 18.645431] kunit_try_run_case+0x170/0x3f0 [ 18.645480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.645716] kthread+0x328/0x630 [ 18.645768] ret_from_fork+0x10/0x20 [ 18.645816] [ 18.645837] Allocated by task 285: [ 18.645878] kasan_save_stack+0x3c/0x68 [ 18.645920] kasan_save_track+0x20/0x40 [ 18.645961] kasan_save_alloc_info+0x40/0x58 [ 18.646003] __kasan_kmalloc+0xd4/0xd8 [ 18.646099] __kmalloc_noprof+0x198/0x4c8 [ 18.646397] kunit_kmalloc_array+0x34/0x88 [ 18.646493] copy_user_test_oob+0xac/0xec8 [ 18.646621] kunit_try_run_case+0x170/0x3f0 [ 18.646679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.646744] kthread+0x328/0x630 [ 18.646779] ret_from_fork+0x10/0x20 [ 18.646850] [ 18.646870] The buggy address belongs to the object at fff00000c7025e00 [ 18.646870] which belongs to the cache kmalloc-128 of size 128 [ 18.646930] The buggy address is located 0 bytes inside of [ 18.646930] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.647192] [ 18.647234] The buggy address belongs to the physical page: [ 18.647267] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.647672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.647729] page_type: f5(slab) [ 18.647768] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.647822] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.647864] page dumped because: kasan: bad access detected [ 18.647900] [ 18.647931] Memory state around the buggy address: [ 18.648063] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.648108] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.648153] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.648192] ^ [ 18.648236] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.648282] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.648323] ================================================================== [ 18.648809] ================================================================== [ 18.648870] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.649038] Write of size 1 at addr fff00000c7025e78 by task kunit_try_catch/285 [ 18.649116] [ 18.649156] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.649237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.649265] Hardware name: linux,dummy-virt (DT) [ 18.649296] Call trace: [ 18.649319] show_stack+0x20/0x38 (C) [ 18.649368] dump_stack_lvl+0x8c/0xd0 [ 18.649422] print_report+0x118/0x5d0 [ 18.649656] kasan_report+0xdc/0x128 [ 18.649907] __asan_report_store1_noabort+0x20/0x30 [ 18.650103] strncpy_from_user+0x270/0x2a0 [ 18.650187] copy_user_test_oob+0x5c0/0xec8 [ 18.650428] kunit_try_run_case+0x170/0x3f0 [ 18.650592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.650645] kthread+0x328/0x630 [ 18.650694] ret_from_fork+0x10/0x20 [ 18.650742] [ 18.650763] Allocated by task 285: [ 18.650792] kasan_save_stack+0x3c/0x68 [ 18.650835] kasan_save_track+0x20/0x40 [ 18.650875] kasan_save_alloc_info+0x40/0x58 [ 18.650915] __kasan_kmalloc+0xd4/0xd8 [ 18.650954] __kmalloc_noprof+0x198/0x4c8 [ 18.650992] kunit_kmalloc_array+0x34/0x88 [ 18.651042] copy_user_test_oob+0xac/0xec8 [ 18.651823] kunit_try_run_case+0x170/0x3f0 [ 18.652027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.652166] kthread+0x328/0x630 [ 18.652201] ret_from_fork+0x10/0x20 [ 18.652249] [ 18.652272] The buggy address belongs to the object at fff00000c7025e00 [ 18.652272] which belongs to the cache kmalloc-128 of size 128 [ 18.652332] The buggy address is located 0 bytes to the right of [ 18.652332] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.652469] [ 18.652492] The buggy address belongs to the physical page: [ 18.652524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.652577] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.652626] page_type: f5(slab) [ 18.652688] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.652922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.652984] page dumped because: kasan: bad access detected [ 18.653043] [ 18.653064] Memory state around the buggy address: [ 18.653097] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.653142] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653186] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.653460] ^ [ 18.653538] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653688] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.653729] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.628465] ================================================================== [ 18.628617] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.628677] Read of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.628732] [ 18.628764] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.628846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.628904] Hardware name: linux,dummy-virt (DT) [ 18.628946] Call trace: [ 18.628972] show_stack+0x20/0x38 (C) [ 18.629019] dump_stack_lvl+0x8c/0xd0 [ 18.629075] print_report+0x118/0x5d0 [ 18.629185] kasan_report+0xdc/0x128 [ 18.629231] kasan_check_range+0x100/0x1a8 [ 18.629278] __kasan_check_read+0x20/0x30 [ 18.629324] copy_user_test_oob+0x3c8/0xec8 [ 18.629371] kunit_try_run_case+0x170/0x3f0 [ 18.629420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.629473] kthread+0x328/0x630 [ 18.629514] ret_from_fork+0x10/0x20 [ 18.629738] [ 18.629834] Allocated by task 285: [ 18.629915] kasan_save_stack+0x3c/0x68 [ 18.629957] kasan_save_track+0x20/0x40 [ 18.630098] kasan_save_alloc_info+0x40/0x58 [ 18.630300] __kasan_kmalloc+0xd4/0xd8 [ 18.630361] __kmalloc_noprof+0x198/0x4c8 [ 18.630405] kunit_kmalloc_array+0x34/0x88 [ 18.630618] copy_user_test_oob+0xac/0xec8 [ 18.630659] kunit_try_run_case+0x170/0x3f0 [ 18.630707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.630751] kthread+0x328/0x630 [ 18.630784] ret_from_fork+0x10/0x20 [ 18.630822] [ 18.630843] The buggy address belongs to the object at fff00000c7025e00 [ 18.630843] which belongs to the cache kmalloc-128 of size 128 [ 18.630902] The buggy address is located 0 bytes inside of [ 18.630902] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.630963] [ 18.630986] The buggy address belongs to the physical page: [ 18.631025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.631080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.631126] page_type: f5(slab) [ 18.631166] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.631217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.631273] page dumped because: kasan: bad access detected [ 18.631342] [ 18.631382] Memory state around the buggy address: [ 18.631730] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.631776] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.631821] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.631861] ^ [ 18.631904] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.631950] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.632005] ================================================================== [ 18.623019] ================================================================== [ 18.623097] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.623153] Write of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.623207] [ 18.623240] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.623325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.623354] Hardware name: linux,dummy-virt (DT) [ 18.623387] Call trace: [ 18.623414] show_stack+0x20/0x38 (C) [ 18.623479] dump_stack_lvl+0x8c/0xd0 [ 18.623528] print_report+0x118/0x5d0 [ 18.623577] kasan_report+0xdc/0x128 [ 18.623623] kasan_check_range+0x100/0x1a8 [ 18.623837] __kasan_check_write+0x20/0x30 [ 18.623970] copy_user_test_oob+0x35c/0xec8 [ 18.624129] kunit_try_run_case+0x170/0x3f0 [ 18.624191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.624246] kthread+0x328/0x630 [ 18.624288] ret_from_fork+0x10/0x20 [ 18.624363] [ 18.624421] Allocated by task 285: [ 18.624477] kasan_save_stack+0x3c/0x68 [ 18.624653] kasan_save_track+0x20/0x40 [ 18.624725] kasan_save_alloc_info+0x40/0x58 [ 18.624831] __kasan_kmalloc+0xd4/0xd8 [ 18.624891] __kmalloc_noprof+0x198/0x4c8 [ 18.625063] kunit_kmalloc_array+0x34/0x88 [ 18.625129] copy_user_test_oob+0xac/0xec8 [ 18.625179] kunit_try_run_case+0x170/0x3f0 [ 18.625221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.625268] kthread+0x328/0x630 [ 18.625302] ret_from_fork+0x10/0x20 [ 18.625386] [ 18.625472] The buggy address belongs to the object at fff00000c7025e00 [ 18.625472] which belongs to the cache kmalloc-128 of size 128 [ 18.625577] The buggy address is located 0 bytes inside of [ 18.625577] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.626474] [ 18.626507] The buggy address belongs to the physical page: [ 18.626568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.626681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.626733] page_type: f5(slab) [ 18.626773] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.626824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.626870] page dumped because: kasan: bad access detected [ 18.626902] [ 18.626923] Memory state around the buggy address: [ 18.626959] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.627024] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.627135] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.627276] ^ [ 18.627466] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.627510] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.627604] ================================================================== [ 18.637205] ================================================================== [ 18.637256] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.637303] Read of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.637355] [ 18.637388] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.637697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.637730] Hardware name: linux,dummy-virt (DT) [ 18.637762] Call trace: [ 18.637786] show_stack+0x20/0x38 (C) [ 18.637835] dump_stack_lvl+0x8c/0xd0 [ 18.637881] print_report+0x118/0x5d0 [ 18.637927] kasan_report+0xdc/0x128 [ 18.637974] kasan_check_range+0x100/0x1a8 [ 18.638024] __kasan_check_read+0x20/0x30 [ 18.638078] copy_user_test_oob+0x4a0/0xec8 [ 18.638235] kunit_try_run_case+0x170/0x3f0 [ 18.638326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.638581] kthread+0x328/0x630 [ 18.639194] ret_from_fork+0x10/0x20 [ 18.639566] [ 18.639928] Allocated by task 285: [ 18.639980] kasan_save_stack+0x3c/0x68 [ 18.640026] kasan_save_track+0x20/0x40 [ 18.640066] kasan_save_alloc_info+0x40/0x58 [ 18.640283] __kasan_kmalloc+0xd4/0xd8 [ 18.640493] __kmalloc_noprof+0x198/0x4c8 [ 18.640534] kunit_kmalloc_array+0x34/0x88 [ 18.640573] copy_user_test_oob+0xac/0xec8 [ 18.640772] kunit_try_run_case+0x170/0x3f0 [ 18.640815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.640881] kthread+0x328/0x630 [ 18.640915] ret_from_fork+0x10/0x20 [ 18.640953] [ 18.640975] The buggy address belongs to the object at fff00000c7025e00 [ 18.640975] which belongs to the cache kmalloc-128 of size 128 [ 18.641342] The buggy address is located 0 bytes inside of [ 18.641342] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.641408] [ 18.641430] The buggy address belongs to the physical page: [ 18.641462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.641515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.641567] page_type: f5(slab) [ 18.641606] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.641884] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.642051] page dumped because: kasan: bad access detected [ 18.642087] [ 18.642109] Memory state around the buggy address: [ 18.642168] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.642533] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.642695] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.642736] ^ [ 18.642782] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.643072] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.643135] ================================================================== [ 18.632329] ================================================================== [ 18.632382] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.632430] Write of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.632482] [ 18.632523] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.632606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.632635] Hardware name: linux,dummy-virt (DT) [ 18.632680] Call trace: [ 18.632703] show_stack+0x20/0x38 (C) [ 18.632750] dump_stack_lvl+0x8c/0xd0 [ 18.632808] print_report+0x118/0x5d0 [ 18.632856] kasan_report+0xdc/0x128 [ 18.632901] kasan_check_range+0x100/0x1a8 [ 18.632961] __kasan_check_write+0x20/0x30 [ 18.633008] copy_user_test_oob+0x434/0xec8 [ 18.633056] kunit_try_run_case+0x170/0x3f0 [ 18.633102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.633156] kthread+0x328/0x630 [ 18.633197] ret_from_fork+0x10/0x20 [ 18.633262] [ 18.633285] Allocated by task 285: [ 18.633313] kasan_save_stack+0x3c/0x68 [ 18.633354] kasan_save_track+0x20/0x40 [ 18.633393] kasan_save_alloc_info+0x40/0x58 [ 18.633435] __kasan_kmalloc+0xd4/0xd8 [ 18.633473] __kmalloc_noprof+0x198/0x4c8 [ 18.633514] kunit_kmalloc_array+0x34/0x88 [ 18.633553] copy_user_test_oob+0xac/0xec8 [ 18.633592] kunit_try_run_case+0x170/0x3f0 [ 18.633637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.633878] kthread+0x328/0x630 [ 18.633920] ret_from_fork+0x10/0x20 [ 18.634077] [ 18.634103] The buggy address belongs to the object at fff00000c7025e00 [ 18.634103] which belongs to the cache kmalloc-128 of size 128 [ 18.634260] The buggy address is located 0 bytes inside of [ 18.634260] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.634437] [ 18.634458] The buggy address belongs to the physical page: [ 18.634495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.635288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.635735] page_type: f5(slab) [ 18.635847] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.635973] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.636081] page dumped because: kasan: bad access detected [ 18.636135] [ 18.636256] Memory state around the buggy address: [ 18.636290] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.636342] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636391] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.636709] ^ [ 18.636752] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636797] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.636838] ================================================================== [ 18.606827] ================================================================== [ 18.606889] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.606943] Read of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.606996] [ 18.608248] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.608354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.608691] Hardware name: linux,dummy-virt (DT) [ 18.609297] Call trace: [ 18.609414] show_stack+0x20/0x38 (C) [ 18.609831] dump_stack_lvl+0x8c/0xd0 [ 18.610066] print_report+0x118/0x5d0 [ 18.610318] kasan_report+0xdc/0x128 [ 18.610423] kasan_check_range+0x100/0x1a8 [ 18.610616] __kasan_check_read+0x20/0x30 [ 18.610782] copy_user_test_oob+0x728/0xec8 [ 18.611029] kunit_try_run_case+0x170/0x3f0 [ 18.611143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.611308] kthread+0x328/0x630 [ 18.611585] ret_from_fork+0x10/0x20 [ 18.611705] [ 18.611778] Allocated by task 285: [ 18.611842] kasan_save_stack+0x3c/0x68 [ 18.612200] kasan_save_track+0x20/0x40 [ 18.612368] kasan_save_alloc_info+0x40/0x58 [ 18.612449] __kasan_kmalloc+0xd4/0xd8 [ 18.612605] __kmalloc_noprof+0x198/0x4c8 [ 18.612647] kunit_kmalloc_array+0x34/0x88 [ 18.612973] copy_user_test_oob+0xac/0xec8 [ 18.613034] kunit_try_run_case+0x170/0x3f0 [ 18.613077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.613123] kthread+0x328/0x630 [ 18.613157] ret_from_fork+0x10/0x20 [ 18.613195] [ 18.613218] The buggy address belongs to the object at fff00000c7025e00 [ 18.613218] which belongs to the cache kmalloc-128 of size 128 [ 18.613280] The buggy address is located 0 bytes inside of [ 18.613280] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.613345] [ 18.613369] The buggy address belongs to the physical page: [ 18.613499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.613582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.613634] page_type: f5(slab) [ 18.613696] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.613760] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.613819] page dumped because: kasan: bad access detected [ 18.613852] [ 18.613872] Memory state around the buggy address: [ 18.613906] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.613952] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.614007] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.614057] ^ [ 18.614099] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.614143] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.614185] ================================================================== [ 18.589773] ================================================================== [ 18.590052] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.590467] Write of size 121 at addr fff00000c7025e00 by task kunit_try_catch/285 [ 18.590545] [ 18.590892] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.591007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.591038] Hardware name: linux,dummy-virt (DT) [ 18.591425] Call trace: [ 18.591493] show_stack+0x20/0x38 (C) [ 18.591731] dump_stack_lvl+0x8c/0xd0 [ 18.592085] print_report+0x118/0x5d0 [ 18.592190] kasan_report+0xdc/0x128 [ 18.592258] kasan_check_range+0x100/0x1a8 [ 18.592604] __kasan_check_write+0x20/0x30 [ 18.592728] copy_user_test_oob+0x234/0xec8 [ 18.592842] kunit_try_run_case+0x170/0x3f0 [ 18.593206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.593544] kthread+0x328/0x630 [ 18.593652] ret_from_fork+0x10/0x20 [ 18.594095] [ 18.594144] Allocated by task 285: [ 18.594232] kasan_save_stack+0x3c/0x68 [ 18.594329] kasan_save_track+0x20/0x40 [ 18.594482] kasan_save_alloc_info+0x40/0x58 [ 18.594541] __kasan_kmalloc+0xd4/0xd8 [ 18.594930] __kmalloc_noprof+0x198/0x4c8 [ 18.595063] kunit_kmalloc_array+0x34/0x88 [ 18.595156] copy_user_test_oob+0xac/0xec8 [ 18.595322] kunit_try_run_case+0x170/0x3f0 [ 18.595725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.595808] kthread+0x328/0x630 [ 18.595950] ret_from_fork+0x10/0x20 [ 18.596028] [ 18.596142] The buggy address belongs to the object at fff00000c7025e00 [ 18.596142] which belongs to the cache kmalloc-128 of size 128 [ 18.596209] The buggy address is located 0 bytes inside of [ 18.596209] allocated 120-byte region [fff00000c7025e00, fff00000c7025e78) [ 18.596274] [ 18.597086] The buggy address belongs to the physical page: [ 18.597231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.597328] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.597894] page_type: f5(slab) [ 18.598004] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.598070] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.598204] page dumped because: kasan: bad access detected [ 18.598265] [ 18.598286] Memory state around the buggy address: [ 18.598371] fff00000c7025d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.598741] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.598951] >fff00000c7025e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.599037] ^ [ 18.599371] fff00000c7025e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.599544] fff00000c7025f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.599612] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.542876] ================================================================== [ 18.542945] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.543208] Write of size 8 at addr fff00000c7025d78 by task kunit_try_catch/281 [ 18.543467] [ 18.543515] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.543744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.543812] Hardware name: linux,dummy-virt (DT) [ 18.543926] Call trace: [ 18.543986] show_stack+0x20/0x38 (C) [ 18.544088] dump_stack_lvl+0x8c/0xd0 [ 18.544153] print_report+0x118/0x5d0 [ 18.544616] kasan_report+0xdc/0x128 [ 18.544821] kasan_check_range+0x100/0x1a8 [ 18.544930] __kasan_check_write+0x20/0x30 [ 18.545027] copy_to_kernel_nofault+0x8c/0x250 [ 18.545340] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.545545] kunit_try_run_case+0x170/0x3f0 [ 18.546082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.546462] kthread+0x328/0x630 [ 18.546525] ret_from_fork+0x10/0x20 [ 18.546621] [ 18.546743] Allocated by task 281: [ 18.546811] kasan_save_stack+0x3c/0x68 [ 18.546875] kasan_save_track+0x20/0x40 [ 18.547234] kasan_save_alloc_info+0x40/0x58 [ 18.547598] __kasan_kmalloc+0xd4/0xd8 [ 18.547711] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.548170] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.548551] kunit_try_run_case+0x170/0x3f0 [ 18.548788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.548907] kthread+0x328/0x630 [ 18.549041] ret_from_fork+0x10/0x20 [ 18.549187] [ 18.549267] The buggy address belongs to the object at fff00000c7025d00 [ 18.549267] which belongs to the cache kmalloc-128 of size 128 [ 18.549393] The buggy address is located 0 bytes to the right of [ 18.549393] allocated 120-byte region [fff00000c7025d00, fff00000c7025d78) [ 18.549483] [ 18.549782] The buggy address belongs to the physical page: [ 18.549942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.550011] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.550270] page_type: f5(slab) [ 18.550323] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.550537] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.550772] page dumped because: kasan: bad access detected [ 18.551040] [ 18.551280] Memory state around the buggy address: [ 18.551351] fff00000c7025c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.551413] fff00000c7025c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.551884] >fff00000c7025d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.551999] ^ [ 18.552050] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.552539] fff00000c7025e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.552851] ================================================================== [ 18.536119] ================================================================== [ 18.536398] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.536478] Read of size 8 at addr fff00000c7025d78 by task kunit_try_catch/281 [ 18.536533] [ 18.536573] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.537287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.537365] Hardware name: linux,dummy-virt (DT) [ 18.537431] Call trace: [ 18.537469] show_stack+0x20/0x38 (C) [ 18.537526] dump_stack_lvl+0x8c/0xd0 [ 18.537755] print_report+0x118/0x5d0 [ 18.538013] kasan_report+0xdc/0x128 [ 18.538095] __asan_report_load8_noabort+0x20/0x30 [ 18.538211] copy_to_kernel_nofault+0x204/0x250 [ 18.538266] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.538318] kunit_try_run_case+0x170/0x3f0 [ 18.538788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.538889] kthread+0x328/0x630 [ 18.538974] ret_from_fork+0x10/0x20 [ 18.539027] [ 18.539158] Allocated by task 281: [ 18.539194] kasan_save_stack+0x3c/0x68 [ 18.539239] kasan_save_track+0x20/0x40 [ 18.539485] kasan_save_alloc_info+0x40/0x58 [ 18.539795] __kasan_kmalloc+0xd4/0xd8 [ 18.540050] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.540249] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.540412] kunit_try_run_case+0x170/0x3f0 [ 18.540458] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540504] kthread+0x328/0x630 [ 18.540538] ret_from_fork+0x10/0x20 [ 18.540577] [ 18.540600] The buggy address belongs to the object at fff00000c7025d00 [ 18.540600] which belongs to the cache kmalloc-128 of size 128 [ 18.540674] The buggy address is located 0 bytes to the right of [ 18.540674] allocated 120-byte region [fff00000c7025d00, fff00000c7025d78) [ 18.540742] [ 18.540859] The buggy address belongs to the physical page: [ 18.540913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 18.541005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.541069] page_type: f5(slab) [ 18.541130] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.541194] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.541253] page dumped because: kasan: bad access detected [ 18.541296] [ 18.541336] Memory state around the buggy address: [ 18.541384] fff00000c7025c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.541439] fff00000c7025c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541482] >fff00000c7025d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.541523] ^ [ 18.541576] fff00000c7025d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541621] fff00000c7025e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541947] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.477238] ================================================================== [ 18.477290] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.478053] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 18.478380] [ 18.478445] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.478536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.478566] Hardware name: linux,dummy-virt (DT) [ 18.478751] Call trace: [ 18.478941] show_stack+0x20/0x38 (C) [ 18.479145] dump_stack_lvl+0x8c/0xd0 [ 18.479217] print_report+0x310/0x5d0 [ 18.479759] kasan_report+0xdc/0x128 [ 18.480011] __asan_report_load1_noabort+0x20/0x30 [ 18.480232] vmalloc_oob+0x51c/0x5d0 [ 18.480408] kunit_try_run_case+0x170/0x3f0 [ 18.480628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.480895] kthread+0x328/0x630 [ 18.481025] ret_from_fork+0x10/0x20 [ 18.481159] [ 18.481425] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.481643] The buggy address belongs to the physical page: [ 18.481903] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c2 [ 18.482171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.482503] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.482704] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.482804] page dumped because: kasan: bad access detected [ 18.482861] [ 18.482882] Memory state around the buggy address: [ 18.483081] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.483298] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.483352] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.483570] ^ [ 18.483791] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.483851] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.484182] ================================================================== [ 18.469402] ================================================================== [ 18.469494] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.469822] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 18.470106] [ 18.470149] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.470462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.470856] Hardware name: linux,dummy-virt (DT) [ 18.470908] Call trace: [ 18.470935] show_stack+0x20/0x38 (C) [ 18.471138] dump_stack_lvl+0x8c/0xd0 [ 18.471472] print_report+0x310/0x5d0 [ 18.471535] kasan_report+0xdc/0x128 [ 18.471593] __asan_report_load1_noabort+0x20/0x30 [ 18.471906] vmalloc_oob+0x578/0x5d0 [ 18.472262] kunit_try_run_case+0x170/0x3f0 [ 18.472575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.472747] kthread+0x328/0x630 [ 18.472795] ret_from_fork+0x10/0x20 [ 18.473024] [ 18.473280] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.473371] The buggy address belongs to the physical page: [ 18.473407] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c2 [ 18.473836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.473912] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.474347] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.474475] page dumped because: kasan: bad access detected [ 18.474560] [ 18.474780] Memory state around the buggy address: [ 18.475019] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.475143] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.475348] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.475716] ^ [ 18.475807] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.475859] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.476081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.184125] ================================================================== [ 18.184246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.184486] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.184786] [ 18.184885] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.184974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.185002] Hardware name: linux,dummy-virt (DT) [ 18.185035] Call trace: [ 18.185259] show_stack+0x20/0x38 (C) [ 18.185384] dump_stack_lvl+0x8c/0xd0 [ 18.185433] print_report+0x118/0x5d0 [ 18.185480] kasan_report+0xdc/0x128 [ 18.185535] kasan_check_range+0x100/0x1a8 [ 18.186110] __kasan_check_read+0x20/0x30 [ 18.186349] kasan_atomics_helper+0xdd4/0x4858 [ 18.186411] kasan_atomics+0x198/0x2e0 [ 18.186743] kunit_try_run_case+0x170/0x3f0 [ 18.186929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.186993] kthread+0x328/0x630 [ 18.187038] ret_from_fork+0x10/0x20 [ 18.187094] [ 18.187115] Allocated by task 265: [ 18.187360] kasan_save_stack+0x3c/0x68 [ 18.187617] kasan_save_track+0x20/0x40 [ 18.187823] kasan_save_alloc_info+0x40/0x58 [ 18.188061] __kasan_kmalloc+0xd4/0xd8 [ 18.188215] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.188265] kasan_atomics+0xb8/0x2e0 [ 18.188320] kunit_try_run_case+0x170/0x3f0 [ 18.188363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.188425] kthread+0x328/0x630 [ 18.188461] ret_from_fork+0x10/0x20 [ 18.188508] [ 18.188532] The buggy address belongs to the object at fff00000c78be300 [ 18.188532] which belongs to the cache kmalloc-64 of size 64 [ 18.188594] The buggy address is located 0 bytes to the right of [ 18.188594] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.188660] [ 18.188694] The buggy address belongs to the physical page: [ 18.188730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.188795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.188852] page_type: f5(slab) [ 18.188901] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.188963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.189005] page dumped because: kasan: bad access detected [ 18.189049] [ 18.189087] Memory state around the buggy address: [ 18.189121] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.189174] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.189228] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.189275] ^ [ 18.189310] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.189355] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.189401] ================================================================== [ 18.209514] ================================================================== [ 18.209747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.210029] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.210093] [ 18.210126] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.210638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.210700] Hardware name: linux,dummy-virt (DT) [ 18.210736] Call trace: [ 18.210868] show_stack+0x20/0x38 (C) [ 18.210934] dump_stack_lvl+0x8c/0xd0 [ 18.210989] print_report+0x118/0x5d0 [ 18.211039] kasan_report+0xdc/0x128 [ 18.211089] __asan_report_store8_noabort+0x20/0x30 [ 18.211779] kasan_atomics_helper+0x3e5c/0x4858 [ 18.211897] kasan_atomics+0x198/0x2e0 [ 18.211986] kunit_try_run_case+0x170/0x3f0 [ 18.212223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.212584] kthread+0x328/0x630 [ 18.212747] ret_from_fork+0x10/0x20 [ 18.213146] [ 18.213313] Allocated by task 265: [ 18.213416] kasan_save_stack+0x3c/0x68 [ 18.213504] kasan_save_track+0x20/0x40 [ 18.213556] kasan_save_alloc_info+0x40/0x58 [ 18.213811] __kasan_kmalloc+0xd4/0xd8 [ 18.213992] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.214123] kasan_atomics+0xb8/0x2e0 [ 18.214213] kunit_try_run_case+0x170/0x3f0 [ 18.214410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.214648] kthread+0x328/0x630 [ 18.214728] ret_from_fork+0x10/0x20 [ 18.214887] [ 18.214911] The buggy address belongs to the object at fff00000c78be300 [ 18.214911] which belongs to the cache kmalloc-64 of size 64 [ 18.215112] The buggy address is located 0 bytes to the right of [ 18.215112] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.215348] [ 18.215375] The buggy address belongs to the physical page: [ 18.215409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.215855] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.216038] page_type: f5(slab) [ 18.216127] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.216432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.216617] page dumped because: kasan: bad access detected [ 18.216836] [ 18.217013] Memory state around the buggy address: [ 18.217065] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.217150] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.217337] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.217603] ^ [ 18.217809] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.218156] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.218567] ================================================================== [ 18.061419] ================================================================== [ 18.061507] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 18.061560] Write of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.061614] [ 18.061960] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.062184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.062226] Hardware name: linux,dummy-virt (DT) [ 18.062273] Call trace: [ 18.062301] show_stack+0x20/0x38 (C) [ 18.062352] dump_stack_lvl+0x8c/0xd0 [ 18.062400] print_report+0x118/0x5d0 [ 18.062591] kasan_report+0xdc/0x128 [ 18.062801] kasan_check_range+0x100/0x1a8 [ 18.063032] __kasan_check_write+0x20/0x30 [ 18.063249] kasan_atomics_helper+0x99c/0x4858 [ 18.063454] kasan_atomics+0x198/0x2e0 [ 18.063575] kunit_try_run_case+0x170/0x3f0 [ 18.063964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.064059] kthread+0x328/0x630 [ 18.064192] ret_from_fork+0x10/0x20 [ 18.064309] [ 18.064440] Allocated by task 265: [ 18.064511] kasan_save_stack+0x3c/0x68 [ 18.064690] kasan_save_track+0x20/0x40 [ 18.064769] kasan_save_alloc_info+0x40/0x58 [ 18.065129] __kasan_kmalloc+0xd4/0xd8 [ 18.065302] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.065481] kasan_atomics+0xb8/0x2e0 [ 18.065572] kunit_try_run_case+0x170/0x3f0 [ 18.065916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.066263] kthread+0x328/0x630 [ 18.066361] ret_from_fork+0x10/0x20 [ 18.066700] [ 18.066832] The buggy address belongs to the object at fff00000c78be300 [ 18.066832] which belongs to the cache kmalloc-64 of size 64 [ 18.066957] The buggy address is located 0 bytes to the right of [ 18.066957] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.067089] [ 18.067148] The buggy address belongs to the physical page: [ 18.067289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.067346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.067403] page_type: f5(slab) [ 18.067449] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.067731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.067971] page dumped because: kasan: bad access detected [ 18.068139] [ 18.068221] Memory state around the buggy address: [ 18.068343] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.068507] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.068856] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.068973] ^ [ 18.069044] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.069181] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.069270] ================================================================== [ 18.080449] ================================================================== [ 18.080524] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 18.080579] Write of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.080926] [ 18.080976] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.081065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.081094] Hardware name: linux,dummy-virt (DT) [ 18.081126] Call trace: [ 18.081151] show_stack+0x20/0x38 (C) [ 18.081202] dump_stack_lvl+0x8c/0xd0 [ 18.081250] print_report+0x118/0x5d0 [ 18.081299] kasan_report+0xdc/0x128 [ 18.081363] kasan_check_range+0x100/0x1a8 [ 18.081415] __kasan_check_write+0x20/0x30 [ 18.081463] kasan_atomics_helper+0xa6c/0x4858 [ 18.081522] kasan_atomics+0x198/0x2e0 [ 18.081580] kunit_try_run_case+0x170/0x3f0 [ 18.081628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.081696] kthread+0x328/0x630 [ 18.081747] ret_from_fork+0x10/0x20 [ 18.081809] [ 18.081832] Allocated by task 265: [ 18.081868] kasan_save_stack+0x3c/0x68 [ 18.081913] kasan_save_track+0x20/0x40 [ 18.081953] kasan_save_alloc_info+0x40/0x58 [ 18.082004] __kasan_kmalloc+0xd4/0xd8 [ 18.082045] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.082087] kasan_atomics+0xb8/0x2e0 [ 18.082125] kunit_try_run_case+0x170/0x3f0 [ 18.082174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.082220] kthread+0x328/0x630 [ 18.082263] ret_from_fork+0x10/0x20 [ 18.082307] [ 18.082329] The buggy address belongs to the object at fff00000c78be300 [ 18.082329] which belongs to the cache kmalloc-64 of size 64 [ 18.082394] The buggy address is located 0 bytes to the right of [ 18.082394] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.082474] [ 18.082499] The buggy address belongs to the physical page: [ 18.082542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.082596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.082647] page_type: f5(slab) [ 18.082696] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.083162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.083221] page dumped because: kasan: bad access detected [ 18.083297] [ 18.083321] Memory state around the buggy address: [ 18.083758] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.083828] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.083910] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.083990] ^ [ 18.084037] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.084272] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.084453] ================================================================== [ 18.403791] ================================================================== [ 18.403899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.404084] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.404146] [ 18.404272] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.404394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.404492] Hardware name: linux,dummy-virt (DT) [ 18.404554] Call trace: [ 18.404581] show_stack+0x20/0x38 (C) [ 18.404649] dump_stack_lvl+0x8c/0xd0 [ 18.405047] print_report+0x118/0x5d0 [ 18.405288] kasan_report+0xdc/0x128 [ 18.405352] __asan_report_load8_noabort+0x20/0x30 [ 18.405406] kasan_atomics_helper+0x3df4/0x4858 [ 18.405599] kasan_atomics+0x198/0x2e0 [ 18.405768] kunit_try_run_case+0x170/0x3f0 [ 18.405823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405885] kthread+0x328/0x630 [ 18.405928] ret_from_fork+0x10/0x20 [ 18.405976] [ 18.405997] Allocated by task 265: [ 18.406421] kasan_save_stack+0x3c/0x68 [ 18.406574] kasan_save_track+0x20/0x40 [ 18.406623] kasan_save_alloc_info+0x40/0x58 [ 18.406850] __kasan_kmalloc+0xd4/0xd8 [ 18.406894] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.406950] kasan_atomics+0xb8/0x2e0 [ 18.406989] kunit_try_run_case+0x170/0x3f0 [ 18.407286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.407344] kthread+0x328/0x630 [ 18.407517] ret_from_fork+0x10/0x20 [ 18.407705] [ 18.407751] The buggy address belongs to the object at fff00000c78be300 [ 18.407751] which belongs to the cache kmalloc-64 of size 64 [ 18.408115] The buggy address is located 0 bytes to the right of [ 18.408115] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.408259] [ 18.408319] The buggy address belongs to the physical page: [ 18.408484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.408579] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.408755] page_type: f5(slab) [ 18.408803] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.408857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.408908] page dumped because: kasan: bad access detected [ 18.409100] [ 18.409396] Memory state around the buggy address: [ 18.409784] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.410013] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.410097] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.410522] ^ [ 18.410828] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411101] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.411188] ================================================================== [ 18.155994] ================================================================== [ 18.156048] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.156102] Read of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.156736] [ 18.157063] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.157404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.157550] Hardware name: linux,dummy-virt (DT) [ 18.157606] Call trace: [ 18.157632] show_stack+0x20/0x38 (C) [ 18.157793] dump_stack_lvl+0x8c/0xd0 [ 18.157865] print_report+0x118/0x5d0 [ 18.158056] kasan_report+0xdc/0x128 [ 18.158119] __asan_report_load4_noabort+0x20/0x30 [ 18.158174] kasan_atomics_helper+0x3dd8/0x4858 [ 18.158355] kasan_atomics+0x198/0x2e0 [ 18.158417] kunit_try_run_case+0x170/0x3f0 [ 18.158466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.158823] kthread+0x328/0x630 [ 18.158977] ret_from_fork+0x10/0x20 [ 18.159034] [ 18.159112] Allocated by task 265: [ 18.159223] kasan_save_stack+0x3c/0x68 [ 18.159446] kasan_save_track+0x20/0x40 [ 18.159755] kasan_save_alloc_info+0x40/0x58 [ 18.160018] __kasan_kmalloc+0xd4/0xd8 [ 18.160360] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.160554] kasan_atomics+0xb8/0x2e0 [ 18.160696] kunit_try_run_case+0x170/0x3f0 [ 18.160965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.161196] kthread+0x328/0x630 [ 18.161312] ret_from_fork+0x10/0x20 [ 18.161392] [ 18.161465] The buggy address belongs to the object at fff00000c78be300 [ 18.161465] which belongs to the cache kmalloc-64 of size 64 [ 18.161650] The buggy address is located 0 bytes to the right of [ 18.161650] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.161907] [ 18.161943] The buggy address belongs to the physical page: [ 18.162042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.162201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.162438] page_type: f5(slab) [ 18.162580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.162649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.162753] page dumped because: kasan: bad access detected [ 18.162942] [ 18.162968] Memory state around the buggy address: [ 18.163198] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.163582] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.163733] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.163838] ^ [ 18.164036] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.164398] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.164487] ================================================================== [ 