Date
July 17, 2025, 11:10 a.m.
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.465222] ================================================================== [ 27.465370] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.465370] [ 27.465516] Invalid read at 0x00000000010e1037: [ 27.465609] test_invalid_access+0xdc/0x1f0 [ 27.465686] kunit_try_run_case+0x170/0x3f0 [ 27.465759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.465829] kthread+0x328/0x630 [ 27.465894] ret_from_fork+0x10/0x20 [ 27.465966] [ 27.466055] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.466166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.466222] Hardware name: linux,dummy-virt (DT) [ 27.466281] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 17.408507] ================================================================== [ 17.408590] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.408658] Read of size 1 at addr fff00000c786ab73 by task kunit_try_catch/222 [ 17.408708] [ 17.408749] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.408945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.408975] Hardware name: linux,dummy-virt (DT) [ 17.409021] Call trace: [ 17.409044] show_stack+0x20/0x38 (C) [ 17.409095] dump_stack_lvl+0x8c/0xd0 [ 17.409143] print_report+0x118/0x5d0 [ 17.409188] kasan_report+0xdc/0x128 [ 17.409232] __asan_report_load1_noabort+0x20/0x30 [ 17.409282] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.409330] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.409375] kunit_try_run_case+0x170/0x3f0 [ 17.409424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.409475] kthread+0x328/0x630 [ 17.409516] ret_from_fork+0x10/0x20 [ 17.409562] [ 17.409582] Allocated by task 222: [ 17.409610] kasan_save_stack+0x3c/0x68 [ 17.409649] kasan_save_track+0x20/0x40 [ 17.409689] kasan_save_alloc_info+0x40/0x58 [ 17.409730] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.409774] remove_element+0x130/0x1f8 [ 17.409814] mempool_alloc_preallocated+0x58/0xc0 [ 17.409855] mempool_oob_right_helper+0x98/0x2f0 [ 17.409897] mempool_kmalloc_oob_right+0xc4/0x120 [ 17.409937] kunit_try_run_case+0x170/0x3f0 [ 17.409974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.410028] kthread+0x328/0x630 [ 17.410059] ret_from_fork+0x10/0x20 [ 17.410096] [ 17.410116] The buggy address belongs to the object at fff00000c786ab00 [ 17.410116] which belongs to the cache kmalloc-128 of size 128 [ 17.410177] The buggy address is located 0 bytes to the right of [ 17.410177] allocated 115-byte region [fff00000c786ab00, fff00000c786ab73) [ 17.410242] [ 17.410262] The buggy address belongs to the physical page: [ 17.410297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 17.410353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.410406] page_type: f5(slab) [ 17.410446] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.410497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.410538] page dumped because: kasan: bad access detected [ 17.410569] [ 17.410587] Memory state around the buggy address: [ 17.410627] fff00000c786aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.410672] fff00000c786aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.410716] >fff00000c786ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.410756] ^ [ 17.410796] fff00000c786ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.410839] fff00000c786ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.410880] ================================================================== [ 17.461259] ================================================================== [ 17.461344] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.461408] Read of size 1 at addr fff00000c65ee2bb by task kunit_try_catch/226 [ 17.461461] [ 17.461496] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.461581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.461609] Hardware name: linux,dummy-virt (DT) [ 17.461641] Call trace: [ 17.461663] show_stack+0x20/0x38 (C) [ 17.461711] dump_stack_lvl+0x8c/0xd0 [ 17.461759] print_report+0x118/0x5d0 [ 17.461804] kasan_report+0xdc/0x128 [ 17.461851] __asan_report_load1_noabort+0x20/0x30 [ 17.461903] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.461951] mempool_slab_oob_right+0xc0/0x118 [ 17.462012] kunit_try_run_case+0x170/0x3f0 [ 17.462061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.462114] kthread+0x328/0x630 [ 17.462155] ret_from_fork+0x10/0x20 [ 17.462201] [ 17.462221] Allocated by task 226: [ 17.462249] kasan_save_stack+0x3c/0x68 [ 17.462291] kasan_save_track+0x20/0x40 [ 17.462327] kasan_save_alloc_info+0x40/0x58 [ 17.462370] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.462414] remove_element+0x16c/0x1f8 [ 17.462449] mempool_alloc_preallocated+0x58/0xc0 [ 17.462487] mempool_oob_right_helper+0x98/0x2f0 [ 17.462526] mempool_slab_oob_right+0xc0/0x118 [ 17.462566] kunit_try_run_case+0x170/0x3f0 [ 17.462908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.462956] kthread+0x328/0x630 [ 17.463001] ret_from_fork+0x10/0x20 [ 17.463041] [ 17.463061] The buggy address belongs to the object at fff00000c65ee240 [ 17.463061] which belongs to the cache test_cache of size 123 [ 17.463120] The buggy address is located 0 bytes to the right of [ 17.463120] allocated 123-byte region [fff00000c65ee240, fff00000c65ee2bb) [ 17.463187] [ 17.463207] The buggy address belongs to the physical page: [ 17.463241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 17.463297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.463347] page_type: f5(slab) [ 17.463387] raw: 0bfffe0000000000 fff00000c78a13c0 dead000000000122 0000000000000000 [ 17.463445] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.463486] page dumped because: kasan: bad access detected [ 17.463517] [ 17.463536] Memory state around the buggy address: [ 17.463569] fff00000c65ee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.463613] fff00000c65ee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 17.463656] >fff00000c65ee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 17.463697] ^ [ 17.463728] fff00000c65ee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.463771] fff00000c65ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.463810] ================================================================== [ 17.422605] ================================================================== [ 17.422664] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 17.422717] Read of size 1 at addr fff00000c7956001 by task kunit_try_catch/224 [ 17.422769] [ 17.422801] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.422885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.422913] Hardware name: linux,dummy-virt (DT) [ 17.422945] Call trace: [ 17.422997] show_stack+0x20/0x38 (C) [ 17.423047] dump_stack_lvl+0x8c/0xd0 [ 17.423134] print_report+0x118/0x5d0 [ 17.423380] kasan_report+0xdc/0x128 [ 17.423518] __asan_report_load1_noabort+0x20/0x30 [ 17.423792] mempool_oob_right_helper+0x2ac/0x2f0 [ 17.423910] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 17.424140] kunit_try_run_case+0x170/0x3f0 [ 17.424422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.424641] kthread+0x328/0x630 [ 17.424683] ret_from_fork+0x10/0x20 [ 17.424816] [ 17.424836] The buggy address belongs to the physical page: [ 17.424870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107954 [ 17.425060] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.425355] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.425508] page_type: f8(unknown) [ 17.425575] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.425799] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.425935] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.426019] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.426079] head: 0bfffe0000000002 ffffc1ffc31e5501 00000000ffffffff 00000000ffffffff [ 17.426129] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.426217] page dumped because: kasan: bad access detected [ 17.426388] [ 17.426405] Memory state around the buggy address: [ 17.426466] fff00000c7955f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.426535] fff00000c7955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.426577] >fff00000c7956000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.426616] ^ [ 17.426682] fff00000c7956080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.426799] fff00000c7956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.426900] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.065329] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.776173] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.781520] Modules linked in: [ 94.782674] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 94.783767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.784386] Hardware name: linux,dummy-virt (DT) [ 94.785155] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.786104] pc : kunit_test_null_dereference+0x70/0x170 [ 94.786865] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.787678] sp : ffff800082067d30 [ 94.787895] x29: ffff800082067d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.788331] x26: 1ffe000018de5a01 x25: 0000000000000000 x24: 0000000000000004 [ 94.788676] x23: fff00000c6f2d00c x22: ffffa84827223438 x21: fff00000ca21ea08 [ 94.789498] x20: 1ffff0001040cfa6 x19: ffff800080087990 x18: 000000008dbb5c3d [ 94.790284] x17: 0000000070cb3341 x16: fff00000c097583c x15: 000000007dcafd7a [ 94.791067] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a789 x12: fffd8000191588b4 [ 94.791817] x11: 1ffe0000191588b3 x10: fffd8000191588b3 x9 : ffffa8482721a8a0 [ 94.792646] x8 : ffff800082067c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.793535] x5 : ffff70001040cfa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.794306] x2 : dfff800000000000 x1 : fff00000c8ac3cc0 x0 : ffff800080087990 [ 94.795095] Call trace: [ 94.795379] kunit_test_null_dereference+0x70/0x170 (P) [ 94.795633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.795869] kthread+0x328/0x630 [ 94.796243] ret_from_fork+0x10/0x20 [ 94.796912] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.797870] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.121793] ================================================================== [ 50.121865] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.121865] [ 50.121951] Use-after-free read at 0x00000000bfc1735b (in kfence-#161): [ 50.122018] test_krealloc+0x51c/0x830 [ 50.122064] kunit_try_run_case+0x170/0x3f0 [ 50.122108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.122153] kthread+0x328/0x630 [ 50.122191] ret_from_fork+0x10/0x20 [ 50.122231] [ 50.122257] kfence-#161: 0x00000000bfc1735b-0x0000000088d2ca2e, size=32, cache=kmalloc-32 [ 50.122257] [ 50.122312] allocated by task 338 on cpu 1 at 50.121169s (0.001139s ago): [ 50.122380] test_alloc+0x29c/0x628 [ 50.122419] test_krealloc+0xc0/0x830 [ 50.122459] kunit_try_run_case+0x170/0x3f0 [ 50.122497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.122542] kthread+0x328/0x630 [ 50.122576] ret_from_fork+0x10/0x20 [ 50.122614] [ 50.122638] freed by task 338 on cpu 1 at 50.121391s (0.001242s ago): [ 50.122698] krealloc_noprof+0x148/0x360 [ 50.122739] test_krealloc+0x1dc/0x830 [ 50.122779] kunit_try_run_case+0x170/0x3f0 [ 50.122818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.122862] kthread+0x328/0x630 [ 50.122898] ret_from_fork+0x10/0x20 [ 50.122936] [ 50.122989] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.123067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.123097] Hardware name: linux,dummy-virt (DT) [ 50.123133] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.033209] ================================================================== [ 50.033310] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.033310] [ 50.033410] Use-after-free read at 0x00000000ab814a3b (in kfence-#160): [ 50.033465] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.033516] kunit_try_run_case+0x170/0x3f0 [ 50.033563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.033608] kthread+0x328/0x630 [ 50.033647] ret_from_fork+0x10/0x20 [ 50.033687] [ 50.033712] kfence-#160: 0x00000000ab814a3b-0x000000000435927d, size=32, cache=test [ 50.033712] [ 50.033766] allocated by task 336 on cpu 0 at 50.017236s (0.016526s ago): [ 50.033835] test_alloc+0x230/0x628 [ 50.033876] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.033919] kunit_try_run_case+0x170/0x3f0 [ 50.033960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.034019] kthread+0x328/0x630 [ 50.034053] ret_from_fork+0x10/0x20 [ 50.034090] [ 50.034113] freed by task 336 on cpu 0 at 50.017348s (0.016761s ago): [ 50.034170] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.034211] kunit_try_run_case+0x170/0x3f0 [ 50.034250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.034293] kthread+0x328/0x630 [ 50.034329] ret_from_fork+0x10/0x20 [ 50.034367] [ 50.034412] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.034490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.034519] Hardware name: linux,dummy-virt (DT) [ 50.034555] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.233601] ================================================================== [ 27.233691] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.233691] [ 27.233762] Corrupted memory at 0x000000006f48b804 [ ! . . . . . . . . . . . . . . . ] (in kfence-#156): [ 27.234092] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.234140] kunit_try_run_case+0x170/0x3f0 [ 27.234185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.234228] kthread+0x328/0x630 [ 27.234267] ret_from_fork+0x10/0x20 [ 27.234306] [ 27.234330] kfence-#156: 0x00000000a12b5b02-0x0000000090c030f6, size=73, cache=kmalloc-96 [ 27.234330] [ 27.234385] allocated by task 326 on cpu 1 at 27.233364s (0.001017s ago): [ 27.234449] test_alloc+0x29c/0x628 [ 27.234490] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.234534] kunit_try_run_case+0x170/0x3f0 [ 27.234572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.234616] kthread+0x328/0x630 [ 27.234651] ret_from_fork+0x10/0x20 [ 27.234690] [ 27.234713] freed by task 326 on cpu 1 at 27.233508s (0.001201s ago): [ 27.234775] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.234818] kunit_try_run_case+0x170/0x3f0 [ 27.234859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.234901] kthread+0x328/0x630 [ 27.234937] ret_from_fork+0x10/0x20 [ 27.234976] [ 27.235030] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.235108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.235137] Hardware name: linux,dummy-virt (DT) [ 27.235171] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.403542] ================================================================== [ 26.403615] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.403615] [ 26.403712] Out-of-bounds read at 0x00000000e49bff16 (105B right of kfence-#148): [ 26.403772] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.403822] kunit_try_run_case+0x170/0x3f0 [ 26.403867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.403912] kthread+0x328/0x630 [ 26.403951] ret_from_fork+0x10/0x20 [ 26.404005] [ 26.404029] kfence-#148: 0x000000000a7cd25c-0x00000000402a4096, size=73, cache=kmalloc-96 [ 26.404029] [ 26.404084] allocated by task 324 on cpu 1 at 26.403309s (0.000771s ago): [ 26.404153] test_alloc+0x29c/0x628 [ 26.404194] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.404238] kunit_try_run_case+0x170/0x3f0 [ 26.404279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.404322] kthread+0x328/0x630 [ 26.404358] ret_from_fork+0x10/0x20 [ 26.404397] [ 26.404443] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.404523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.404552] Hardware name: linux,dummy-virt (DT) [ 26.404585] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 20.993355] ================================================================== [ 20.993449] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 20.993449] [ 20.993510] Corrupted memory at 0x00000000b8e26a25 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 20.993821] test_corruption+0x120/0x378 [ 20.993867] kunit_try_run_case+0x170/0x3f0 [ 20.993911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.993955] kthread+0x328/0x630 [ 20.994011] ret_from_fork+0x10/0x20 [ 20.994052] [ 20.994075] kfence-#96: 0x00000000c7f67409-0x00000000e0888d1f, size=32, cache=test [ 20.994075] [ 20.994130] allocated by task 314 on cpu 1 at 20.993217s (0.000910s ago): [ 20.994193] test_alloc+0x230/0x628 [ 20.994231] test_corruption+0xdc/0x378 [ 20.994271] kunit_try_run_case+0x170/0x3f0 [ 20.994311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.994356] kthread+0x328/0x630 [ 20.994391] ret_from_fork+0x10/0x20 [ 20.994430] [ 20.994452] freed by task 314 on cpu 1 at 20.993273s (0.001176s ago): [ 20.994513] test_corruption+0x120/0x378 [ 20.994553] kunit_try_run_case+0x170/0x3f0 [ 20.994593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.994636] kthread+0x328/0x630 [ 20.994672] ret_from_fork+0x10/0x20 [ 20.994711] [ 20.994751] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.994829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.994857] Hardware name: linux,dummy-virt (DT) [ 20.994890] ================================================================== [ 20.681479] ================================================================== [ 20.681582] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 20.681582] [ 20.681651] Corrupted memory at 0x00000000e08cb698 [ ! . . . . . . . . . . . . . . . ] (in kfence-#93): [ 20.682774] test_corruption+0x278/0x378 [ 20.682829] kunit_try_run_case+0x170/0x3f0 [ 20.682874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.682919] kthread+0x328/0x630 [ 20.682958] ret_from_fork+0x10/0x20 [ 20.683012] [ 20.683035] kfence-#93: 0x00000000e3487f3e-0x00000000f68b7a63, size=32, cache=kmalloc-32 [ 20.683035] [ 20.683095] allocated by task 312 on cpu 1 at 20.681191s (0.001900s ago): [ 20.683157] test_alloc+0x29c/0x628 [ 20.683196] test_corruption+0xdc/0x378 [ 20.683236] kunit_try_run_case+0x170/0x3f0 [ 20.683277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.683321] kthread+0x328/0x630 [ 20.683358] ret_from_fork+0x10/0x20 [ 20.683397] [ 20.683424] freed by task 312 on cpu 1 at 20.681298s (0.002118s ago): [ 20.683485] test_corruption+0x278/0x378 [ 20.683525] kunit_try_run_case+0x170/0x3f0 [ 20.683565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.683608] kthread+0x328/0x630 [ 20.683643] ret_from_fork+0x10/0x20 [ 20.683682] [ 20.683730] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.683809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.683839] Hardware name: linux,dummy-virt (DT) [ 20.683874] ================================================================== [ 21.201373] ================================================================== [ 21.201461] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 21.201461] [ 21.201522] Corrupted memory at 0x00000000264e2664 [ ! ] (in kfence-#98): [ 21.201635] test_corruption+0x1d8/0x378 [ 21.201681] kunit_try_run_case+0x170/0x3f0 [ 21.201722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.201767] kthread+0x328/0x630 [ 21.201804] ret_from_fork+0x10/0x20 [ 21.201844] [ 21.201868] kfence-#98: 0x000000004e297e6b-0x000000008079bc46, size=32, cache=test [ 21.201868] [ 21.201924] allocated by task 314 on cpu 1 at 21.201235s (0.000685s ago): [ 21.202000] test_alloc+0x230/0x628 [ 21.202041] test_corruption+0x198/0x378 [ 21.202080] kunit_try_run_case+0x170/0x3f0 [ 21.202120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.202164] kthread+0x328/0x630 [ 21.202198] ret_from_fork+0x10/0x20 [ 21.202237] [ 21.202259] freed by task 314 on cpu 1 at 21.201292s (0.000964s ago): [ 21.202319] test_corruption+0x1d8/0x378 [ 21.202357] kunit_try_run_case+0x170/0x3f0 [ 21.202397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.202440] kthread+0x328/0x630 [ 21.202474] ret_from_fork+0x10/0x20 [ 21.202513] [ 21.202552] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.202627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.202657] Hardware name: linux,dummy-virt (DT) [ 21.202689] ================================================================== [ 20.785652] ================================================================== [ 20.785739] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 20.785739] [ 20.785801] Corrupted memory at 0x00000000b80f3303 [ ! ] (in kfence-#94): [ 20.785926] test_corruption+0x284/0x378 [ 20.785971] kunit_try_run_case+0x170/0x3f0 [ 20.786042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.786086] kthread+0x328/0x630 [ 20.786125] ret_from_fork+0x10/0x20 [ 20.786166] [ 20.786188] kfence-#94: 0x00000000936034cc-0x0000000076134f6d, size=32, cache=kmalloc-32 [ 20.786188] [ 20.786244] allocated by task 312 on cpu 1 at 20.785390s (0.000851s ago): [ 20.786305] test_alloc+0x29c/0x628 [ 20.786345] test_corruption+0x198/0x378 [ 20.786385] kunit_try_run_case+0x170/0x3f0 [ 20.786424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.786467] kthread+0x328/0x630 [ 20.786504] ret_from_fork+0x10/0x20 [ 20.786543] [ 20.786564] freed by task 312 on cpu 1 at 20.785490s (0.001071s ago): [ 20.786625] test_corruption+0x284/0x378 [ 20.786665] kunit_try_run_case+0x170/0x3f0 [ 20.786703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.786747] kthread+0x328/0x630 [ 20.786782] ret_from_fork+0x10/0x20 [ 20.786822] [ 20.786861] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.786936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.786968] Hardware name: linux,dummy-virt (DT) [ 20.787013] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.577442] ================================================================== [ 20.577540] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 20.577540] [ 20.577605] Invalid free of 0x000000006029dbe0 (in kfence-#92): [ 20.577662] test_invalid_addr_free+0xec/0x238 [ 20.577711] kunit_try_run_case+0x170/0x3f0 [ 20.577753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.577797] kthread+0x328/0x630 [ 20.577835] ret_from_fork+0x10/0x20 [ 20.577874] [ 20.577897] kfence-#92: 0x00000000e02b4599-0x00000000baccb227, size=32, cache=test [ 20.577897] [ 20.577951] allocated by task 310 on cpu 0 at 20.577218s (0.000730s ago): [ 20.578031] test_alloc+0x230/0x628 [ 20.578071] test_invalid_addr_free+0xd4/0x238 [ 20.578112] kunit_try_run_case+0x170/0x3f0 [ 20.578152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.578195] kthread+0x328/0x630 [ 20.578229] ret_from_fork+0x10/0x20 [ 20.578269] [ 20.578314] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.578395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.578424] Hardware name: linux,dummy-virt (DT) [ 20.578458] ================================================================== [ 20.473347] ================================================================== [ 20.473440] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 20.473440] [ 20.473506] Invalid free of 0x0000000018d2cd67 (in kfence-#91): [ 20.473560] test_invalid_addr_free+0x1ac/0x238 [ 20.473608] kunit_try_run_case+0x170/0x3f0 [ 20.473653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.473696] kthread+0x328/0x630 [ 20.473735] ret_from_fork+0x10/0x20 [ 20.473776] [ 20.473799] kfence-#91: 0x0000000042d58662-0x000000007123df67, size=32, cache=kmalloc-32 [ 20.473799] [ 20.473855] allocated by task 308 on cpu 0 at 20.473199s (0.000652s ago): [ 20.473919] test_alloc+0x29c/0x628 [ 20.473960] test_invalid_addr_free+0xd4/0x238 [ 20.474016] kunit_try_run_case+0x170/0x3f0 [ 20.474056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.474101] kthread+0x328/0x630 [ 20.474136] ret_from_fork+0x10/0x20 [ 20.474176] [ 20.474221] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.474302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.474331] Hardware name: linux,dummy-virt (DT) [ 20.474365] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.273043] ================================================================== [ 20.273816] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 20.273816] [ 20.273897] Invalid free of 0x0000000067369dbb (in kfence-#89): [ 20.273964] test_double_free+0x1bc/0x238 [ 20.274175] kunit_try_run_case+0x170/0x3f0 [ 20.274298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.274506] kthread+0x328/0x630 [ 20.274569] ret_from_fork+0x10/0x20 [ 20.274654] [ 20.274686] kfence-#89: 0x0000000067369dbb-0x00000000d947b994, size=32, cache=kmalloc-32 [ 20.274686] [ 20.274827] allocated by task 304 on cpu 0 at 20.269803s (0.005019s ago): [ 20.274913] test_alloc+0x29c/0x628 [ 20.274954] test_double_free+0xd4/0x238 [ 20.275057] kunit_try_run_case+0x170/0x3f0 [ 20.275111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.275194] kthread+0x328/0x630 [ 20.275333] ret_from_fork+0x10/0x20 [ 20.275388] [ 20.275411] freed by task 304 on cpu 0 at 20.269893s (0.005514s ago): [ 20.275574] test_double_free+0x1ac/0x238 [ 20.275742] kunit_try_run_case+0x170/0x3f0 [ 20.275828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.275874] kthread+0x328/0x630 [ 20.275915] ret_from_fork+0x10/0x20 [ 20.276022] [ 20.276069] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.276205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.276248] Hardware name: linux,dummy-virt (DT) [ 20.276869] ================================================================== [ 20.369349] ================================================================== [ 20.369439] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 20.369439] [ 20.369498] Invalid free of 0x00000000854702bd (in kfence-#90): [ 20.369554] test_double_free+0x100/0x238 [ 20.369600] kunit_try_run_case+0x170/0x3f0 [ 20.369643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.369689] kthread+0x328/0x630 [ 20.369727] ret_from_fork+0x10/0x20 [ 20.369768] [ 20.369792] kfence-#90: 0x00000000854702bd-0x00000000c65e1bc7, size=32, cache=test [ 20.369792] [ 20.369844] allocated by task 306 on cpu 0 at 20.369155s (0.000685s ago): [ 20.369905] test_alloc+0x230/0x628 [ 20.369944] test_double_free+0xd4/0x238 [ 20.370001] kunit_try_run_case+0x170/0x3f0 [ 20.370042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.370085] kthread+0x328/0x630 [ 20.370121] ret_from_fork+0x10/0x20 [ 20.370159] [ 20.370181] freed by task 306 on cpu 0 at 20.369214s (0.000964s ago): [ 20.370245] test_double_free+0xf0/0x238 [ 20.370284] kunit_try_run_case+0x170/0x3f0 [ 20.370324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.370366] kthread+0x328/0x630 [ 20.370402] ret_from_fork+0x10/0x20 [ 20.370442] [ 20.370485] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.370564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.370594] Hardware name: linux,dummy-virt (DT) [ 20.370625] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.944237] ================================================================== [ 19.944570] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.944570] [ 19.944703] Use-after-free read at 0x00000000f821d117 (in kfence-#86): [ 19.944760] test_use_after_free_read+0x114/0x248 [ 19.945073] kunit_try_run_case+0x170/0x3f0 [ 19.945233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.945593] kthread+0x328/0x630 [ 19.945649] ret_from_fork+0x10/0x20 [ 19.945778] [ 19.945888] kfence-#86: 0x00000000f821d117-0x0000000041b7e6e8, size=32, cache=test [ 19.945888] [ 19.946097] allocated by task 298 on cpu 0 at 19.943689s (0.002382s ago): [ 19.946538] test_alloc+0x230/0x628 [ 19.946686] test_use_after_free_read+0xd0/0x248 [ 19.946910] kunit_try_run_case+0x170/0x3f0 [ 19.947125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.947261] kthread+0x328/0x630 [ 19.947342] ret_from_fork+0x10/0x20 [ 19.947615] [ 19.947817] freed by task 298 on cpu 0 at 19.943776s (0.003999s ago): [ 19.948064] test_use_after_free_read+0xf0/0x248 [ 19.948308] kunit_try_run_case+0x170/0x3f0 [ 19.948487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.948613] kthread+0x328/0x630 [ 19.948681] ret_from_fork+0x10/0x20 [ 19.948923] [ 19.948992] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.949223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.949255] Hardware name: linux,dummy-virt (DT) [ 19.949318] ================================================================== [ 19.834316] ================================================================== [ 19.834698] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 19.834698] [ 19.834806] Use-after-free read at 0x0000000078a12d3d (in kfence-#85): [ 19.834861] test_use_after_free_read+0x114/0x248 [ 19.834908] kunit_try_run_case+0x170/0x3f0 [ 19.834953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.835007] kthread+0x328/0x630 [ 19.835043] ret_from_fork+0x10/0x20 [ 19.835085] [ 19.835108] kfence-#85: 0x0000000078a12d3d-0x00000000ddb1bee2, size=32, cache=kmalloc-32 [ 19.835108] [ 19.835181] allocated by task 296 on cpu 