18.254566] ================================================================== [ 18.254650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.255174] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.255296] [ 18.255420] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.255567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.255739] Hardware name: linux,dummy-virt (DT) [ 18.255986] Call trace: [ 18.256134] show_stack+0x20/0x38 (C) [ 18.256210] dump_stack_lvl+0x8c/0xd0 [ 18.256718] print_report+0x118/0x5d0 [ 18.256790] kasan_report+0xdc/0x128 [ 18.256875] kasan_check_range+0x100/0x1a8 [ 18.257290] __kasan_check_write+0x20/0x30 [ 18.257414] kasan_atomics_helper+0x1058/0x4858 [ 18.257684] kasan_atomics+0x198/0x2e0 [ 18.257940] kunit_try_run_case+0x170/0x3f0 [ 18.258092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.258190] kthread+0x328/0x630 [ 18.258557] ret_from_fork+0x10/0x20 [ 18.258772] [ 18.258808] Allocated by task 265: [ 18.258840] kasan_save_stack+0x3c/0x68 [ 18.259093] kasan_save_track+0x20/0x40 [ 18.259291] kasan_save_alloc_info+0x40/0x58 [ 18.259522] __kasan_kmalloc+0xd4/0xd8 [ 18.260242] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.260307] kasan_atomics+0xb8/0x2e0 [ 18.260366] kunit_try_run_case+0x170/0x3f0 [ 18.260540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.260634] kthread+0x328/0x630 [ 18.260848] ret_from_fork+0x10/0x20 [ 18.261216] [ 18.261387] The buggy address belongs to the object at fff00000c78be300 [ 18.261387] which belongs to the cache kmalloc-64 of size 64 [ 18.261687] The buggy address is located 0 bytes to the right of [ 18.261687] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.261905] [ 18.261931] The buggy address belongs to the physical page: [ 18.262191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.262554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.262784] page_type: f5(slab) [ 18.262921] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.263153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.263419] page dumped because: kasan: bad access detected [ 18.263488] [ 18.263532] Memory state around the buggy address: [ 18.263846] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.264200] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.264392] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.264609] ^ [ 18.264838] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.264975] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.265057] ================================================================== [ 18.311946] ================================================================== [ 18.312009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.312061] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.312427] [ 18.312478] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.312807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.313029] Hardware name: linux,dummy-virt (DT) [ 18.313073] Call trace: [ 18.313127] show_stack+0x20/0x38 (C) [ 18.313365] dump_stack_lvl+0x8c/0xd0 [ 18.313424] print_report+0x118/0x5d0 [ 18.313498] kasan_report+0xdc/0x128 [ 18.313546] kasan_check_range+0x100/0x1a8 [ 18.313954] __kasan_check_write+0x20/0x30 [ 18.314194] kasan_atomics_helper+0x12d8/0x4858 [ 18.314501] kasan_atomics+0x198/0x2e0 [ 18.314618] kunit_try_run_case+0x170/0x3f0 [ 18.314690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.314745] kthread+0x328/0x630 [ 18.314990] ret_from_fork+0x10/0x20 [ 18.315094] [ 18.315191] Allocated by task 265: [ 18.315263] kasan_save_stack+0x3c/0x68 [ 18.315327] kasan_save_track+0x20/0x40 [ 18.315374] kasan_save_alloc_info+0x40/0x58 [ 18.315415] __kasan_kmalloc+0xd4/0xd8 [ 18.315704] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.316143] kasan_atomics+0xb8/0x2e0 [ 18.316242] kunit_try_run_case+0x170/0x3f0 [ 18.316366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.317067] kthread+0x328/0x630 [ 18.317137] ret_from_fork+0x10/0x20 [ 18.317211] [ 18.317256] The buggy address belongs to the object at fff00000c78be300 [ 18.317256] which belongs to the cache kmalloc-64 of size 64 [ 18.317481] The buggy address is located 0 bytes to the right of [ 18.317481] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.317571] [ 18.317595] The buggy address belongs to the physical page: [ 18.317976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.318337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.318517] page_type: f5(slab) [ 18.318869] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.319216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.319348] page dumped because: kasan: bad access detected [ 18.319389] [ 18.319411] Memory state around the buggy address: [ 18.319447] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.319494] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.319539] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.319632] ^ [ 18.319695] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.319750] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.319805] ================================================================== [ 18.266440] ================================================================== [ 18.266495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.266548] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.266601] [ 18.266634] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.266733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.266762] Hardware name: linux,dummy-virt (DT) [ 18.266804] Call trace: [ 18.266830] show_stack+0x20/0x38 (C) [ 18.266881] dump_stack_lvl+0x8c/0xd0 [ 18.266929] print_report+0x118/0x5d0 [ 18.266985] kasan_report+0xdc/0x128 [ 18.267708] kasan_check_range+0x100/0x1a8 [ 18.267799] __kasan_check_write+0x20/0x30 [ 18.267876] kasan_atomics_helper+0x10c0/0x4858 [ 18.268142] kasan_atomics+0x198/0x2e0 [ 18.268249] kunit_try_run_case+0x170/0x3f0 [ 18.268414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.268476] kthread+0x328/0x630 [ 18.268519] ret_from_fork+0x10/0x20 [ 18.268943] [ 18.269127] Allocated by task 265: [ 18.269319] kasan_save_stack+0x3c/0x68 [ 18.269487] kasan_save_track+0x20/0x40 [ 18.269571] kasan_save_alloc_info+0x40/0x58 [ 18.269712] __kasan_kmalloc+0xd4/0xd8 [ 18.269753] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.270120] kasan_atomics+0xb8/0x2e0 [ 18.270887] kunit_try_run_case+0x170/0x3f0 [ 18.270944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.271025] kthread+0x328/0x630 [ 18.271080] ret_from_fork+0x10/0x20 [ 18.271159] [ 18.271294] The buggy address belongs to the object at fff00000c78be300 [ 18.271294] which belongs to the cache kmalloc-64 of size 64 [ 18.271700] The buggy address is located 0 bytes to the right of [ 18.271700] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.271805] [ 18.272076] The buggy address belongs to the physical page: [ 18.272127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.272417] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.272788] page_type: f5(slab) [ 18.273003] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.273088] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.273396] page dumped because: kasan: bad access detected [ 18.273653] [ 18.273843] Memory state around the buggy address: [ 18.274119] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.274492] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.274993] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.275156] ^ [ 18.275444] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.275798] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.275850] ================================================================== [ 18.350005] ================================================================== [ 18.350307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.350393] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.350620] [ 18.350776] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.351027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.351079] Hardware name: linux,dummy-virt (DT) [ 18.351182] Call trace: [ 18.351397] show_stack+0x20/0x38 (C) [ 18.351531] dump_stack_lvl+0x8c/0xd0 [ 18.351594] print_report+0x118/0x5d0 [ 18.351641] kasan_report+0xdc/0x128 [ 18.351821] kasan_check_range+0x100/0x1a8 [ 18.352055] __kasan_check_write+0x20/0x30 [ 18.352137] kasan_atomics_helper+0x147c/0x4858 [ 18.352493] kasan_atomics+0x198/0x2e0 [ 18.352738] kunit_try_run_case+0x170/0x3f0 [ 18.352922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.353030] kthread+0x328/0x630 [ 18.353092] ret_from_fork+0x10/0x20 [ 18.353141] [ 18.353501] Allocated by task 265: [ 18.353774] kasan_save_stack+0x3c/0x68 [ 18.354161] kasan_save_track+0x20/0x40 [ 18.354268] kasan_save_alloc_info+0x40/0x58 [ 18.354332] __kasan_kmalloc+0xd4/0xd8 [ 18.354414] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.354464] kasan_atomics+0xb8/0x2e0 [ 18.354501] kunit_try_run_case+0x170/0x3f0 [ 18.354553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.354611] kthread+0x328/0x630 [ 18.354645] ret_from_fork+0x10/0x20 [ 18.354697] [ 18.354731] The buggy address belongs to the object at fff00000c78be300 [ 18.354731] which belongs to the cache kmalloc-64 of size 64 [ 18.354792] The buggy address is located 0 bytes to the right of [ 18.354792] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.354867] [ 18.354898] The buggy address belongs to the physical page: [ 18.354933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.354986] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.355035] page_type: f5(slab) [ 18.355315] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.355827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.355898] page dumped because: kasan: bad access detected [ 18.355933] [ 18.355956] Memory state around the buggy address: [ 18.355991] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.356690] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.356933] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.357054] ^ [ 18.357428] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.357724] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.357945] ================================================================== [ 18.042038] ================================================================== [ 18.042092] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 18.042144] Read of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.042196] [ 18.042837] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.042968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.043040] Hardware name: linux,dummy-virt (DT) [ 18.043105] Call trace: [ 18.043170] show_stack+0x20/0x38 (C) [ 18.043293] dump_stack_lvl+0x8c/0xd0 [ 18.043382] print_report+0x118/0x5d0 [ 18.043701] kasan_report+0xdc/0x128 [ 18.043880] __asan_report_load4_noabort+0x20/0x30 [ 18.044015] kasan_atomics_helper+0x42d8/0x4858 [ 18.044172] kasan_atomics+0x198/0x2e0 [ 18.044264] kunit_try_run_case+0x170/0x3f0 [ 18.044597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.044761] kthread+0x328/0x630 [ 18.044847] ret_from_fork+0x10/0x20 [ 18.045604] kasan_save_track+0x20/0x40 [ 18.045991] kasan_save_alloc_info+0x40/0x58 [ 18.046541] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.047734] The buggy address is located 0 bytes to the right of [ 18.047734] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.048229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.048487] page dumped because: kasan: bad access detected [ 18.049370] ^ [ 18.053284] [ 18.053996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.054040] Hardware name: linux,dummy-virt (DT) [ 18.054079] Call trace: [ 18.054105] show_stack+0x20/0x38 (C) [ 18.054200] dump_stack_lvl+0x8c/0xd0 [ 18.054250] print_report+0x118/0x5d0 [ 18.054616] kasan_report+0xdc/0x128 [ 18.054741] kasan_check_range+0x100/0x1a8 [ 18.054793] __kasan_check_write+0x20/0x30 [ 18.054839] kasan_atomics_helper+0x934/0x4858 [ 18.055126] kasan_atomics+0x198/0x2e0 [ 18.055320] kunit_try_run_case+0x170/0x3f0 [ 18.055385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.055610] kthread+0x328/0x630 [ 18.055712] ret_from_fork+0x10/0x20 [ 18.055931] [ 18.056006] Allocated by task 265: [ 18.056124] kasan_save_stack+0x3c/0x68 [ 18.056364] kasan_save_track+0x20/0x40 [ 18.056873] kasan_save_alloc_info+0x40/0x58 [ 18.057021] __kasan_kmalloc+0xd4/0xd8 [ 18.057066] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.057133] kasan_atomics+0xb8/0x2e0 [ 18.057174] kunit_try_run_case+0x170/0x3f0 [ 18.057226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.057279] kthread+0x328/0x630 [ 18.057324] ret_from_fork+0x10/0x20 [ 18.057362] [ 18.057400] The buggy address belongs to the object at fff00000c78be300 [ 18.057400] which belongs to the cache kmalloc-64 of size 64 [ 18.057471] The buggy address is located 0 bytes to the right of [ 18.057471] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.057547] [ 18.057577] The buggy address belongs to the physical page: [ 18.057627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.057720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.057791] page_type: f5(slab) [ 18.057867] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.058419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.058684] page dumped because: kasan: bad access detected [ 18.058752] [ 18.058791] Memory state around the buggy address: [ 18.059019] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.059203] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.059378] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.059563] ^ [ 18.059790] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.059841] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060243] ================================================================== [ 18.330487] ================================================================== [ 18.330541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.330593] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.330695] [ 18.330730] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.330830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.330868] Hardware name: linux,dummy-virt (DT) [ 18.330902] Call trace: [ 18.330926] show_stack+0x20/0x38 (C) [ 18.330978] dump_stack_lvl+0x8c/0xd0 [ 18.331026] print_report+0x118/0x5d0 [ 18.331442] kasan_report+0xdc/0x128 [ 18.331748] __asan_report_load8_noabort+0x20/0x30 [ 18.331828] kasan_atomics_helper+0x3f04/0x4858 [ 18.331881] kasan_atomics+0x198/0x2e0 [ 18.331928] kunit_try_run_case+0x170/0x3f0 [ 18.332575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.332789] kthread+0x328/0x630 [ 18.332866] ret_from_fork+0x10/0x20 [ 18.333051] [ 18.333156] Allocated by task 265: [ 18.333300] kasan_save_stack+0x3c/0x68 [ 18.333604] kasan_save_track+0x20/0x40 [ 18.333854] kasan_save_alloc_info+0x40/0x58 [ 18.334030] __kasan_kmalloc+0xd4/0xd8 [ 18.334101] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.334145] kasan_atomics+0xb8/0x2e0 [ 18.334428] kunit_try_run_case+0x170/0x3f0 [ 18.334547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.334955] kthread+0x328/0x630 [ 18.335344] ret_from_fork+0x10/0x20 [ 18.335395] [ 18.335439] The buggy address belongs to the object at fff00000c78be300 [ 18.335439] which belongs to the cache kmalloc-64 of size 64 [ 18.335510] The buggy address is located 0 bytes to the right of [ 18.335510] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.335578] [ 18.335832] The buggy address belongs to the physical page: [ 18.336065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.336260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.336336] page_type: f5(slab) [ 18.336384] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.336446] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.336502] page dumped because: kasan: bad access detected [ 18.336542] [ 18.336563] Memory state around the buggy address: [ 18.336597] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.336643] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.337394] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.337448] ^ [ 18.337520] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.337577] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.337821] ================================================================== [ 18.385950] ================================================================== [ 18.386179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.386243] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.386295] [ 18.386508] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.386713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.386748] Hardware name: linux,dummy-virt (DT) [ 18.386784] Call trace: [ 18.386983] show_stack+0x20/0x38 (C) [ 18.387341] dump_stack_lvl+0x8c/0xd0 [ 18.387451] print_report+0x118/0x5d0 [ 18.387763] kasan_report+0xdc/0x128 [ 18.388030] __asan_report_load8_noabort+0x20/0x30 [ 18.388311] kasan_atomics_helper+0x3db0/0x4858 [ 18.388456] kasan_atomics+0x198/0x2e0 [ 18.388535] kunit_try_run_case+0x170/0x3f0 [ 18.388902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.389297] kthread+0x328/0x630 [ 18.389458] ret_from_fork+0x10/0x20 [ 18.389614] [ 18.389738] Allocated by task 265: [ 18.389792] kasan_save_stack+0x3c/0x68 [ 18.389998] kasan_save_track+0x20/0x40 [ 18.390286] kasan_save_alloc_info+0x40/0x58 [ 18.390367] __kasan_kmalloc+0xd4/0xd8 [ 18.390629] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.390858] kasan_atomics+0xb8/0x2e0 [ 18.390986] kunit_try_run_case+0x170/0x3f0 [ 18.391181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.391252] kthread+0x328/0x630 [ 18.391285] ret_from_fork+0x10/0x20 [ 18.391328] [ 18.391534] The buggy address belongs to the object at fff00000c78be300 [ 18.391534] which belongs to the cache kmalloc-64 of size 64 [ 18.392168] The buggy address is located 0 bytes to the right of [ 18.392168] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.392257] [ 18.392440] The buggy address belongs to the physical page: [ 18.392701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.392776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.393128] page_type: f5(slab) [ 18.393179] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.393685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.393853] page dumped because: kasan: bad access detected [ 18.393893] [ 18.393915] Memory state around the buggy address: [ 18.394323] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.394719] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.394774] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.395165] ^ [ 18.395513] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.395568] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.395610] ================================================================== [ 18.200038] ================================================================== [ 18.200324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.200520] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.200574] [ 18.200704] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.201010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.201055] Hardware name: linux,dummy-virt (DT) [ 18.201140] Call trace: [ 18.201168] show_stack+0x20/0x38 (C) [ 18.201401] dump_stack_lvl+0x8c/0xd0 [ 18.201466] print_report+0x118/0x5d0 [ 18.201565] kasan_report+0xdc/0x128 [ 18.201706] kasan_check_range+0x100/0x1a8 [ 18.201761] __kasan_check_write+0x20/0x30 [ 18.202002] kasan_atomics_helper+0xe44/0x4858 [ 18.202170] kasan_atomics+0x198/0x2e0 [ 18.202547] kunit_try_run_case+0x170/0x3f0 [ 18.202636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.202703] kthread+0x328/0x630 [ 18.202746] ret_from_fork+0x10/0x20 [ 18.202912] [ 18.202941] Allocated by task 265: [ 18.202974] kasan_save_stack+0x3c/0x68 [ 18.203404] kasan_save_track+0x20/0x40 [ 18.203660] kasan_save_alloc_info+0x40/0x58 [ 18.203763] __kasan_kmalloc+0xd4/0xd8 [ 18.204013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.204186] kasan_atomics+0xb8/0x2e0 [ 18.204393] kunit_try_run_case+0x170/0x3f0 [ 18.204514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.204729] kthread+0x328/0x630 [ 18.204809] ret_from_fork+0x10/0x20 [ 18.205056] [ 18.205194] The buggy address belongs to the object at fff00000c78be300 [ 18.205194] which belongs to the cache kmalloc-64 of size 64 [ 18.205448] The buggy address is located 0 bytes to the right of [ 18.205448] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.205979] [ 18.206407] The buggy address belongs to the physical page: [ 18.206523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.206865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.207142] page_type: f5(slab) [ 18.207383] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.207459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.207643] page dumped because: kasan: bad access detected [ 18.207706] [ 18.207727] Memory state around the buggy address: [ 18.207776] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.207825] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.207867] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.207917] ^ [ 18.207963] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.208008] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.208046] ================================================================== [ 18.087133] ================================================================== [ 18.087338] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 18.087461] Write of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.087518] [ 18.087549] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.087836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.087974] Hardware name: linux,dummy-virt (DT) [ 18.088146] Call trace: [ 18.088191] show_stack+0x20/0x38 (C) [ 18.088573] dump_stack_lvl+0x8c/0xd0 [ 18.088721] print_report+0x118/0x5d0 [ 18.090157] kunit_try_run_case+0x170/0x3f0 [ 18.090887] ret_from_fork+0x10/0x20 [ 18.090984] [ 18.091022] Allocated by task 265: [ 18.091181] kasan_save_stack+0x3c/0x68 [ 18.091433] kasan_save_track+0x20/0x40 [ 18.091531] kasan_save_alloc_info+0x40/0x58 [ 18.091651] __kasan_kmalloc+0xd4/0xd8 [ 18.091912] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.092053] kasan_atomics+0xb8/0x2e0 [ 18.092273] kunit_try_run_case+0x170/0x3f0 [ 18.092455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.092673] kthread+0x328/0x630 [ 18.092885] ret_from_fork+0x10/0x20 [ 18.092939] [ 18.093135] The buggy address belongs to the object at fff00000c78be300 [ 18.093135] which belongs to the cache kmalloc-64 of size 64 [ 18.093948] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.094817] [ 18.095553] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.100582] kasan_save_stack+0x3c/0x68 [ 18.102865] [ 18.103741] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.109721] kthread+0x328/0x630 [ 18.110534] [ 18.113072] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.115775] ================================================================== [ 18.227692] ================================================================== [ 18.227745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.227797] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.227908] [ 18.227943] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.228046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.228435] Hardware name: linux,dummy-virt (DT) [ 18.228710] Call trace: [ 18.228749] show_stack+0x20/0x38 (C) [ 18.228924] dump_stack_lvl+0x8c/0xd0 [ 18.229070] print_report+0x118/0x5d0 [ 18.229432] kasan_report+0xdc/0x128 [ 18.229483] kasan_check_range+0x100/0x1a8 [ 18.229722] __kasan_check_write+0x20/0x30 [ 18.229930] kasan_atomics_helper+0xf20/0x4858 [ 18.230028] kasan_atomics+0x198/0x2e0 [ 18.230128] kunit_try_run_case+0x170/0x3f0 [ 18.230277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.230365] kthread+0x328/0x630 [ 18.230420] ret_from_fork+0x10/0x20 [ 18.230635] [ 18.230983] Allocated by task 265: [ 18.231106] kasan_save_stack+0x3c/0x68 [ 18.231323] kasan_save_track+0x20/0x40 [ 18.231572] kasan_save_alloc_info+0x40/0x58 [ 18.231643] __kasan_kmalloc+0xd4/0xd8 [ 18.231900] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.232121] kasan_atomics+0xb8/0x2e0 [ 18.232203] kunit_try_run_case+0x170/0x3f0 [ 18.232274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.232756] kthread+0x328/0x630 [ 18.232924] ret_from_fork+0x10/0x20 [ 18.233022] [ 18.233160] The buggy address belongs to the object at fff00000c78be300 [ 18.233160] which belongs to the cache kmalloc-64 of size 64 [ 18.233232] The buggy address is located 0 bytes to the right of [ 18.233232] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.233641] [ 18.233699] The buggy address belongs to the physical page: [ 18.233752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.233890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.233980] page_type: f5(slab) [ 18.234329] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.234441] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.234575] page dumped because: kasan: bad access detected [ 18.234735] [ 18.234806] Memory state around the buggy address: [ 18.234981] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.235031] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.235085] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.235505] ^ [ 18.235600] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.235648] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.235701] ================================================================== [ 18.338820] ================================================================== [ 18.338876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.338927] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.338979] [ 18.339675] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.339783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.339943] Hardware name: linux,dummy-virt (DT) [ 18.340014] Call trace: [ 18.340131] show_stack+0x20/0x38 (C) [ 18.340195] dump_stack_lvl+0x8c/0xd0 [ 18.340415] print_report+0x118/0x5d0 [ 18.340705] kasan_report+0xdc/0x128 [ 18.340948] kasan_check_range+0x100/0x1a8 [ 18.341185] __kasan_check_write+0x20/0x30 [ 18.341356] kasan_atomics_helper+0x1414/0x4858 [ 18.341511] kasan_atomics+0x198/0x2e0 [ 18.341578] kunit_try_run_case+0x170/0x3f0 [ 18.342247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.342346] kthread+0x328/0x630 [ 18.342449] ret_from_fork+0x10/0x20 [ 18.342524] [ 18.342546] Allocated by task 265: [ 18.342739] kasan_save_stack+0x3c/0x68 [ 18.342987] kasan_save_track+0x20/0x40 [ 18.343328] kasan_save_alloc_info+0x40/0x58 [ 18.343540] __kasan_kmalloc+0xd4/0xd8 [ 18.343657] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.343768] kasan_atomics+0xb8/0x2e0 [ 18.343819] kunit_try_run_case+0x170/0x3f0 [ 18.343858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.343912] kthread+0x328/0x630 [ 18.343946] ret_from_fork+0x10/0x20 [ 18.344113] [ 18.344255] The buggy address belongs to the object at fff00000c78be300 [ 18.344255] which belongs to the cache kmalloc-64 of size 64 [ 18.344628] The buggy address is located 0 bytes to the right of [ 18.344628] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.344839] [ 18.344863] The buggy address belongs to the physical page: [ 18.345040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.345480] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.345573] page_type: f5(slab) [ 18.346067] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.346301] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.346551] page dumped because: kasan: bad access detected [ 18.346594] [ 18.346773] Memory state around the buggy address: [ 18.346924] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.347235] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.347441] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.347487] ^ [ 18.347526] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.347978] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348221] ================================================================== [ 18.429675] ================================================================== [ 18.429728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.429876] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.430076] [ 18.430114] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.430424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.430826] Hardware name: linux,dummy-virt (DT) [ 18.430935] Call trace: [ 18.430964] show_stack+0x20/0x38 (C) [ 18.431057] dump_stack_lvl+0x8c/0xd0 [ 18.431189] print_report+0x118/0x5d0 [ 18.431287] kasan_report+0xdc/0x128 [ 18.431419] kasan_check_range+0x100/0x1a8 [ 18.431473] __kasan_check_write+0x20/0x30 [ 18.431526] kasan_atomics_helper+0x175c/0x4858 [ 18.431576] kasan_atomics+0x198/0x2e0 [ 18.432332] kunit_try_run_case+0x170/0x3f0 [ 18.432422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.432500] kthread+0x328/0x630 [ 18.432543] ret_from_fork+0x10/0x20 [ 18.432603] [ 18.432625] Allocated by task 265: [ 18.432673] kasan_save_stack+0x3c/0x68 [ 18.432717] kasan_save_track+0x20/0x40 [ 18.432757] kasan_save_alloc_info+0x40/0x58 [ 18.432799] __kasan_kmalloc+0xd4/0xd8 [ 18.432839] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.432890] kasan_atomics+0xb8/0x2e0 [ 18.432939] kunit_try_run_case+0x170/0x3f0 [ 18.432989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.433035] kthread+0x328/0x630 [ 18.433082] ret_from_fork+0x10/0x20 [ 18.433137] [ 18.433168] The buggy address belongs to the object at fff00000c78be300 [ 18.433168] which belongs to the cache kmalloc-64 of size 64 [ 18.433235] The buggy address is located 0 bytes to the right of [ 18.433235] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.433301] [ 18.433332] The buggy address belongs to the physical page: [ 18.433372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.433441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.433501] page_type: f5(slab) [ 18.433556] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.433610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.433653] page dumped because: kasan: bad access detected [ 18.433715] [ 18.433736] Memory state around the buggy address: [ 18.433770] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.433815] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.433860] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.433917] ^ [ 18.433952] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.433998] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.434049] ================================================================== [ 18.165695] ================================================================== [ 18.165758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.165814] Write of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.165999] [ 18.166044] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.166402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.166449] Hardware name: linux,dummy-virt (DT) [ 18.166628] Call trace: [ 18.166792] show_stack+0x20/0x38 (C) [ 18.166877] dump_stack_lvl+0x8c/0xd0 [ 18.166928] print_report+0x118/0x5d0 [ 18.166977] kasan_report+0xdc/0x128 [ 18.167289] kasan_check_range+0x100/0x1a8 [ 18.167487] __kasan_check_write+0x20/0x30 [ 18.167612] kasan_atomics_helper+0xd3c/0x4858 [ 18.167799] kasan_atomics+0x198/0x2e0 [ 18.167847] kunit_try_run_case+0x170/0x3f0 [ 18.167903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.167958] kthread+0x328/0x630 [ 18.168397] ret_from_fork+0x10/0x20 [ 18.168572] [ 18.168621] Allocated by task 265: [ 18.168756] kasan_save_stack+0x3c/0x68 [ 18.169061] kasan_save_track+0x20/0x40 [ 18.169175] kasan_save_alloc_info+0x40/0x58 [ 18.169296] __kasan_kmalloc+0xd4/0xd8 [ 18.169402] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.169793] kasan_atomics+0xb8/0x2e0 [ 18.170040] kunit_try_run_case+0x170/0x3f0 [ 18.170155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.170318] kthread+0x328/0x630 [ 18.170374] ret_from_fork+0x10/0x20 [ 18.170798] [ 18.170845] The buggy address belongs to the object at fff00000c78be300 [ 18.170845] which belongs to the cache kmalloc-64 of size 64 [ 18.171000] The buggy address is located 0 bytes to the right of [ 18.171000] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.171192] [ 18.171256] The buggy address belongs to the physical page: [ 18.171290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.171351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.171400] page_type: f5(slab) [ 18.171793] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.171920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.172037] page dumped because: kasan: bad access detected [ 18.172075] [ 18.172112] Memory state around the buggy address: [ 18.172146] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.172191] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.172251] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.172293] ^ [ 18.172334] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.172384] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.172442] ================================================================== [ 18.070394] ================================================================== [ 18.070570] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 18.070632] Write of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.070699] [ 18.070731] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.070814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.070843] Hardware name: linux,dummy-virt (DT) [ 18.070876] Call trace: [ 18.070900] show_stack+0x20/0x38 (C) [ 18.070948] dump_stack_lvl+0x8c/0xd0 [ 18.071613] kasan_report+0xdc/0x128 [ 18.073024] kunit_try_run_case+0x170/0x3f0 [ 18.073127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.073207] kthread+0x328/0x630 [ 18.073278] ret_from_fork+0x10/0x20 [ 18.073558] [ 18.073597] Allocated by task 265: [ 18.073659] kasan_save_stack+0x3c/0x68 [ 18.073852] kasan_save_track+0x20/0x40 [ 18.074075] kasan_save_alloc_info+0x40/0x58 [ 18.074257] __kasan_kmalloc+0xd4/0xd8 [ 18.074460] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.074697] kasan_atomics+0xb8/0x2e0 [ 18.074857] kunit_try_run_case+0x170/0x3f0 [ 18.074920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.075006] kthread+0x328/0x630 [ 18.075091] ret_from_fork+0x10/0x20 [ 18.075294] [ 18.075319] The buggy address belongs to the object at fff00000c78be300 [ 18.075319] which belongs to the cache kmalloc-64 of size 64 [ 18.075741] The buggy address is located 0 bytes to the right of [ 18.075741] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.075872] [ 18.076018] The buggy address belongs to the physical page: [ 18.076123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.076220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.076333] page_type: f5(slab) [ 18.076425] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.076544] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.076896] page dumped because: kasan: bad access detected [ 18.077051] [ 18.077112] Memory state around the buggy address: [ 18.077149] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.077507] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.077644] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.077904] ^ [ 18.078170] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.078344] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.078393] ================================================================== [ 18.366628] ================================================================== [ 18.366702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.366753] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.366896] [ 18.366970] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.367371] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.367412] Hardware name: linux,dummy-virt (DT) [ 18.367446] Call trace: [ 18.367471] show_stack+0x20/0x38 (C) [ 18.367893] dump_stack_lvl+0x8c/0xd0 [ 18.368263] print_report+0x118/0x5d0 [ 18.368770] kasan_report+0xdc/0x128 [ 18.368990] kasan_check_range+0x100/0x1a8 [ 18.369113] __kasan_check_write+0x20/0x30 [ 18.369243] kasan_atomics_helper+0x154c/0x4858 [ 18.369295] kasan_atomics+0x198/0x2e0 [ 18.369509] kunit_try_run_case+0x170/0x3f0 [ 18.369980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.370173] kthread+0x328/0x630 [ 18.370223] ret_from_fork+0x10/0x20 [ 18.370311] [ 18.370620] Allocated by task 265: [ 18.370987] kasan_save_stack+0x3c/0x68 [ 18.371161] kasan_save_track+0x20/0x40 [ 18.371262] kasan_save_alloc_info+0x40/0x58 [ 18.371425] __kasan_kmalloc+0xd4/0xd8 [ 18.371514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.371911] kasan_atomics+0xb8/0x2e0 [ 18.372437] kunit_try_run_case+0x170/0x3f0 [ 18.372758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.372843] kthread+0x328/0x630 [ 18.372880] ret_from_fork+0x10/0x20 [ 18.372930] [ 18.373165] The buggy address belongs to the object at fff00000c78be300 [ 18.373165] which belongs to the cache kmalloc-64 of size 64 [ 18.373504] The buggy address is located 0 bytes to the right of [ 18.373504] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.373732] [ 18.373758] The buggy address belongs to the physical page: [ 18.373822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.374023] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.374211] page_type: f5(slab) [ 18.374475] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.374640] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.375329] page dumped because: kasan: bad access detected [ 18.375393] [ 18.375506] Memory state around the buggy address: [ 18.375544] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.375591] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.375635] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.376194] ^ [ 18.376315] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.376532] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.376911] ================================================================== [ 18.321272] ================================================================== [ 18.321335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.321386] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.321599] [ 18.321798] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.321929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.322006] Hardware name: linux,dummy-virt (DT) [ 18.322043] Call trace: [ 18.322069] show_stack+0x20/0x38 (C) [ 18.322136] dump_stack_lvl+0x8c/0xd0 [ 18.322281] print_report+0x118/0x5d0 [ 18.322335] kasan_report+0xdc/0x128 [ 18.322531] kasan_check_range+0x100/0x1a8 [ 18.322790] __kasan_check_write+0x20/0x30 [ 18.322865] kasan_atomics_helper+0x1384/0x4858 [ 18.322917] kasan_atomics+0x198/0x2e0 [ 18.322963] kunit_try_run_case+0x170/0x3f0 [ 18.323287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.323500] kthread+0x328/0x630 [ 18.323683] ret_from_fork+0x10/0x20 [ 18.323929] [ 18.324022] Allocated by task 265: [ 18.324106] kasan_save_stack+0x3c/0x68 [ 18.324384] kasan_save_track+0x20/0x40 [ 18.324617] kasan_save_alloc_info+0x40/0x58 [ 18.324774] __kasan_kmalloc+0xd4/0xd8 [ 18.324886] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.324940] kasan_atomics+0xb8/0x2e0 [ 18.324979] kunit_try_run_case+0x170/0x3f0 [ 18.325266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.325542] kthread+0x328/0x630 [ 18.325944] ret_from_fork+0x10/0x20 [ 18.326380] [ 18.326411] The buggy address belongs to the object at fff00000c78be300 [ 18.326411] which belongs to the cache kmalloc-64 of size 64 [ 18.326811] The buggy address is located 0 bytes to the right of [ 18.326811] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.326958] [ 18.326983] The buggy address belongs to the physical page: [ 18.327025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.327435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.327659] page_type: f5(slab) [ 18.327768] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.327922] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.327971] page dumped because: kasan: bad access detected [ 18.328005] [ 18.328027] Memory state around the buggy address: [ 18.328061] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.328615] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.328816] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.328911] ^ [ 18.328953] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.329135] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.329184] ================================================================== [ 18.434267] ================================================================== [ 18.434311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.434360] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.434412] [ 18.434466] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.434549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.434579] Hardware name: linux,dummy-virt (DT) [ 18.434612] Call trace: [ 18.434634] show_stack+0x20/0x38 (C) [ 18.435797] dump_stack_lvl+0x8c/0xd0 [ 18.435917] print_report+0x118/0x5d0 [ 18.435994] kasan_report+0xdc/0x128 [ 18.436076] __asan_report_load8_noabort+0x20/0x30 [ 18.436160] kasan_atomics_helper+0x3e20/0x4858 [ 18.436242] kasan_atomics+0x198/0x2e0 [ 18.436704] kunit_try_run_case+0x170/0x3f0 [ 18.436785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.436900] kthread+0x328/0x630 [ 18.436947] ret_from_fork+0x10/0x20 [ 18.437492] [ 18.437534] Allocated by task 265: [ 18.437803] kasan_save_stack+0x3c/0x68 [ 18.437946] kasan_save_track+0x20/0x40 [ 18.438025] kasan_save_alloc_info+0x40/0x58 [ 18.438115] __kasan_kmalloc+0xd4/0xd8 [ 18.438177] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.438583] kasan_atomics+0xb8/0x2e0 [ 18.438845] kunit_try_run_case+0x170/0x3f0 [ 18.438954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439027] kthread+0x328/0x630 [ 18.439192] ret_from_fork+0x10/0x20 [ 18.439293] [ 18.439402] The buggy address belongs to the object at fff00000c78be300 [ 18.439402] which belongs to the cache kmalloc-64 of size 64 [ 18.439465] The buggy address is located 0 bytes to the right of [ 18.439465] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.439532] [ 18.439561] The buggy address belongs to the physical page: [ 18.439744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.440735] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.440823] page_type: f5(slab) [ 18.440874] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.440945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.441034] page dumped because: kasan: bad access detected [ 18.441208] [ 18.441236] Memory state around the buggy address: [ 18.441444] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.441758] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.441846] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.441914] ^ [ 18.442190] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.442271] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.442508] ================================================================== [ 18.237490] ================================================================== [ 18.237547] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.237628] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.238028] [ 18.238074] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.238225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.238302] Hardware name: linux,dummy-virt (DT) [ 18.238337] Call trace: [ 18.238364] show_stack+0x20/0x38 (C) [ 18.238415] dump_stack_lvl+0x8c/0xd0 [ 18.238657] print_report+0x118/0x5d0 [ 18.238726] kasan_report+0xdc/0x128 [ 18.238911] kasan_check_range+0x100/0x1a8 [ 18.239028] __kasan_check_write+0x20/0x30 [ 18.239905] kasan_atomics_helper+0xf88/0x4858 [ 18.239989] kasan_atomics+0x198/0x2e0 [ 18.240045] kunit_try_run_case+0x170/0x3f0 [ 18.240112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.240168] kthread+0x328/0x630 [ 18.240211] ret_from_fork+0x10/0x20 [ 18.240261] [ 18.240310] Allocated by task 265: [ 18.240363] kasan_save_stack+0x3c/0x68 [ 18.240414] kasan_save_track+0x20/0x40 [ 18.240474] kasan_save_alloc_info+0x40/0x58 [ 18.240526] __kasan_kmalloc+0xd4/0xd8 [ 18.240565] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.240622] kasan_atomics+0xb8/0x2e0 [ 18.240673] kunit_try_run_case+0x170/0x3f0 [ 18.240714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.240761] kthread+0x328/0x630 [ 18.240796] ret_from_fork+0x10/0x20 [ 18.240835] [ 18.240856] The buggy address belongs to the object at fff00000c78be300 [ 18.240856] which belongs to the cache kmalloc-64 of size 64 [ 18.240917] The buggy address is located 0 bytes to the right of [ 18.240917] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.240994] [ 18.241030] The buggy address belongs to the physical page: [ 18.241081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.241151] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.241202] page_type: f5(slab) [ 18.241260] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.241315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.241361] page dumped because: kasan: bad access detected [ 18.241396] [ 18.241418] Memory state around the buggy address: [ 18.241452] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.241498] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.241553] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.241596] ^ [ 18.241639] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242140] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.242224] ================================================================== [ 18.412406] ================================================================== [ 18.412583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.412641] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.412890] [ 18.412965] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.413064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.413092] Hardware name: linux,dummy-virt (DT) [ 18.413545] Call trace: [ 18.413622] show_stack+0x20/0x38 (C) [ 18.413904] dump_stack_lvl+0x8c/0xd0 [ 18.414329] print_report+0x118/0x5d0 [ 18.414399] kasan_report+0xdc/0x128 [ 18.414564] kasan_check_range+0x100/0x1a8 [ 18.414626] __kasan_check_write+0x20/0x30 [ 18.414771] kasan_atomics_helper+0x16d0/0x4858 [ 18.414830] kasan_atomics+0x198/0x2e0 [ 18.414878] kunit_try_run_case+0x170/0x3f0 [ 18.414926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.414981] kthread+0x328/0x630 [ 18.415492] ret_from_fork+0x10/0x20 [ 18.415750] [ 18.415810] Allocated by task 265: [ 18.415847] kasan_save_stack+0x3c/0x68 [ 18.416090] kasan_save_track+0x20/0x40 [ 18.416194] kasan_save_alloc_info+0x40/0x58 [ 18.416635] __kasan_kmalloc+0xd4/0xd8 [ 18.416725] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.416961] kasan_atomics+0xb8/0x2e0 [ 18.417048] kunit_try_run_case+0x170/0x3f0 [ 18.417185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.417234] kthread+0x328/0x630 [ 18.417638] ret_from_fork+0x10/0x20 [ 18.417879] [ 18.417988] The buggy address belongs to the object at fff00000c78be300 [ 18.417988] which belongs to the cache kmalloc-64 of size 64 [ 18.418162] The buggy address is located 0 bytes to the right of [ 18.418162] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.418332] [ 18.418400] The buggy address belongs to the physical page: [ 18.418483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.418613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.418677] page_type: f5(slab) [ 18.418717] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.418769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.418813] page dumped because: kasan: bad access detected [ 18.418857] [ 18.418888] Memory state around the buggy address: [ 18.418921] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.418968] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.419023] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.419062] ^ [ 18.419099] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419145] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419183] ================================================================== [ 18.220311] ================================================================== [ 18.220369] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.220564] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.220632] [ 18.220675] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.220760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.220823] Hardware name: linux,dummy-virt (DT) [ 18.220860] Call trace: [ 18.220883] show_stack+0x20/0x38 (C) [ 18.220935] dump_stack_lvl+0x8c/0xd0 [ 18.220983] print_report+0x118/0x5d0 [ 18.221031] kasan_report+0xdc/0x128 [ 18.221077] kasan_check_range+0x100/0x1a8 [ 18.221129] __kasan_check_write+0x20/0x30 [ 18.221195] kasan_atomics_helper+0xeb8/0x4858 [ 18.221244] kasan_atomics+0x198/0x2e0 [ 18.221291] kunit_try_run_case+0x170/0x3f0 [ 18.221339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.221391] kthread+0x328/0x630 [ 18.221433] ret_from_fork+0x10/0x20 [ 18.221482] [ 18.221503] Allocated by task 265: [ 18.221534] kasan_save_stack+0x3c/0x68 [ 18.221576] kasan_save_track+0x20/0x40 [ 18.221624] kasan_save_alloc_info+0x40/0x58 [ 18.221677] __kasan_kmalloc+0xd4/0xd8 [ 18.221740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.222021] kasan_atomics+0xb8/0x2e0 [ 18.222335] kunit_try_run_case+0x170/0x3f0 [ 18.222414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.222922] kthread+0x328/0x630 [ 18.223157] ret_from_fork+0x10/0x20 [ 18.223578] [ 18.223608] The buggy address belongs to the object at fff00000c78be300 [ 18.223608] which belongs to the cache kmalloc-64 of size 64 [ 18.223689] The buggy address is located 0 bytes to the right of [ 18.223689] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.224090] [ 18.224218] The buggy address belongs to the physical page: [ 18.224507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.224827] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.224987] page_type: f5(slab) [ 18.225076] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.225174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.225219] page dumped because: kasan: bad access detected [ 18.225293] [ 18.225945] Memory state around the buggy address: [ 18.226078] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.226192] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.226435] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.226589] ^ [ 18.226710] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226809] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.226954] ================================================================== [ 18.174244] ================================================================== [ 18.174650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.174734] Read of size 4 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.174787] [ 18.175048] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.175147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.175200] Hardware name: linux,dummy-virt (DT) [ 18.175450] Call trace: [ 18.175660] show_stack+0x20/0x38 (C) [ 18.175832] dump_stack_lvl+0x8c/0xd0 [ 18.175932] print_report+0x118/0x5d0 [ 18.176070] kasan_report+0xdc/0x128 [ 18.176148] __asan_report_load4_noabort+0x20/0x30 [ 18.176208] kasan_atomics_helper+0x3e04/0x4858 [ 18.176258] kasan_atomics+0x198/0x2e0 [ 18.176696] kunit_try_run_case+0x170/0x3f0 [ 18.176828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.176919] kthread+0x328/0x630 [ 18.177412] ret_from_fork+0x10/0x20 [ 18.177798] [ 18.177829] Allocated by task 265: [ 18.177881] kasan_save_stack+0x3c/0x68 [ 18.178120] kasan_save_track+0x20/0x40 [ 18.178299] kasan_save_alloc_info+0x40/0x58 [ 18.178364] __kasan_kmalloc+0xd4/0xd8 [ 18.178404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.178446] kasan_atomics+0xb8/0x2e0 [ 18.178485] kunit_try_run_case+0x170/0x3f0 [ 18.178531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.178586] kthread+0x328/0x630 [ 18.178631] ret_from_fork+0x10/0x20 [ 18.178682] [ 18.178718] The buggy address belongs to the object at fff00000c78be300 [ 18.178718] which belongs to the cache kmalloc-64 of size 64 [ 18.178780] The buggy address is located 0 bytes to the right of [ 18.178780] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.178858] [ 18.178881] The buggy address belongs to the physical page: [ 18.178915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.178970] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.179584] page_type: f5(slab) [ 18.179708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.180348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.180450] page dumped because: kasan: bad access detected [ 18.180519] [ 18.180661] Memory state around the buggy address: [ 18.180732] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.181126] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.181309] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.181364] ^ [ 18.181621] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.182003] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.182114] ================================================================== [ 18.377837] ================================================================== [ 18.378036] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.378099] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.378151] [ 18.378309] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.378401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.378429] Hardware name: linux,dummy-virt (DT) [ 18.378769] Call trace: [ 18.378863] show_stack+0x20/0x38 (C) [ 18.379055] dump_stack_lvl+0x8c/0xd0 [ 18.379556] print_report+0x118/0x5d0 [ 18.379614] kasan_report+0xdc/0x128 [ 18.379870] kasan_check_range+0x100/0x1a8 [ 18.380234] __kasan_check_write+0x20/0x30 [ 18.380554] kasan_atomics_helper+0x15b4/0x4858 [ 18.380722] kasan_atomics+0x198/0x2e0 [ 18.380806] kunit_try_run_case+0x170/0x3f0 [ 18.380871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.381205] kthread+0x328/0x630 [ 18.381492] ret_from_fork+0x10/0x20 [ 18.381722] [ 18.381751] Allocated by task 265: [ 18.381783] kasan_save_stack+0x3c/0x68 [ 18.381830] kasan_save_track+0x20/0x40 [ 18.381912] kasan_save_alloc_info+0x40/0x58 [ 18.381981] __kasan_kmalloc+0xd4/0xd8 [ 18.382030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.382072] kasan_atomics+0xb8/0x2e0 [ 18.382109] kunit_try_run_case+0x170/0x3f0 [ 18.382151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.382205] kthread+0x328/0x630 [ 18.382239] ret_from_fork+0x10/0x20 [ 18.382290] [ 18.382324] The buggy address belongs to the object at fff00000c78be300 [ 18.382324] which belongs to the cache kmalloc-64 of size 64 [ 18.382385] The buggy address is located 0 bytes to the right of [ 18.382385] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.382459] [ 18.382490] The buggy address belongs to the physical page: [ 18.382525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.382578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.382628] page_type: f5(slab) [ 18.382704] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.383143] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.383536] page dumped because: kasan: bad access detected [ 18.383606] [ 18.383681] Memory state around the buggy address: [ 18.383894] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.384012] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.384236] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.384636] ^ [ 18.384779] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.384833] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385049] ================================================================== [ 18.396357] ================================================================== [ 18.396424] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.396696] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.396763] [ 18.396899] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.396987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.397222] Hardware name: linux,dummy-virt (DT) [ 18.397296] Call trace: [ 18.397685] show_stack+0x20/0x38 (C) [ 18.397755] dump_stack_lvl+0x8c/0xd0 [ 18.397877] print_report+0x118/0x5d0 [ 18.397949] kasan_report+0xdc/0x128 [ 18.397996] kasan_check_range+0x100/0x1a8 [ 18.398105] __kasan_check_write+0x20/0x30 [ 18.398150] kasan_atomics_helper+0x1644/0x4858 [ 18.398200] kasan_atomics+0x198/0x2e0 [ 18.398262] kunit_try_run_case+0x170/0x3f0 [ 18.398455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.398525] kthread+0x328/0x630 [ 18.398567] ret_from_fork+0x10/0x20 [ 18.398625] [ 18.398951] Allocated by task 265: [ 18.399005] kasan_save_stack+0x3c/0x68 [ 18.399614] kasan_save_track+0x20/0x40 [ 18.399788] kasan_save_alloc_info+0x40/0x58 [ 18.400047] __kasan_kmalloc+0xd4/0xd8 [ 18.400149] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.400345] kasan_atomics+0xb8/0x2e0 [ 18.400580] kunit_try_run_case+0x170/0x3f0 [ 18.400656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.400730] kthread+0x328/0x630 [ 18.400764] ret_from_fork+0x10/0x20 [ 18.400801] [ 18.400825] The buggy address belongs to the object at fff00000c78be300 [ 18.400825] which belongs to the cache kmalloc-64 of size 64 [ 18.400887] The buggy address is located 0 bytes to the right of [ 18.400887] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.400953] [ 18.401021] The buggy address belongs to the physical page: [ 18.401072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.401136] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.401186] page_type: f5(slab) [ 18.401236] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.401300] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.401379] page dumped because: kasan: bad access detected [ 18.401423] [ 18.401446] Memory state around the buggy address: [ 18.401480] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.401533] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.401592] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.401635] ^ [ 18.401700] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.401754] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.401806] ================================================================== [ 18.276905] ================================================================== [ 18.276965] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.277018] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.277107] [ 18.277142] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.277225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.277253] Hardware name: linux,dummy-virt (DT) [ 18.277304] Call trace: [ 18.277330] show_stack+0x20/0x38 (C) [ 18.277380] dump_stack_lvl+0x8c/0xd0 [ 18.277428] print_report+0x118/0x5d0 [ 18.277475] kasan_report+0xdc/0x128 [ 18.277522] kasan_check_range+0x100/0x1a8 [ 18.277569] __kasan_check_write+0x20/0x30 [ 18.277615] kasan_atomics_helper+0x1128/0x4858 [ 18.277674] kasan_atomics+0x198/0x2e0 [ 18.277722] kunit_try_run_case+0x170/0x3f0 [ 18.277770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.277823] kthread+0x328/0x630 [ 18.277865] ret_from_fork+0x10/0x20 [ 18.277924] [ 18.277951] Allocated by task 265: [ 18.277989] kasan_save_stack+0x3c/0x68 [ 18.278043] kasan_save_track+0x20/0x40 [ 18.278085] kasan_save_alloc_info+0x40/0x58 [ 18.278134] __kasan_kmalloc+0xd4/0xd8 [ 18.278183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.278232] kasan_atomics+0xb8/0x2e0 [ 18.278279] kunit_try_run_case+0x170/0x3f0 [ 18.278319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278366] kthread+0x328/0x630 [ 18.278401] ret_from_fork+0x10/0x20 [ 18.278439] [ 18.278460] The buggy address belongs to the object at fff00000c78be300 [ 18.278460] which belongs to the cache kmalloc-64 of size 64 [ 18.278519] The buggy address is located 0 bytes to the right of [ 18.278519] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.278590] [ 18.278614] The buggy address belongs to the physical page: [ 18.278646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.279102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.279174] page_type: f5(slab) [ 18.279218] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.279274] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.279320] page dumped because: kasan: bad access detected [ 18.279355] [ 18.280109] Memory state around the buggy address: [ 18.280155] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.280615] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.280989] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.281456] ^ [ 18.281751] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281971] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.282030] ================================================================== [ 18.283842] ================================================================== [ 18.283903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.283955] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.284016] [ 18.284047] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.284130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.284158] Hardware name: linux,dummy-virt (DT) [ 18.284488] Call trace: [ 18.284590] show_stack+0x20/0x38 (C) [ 18.284816] dump_stack_lvl+0x8c/0xd0 [ 18.284871] print_report+0x118/0x5d0 [ 18.285208] kasan_report+0xdc/0x128 [ 18.285279] kasan_check_range+0x100/0x1a8 [ 18.285378] __kasan_check_write+0x20/0x30 [ 18.285432] kasan_atomics_helper+0x1190/0x4858 [ 18.285481] kasan_atomics+0x198/0x2e0 [ 18.285535] kunit_try_run_case+0x170/0x3f0 [ 18.285827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.285908] kthread+0x328/0x630 [ 18.285952] ret_from_fork+0x10/0x20 [ 18.286333] [ 18.286375] Allocated by task 265: [ 18.286417] kasan_save_stack+0x3c/0x68 [ 18.286469] kasan_save_track+0x20/0x40 [ 18.286607] kasan_save_alloc_info+0x40/0x58 [ 18.286656] __kasan_kmalloc+0xd4/0xd8 [ 18.286860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.287099] kasan_atomics+0xb8/0x2e0 [ 18.287176] kunit_try_run_case+0x170/0x3f0 [ 18.287390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.287527] kthread+0x328/0x630 [ 18.287756] ret_from_fork+0x10/0x20 [ 18.287854] [ 18.288286] The buggy address belongs to the object at fff00000c78be300 [ 18.288286] which belongs to the cache kmalloc-64 of size 64 [ 18.288536] The buggy address is located 0 bytes to the right of [ 18.288536] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.288740] [ 18.288863] The buggy address belongs to the physical page: [ 18.289331] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.289424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.289681] page_type: f5(slab) [ 18.289872] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.290073] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.290301] page dumped because: kasan: bad access detected [ 18.290438] [ 18.290495] Memory state around the buggy address: [ 18.290686] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.290748] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.291019] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.291215] ^ [ 18.291410] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.291587] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.291883] ================================================================== [ 18.293681] ================================================================== [ 18.293779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.293891] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.293946] [ 18.293984] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.294102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.294151] Hardware name: linux,dummy-virt (DT) [ 18.294350] Call trace: [ 18.294645] show_stack+0x20/0x38 (C) [ 18.294884] dump_stack_lvl+0x8c/0xd0 [ 18.294952] print_report+0x118/0x5d0 [ 18.295038] kasan_report+0xdc/0x128 [ 18.295119] kasan_check_range+0x100/0x1a8 [ 18.295286] __kasan_check_write+0x20/0x30 [ 18.295382] kasan_atomics_helper+0x11f8/0x4858 [ 18.295573] kasan_atomics+0x198/0x2e0 [ 18.295692] kunit_try_run_case+0x170/0x3f0 [ 18.295883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.296129] kthread+0x328/0x630 [ 18.296346] ret_from_fork+0x10/0x20 [ 18.296772] [ 18.296805] Allocated by task 265: [ 18.296887] kasan_save_stack+0x3c/0x68 [ 18.297080] kasan_save_track+0x20/0x40 [ 18.297245] kasan_save_alloc_info+0x40/0x58 [ 18.297390] __kasan_kmalloc+0xd4/0xd8 [ 18.297558] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.297640] kasan_atomics+0xb8/0x2e0 [ 18.297709] kunit_try_run_case+0x170/0x3f0 [ 18.298202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.298418] kthread+0x328/0x630 [ 18.298867] ret_from_fork+0x10/0x20 [ 18.299231] [ 18.299269] The buggy address belongs to the object at fff00000c78be300 [ 18.299269] which belongs to the cache kmalloc-64 of size 64 [ 18.299361] The buggy address is located 0 bytes to the right of [ 18.299361] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.299456] [ 18.299682] The buggy address belongs to the physical page: [ 18.300173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.300279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.300332] page_type: f5(slab) [ 18.300852] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.300931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.301345] page dumped because: kasan: bad access detected [ 18.301391] [ 18.301571] Memory state around the buggy address: [ 18.301815] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.302044] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.302325] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.302474] ^ [ 18.302649] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.302717] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.302757] ================================================================== [ 18.304076] ================================================================== [ 18.304154] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.304229] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.304530] [ 18.304583] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.304683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.304811] Hardware name: linux,dummy-virt (DT) [ 18.304879] Call trace: [ 18.304907] show_stack+0x20/0x38 (C) [ 18.305034] dump_stack_lvl+0x8c/0xd0 [ 18.305089] print_report+0x118/0x5d0 [ 18.305137] kasan_report+0xdc/0x128 [ 18.305432] kasan_check_range+0x100/0x1a8 [ 18.305704] __kasan_check_write+0x20/0x30 [ 18.305896] kasan_atomics_helper+0x126c/0x4858 [ 18.305984] kasan_atomics+0x198/0x2e0 [ 18.306105] kunit_try_run_case+0x170/0x3f0 [ 18.306202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.306288] kthread+0x328/0x630 [ 18.306332] ret_from_fork+0x10/0x20 [ 18.306576] [ 18.306738] Allocated by task 265: [ 18.306994] kasan_save_stack+0x3c/0x68 [ 18.307252] kasan_save_track+0x20/0x40 [ 18.307354] kasan_save_alloc_info+0x40/0x58 [ 18.307497] __kasan_kmalloc+0xd4/0xd8 [ 18.307551] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.307601] kasan_atomics+0xb8/0x2e0 [ 18.307801] kunit_try_run_case+0x170/0x3f0 [ 18.307994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.308109] kthread+0x328/0x630 [ 18.308365] ret_from_fork+0x10/0x20 [ 18.308618] [ 18.308705] The buggy address belongs to the object at fff00000c78be300 [ 18.308705] which belongs to the cache kmalloc-64 of size 64 [ 18.308898] The buggy address is located 0 bytes to the right of [ 18.308898] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.309017] [ 18.309184] The buggy address belongs to the physical page: [ 18.309235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.309320] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.309373] page_type: f5(slab) [ 18.309421] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.309474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.309519] page dumped because: kasan: bad access detected [ 18.309555] [ 18.309585] Memory state around the buggy address: [ 18.309619] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309677] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309779] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.310061] ^ [ 18.310721] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310776] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310839] ================================================================== [ 18.358821] ================================================================== [ 18.359031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.359297] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.359481] [ 18.359565] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.359656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.359696] Hardware name: linux,dummy-virt (DT) [ 18.360080] Call trace: [ 18.360493] show_stack+0x20/0x38 (C) [ 18.360647] dump_stack_lvl+0x8c/0xd0 [ 18.360743] print_report+0x118/0x5d0 [ 18.360798] kasan_report+0xdc/0x128 [ 18.361030] kasan_check_range+0x100/0x1a8 [ 18.361523] __kasan_check_write+0x20/0x30 [ 18.361684] kasan_atomics_helper+0x14e4/0x4858 [ 18.361872] kasan_atomics+0x198/0x2e0 [ 18.361977] kunit_try_run_case+0x170/0x3f0 [ 18.362181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.362440] kthread+0x328/0x630 [ 18.362716] ret_from_fork+0x10/0x20 [ 18.363005] [ 18.363153] Allocated by task 265: [ 18.363234] kasan_save_stack+0x3c/0x68 [ 18.363283] kasan_save_track+0x20/0x40 [ 18.363321] kasan_save_alloc_info+0x40/0x58 [ 18.363725] __kasan_kmalloc+0xd4/0xd8 [ 18.363791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.363906] kasan_atomics+0xb8/0x2e0 [ 18.363947] kunit_try_run_case+0x170/0x3f0 [ 18.364005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364060] kthread+0x328/0x630 [ 18.364096] ret_from_fork+0x10/0x20 [ 18.364136] [ 18.364160] The buggy address belongs to the object at fff00000c78be300 [ 18.364160] which belongs to the cache kmalloc-64 of size 64 [ 18.364221] The buggy address is located 0 bytes to the right of [ 18.364221] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.364297] [ 18.364335] The buggy address belongs to the physical page: [ 18.364381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.364450] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.364512] page_type: f5(slab) [ 18.364553] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.364617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.364660] page dumped because: kasan: bad access detected [ 18.364705] [ 18.364727] Memory state around the buggy address: [ 18.364776] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.364822] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.364876] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.364917] ^ [ 18.364962] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.365004] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.365050] ================================================================== [ 18.444104] ================================================================== [ 18.444215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.444382] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.444444] [ 18.444583] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.444709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.444848] Hardware name: linux,dummy-virt (DT) [ 18.444891] Call trace: [ 18.445073] show_stack+0x20/0x38 (C) [ 18.445183] dump_stack_lvl+0x8c/0xd0 [ 18.445235] print_report+0x118/0x5d0 [ 18.445311] kasan_report+0xdc/0x128 [ 18.445483] kasan_check_range+0x100/0x1a8 [ 18.445721] __kasan_check_write+0x20/0x30 [ 18.445810] kasan_atomics_helper+0x17ec/0x4858 [ 18.445863] kasan_atomics+0x198/0x2e0 [ 18.445983] kunit_try_run_case+0x170/0x3f0 [ 18.446037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.446120] kthread+0x328/0x630 [ 18.446311] ret_from_fork+0x10/0x20 [ 18.446556] [ 18.446592] Allocated by task 265: [ 18.446748] kasan_save_stack+0x3c/0x68 [ 18.446809] kasan_save_track+0x20/0x40 [ 18.446928] kasan_save_alloc_info+0x40/0x58 [ 18.447209] __kasan_kmalloc+0xd4/0xd8 [ 18.447432] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.447603] kasan_atomics+0xb8/0x2e0 [ 18.447924] kunit_try_run_case+0x170/0x3f0 [ 18.448172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.448326] kthread+0x328/0x630 [ 18.448433] ret_from_fork+0x10/0x20 [ 18.448482] [ 18.448739] The buggy address belongs to the object at fff00000c78be300 [ 18.448739] which belongs to the cache kmalloc-64 of size 64 [ 18.448906] The buggy address is located 0 bytes to the right of [ 18.448906] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.449191] [ 18.449421] The buggy address belongs to the physical page: [ 18.449526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.449703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.449769] page_type: f5(slab) [ 18.449828] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.449963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.450009] page dumped because: kasan: bad access detected [ 18.450050] [ 18.450073] Memory state around the buggy address: [ 18.450242] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.450475] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.450529] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.450754] ^ [ 18.450801] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451151] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.451548] ================================================================== [ 18.243523] ================================================================== [ 18.243576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.243649] Write of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.244030] [ 18.244078] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.244680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.244730] Hardware name: linux,dummy-virt (DT) [ 18.244766] Call trace: [ 18.245043] show_stack+0x20/0x38 (C) [ 18.245226] dump_stack_lvl+0x8c/0xd0 [ 18.245319] print_report+0x118/0x5d0 [ 18.245369] kasan_report+0xdc/0x128 [ 18.245575] kasan_check_range+0x100/0x1a8 [ 18.245916] __kasan_check_write+0x20/0x30 [ 18.246080] kasan_atomics_helper+0xff0/0x4858 [ 18.246251] kasan_atomics+0x198/0x2e0 [ 18.246432] kunit_try_run_case+0x170/0x3f0 [ 18.246508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.246930] kthread+0x328/0x630 [ 18.247262] ret_from_fork+0x10/0x20 [ 18.247543] [ 18.247611] Allocated by task 265: [ 18.247716] kasan_save_stack+0x3c/0x68 [ 18.247795] kasan_save_track+0x20/0x40 [ 18.247841] kasan_save_alloc_info+0x40/0x58 [ 18.247882] __kasan_kmalloc+0xd4/0xd8 [ 18.247922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.247967] kasan_atomics+0xb8/0x2e0 [ 18.248006] kunit_try_run_case+0x170/0x3f0 [ 18.248826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.249185] kthread+0x328/0x630 [ 18.249322] ret_from_fork+0x10/0x20 [ 18.249412] [ 18.249487] The buggy address belongs to the object at fff00000c78be300 [ 18.249487] which belongs to the cache kmalloc-64 of size 64 [ 18.249552] The buggy address is located 0 bytes to the right of [ 18.249552] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.249866] [ 18.250082] The buggy address belongs to the physical page: [ 18.250403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.250519] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.250807] page_type: f5(slab) [ 18.251132] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.251406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.251640] page dumped because: kasan: bad access detected [ 18.251720] [ 18.251867] Memory state around the buggy address: [ 18.252084] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.252381] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.252450] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.252625] ^ [ 18.252803] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.253132] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.253297] ================================================================== [ 18.190648] ================================================================== [ 18.190712] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.191072] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.191157] [ 18.191610] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.191818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.191987] Hardware name: linux,dummy-virt (DT) [ 18.192149] Call trace: [ 18.192246] show_stack+0x20/0x38 (C) [ 18.192634] dump_stack_lvl+0x8c/0xd0 [ 18.192838] print_report+0x118/0x5d0 [ 18.192946] kasan_report+0xdc/0x128 [ 18.193189] __asan_report_load8_noabort+0x20/0x30 [ 18.193466] kasan_atomics_helper+0x3f58/0x4858 [ 18.193561] kasan_atomics+0x198/0x2e0 [ 18.193713] kunit_try_run_case+0x170/0x3f0 [ 18.193799] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.193949] kthread+0x328/0x630 [ 18.194005] ret_from_fork+0x10/0x20 [ 18.194235] [ 18.194504] Allocated by task 265: [ 18.194605] kasan_save_stack+0x3c/0x68 [ 18.194735] kasan_save_track+0x20/0x40 [ 18.194997] kasan_save_alloc_info+0x40/0x58 [ 18.195135] __kasan_kmalloc+0xd4/0xd8 [ 18.195440] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.195482] kasan_atomics+0xb8/0x2e0 [ 18.195678] kunit_try_run_case+0x170/0x3f0 [ 18.195837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.195942] kthread+0x328/0x630 [ 18.196059] ret_from_fork+0x10/0x20 [ 18.196137] [ 18.196257] The buggy address belongs to the object at fff00000c78be300 [ 18.196257] which belongs to the cache kmalloc-64 of size 64 [ 18.196354] The buggy address is located 0 bytes to the right of [ 18.196354] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.196447] [ 18.196468] The buggy address belongs to the physical page: [ 18.196848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.196934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.197100] page_type: f5(slab) [ 18.197189] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.197280] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.197398] page dumped because: kasan: bad access detected [ 18.197462] [ 18.197517] Memory state around the buggy address: [ 18.197803] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.197872] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.198070] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.198134] ^ [ 18.198345] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.198397] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.198571] ================================================================== [ 18.419679] ================================================================== [ 18.419732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.419783] Read of size 8 at addr fff00000c78be330 by task kunit_try_catch/265 [ 18.420129] [ 18.420173] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.420598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.420646] Hardware name: linux,dummy-virt (DT) [ 18.420975] Call trace: [ 18.421120] show_stack+0x20/0x38 (C) [ 18.421313] dump_stack_lvl+0x8c/0xd0 [ 18.421508] print_report+0x118/0x5d0 [ 18.421643] kasan_report+0xdc/0x128 [ 18.421707] __asan_report_load8_noabort+0x20/0x30 [ 18.421759] kasan_atomics_helper+0x3e10/0x4858 [ 18.422084] kasan_atomics+0x198/0x2e0 [ 18.422153] kunit_try_run_case+0x170/0x3f0 [ 18.422463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.422545] kthread+0x328/0x630 [ 18.422589] ret_from_fork+0x10/0x20 [ 18.422848] [ 18.422927] Allocated by task 265: [ 18.422963] kasan_save_stack+0x3c/0x68 [ 18.423096] kasan_save_track+0x20/0x40 [ 18.423139] kasan_save_alloc_info+0x40/0x58 [ 18.423180] __kasan_kmalloc+0xd4/0xd8 [ 18.423219] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.423775] kasan_atomics+0xb8/0x2e0 [ 18.423957] kunit_try_run_case+0x170/0x3f0 [ 18.424067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.424627] kthread+0x328/0x630 [ 18.424703] ret_from_fork+0x10/0x20 [ 18.424958] [ 18.424985] The buggy address belongs to the object at fff00000c78be300 [ 18.424985] which belongs to the cache kmalloc-64 of size 64 [ 18.425166] The buggy address is located 0 bytes to the right of [ 18.425166] allocated 48-byte region [fff00000c78be300, fff00000c78be330) [ 18.425457] [ 18.425676] The buggy address belongs to the physical page: [ 18.425719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078be [ 18.426148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.426514] page_type: f5(slab) [ 18.426562] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.427162] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.427234] page dumped because: kasan: bad access detected [ 18.427432] [ 18.427460] Memory state around the buggy address: [ 18.427498] fff00000c78be200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.427546] fff00000c78be280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.427600] >fff00000c78be300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.427895] ^ [ 18.428142] fff00000c78be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.428208] fff00000c78be400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.428394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 17.788525] ================================================================== [ 17.788951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.789168] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.789401] [ 17.789469] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.789556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.789815] Hardware name: linux,dummy-virt (DT) [ 17.789972] Call trace: [ 17.790212] show_stack+0x20/0x38 (C) [ 17.790430] dump_stack_lvl+0x8c/0xd0 [ 17.790589] print_report+0x118/0x5d0 [ 17.790907] kasan_report+0xdc/0x128 [ 17.790995] kasan_check_range+0x100/0x1a8 [ 17.791483] __kasan_check_write+0x20/0x30 [ 17.791570] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.791629] kasan_bitops_generic+0x11c/0x1c8 [ 17.791691] kunit_try_run_case+0x170/0x3f0 [ 17.791764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.791819] kthread+0x328/0x630 [ 17.791861] ret_from_fork+0x10/0x20 [ 17.791910] [ 17.791943] Allocated by task 261: [ 17.791995] kasan_save_stack+0x3c/0x68 [ 17.792039] kasan_save_track+0x20/0x40 [ 17.792080] kasan_save_alloc_info+0x40/0x58 [ 17.792123] __kasan_kmalloc+0xd4/0xd8 [ 17.792162] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.792211] kasan_bitops_generic+0xa0/0x1c8 [ 17.792252] kunit_try_run_case+0x170/0x3f0 [ 17.792294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.792355] kthread+0x328/0x630 [ 17.792404] ret_from_fork+0x10/0x20 [ 17.792449] [ 17.792470] The buggy address belongs to the object at fff00000c3fc6220 [ 17.792470] which belongs to the cache kmalloc-16 of size 16 [ 17.792530] The buggy address is located 8 bytes inside of [ 17.792530] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.792619] [ 17.792641] The buggy address belongs to the physical page: [ 17.792699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.792752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.792801] page_type: f5(slab) [ 17.792863] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.792931] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.792975] page dumped because: kasan: bad access detected [ 17.793009] [ 17.793039] Memory state around the buggy address: [ 17.793072] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.793123] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.793167] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.793206] ^ [ 17.793242] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793292] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793351] ================================================================== [ 17.777283] ================================================================== [ 17.777497] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 17.777591] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.777652] [ 17.777811] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.777900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.778133] Hardware name: linux,dummy-virt (DT) [ 17.778181] Call trace: [ 17.778311] show_stack+0x20/0x38 (C) [ 17.778447] dump_stack_lvl+0x8c/0xd0 [ 17.778654] print_report+0x118/0x5d0 [ 17.778735] kasan_report+0xdc/0x128 [ 17.778784] __asan_report_load8_noabort+0x20/0x30 [ 17.779258] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 17.779342] kasan_bitops_generic+0x11c/0x1c8 [ 17.779393] kunit_try_run_case+0x170/0x3f0 [ 17.779443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.779498] kthread+0x328/0x630 [ 17.779543] ret_from_fork+0x10/0x20 [ 17.780008] [ 17.780743] Allocated by task 261: [ 17.780810] kasan_save_stack+0x3c/0x68 [ 17.780881] kasan_save_track+0x20/0x40 [ 17.781193] kasan_save_alloc_info+0x40/0x58 [ 17.781470] __kasan_kmalloc+0xd4/0xd8 [ 17.781577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.781714] kasan_bitops_generic+0xa0/0x1c8 [ 17.781781] kunit_try_run_case+0x170/0x3f0 [ 17.781856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.782198] kthread+0x328/0x630 [ 17.782649] ret_from_fork+0x10/0x20 [ 17.782744] [ 17.782836] The buggy address belongs to the object at fff00000c3fc6220 [ 17.782836] which belongs to the cache kmalloc-16 of size 16 [ 17.782901] The buggy address is located 8 bytes inside of [ 17.782901] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.783061] [ 17.783253] The buggy address belongs to the physical page: [ 17.783592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.784080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.784266] page_type: f5(slab) [ 17.784325] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.784598] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.784996] page dumped because: kasan: bad access detected [ 17.785282] [ 17.785311] Memory state around the buggy address: [ 17.785517] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.785784] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.785878] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.785928] ^ [ 17.786095] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.786149] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.786191] ================================================================== [ 17.747366] ================================================================== [ 17.747641] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.747714] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.747818] [ 17.748267] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.748398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.748475] Hardware name: linux,dummy-virt (DT) [ 17.748695] Call trace: [ 17.748948] show_stack+0x20/0x38 (C) [ 17.749018] dump_stack_lvl+0x8c/0xd0 [ 17.749230] print_report+0x118/0x5d0 [ 17.749685] kasan_report+0xdc/0x128 [ 17.749847] kasan_check_range+0x100/0x1a8 [ 17.750275] __kasan_check_write+0x20/0x30 [ 17.750765] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.750921] kasan_bitops_generic+0x11c/0x1c8 [ 17.751197] kunit_try_run_case+0x170/0x3f0 [ 17.751461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751798] kthread+0x328/0x630 [ 17.751984] ret_from_fork+0x10/0x20 [ 17.752156] [ 17.752199] Allocated by task 261: [ 17.752442] kasan_save_stack+0x3c/0x68 [ 17.752617] kasan_save_track+0x20/0x40 [ 17.752728] kasan_save_alloc_info+0x40/0x58 [ 17.752831] __kasan_kmalloc+0xd4/0xd8 [ 17.753057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.753213] kasan_bitops_generic+0xa0/0x1c8 [ 17.753334] kunit_try_run_case+0x170/0x3f0 [ 17.753514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.753688] kthread+0x328/0x630 [ 17.753811] ret_from_fork+0x10/0x20 [ 17.753917] [ 17.753960] The buggy address belongs to the object at fff00000c3fc6220 [ 17.753960] which belongs to the cache kmalloc-16 of size 16 [ 17.754171] The buggy address is located 8 bytes inside of [ 17.754171] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.754425] [ 17.754474] The buggy address belongs to the physical page: [ 17.754509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.754926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.755160] page_type: f5(slab) [ 17.755234] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.755564] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.755723] page dumped because: kasan: bad access detected [ 17.755761] [ 17.755782] Memory state around the buggy address: [ 17.756070] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.756336] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.756699] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.756908] ^ [ 17.756951] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756999] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757042] ================================================================== [ 17.761584] ================================================================== [ 17.761658] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.761730] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.761783] [ 17.761830] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.761915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.761954] Hardware name: linux,dummy-virt (DT) [ 17.761990] Call trace: [ 17.762015] show_stack+0x20/0x38 (C) [ 17.762066] dump_stack_lvl+0x8c/0xd0 [ 17.762118] print_report+0x118/0x5d0 [ 17.762169] kasan_report+0xdc/0x128 [ 17.762228] __asan_report_load8_noabort+0x20/0x30 [ 17.762283] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.762341] kasan_bitops_generic+0x11c/0x1c8 [ 17.762390] kunit_try_run_case+0x170/0x3f0 [ 17.762449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.762506] kthread+0x328/0x630 [ 17.762550] ret_from_fork+0x10/0x20 [ 17.762597] [ 17.762627] Allocated by task 261: [ 17.762657] kasan_save_stack+0x3c/0x68 [ 17.762711] kasan_save_track+0x20/0x40 [ 17.762749] kasan_save_alloc_info+0x40/0x58 [ 17.762791] __kasan_kmalloc+0xd4/0xd8 [ 17.762829] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.762871] kasan_bitops_generic+0xa0/0x1c8 [ 17.762909] kunit_try_run_case+0x170/0x3f0 [ 17.762964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.764071] kthread+0x328/0x630 [ 17.764162] ret_from_fork+0x10/0x20 [ 17.764227] [ 17.764249] The buggy address belongs to the object at fff00000c3fc6220 [ 17.764249] which belongs to the cache kmalloc-16 of size 16 [ 17.764335] The buggy address is located 8 bytes inside of [ 17.764335] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.764410] [ 17.764433] The buggy address belongs to the physical page: [ 17.764465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.764703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.764972] page_type: f5(slab) [ 17.765263] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.765349] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.765401] page dumped because: kasan: bad access detected [ 17.765436] [ 17.765717] Memory state around the buggy address: [ 17.765985] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.766167] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.766243] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.766338] ^ [ 17.766375] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.766425] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.766829] ================================================================== [ 17.794457] ================================================================== [ 17.794510] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 17.794563] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.794616] [ 17.795206] Hardware name: linux,dummy-virt (DT) [ 17.800098] kunit_try_run_case+0x170/0x3f0 [ 17.801389] [ 17.801764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.802361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.803484] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.804354] ================================================================== [ 17.768049] ================================================================== [ 17.768111] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 17.768166] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.768450] [ 17.768496] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.768684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.768720] Hardware name: linux,dummy-virt (DT) [ 17.768797] Call trace: [ 17.768825] show_stack+0x20/0x38 (C) [ 17.768878] dump_stack_lvl+0x8c/0xd0 [ 17.769215] print_report+0x118/0x5d0 [ 17.769354] kasan_report+0xdc/0x128 [ 17.769438] kasan_check_range+0x100/0x1a8 [ 17.769534] __kasan_check_write+0x20/0x30 [ 17.769633] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 17.769707] kasan_bitops_generic+0x11c/0x1c8 [ 17.769757] kunit_try_run_case+0x170/0x3f0 [ 17.769813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.769869] kthread+0x328/0x630 [ 17.769915] ret_from_fork+0x10/0x20 [ 17.770491] [ 17.770574] Allocated by task 261: [ 17.770612] kasan_save_stack+0x3c/0x68 [ 17.770670] kasan_save_track+0x20/0x40 [ 17.771202] kasan_save_alloc_info+0x40/0x58 [ 17.771294] __kasan_kmalloc+0xd4/0xd8 [ 17.771390] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.771583] kasan_bitops_generic+0xa0/0x1c8 [ 17.771634] kunit_try_run_case+0x170/0x3f0 [ 17.771781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.771940] kthread+0x328/0x630 [ 17.772177] ret_from_fork+0x10/0x20 [ 17.772295] [ 17.772374] The buggy address belongs to the object at fff00000c3fc6220 [ 17.772374] which belongs to the cache kmalloc-16 of size 16 [ 17.772517] The buggy address is located 8 bytes inside of [ 17.772517] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.772610] [ 17.772787] The buggy address belongs to the physical page: [ 17.773036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.773172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.773284] page_type: f5(slab) [ 17.773393] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.773809] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.773877] page dumped because: kasan: bad access detected [ 17.774026] [ 17.774125] Memory state around the buggy address: [ 17.774311] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.774390] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.774933] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.774990] ^ [ 17.775111] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775174] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775781] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.726524] ================================================================== [ 17.727520] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 17.727610] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.727679] [ 17.727712] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.727797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.727825] Hardware name: linux,dummy-virt (DT) [ 17.727858] Call trace: [ 17.727977] show_stack+0x20/0x38 (C) [ 17.728029] dump_stack_lvl+0x8c/0xd0 [ 17.728076] print_report+0x118/0x5d0 [ 17.728158] kasan_report+0xdc/0x128 [ 17.728205] kasan_check_range+0x100/0x1a8 [ 17.728286] __kasan_check_write+0x20/0x30 [ 17.728333] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 17.728415] kasan_bitops_generic+0x110/0x1c8 [ 17.728474] kunit_try_run_case+0x170/0x3f0 [ 17.728527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.728598] kthread+0x328/0x630 [ 17.728834] ret_from_fork+0x10/0x20 [ 17.728891] [ 17.728918] Allocated by task 261: [ 17.728957] kasan_save_stack+0x3c/0x68 [ 17.729119] kasan_save_track+0x20/0x40 [ 17.729161] kasan_save_alloc_info+0x40/0x58 [ 17.729249] __kasan_kmalloc+0xd4/0xd8 [ 17.729312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.729471] kasan_bitops_generic+0xa0/0x1c8 [ 17.729514] kunit_try_run_case+0x170/0x3f0 [ 17.729594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.730308] kthread+0x328/0x630 [ 17.730384] ret_from_fork+0x10/0x20 [ 17.730423] [ 17.730445] The buggy address belongs to the object at fff00000c3fc6220 [ 17.730445] which belongs to the cache kmalloc-16 of size 16 [ 17.730505] The buggy address is located 8 bytes inside of [ 17.730505] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.730658] [ 17.730692] The buggy address belongs to the physical page: [ 17.730725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.730800] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.730875] page_type: f5(slab) [ 17.730945] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.731120] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.731168] page dumped because: kasan: bad access detected [ 17.731286] [ 17.731309] Memory state around the buggy address: [ 17.731354] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.731458] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.731558] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.731624] ^ [ 17.731659] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.731711] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.731751] ================================================================== [ 17.702049] ================================================================== [ 17.702113] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.702169] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.702222] [ 17.702746] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.702967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.703001] Hardware name: linux,dummy-virt (DT) [ 17.703101] Call trace: [ 17.703127] show_stack+0x20/0x38 (C) [ 17.703440] dump_stack_lvl+0x8c/0xd0 [ 17.703512] print_report+0x118/0x5d0 [ 17.703807] kasan_report+0xdc/0x128 [ 17.704114] kasan_check_range+0x100/0x1a8 [ 17.704236] __kasan_check_write+0x20/0x30 [ 17.704629] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.704803] kasan_bitops_generic+0x110/0x1c8 [ 17.704856] kunit_try_run_case+0x170/0x3f0 [ 17.705329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.705396] kthread+0x328/0x630 [ 17.705441] ret_from_fork+0x10/0x20 [ 17.705955] [ 17.706051] Allocated by task 261: [ 17.706155] kasan_save_stack+0x3c/0x68 [ 17.706493] kasan_save_track+0x20/0x40 [ 17.706538] kasan_save_alloc_info+0x40/0x58 [ 17.706947] __kasan_kmalloc+0xd4/0xd8 [ 17.707051] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.707103] kasan_bitops_generic+0xa0/0x1c8 [ 17.707232] kunit_try_run_case+0x170/0x3f0 [ 17.707276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.707320] kthread+0x328/0x630 [ 17.707660] ret_from_fork+0x10/0x20 [ 17.707783] [ 17.707833] The buggy address belongs to the object at fff00000c3fc6220 [ 17.707833] which belongs to the cache kmalloc-16 of size 16 [ 17.707967] The buggy address is located 8 bytes inside of [ 17.707967] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.708563] [ 17.708591] The buggy address belongs to the physical page: [ 17.708793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.709128] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.709227] page_type: f5(slab) [ 17.709336] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.709620] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.709879] page dumped because: kasan: bad access detected [ 17.709969] [ 17.710071] Memory state around the buggy address: [ 17.710411] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.710464] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.710579] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.710679] ^ [ 17.710714] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711179] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711320] ================================================================== [ 17.662436] ================================================================== [ 17.662765] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.663143] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.663490] [ 17.663528] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.663931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.664039] Hardware name: linux,dummy-virt (DT) [ 17.664654] Call trace: [ 17.664807] show_stack+0x20/0x38 (C) [ 17.664912] dump_stack_lvl+0x8c/0xd0 [ 17.664959] print_report+0x118/0x5d0 [ 17.665007] kasan_report+0xdc/0x128 [ 17.665053] kasan_check_range+0x100/0x1a8 [ 17.665103] __kasan_check_write+0x20/0x30 [ 17.665516] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.666200] kasan_bitops_generic+0x110/0x1c8 [ 17.666462] kunit_try_run_case+0x170/0x3f0 [ 17.666964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.667143] kthread+0x328/0x630 [ 17.667267] ret_from_fork+0x10/0x20 [ 17.667427] [ 17.667786] Allocated by task 261: [ 17.667835] kasan_save_stack+0x3c/0x68 [ 17.667972] kasan_save_track+0x20/0x40 [ 17.668121] kasan_save_alloc_info+0x40/0x58 [ 17.668169] __kasan_kmalloc+0xd4/0xd8 [ 17.668780] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.668830] kasan_bitops_generic+0xa0/0x1c8 [ 17.669275] kunit_try_run_case+0x170/0x3f0 [ 17.669582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.670029] kthread+0x328/0x630 [ 17.670266] ret_from_fork+0x10/0x20 [ 17.670433] [ 17.671090] The buggy address belongs to the object at fff00000c3fc6220 [ 17.671090] which belongs to the cache kmalloc-16 of size 16 [ 17.671221] The buggy address is located 8 bytes inside of [ 17.671221] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.671287] [ 17.671335] The buggy address belongs to the physical page: [ 17.671658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.671730] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.671781] page_type: f5(slab) [ 17.671822] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.672267] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.672322] page dumped because: kasan: bad access detected [ 17.672760] [ 17.672830] Memory state around the buggy address: [ 17.673169] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.673319] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.673638] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.673947] ^ [ 17.674081] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674132] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.674457] ================================================================== [ 17.712446] ================================================================== [ 17.712499] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 17.712554] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.712609] [ 17.714017] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.714326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.714359] Hardware name: linux,dummy-virt (DT) [ 17.714395] Call trace: [ 17.714421] show_stack+0x20/0x38 (C) [ 17.714475] dump_stack_lvl+0x8c/0xd0 [ 17.714523] print_report+0x118/0x5d0 [ 17.715613] kasan_report+0xdc/0x128 [ 17.715718] __asan_report_load8_noabort+0x20/0x30 [ 17.715912] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 17.716197] kasan_bitops_generic+0x110/0x1c8 [ 17.716515] kunit_try_run_case+0x170/0x3f0 [ 17.717049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.717555] kthread+0x328/0x630 [ 17.717918] ret_from_fork+0x10/0x20 [ 17.718033] [ 17.718056] Allocated by task 261: [ 17.718564] kasan_save_stack+0x3c/0x68 [ 17.719080] kasan_save_track+0x20/0x40 [ 17.719152] kasan_save_alloc_info+0x40/0x58 [ 17.719349] __kasan_kmalloc+0xd4/0xd8 [ 17.719629] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.719814] kasan_bitops_generic+0xa0/0x1c8 [ 17.720076] kunit_try_run_case+0x170/0x3f0 [ 17.720132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.720647] kthread+0x328/0x630 [ 17.720709] ret_from_fork+0x10/0x20 [ 17.720746] [ 17.720768] The buggy address belongs to the object at fff00000c3fc6220 [ 17.720768] which belongs to the cache kmalloc-16 of size 16 [ 17.721154] The buggy address is located 8 bytes inside of [ 17.721154] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.721452] [ 17.721607] The buggy address belongs to the physical page: [ 17.721646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.722090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.722457] page_type: f5(slab) [ 17.722520] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.722736] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.722783] page dumped because: kasan: bad access detected [ 17.723237] [ 17.723264] Memory state around the buggy address: [ 17.723646] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.723712] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.724571] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.724689] ^ [ 17.724732] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.724780] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.725504] ================================================================== [ 17.633100] ================================================================== [ 17.633171] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.633233] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.634754] [ 17.634822] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.635031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.635061] Hardware name: linux,dummy-virt (DT) [ 17.635094] Call trace: [ 17.635156] show_stack+0x20/0x38 (C) [ 17.635674] dump_stack_lvl+0x8c/0xd0 [ 17.635745] print_report+0x118/0x5d0 [ 17.635919] kasan_report+0xdc/0x128 [ 17.635969] kasan_check_range+0x100/0x1a8 [ 17.636213] __kasan_check_write+0x20/0x30 [ 17.636599] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.636897] kasan_bitops_generic+0x110/0x1c8 [ 17.637379] kunit_try_run_case+0x170/0x3f0 [ 17.637552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.638061] kthread+0x328/0x630 [ 17.638135] ret_from_fork+0x10/0x20 [ 17.638630] [ 17.638795] Allocated by task 261: [ 17.639112] kasan_save_stack+0x3c/0x68 [ 17.639172] kasan_save_track+0x20/0x40 [ 17.639283] kasan_save_alloc_info+0x40/0x58 [ 17.639449] __kasan_kmalloc+0xd4/0xd8 [ 17.639726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.639792] kasan_bitops_generic+0xa0/0x1c8 [ 17.639834] kunit_try_run_case+0x170/0x3f0 [ 17.640223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.640300] kthread+0x328/0x630 [ 17.640336] ret_from_fork+0x10/0x20 [ 17.640806] [ 17.640833] The buggy address belongs to the object at fff00000c3fc6220 [ 17.640833] which belongs to the cache kmalloc-16 of size 16 [ 17.640989] The buggy address is located 8 bytes inside of [ 17.640989] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.641450] [ 17.641623] The buggy address belongs to the physical page: [ 17.641961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.642127] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.642610] page_type: f5(slab) [ 17.642858] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.643065] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.643294] page dumped because: kasan: bad access detected [ 17.643544] [ 17.643728] Memory state around the buggy address: [ 17.644223] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.644475] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.644710] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.644751] ^ [ 17.645047] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.645440] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.645489] ================================================================== [ 17.739559] ================================================================== [ 17.739612] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 17.739753] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.739817] [ 17.739862] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.740107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.740241] Hardware name: linux,dummy-virt (DT) [ 17.740296] Call trace: [ 17.740320] show_stack+0x20/0x38 (C) [ 17.740478] dump_stack_lvl+0x8c/0xd0 [ 17.740590] print_report+0x118/0x5d0 [ 17.740641] kasan_report+0xdc/0x128 [ 17.740702] __asan_report_load8_noabort+0x20/0x30 [ 17.740754] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 17.740809] kasan_bitops_generic+0x110/0x1c8 [ 17.740858] kunit_try_run_case+0x170/0x3f0 [ 17.740916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.740973] kthread+0x328/0x630 [ 17.741027] ret_from_fork+0x10/0x20 [ 17.741078] [ 17.741098] Allocated by task 261: [ 17.741129] kasan_save_stack+0x3c/0x68 [ 17.741170] kasan_save_track+0x20/0x40 [ 17.741215] kasan_save_alloc_info+0x40/0x58 [ 17.741257] __kasan_kmalloc+0xd4/0xd8 [ 17.741295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.741349] kasan_bitops_generic+0xa0/0x1c8 [ 17.741391] kunit_try_run_case+0x170/0x3f0 [ 17.741436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.741480] kthread+0x328/0x630 [ 17.741515] ret_from_fork+0x10/0x20 [ 17.741551] [ 17.741581] The buggy address belongs to the object at fff00000c3fc6220 [ 17.741581] which belongs to the cache kmalloc-16 of size 16 [ 17.741651] The buggy address is located 8 bytes inside of [ 17.741651] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.742217] [ 17.742393] The buggy address belongs to the physical page: [ 17.742494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.742555] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.742632] page_type: f5(slab) [ 17.742937] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.743212] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.743267] page dumped because: kasan: bad access detected [ 17.743328] [ 17.743514] Memory state around the buggy address: [ 17.743654] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.743895] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.744080] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.744232] ^ [ 17.744395] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.744758] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.745554] ================================================================== [ 17.651642] ================================================================== [ 17.651724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.652035] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.652166] [ 17.652203] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.652557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.652864] Hardware name: linux,dummy-virt (DT) [ 17.652904] Call trace: [ 17.652968] show_stack+0x20/0x38 (C) [ 17.653368] dump_stack_lvl+0x8c/0xd0 [ 17.653648] print_report+0x118/0x5d0 [ 17.654007] kasan_report+0xdc/0x128 [ 17.654120] __asan_report_load8_noabort+0x20/0x30 [ 17.654369] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.654605] kasan_bitops_generic+0x110/0x1c8 [ 17.654766] kunit_try_run_case+0x170/0x3f0 [ 17.654816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.654871] kthread+0x328/0x630 [ 17.654914] ret_from_fork+0x10/0x20 [ 17.655494] [ 17.655531] Allocated by task 261: [ 17.655616] kasan_save_stack+0x3c/0x68 [ 17.655675] kasan_save_track+0x20/0x40 [ 17.655839] kasan_save_alloc_info+0x40/0x58 [ 17.655945] __kasan_kmalloc+0xd4/0xd8 [ 17.656307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.656357] kasan_bitops_generic+0xa0/0x1c8 [ 17.656890] kunit_try_run_case+0x170/0x3f0 [ 17.656944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.657162] kthread+0x328/0x630 [ 17.657316] ret_from_fork+0x10/0x20 [ 17.657723] [ 17.657885] The buggy address belongs to the object at fff00000c3fc6220 [ 17.657885] which belongs to the cache kmalloc-16 of size 16 [ 17.658018] The buggy address is located 8 bytes inside of [ 17.658018] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.658084] [ 17.658687] The buggy address belongs to the physical page: [ 17.658878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.658940] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.658996] page_type: f5(slab) [ 17.659737] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.659799] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.659925] page dumped because: kasan: bad access detected [ 17.659989] [ 17.660038] Memory state around the buggy address: [ 17.660141] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.660420] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.660472] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.660511] ^ [ 17.660546] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.660589] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.660632] ================================================================== [ 17.675765] ================================================================== [ 17.677014] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.677099] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.677198] [ 17.677234] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.677316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.677347] Hardware name: linux,dummy-virt (DT) [ 17.677381] Call trace: [ 17.677405] show_stack+0x20/0x38 (C) [ 17.677455] dump_stack_lvl+0x8c/0xd0 [ 17.677504] print_report+0x118/0x5d0 [ 17.677552] kasan_report+0xdc/0x128 [ 17.677601] __asan_report_load8_noabort+0x20/0x30 [ 17.677654] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.678054] kasan_bitops_generic+0x110/0x1c8 [ 17.678434] kunit_try_run_case+0x170/0x3f0 [ 17.678489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.678791] kthread+0x328/0x630 [ 17.678917] ret_from_fork+0x10/0x20 [ 17.679240] [ 17.679311] Allocated by task 261: [ 17.679345] kasan_save_stack+0x3c/0x68 [ 17.679392] kasan_save_track+0x20/0x40 [ 17.679430] kasan_save_alloc_info+0x40/0x58 [ 17.680135] __kasan_kmalloc+0xd4/0xd8 [ 17.680199] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.680581] kasan_bitops_generic+0xa0/0x1c8 [ 17.680638] kunit_try_run_case+0x170/0x3f0 [ 17.680946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.680996] kthread+0x328/0x630 [ 17.681054] ret_from_fork+0x10/0x20 [ 17.681469] [ 17.681495] The buggy address belongs to the object at fff00000c3fc6220 [ 17.681495] which belongs to the cache kmalloc-16 of size 16 [ 17.681997] The buggy address is located 8 bytes inside of [ 17.681997] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.682214] [ 17.682241] The buggy address belongs to the physical page: [ 17.682568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.682916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.683113] page_type: f5(slab) [ 17.683228] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.683290] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.683747] page dumped because: kasan: bad access detected [ 17.683791] [ 17.683820] Memory state around the buggy address: [ 17.684201] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.684551] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.685052] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.685492] ^ [ 17.685672] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.685768] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.686230] ================================================================== [ 17.687843] ================================================================== [ 17.688797] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.688902] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.688979] [ 17.689108] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.689559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.689765] Hardware name: linux,dummy-virt (DT) [ 17.690117] Call trace: [ 17.690154] show_stack+0x20/0x38 (C) [ 17.690209] dump_stack_lvl+0x8c/0xd0 [ 17.690257] print_report+0x118/0x5d0 [ 17.690306] kasan_report+0xdc/0x128 [ 17.690352] kasan_check_range+0x100/0x1a8 [ 17.691178] __kasan_check_write+0x20/0x30 [ 17.691283] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.691410] kasan_bitops_generic+0x110/0x1c8 [ 17.691583] kunit_try_run_case+0x170/0x3f0 [ 17.691631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.692286] kthread+0x328/0x630 [ 17.692388] ret_from_fork+0x10/0x20 [ 17.692593] [ 17.692896] Allocated by task 261: [ 17.692934] kasan_save_stack+0x3c/0x68 [ 17.693306] kasan_save_track+0x20/0x40 [ 17.693398] kasan_save_alloc_info+0x40/0x58 [ 17.693443] __kasan_kmalloc+0xd4/0xd8 [ 17.693725] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.694075] kasan_bitops_generic+0xa0/0x1c8 [ 17.694164] kunit_try_run_case+0x170/0x3f0 [ 17.694620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.694772] kthread+0x328/0x630 [ 17.694810] ret_from_fork+0x10/0x20 [ 17.695136] [ 17.695160] The buggy address belongs to the object at fff00000c3fc6220 [ 17.695160] which belongs to the cache kmalloc-16 of size 16 [ 17.695221] The buggy address is located 8 bytes inside of [ 17.695221] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.695285] [ 17.695308] The buggy address belongs to the physical page: [ 17.695813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.696155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.696522] page_type: f5(slab) [ 17.696738] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.697114] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.697261] page dumped because: kasan: bad access detected [ 17.697558] [ 17.697581] Memory state around the buggy address: [ 17.697948] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.698156] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.698214] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.698639] ^ [ 17.698843] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.698913] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.699265] ================================================================== [ 17.732274] ================================================================== [ 17.732329] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 17.732390] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.732441] [ 17.732472] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.732553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.732581] Hardware name: linux,dummy-virt (DT) [ 17.732614] Call trace: [ 17.732638] show_stack+0x20/0x38 (C) [ 17.732702] dump_stack_lvl+0x8c/0xd0 [ 17.732750] print_report+0x118/0x5d0 [ 17.733393] kasan_report+0xdc/0x128 [ 17.733483] kasan_check_range+0x100/0x1a8 [ 17.733620] __kasan_check_write+0x20/0x30 [ 17.733684] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 17.733737] kasan_bitops_generic+0x110/0x1c8 [ 17.733836] kunit_try_run_case+0x170/0x3f0 [ 17.733924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.734021] kthread+0x328/0x630 [ 17.734091] ret_from_fork+0x10/0x20 [ 17.734202] [ 17.734227] Allocated by task 261: [ 17.734261] kasan_save_stack+0x3c/0x68 [ 17.734469] kasan_save_track+0x20/0x40 [ 17.734622] kasan_save_alloc_info+0x40/0x58 [ 17.734686] __kasan_kmalloc+0xd4/0xd8 [ 17.734726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.734866] kasan_bitops_generic+0xa0/0x1c8 [ 17.734918] kunit_try_run_case+0x170/0x3f0 [ 17.734959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.735014] kthread+0x328/0x630 [ 17.735048] ret_from_fork+0x10/0x20 [ 17.735087] [ 17.735109] The buggy address belongs to the object at fff00000c3fc6220 [ 17.735109] which belongs to the cache kmalloc-16 of size 16 [ 17.735353] The buggy address is located 8 bytes inside of [ 17.735353] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.736233] [ 17.736313] The buggy address belongs to the physical page: [ 17.736433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.736589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.737003] page_type: f5(slab) [ 17.737056] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.737276] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.737478] page dumped because: kasan: bad access detected [ 17.737577] [ 17.737696] Memory state around the buggy address: [ 17.737752] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.737830] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.738218] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.738290] ^ [ 17.738429] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.738522] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.738652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.570195] ================================================================== [ 17.570276] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.570347] Read of size 1 at addr fff00000c78bb458 by task kunit_try_catch/257 [ 17.570402] [ 17.570446] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.570531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.570561] Hardware name: linux,dummy-virt (DT) [ 17.570597] Call trace: [ 17.570624] show_stack+0x20/0x38 (C) [ 17.570689] dump_stack_lvl+0x8c/0xd0 [ 17.570739] print_report+0x118/0x5d0 [ 17.570791] kasan_report+0xdc/0x128 [ 17.570839] __asan_report_load1_noabort+0x20/0x30 [ 17.570893] memcmp+0x198/0x1d8 [ 17.570935] kasan_memcmp+0x16c/0x300 [ 17.570981] kunit_try_run_case+0x170/0x3f0 [ 17.572106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.572177] kthread+0x328/0x630 [ 17.572400] ret_from_fork+0x10/0x20 [ 17.572459] [ 17.572483] Allocated by task 257: [ 17.572514] kasan_save_stack+0x3c/0x68 [ 17.572935] kasan_save_track+0x20/0x40 [ 17.573191] kasan_save_alloc_info+0x40/0x58 [ 17.573244] __kasan_kmalloc+0xd4/0xd8 [ 17.573583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.573953] kasan_memcmp+0xbc/0x300 [ 17.574019] kunit_try_run_case+0x170/0x3f0 [ 17.574393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.574444] kthread+0x328/0x630 [ 17.574937] ret_from_fork+0x10/0x20 [ 17.575395] [ 17.575639] The buggy address belongs to the object at fff00000c78bb440 [ 17.575639] which belongs to the cache kmalloc-32 of size 32 [ 17.575905] The buggy address is located 0 bytes to the right of [ 17.575905] allocated 24-byte region [fff00000c78bb440, fff00000c78bb458) [ 17.576187] [ 17.576269] The buggy address belongs to the physical page: [ 17.576501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078bb [ 17.576970] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.577035] page_type: f5(slab) [ 17.577372] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.577431] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.577476] page dumped because: kasan: bad access detected [ 17.577918] [ 17.578218] Memory state around the buggy address: [ 17.578309] fff00000c78bb300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.578358] fff00000c78bb380: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.578533] >fff00000c78bb400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.578765] ^ [ 17.578827] fff00000c78bb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.578874] fff00000c78bb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.579080] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.535808] ================================================================== [ 17.535924] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.535982] Read of size 1 at addr ffff800080b47b4a by task kunit_try_catch/253 [ 17.536033] [ 17.536065] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.536253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.536283] Hardware name: linux,dummy-virt (DT) [ 17.536539] Call trace: [ 17.536565] show_stack+0x20/0x38 (C) [ 17.536619] dump_stack_lvl+0x8c/0xd0 [ 17.536678] print_report+0x310/0x5d0 [ 17.536725] kasan_report+0xdc/0x128 [ 17.536773] __asan_report_load1_noabort+0x20/0x30 [ 17.536825] kasan_alloca_oob_right+0x2dc/0x340 [ 17.536873] kunit_try_run_case+0x170/0x3f0 [ 17.536922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.538099] kthread+0x328/0x630 [ 17.538148] ret_from_fork+0x10/0x20 [ 17.538197] [ 17.538223] The buggy address belongs to stack of task kunit_try_catch/253 [ 17.538286] [ 17.538394] The buggy address ffff800080b47b4a belongs to a vmalloc virtual mapping [ 17.538617] The buggy address belongs to the physical page: [ 17.538911] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b7 [ 17.539530] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.539852] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.540120] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.540208] page dumped because: kasan: bad access detected [ 17.540296] [ 17.540405] Memory state around the buggy address: [ 17.540454] ffff800080b47a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.540499] ffff800080b47a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.540544] >ffff800080b47b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.540584] ^ [ 17.540780] ffff800080b47b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.540940] ffff800080b47c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.540987] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.521442] ================================================================== [ 17.521521] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.521577] Read of size 1 at addr ffff800080b47b5f by task kunit_try_catch/251 [ 17.521628] [ 17.521659] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.522115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.522492] Hardware name: linux,dummy-virt (DT) [ 17.522796] Call trace: [ 17.522822] show_stack+0x20/0x38 (C) [ 17.522928] dump_stack_lvl+0x8c/0xd0 [ 17.523164] print_report+0x310/0x5d0 [ 17.523463] kasan_report+0xdc/0x128 [ 17.523540] __asan_report_load1_noabort+0x20/0x30 [ 17.523779] kasan_alloca_oob_left+0x2b8/0x310 [ 17.524025] kunit_try_run_case+0x170/0x3f0 [ 17.524138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.524220] kthread+0x328/0x630 [ 17.524262] ret_from_fork+0x10/0x20 [ 17.524317] [ 17.524360] The buggy address belongs to stack of task kunit_try_catch/251 [ 17.524635] [ 17.524909] The buggy address ffff800080b47b5f belongs to a vmalloc virtual mapping [ 17.524956] The buggy address belongs to the physical page: [ 17.524987] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b7 [ 17.525042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.525421] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.525703] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.525763] page dumped because: kasan: bad access detected [ 17.526151] [ 17.526180] Memory state around the buggy address: [ 17.526241] ffff800080b47a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.526347] ffff800080b47a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.526420] >ffff800080b47b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.526458] ^ [ 17.526495] ffff800080b47b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.526548] ffff800080b47c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.526589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.507137] ================================================================== [ 17.507457] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.507515] Read of size 1 at addr ffff800080b47c2a by task kunit_try_catch/249 [ 17.507565] [ 17.507597] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.507870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.507981] Hardware name: linux,dummy-virt (DT) [ 17.508018] Call trace: [ 17.508042] show_stack+0x20/0x38 (C) [ 17.508179] dump_stack_lvl+0x8c/0xd0 [ 17.508272] print_report+0x310/0x5d0 [ 17.508317] kasan_report+0xdc/0x128 [ 17.508399] __asan_report_load1_noabort+0x20/0x30 [ 17.508512] kasan_stack_oob+0x238/0x270 [ 17.508628] kunit_try_run_case+0x170/0x3f0 [ 17.508684] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.508736] kthread+0x328/0x630 [ 17.508777] ret_from_fork+0x10/0x20 [ 17.509180] [ 17.509449] The buggy address belongs to stack of task kunit_try_catch/249 [ 17.509622] and is located at offset 138 in frame: [ 17.509658] kasan_stack_oob+0x0/0x270 [ 17.510288] [ 17.510330] This frame has 4 objects: [ 17.510752] [48, 49) '__assertion' [ 17.510801] [64, 72) 'array' [ 17.510835] [96, 112) '__assertion' [ 17.510877] [128, 138) 'stack_array' [ 17.511121] [ 17.511252] The buggy address ffff800080b47c2a belongs to a vmalloc virtual mapping [ 17.511375] The buggy address belongs to the physical page: [ 17.511416] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b7 [ 17.511568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.511672] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.511727] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.511783] page dumped because: kasan: bad access detected [ 17.511815] [ 17.511833] Memory state around the buggy address: [ 17.511866] ffff800080b47b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.512057] ffff800080b47b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.512117] >ffff800080b47c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.512155] ^ [ 17.512198] ffff800080b47c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.512311] ffff800080b47d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.512349] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.482977] ================================================================== [ 17.483953] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.484111] Read of size 1 at addr ffff9f28a9b4f58d by task kunit_try_catch/245 [ 17.484162] [ 17.484710] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.485255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.485291] Hardware name: linux,dummy-virt (DT) [ 17.485323] Call trace: [ 17.485346] show_stack+0x20/0x38 (C) [ 17.485479] dump_stack_lvl+0x8c/0xd0 [ 17.486182] print_report+0x310/0x5d0 [ 17.486370] kasan_report+0xdc/0x128 [ 17.486558] __asan_report_load1_noabort+0x20/0x30 [ 17.486722] kasan_global_oob_right+0x230/0x270 [ 17.487017] kunit_try_run_case+0x170/0x3f0 [ 17.487250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.487358] kthread+0x328/0x630 [ 17.487403] ret_from_fork+0x10/0x20 [ 17.487462] [ 17.487599] The buggy address belongs to the variable: [ 17.487640] global_array+0xd/0x40 [ 17.487706] [ 17.487761] The buggy address ffff9f28a9b4f58d belongs to a vmalloc virtual mapping [ 17.488094] The buggy address belongs to the physical page: [ 17.488203] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.488277] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.488370] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.488492] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.488821] page dumped because: kasan: bad access detected [ 17.488883] [ 17.488946] Memory state around the buggy address: [ 17.488990] ffff9f28a9b4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.489041] ffff9f28a9b4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.489365] >ffff9f28a9b4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.489403] ^ [ 