0 at 19.833787s (0.001389s ago): [ 19.835251] test_alloc+0x29c/0x628 [ 19.835298] test_use_after_free_read+0xd0/0x248 [ 19.835350] kunit_try_run_case+0x170/0x3f0 [ 19.835389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.835438] kthread+0x328/0x630 [ 19.835474] ret_from_fork+0x10/0x20 [ 19.835521] [ 19.835680] freed by task 296 on cpu 0 at 19.834024s (0.001544s ago): [ 19.835798] test_use_after_free_read+0x1c0/0x248 [ 19.835857] kunit_try_run_case+0x170/0x3f0 [ 19.835897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.835940] kthread+0x328/0x630 [ 19.835974] ret_from_fork+0x10/0x20 [ 19.836928] [ 19.837117] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.837305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.837391] Hardware name: linux,dummy-virt (DT) [ 19.837458] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.617780] ================================================================== [ 19.617889] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.617889] [ 19.617993] Out-of-bounds write at 0x0000000088d432cf (1B left of kfence-#83): [ 19.618061] test_out_of_bounds_write+0x100/0x240 [ 19.618151] kunit_try_run_case+0x170/0x3f0 [ 19.618215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.618257] kthread+0x328/0x630 [ 19.618307] ret_from_fork+0x10/0x20 [ 19.618440] [ 19.618464] kfence-#83: 0x000000000f4fa978-0x000000000413b087, size=32, cache=kmalloc-32 [ 19.618464] [ 19.618517] allocated by task 292 on cpu 0 at 19.617317s (0.001196s ago): [ 19.618597] test_alloc+0x29c/0x628 [ 19.618638] test_out_of_bounds_write+0xc8/0x240 [ 19.618690] kunit_try_run_case+0x170/0x3f0 [ 19.618789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.619003] kthread+0x328/0x630 [ 19.619108] ret_from_fork+0x10/0x20 [ 19.619193] [ 19.619263] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.619344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.619373] Hardware name: linux,dummy-virt (DT) [ 19.619405] ================================================================== [ 19.725353] ================================================================== [ 19.725481] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 19.725481] [ 19.725567] Out-of-bounds write at 0x00000000288a318b (1B left of kfence-#84): [ 19.725634] test_out_of_bounds_write+0x100/0x240 [ 19.725801] kunit_try_run_case+0x170/0x3f0 [ 19.726284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726342] kthread+0x328/0x630 [ 19.726381] ret_from_fork+0x10/0x20 [ 19.726422] [ 19.726446] kfence-#84: 0x00000000ab49958e-0x00000000e09b4625, size=32, cache=test [ 19.726446] [ 19.726557] allocated by task 294 on cpu 0 at 19.725275s (0.001278s ago): [ 19.726642] test_alloc+0x230/0x628 [ 19.726683] test_out_of_bounds_write+0xc8/0x240 [ 19.726725] kunit_try_run_case+0x170/0x3f0 [ 19.726807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726853] kthread+0x328/0x630 [ 19.726940] ret_from_fork+0x10/0x20 [ 19.727186] [ 19.728391] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.728511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.728543] Hardware name: linux,dummy-virt (DT) [ 19.728577] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.662454] ================================================================== [ 18.662572] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 18.662572] [ 18.662920] Out-of-bounds read at 0x00000000d25888ee (1B left of kfence-#74): [ 18.663179] test_out_of_bounds_read+0x114/0x3e0 [ 18.663237] kunit_try_run_case+0x170/0x3f0 [ 18.663279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.663637] kthread+0x328/0x630 [ 18.663698] ret_from_fork+0x10/0x20 [ 18.663777] [ 18.664193] kfence-#74: 0x000000002ec22540-0x00000000920adaff, size=32, cache=kmalloc-32 [ 18.664193] [ 18.664481] allocated by task 288 on cpu 0 at 18.661539s (0.002822s ago): [ 18.664846] test_alloc+0x29c/0x628 [ 18.665157] test_out_of_bounds_read+0xdc/0x3e0 [ 18.665214] kunit_try_run_case+0x170/0x3f0 [ 18.665256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.665299] kthread+0x328/0x630 [ 18.665352] ret_from_fork+0x10/0x20 [ 18.665497] [ 18.665606] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.665712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.665763] Hardware name: linux,dummy-virt (DT) [ 18.665800] ================================================================== [ 19.406678] ================================================================== [ 19.406762] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 19.406762] [ 19.407177] Out-of-bounds read at 0x000000007a2e544b (32B right of kfence-#81): [ 19.407300] test_out_of_bounds_read+0x1c8/0x3e0 [ 19.407355] kunit_try_run_case+0x170/0x3f0 [ 19.407396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407445] kthread+0x328/0x630 [ 19.407483] ret_from_fork+0x10/0x20 [ 19.407523] [ 19.407546] kfence-#81: 0x000000009895f2b7-0x00000000f92dd4a1, size=32, cache=test [ 19.407546] [ 19.407610] allocated by task 290 on cpu 0 at 19.406475s (0.001119s ago): [ 19.407687] test_alloc+0x230/0x628 [ 19.407728] test_out_of_bounds_read+0x198/0x3e0 [ 19.407769] kunit_try_run_case+0x170/0x3f0 [ 19.407809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407853] kthread+0x328/0x630 [ 19.407886] ret_from_fork+0x10/0x20 [ 19.407934] [ 19.407976] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.408078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.408115] Hardware name: linux,dummy-virt (DT) [ 19.408159] ================================================================== [ 19.085424] ================================================================== [ 19.085519] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 19.085519] [ 19.085627] Out-of-bounds read at 0x000000004b02ba50 (1B left of kfence-#78): [ 19.085698] test_out_of_bounds_read+0x114/0x3e0 [ 19.085746] kunit_try_run_case+0x170/0x3f0 [ 19.085898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.085944] kthread+0x328/0x630 [ 19.085992] ret_from_fork+0x10/0x20 [ 19.086032] [ 19.086057] kfence-#78: 0x000000004d77d873-0x0000000083690ddf, size=32, cache=test [ 19.086057] [ 19.086108] allocated by task 290 on cpu 0 at 19.085326s (0.000778s ago): [ 19.086243] test_alloc+0x230/0x628 [ 19.086287] test_out_of_bounds_read+0xdc/0x3e0 [ 19.086330] kunit_try_run_case+0x170/0x3f0 [ 19.086368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.086411] kthread+0x328/0x630 [ 19.086459] ret_from_fork+0x10/0x20 [ 19.086499] [ 19.086543] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.086622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.086664] Hardware name: linux,dummy-virt (DT) [ 19.086696] ================================================================== [ 18.770127] ================================================================== [ 18.770216] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 18.770216] [ 18.770314] Out-of-bounds read at 0x0000000043747d26 (32B right of kfence-#75): [ 18.770396] test_out_of_bounds_read+0x1c8/0x3e0 [ 18.770454] kunit_try_run_case+0x170/0x3f0 [ 18.770522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770597] kthread+0x328/0x630 [ 18.770637] ret_from_fork+0x10/0x20 [ 18.770715] [ 18.770765] kfence-#75: 0x000000002c13c51c-0x00000000e2d90295, size=32, cache=kmalloc-32 [ 18.770765] [ 18.770827] allocated by task 288 on cpu 0 at 18.769646s (0.001170s ago): [ 18.770897] test_alloc+0x29c/0x628 [ 18.771090] test_out_of_bounds_read+0x198/0x3e0 [ 18.771231] kunit_try_run_case+0x170/0x3f0 [ 18.771282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.771347] kthread+0x328/0x630 [ 18.771384] ret_from_fork+0x10/0x20 [ 18.771428] [ 18.771473] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.771555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.771584] Hardware name: linux,dummy-virt (DT) [ 18.771617] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.589351] ================================================================== [ 18.589413] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 18.589473] Write of size 1 at addr fff00000c65eec78 by task kunit_try_catch/286 [ 18.589695] [ 18.589808] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.590002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.590033] Hardware name: linux,dummy-virt (DT) [ 18.590065] Call trace: [ 18.590088] show_stack+0x20/0x38 (C) [ 18.590140] dump_stack_lvl+0x8c/0xd0 [ 18.590283] print_report+0x118/0x5d0 [ 18.590336] kasan_report+0xdc/0x128 [ 18.590383] __asan_report_store1_noabort+0x20/0x30 [ 18.590601] strncpy_from_user+0x270/0x2a0 [ 18.590653] copy_user_test_oob+0x5c0/0xec8 [ 18.590704] kunit_try_run_case+0x170/0x3f0 [ 18.590750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.590807] kthread+0x328/0x630 [ 18.590849] ret_from_fork+0x10/0x20 [ 18.590898] [ 18.590918] Allocated by task 286: [ 18.590955] kasan_save_stack+0x3c/0x68 [ 18.591162] kasan_save_track+0x20/0x40 [ 18.591204] kasan_save_alloc_info+0x40/0x58 [ 18.591321] __kasan_kmalloc+0xd4/0xd8 [ 18.591535] __kmalloc_noprof+0x198/0x4c8 [ 18.591744] kunit_kmalloc_array+0x34/0x88 [ 18.591969] copy_user_test_oob+0xac/0xec8 [ 18.592030] kunit_try_run_case+0x170/0x3f0 [ 18.592071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.592119] kthread+0x328/0x630 [ 18.592152] ret_from_fork+0x10/0x20 [ 18.592424] [ 18.592448] The buggy address belongs to the object at fff00000c65eec00 [ 18.592448] which belongs to the cache kmalloc-128 of size 128 [ 18.592697] The buggy address is located 0 bytes to the right of [ 18.592697] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.592969] [ 18.593003] The buggy address belongs to the physical page: [ 18.593040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.593383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.593442] page_type: f5(slab) [ 18.593534] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.593642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.593724] page dumped because: kasan: bad access detected [ 18.593759] [ 18.593779] Memory state around the buggy address: [ 18.593869] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.593929] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.593975] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.594026] ^ [ 18.594071] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.594116] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.594158] ================================================================== [ 18.582716] ================================================================== [ 18.582766] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 18.582819] Write of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.583050] [ 18.583191] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.583278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.583326] Hardware name: linux,dummy-virt (DT) [ 18.583357] Call trace: [ 18.583379] show_stack+0x20/0x38 (C) [ 18.583433] dump_stack_lvl+0x8c/0xd0 [ 18.583480] print_report+0x118/0x5d0 [ 18.583533] kasan_report+0xdc/0x128 [ 18.584038] kasan_check_range+0x100/0x1a8 [ 18.584597] __kasan_check_write+0x20/0x30 [ 18.584857] strncpy_from_user+0x3c/0x2a0 [ 18.584911] copy_user_test_oob+0x5c0/0xec8 [ 18.584959] kunit_try_run_case+0x170/0x3f0 [ 18.585020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.585075] kthread+0x328/0x630 [ 18.585120] ret_from_fork+0x10/0x20 [ 18.585169] [ 18.585188] Allocated by task 286: [ 18.585357] kasan_save_stack+0x3c/0x68 [ 18.585442] kasan_save_track+0x20/0x40 [ 18.585513] kasan_save_alloc_info+0x40/0x58 [ 18.585571] __kasan_kmalloc+0xd4/0xd8 [ 18.585609] __kmalloc_noprof+0x198/0x4c8 [ 18.585707] kunit_kmalloc_array+0x34/0x88 [ 18.585790] copy_user_test_oob+0xac/0xec8 [ 18.585830] kunit_try_run_case+0x170/0x3f0 [ 18.585869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.585916] kthread+0x328/0x630 [ 18.585963] ret_from_fork+0x10/0x20 [ 18.586099] [ 18.586384] The buggy address belongs to the object at fff00000c65eec00 [ 18.586384] which belongs to the cache kmalloc-128 of size 128 [ 18.586613] The buggy address is located 0 bytes inside of [ 18.586613] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.586779] [ 18.586851] The buggy address belongs to the physical page: [ 18.586915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.587050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.587134] page_type: f5(slab) [ 18.587209] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.587295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.587342] page dumped because: kasan: bad access detected [ 18.587377] [ 18.587396] Memory state around the buggy address: [ 18.587436] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.587482] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587528] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.587632] ^ [ 18.587678] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587774] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587989] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.566461] ================================================================== [ 18.566522] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 18.566575] Write of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.566629] [ 18.566659] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.566807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.566866] Hardware name: linux,dummy-virt (DT) [ 18.566898] Call trace: [ 18.566921] show_stack+0x20/0x38 (C) [ 18.566970] dump_stack_lvl+0x8c/0xd0 [ 18.567031] print_report+0x118/0x5d0 [ 18.567077] kasan_report+0xdc/0x128 [ 18.567122] kasan_check_range+0x100/0x1a8 [ 18.567171] __kasan_check_write+0x20/0x30 [ 18.567216] copy_user_test_oob+0x35c/0xec8 [ 18.567447] kunit_try_run_case+0x170/0x3f0 [ 18.567498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.567552] kthread+0x328/0x630 [ 18.567844] ret_from_fork+0x10/0x20 [ 18.567894] [ 18.567913] Allocated by task 286: [ 18.567941] kasan_save_stack+0x3c/0x68 [ 18.567994] kasan_save_track+0x20/0x40 [ 18.568035] kasan_save_alloc_info+0x40/0x58 [ 18.568076] __kasan_kmalloc+0xd4/0xd8 [ 18.568115] __kmalloc_noprof+0x198/0x4c8 [ 18.568161] kunit_kmalloc_array+0x34/0x88 [ 18.568364] copy_user_test_oob+0xac/0xec8 [ 18.568555] kunit_try_run_case+0x170/0x3f0 [ 18.568745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.568849] kthread+0x328/0x630 [ 18.568883] ret_from_fork+0x10/0x20 [ 18.568921] [ 18.568942] The buggy address belongs to the object at fff00000c65eec00 [ 18.568942] which belongs to the cache kmalloc-128 of size 128 [ 18.569013] The buggy address is located 0 bytes inside of [ 18.569013] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.569080] [ 18.569101] The buggy address belongs to the physical page: [ 18.569134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.569188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.569264] page_type: f5(slab) [ 18.569384] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.569438] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.569482] page dumped because: kasan: bad access detected [ 18.569515] [ 18.569536] Memory state around the buggy address: [ 18.569569] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.569617] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569665] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.569709] ^ [ 18.569755] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569801] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569861] ================================================================== [ 18.575523] ================================================================== [ 18.575571] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 18.575618] Write of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.575692] [ 18.575760] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.575844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.575874] Hardware name: linux,dummy-virt (DT) [ 18.575907] Call trace: [ 18.575929] show_stack+0x20/0x38 (C) [ 18.575976] dump_stack_lvl+0x8c/0xd0 [ 18.576034] print_report+0x118/0x5d0 [ 18.576081] kasan_report+0xdc/0x128 [ 18.576126] kasan_check_range+0x100/0x1a8 [ 18.576174] __kasan_check_write+0x20/0x30 [ 18.576221] copy_user_test_oob+0x434/0xec8 [ 18.576267] kunit_try_run_case+0x170/0x3f0 [ 18.576379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.576588] kthread+0x328/0x630 [ 18.576632] ret_from_fork+0x10/0x20 [ 18.576960] [ 18.577058] Allocated by task 286: [ 18.577100] kasan_save_stack+0x3c/0x68 [ 18.577143] kasan_save_track+0x20/0x40 [ 18.577224] kasan_save_alloc_info+0x40/0x58 [ 18.577436] __kasan_kmalloc+0xd4/0xd8 [ 18.577477] __kmalloc_noprof+0x198/0x4c8 [ 18.577542] kunit_kmalloc_array+0x34/0x88 [ 18.577582] copy_user_test_oob+0xac/0xec8 [ 18.577686] kunit_try_run_case+0x170/0x3f0 [ 18.577769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.577815] kthread+0x328/0x630 [ 18.577849] ret_from_fork+0x10/0x20 [ 18.577887] [ 18.577908] The buggy address belongs to the object at fff00000c65eec00 [ 18.577908] which belongs to the cache kmalloc-128 of size 128 [ 18.577969] The buggy address is located 0 bytes inside of [ 18.577969] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.578047] [ 18.578071] The buggy address belongs to the physical page: [ 18.578105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.578160] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.578209] page_type: f5(slab) [ 18.578247] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.578302] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.578392] page dumped because: kasan: bad access detected [ 18.578479] [ 18.578562] Memory state around the buggy address: [ 18.578604] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.578693] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.578936] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.578988] ^ [ 18.579045] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579096] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.579289] ================================================================== [ 18.570344] ================================================================== [ 18.570660] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 18.570811] Read of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.570864] [ 18.570895] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.570990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.571020] Hardware name: linux,dummy-virt (DT) [ 18.571052] Call trace: [ 18.571077] show_stack+0x20/0x38 (C) [ 18.571123] dump_stack_lvl+0x8c/0xd0 [ 18.571169] print_report+0x118/0x5d0 [ 18.571257] kasan_report+0xdc/0x128 [ 18.571305] kasan_check_range+0x100/0x1a8 [ 18.571492] __kasan_check_read+0x20/0x30 [ 18.571540] copy_user_test_oob+0x3c8/0xec8 [ 18.571589] kunit_try_run_case+0x170/0x3f0 [ 18.571644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.571884] kthread+0x328/0x630 [ 18.572445] ret_from_fork+0x10/0x20 [ 18.572607] [ 18.572722] Allocated by task 286: [ 18.572758] kasan_save_stack+0x3c/0x68 [ 18.572883] kasan_save_track+0x20/0x40 [ 18.572933] kasan_save_alloc_info+0x40/0x58 [ 18.573006] __kasan_kmalloc+0xd4/0xd8 [ 18.573143] __kmalloc_noprof+0x198/0x4c8 [ 18.573184] kunit_kmalloc_array+0x34/0x88 [ 18.573233] copy_user_test_oob+0xac/0xec8 [ 