17.489433] ffff9f28a9b4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.489475] ffff9f28a9b4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.489864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.450975] ================================================================== [ 17.451258] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.451456] Free of addr fff00000c7025901 by task kunit_try_catch/241 [ 17.451523] [ 17.451557] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.451638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.451678] Hardware name: linux,dummy-virt (DT) [ 17.451709] Call trace: [ 17.451733] show_stack+0x20/0x38 (C) [ 17.451782] dump_stack_lvl+0x8c/0xd0 [ 17.451829] print_report+0x118/0x5d0 [ 17.452155] kasan_report_invalid_free+0xc0/0xe8 [ 17.452215] check_slab_allocation+0xfc/0x108 [ 17.452262] __kasan_mempool_poison_object+0x78/0x150 [ 17.452325] mempool_free+0x28c/0x328 [ 17.452392] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.452498] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.452547] kunit_try_run_case+0x170/0x3f0 [ 17.452893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.452965] kthread+0x328/0x630 [ 17.453008] ret_from_fork+0x10/0x20 [ 17.453327] [ 17.453347] Allocated by task 241: [ 17.453376] kasan_save_stack+0x3c/0x68 [ 17.453419] kasan_save_track+0x20/0x40 [ 17.453454] kasan_save_alloc_info+0x40/0x58 [ 17.453509] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.453552] remove_element+0x130/0x1f8 [ 17.453892] mempool_alloc_preallocated+0x58/0xc0 [ 17.453954] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.453997] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.454122] kunit_try_run_case+0x170/0x3f0 [ 17.454160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.454203] kthread+0x328/0x630 [ 17.454236] ret_from_fork+0x10/0x20 [ 17.454270] [ 17.454292] The buggy address belongs to the object at fff00000c7025900 [ 17.454292] which belongs to the cache kmalloc-128 of size 128 [ 17.454404] The buggy address is located 1 bytes inside of [ 17.454404] 128-byte region [fff00000c7025900, fff00000c7025980) [ 17.454627] [ 17.454648] The buggy address belongs to the physical page: [ 17.455255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 17.455478] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.455551] page_type: f5(slab) [ 17.455623] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.455761] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.455892] page dumped because: kasan: bad access detected [ 17.455958] [ 17.455975] Memory state around the buggy address: [ 17.456007] fff00000c7025800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.456059] fff00000c7025880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.456217] >fff00000c7025900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.456275] ^ [ 17.456315] fff00000c7025980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.456357] fff00000c7025a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.456617] ================================================================== [ 17.469487] ================================================================== [ 17.469546] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.469767] Free of addr fff00000c78a0001 by task kunit_try_catch/243 [ 17.470145] [ 17.470260] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.470342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.470716] Hardware name: linux,dummy-virt (DT) [ 17.470795] Call trace: [ 17.470818] show_stack+0x20/0x38 (C) [ 17.470868] dump_stack_lvl+0x8c/0xd0 [ 17.470915] print_report+0x118/0x5d0 [ 17.470961] kasan_report_invalid_free+0xc0/0xe8 [ 17.471025] __kasan_mempool_poison_object+0xfc/0x150 [ 17.471077] mempool_free+0x28c/0x328 [ 17.471122] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.471315] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.471367] kunit_try_run_case+0x170/0x3f0 [ 17.471416] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.471470] kthread+0x328/0x630 [ 17.471513] ret_from_fork+0x10/0x20 [ 17.471722] [ 17.471973] The buggy address belongs to the physical page: [ 17.472020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 17.472084] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.472297] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.472350] page_type: f8(unknown) [ 17.472399] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.472452] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.472535] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.472583] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.472631] head: 0bfffe0000000002 ffffc1ffc31e2801 00000000ffffffff 00000000ffffffff [ 17.473118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.473231] page dumped because: kasan: bad access detected [ 17.473363] [ 17.473382] Memory state around the buggy address: [ 17.473414] fff00000c789ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473458] fff00000c789ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.473541] >fff00000c78a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.473806] ^ [ 17.473904] fff00000c78a0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.473949] fff00000c78a0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.474022] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.418022] ================================================================== [ 17.418081] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.418142] Free of addr fff00000c7898000 by task kunit_try_catch/237 [ 17.418353] [ 17.418507] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.418768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.418857] Hardware name: linux,dummy-virt (DT) [ 17.418894] Call trace: [ 17.419001] show_stack+0x20/0x38 (C) [ 17.419062] dump_stack_lvl+0x8c/0xd0 [ 17.419109] print_report+0x118/0x5d0 [ 17.419154] kasan_report_invalid_free+0xc0/0xe8 [ 17.419203] __kasan_mempool_poison_object+0x14c/0x150 [ 17.419788] mempool_free+0x28c/0x328 [ 17.419856] mempool_double_free_helper+0x150/0x2e8 [ 17.419956] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.420161] kunit_try_run_case+0x170/0x3f0 [ 17.420238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.420290] kthread+0x328/0x630 [ 17.420332] ret_from_fork+0x10/0x20 [ 17.420863] [ 17.420918] The buggy address belongs to the physical page: [ 17.420985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 17.421052] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.421221] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.421304] page_type: f8(unknown) [ 17.421387] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.421438] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.421764] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.421820] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.421869] head: 0bfffe0000000002 ffffc1ffc31e2601 00000000ffffffff 00000000ffffffff [ 17.421917] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.421983] page dumped because: kasan: bad access detected [ 17.422016] [ 17.422353] Memory state around the buggy address: [ 17.422396] fff00000c7897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.422440] fff00000c7897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.422771] >fff00000c7898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.422813] ^ [ 17.422842] fff00000c7898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.422885] fff00000c7898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.423177] ================================================================== [ 17.432831] ================================================================== [ 17.432891] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.433410] Free of addr fff00000c7898000 by task kunit_try_catch/239 [ 17.433854] [ 17.433900] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.433982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.434010] Hardware name: linux,dummy-virt (DT) [ 17.434157] Call trace: [ 17.434185] show_stack+0x20/0x38 (C) [ 17.434625] dump_stack_lvl+0x8c/0xd0 [ 17.434760] print_report+0x118/0x5d0 [ 17.434828] kasan_report_invalid_free+0xc0/0xe8 [ 17.435009] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.435530] mempool_free+0x24c/0x328 [ 17.435749] mempool_double_free_helper+0x150/0x2e8 [ 17.435799] mempool_page_alloc_double_free+0xbc/0x118 [ 17.435979] kunit_try_run_case+0x170/0x3f0 [ 17.436028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.436078] kthread+0x328/0x630 [ 17.436122] ret_from_fork+0x10/0x20 [ 17.436170] [ 17.436191] The buggy address belongs to the physical page: [ 17.436514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 17.436609] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.436748] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.436865] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.436970] page dumped because: kasan: bad access detected [ 17.437258] [ 17.437374] Memory state around the buggy address: [ 17.437564] fff00000c7897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.437612] fff00000c7897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.437709] >fff00000c7898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.437874] ^ [ 17.437975] fff00000c7898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.438018] fff00000c7898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.438056] ================================================================== [ 17.401591] ================================================================== [ 17.401676] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.401731] Free of addr fff00000c7025500 by task kunit_try_catch/235 [ 17.402207] [ 17.402241] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.402561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.402589] Hardware name: linux,dummy-virt (DT) [ 17.402622] Call trace: [ 17.402645] show_stack+0x20/0x38 (C) [ 17.403090] dump_stack_lvl+0x8c/0xd0 [ 17.403226] print_report+0x118/0x5d0 [ 17.403333] kasan_report_invalid_free+0xc0/0xe8 [ 17.403384] check_slab_allocation+0xd4/0x108 [ 17.403434] __kasan_mempool_poison_object+0x78/0x150 [ 17.403493] mempool_free+0x28c/0x328 [ 17.403542] mempool_double_free_helper+0x150/0x2e8 [ 17.403589] mempool_kmalloc_double_free+0xc0/0x118 [ 17.403638] kunit_try_run_case+0x170/0x3f0 [ 17.403695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.403747] kthread+0x328/0x630 [ 17.403789] ret_from_fork+0x10/0x20 [ 17.404079] [ 17.404334] Allocated by task 235: [ 17.404437] kasan_save_stack+0x3c/0x68 [ 17.404521] kasan_save_track+0x20/0x40 [ 17.404597] kasan_save_alloc_info+0x40/0x58 [ 17.404681] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.404736] remove_element+0x130/0x1f8 [ 17.404769] mempool_alloc_preallocated+0x58/0xc0 [ 17.404807] mempool_double_free_helper+0x94/0x2e8 [ 17.404844] mempool_kmalloc_double_free+0xc0/0x118 [ 17.404884] kunit_try_run_case+0x170/0x3f0 [ 17.404922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.404999] kthread+0x328/0x630 [ 17.405032] ret_from_fork+0x10/0x20 [ 17.405113] [ 17.405208] Freed by task 235: [ 17.405301] kasan_save_stack+0x3c/0x68 [ 17.405339] kasan_save_track+0x20/0x40 [ 17.405421] kasan_save_free_info+0x4c/0x78 [ 17.405461] __kasan_mempool_poison_object+0xc0/0x150 [ 17.405548] mempool_free+0x28c/0x328 [ 17.405882] mempool_double_free_helper+0x100/0x2e8 [ 17.406168] mempool_kmalloc_double_free+0xc0/0x118 [ 17.406210] kunit_try_run_case+0x170/0x3f0 [ 17.406249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.406293] kthread+0x328/0x630 [ 17.406703] ret_from_fork+0x10/0x20 [ 17.406754] [ 17.407194] The buggy address belongs to the object at fff00000c7025500 [ 17.407194] which belongs to the cache kmalloc-128 of size 128 [ 17.407263] The buggy address is located 0 bytes inside of [ 17.407263] 128-byte region [fff00000c7025500, fff00000c7025580) [ 17.407324] [ 17.407354] The buggy address belongs to the physical page: [ 17.407465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 17.407589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.407648] page_type: f5(slab) [ 17.407840] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.408000] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.408166] page dumped because: kasan: bad access detected [ 17.408270] [ 17.408309] Memory state around the buggy address: [ 17.408390] fff00000c7025400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.408433] fff00000c7025480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.408494] >fff00000c7025500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.408637] ^ [ 17.408674] fff00000c7025580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.408809] fff00000c7025600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.408847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.387785] ================================================================== [ 17.387878] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.387938] Read of size 1 at addr fff00000c7898000 by task kunit_try_catch/233 [ 17.387988] [ 17.388024] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.388306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.388405] Hardware name: linux,dummy-virt (DT) [ 17.388574] Call trace: [ 17.388659] show_stack+0x20/0x38 (C) [ 17.388786] dump_stack_lvl+0x8c/0xd0 [ 17.388834] print_report+0x118/0x5d0 [ 17.388881] kasan_report+0xdc/0x128 [ 17.388925] __asan_report_load1_noabort+0x20/0x30 [ 17.388980] mempool_uaf_helper+0x314/0x340 [ 17.389034] mempool_page_alloc_uaf+0xc0/0x118 [ 17.389271] kunit_try_run_case+0x170/0x3f0 [ 17.389474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.389602] kthread+0x328/0x630 [ 17.389644] ret_from_fork+0x10/0x20 [ 17.390073] [ 17.390109] The buggy address belongs to the physical page: [ 17.390389] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 17.390679] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.390745] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.390796] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.390945] page dumped because: kasan: bad access detected [ 17.391261] [ 17.391418] Memory state around the buggy address: [ 17.391454] fff00000c7897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.391592] fff00000c7897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.391692] >fff00000c7898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.391778] ^ [ 17.391821] fff00000c7898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.391943] fff00000c7898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.391986] ================================================================== [ 17.345874] ================================================================== [ 17.345953] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.346017] Read of size 1 at addr fff00000c7898000 by task kunit_try_catch/229 [ 17.346068] [ 17.346106] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.346192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.346220] Hardware name: linux,dummy-virt (DT) [ 17.346253] Call trace: [ 17.346277] show_stack+0x20/0x38 (C) [ 17.346327] dump_stack_lvl+0x8c/0xd0 [ 17.346375] print_report+0x118/0x5d0 [ 17.346423] kasan_report+0xdc/0x128 [ 17.346468] __asan_report_load1_noabort+0x20/0x30 [ 17.346519] mempool_uaf_helper+0x314/0x340 [ 17.346564] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.346613] kunit_try_run_case+0x170/0x3f0 [ 17.346675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.346728] kthread+0x328/0x630 [ 17.346771] ret_from_fork+0x10/0x20 [ 17.346819] [ 17.346841] The buggy address belongs to the physical page: [ 17.346876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107898 [ 17.346932] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.346980] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.347065] page_type: f8(unknown) [ 17.347128] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.347177] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.347228] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.347276] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.347324] head: 0bfffe0000000002 ffffc1ffc31e2601 00000000ffffffff 00000000ffffffff [ 17.347373] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.347414] page dumped because: kasan: bad access detected [ 17.347446] [ 17.347464] Memory state around the buggy address: [ 17.347496] fff00000c7897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.347537] fff00000c7897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.347579] >fff00000c7898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.347617] ^ [ 17.347646] fff00000c7898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.347697] fff00000c7898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.347736] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.358689] ================================================================== [ 17.359124] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.359181] Read of size 1 at addr fff00000c78ad240 by task kunit_try_catch/231 [ 17.359231] [ 17.359381] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.359541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.359569] Hardware name: linux,dummy-virt (DT) [ 17.359599] Call trace: [ 17.359622] show_stack+0x20/0x38 (C) [ 17.359679] dump_stack_lvl+0x8c/0xd0 [ 17.359735] print_report+0x118/0x5d0 [ 17.359781] kasan_report+0xdc/0x128 [ 17.359825] __asan_report_load1_noabort+0x20/0x30 [ 17.359874] mempool_uaf_helper+0x314/0x340 [ 17.360152] mempool_slab_uaf+0xc0/0x118 [ 17.360210] kunit_try_run_case+0x170/0x3f0 [ 17.360257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.360759] kthread+0x328/0x630 [ 17.360824] ret_from_fork+0x10/0x20 [ 17.360874] [ 17.360893] Allocated by task 231: [ 17.360935] kasan_save_stack+0x3c/0x68 [ 17.360979] kasan_save_track+0x20/0x40 [ 17.361017] kasan_save_alloc_info+0x40/0x58 [ 17.361411] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.361610] remove_element+0x16c/0x1f8 [ 17.361684] mempool_alloc_preallocated+0x58/0xc0 [ 17.361734] mempool_uaf_helper+0xa4/0x340 [ 17.361844] mempool_slab_uaf+0xc0/0x118 [ 17.361879] kunit_try_run_case+0x170/0x3f0 [ 17.361918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.361963] kthread+0x328/0x630 [ 17.361994] ret_from_fork+0x10/0x20 [ 17.362158] [ 17.362182] Freed by task 231: [ 17.362423] kasan_save_stack+0x3c/0x68 [ 17.362466] kasan_save_track+0x20/0x40 [ 17.362511] kasan_save_free_info+0x4c/0x78 [ 17.362609] __kasan_mempool_poison_object+0xc0/0x150 [ 17.362742] mempool_free+0x28c/0x328 [ 17.362794] mempool_uaf_helper+0x104/0x340 [ 17.362842] mempool_slab_uaf+0xc0/0x118 [ 17.363106] kunit_try_run_case+0x170/0x3f0 [ 17.363299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.363349] kthread+0x328/0x630 [ 17.363381] ret_from_fork+0x10/0x20 [ 17.363416] [ 17.363469] The buggy address belongs to the object at fff00000c78ad240 [ 17.363469] which belongs to the cache test_cache of size 123 [ 17.363554] The buggy address is located 0 bytes inside of [ 17.363554] freed 123-byte region [fff00000c78ad240, fff00000c78ad2bb) [ 17.363775] [ 17.363797] The buggy address belongs to the physical page: [ 17.363948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ad [ 17.364231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.364283] page_type: f5(slab) [ 17.364323] raw: 0bfffe0000000000 fff00000c700b500 dead000000000122 0000000000000000 [ 17.364617] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.364739] page dumped because: kasan: bad access detected [ 17.364774] [ 17.364792] Memory state around the buggy address: [ 17.364882] fff00000c78ad100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.364925] fff00000c78ad180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.364967] >fff00000c78ad200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.365010] ^ [ 17.365045] fff00000c78ad280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.365088] fff00000c78ad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.365126] ================================================================== [ 17.310401] ================================================================== [ 17.310485] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.310555] Read of size 1 at addr fff00000c7001500 by task kunit_try_catch/227 [ 17.310610] [ 17.310649] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.310753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.310781] Hardware name: linux,dummy-virt (DT) [ 17.310813] Call trace: [ 17.310838] show_stack+0x20/0x38 (C) [ 17.310890] dump_stack_lvl+0x8c/0xd0 [ 17.310941] print_report+0x118/0x5d0 [ 17.310988] kasan_report+0xdc/0x128 [ 17.311046] __asan_report_load1_noabort+0x20/0x30 [ 17.311097] mempool_uaf_helper+0x314/0x340 [ 17.311143] mempool_kmalloc_uaf+0xc4/0x120 [ 17.311188] kunit_try_run_case+0x170/0x3f0 [ 17.311239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.311291] kthread+0x328/0x630 [ 17.311334] ret_from_fork+0x10/0x20 [ 17.311383] [ 17.311402] Allocated by task 227: [ 17.311432] kasan_save_stack+0x3c/0x68 [ 17.311476] kasan_save_track+0x20/0x40 [ 17.311515] kasan_save_alloc_info+0x40/0x58 [ 17.311556] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.311601] remove_element+0x130/0x1f8 [ 17.311637] mempool_alloc_preallocated+0x58/0xc0 [ 17.311689] mempool_uaf_helper+0xa4/0x340 [ 17.311726] mempool_kmalloc_uaf+0xc4/0x120 [ 17.311764] kunit_try_run_case+0x170/0x3f0 [ 17.311800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.311844] kthread+0x328/0x630 [ 17.311875] ret_from_fork+0x10/0x20 [ 17.311911] [ 17.311929] Freed by task 227: [ 17.311957] kasan_save_stack+0x3c/0x68 [ 17.311996] kasan_save_track+0x20/0x40 [ 17.312033] kasan_save_free_info+0x4c/0x78 [ 17.312072] __kasan_mempool_poison_object+0xc0/0x150 [ 17.312114] mempool_free+0x28c/0x328 [ 17.312148] mempool_uaf_helper+0x104/0x340 [ 17.312185] mempool_kmalloc_uaf+0xc4/0x120 [ 17.312224] kunit_try_run_case+0x170/0x3f0 [ 17.312265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.312308] kthread+0x328/0x630 [ 17.312343] ret_from_fork+0x10/0x20 [ 17.312385] [ 17.312406] The buggy address belongs to the object at fff00000c7001500 [ 17.312406] which belongs to the cache kmalloc-128 of size 128 [ 17.312466] The buggy address is located 0 bytes inside of [ 17.312466] freed 128-byte region [fff00000c7001500, fff00000c7001580) [ 17.312524] [ 17.312545] The buggy address belongs to the physical page: [ 17.312578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107001 [ 17.312632] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.312695] page_type: f5(slab) [ 17.312737] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.312786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.312827] page dumped because: kasan: bad access detected [ 17.312858] [ 17.312876] Memory state around the buggy address: [ 17.312909] fff00000c7001400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.312951] fff00000c7001480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.312993] >fff00000c7001500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.313031] ^ [ 17.313059] fff00000c7001580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.313100] fff00000c7001600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.313139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.246644] ================================================================== [ 17.246737] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.246798] Read of size 1 at addr fff00000c7822001 by task kunit_try_catch/223 [ 17.246851] [ 17.246886] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.246968] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.246994] Hardware name: linux,dummy-virt (DT) [ 17.247050] Call trace: [ 17.247076] show_stack+0x20/0x38 (C) [ 17.247126] dump_stack_lvl+0x8c/0xd0 [ 17.247174] print_report+0x118/0x5d0 [ 17.247222] kasan_report+0xdc/0x128 [ 17.247270] __asan_report_load1_noabort+0x20/0x30 [ 17.247320] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.247369] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.247419] kunit_try_run_case+0x170/0x3f0 [ 17.247469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.247519] kthread+0x328/0x630 [ 17.247561] ret_from_fork+0x10/0x20 [ 17.247608] [ 17.247628] The buggy address belongs to the physical page: [ 17.247673] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107820 [ 17.247727] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.247773] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.247828] page_type: f8(unknown) [ 17.247870] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.247921] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.247969] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.248017] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.248065] head: 0bfffe0000000002 ffffc1ffc31e0801 00000000ffffffff 00000000ffffffff [ 17.248114] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.248154] page dumped because: kasan: bad access detected [ 17.248185] [ 17.248203] Memory state around the buggy address: [ 17.248235] fff00000c7821f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.248278] fff00000c7821f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.248320] >fff00000c7822000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.248358] ^ [ 17.248392] fff00000c7822080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.248434] fff00000c7822100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.248471] ================================================================== [ 17.275878] ================================================================== [ 17.275957] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.276022] Read of size 1 at addr fff00000c780f2bb by task kunit_try_catch/225 [ 17.276073] [ 17.276110] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.276193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.276221] Hardware name: linux,dummy-virt (DT) [ 17.276254] Call trace: [ 17.276282] show_stack+0x20/0x38 (C) [ 17.276331] dump_stack_lvl+0x8c/0xd0 [ 17.276385] print_report+0x118/0x5d0 [ 17.276432] kasan_report+0xdc/0x128 [ 17.276479] __asan_report_load1_noabort+0x20/0x30 [ 17.276532] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.276581] mempool_slab_oob_right+0xc0/0x118 [ 17.276629] kunit_try_run_case+0x170/0x3f0 [ 17.276691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.276743] kthread+0x328/0x630 [ 17.276787] ret_from_fork+0x10/0x20 [ 17.276836] [ 17.276855] Allocated by task 225: [ 17.276886] kasan_save_stack+0x3c/0x68 [ 17.276927] kasan_save_track+0x20/0x40 [ 17.276964] kasan_save_alloc_info+0x40/0x58 [ 17.277005] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.277046] remove_element+0x16c/0x1f8 [ 17.277084] mempool_alloc_preallocated+0x58/0xc0 [ 17.277126] mempool_oob_right_helper+0x98/0x2f0 [ 17.277165] mempool_slab_oob_right+0xc0/0x118 [ 17.277203] kunit_try_run_case+0x170/0x3f0 [ 17.277241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.277282] kthread+0x328/0x630 [ 17.277315] ret_from_fork+0x10/0x20 [ 17.277351] [ 17.277371] The buggy address belongs to the object at fff00000c780f240 [ 17.277371] which belongs to the cache test_cache of size 123 [ 17.277428] The buggy address is located 0 bytes to the right of [ 17.277428] allocated 123-byte region [fff00000c780f240, fff00000c780f2bb) [ 17.277491] [ 17.277512] The buggy address belongs to the physical page: [ 17.277544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10780f [ 17.277597] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.277648] page_type: f5(slab) [ 17.277696] raw: 0bfffe0000000000 fff00000c4370c80 dead000000000122 0000000000000000 [ 17.277746] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.277787] page dumped because: kasan: bad access detected [ 17.277818] [ 17.277836] Memory state around the buggy address: [ 17.277870] fff00000c780f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.277913] fff00000c780f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.277955] >fff00000c780f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.277993] ^ [ 17.278027] fff00000c780f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.278068] fff00000c780f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.278107] ================================================================== [ 17.215344] ================================================================== [ 17.215445] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.215524] Read of size 1 at addr fff00000c7001173 by task kunit_try_catch/221 [ 17.215578] [ 17.215623] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.215727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.215754] Hardware name: linux,dummy-virt (DT) [ 17.215789] Call trace: [ 17.215814] show_stack+0x20/0x38 (C) [ 17.215868] dump_stack_lvl+0x8c/0xd0 [ 17.215921] print_report+0x118/0x5d0 [ 17.215967] kasan_report+0xdc/0x128 [ 17.216013] __asan_report_load1_noabort+0x20/0x30 [ 17.216062] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.216111] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.216160] kunit_try_run_case+0x170/0x3f0 [ 17.216211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.216264] kthread+0x328/0x630 [ 17.216306] ret_from_fork+0x10/0x20 [ 17.216356] [ 17.216375] Allocated by task 221: [ 17.216408] kasan_save_stack+0x3c/0x68 [ 17.216452] kasan_save_track+0x20/0x40 [ 17.216491] kasan_save_alloc_info+0x40/0x58 [ 17.216531] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.216574] remove_element+0x130/0x1f8 [ 17.216611] mempool_alloc_preallocated+0x58/0xc0 [ 17.216650] mempool_oob_right_helper+0x98/0x2f0 [ 17.216699] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.216737] kunit_try_run_case+0x170/0x3f0 [ 17.216776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.216819] kthread+0x328/0x630 [ 17.216851] ret_from_fork+0x10/0x20 [ 17.216887] [ 17.216908] The buggy address belongs to the object at fff00000c7001100 [ 17.216908] which belongs to the cache kmalloc-128 of size 128 [ 17.216966] The buggy address is located 0 bytes to the right of [ 17.216966] allocated 115-byte region [fff00000c7001100, fff00000c7001173) [ 17.217029] [ 17.217051] The buggy address belongs to the physical page: [ 17.217084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107001 [ 17.217141] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.217198] page_type: f5(slab) [ 17.217245] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.217297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.217340] page dumped because: kasan: bad access detected [ 17.217373] [ 17.217392] Memory state around the buggy address: [ 17.217427] fff00000c7001000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.217471] fff00000c7001080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.217514] >fff00000c7001100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.217553] ^ [ 17.217595] fff00000c7001180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.217638] fff00000c7001200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.217685] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.380337] ================================================================== [ 16.380449] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.380727] Read of size 1 at addr fff00000c7017000 by task kunit_try_catch/213 [ 16.380882] [ 16.381010] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.381180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.381316] Hardware name: linux,dummy-virt (DT) [ 16.381452] Call trace: [ 16.381507] show_stack+0x20/0x38 (C) [ 16.381559] dump_stack_lvl+0x8c/0xd0 [ 16.381614] print_report+0x118/0x5d0 [ 16.381744] kasan_report+0xdc/0x128 [ 16.381889] __asan_report_load1_noabort+0x20/0x30 [ 16.382134] kmem_cache_rcu_uaf+0x388/0x468 [ 16.382182] kunit_try_run_case+0x170/0x3f0 [ 16.382232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.382283] kthread+0x328/0x630 [ 16.382327] ret_from_fork+0x10/0x20 [ 16.382376] [ 16.382394] Allocated by task 213: [ 16.382424] kasan_save_stack+0x3c/0x68 [ 16.382464] kasan_save_track+0x20/0x40 [ 16.382501] kasan_save_alloc_info+0x40/0x58 [ 16.382539] __kasan_slab_alloc+0xa8/0xb0 [ 16.382576] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.382623] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.382987] kunit_try_run_case+0x170/0x3f0 [ 16.383081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.383321] kthread+0x328/0x630 [ 16.383366] ret_from_fork+0x10/0x20 [ 16.383442] [ 16.383464] Freed by task 0: [ 16.383939] kasan_save_stack+0x3c/0x68 [ 16.384272] kasan_save_track+0x20/0x40 [ 16.384318] kasan_save_free_info+0x4c/0x78 [ 16.384782] __kasan_slab_free+0x6c/0x98 [ 16.384828] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.384871] rcu_core+0x9f4/0x1e20 [ 16.384909] rcu_core_si+0x18/0x30 [ 16.384942] handle_softirqs+0x374/0xb28 [ 16.384980] __do_softirq+0x1c/0x28 [ 16.385013] [ 16.385033] Last potentially related work creation: [ 16.385061] kasan_save_stack+0x3c/0x68 [ 16.385098] kasan_record_aux_stack+0xb4/0xc8 [ 16.385138] kmem_cache_free+0x120/0x468 [ 16.385176] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.385211] kunit_try_run_case+0x170/0x3f0 [ 16.385249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.385291] kthread+0x328/0x630 [ 16.385322] ret_from_fork+0x10/0x20 [ 16.385371] [ 16.385390] The buggy address belongs to the object at fff00000c7017000 [ 16.385390] which belongs to the cache test_cache of size 200 [ 16.385450] The buggy address is located 0 bytes inside of [ 16.385450] freed 200-byte region [fff00000c7017000, fff00000c70170c8) [ 16.385762] [ 16.385788] The buggy address belongs to the physical page: [ 16.385823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107017 [ 16.385883] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.386565] page_type: f5(slab) [ 16.386864] raw: 0bfffe0000000000 fff00000c700b280 dead000000000122 0000000000000000 [ 16.386917] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.386959] page dumped because: kasan: bad access detected [ 16.387398] [ 16.387452] Memory state around the buggy address: [ 16.387490] fff00000c7016f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.387599] fff00000c7016f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.387699] >fff00000c7017000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.387737] ^ [ 16.387767] fff00000c7017080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.387810] fff00000c7017100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388031] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 15.906328] ================================================================== [ 15.906400] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 15.906605] Free of addr fff00000c701a001 by task kunit_try_catch/211 [ 15.906659] [ 15.906942] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.907466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.907650] Hardware name: linux,dummy-virt (DT) [ 15.907716] Call trace: [ 15.907825] show_stack+0x20/0x38 (C) [ 15.907913] dump_stack_lvl+0x8c/0xd0 [ 15.907970] print_report+0x118/0x5d0 [ 15.908016] kasan_report_invalid_free+0xc0/0xe8 [ 15.908098] check_slab_allocation+0xfc/0x108 [ 15.908148] __kasan_slab_pre_free+0x2c/0x48 [ 15.908214] kmem_cache_free+0xf0/0x468 [ 15.908263] kmem_cache_invalid_free+0x184/0x3c8 [ 15.908311] kunit_try_run_case+0x170/0x3f0 [ 15.908362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.908460] kthread+0x328/0x630 [ 15.908502] ret_from_fork+0x10/0x20 [ 15.908559] [ 15.908579] Allocated by task 211: [ 15.908607] kasan_save_stack+0x3c/0x68 [ 15.908649] kasan_save_track+0x20/0x40 [ 15.908706] kasan_save_alloc_info+0x40/0x58 [ 15.908746] __kasan_slab_alloc+0xa8/0xb0 [ 15.908788] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.908843] kmem_cache_invalid_free+0x12c/0x3c8 [ 15.908891] kunit_try_run_case+0x170/0x3f0 [ 15.908929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.908970] kthread+0x328/0x630 [ 15.909003] ret_from_fork+0x10/0x20 [ 15.909037] [ 15.909057] The buggy address belongs to the object at fff00000c701a000 [ 15.909057] which belongs to the cache test_cache of size 200 [ 15.909114] The buggy address is located 1 bytes inside of [ 15.909114] 200-byte region [fff00000c701a000, fff00000c701a0c8) [ 15.909174] [ 15.909205] The buggy address belongs to the physical page: [ 15.909249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10701a [ 15.909313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.909363] page_type: f5(slab) [ 15.909420] raw: 0bfffe0000000000 fff00000c700b140 dead000000000122 0000000000000000 [ 15.909475] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.909524] page dumped because: kasan: bad access detected [ 15.909555] [ 15.909578] Memory state around the buggy address: [ 15.909611] fff00000c7019f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.910064] fff00000c7019f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.910404] >fff00000c701a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.910470] ^ [ 15.910539] fff00000c701a080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.910654] fff00000c701a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.910943] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 15.878095] ================================================================== [ 15.878177] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 15.878316] Free of addr fff00000c701b000 by task kunit_try_catch/209 [ 15.878382] [ 15.878630] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.878937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.879084] Hardware name: linux,dummy-virt (DT) [ 15.879242] Call trace: [ 15.879324] show_stack+0x20/0x38 (C) [ 15.879523] dump_stack_lvl+0x8c/0xd0 [ 15.879576] print_report+0x118/0x5d0 [ 15.879650] kasan_report_invalid_free+0xc0/0xe8 [ 15.880155] check_slab_allocation+0xd4/0x108 [ 15.880257] __kasan_slab_pre_free+0x2c/0x48 [ 15.880372] kmem_cache_free+0xf0/0x468 [ 15.880484] kmem_cache_double_free+0x190/0x3c8 [ 15.880637] kunit_try_run_case+0x170/0x3f0 [ 15.881076] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.881150] kthread+0x328/0x630 [ 15.881228] ret_from_fork+0x10/0x20 [ 15.881321] [ 15.881342] Allocated by task 209: [ 15.881377] kasan_save_stack+0x3c/0x68 [ 15.881429] kasan_save_track+0x20/0x40 [ 15.881467] kasan_save_alloc_info+0x40/0x58 [ 15.881512] __kasan_slab_alloc+0xa8/0xb0 [ 15.881550] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.881588] kmem_cache_double_free+0x12c/0x3c8 [ 15.881626] kunit_try_run_case+0x170/0x3f0 [ 15.881675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.881718] kthread+0x328/0x630 [ 15.881749] ret_from_fork+0x10/0x20 [ 15.881797] [ 15.881816] Freed by task 209: [ 15.881843] kasan_save_stack+0x3c/0x68 [ 15.881880] kasan_save_track+0x20/0x40 [ 15.881927] kasan_save_free_info+0x4c/0x78 [ 15.881966] __kasan_slab_free+0x6c/0x98 [ 15.882002] kmem_cache_free+0x260/0x468 [ 15.882039] kmem_cache_double_free+0x140/0x3c8 [ 15.882077] kunit_try_run_case+0x170/0x3f0 [ 15.882114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.882157] kthread+0x328/0x630 [ 15.882189] ret_from_fork+0x10/0x20 [ 15.882222] [ 15.882244] The buggy address belongs to the object at fff00000c701b000 [ 15.882244] which belongs to the cache test_cache of size 200 [ 15.882324] The buggy address is located 0 bytes inside of [ 15.882324] 200-byte region [fff00000c701b000, fff00000c701b0c8) [ 15.882393] [ 15.882415] The buggy address belongs to the physical page: [ 15.882448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10701b [ 15.882515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.882580] page_type: f5(slab) [ 15.882639] raw: 0bfffe0000000000 fff00000c700b000 dead000000000122 0000000000000000 [ 15.883118] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.883170] page dumped because: kasan: bad access detected [ 15.883652] [ 15.883978] Memory state around the buggy address: [ 15.884141] fff00000c701af00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.884198] fff00000c701af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.884280] >fff00000c701b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.884603] ^ [ 15.884701] fff00000c701b080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 15.884807] fff00000c701b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.884885] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.718827] ================================================================== [ 15.718891] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.718968] Read of size 1 at addr fff00000c700b0c8 by task kunit_try_catch/207 [ 15.719019] [ 15.719073] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.719158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.719184] Hardware name: linux,dummy-virt (DT) [ 15.719216] Call trace: [ 15.719238] show_stack+0x20/0x38 (C) [ 15.719290] dump_stack_lvl+0x8c/0xd0 [ 15.719338] print_report+0x118/0x5d0 [ 15.719384] kasan_report+0xdc/0x128 [ 15.719431] __asan_report_load1_noabort+0x20/0x30 [ 15.719482] kmem_cache_oob+0x344/0x430 [ 15.719526] kunit_try_run_case+0x170/0x3f0 [ 15.719573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.719625] kthread+0x328/0x630 [ 15.719678] ret_from_fork+0x10/0x20 [ 15.719727] [ 15.719746] Allocated by task 207: [ 15.719773] kasan_save_stack+0x3c/0x68 [ 15.719812] kasan_save_track+0x20/0x40 [ 15.719859] kasan_save_alloc_info+0x40/0x58 [ 15.720135] __kasan_slab_alloc+0xa8/0xb0 [ 15.720283] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.720395] kmem_cache_oob+0x12c/0x430 [ 15.720555] kunit_try_run_case+0x170/0x3f0 [ 15.720595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.720638] kthread+0x328/0x630 [ 15.720680] ret_from_fork+0x10/0x20 [ 15.720716] [ 15.720736] The buggy address belongs to the object at fff00000c700b000 [ 15.720736] which belongs to the cache test_cache of size 200 [ 15.720938] The buggy address is located 0 bytes to the right of [ 15.720938] allocated 200-byte region [fff00000c700b000, fff00000c700b0c8) [ 15.721005] [ 15.721025] The buggy address belongs to the physical page: [ 15.721090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10700b [ 15.721153] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.721218] page_type: f5(slab) [ 15.721278] raw: 0bfffe0000000000 fff00000c1b5fdc0 dead000000000122 0000000000000000 [ 15.721412] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.721553] page dumped because: kasan: bad access detected [ 15.721633] [ 15.721726] Memory state around the buggy address: [ 15.721868] fff00000c700af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.721982] fff00000c700b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.722100] >fff00000c700b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.722138] ^ [ 15.722220] fff00000c700b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.722555] fff00000c700b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.722655] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.658225] ================================================================== [ 15.659536] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.660011] Read of size 8 at addr fff00000c700ffc0 by task kunit_try_catch/200 [ 15.660251] [ 15.660394] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.660497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.660524] Hardware name: linux,dummy-virt (DT) [ 15.661116] Call trace: [ 15.661383] show_stack+0x20/0x38 (C) [ 15.661439] dump_stack_lvl+0x8c/0xd0 [ 15.661487] print_report+0x118/0x5d0 [ 15.661535] kasan_report+0xdc/0x128 [ 15.662628] __asan_report_load8_noabort+0x20/0x30 [ 15.663304] workqueue_uaf+0x480/0x4a8 [ 15.664294] kunit_try_run_case+0x170/0x3f0 [ 15.664592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.664703] kthread+0x328/0x630 [ 15.665469] ret_from_fork+0x10/0x20 [ 15.665828] [ 15.665848] Allocated by task 200: [ 15.665930] kasan_save_stack+0x3c/0x68 [ 15.666337] kasan_save_track+0x20/0x40 [ 15.666657] kasan_save_alloc_info+0x40/0x58 [ 15.667110] __kasan_kmalloc+0xd4/0xd8 [ 15.667311] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.667364] workqueue_uaf+0x13c/0x4a8 [ 15.667805] kunit_try_run_case+0x170/0x3f0 [ 15.668575] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.668959] kthread+0x328/0x630 [ 15.669267] ret_from_fork+0x10/0x20 [ 15.669791] [ 15.669840] Freed by task 9: [ 15.670064] kasan_save_stack+0x3c/0x68 [ 15.670453] kasan_save_track+0x20/0x40 [ 15.670617] kasan_save_free_info+0x4c/0x78 [ 15.670832] __kasan_slab_free+0x6c/0x98 [ 15.671099] kfree+0x214/0x3c8 [ 15.671753] workqueue_uaf_work+0x18/0x30 [ 15.672768] process_one_work+0x530/0xf98 [ 15.672865] worker_thread+0x618/0xf38 [ 15.672902] kthread+0x328/0x630 [ 15.672940] ret_from_fork+0x10/0x20 [ 15.672978] [ 15.673026] Last potentially related work creation: [ 15.673559] kasan_save_stack+0x3c/0x68 [ 15.673611] kasan_record_aux_stack+0xb4/0xc8 [ 15.673652] __queue_work+0x65c/0x1008 [ 15.673861] queue_work_on+0xbc/0xf8 [ 15.673900] workqueue_uaf+0x210/0x4a8 [ 15.673935] kunit_try_run_case+0x170/0x3f0 [ 15.674091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.674148] kthread+0x328/0x630 [ 15.674180] ret_from_fork+0x10/0x20 [ 15.674501] [ 15.674702] The buggy address belongs to the object at fff00000c700ffc0 [ 15.674702] which belongs to the cache kmalloc-32 of size 32 [ 15.675366] The buggy address is located 0 bytes inside of [ 15.675366] freed 32-byte region [fff00000c700ffc0, fff00000c700ffe0) [ 15.675444] [ 15.675468] The buggy address belongs to the physical page: [ 15.675501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10700f [ 15.676121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.676222] page_type: f5(slab) [ 15.676869] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.677028] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 15.677523] page dumped because: kasan: bad access detected [ 15.678005] [ 15.678057] Memory state around the buggy address: [ 15.678095] fff00000c700fe80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.678743] fff00000c700ff00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.678869] >fff00000c700ff80: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.679075] ^ [ 15.679115] fff00000c7010000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.679612] fff00000c7010080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.680003] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.549065] ================================================================== [ 15.549124] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.549228] Read of size 1 at addr fff00000c7025000 by task kunit_try_catch/196 [ 15.549280] [ 15.549312] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.549393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.549419] Hardware name: linux,dummy-virt (DT) [ 15.549450] Call trace: [ 15.549475] show_stack+0x20/0x38 (C) [ 15.549530] dump_stack_lvl+0x8c/0xd0 [ 15.549695] print_report+0x118/0x5d0 [ 15.549741] kasan_report+0xdc/0x128 [ 15.549872] __kasan_check_byte+0x54/0x70 [ 15.550181] ksize+0x30/0x88 [ 15.550503] ksize_uaf+0x168/0x5f8 [ 15.550809] kunit_try_run_case+0x170/0x3f0 [ 15.551204] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.551275] kthread+0x328/0x630 [ 15.551375] ret_from_fork+0x10/0x20 [ 15.551590] [ 15.551611] Allocated by task 196: [ 15.551802] kasan_save_stack+0x3c/0x68 [ 15.551951] kasan_save_track+0x20/0x40 [ 15.552004] kasan_save_alloc_info+0x40/0x58 [ 15.552075] __kasan_kmalloc+0xd4/0xd8 [ 15.552112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.552154] ksize_uaf+0xb8/0x5f8 [ 15.552188] kunit_try_run_case+0x170/0x3f0 [ 15.552226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.552270] kthread+0x328/0x630 [ 15.552302] ret_from_fork+0x10/0x20 [ 15.552340] [ 15.552360] Freed by task 196: [ 15.552392] kasan_save_stack+0x3c/0x68 [ 15.552428] kasan_save_track+0x20/0x40 [ 15.552476] kasan_save_free_info+0x4c/0x78 [ 15.552517] __kasan_slab_free+0x6c/0x98 [ 15.552552] kfree+0x214/0x3c8 [ 15.552830] ksize_uaf+0x11c/0x5f8 [ 15.552980] kunit_try_run_case+0x170/0x3f0 [ 15.553164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.553370] kthread+0x328/0x630 [ 15.553520] ret_from_fork+0x10/0x20 [ 15.553673] [ 15.553694] The buggy address belongs to the object at fff00000c7025000 [ 15.553694] which belongs to the cache kmalloc-128 of size 128 [ 15.553869] The buggy address is located 0 bytes inside of [ 15.553869] freed 128-byte region [fff00000c7025000, fff00000c7025080) [ 15.553946] [ 15.553999] The buggy address belongs to the physical page: [ 15.554150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 15.554224] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.554319] page_type: f5(slab) [ 15.554367] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.554493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.554577] page dumped because: kasan: bad access detected [ 15.554684] [ 15.554704] Memory state around the buggy address: [ 15.554736] fff00000c7024f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.554778] fff00000c7024f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.554856] >fff00000c7025000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.554893] ^ [ 15.554919] fff00000c7025080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.555240] fff00000c7025100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.555316] ================================================================== [ 15.565897] ================================================================== [ 15.565949] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.565997] Read of size 1 at addr fff00000c7025078 by task kunit_try_catch/196 [ 15.566048] [ 15.566076] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.566389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.566511] Hardware name: linux,dummy-virt (DT) [ 15.566783] Call trace: [ 15.566931] show_stack+0x20/0x38 (C) [ 15.567133] dump_stack_lvl+0x8c/0xd0 [ 15.567202] print_report+0x118/0x5d0 [ 15.567249] kasan_report+0xdc/0x128 [ 15.567569] __asan_report_load1_noabort+0x20/0x30 [ 15.567822] ksize_uaf+0x544/0x5f8 [ 15.567879] kunit_try_run_case+0x170/0x3f0 [ 15.567925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.568238] kthread+0x328/0x630 [ 15.568281] ret_from_fork+0x10/0x20 [ 15.568328] [ 15.568346] Allocated by task 196: [ 15.568380] kasan_save_stack+0x3c/0x68 [ 15.568652] kasan_save_track+0x20/0x40 [ 15.568828] kasan_save_alloc_info+0x40/0x58 [ 15.568872] __kasan_kmalloc+0xd4/0xd8 [ 15.568916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.568955] ksize_uaf+0xb8/0x5f8 [ 15.569095] kunit_try_run_case+0x170/0x3f0 [ 15.569381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.569429] kthread+0x328/0x630 [ 15.569713] ret_from_fork+0x10/0x20 [ 15.569884] [ 15.569904] Freed by task 196: [ 15.569931] kasan_save_stack+0x3c/0x68 [ 15.569981] kasan_save_track+0x20/0x40 [ 15.570040] kasan_save_free_info+0x4c/0x78 [ 15.570248] __kasan_slab_free+0x6c/0x98 [ 15.570298] kfree+0x214/0x3c8 [ 15.570523] ksize_uaf+0x11c/0x5f8 [ 15.570564] kunit_try_run_case+0x170/0x3f0 [ 15.570602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.570646] kthread+0x328/0x630 [ 15.570727] ret_from_fork+0x10/0x20 [ 15.570769] [ 15.571074] The buggy address belongs to the object at fff00000c7025000 [ 15.571074] which belongs to the cache kmalloc-128 of size 128 [ 15.571241] The buggy address is located 120 bytes inside of [ 15.571241] freed 128-byte region [fff00000c7025000, fff00000c7025080) [ 15.571302] [ 15.571451] The buggy address belongs to the physical page: [ 15.571484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 15.571551] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.571691] page_type: f5(slab) [ 15.571751] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.571851] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.571960] page dumped because: kasan: bad access detected [ 15.571990] [ 15.572023] Memory state around the buggy address: [ 15.572054] fff00000c7024f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.572097] fff00000c7024f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.572230] >fff00000c7025000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.572538] ^ [ 15.572608] fff00000c7025080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.572652] fff00000c7025100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.572749] ================================================================== [ 15.559074] ================================================================== [ 15.559127] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.559689] Read of size 1 at addr fff00000c7025000 by task kunit_try_catch/196 [ 15.559745] [ 15.559775] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.560003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.560032] Hardware name: linux,dummy-virt (DT) [ 15.560062] Call trace: [ 15.560086] show_stack+0x20/0x38 (C) [ 15.560254] dump_stack_lvl+0x8c/0xd0 [ 15.560302] print_report+0x118/0x5d0 [ 15.560361] kasan_report+0xdc/0x128 [ 15.560473] __asan_report_load1_noabort+0x20/0x30 [ 15.560562] ksize_uaf+0x598/0x5f8 [ 15.560626] kunit_try_run_case+0x170/0x3f0 [ 15.560756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.560810] kthread+0x328/0x630 [ 15.560851] ret_from_fork+0x10/0x20 [ 15.560907] [ 15.560971] Allocated by task 196: [ 15.561051] kasan_save_stack+0x3c/0x68 [ 15.561092] kasan_save_track+0x20/0x40 [ 15.561131] kasan_save_alloc_info+0x40/0x58 [ 15.561169] __kasan_kmalloc+0xd4/0xd8 [ 15.561203] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.561651] ksize_uaf+0xb8/0x5f8 [ 15.561750] kunit_try_run_case+0x170/0x3f0 [ 15.561946] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.562015] kthread+0x328/0x630 [ 15.562049] ret_from_fork+0x10/0x20 [ 15.562085] [ 15.562104] Freed by task 196: [ 15.562167] kasan_save_stack+0x3c/0x68 [ 15.562245] kasan_save_track+0x20/0x40 [ 15.562331] kasan_save_free_info+0x4c/0x78 [ 15.562377] __kasan_slab_free+0x6c/0x98 [ 15.562415] kfree+0x214/0x3c8 [ 15.562448] ksize_uaf+0x11c/0x5f8 [ 15.562486] kunit_try_run_case+0x170/0x3f0 [ 15.562523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.562566] kthread+0x328/0x630 [ 15.562599] ret_from_fork+0x10/0x20 [ 15.562637] [ 15.562656] The buggy address belongs to the object at fff00000c7025000 [ 15.562656] which belongs to the cache kmalloc-128 of size 128 [ 15.562725] The buggy address is located 0 bytes inside of [ 15.562725] freed 128-byte region [fff00000c7025000, fff00000c7025080) [ 15.562784] [ 15.562803] The buggy address belongs to the physical page: [ 15.562834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107025 [ 15.562913] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.563507] page_type: f5(slab) [ 15.563552] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.563603] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.563643] page dumped because: kasan: bad access detected [ 15.564233] [ 15.564268] Memory state around the buggy address: [ 15.564303] fff00000c7024f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.564551] fff00000c7024f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.564598] >fff00000c7025000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.564795] ^ [ 15.565004] fff00000c7025080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.565116] fff00000c7025100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.565193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.529707] ================================================================== [ 15.529754] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.529805] Read of size 1 at addr fff00000c3fc2f78 by task kunit_try_catch/194 [ 15.530145] [ 15.530274] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.530687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.530852] Hardware name: linux,dummy-virt (DT) [ 15.530953] Call trace: [ 15.530975] show_stack+0x20/0x38 (C) [ 15.531041] dump_stack_lvl+0x8c/0xd0 [ 15.531088] print_report+0x118/0x5d0 [ 15.531513] kasan_report+0xdc/0x128 [ 15.531623] __asan_report_load1_noabort+0x20/0x30 [ 15.531733] ksize_unpoisons_memory+0x618/0x740 [ 15.531783] kunit_try_run_case+0x170/0x3f0 [ 15.531888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.531999] kthread+0x328/0x630 [ 15.532041] ret_from_fork+0x10/0x20 [ 15.532090] [ 15.532157] Allocated by task 194: [ 15.532189] kasan_save_stack+0x3c/0x68 [ 15.532427] kasan_save_track+0x20/0x40 [ 15.532484] kasan_save_alloc_info+0x40/0x58 [ 15.532523] __kasan_kmalloc+0xd4/0xd8 [ 15.532560] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.532647] ksize_unpoisons_memory+0xc0/0x740 [ 15.532845] kunit_try_run_case+0x170/0x3f0 [ 15.532881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.532926] kthread+0x328/0x630 [ 15.532958] ret_from_fork+0x10/0x20 [ 15.532994] [ 15.533014] The buggy address belongs to the object at fff00000c3fc2f00 [ 15.533014] which belongs to the cache kmalloc-128 of size 128 [ 15.533109] The buggy address is located 5 bytes to the right of [ 15.533109] allocated 115-byte region [fff00000c3fc2f00, fff00000c3fc2f73) [ 15.533173] [ 15.533221] The buggy address belongs to the physical page: [ 15.533303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.533379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.533427] page_type: f5(slab) [ 15.533554] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.533961] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.534007] page dumped because: kasan: bad access detected [ 15.534355] [ 15.534379] Memory state around the buggy address: [ 15.534520] fff00000c3fc2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.534680] fff00000c3fc2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.534744] >fff00000c3fc2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.534802] ^ [ 15.534932] fff00000c3fc2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.534978] fff00000c3fc3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.535036] ================================================================== [ 15.535976] ================================================================== [ 15.536026] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.536075] Read of size 1 at addr fff00000c3fc2f7f by task kunit_try_catch/194 [ 15.536124] [ 15.536153] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.536233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.536383] Hardware name: linux,dummy-virt (DT) [ 15.536419] Call trace: [ 15.536598] show_stack+0x20/0x38 (C) [ 15.536816] dump_stack_lvl+0x8c/0xd0 [ 15.536865] print_report+0x118/0x5d0 [ 15.536911] kasan_report+0xdc/0x128 [ 15.536956] __asan_report_load1_noabort+0x20/0x30 [ 15.537010] ksize_unpoisons_memory+0x690/0x740 [ 15.537057] kunit_try_run_case+0x170/0x3f0 [ 15.537104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.537156] kthread+0x328/0x630 [ 15.537197] ret_from_fork+0x10/0x20 [ 15.537243] [ 15.537261] Allocated by task 194: [ 15.537290] kasan_save_stack+0x3c/0x68 [ 15.537331] kasan_save_track+0x20/0x40 [ 15.537378] kasan_save_alloc_info+0x40/0x58 [ 15.537419] __kasan_kmalloc+0xd4/0xd8 [ 15.537455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.537549] ksize_unpoisons_memory+0xc0/0x740 [ 15.538055] kunit_try_run_case+0x170/0x3f0 [ 15.538571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.538701] kthread+0x328/0x630 [ 15.538734] ret_from_fork+0x10/0x20 [ 15.538807] [ 15.538828] The buggy address belongs to the object at fff00000c3fc2f00 [ 15.538828] which belongs to the cache kmalloc-128 of size 128 [ 15.538886] The buggy address is located 12 bytes to the right of [ 15.538886] allocated 115-byte region [fff00000c3fc2f00, fff00000c3fc2f73) [ 15.539454] [ 15.539480] The buggy address belongs to the physical page: [ 15.539510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.539564] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.539840] page_type: f5(slab) [ 15.539902] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.540082] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.540151] page dumped because: kasan: bad access detected [ 15.540272] [ 15.540291] Memory state around the buggy address: [ 15.540329] fff00000c3fc2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.540409] fff00000c3fc2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540496] >fff00000c3fc2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.540562] ^ [ 15.540605] fff00000c3fc2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540647] fff00000c3fc3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.540695] ================================================================== [ 15.524871] ================================================================== [ 15.524930] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.525037] Read of size 1 at addr fff00000c3fc2f73 by task kunit_try_catch/194 [ 15.525096] [ 15.525165] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.525246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.525273] Hardware name: linux,dummy-virt (DT) [ 15.525304] Call trace: [ 15.525326] show_stack+0x20/0x38 (C) [ 15.525480] dump_stack_lvl+0x8c/0xd0 [ 15.525528] print_report+0x118/0x5d0 [ 15.525583] kasan_report+0xdc/0x128 [ 15.525703] __asan_report_load1_noabort+0x20/0x30 [ 15.525819] ksize_unpoisons_memory+0x628/0x740 [ 15.525934] kunit_try_run_case+0x170/0x3f0 [ 15.525989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.526041] kthread+0x328/0x630 [ 15.526123] ret_from_fork+0x10/0x20 [ 15.526222] [ 15.526241] Allocated by task 194: [ 15.526406] kasan_save_stack+0x3c/0x68 [ 15.526451] kasan_save_track+0x20/0x40 [ 15.526489] kasan_save_alloc_info+0x40/0x58 [ 15.526555] __kasan_kmalloc+0xd4/0xd8 [ 15.526650] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.526752] ksize_unpoisons_memory+0xc0/0x740 [ 15.526906] kunit_try_run_case+0x170/0x3f0 [ 15.526968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.527095] kthread+0x328/0x630 [ 15.527157] ret_from_fork+0x10/0x20 [ 15.527195] [ 15.527214] The buggy address belongs to the object at fff00000c3fc2f00 [ 15.527214] which belongs to the cache kmalloc-128 of size 128 [ 15.527273] The buggy address is located 0 bytes to the right of [ 15.527273] allocated 115-byte region [fff00000c3fc2f00, fff00000c3fc2f73) [ 15.527338] [ 15.527357] The buggy address belongs to the physical page: [ 15.527631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.527703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.527752] page_type: f5(slab) [ 15.527801] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.527877] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.527918] page dumped because: kasan: bad access detected [ 15.527950] [ 15.528033] Memory state around the buggy address: [ 15.528069] fff00000c3fc2e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.528176] fff00000c3fc2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528253] >fff00000c3fc2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.528292] ^ [ 15.528331] fff00000c3fc2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.528386] fff00000c3fc3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.528480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.492360] ================================================================== [ 15.492434] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.492483] Free of addr fff00000c3fc6200 by task kunit_try_catch/192 [ 15.492524] [ 15.492553] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.492636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.494407] Hardware name: linux,dummy-virt (DT) [ 15.495329] Call trace: [ 15.495386] show_stack+0x20/0x38 (C) [ 15.495822] dump_stack_lvl+0x8c/0xd0 [ 15.497239] print_report+0x118/0x5d0 [ 15.497546] kasan_report_invalid_free+0xc0/0xe8 [ 15.497617] check_slab_allocation+0xd4/0x108 [ 15.497673] __kasan_slab_pre_free+0x2c/0x48 [ 15.497723] kfree+0xe8/0x3c8 [ 15.497766] kfree_sensitive+0x3c/0xb0 [ 15.497809] kmalloc_double_kzfree+0x168/0x308 [ 15.499115] kunit_try_run_case+0x170/0x3f0 [ 15.499288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.499827] kthread+0x328/0x630 [ 15.500491] ret_from_fork+0x10/0x20 [ 15.500652] [ 15.500692] Allocated by task 192: [ 15.501143] kasan_save_stack+0x3c/0x68 [ 15.501250] kasan_save_track+0x20/0x40 [ 15.501652] kasan_save_alloc_info+0x40/0x58 [ 15.502046] __kasan_kmalloc+0xd4/0xd8 [ 15.502263] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.502307] kmalloc_double_kzfree+0xb8/0x308 [ 15.502346] kunit_try_run_case+0x170/0x3f0 [ 15.502777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.502839] kthread+0x328/0x630 [ 15.503432] ret_from_fork+0x10/0x20 [ 15.503513] [ 15.503936] Freed by task 192: [ 15.504003] kasan_save_stack+0x3c/0x68 [ 15.504049] kasan_save_track+0x20/0x40 [ 15.504087] kasan_save_free_info+0x4c/0x78 [ 15.504807] __kasan_slab_free+0x6c/0x98 [ 15.505630] kfree+0x214/0x3c8 [ 15.506304] kfree_sensitive+0x80/0xb0 [ 15.506715] kmalloc_double_kzfree+0x11c/0x308 [ 15.506967] kunit_try_run_case+0x170/0x3f0 [ 15.507006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.507408] kthread+0x328/0x630 [ 15.507537] ret_from_fork+0x10/0x20 [ 15.508096] [ 15.508123] The buggy address belongs to the object at fff00000c3fc6200 [ 15.508123] which belongs to the cache kmalloc-16 of size 16 [ 15.508408] The buggy address is located 0 bytes inside of [ 15.508408] 16-byte region [fff00000c3fc6200, fff00000c3fc6210) [ 15.509179] [ 15.509207] The buggy address belongs to the physical page: [ 15.509335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.509744] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.509798] page_type: f5(slab) [ 15.509838] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.511055] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.511281] page dumped because: kasan: bad access detected [ 15.511314] [ 15.511332] Memory state around the buggy address: [ 15.511366] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.511410] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.511819] >fff00000c3fc6200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512282] ^ [ 15.512400] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.513181] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.513501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.474920] ================================================================== [ 15.474986] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.478202] Read of size 1 at addr fff00000c3fc6200 by task kunit_try_catch/192 [ 15.478709] [ 15.478860] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.479252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.479282] Hardware name: linux,dummy-virt (DT) [ 15.479316] Call trace: [ 15.479340] show_stack+0x20/0x38 (C) [ 15.479390] dump_stack_lvl+0x8c/0xd0 [ 15.479438] print_report+0x118/0x5d0 [ 15.480949] kasan_report+0xdc/0x128 [ 15.481464] __kasan_check_byte+0x54/0x70 [ 15.482039] kfree_sensitive+0x30/0xb0 [ 15.482312] kmalloc_double_kzfree+0x168/0x308 [ 15.482386] kunit_try_run_case+0x170/0x3f0 [ 15.482437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.482489] kthread+0x328/0x630 [ 15.482531] ret_from_fork+0x10/0x20 [ 15.483751] [ 15.483778] Allocated by task 192: [ 15.483904] kasan_save_stack+0x3c/0x68 [ 15.484213] kasan_save_track+0x20/0x40 [ 15.484448] kasan_save_alloc_info+0x40/0x58 [ 15.485075] __kasan_kmalloc+0xd4/0xd8 [ 15.485559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.485685] kmalloc_double_kzfree+0xb8/0x308 [ 15.486009] kunit_try_run_case+0x170/0x3f0 [ 15.486111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.486155] kthread+0x328/0x630 [ 15.486189] ret_from_fork+0x10/0x20 [ 15.486226] [ 15.486785] Freed by task 192: [ 15.486823] kasan_save_stack+0x3c/0x68 [ 15.487043] kasan_save_track+0x20/0x40 [ 15.487095] kasan_save_free_info+0x4c/0x78 [ 15.487136] __kasan_slab_free+0x6c/0x98 [ 15.487174] kfree+0x214/0x3c8 [ 15.487206] kfree_sensitive+0x80/0xb0 [ 15.487243] kmalloc_double_kzfree+0x11c/0x308 [ 15.487281] kunit_try_run_case+0x170/0x3f0 [ 15.487318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.487536] kthread+0x328/0x630 [ 15.487574] ret_from_fork+0x10/0x20 [ 15.487611] [ 15.487739] The buggy address belongs to the object at fff00000c3fc6200 [ 15.487739] which belongs to the cache kmalloc-16 of size 16 [ 15.488247] The buggy address is located 0 bytes inside of [ 15.488247] freed 16-byte region [fff00000c3fc6200, fff00000c3fc6210) [ 15.488339] [ 15.488673] The buggy address belongs to the physical page: [ 15.488714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.489115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.489500] page_type: f5(slab) [ 15.489728] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.489822] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.490027] page dumped because: kasan: bad access detected [ 15.490063] [ 15.490082] Memory state around the buggy address: [ 15.490119] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.490317] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.490360] >fff00000c3fc6200: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.490399] ^ [ 15.490959] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.491025] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.491645] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.444279] ================================================================== [ 15.444438] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.444582] Read of size 1 at addr fff00000c70109a8 by task kunit_try_catch/188 [ 15.444636] [ 15.444679] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.444760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.444895] Hardware name: linux,dummy-virt (DT) [ 15.445062] Call trace: [ 15.445109] show_stack+0x20/0x38 (C) [ 15.445162] dump_stack_lvl+0x8c/0xd0 [ 15.445226] print_report+0x118/0x5d0 [ 15.445302] kasan_report+0xdc/0x128 [ 15.445483] __asan_report_load1_noabort+0x20/0x30 [ 15.445534] kmalloc_uaf2+0x3f4/0x468 [ 15.445677] kunit_try_run_case+0x170/0x3f0 [ 15.445738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.445792] kthread+0x328/0x630 [ 15.445847] ret_from_fork+0x10/0x20 [ 15.445899] [ 15.445917] Allocated by task 188: [ 15.445965] kasan_save_stack+0x3c/0x68 [ 15.446008] kasan_save_track+0x20/0x40 [ 15.446045] kasan_save_alloc_info+0x40/0x58 [ 15.446086] __kasan_kmalloc+0xd4/0xd8 [ 15.446130] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.446169] kmalloc_uaf2+0xc4/0x468 [ 15.446202] kunit_try_run_case+0x170/0x3f0 [ 15.446237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.446282] kthread+0x328/0x630 [ 15.446320] ret_from_fork+0x10/0x20 [ 15.446364] [ 15.446383] Freed by task 188: [ 15.446418] kasan_save_stack+0x3c/0x68 [ 15.446456] kasan_save_track+0x20/0x40 [ 15.446493] kasan_save_free_info+0x4c/0x78 [ 15.446530] __kasan_slab_free+0x6c/0x98 [ 15.446566] kfree+0x214/0x3c8 [ 15.446607] kmalloc_uaf2+0x134/0x468 [ 15.446642] kunit_try_run_case+0x170/0x3f0 [ 15.446689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.446731] kthread+0x328/0x630 [ 15.446761] ret_from_fork+0x10/0x20 [ 15.446796] [ 15.446814] The buggy address belongs to the object at fff00000c7010980 [ 15.446814] which belongs to the cache kmalloc-64 of size 64 [ 15.446872] The buggy address is located 40 bytes inside of [ 15.446872] freed 64-byte region [fff00000c7010980, fff00000c70109c0) [ 15.447254] [ 15.447304] The buggy address belongs to the physical page: [ 15.447341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107010 [ 15.447395] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.447443] page_type: f5(slab) [ 15.447481] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.447716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.447814] page dumped because: kasan: bad access detected [ 15.447909] [ 15.447990] Memory state around the buggy address: [ 15.448110] fff00000c7010880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448167] fff00000c7010900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448379] >fff00000c7010980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.448517] ^ [ 15.448602] fff00000c7010a00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.448690] fff00000c7010a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.448790] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.432875] ================================================================== [ 15.432934] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.432985] Write of size 33 at addr fff00000c7010800 by task kunit_try_catch/186 [ 15.433064] [ 15.433097] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.433177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.433205] Hardware name: linux,dummy-virt (DT) [ 15.433236] Call trace: [ 15.433257] show_stack+0x20/0x38 (C) [ 15.433305] dump_stack_lvl+0x8c/0xd0 [ 15.433351] print_report+0x118/0x5d0 [ 15.433398] kasan_report+0xdc/0x128 [ 15.433454] kasan_check_range+0x100/0x1a8 [ 15.433502] __asan_memset+0x34/0x78 [ 15.433552] kmalloc_uaf_memset+0x170/0x310 [ 15.433597] kunit_try_run_case+0x170/0x3f0 [ 15.433645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.433709] kthread+0x328/0x630 [ 15.433750] ret_from_fork+0x10/0x20 [ 15.433798] [ 15.433816] Allocated by task 186: [ 15.433844] kasan_save_stack+0x3c/0x68 [ 15.433920] kasan_save_track+0x20/0x40 [ 15.433959] kasan_save_alloc_info+0x40/0x58 [ 15.434096] __kasan_kmalloc+0xd4/0xd8 [ 15.434264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.434476] kmalloc_uaf_memset+0xb8/0x310 [ 15.434516] kunit_try_run_case+0x170/0x3f0 [ 15.434552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.434594] kthread+0x328/0x630 [ 15.434625] ret_from_fork+0x10/0x20 [ 15.434671] [ 15.434691] Freed by task 186: [ 15.434718] kasan_save_stack+0x3c/0x68 [ 15.434782] kasan_save_track+0x20/0x40 [ 15.434948] kasan_save_free_info+0x4c/0x78 [ 15.435037] __kasan_slab_free+0x6c/0x98 [ 15.435156] kfree+0x214/0x3c8 [ 15.435234] kmalloc_uaf_memset+0x11c/0x310 [ 15.435320] kunit_try_run_case+0x170/0x3f0 [ 15.435356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.435421] kthread+0x328/0x630 [ 15.435454] ret_from_fork+0x10/0x20 [ 15.435488] [ 15.435508] The buggy address belongs to the object at fff00000c7010800 [ 15.435508] which belongs to the cache kmalloc-64 of size 64 [ 15.435602] The buggy address is located 0 bytes inside of [ 15.435602] freed 64-byte region [fff00000c7010800, fff00000c7010840) [ 15.435804] [ 15.435865] The buggy address belongs to the physical page: [ 15.435960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107010 [ 15.436034] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.436083] page_type: f5(slab) [ 15.436164] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.436243] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.436285] page dumped because: kasan: bad access detected [ 15.436317] [ 15.436336] Memory state around the buggy address: [ 15.436520] fff00000c7010700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.436588] fff00000c7010780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.436743] >fff00000c7010800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.436852] ^ [ 15.436879] fff00000c7010880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436949] fff00000c7010900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.437165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.420932] ================================================================== [ 15.421001] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.421050] Read of size 1 at addr fff00000c3fc61e8 by task kunit_try_catch/184 [ 15.421117] [ 15.421163] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.421246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.421271] Hardware name: linux,dummy-virt (DT) [ 15.421319] Call trace: [ 15.421341] show_stack+0x20/0x38 (C) [ 15.421386] dump_stack_lvl+0x8c/0xd0 [ 15.421432] print_report+0x118/0x5d0 [ 15.421588] kasan_report+0xdc/0x128 [ 15.421646] __asan_report_load1_noabort+0x20/0x30 [ 15.421706] kmalloc_uaf+0x300/0x338 [ 15.421749] kunit_try_run_case+0x170/0x3f0 [ 15.421954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.422029] kthread+0x328/0x630 [ 15.422076] ret_from_fork+0x10/0x20 [ 15.422138] [ 15.422157] Allocated by task 184: [ 15.422194] kasan_save_stack+0x3c/0x68 [ 15.422253] kasan_save_track+0x20/0x40 [ 15.422317] kasan_save_alloc_info+0x40/0x58 [ 15.422359] __kasan_kmalloc+0xd4/0xd8 [ 15.422395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.422462] kmalloc_uaf+0xb8/0x338 [ 15.422527] kunit_try_run_case+0x170/0x3f0 [ 15.422570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.422612] kthread+0x328/0x630 [ 15.422692] ret_from_fork+0x10/0x20 [ 15.422746] [ 15.422785] Freed by task 184: [ 15.422812] kasan_save_stack+0x3c/0x68 [ 15.422849] kasan_save_track+0x20/0x40 [ 15.422913] kasan_save_free_info+0x4c/0x78 [ 15.422970] __kasan_slab_free+0x6c/0x98 [ 15.423089] kfree+0x214/0x3c8 [ 15.423125] kmalloc_uaf+0x11c/0x338 [ 15.423158] kunit_try_run_case+0x170/0x3f0 [ 15.423213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.423257] kthread+0x328/0x630 [ 15.423288] ret_from_fork+0x10/0x20 [ 15.423531] [ 15.423600] The buggy address belongs to the object at fff00000c3fc61e0 [ 15.423600] which belongs to the cache kmalloc-16 of size 16 [ 15.423739] The buggy address is located 8 bytes inside of [ 15.423739] freed 16-byte region [fff00000c3fc61e0, fff00000c3fc61f0) [ 15.423869] [ 15.423897] The buggy address belongs to the physical page: [ 15.423948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.424014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.424106] page_type: f5(slab) [ 15.424146] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.424353] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.424542] page dumped because: kasan: bad access detected [ 15.424612] [ 15.424725] Memory state around the buggy address: [ 15.424826] fff00000c3fc6080: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 15.424935] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.424980] >fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.425026] ^ [ 15.425240] fff00000c3fc6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.425394] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.425606] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.409184] ================================================================== [ 15.409268] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.409346] Read of size 64 at addr fff00000c7010504 by task kunit_try_catch/182 [ 15.409397] [ 15.409427] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.409515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.409630] Hardware name: linux,dummy-virt (DT) [ 15.409799] Call trace: [ 15.409869] show_stack+0x20/0x38 (C) [ 15.409919] dump_stack_lvl+0x8c/0xd0 [ 15.409982] print_report+0x118/0x5d0 [ 15.410029] kasan_report+0xdc/0x128 [ 15.410106] kasan_check_range+0x100/0x1a8 [ 15.410241] __asan_memmove+0x3c/0x98 [ 15.410402] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.410464] kunit_try_run_case+0x170/0x3f0 [ 15.410522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.410593] kthread+0x328/0x630 [ 15.410635] ret_from_fork+0x10/0x20 [ 15.410691] [ 15.410718] Allocated by task 182: [ 15.410860] kasan_save_stack+0x3c/0x68 [ 15.410901] kasan_save_track+0x20/0x40 [ 15.411053] kasan_save_alloc_info+0x40/0x58 [ 15.411109] __kasan_kmalloc+0xd4/0xd8 [ 15.411462] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.411538] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.411653] kunit_try_run_case+0x170/0x3f0 [ 15.411751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.411861] kthread+0x328/0x630 [ 15.411960] ret_from_fork+0x10/0x20 [ 15.412087] [ 15.412157] The buggy address belongs to the object at fff00000c7010500 [ 15.412157] which belongs to the cache kmalloc-64 of size 64 [ 15.412281] The buggy address is located 4 bytes inside of [ 15.412281] allocated 64-byte region [fff00000c7010500, fff00000c7010540) [ 15.412458] [ 15.412535] The buggy address belongs to the physical page: [ 15.412714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107010 [ 15.412797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.413151] page_type: f5(slab) [ 15.413275] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.413392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.413474] page dumped because: kasan: bad access detected [ 15.413573] [ 15.413647] Memory state around the buggy address: [ 15.413743] fff00000c7010400: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.413857] fff00000c7010480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.413921] >fff00000c7010500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.413976] ^ [ 15.414280] fff00000c7010580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414331] fff00000c7010600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.414369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.396885] ================================================================== [ 15.397096] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.397151] Read of size 18446744073709551614 at addr fff00000c7010304 by task kunit_try_catch/180 [ 15.397258] [ 15.397306] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.397404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.397463] Hardware name: linux,dummy-virt (DT) [ 15.397508] Call trace: [ 15.397533] show_stack+0x20/0x38 (C) [ 15.397581] dump_stack_lvl+0x8c/0xd0 [ 15.397626] print_report+0x118/0x5d0 [ 15.397818] kasan_report+0xdc/0x128 [ 15.397871] kasan_check_range+0x100/0x1a8 [ 15.398222] __asan_memmove+0x3c/0x98 [ 15.398312] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.398363] kunit_try_run_case+0x170/0x3f0 [ 15.398451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.398514] kthread+0x328/0x630 [ 15.398555] ret_from_fork+0x10/0x20 [ 15.398601] [ 15.398620] Allocated by task 180: [ 15.398646] kasan_save_stack+0x3c/0x68 [ 15.398705] kasan_save_track+0x20/0x40 [ 15.398742] kasan_save_alloc_info+0x40/0x58 [ 15.398780] __kasan_kmalloc+0xd4/0xd8 [ 15.398816] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.398860] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.398901] kunit_try_run_case+0x170/0x3f0 [ 15.398937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.398986] kthread+0x328/0x630 [ 15.399024] ret_from_fork+0x10/0x20 [ 15.399079] [ 15.399101] The buggy address belongs to the object at fff00000c7010300 [ 15.399101] which belongs to the cache kmalloc-64 of size 64 [ 15.399155] The buggy address is located 4 bytes inside of [ 15.399155] 64-byte region [fff00000c7010300, fff00000c7010340) [ 15.399210] [ 15.399341] The buggy address belongs to the physical page: [ 15.399372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107010 [ 15.399423] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.399468] page_type: f5(slab) [ 15.399505] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.400367] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.400468] page dumped because: kasan: bad access detected [ 15.400548] [ 15.400605] Memory state around the buggy address: [ 15.400723] fff00000c7010200: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.400782] fff00000c7010280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.400825] >fff00000c7010300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.401065] ^ [ 15.401304] fff00000c7010380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.401581] fff00000c7010400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.401825] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.388206] ================================================================== [ 15.388305] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.388373] Write of size 16 at addr fff00000c3fc2e69 by task kunit_try_catch/178 [ 15.388453] [ 15.388511] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.388629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.388655] Hardware name: linux,dummy-virt (DT) [ 15.388713] Call trace: [ 15.388781] show_stack+0x20/0x38 (C) [ 15.388846] dump_stack_lvl+0x8c/0xd0 [ 15.388892] print_report+0x118/0x5d0 [ 15.388938] kasan_report+0xdc/0x128 [ 15.389017] kasan_check_range+0x100/0x1a8 [ 15.389092] __asan_memset+0x34/0x78 [ 15.389134] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.389179] kunit_try_run_case+0x170/0x3f0 [ 15.389223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.389282] kthread+0x328/0x630 [ 15.389322] ret_from_fork+0x10/0x20 [ 15.389463] [ 15.389487] Allocated by task 178: [ 15.389514] kasan_save_stack+0x3c/0x68 [ 15.389579] kasan_save_track+0x20/0x40 [ 15.389788] kasan_save_alloc_info+0x40/0x58 [ 15.389840] __kasan_kmalloc+0xd4/0xd8 [ 15.389876] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.389937] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.389974] kunit_try_run_case+0x170/0x3f0 [ 15.390010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.390052] kthread+0x328/0x630 [ 15.390083] ret_from_fork+0x10/0x20 [ 15.390127] [ 15.390154] The buggy address belongs to the object at fff00000c3fc2e00 [ 15.390154] which belongs to the cache kmalloc-128 of size 128 [ 15.390210] The buggy address is located 105 bytes inside of [ 15.390210] allocated 120-byte region [fff00000c3fc2e00, fff00000c3fc2e78) [ 15.390271] [ 15.390306] The buggy address belongs to the physical page: [ 15.390336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.390394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.390440] page_type: f5(slab) [ 15.390482] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.390546] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.390584] page dumped because: kasan: bad access detected [ 15.390615] [ 15.390642] Memory state around the buggy address: [ 15.390682] fff00000c3fc2d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.390722] fff00000c3fc2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.390762] >fff00000c3fc2e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.390798] ^ [ 15.390836] fff00000c3fc2e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.390876] fff00000c3fc2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.390912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.377350] ================================================================== [ 15.377414] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.377512] Write of size 8 at addr fff00000c3fc2d71 by task kunit_try_catch/176 [ 15.377567] [ 15.377626] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.377747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.377774] Hardware name: linux,dummy-virt (DT) [ 15.377803] Call trace: [ 15.377824] show_stack+0x20/0x38 (C) [ 15.377869] dump_stack_lvl+0x8c/0xd0 [ 15.377913] print_report+0x118/0x5d0 [ 15.377957] kasan_report+0xdc/0x128 [ 15.378000] kasan_check_range+0x100/0x1a8 [ 15.378046] __asan_memset+0x34/0x78 [ 15.378159] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.378236] kunit_try_run_case+0x170/0x3f0 [ 