18.573271] kunit_try_run_case+0x170/0x3f0 [ 18.573327] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.573373] kthread+0x328/0x630 [ 18.573532] ret_from_fork+0x10/0x20 [ 18.573716] [ 18.573748] The buggy address belongs to the object at fff00000c65eec00 [ 18.573748] which belongs to the cache kmalloc-128 of size 128 [ 18.573837] The buggy address is located 0 bytes inside of [ 18.573837] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.574159] [ 18.574211] The buggy address belongs to the physical page: [ 18.574243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.574296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.574345] page_type: f5(slab) [ 18.574391] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.574650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.574860] page dumped because: kasan: bad access detected [ 18.575000] [ 18.575020] Memory state around the buggy address: [ 18.575054] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.575101] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575147] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.575187] ^ [ 18.575231] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575276] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.575317] ================================================================== [ 18.558657] ================================================================== [ 18.558720] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 18.558774] Read of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.558829] [ 18.558863] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.558947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.558976] Hardware name: linux,dummy-virt (DT) [ 18.559035] Call trace: [ 18.559108] show_stack+0x20/0x38 (C) [ 18.559159] dump_stack_lvl+0x8c/0xd0 [ 18.559207] print_report+0x118/0x5d0 [ 18.559254] kasan_report+0xdc/0x128 [ 18.559300] kasan_check_range+0x100/0x1a8 [ 18.559348] __kasan_check_read+0x20/0x30 [ 18.559394] copy_user_test_oob+0x728/0xec8 [ 18.559445] kunit_try_run_case+0x170/0x3f0 [ 18.559493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.559546] kthread+0x328/0x630 [ 18.559677] ret_from_fork+0x10/0x20 [ 18.559772] [ 18.559792] Allocated by task 286: [ 18.559887] kasan_save_stack+0x3c/0x68 [ 18.559937] kasan_save_track+0x20/0x40 [ 18.560330] kasan_save_alloc_info+0x40/0x58 [ 18.560417] __kasan_kmalloc+0xd4/0xd8 [ 18.560457] __kmalloc_noprof+0x198/0x4c8 [ 18.560518] kunit_kmalloc_array+0x34/0x88 [ 18.560559] copy_user_test_oob+0xac/0xec8 [ 18.560597] kunit_try_run_case+0x170/0x3f0 [ 18.560638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.560684] kthread+0x328/0x630 [ 18.560718] ret_from_fork+0x10/0x20 [ 18.560756] [ 18.560802] The buggy address belongs to the object at fff00000c65eec00 [ 18.560802] which belongs to the cache kmalloc-128 of size 128 [ 18.560916] The buggy address is located 0 bytes inside of [ 18.560916] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.561196] [ 18.561219] The buggy address belongs to the physical page: [ 18.561252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.561306] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.561357] page_type: f5(slab) [ 18.561396] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.561448] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.561519] page dumped because: kasan: bad access detected [ 18.561691] [ 18.561760] Memory state around the buggy address: [ 18.561849] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.561956] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562011] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.562075] ^ [ 18.562120] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562166] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562208] ================================================================== [ 18.549370] ================================================================== [ 18.549680] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 18.549761] Write of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.549819] [ 18.549858] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.549948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.549990] Hardware name: linux,dummy-virt (DT) [ 18.550025] Call trace: [ 18.550049] show_stack+0x20/0x38 (C) [ 18.550101] dump_stack_lvl+0x8c/0xd0 [ 18.550154] print_report+0x118/0x5d0 [ 18.550205] kasan_report+0xdc/0x128 [ 18.550259] kasan_check_range+0x100/0x1a8 [ 18.550353] __kasan_check_write+0x20/0x30 [ 18.550401] copy_user_test_oob+0x234/0xec8 [ 18.550448] kunit_try_run_case+0x170/0x3f0 [ 18.550499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.550554] kthread+0x328/0x630 [ 18.550599] ret_from_fork+0x10/0x20 [ 18.550664] [ 18.550684] Allocated by task 286: [ 18.550718] kasan_save_stack+0x3c/0x68 [ 18.550760] kasan_save_track+0x20/0x40 [ 18.550800] kasan_save_alloc_info+0x40/0x58 [ 18.550843] __kasan_kmalloc+0xd4/0xd8 [ 18.550880] __kmalloc_noprof+0x198/0x4c8 [ 18.550921] kunit_kmalloc_array+0x34/0x88 [ 18.550961] copy_user_test_oob+0xac/0xec8 [ 18.551012] kunit_try_run_case+0x170/0x3f0 [ 18.551060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.551106] kthread+0x328/0x630 [ 18.551290] ret_from_fork+0x10/0x20 [ 18.551490] [ 18.551602] The buggy address belongs to the object at fff00000c65eec00 [ 18.551602] which belongs to the cache kmalloc-128 of size 128 [ 18.551667] The buggy address is located 0 bytes inside of [ 18.551667] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.551733] [ 18.551757] The buggy address belongs to the physical page: [ 18.551799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.552483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.552667] page_type: f5(slab) [ 18.552747] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.552865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.552929] page dumped because: kasan: bad access detected [ 18.552964] [ 18.552993] Memory state around the buggy address: [ 18.553028] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.553073] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553120] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.553162] ^ [ 18.553206] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553251] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.553293] ================================================================== [ 18.579824] ================================================================== [ 18.579884] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 18.580021] Read of size 121 at addr fff00000c65eec00 by task kunit_try_catch/286 [ 18.580074] [ 18.580105] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.580188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.580218] Hardware name: linux,dummy-virt (DT) [ 18.580249] Call trace: [ 18.580271] show_stack+0x20/0x38 (C) [ 18.580320] dump_stack_lvl+0x8c/0xd0 [ 18.580365] print_report+0x118/0x5d0 [ 18.580412] kasan_report+0xdc/0x128 [ 18.580459] kasan_check_range+0x100/0x1a8 [ 18.580508] __kasan_check_read+0x20/0x30 [ 18.580553] copy_user_test_oob+0x4a0/0xec8 [ 18.580599] kunit_try_run_case+0x170/0x3f0 [ 18.580648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.580804] kthread+0x328/0x630 [ 18.580855] ret_from_fork+0x10/0x20 [ 18.580903] [ 18.580923] Allocated by task 286: [ 18.580952] kasan_save_stack+0x3c/0x68 [ 18.581020] kasan_save_track+0x20/0x40 [ 18.581062] kasan_save_alloc_info+0x40/0x58 [ 18.581105] __kasan_kmalloc+0xd4/0xd8 [ 18.581145] __kmalloc_noprof+0x198/0x4c8 [ 18.581200] kunit_kmalloc_array+0x34/0x88 [ 18.581239] copy_user_test_oob+0xac/0xec8 [ 18.581279] kunit_try_run_case+0x170/0x3f0 [ 18.581319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.581364] kthread+0x328/0x630 [ 18.581397] ret_from_fork+0x10/0x20 [ 18.581436] [ 18.581456] The buggy address belongs to the object at fff00000c65eec00 [ 18.581456] which belongs to the cache kmalloc-128 of size 128 [ 18.581535] The buggy address is located 0 bytes inside of [ 18.581535] allocated 120-byte region [fff00000c65eec00, fff00000c65eec78) [ 18.581612] [ 18.581633] The buggy address belongs to the physical page: [ 18.581667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.581720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.581768] page_type: f5(slab) [ 18.581807] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.581858] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.581901] page dumped because: kasan: bad access detected [ 18.581936] [ 18.581956] Memory state around the buggy address: [ 18.582000] fff00000c65eeb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.582046] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.582092] >fff00000c65eec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.582133] ^ [ 18.582186] fff00000c65eec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.582232] fff00000c65eed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.582273] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.522496] ================================================================== [ 18.522547] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 18.522699] Write of size 8 at addr fff00000c65eeb78 by task kunit_try_catch/282 [ 18.522829] [ 18.522866] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.523042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.523072] Hardware name: linux,dummy-virt (DT) [ 18.523105] Call trace: [ 18.523129] show_stack+0x20/0x38 (C) [ 18.523177] dump_stack_lvl+0x8c/0xd0 [ 18.523226] print_report+0x118/0x5d0 [ 18.523293] kasan_report+0xdc/0x128 [ 18.523340] kasan_check_range+0x100/0x1a8 [ 18.523390] __kasan_check_write+0x20/0x30 [ 18.523443] copy_to_kernel_nofault+0x8c/0x250 [ 18.523494] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 18.523543] kunit_try_run_case+0x170/0x3f0 [ 18.523592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.523645] kthread+0x328/0x630 [ 18.523688] ret_from_fork+0x10/0x20 [ 18.523748] [ 18.523770] Allocated by task 282: [ 18.523798] kasan_save_stack+0x3c/0x68 [ 18.523840] kasan_save_track+0x20/0x40 [ 18.523878] kasan_save_alloc_info+0x40/0x58 [ 18.523920] __kasan_kmalloc+0xd4/0xd8 [ 18.523957] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.524070] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.524394] kunit_try_run_case+0x170/0x3f0 [ 18.524478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.524522] kthread+0x328/0x630 [ 18.524648] ret_from_fork+0x10/0x20 [ 18.524827] [ 18.524849] The buggy address belongs to the object at fff00000c65eeb00 [ 18.524849] which belongs to the cache kmalloc-128 of size 128 [ 18.524910] The buggy address is located 0 bytes to the right of [ 18.524910] allocated 120-byte region [fff00000c65eeb00, fff00000c65eeb78) [ 18.524988] [ 18.525008] The buggy address belongs to the physical page: [ 18.525041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.525096] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.525145] page_type: f5(slab) [ 18.525185] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.525279] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.525323] page dumped because: kasan: bad access detected [ 18.525356] [ 18.525375] Memory state around the buggy address: [ 18.525409] fff00000c65eea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.525456] fff00000c65eea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.525502] >fff00000c65eeb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.525557] ^ [ 18.525666] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.525712] fff00000c65eec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.525754] ================================================================== [ 18.518239] ================================================================== [ 18.518299] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 18.518360] Read of size 8 at addr fff00000c65eeb78 by task kunit_try_catch/282 [ 18.518412] [ 18.518446] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.518535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.518565] Hardware name: linux,dummy-virt (DT) [ 18.518598] Call trace: [ 18.518622] show_stack+0x20/0x38 (C) [ 18.518673] dump_stack_lvl+0x8c/0xd0 [ 18.518990] print_report+0x118/0x5d0 [ 18.519049] kasan_report+0xdc/0x128 [ 18.519212] __asan_report_load8_noabort+0x20/0x30 [ 18.519266] copy_to_kernel_nofault+0x204/0x250 [ 18.519322] copy_to_kernel_nofault_oob+0x158/0x418 [ 18.519501] kunit_try_run_case+0x170/0x3f0 [ 18.519560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.519823] kthread+0x328/0x630 [ 18.519866] ret_from_fork+0x10/0x20 [ 18.519914] [ 18.519934] Allocated by task 282: [ 18.519966] kasan_save_stack+0x3c/0x68 [ 18.520019] kasan_save_track+0x20/0x40 [ 18.520066] kasan_save_alloc_info+0x40/0x58 [ 18.520141] __kasan_kmalloc+0xd4/0xd8 [ 18.520295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.520509] copy_to_kernel_nofault_oob+0xc8/0x418 [ 18.520586] kunit_try_run_case+0x170/0x3f0 [ 18.520742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.520860] kthread+0x328/0x630 [ 18.520893] ret_from_fork+0x10/0x20 [ 18.520932] [ 18.520953] The buggy address belongs to the object at fff00000c65eeb00 [ 18.520953] which belongs to the cache kmalloc-128 of size 128 [ 18.521025] The buggy address is located 0 bytes to the right of [ 18.521025] allocated 120-byte region [fff00000c65eeb00, fff00000c65eeb78) [ 18.521092] [ 18.521116] The buggy address belongs to the physical page: [ 18.521150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 18.521207] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.521258] page_type: f5(slab) [ 18.521298] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.521351] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.521393] page dumped because: kasan: bad access detected [ 18.521427] [ 18.521462] Memory state around the buggy address: [ 18.521607] fff00000c65eea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.521730] fff00000c65eea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.521776] >fff00000c65eeb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.521818] ^ [ 18.521944] fff00000c65eeb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.522002] fff00000c65eec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.522045] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 18.486907] ================================================================== [ 18.486996] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 18.487052] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 18.487104] [ 18.487140] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.487223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.487251] Hardware name: linux,dummy-virt (DT) [ 18.487284] Call trace: [ 18.487307] show_stack+0x20/0x38 (C) [ 18.487358] dump_stack_lvl+0x8c/0xd0 [ 18.487407] print_report+0x310/0x5d0 [ 18.487459] kasan_report+0xdc/0x128 [ 18.487506] __asan_report_load1_noabort+0x20/0x30 [ 18.487556] vmalloc_oob+0x578/0x5d0 [ 18.487601] kunit_try_run_case+0x170/0x3f0 [ 18.487649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.487703] kthread+0x328/0x630 [ 18.487761] ret_from_fork+0x10/0x20 [ 18.487810] [ 18.487834] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 18.487879] The buggy address belongs to the physical page: [ 18.487910] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079da [ 18.487965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.488036] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.488090] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.488132] page dumped because: kasan: bad access detected [ 18.488166] [ 18.488185] Memory state around the buggy address: [ 18.488219] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.488277] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.488437] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.488480] ^ [ 18.488624] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.488688] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.488820] ================================================================== [ 18.489170] ================================================================== [ 18.489218] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 18.489266] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 18.489317] [ 18.489346] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.489428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.489458] Hardware name: linux,dummy-virt (DT) [ 18.489490] Call trace: [ 18.489513] show_stack+0x20/0x38 (C) [ 18.489559] dump_stack_lvl+0x8c/0xd0 [ 18.489605] print_report+0x310/0x5d0 [ 18.489693] kasan_report+0xdc/0x128 [ 18.489739] __asan_report_load1_noabort+0x20/0x30 [ 18.489867] vmalloc_oob+0x51c/0x5d0 [ 18.490255] kunit_try_run_case+0x170/0x3f0 [ 18.490471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.490691] kthread+0x328/0x630 [ 18.490740] ret_from_fork+0x10/0x20 [ 18.491016] [ 18.491040] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 18.491085] The buggy address belongs to the physical page: [ 18.491117] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079da [ 18.491170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.491231] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.491289] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.491495] page dumped because: kasan: bad access detected [ 18.491663] [ 18.491762] Memory state around the buggy address: [ 18.491930] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.492025] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.492070] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 18.492110] ^ [ 18.492153] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.492197] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 18.492238] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.290110] ================================================================== [ 18.290165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 18.290217] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.290579] [ 18.290656] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.290747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.290810] Hardware name: linux,dummy-virt (DT) [ 18.291018] Call trace: [ 18.291060] show_stack+0x20/0x38 (C) [ 18.291120] dump_stack_lvl+0x8c/0xd0 [ 18.291257] print_report+0x118/0x5d0 [ 18.291328] kasan_report+0xdc/0x128 [ 18.291373] kasan_check_range+0x100/0x1a8 [ 18.291489] __kasan_check_write+0x20/0x30 [ 18.291535] kasan_atomics_helper+0xe44/0x4858 [ 18.291706] kasan_atomics+0x198/0x2e0 [ 18.291767] kunit_try_run_case+0x170/0x3f0 [ 18.291866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.292062] kthread+0x328/0x630 [ 18.292220] ret_from_fork+0x10/0x20 [ 18.292294] [ 18.292315] Allocated by task 266: [ 18.292389] kasan_save_stack+0x3c/0x68 [ 18.292433] kasan_save_track+0x20/0x40 [ 18.292525] kasan_save_alloc_info+0x40/0x58 [ 18.292610] __kasan_kmalloc+0xd4/0xd8 [ 18.292791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.292866] kasan_atomics+0xb8/0x2e0 [ 18.292912] kunit_try_run_case+0x170/0x3f0 [ 18.293106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.293376] kthread+0x328/0x630 [ 18.293760] ret_from_fork+0x10/0x20 [ 18.294014] [ 18.294197] The buggy address belongs to the object at