15.378284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.378333] kthread+0x328/0x630 [ 15.378560] ret_from_fork+0x10/0x20 [ 15.378657] [ 15.378718] Allocated by task 176: [ 15.378746] kasan_save_stack+0x3c/0x68 [ 15.378802] kasan_save_track+0x20/0x40 [ 15.378865] kasan_save_alloc_info+0x40/0x58 [ 15.378951] __kasan_kmalloc+0xd4/0xd8 [ 15.379021] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.379066] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.379166] kunit_try_run_case+0x170/0x3f0 [ 15.379292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.379418] kthread+0x328/0x630 [ 15.379740] ret_from_fork+0x10/0x20 [ 15.379880] [ 15.379986] The buggy address belongs to the object at fff00000c3fc2d00 [ 15.379986] which belongs to the cache kmalloc-128 of size 128 [ 15.380102] The buggy address is located 113 bytes inside of [ 15.380102] allocated 120-byte region [fff00000c3fc2d00, fff00000c3fc2d78) [ 15.380252] [ 15.380315] The buggy address belongs to the physical page: [ 15.380355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.380411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.380457] page_type: f5(slab) [ 15.380494] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.380778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.380832] page dumped because: kasan: bad access detected [ 15.380862] [ 15.380889] Memory state around the buggy address: [ 15.381003] fff00000c3fc2c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.381129] fff00000c3fc2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381318] >fff00000c3fc2d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.381435] ^ [ 15.381522] fff00000c3fc2d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381645] fff00000c3fc2e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381722] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.368755] ================================================================== [ 15.368874] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.368999] Write of size 4 at addr fff00000c3fc2c75 by task kunit_try_catch/174 [ 15.369052] [ 15.369217] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.369417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.369466] Hardware name: linux,dummy-virt (DT) [ 15.369521] Call trace: [ 15.369554] show_stack+0x20/0x38 (C) [ 15.369621] dump_stack_lvl+0x8c/0xd0 [ 15.369677] print_report+0x118/0x5d0 [ 15.369758] kasan_report+0xdc/0x128 [ 15.369803] kasan_check_range+0x100/0x1a8 [ 15.369849] __asan_memset+0x34/0x78 [ 15.369889] kmalloc_oob_memset_4+0x150/0x300 [ 15.370118] kunit_try_run_case+0x170/0x3f0 [ 15.370212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.370263] kthread+0x328/0x630 [ 15.370303] ret_from_fork+0x10/0x20 [ 15.370356] [ 15.370496] Allocated by task 174: [ 15.370609] kasan_save_stack+0x3c/0x68 [ 15.370656] kasan_save_track+0x20/0x40 [ 15.370704] kasan_save_alloc_info+0x40/0x58 [ 15.370769] __kasan_kmalloc+0xd4/0xd8 [ 15.370868] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.370926] kmalloc_oob_memset_4+0xb0/0x300 [ 15.370963] kunit_try_run_case+0x170/0x3f0 [ 15.371000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.371053] kthread+0x328/0x630 [ 15.371086] ret_from_fork+0x10/0x20 [ 15.371123] [ 15.371144] The buggy address belongs to the object at fff00000c3fc2c00 [ 15.371144] which belongs to the cache kmalloc-128 of size 128 [ 15.371306] The buggy address is located 117 bytes inside of [ 15.371306] allocated 120-byte region [fff00000c3fc2c00, fff00000c3fc2c78) [ 15.371486] [ 15.371555] The buggy address belongs to the physical page: [ 15.371625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.371749] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.371796] page_type: f5(slab) [ 15.371833] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.372003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.372041] page dumped because: kasan: bad access detected [ 15.372071] [ 15.372089] Memory state around the buggy address: [ 15.372119] fff00000c3fc2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.372161] fff00000c3fc2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372354] >fff00000c3fc2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.372436] ^ [ 15.372553] fff00000c3fc2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372673] fff00000c3fc2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372753] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.359685] ================================================================== [ 15.359831] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.359937] Write of size 2 at addr fff00000c3fc2b77 by task kunit_try_catch/172 [ 15.359988] [ 15.360018] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.360096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.360122] Hardware name: linux,dummy-virt (DT) [ 15.360151] Call trace: [ 15.360200] show_stack+0x20/0x38 (C) [ 15.360247] dump_stack_lvl+0x8c/0xd0 [ 15.360290] print_report+0x118/0x5d0 [ 15.360335] kasan_report+0xdc/0x128 [ 15.360383] kasan_check_range+0x100/0x1a8 [ 15.360467] __asan_memset+0x34/0x78 [ 15.360525] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.360571] kunit_try_run_case+0x170/0x3f0 [ 15.360617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.360677] kthread+0x328/0x630 [ 15.360716] ret_from_fork+0x10/0x20 [ 15.360761] [ 15.360828] Allocated by task 172: [ 15.360857] kasan_save_stack+0x3c/0x68 [ 15.360897] kasan_save_track+0x20/0x40 [ 15.360933] kasan_save_alloc_info+0x40/0x58 [ 15.360972] __kasan_kmalloc+0xd4/0xd8 [ 15.361087] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.361135] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.361171] kunit_try_run_case+0x170/0x3f0 [ 15.361207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.361249] kthread+0x328/0x630 [ 15.361280] ret_from_fork+0x10/0x20 [ 15.361330] [ 15.361378] The buggy address belongs to the object at fff00000c3fc2b00 [ 15.361378] which belongs to the cache kmalloc-128 of size 128 [ 15.361459] The buggy address is located 119 bytes inside of [ 15.361459] allocated 120-byte region [fff00000c3fc2b00, fff00000c3fc2b78) [ 15.361520] [ 15.361539] The buggy address belongs to the physical page: [ 15.361832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.361917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.362004] page_type: f5(slab) [ 15.362045] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.362116] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.362155] page dumped because: kasan: bad access detected [ 15.362185] [ 15.362202] Memory state around the buggy address: [ 15.362233] fff00000c3fc2a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.362273] fff00000c3fc2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.362313] >fff00000c3fc2b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.362349] ^ [ 15.362387] fff00000c3fc2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.362426] fff00000c3fc2c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.362462] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.348840] ================================================================== [ 15.348924] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.348974] Write of size 128 at addr fff00000c3fc2a00 by task kunit_try_catch/170 [ 15.349023] [ 15.349053] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.349131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.349178] Hardware name: linux,dummy-virt (DT) [ 15.349276] Call trace: [ 15.349326] show_stack+0x20/0x38 (C) [ 15.349373] dump_stack_lvl+0x8c/0xd0 [ 15.349419] print_report+0x118/0x5d0 [ 15.349614] kasan_report+0xdc/0x128 [ 15.349803] kasan_check_range+0x100/0x1a8 [ 15.349904] __asan_memset+0x34/0x78 [ 15.349948] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.350055] kunit_try_run_case+0x170/0x3f0 [ 15.350100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.350150] kthread+0x328/0x630 [ 15.350198] ret_from_fork+0x10/0x20 [ 15.350251] [ 15.350555] Allocated by task 170: [ 15.350592] kasan_save_stack+0x3c/0x68 [ 15.350634] kasan_save_track+0x20/0x40 [ 15.350684] kasan_save_alloc_info+0x40/0x58 [ 15.350750] __kasan_kmalloc+0xd4/0xd8 [ 15.350836] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.350878] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.350931] kunit_try_run_case+0x170/0x3f0 [ 15.350987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.351031] kthread+0x328/0x630 [ 15.351095] ret_from_fork+0x10/0x20 [ 15.351217] [ 15.351297] The buggy address belongs to the object at fff00000c3fc2a00 [ 15.351297] which belongs to the cache kmalloc-128 of size 128 [ 15.351458] The buggy address is located 0 bytes inside of [ 15.351458] allocated 120-byte region [fff00000c3fc2a00, fff00000c3fc2a78) [ 15.351519] [ 15.351549] The buggy address belongs to the physical page: [ 15.351583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.351633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.351688] page_type: f5(slab) [ 15.351725] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.351772] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.351810] page dumped because: kasan: bad access detected [ 15.351839] [ 15.352015] Memory state around the buggy address: [ 15.352125] fff00000c3fc2900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.352242] fff00000c3fc2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352420] >fff00000c3fc2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.352525] ^ [ 15.352681] fff00000c3fc2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352729] fff00000c3fc2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.352779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.339763] ================================================================== [ 15.339817] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.339895] Read of size 16 at addr fff00000c3fc61c0 by task kunit_try_catch/168 [ 15.339952] [ 15.339989] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.340067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.340128] Hardware name: linux,dummy-virt (DT) [ 15.340176] Call trace: [ 15.340204] show_stack+0x20/0x38 (C) [ 15.340308] dump_stack_lvl+0x8c/0xd0 [ 15.340373] print_report+0x118/0x5d0 [ 15.340450] kasan_report+0xdc/0x128 [ 15.340526] __asan_report_load16_noabort+0x20/0x30 [ 15.340578] kmalloc_uaf_16+0x3bc/0x438 [ 15.340690] kunit_try_run_case+0x170/0x3f0 [ 15.340755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.340816] kthread+0x328/0x630 [ 15.340874] ret_from_fork+0x10/0x20 [ 15.340949] [ 15.341020] Allocated by task 168: [ 15.341048] kasan_save_stack+0x3c/0x68 [ 15.341086] kasan_save_track+0x20/0x40 [ 15.341122] kasan_save_alloc_info+0x40/0x58 [ 15.341440] __kasan_kmalloc+0xd4/0xd8 [ 15.341485] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.341522] kmalloc_uaf_16+0x140/0x438 [ 15.341562] kunit_try_run_case+0x170/0x3f0 [ 15.341704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.341747] kthread+0x328/0x630 [ 15.341843] ret_from_fork+0x10/0x20 [ 15.341878] [ 15.341895] Freed by task 168: [ 15.341922] kasan_save_stack+0x3c/0x68 [ 15.341974] kasan_save_track+0x20/0x40 [ 15.342010] kasan_save_free_info+0x4c/0x78 [ 15.342074] __kasan_slab_free+0x6c/0x98 [ 15.342131] kfree+0x214/0x3c8 [ 15.342212] kmalloc_uaf_16+0x190/0x438 [ 15.342247] kunit_try_run_case+0x170/0x3f0 [ 15.342284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.342327] kthread+0x328/0x630 [ 15.342358] ret_from_fork+0x10/0x20 [ 15.342392] [ 15.342469] The buggy address belongs to the object at fff00000c3fc61c0 [ 15.342469] which belongs to the cache kmalloc-16 of size 16 [ 15.342525] The buggy address is located 0 bytes inside of [ 15.342525] freed 16-byte region [fff00000c3fc61c0, fff00000c3fc61d0) [ 15.342582] [ 15.342601] The buggy address belongs to the physical page: [ 15.342630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.342689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.342735] page_type: f5(slab) [ 15.342771] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.342819] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.342867] page dumped because: kasan: bad access detected [ 15.342914] [ 15.342960] Memory state around the buggy address: [ 15.343022] fff00000c3fc6080: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 15.343084] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.343222] >fff00000c3fc6180: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 15.343310] ^ [ 15.343374] fff00000c3fc6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343511] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343638] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.330085] ================================================================== [ 15.330157] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.330208] Write of size 16 at addr fff00000c3fc6160 by task kunit_try_catch/166 [ 15.330286] [ 15.330316] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.330393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.330419] Hardware name: linux,dummy-virt (DT) [ 15.330450] Call trace: [ 15.330491] show_stack+0x20/0x38 (C) [ 15.330538] dump_stack_lvl+0x8c/0xd0 [ 15.330591] print_report+0x118/0x5d0 [ 15.330637] kasan_report+0xdc/0x128 [ 15.330912] __asan_report_store16_noabort+0x20/0x30 [ 15.331017] kmalloc_oob_16+0x3a0/0x3f8 [ 15.331111] kunit_try_run_case+0x170/0x3f0 [ 15.331157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.331207] kthread+0x328/0x630 [ 15.331248] ret_from_fork+0x10/0x20 [ 15.331333] [ 15.331352] Allocated by task 166: [ 15.331564] kasan_save_stack+0x3c/0x68 [ 15.331621] kasan_save_track+0x20/0x40 [ 15.331657] kasan_save_alloc_info+0x40/0x58 [ 15.331820] __kasan_kmalloc+0xd4/0xd8 [ 15.331912] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.332030] kmalloc_oob_16+0xb4/0x3f8 [ 15.332159] kunit_try_run_case+0x170/0x3f0 [ 15.332247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.332375] kthread+0x328/0x630 [ 15.332518] ret_from_fork+0x10/0x20 [ 15.332607] [ 15.334686] The buggy address belongs to the object at fff00000c3fc6160 [ 15.334686] which belongs to the cache kmalloc-16 of size 16 [ 15.334744] The buggy address is located 0 bytes inside of [ 15.334744] allocated 13-byte region [fff00000c3fc6160, fff00000c3fc616d) [ 15.334803] [ 15.334822] The buggy address belongs to the physical page: [ 15.334852] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.334901] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.334947] page_type: f5(slab) [ 15.334984] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.335039] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.335079] page dumped because: kasan: bad access detected [ 15.335109] [ 15.335126] Memory state around the buggy address: [ 15.335155] fff00000c3fc6000: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 15.335196] fff00000c3fc6080: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 15.335236] >fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 15.335272] ^ [ 15.335310] fff00000c3fc6180: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335349] fff00000c3fc6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.320282] ================================================================== [ 15.320433] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.320486] Read of size 1 at addr fff00000c6144800 by task kunit_try_catch/164 [ 15.320554] [ 15.320614] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.320725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.320765] Hardware name: linux,dummy-virt (DT) [ 15.320813] Call trace: [ 15.320851] show_stack+0x20/0x38 (C) [ 15.320945] dump_stack_lvl+0x8c/0xd0 [ 15.320990] print_report+0x118/0x5d0 [ 15.321035] kasan_report+0xdc/0x128 [ 15.321089] __asan_report_load1_noabort+0x20/0x30 [ 15.321244] krealloc_uaf+0x4c8/0x520 [ 15.321289] kunit_try_run_case+0x170/0x3f0 [ 15.321412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.321507] kthread+0x328/0x630 [ 15.321556] ret_from_fork+0x10/0x20 [ 15.321621] [ 15.321640] Allocated by task 164: [ 15.321702] kasan_save_stack+0x3c/0x68 [ 15.321747] kasan_save_track+0x20/0x40 [ 15.321813] kasan_save_alloc_info+0x40/0x58 [ 15.321852] __kasan_kmalloc+0xd4/0xd8 [ 15.321887] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.321924] krealloc_uaf+0xc8/0x520 [ 15.321957] kunit_try_run_case+0x170/0x3f0 [ 15.321993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.322140] kthread+0x328/0x630 [ 15.322198] ret_from_fork+0x10/0x20 [ 15.322287] [ 15.322358] Freed by task 164: [ 15.322385] kasan_save_stack+0x3c/0x68 [ 15.322421] kasan_save_track+0x20/0x40 [ 15.322510] kasan_save_free_info+0x4c/0x78 [ 15.322576] __kasan_slab_free+0x6c/0x98 [ 15.322613] kfree+0x214/0x3c8 [ 15.322645] krealloc_uaf+0x12c/0x520 [ 15.322803] kunit_try_run_case+0x170/0x3f0 [ 15.322906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.323022] kthread+0x328/0x630 [ 15.323152] ret_from_fork+0x10/0x20 [ 15.323234] [ 15.323349] The buggy address belongs to the object at fff00000c6144800 [ 15.323349] which belongs to the cache kmalloc-256 of size 256 [ 15.323496] The buggy address is located 0 bytes inside of [ 15.323496] freed 256-byte region [fff00000c6144800, fff00000c6144900) [ 15.323584] [ 15.323629] The buggy address belongs to the physical page: [ 15.323660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.323721] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.323786] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.323838] page_type: f5(slab) [ 15.323875] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.323922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.323970] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.324173] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.324272] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.324407] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.324491] page dumped because: kasan: bad access detected [ 15.324521] [ 15.324539] Memory state around the buggy address: [ 15.324701] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.324779] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.324928] >fff00000c6144800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.325067] ^ [ 15.325106] fff00000c6144880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.325146] fff00000c6144900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.325227] ================================================================== [ 15.313886] ================================================================== [ 15.313984] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.314036] Read of size 1 at addr fff00000c6144800 by task kunit_try_catch/164 [ 15.314084] [ 15.314113] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.314347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.314406] Hardware name: linux,dummy-virt (DT) [ 15.314454] Call trace: [ 15.314478] show_stack+0x20/0x38 (C) [ 15.314526] dump_stack_lvl+0x8c/0xd0 [ 15.314581] print_report+0x118/0x5d0 [ 15.314628] kasan_report+0xdc/0x128 [ 15.314773] __kasan_check_byte+0x54/0x70 [ 15.314861] krealloc_noprof+0x44/0x360 [ 15.314974] krealloc_uaf+0x180/0x520 [ 15.315162] kunit_try_run_case+0x170/0x3f0 [ 15.315230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.315331] kthread+0x328/0x630 [ 15.315391] ret_from_fork+0x10/0x20 [ 15.315436] [ 15.315454] Allocated by task 164: [ 15.315483] kasan_save_stack+0x3c/0x68 [ 15.315523] kasan_save_track+0x20/0x40 [ 15.315559] kasan_save_alloc_info+0x40/0x58 [ 15.315597] __kasan_kmalloc+0xd4/0xd8 [ 15.315634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.315683] krealloc_uaf+0xc8/0x520 [ 15.315718] kunit_try_run_case+0x170/0x3f0 [ 15.315920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.316035] kthread+0x328/0x630 [ 15.316076] ret_from_fork+0x10/0x20 [ 15.316112] [ 15.316131] Freed by task 164: [ 15.316159] kasan_save_stack+0x3c/0x68 [ 15.316220] kasan_save_track+0x20/0x40 [ 15.316403] kasan_save_free_info+0x4c/0x78 [ 15.316498] __kasan_slab_free+0x6c/0x98 [ 15.316589] kfree+0x214/0x3c8 [ 15.316703] krealloc_uaf+0x12c/0x520 [ 15.316761] kunit_try_run_case+0x170/0x3f0 [ 15.316818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.316976] kthread+0x328/0x630 [ 15.317152] ret_from_fork+0x10/0x20 [ 15.317328] [ 15.317409] The buggy address belongs to the object at fff00000c6144800 [ 15.317409] which belongs to the cache kmalloc-256 of size 256 [ 15.317610] The buggy address is located 0 bytes inside of [ 15.317610] freed 256-byte region [fff00000c6144800, fff00000c6144900) [ 15.317682] [ 15.317701] The buggy address belongs to the physical page: [ 15.317732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.317782] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.317852] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.318035] page_type: f5(slab) [ 15.318142] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.318231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.318289] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.318395] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.318444] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.318490] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.318527] page dumped because: kasan: bad access detected [ 15.318580] [ 15.318735] Memory state around the buggy address: [ 15.318807] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318898] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.318984] >fff00000c6144800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.319086] ^ [ 15.319184] fff00000c6144880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.319255] fff00000c6144900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319291] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.305839] ================================================================== [ 15.305888] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.305933] Write of size 1 at addr fff00000c77560eb by task kunit_try_catch/162 [ 15.305980] [ 15.306007] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.306142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.306168] Hardware name: linux,dummy-virt (DT) [ 15.306216] Call trace: [ 15.306255] show_stack+0x20/0x38 (C) [ 15.306300] dump_stack_lvl+0x8c/0xd0 [ 15.306360] print_report+0x118/0x5d0 [ 15.306405] kasan_report+0xdc/0x128 [ 15.306483] __asan_report_store1_noabort+0x20/0x30 [ 15.306539] krealloc_less_oob_helper+0xa58/0xc50 [ 15.306604] krealloc_large_less_oob+0x20/0x38 [ 15.306651] kunit_try_run_case+0x170/0x3f0 [ 15.306724] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.306812] kthread+0x328/0x630 [ 15.306867] ret_from_fork+0x10/0x20 [ 15.306913] [ 15.307075] The buggy address belongs to the physical page: [ 15.307109] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.307158] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.307335] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.307413] page_type: f8(unknown) [ 15.307480] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.307577] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.307679] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.307726] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.307773] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.307819] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.307896] page dumped because: kasan: bad access detected [ 15.307926] [ 15.308083] Memory state around the buggy address: [ 15.308186] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.308251] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.308313] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.308391] ^ [ 15.308462] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.308535] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.308634] ================================================================== [ 15.289995] ================================================================== [ 15.290049] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.290116] Write of size 1 at addr fff00000c77560c9 by task kunit_try_catch/162 [ 15.290208] [ 15.290293] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.290388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.290415] Hardware name: linux,dummy-virt (DT) [ 15.290480] Call trace: [ 15.290543] show_stack+0x20/0x38 (C) [ 15.290591] dump_stack_lvl+0x8c/0xd0 [ 15.290653] print_report+0x118/0x5d0 [ 15.290871] kasan_report+0xdc/0x128 [ 15.291044] __asan_report_store1_noabort+0x20/0x30 [ 15.291097] krealloc_less_oob_helper+0xa48/0xc50 [ 15.291159] krealloc_large_less_oob+0x20/0x38 [ 15.291205] kunit_try_run_case+0x170/0x3f0 [ 15.291250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.291301] kthread+0x328/0x630 [ 15.291502] ret_from_fork+0x10/0x20 [ 15.291609] [ 15.291783] The buggy address belongs to the physical page: [ 15.291861] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.291948] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.292039] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.292089] page_type: f8(unknown) [ 15.292253] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.292458] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.292555] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.292613] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.292747] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.292862] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.292959] page dumped because: kasan: bad access detected [ 15.293043] [ 15.293135] Memory state around the buggy address: [ 15.293223] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.293306] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.293378] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.293414] ^ [ 15.293449] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.293555] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.293879] ================================================================== [ 15.294583] ================================================================== [ 15.294626] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.294703] Write of size 1 at addr fff00000c77560d0 by task kunit_try_catch/162 [ 15.294753] [ 15.294906] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.294985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.295037] Hardware name: linux,dummy-virt (DT) [ 15.295066] Call trace: [ 15.295215] show_stack+0x20/0x38 (C) [ 15.295283] dump_stack_lvl+0x8c/0xd0 [ 15.295393] print_report+0x118/0x5d0 [ 15.295503] kasan_report+0xdc/0x128 [ 15.295602] __asan_report_store1_noabort+0x20/0x30 [ 15.295780] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.295936] krealloc_large_less_oob+0x20/0x38 [ 15.296042] kunit_try_run_case+0x170/0x3f0 [ 15.296088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.296162] kthread+0x328/0x630 [ 15.296203] ret_from_fork+0x10/0x20 [ 15.296248] [ 15.296269] The buggy address belongs to the physical page: [ 15.296298] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.296414] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.296595] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.296700] page_type: f8(unknown) [ 15.296802] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.296899] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.297034] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.297129] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.297177] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.297375] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.297491] page dumped because: kasan: bad access detected [ 15.297546] [ 15.297611] Memory state around the buggy address: [ 15.297684] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.297763] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.297858] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.297899] ^ [ 15.297972] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.298063] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.298165] ================================================================== [ 15.254490] ================================================================== [ 15.254534] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.254579] Write of size 1 at addr fff00000c61446da by task kunit_try_catch/158 [ 15.254626] [ 15.254653] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.254743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.254768] Hardware name: linux,dummy-virt (DT) [ 15.254815] Call trace: [ 15.254836] show_stack+0x20/0x38 (C) [ 15.254882] dump_stack_lvl+0x8c/0xd0 [ 15.254926] print_report+0x118/0x5d0 [ 15.254970] kasan_report+0xdc/0x128 [ 15.255043] __asan_report_store1_noabort+0x20/0x30 [ 15.255094] krealloc_less_oob_helper+0xa80/0xc50 [ 15.255140] krealloc_less_oob+0x20/0x38 [ 15.255184] kunit_try_run_case+0x170/0x3f0 [ 15.255229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.255296] kthread+0x328/0x630 [ 15.255562] ret_from_fork+0x10/0x20 [ 15.255635] [ 15.255656] Allocated by task 158: [ 15.255696] kasan_save_stack+0x3c/0x68 [ 15.255736] kasan_save_track+0x20/0x40 [ 15.255773] kasan_save_alloc_info+0x40/0x58 [ 15.255810] __kasan_krealloc+0x118/0x178 [ 15.255846] krealloc_noprof+0x128/0x360 [ 15.255881] krealloc_less_oob_helper+0x168/0xc50 [ 15.255919] krealloc_less_oob+0x20/0x38 [ 15.256178] kunit_try_run_case+0x170/0x3f0 [ 15.256256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.256398] kthread+0x328/0x630 [ 15.256500] ret_from_fork+0x10/0x20 [ 15.256535] [ 15.256554] The buggy address belongs to the object at fff00000c6144600 [ 15.256554] which belongs to the cache kmalloc-256 of size 256 [ 15.256870] The buggy address is located 17 bytes to the right of [ 15.256870] allocated 201-byte region [fff00000c6144600, fff00000c61446c9) [ 15.256996] [ 15.257055] The buggy address belongs to the physical page: [ 15.257141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.257225] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.257269] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.257538] page_type: f5(slab) [ 15.257636] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.257785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.257864] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.257948] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.258079] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.258128] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.258392] page dumped because: kasan: bad access detected [ 15.258492] [ 15.258589] Memory state around the buggy address: [ 15.258722] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258796] fff00000c6144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.258874] >fff00000c6144680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.258910] ^ [ 15.259208] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259499] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259643] ================================================================== [ 15.301937] ================================================================== [ 15.301996] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.302043] Write of size 1 at addr fff00000c77560ea by task kunit_try_catch/162 [ 15.302089] [ 15.302116] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.302375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.302702] Hardware name: linux,dummy-virt (DT) [ 15.302782] Call trace: [ 15.302811] show_stack+0x20/0x38 (C) [ 15.302861] dump_stack_lvl+0x8c/0xd0 [ 15.302908] print_report+0x118/0x5d0 [ 15.302979] kasan_report+0xdc/0x128 [ 15.303153] __asan_report_store1_noabort+0x20/0x30 [ 15.303337] krealloc_less_oob_helper+0xae4/0xc50 [ 15.303431] krealloc_large_less_oob+0x20/0x38 [ 15.303553] kunit_try_run_case+0x170/0x3f0 [ 15.303624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.303686] kthread+0x328/0x630 [ 15.303746] ret_from_fork+0x10/0x20 [ 15.304007] [ 15.304085] The buggy address belongs to the physical page: [ 15.304154] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.304253] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.304356] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.304458] page_type: f8(unknown) [ 15.304566] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.304674] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.304730] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.304821] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.304903] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.304951] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.305007] page dumped because: kasan: bad access detected [ 15.305038] [ 15.305055] Memory state around the buggy address: [ 15.305084] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.305254] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.305318] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.305365] ^ [ 15.305402] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.305442] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.305480] ================================================================== [ 15.265998] ================================================================== [ 15.266043] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.266105] Write of size 1 at addr fff00000c61446eb by task kunit_try_catch/158 [ 15.266154] [ 15.266186] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.266262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.266474] Hardware name: linux,dummy-virt (DT) [ 15.266576] Call trace: [ 15.266698] show_stack+0x20/0x38 (C) [ 15.266747] dump_stack_lvl+0x8c/0xd0 [ 15.266792] print_report+0x118/0x5d0 [ 15.266836] kasan_report+0xdc/0x128 [ 15.266908] __asan_report_store1_noabort+0x20/0x30 [ 15.267064] krealloc_less_oob_helper+0xa58/0xc50 [ 15.267114] krealloc_less_oob+0x20/0x38 [ 15.267294] kunit_try_run_case+0x170/0x3f0 [ 15.267415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.267485] kthread+0x328/0x630 [ 15.267527] ret_from_fork+0x10/0x20 [ 15.267572] [ 15.267590] Allocated by task 158: [ 15.267653] kasan_save_stack+0x3c/0x68 [ 15.267784] kasan_save_track+0x20/0x40 [ 15.267895] kasan_save_alloc_info+0x40/0x58 [ 15.267956] __kasan_krealloc+0x118/0x178 [ 15.267992] krealloc_noprof+0x128/0x360 [ 15.268049] krealloc_less_oob_helper+0x168/0xc50 [ 15.268088] krealloc_less_oob+0x20/0x38 [ 15.268122] kunit_try_run_case+0x170/0x3f0 [ 15.268158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.268199] kthread+0x328/0x630 [ 15.268230] ret_from_fork+0x10/0x20 [ 15.268263] [ 15.268281] The buggy address belongs to the object at fff00000c6144600 [ 15.268281] which belongs to the cache kmalloc-256 of size 256 [ 15.268337] The buggy address is located 34 bytes to the right of [ 15.268337] allocated 201-byte region [fff00000c6144600, fff00000c61446c9) [ 15.268592] [ 15.268612] The buggy address belongs to the physical page: [ 15.268642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.268721] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.268796] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.268879] page_type: f5(slab) [ 15.268943] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.268992] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.269040] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.269086] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.269133] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.269192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.269231] page dumped because: kasan: bad access detected [ 15.269275] [ 15.269294] Memory state around the buggy address: [ 15.269323] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269365] fff00000c6144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.269414] >fff00000c6144680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.269465] ^ [ 15.269502] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269562] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.269612] ================================================================== [ 15.243089] ================================================================== [ 15.243143] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.243192] Write of size 1 at addr fff00000c61446c9 by task kunit_try_catch/158 [ 15.243240] [ 15.243270] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.243347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.243373] Hardware name: linux,dummy-virt (DT) [ 15.243428] Call trace: [ 15.243452] show_stack+0x20/0x38 (C) [ 15.243498] dump_stack_lvl+0x8c/0xd0 [ 15.243542] print_report+0x118/0x5d0 [ 15.243587] kasan_report+0xdc/0x128 [ 15.243631] __asan_report_store1_noabort+0x20/0x30 [ 15.243694] krealloc_less_oob_helper+0xa48/0xc50 [ 15.243980] krealloc_less_oob+0x20/0x38 [ 15.244082] kunit_try_run_case+0x170/0x3f0 [ 15.244159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.244237] kthread+0x328/0x630 [ 15.244313] ret_from_fork+0x10/0x20 [ 15.244360] [ 15.244384] Allocated by task 158: [ 15.244411] kasan_save_stack+0x3c/0x68 [ 15.244451] kasan_save_track+0x20/0x40 [ 15.244487] kasan_save_alloc_info+0x40/0x58 [ 15.244525] __kasan_krealloc+0x118/0x178 [ 15.244587] krealloc_noprof+0x128/0x360 [ 15.244626] krealloc_less_oob_helper+0x168/0xc50 [ 15.244674] krealloc_less_oob+0x20/0x38 [ 15.244709] kunit_try_run_case+0x170/0x3f0 [ 15.244971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.245053] kthread+0x328/0x630 [ 15.245124] ret_from_fork+0x10/0x20 [ 15.245158] [ 15.245246] The buggy address belongs to the object at fff00000c6144600 [ 15.245246] which belongs to the cache kmalloc-256 of size 256 [ 15.245390] The buggy address is located 0 bytes to the right of [ 15.245390] allocated 201-byte region [fff00000c6144600, fff00000c61446c9) [ 15.245496] [ 15.245576] The buggy address belongs to the physical page: [ 15.245636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.245734] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.245804] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.245952] page_type: f5(slab) [ 15.246027] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.246075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.246419] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.246555] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.246661] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.246831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.246871] page dumped because: kasan: bad access detected [ 15.246913] [ 15.247199] Memory state around the buggy address: [ 15.247288] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247372] fff00000c6144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.247491] >fff00000c6144680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.247583] ^ [ 15.247758] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247827] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.247895] ================================================================== [ 15.298529] ================================================================== [ 15.298631] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.298696] Write of size 1 at addr fff00000c77560da by task kunit_try_catch/162 [ 15.298897] [ 15.298958] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.299184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.299210] Hardware name: linux,dummy-virt (DT) [ 15.299239] Call trace: [ 15.299259] show_stack+0x20/0x38 (C) [ 15.299366] dump_stack_lvl+0x8c/0xd0 [ 15.299459] print_report+0x118/0x5d0 [ 15.299553] kasan_report+0xdc/0x128 [ 15.299619] __asan_report_store1_noabort+0x20/0x30 [ 15.299680] krealloc_less_oob_helper+0xa80/0xc50 [ 15.299743] krealloc_large_less_oob+0x20/0x38 [ 15.300070] kunit_try_run_case+0x170/0x3f0 [ 15.300159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.300220] kthread+0x328/0x630 [ 15.300260] ret_from_fork+0x10/0x20 [ 15.300400] [ 15.300497] The buggy address belongs to the physical page: [ 15.300559] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.300733] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.300811] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.300880] page_type: f8(unknown) [ 15.300916] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.300963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.301017] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.301073] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.301120] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.301166] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.301212] page dumped because: kasan: bad access detected [ 15.301246] [ 15.301264] Memory state around the buggy address: [ 15.301292] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.301332] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.301381] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.301419] ^ [ 15.301460] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.301511] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.301547] ================================================================== [ 15.249135] ================================================================== [ 15.249220] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.249367] Write of size 1 at addr fff00000c61446d0 by task kunit_try_catch/158 [ 15.249514] [ 15.249646] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.249739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.249767] Hardware name: linux,dummy-virt (DT) [ 15.249878] Call trace: [ 15.250080] show_stack+0x20/0x38 (C) [ 15.250151] dump_stack_lvl+0x8c/0xd0 [ 15.250197] print_report+0x118/0x5d0 [ 15.250243] kasan_report+0xdc/0x128 [ 15.250315] __asan_report_store1_noabort+0x20/0x30 [ 15.250381] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.250447] krealloc_less_oob+0x20/0x38 [ 15.250514] kunit_try_run_case+0x170/0x3f0 [ 15.250560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.250628] kthread+0x328/0x630 [ 15.250699] ret_from_fork+0x10/0x20 [ 15.250774] [ 15.250793] Allocated by task 158: [ 15.250820] kasan_save_stack+0x3c/0x68 [ 15.250890] kasan_save_track+0x20/0x40 [ 15.250927] kasan_save_alloc_info+0x40/0x58 [ 15.250965] __kasan_krealloc+0x118/0x178 [ 15.251030] krealloc_noprof+0x128/0x360 [ 15.251191] krealloc_less_oob_helper+0x168/0xc50 [ 15.251383] krealloc_less_oob+0x20/0x38 [ 15.251424] kunit_try_run_case+0x170/0x3f0 [ 15.251460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.251502] kthread+0x328/0x630 [ 15.251555] ret_from_fork+0x10/0x20 [ 15.251590] [ 15.251609] The buggy address belongs to the object at fff00000c6144600 [ 15.251609] which belongs to the cache kmalloc-256 of size 256 [ 15.251676] The buggy address is located 7 bytes to the right of [ 15.251676] allocated 201-byte region [fff00000c6144600, fff00000c61446c9) [ 15.251889] [ 15.251949] The buggy address belongs to the physical page: [ 15.252093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.252219] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.252333] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.252478] page_type: f5(slab) [ 15.252554] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.252645] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.252757] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.252866] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.252921] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.252968] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.253247] page dumped because: kasan: bad access detected [ 15.253314] [ 15.253354] Memory state around the buggy address: [ 15.253446] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253494] fff00000c6144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.253541] >fff00000c6144680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.253631] ^ [ 15.253741] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253798] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253834] ================================================================== [ 15.260206] ================================================================== [ 15.260372] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.260442] Write of size 1 at addr fff00000c61446ea by task kunit_try_catch/158 [ 15.260508] [ 15.260565] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.260643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.260681] Hardware name: linux,dummy-virt (DT) [ 15.260710] Call trace: [ 15.260746] show_stack+0x20/0x38 (C) [ 15.260793] dump_stack_lvl+0x8c/0xd0 [ 15.260943] print_report+0x118/0x5d0 [ 15.261088] kasan_report+0xdc/0x128 [ 15.261145] __asan_report_store1_noabort+0x20/0x30 [ 15.261232] krealloc_less_oob_helper+0xae4/0xc50 [ 15.261296] krealloc_less_oob+0x20/0x38 [ 15.261340] kunit_try_run_case+0x170/0x3f0 [ 15.261385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.261436] kthread+0x328/0x630 [ 15.261476] ret_from_fork+0x10/0x20 [ 15.261583] [ 15.261619] Allocated by task 158: [ 15.263685] kasan_save_stack+0x3c/0x68 [ 15.263734] kasan_save_track+0x20/0x40 [ 15.263771] kasan_save_alloc_info+0x40/0x58 [ 15.263809] __kasan_krealloc+0x118/0x178 [ 15.263845] krealloc_noprof+0x128/0x360 [ 15.263880] krealloc_less_oob_helper+0x168/0xc50 [ 15.263917] krealloc_less_oob+0x20/0x38 [ 15.263952] kunit_try_run_case+0x170/0x3f0 [ 15.263988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.264029] kthread+0x328/0x630 [ 15.264059] ret_from_fork+0x10/0x20 [ 15.264093] [ 15.264112] The buggy address belongs to the object at fff00000c6144600 [ 15.264112] which belongs to the cache kmalloc-256 of size 256 [ 15.264167] The buggy address is located 33 bytes to the right of [ 15.264167] allocated 201-byte region [fff00000c6144600, fff00000c61446c9) [ 15.264229] [ 15.264248] The buggy address belongs to the physical page: [ 15.264279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.264328] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.264374] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.264428] page_type: f5(slab) [ 15.264464] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.264512] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264559] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.264605] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.264652] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.264804] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.264846] page dumped because: kasan: bad access detected [ 15.264875] [ 15.264892] Memory state around the buggy address: [ 15.264921] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.264981] fff00000c6144600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.265024] >fff00000c6144680: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.265060] ^ [ 15.265097] fff00000c6144700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265328] fff00000c6144780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.229231] ================================================================== [ 15.229336] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.229424] Write of size 1 at addr fff00000c61444eb by task kunit_try_catch/156 [ 15.229475] [ 15.229553] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.229658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.229698] Hardware name: linux,dummy-virt (DT) [ 15.229748] Call trace: [ 15.229798] show_stack+0x20/0x38 (C) [ 15.229846] dump_stack_lvl+0x8c/0xd0 [ 15.229890] print_report+0x118/0x5d0 [ 15.230068] kasan_report+0xdc/0x128 [ 15.230232] __asan_report_store1_noabort+0x20/0x30 [ 15.230290] krealloc_more_oob_helper+0x60c/0x678 [ 15.230337] krealloc_more_oob+0x20/0x38 [ 15.230398] kunit_try_run_case+0x170/0x3f0 [ 15.230448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.230498] kthread+0x328/0x630 [ 15.230537] ret_from_fork+0x10/0x20 [ 15.230693] [ 15.230732] Allocated by task 156: [ 15.230804] kasan_save_stack+0x3c/0x68 [ 15.230847] kasan_save_track+0x20/0x40 [ 15.230883] kasan_save_alloc_info+0x40/0x58 [ 15.230921] __kasan_krealloc+0x118/0x178 [ 15.230974] krealloc_noprof+0x128/0x360 [ 15.231018] krealloc_more_oob_helper+0x168/0x678 [ 15.231056] krealloc_more_oob+0x20/0x38 [ 15.231117] kunit_try_run_case+0x170/0x3f0 [ 15.231217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.231383] kthread+0x328/0x630 [ 15.231446] ret_from_fork+0x10/0x20 [ 15.231481] [ 15.231500] The buggy address belongs to the object at fff00000c6144400 [ 15.231500] which belongs to the cache kmalloc-256 of size 256 [ 15.231555] The buggy address is located 0 bytes to the right of [ 15.231555] allocated 235-byte region [fff00000c6144400, fff00000c61444eb) [ 15.231940] [ 15.232000] The buggy address belongs to the physical page: [ 15.232091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.232152] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.232233] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.232356] page_type: f5(slab) [ 15.232428] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.232565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.232752] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.232859] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.232918] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.233203] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.233296] page dumped because: kasan: bad access detected [ 15.233350] [ 15.233367] Memory state around the buggy address: [ 15.233398] fff00000c6144380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233439] fff00000c6144400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.233480] >fff00000c6144480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.233523] ^ [ 15.233571] fff00000c6144500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233612] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233648] ================================================================== [ 15.274466] ================================================================== [ 15.274521] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.274646] Write of size 1 at addr fff00000c77560eb by task kunit_try_catch/160 [ 15.274709] [ 15.274739] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.275033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.275176] Hardware name: linux,dummy-virt (DT) [ 15.275275] Call trace: [ 15.275336] show_stack+0x20/0x38 (C) [ 15.275501] dump_stack_lvl+0x8c/0xd0 [ 15.275565] print_report+0x118/0x5d0 [ 15.275632] kasan_report+0xdc/0x128 [ 15.275688] __asan_report_store1_noabort+0x20/0x30 [ 15.275738] krealloc_more_oob_helper+0x60c/0x678 [ 15.275785] krealloc_large_more_oob+0x20/0x38 [ 15.275830] kunit_try_run_case+0x170/0x3f0 [ 15.276023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.276158] kthread+0x328/0x630 [ 15.276303] ret_from_fork+0x10/0x20 [ 15.276391] [ 15.276485] The buggy address belongs to the physical page: [ 15.276595] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.276678] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.276724] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.277002] page_type: f8(unknown) [ 15.277177] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.277290] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.277378] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.277523] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.277590] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.277706] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.277750] page dumped because: kasan: bad access detected [ 15.277799] [ 15.277816] Memory state around the buggy address: [ 15.277850] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.277894] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.277937] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.277972] ^ [ 15.278010] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.278050] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.278088] ================================================================== [ 15.234055] ================================================================== [ 15.234111] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.234158] Write of size 1 at addr fff00000c61444f0 by task kunit_try_catch/156 [ 15.234205] [ 15.234252] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.234329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.234392] Hardware name: linux,dummy-virt (DT) [ 15.234424] Call trace: [ 15.234445] show_stack+0x20/0x38 (C) [ 15.234490] dump_stack_lvl+0x8c/0xd0 [ 15.234534] print_report+0x118/0x5d0 [ 15.234580] kasan_report+0xdc/0x128 [ 15.234625] __asan_report_store1_noabort+0x20/0x30 [ 15.234687] krealloc_more_oob_helper+0x5c0/0x678 [ 15.234808] krealloc_more_oob+0x20/0x38 [ 15.234860] kunit_try_run_case+0x170/0x3f0 [ 15.234905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.235001] kthread+0x328/0x630 [ 15.235051] ret_from_fork+0x10/0x20 [ 15.235096] [ 15.235114] Allocated by task 156: [ 15.235141] kasan_save_stack+0x3c/0x68 [ 15.235201] kasan_save_track+0x20/0x40 [ 15.235313] kasan_save_alloc_info+0x40/0x58 [ 15.235437] __kasan_krealloc+0x118/0x178 [ 15.235592] krealloc_noprof+0x128/0x360 [ 15.235710] krealloc_more_oob_helper+0x168/0x678 [ 15.235750] krealloc_more_oob+0x20/0x38 [ 15.235785] kunit_try_run_case+0x170/0x3f0 [ 15.235838] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.236128] kthread+0x328/0x630 [ 15.236229] ret_from_fork+0x10/0x20 [ 15.236349] [ 15.236443] The buggy address belongs to the object at fff00000c6144400 [ 15.236443] which belongs to the cache kmalloc-256 of size 256 [ 15.236579] The buggy address is located 5 bytes to the right of [ 15.236579] allocated 235-byte region [fff00000c6144400, fff00000c61444eb) [ 15.236749] [ 15.236798] The buggy address belongs to the physical page: [ 15.236861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144 [ 15.237019] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.237100] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.237150] page_type: f5(slab) [ 15.237186] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.237234] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.237281] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.237338] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.237395] head: 0bfffe0000000001 ffffc1ffc3185101 00000000ffffffff 00000000ffffffff [ 15.237451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.237500] page dumped because: kasan: bad access detected [ 15.237537] [ 15.237555] Memory state around the buggy address: [ 15.237584] fff00000c6144380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237626] fff00000c6144400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.237676] >fff00000c6144480: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.237712] ^ [ 15.237750] fff00000c6144500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237791] fff00000c6144580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237827] ================================================================== [ 15.280726] ================================================================== [ 15.280885] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.280973] Write of size 1 at addr fff00000c77560f0 by task kunit_try_catch/160 [ 15.281034] [ 15.281126] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.281230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.281256] Hardware name: linux,dummy-virt (DT) [ 15.281286] Call trace: [ 15.281306] show_stack+0x20/0x38 (C) [ 15.281353] dump_stack_lvl+0x8c/0xd0 [ 15.281397] print_report+0x118/0x5d0 [ 15.281445] kasan_report+0xdc/0x128 [ 15.281489] __asan_report_store1_noabort+0x20/0x30 [ 15.281719] krealloc_more_oob_helper+0x5c0/0x678 [ 15.281898] krealloc_large_more_oob+0x20/0x38 [ 15.282064] kunit_try_run_case+0x170/0x3f0 [ 15.282131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.282253] kthread+0x328/0x630 [ 15.282362] ret_from_fork+0x10/0x20 [ 15.282501] [ 15.282697] The buggy address belongs to the physical page: [ 15.282859] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107754 [ 15.282963] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.283059] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.283167] page_type: f8(unknown) [ 15.283271] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.283341] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.283400] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.283456] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.283503] head: 0bfffe0000000002 ffffc1ffc31dd501 00000000ffffffff 00000000ffffffff [ 15.283566] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.283605] page dumped because: kasan: bad access detected [ 15.283644] [ 15.283680] Memory state around the buggy address: [ 15.283711] fff00000c7755f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.283762] fff00000c7756000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.283803] >fff00000c7756080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.283854] ^ [ 15.283899] fff00000c7756100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.283939] fff00000c7756180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.283977] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.220452] ================================================================== [ 15.220507] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.220600] Read of size 1 at addr fff00000c7790000 by task kunit_try_catch/154 [ 15.222673] [ 15.222709] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.222791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.222818] Hardware name: linux,dummy-virt (DT) [ 15.222847] Call trace: [ 15.222869] show_stack+0x20/0x38 (C) [ 15.222916] dump_stack_lvl+0x8c/0xd0 [ 15.222960] print_report+0x118/0x5d0 [ 15.223013] kasan_report+0xdc/0x128 [ 15.223057] __asan_report_load1_noabort+0x20/0x30 [ 15.223106] page_alloc_uaf+0x328/0x350 [ 15.223149] kunit_try_run_case+0x170/0x3f0 [ 15.223207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.223258] kthread+0x328/0x630 [ 15.223299] ret_from_fork+0x10/0x20 [ 15.223344] [ 15.223363] The buggy address belongs to the physical page: [ 15.223392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107790 [ 15.223441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.223487] page_type: f0(buddy) [ 15.223524] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 15.223571] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 15.223610] page dumped because: kasan: bad access detected [ 15.223639] [ 15.223655] Memory state around the buggy address: [ 15.223695] fff00000c778ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.223735] fff00000c778ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.223776] >fff00000c7790000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.223812] ^ [ 15.223838] fff00000c7790080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.223878] fff00000c7790100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.223914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.209297] ================================================================== [ 15.209562] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.209682] Free of addr fff00000c7750001 by task kunit_try_catch/150 [ 15.209752] [ 15.209790] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.209889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.209916] Hardware name: linux,dummy-virt (DT) [ 15.209973] Call trace: [ 15.210002] show_stack+0x20/0x38 (C) [ 15.210065] dump_stack_lvl+0x8c/0xd0 [ 15.210110] print_report+0x118/0x5d0 [ 15.210155] kasan_report_invalid_free+0xc0/0xe8 [ 15.210202] __kasan_kfree_large+0x5c/0xa8 [ 15.210247] free_large_kmalloc+0x64/0x190 [ 15.210291] kfree+0x270/0x3c8 [ 15.210346] kmalloc_large_invalid_free+0x108/0x270 [ 15.210525] kunit_try_run_case+0x170/0x3f0 [ 15.210579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.210629] kthread+0x328/0x630 [ 15.210706] ret_from_fork+0x10/0x20 [ 15.210753] [ 15.210779] The buggy address belongs to the physical page: [ 15.210810] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.210860] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.210914] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.211017] page_type: f8(unknown) [ 15.211084] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.211131] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.211301] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.211441] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.211491] head: 0bfffe0000000002 ffffc1ffc31dd401 00000000ffffffff 00000000ffffffff [ 15.211560] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.211752] page dumped because: kasan: bad access detected [ 15.211837] [ 15.211855] Memory state around the buggy address: [ 15.211887] fff00000c774ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211928] fff00000c774ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211984] >fff00000c7750000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.212020] ^ [ 15.212047] fff00000c7750080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.212096] fff00000c7750100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.212162] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.198577] ================================================================== [ 15.198642] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.198710] Read of size 1 at addr fff00000c7750000 by task kunit_try_catch/148 [ 15.198759] [ 15.198879] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.198994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.199143] Hardware name: linux,dummy-virt (DT) [ 15.199202] Call trace: [ 15.199297] show_stack+0x20/0x38 (C) [ 15.199393] dump_stack_lvl+0x8c/0xd0 [ 15.199454] print_report+0x118/0x5d0 [ 15.199525] kasan_report+0xdc/0x128 [ 15.199581] __asan_report_load1_noabort+0x20/0x30 [ 15.199629] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.199683] kunit_try_run_case+0x170/0x3f0 [ 15.199728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.199777] kthread+0x328/0x630 [ 15.199943] ret_from_fork+0x10/0x20 [ 15.199993] [ 15.200014] The buggy address belongs to the physical page: [ 15.200112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.200266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.200388] raw: 0bfffe0000000000 ffffc1ffc31dd508 fff00000da457c40 0000000000000000 [ 15.200469] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.200613] page dumped because: kasan: bad access detected [ 15.200723] [ 15.200838] Memory state around the buggy address: [ 15.200926] fff00000c774ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201104] fff00000c774ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201165] >fff00000c7750000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.201230] ^ [ 15.201558] fff00000c7750080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.201688] fff00000c7750100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.201989] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.190357] ================================================================== [ 15.190443] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.190530] Write of size 1 at addr fff00000c775200a by task kunit_try_catch/146 [ 15.190579] [ 15.190626] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.190746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.190773] Hardware name: linux,dummy-virt (DT) [ 15.190803] Call trace: [ 15.190852] show_stack+0x20/0x38 (C) [ 15.190900] dump_stack_lvl+0x8c/0xd0 [ 15.190944] print_report+0x118/0x5d0 [ 15.190989] kasan_report+0xdc/0x128 [ 15.191077] __asan_report_store1_noabort+0x20/0x30 [ 15.191127] kmalloc_large_oob_right+0x278/0x2b8 [ 15.191172] kunit_try_run_case+0x170/0x3f0 [ 15.191216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.191265] kthread+0x328/0x630 [ 15.191305] ret_from_fork+0x10/0x20 [ 15.191490] [ 15.191529] The buggy address belongs to the physical page: [ 15.191605] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107750 [ 15.191691] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.191758] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.191842] page_type: f8(unknown) [ 15.191959] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.192085] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.192173] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.192222] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.192572] head: 0bfffe0000000002 ffffc1ffc31dd401 00000000ffffffff 00000000ffffffff [ 15.192874] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.192920] page dumped because: kasan: bad access detected [ 15.192951] [ 15.193034] Memory state around the buggy address: [ 15.193104] fff00000c7751f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.193157] fff00000c7751f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.193245] >fff00000c7752000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.193364] ^ [ 15.193461] fff00000c7752080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.193613] fff00000c7752100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.193907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.181496] ================================================================== [ 15.181555] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.181603] Write of size 1 at addr fff00000c7749f00 by task kunit_try_catch/144 [ 15.181650] [ 15.181696] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.181774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.181799] Hardware name: linux,dummy-virt (DT) [ 15.181846] Call trace: [ 15.181869] show_stack+0x20/0x38 (C) [ 15.181915] dump_stack_lvl+0x8c/0xd0 [ 15.181959] print_report+0x118/0x5d0 [ 15.182003] kasan_report+0xdc/0x128 [ 15.182062] __asan_report_store1_noabort+0x20/0x30 [ 15.182124] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.182170] kunit_try_run_case+0x170/0x3f0 [ 15.182215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.182275] kthread+0x328/0x630 [ 15.182316] ret_from_fork+0x10/0x20 [ 15.182361] [ 15.182401] Allocated by task 144: [ 15.182429] kasan_save_stack+0x3c/0x68 [ 15.182468] kasan_save_track+0x20/0x40 [ 15.182511] kasan_save_alloc_info+0x40/0x58 [ 15.182550] __kasan_kmalloc+0xd4/0xd8 [ 15.182594] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.182634] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.182679] kunit_try_run_case+0x170/0x3f0 [ 15.182715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.182756] kthread+0x328/0x630 [ 15.182787] ret_from_fork+0x10/0x20 [ 15.182821] [ 15.182839] The buggy address belongs to the object at fff00000c7748000 [ 15.182839] which belongs to the cache kmalloc-8k of size 8192 [ 15.182894] The buggy address is located 0 bytes to the right of [ 15.182894] allocated 7936-byte region [fff00000c7748000, fff00000c7749f00) [ 15.183125] [ 15.183176] The buggy address belongs to the physical page: [ 15.183208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107748 [ 15.183261] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.183306] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.183357] page_type: f5(slab) [ 15.183395] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.183443] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.183759] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.183854] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.183903] head: 0bfffe0000000003 ffffc1ffc31dd201 00000000ffffffff 00000000ffffffff [ 15.183952] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.183991] page dumped because: kasan: bad access detected [ 15.184076] [ 15.184171] Memory state around the buggy address: [ 15.184211] fff00000c7749e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.184296] fff00000c7749e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.184357] >fff00000c7749f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184448] ^ [ 15.184517] fff00000c7749f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184661] fff00000c774a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184730] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.162525] ================================================================== [ 15.162594] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.162675] Write of size 1 at addr fff00000c3fc2878 by task kunit_try_catch/142 [ 15.162726] [ 15.162756] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.162833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163029] Hardware name: linux,dummy-virt (DT) [ 15.163130] Call trace: [ 15.163321] show_stack+0x20/0x38 (C) [ 15.163401] dump_stack_lvl+0x8c/0xd0 [ 15.163509] print_report+0x118/0x5d0 [ 15.163554] kasan_report+0xdc/0x128 [ 15.163597] __asan_report_store1_noabort+0x20/0x30 [ 15.163646] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.163706] kunit_try_run_case+0x170/0x3f0 [ 15.163751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.163801] kthread+0x328/0x630 [ 15.163842] ret_from_fork+0x10/0x20 [ 15.163887] [ 15.163905] Allocated by task 142: [ 15.163932] kasan_save_stack+0x3c/0x68 [ 15.163971] kasan_save_track+0x20/0x40 [ 15.164006] kasan_save_alloc_info+0x40/0x58 [ 15.164044] __kasan_kmalloc+0xd4/0xd8 [ 15.164222] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.164360] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.164538] kunit_try_run_case+0x170/0x3f0 [ 15.164643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.164695] kthread+0x328/0x630 [ 15.164997] ret_from_fork+0x10/0x20 [ 15.165087] [ 15.165157] The buggy address belongs to the object at fff00000c3fc2800 [ 15.165157] which belongs to the cache kmalloc-128 of size 128 [ 15.165271] The buggy address is located 0 bytes to the right of [ 15.165271] allocated 120-byte region [fff00000c3fc2800, fff00000c3fc2878) [ 15.165351] [ 15.165390] The buggy address belongs to the physical page: [ 15.165439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.165772] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.165849] page_type: f5(slab) [ 15.165927] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.166001] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.166080] page dumped because: kasan: bad access detected [ 15.166143] [ 15.166162] Memory state around the buggy address: [ 15.166192] fff00000c3fc2700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.166476] fff00000c3fc2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166539] >fff00000c3fc2800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.166631] ^ [ 15.166716] fff00000c3fc2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166762] fff00000c3fc2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.166856] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.152866] ================================================================== [ 15.152927] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.152978] Read of size 1 at addr fff00000c6465000 by task kunit_try_catch/140 [ 15.153026] [ 15.153055] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.153134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.153160] Hardware name: linux,dummy-virt (DT) [ 15.153190] Call trace: [ 15.153210] show_stack+0x20/0x38 (C) [ 15.153286] dump_stack_lvl+0x8c/0xd0 [ 15.153332] print_report+0x118/0x5d0 [ 15.153376] kasan_report+0xdc/0x128 [ 15.153426] __asan_report_load1_noabort+0x20/0x30 [ 15.153475] kmalloc_node_oob_right+0x2f4/0x330 [ 15.153530] kunit_try_run_case+0x170/0x3f0 [ 15.153576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.153641] kthread+0x328/0x630 [ 15.153706] ret_from_fork+0x10/0x20 [ 15.153753] [ 15.153772] Allocated by task 140: [ 15.153798] kasan_save_stack+0x3c/0x68 [ 15.153836] kasan_save_track+0x20/0x40 [ 15.153874] kasan_save_alloc_info+0x40/0x58 [ 15.153913] __kasan_kmalloc+0xd4/0xd8 [ 15.153949] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.153999] kmalloc_node_oob_right+0xbc/0x330 [ 15.154036] kunit_try_run_case+0x170/0x3f0 [ 15.154081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.154122] kthread+0x328/0x630 [ 15.154152] ret_from_fork+0x10/0x20 [ 15.154186] [ 15.154205] The buggy address belongs to the object at fff00000c6464000 [ 15.154205] which belongs to the cache kmalloc-4k of size 4096 [ 15.154260] The buggy address is located 0 bytes to the right of [ 15.154260] allocated 4096-byte region [fff00000c6464000, fff00000c6465000) [ 15.154321] [ 15.154339] The buggy address belongs to the physical page: [ 15.154407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106460 [ 15.154569] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.154616] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.154687] page_type: f5(slab) [ 15.154724] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.154772] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.155749] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.155836] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.155953] head: 0bfffe0000000003 ffffc1ffc3191801 00000000ffffffff 00000000ffffffff [ 15.156058] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.156528] page dumped because: kasan: bad access detected [ 15.156628] [ 15.156742] Memory state around the buggy address: [ 15.156811] fff00000c6464f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.156855] fff00000c6464f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.156897] >fff00000c6465000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.156933] ^ [ 15.156960] fff00000c6465080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157000] fff00000c6465100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.142158] ================================================================== [ 15.142245] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.142302] Read of size 1 at addr fff00000c3fc613f by task kunit_try_catch/138 [ 15.142351] [ 15.142382] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.142478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142505] Hardware name: linux,dummy-virt (DT) [ 15.142628] Call trace: [ 15.142657] show_stack+0x20/0x38 (C) [ 15.142717] dump_stack_lvl+0x8c/0xd0 [ 15.142771] print_report+0x118/0x5d0 [ 15.142817] kasan_report+0xdc/0x128 [ 15.142862] __asan_report_load1_noabort+0x20/0x30 [ 15.142911] kmalloc_oob_left+0x2ec/0x320 [ 15.142954] kunit_try_run_case+0x170/0x3f0 [ 15.143029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.143082] kthread+0x328/0x630 [ 15.143122] ret_from_fork+0x10/0x20 [ 15.143169] [ 15.143186] Allocated by task 26: [ 15.143371] kasan_save_stack+0x3c/0x68 [ 15.143488] kasan_save_track+0x20/0x40 [ 15.143525] kasan_save_alloc_info+0x40/0x58 [ 15.143640] __kasan_kmalloc+0xd4/0xd8 [ 15.143770] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.143814] kstrdup+0x54/0xc8 [ 15.143870] devtmpfs_work_loop+0x6f8/0xa58 [ 15.143910] devtmpfsd+0x50/0x58 [ 15.143943] kthread+0x328/0x630 [ 15.143973] ret_from_fork+0x10/0x20 [ 15.144007] [ 15.144040] Freed by task 26: [ 15.144076] kasan_save_stack+0x3c/0x68 [ 15.144112] kasan_save_track+0x20/0x40 [ 15.144147] kasan_save_free_info+0x4c/0x78 [ 15.144188] __kasan_slab_free+0x6c/0x98 [ 15.144225] kfree+0x214/0x3c8 [ 15.144260] devtmpfs_work_loop+0x804/0xa58 [ 15.144573] devtmpfsd+0x50/0x58 [ 15.144611] kthread+0x328/0x630 [ 15.144744] ret_from_fork+0x10/0x20 [ 15.144803] [ 15.144909] The buggy address belongs to the object at fff00000c3fc6120 [ 15.144909] which belongs to the cache kmalloc-16 of size 16 [ 15.145020] The buggy address is located 15 bytes to the right of [ 15.145020] allocated 16-byte region [fff00000c3fc6120, fff00000c3fc6130) [ 15.145177] [ 15.145216] The buggy address belongs to the physical page: [ 15.145264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 15.145323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.145387] page_type: f5(slab) [ 15.145425] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.145508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.145548] page dumped because: kasan: bad access detected [ 15.145577] [ 15.145594] Memory state around the buggy address: [ 15.145625] fff00000c3fc6000: 00 05 fc fc 00 00 fc fc 00 06 fc fc 00 06 fc fc [ 15.145676] fff00000c3fc6080: 00 00 fc fc 00 02 fc fc 00 02 fc fc 00 06 fc fc [ 15.145854] >fff00000c3fc6100: 00 06 fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 15.145897] ^ [ 15.146066] fff00000c3fc6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146269] fff00000c3fc6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146412] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.119678] ================================================================== [ 15.119726] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 15.119775] Write of size 1 at addr fff00000c3fc2778 by task kunit_try_catch/136 [ 15.119865] [ 15.119897] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.119975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.120001] Hardware name: linux,dummy-virt (DT) [ 15.120030] Call trace: [ 15.120051] show_stack+0x20/0x38 (C) [ 15.120097] dump_stack_lvl+0x8c/0xd0 [ 15.120142] print_report+0x118/0x5d0 [ 15.120186] kasan_report+0xdc/0x128 [ 15.120230] __asan_report_store1_noabort+0x20/0x30 [ 15.120314] kmalloc_oob_right+0x538/0x660 [ 15.120362] kunit_try_run_case+0x170/0x3f0 [ 15.120427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.120623] kthread+0x328/0x630 [ 15.120807] ret_from_fork+0x10/0x20 [ 15.120886] [ 15.121065] Allocated by task 136: [ 15.121099] kasan_save_stack+0x3c/0x68 [ 15.121176] kasan_save_track+0x20/0x40 [ 15.121263] kasan_save_alloc_info+0x40/0x58 [ 15.121305] __kasan_kmalloc+0xd4/0xd8 [ 15.121340] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.121377] kmalloc_oob_right+0xb0/0x660 [ 15.121643] kunit_try_run_case+0x170/0x3f0 [ 15.121715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.121758] kthread+0x328/0x630 [ 15.121790] ret_from_fork+0x10/0x20 [ 15.121825] [ 15.121902] The buggy address belongs to the object at fff00000c3fc2700 [ 15.121902] which belongs to the cache kmalloc-128 of size 128 [ 15.122000] The buggy address is located 5 bytes to the right of [ 15.122000] allocated 115-byte region [fff00000c3fc2700, fff00000c3fc2773) [ 15.122142] [ 15.122211] The buggy address belongs to the physical page: [ 15.122304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.122359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.122406] page_type: f5(slab) [ 15.122459] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.122508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.122547] page dumped because: kasan: bad access detected [ 15.122576] [ 15.122593] Memory state around the buggy address: [ 15.122634] fff00000c3fc2600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.122687] fff00000c3fc2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122727] >fff00000c3fc2700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.122763] ^ [ 15.122802] fff00000c3fc2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122851] fff00000c3fc2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122888] ================================================================== [ 15.112116] ================================================================== [ 15.112455] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 15.113314] Write of size 1 at addr fff00000c3fc2773 by task kunit_try_catch/136 [ 15.113426] [ 15.114306] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 15.114480] Tainted: [N]=TEST [ 15.114515] Hardware name: linux,dummy-virt (DT) [ 15.114757] Call trace: [ 15.114938] show_stack+0x20/0x38 (C) [ 15.115193] dump_stack_lvl+0x8c/0xd0 [ 15.115267] print_report+0x118/0x5d0 [ 15.115314] kasan_report+0xdc/0x128 [ 15.115359] __asan_report_store1_noabort+0x20/0x30 [ 15.115410] kmalloc_oob_right+0x5a4/0x660 [ 15.115454] kunit_try_run_case+0x170/0x3f0 [ 15.115509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.115563] kthread+0x328/0x630 [ 15.115606] ret_from_fork+0x10/0x20 [ 15.115785] [ 15.115824] Allocated by task 136: [ 15.115942] kasan_save_stack+0x3c/0x68 [ 15.116009] kasan_save_track+0x20/0x40 [ 15.116046] kasan_save_alloc_info+0x40/0x58 [ 15.116085] __kasan_kmalloc+0xd4/0xd8 [ 15.116120] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.116159] kmalloc_oob_right+0xb0/0x660 [ 15.116194] kunit_try_run_case+0x170/0x3f0 [ 15.116229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.116271] kthread+0x328/0x630 [ 15.116302] ret_from_fork+0x10/0x20 [ 15.116353] [ 15.116418] The buggy address belongs to the object at fff00000c3fc2700 [ 15.116418] which belongs to the cache kmalloc-128 of size 128 [ 15.116512] The buggy address is located 0 bytes to the right of [ 15.116512] allocated 115-byte region [fff00000c3fc2700, fff00000c3fc2773) [ 15.116577] [ 15.116656] The buggy address belongs to the physical page: [ 15.116876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.117150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.117441] page_type: f5(slab) [ 15.117758] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.117822] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.117929] page dumped because: kasan: bad access detected [ 15.117969] [ 15.117994] Memory state around the buggy address: [ 15.118211] fff00000c3fc2600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.118275] fff00000c3fc2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118329] >fff00000c3fc2700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.118381] ^ [ 15.118462] fff00000c3fc2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118503] fff00000c3fc2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.118562] ================================================================== [ 15.124046] ================================================================== [ 15.124112] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.124159] Read of size 1 at addr fff00000c3fc2780 by task kunit_try_catch/136 [ 15.124305] [ 15.124339] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.124454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.124513] Hardware name: linux,dummy-virt (DT) [ 15.124544] Call trace: [ 15.124566] show_stack+0x20/0x38 (C) [ 15.124620] dump_stack_lvl+0x8c/0xd0 [ 15.124675] print_report+0x118/0x5d0 [ 15.124719] kasan_report+0xdc/0x128 [ 15.124764] __asan_report_load1_noabort+0x20/0x30 [ 15.125077] kmalloc_oob_right+0x5d0/0x660 [ 15.125378] kunit_try_run_case+0x170/0x3f0 [ 15.125451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.125571] kthread+0x328/0x630 [ 15.125634] ret_from_fork+0x10/0x20 [ 15.125846] [ 15.125987] Allocated by task 136: [ 15.126059] kasan_save_stack+0x3c/0x68 [ 15.126164] kasan_save_track+0x20/0x40 [ 15.126205] kasan_save_alloc_info+0x40/0x58 [ 15.126243] __kasan_kmalloc+0xd4/0xd8 [ 15.126278] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.126471] kmalloc_oob_right+0xb0/0x660 [ 15.126525] kunit_try_run_case+0x170/0x3f0 [ 15.126624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.126680] kthread+0x328/0x630 [ 15.126731] ret_from_fork+0x10/0x20 [ 15.126804] [ 15.126883] The buggy address belongs to the object at fff00000c3fc2700 [ 15.126883] which belongs to the cache kmalloc-128 of size 128 [ 15.126945] The buggy address is located 13 bytes to the right of [ 15.126945] allocated 115-byte region [fff00000c3fc2700, fff00000c3fc2773) [ 15.127339] [ 15.127421] The buggy address belongs to the physical page: [ 15.127544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc2 [ 15.127597] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.127644] page_type: f5(slab) [ 15.127875] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.127972] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.128247] page dumped because: kasan: bad access detected [ 15.128318] [ 15.128337] Memory state around the buggy address: [ 15.128367] fff00000c3fc2680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128679] fff00000c3fc2700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.128843] >fff00000c3fc2780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128997] ^ [ 15.129056] fff00000c3fc2800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.129240] fff00000c3fc2880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.129438] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 93.373970] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 93.377041] Modules linked in: [ 93.377270] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 93.377889] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 93.378608] Hardware name: linux,dummy-virt (DT) [ 93.378916] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.379608] pc : intlog10+0x38/0x48 [ 93.380057] lr : intlog10_test+0xe4/0x200 [ 93.380496] sp : ffff8000823c7c10 [ 93.380689] x29: ffff8000823c7c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.381123] x26: 1ffe000018b33cc1 x25: 0000000000000000 x24: ffff8000823c7ce0 [ 93.381755] x23: ffff8000823c7d00 x22: 0000000000000000 x21: 1ffff00010478f82 [ 93.382510] x20: ffff9f28a5c89e80 x19: ffff800080087990 x18: 00000000bbaa2166 [ 93.382883] x17: 00000000987951c8 x16: fff00000c097583c x15: fff00000ff616b08 [ 93.383923] x14: 00000000f1f1f1f1 x13: 1ffe00001b48ebcd x12: ffff73e515363379 [ 93.384811] x11: 1ffff3e515363378 x10: ffff73e515363378 x9 : ffff9f28a32359dc [ 93.385634] x8 : ffff9f28a9b19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.386483] x5 : ffff700010478f82 x4 : 1ffff00010010f3a x3 : 1ffff3e514b913d0 [ 93.387369] x2 : 1ffff3e514b913d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.388059] Call trace: [ 93.388210] intlog10+0x38/0x48 (P) [ 93.388409] kunit_try_run_case+0x170/0x3f0 [ 93.388614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.388871] kthread+0x328/0x630 [ 93.389386] ret_from_fork+0x10/0x20 [ 93.389637] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 93.321230] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 93.324710] Modules linked in: [ 93.325535] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 93.327476] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 93.328115] Hardware name: linux,dummy-virt (DT) [ 93.328650] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.329405] pc : intlog2+0xd8/0xf8 [ 93.329873] lr : intlog2_test+0xe4/0x200 [ 93.330360] sp : ffff800082337c10 [ 93.330807] x29: ffff800082337c90 x28: 0000000000000000 x27: 0000000000000000 [ 93.331780] x26: 1ffe00001972a9a1 x25: 0000000000000000 x24: ffff800082337ce0 [ 93.332740] x23: ffff800082337d00 x22: 0000000000000000 x21: 1ffff00010466f82 [ 93.333711] x20: ffff9f28a5c89d80 x19: ffff800080087990 x18: 00000000864ddc8d [ 93.334086] x17: 00000000e98d8a27 x16: fff00000c0975c3c x15: 0000000087ac4cb1 [ 93.334451] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff73e515363379 [ 93.334821] x11: 1ffff3e515363378 x10: ffff73e515363378 x9 : ffff9f28a3235bdc [ 93.335725] x8 : ffff9f28a9b19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 93.336697] x5 : ffff700010466f82 x4 : 1ffff00010010f3a x3 : 1ffff3e514b913b0 [ 93.337530] x2 : 1ffff3e514b913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 93.338347] Call trace: [ 93.338673] intlog2+0xd8/0xf8 (P) [ 93.339133] kunit_try_run_case+0x170/0x3f0 [ 93.339686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.340299] kthread+0x328/0x630 [ 93.340716] ret_from_fork+0x10/0x20 [ 93.341179] ---[ end trace 0000000000000000 ]---