fff00000c7941e80 [ 18.294197] which belongs to the cache kmalloc-64 of size 64 [ 18.294312] The buggy address is located 0 bytes to the right of [ 18.294312] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.294615] [ 18.294730] The buggy address belongs to the physical page: [ 18.294793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.294859] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.295082] page_type: f5(slab) [ 18.295158] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.295306] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.295377] page dumped because: kasan: bad access detected [ 18.295414] [ 18.295449] Memory state around the buggy address: [ 18.295483] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.295530] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.295576] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.295628] ^ [ 18.295663] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.295713] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.295755] ================================================================== [ 18.255795] ================================================================== [ 18.256113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 18.256220] Read of size 4 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.256275] [ 18.256359] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.256479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.256609] Hardware name: linux,dummy-virt (DT) [ 18.256676] Call trace: [ 18.256701] show_stack+0x20/0x38 (C) [ 18.256931] dump_stack_lvl+0x8c/0xd0 [ 18.257081] print_report+0x118/0x5d0 [ 18.257152] kasan_report+0xdc/0x128 [ 18.257202] __asan_report_load4_noabort+0x20/0x30 [ 18.257255] kasan_atomics_helper+0x3dd8/0x4858 [ 18.257305] kasan_atomics+0x198/0x2e0 [ 18.257350] kunit_try_run_case+0x170/0x3f0 [ 18.257409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.257464] kthread+0x328/0x630 [ 18.257507] ret_from_fork+0x10/0x20 [ 18.257556] [ 18.257583] Allocated by task 266: [ 18.257614] kasan_save_stack+0x3c/0x68 [ 18.257693] kasan_save_track+0x20/0x40 [ 18.257733] kasan_save_alloc_info+0x40/0x58 [ 18.257774] __kasan_kmalloc+0xd4/0xd8 [ 18.257812] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.258274] kasan_atomics+0xb8/0x2e0 [ 18.258375] kunit_try_run_case+0x170/0x3f0 [ 18.258638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.258929] kthread+0x328/0x630 [ 18.259101] ret_from_fork+0x10/0x20 [ 18.259330] [ 18.259557] The buggy address belongs to the object at fff00000c7941e80 [ 18.259557] which belongs to the cache kmalloc-64 of size 64 [ 18.259786] The buggy address is located 0 bytes to the right of [ 18.259786] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.259859] [ 18.259886] The buggy address belongs to the physical page: [ 18.259939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.260339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.260685] page_type: f5(slab) [ 18.261003] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.261212] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.261453] page dumped because: kasan: bad access detected [ 18.261563] [ 18.261700] Memory state around the buggy address: [ 18.261963] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.262034] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.262080] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.262471] ^ [ 18.262555] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.262630] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.262844] ================================================================== [ 18.364403] ================================================================== [ 18.364466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 18.364518] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.364604] [ 18.364690] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.365183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.365223] Hardware name: linux,dummy-virt (DT) [ 18.365261] Call trace: [ 18.365286] show_stack+0x20/0x38 (C) [ 18.365336] dump_stack_lvl+0x8c/0xd0 [ 18.365386] print_report+0x118/0x5d0 [ 18.365433] kasan_report+0xdc/0x128 [ 18.365479] kasan_check_range+0x100/0x1a8 [ 18.365528] __kasan_check_write+0x20/0x30 [ 18.365572] kasan_atomics_helper+0x11f8/0x4858 [ 18.365621] kasan_atomics+0x198/0x2e0 [ 18.365670] kunit_try_run_case+0x170/0x3f0 [ 18.365721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.365774] kthread+0x328/0x630 [ 18.365815] ret_from_fork+0x10/0x20 [ 18.365864] [ 18.365883] Allocated by task 266: [ 18.365913] kasan_save_stack+0x3c/0x68 [ 18.365953] kasan_save_track+0x20/0x40 [ 18.366139] kasan_save_alloc_info+0x40/0x58 [ 18.366209] __kasan_kmalloc+0xd4/0xd8 [ 18.366250] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.366661] kasan_atomics+0xb8/0x2e0 [ 18.368754] kunit_try_run_case+0x170/0x3f0 [ 18.368944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.369075] kthread+0x328/0x630 [ 18.369208] ret_from_fork+0x10/0x20 [ 18.369275] [ 18.369299] The buggy address belongs to the object at fff00000c7941e80 [ 18.369299] which belongs to the cache kmalloc-64 of size 64 [ 18.369375] The buggy address is located 0 bytes to the right of [ 18.369375] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.369443] [ 18.369673] The buggy address belongs to the physical page: [ 18.369795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.369915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.370355] page_type: f5(slab) [ 18.370780] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.371144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.371233] page dumped because: kasan: bad access detected [ 18.371343] [ 18.371364] Memory state around the buggy address: [ 18.371650] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.371798] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.372025] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.372192] ^ [ 18.372318] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372366] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.372407] ================================================================== [ 18.305465] ================================================================== [ 18.305520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 18.305572] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.305848] [ 18.306033] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.306229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.306345] Hardware name: linux,dummy-virt (DT) [ 18.306466] Call trace: [ 18.306493] show_stack+0x20/0x38 (C) [ 18.306548] dump_stack_lvl+0x8c/0xd0 [ 18.306639] print_report+0x118/0x5d0 [ 18.306747] kasan_report+0xdc/0x128 [ 18.306837] kasan_check_range+0x100/0x1a8 [ 18.306891] __kasan_check_write+0x20/0x30 [ 18.306944] kasan_atomics_helper+0xeb8/0x4858 [ 18.307006] kasan_atomics+0x198/0x2e0 [ 18.307103] kunit_try_run_case+0x170/0x3f0 [ 18.307162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.307217] kthread+0x328/0x630 [ 18.307258] ret_from_fork+0x10/0x20 [ 18.307305] [ 18.307334] Allocated by task 266: [ 18.307384] kasan_save_stack+0x3c/0x68 [ 18.307435] kasan_save_track+0x20/0x40 [ 18.307472] kasan_save_alloc_info+0x40/0x58 [ 18.307514] __kasan_kmalloc+0xd4/0xd8 [ 18.307551] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.307592] kasan_atomics+0xb8/0x2e0 [ 18.307630] kunit_try_run_case+0x170/0x3f0 [ 18.307668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.307714] kthread+0x328/0x630 [ 18.307758] ret_from_fork+0x10/0x20 [ 18.307796] [ 18.307816] The buggy address belongs to the object at fff00000c7941e80 [ 18.307816] which belongs to the cache kmalloc-64 of size 64 [ 18.307878] The buggy address is located 0 bytes to the right of [ 18.307878] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.307954] [ 18.308264] The buggy address belongs to the physical page: [ 18.308488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.308560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.308612] page_type: f5(slab) [ 18.308747] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.308817] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.308889] page dumped because: kasan: bad access detected [ 18.309081] [ 18.309102] Memory state around the buggy address: [ 18.309141] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309261] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.309418] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.309707] ^ [ 18.309888] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310079] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310162] ================================================================== [ 18.319780] ================================================================== [ 18.319990] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 18.320075] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.320145] [ 18.320304] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.320393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.320604] Hardware name: linux,dummy-virt (DT) [ 18.320649] Call trace: [ 18.320674] show_stack+0x20/0x38 (C) [ 18.320816] dump_stack_lvl+0x8c/0xd0 [ 18.321202] print_report+0x118/0x5d0 [ 18.321379] kasan_report+0xdc/0x128 [ 18.321449] kasan_check_range+0x100/0x1a8 [ 18.321500] __kasan_check_write+0x20/0x30 [ 18.321571] kasan_atomics_helper+0xf88/0x4858 [ 18.321624] kasan_atomics+0x198/0x2e0 [ 18.321922] kunit_try_run_case+0x170/0x3f0 [ 18.322241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.322400] kthread+0x328/0x630 [ 18.322563] ret_from_fork+0x10/0x20 [ 18.322681] [ 18.322747] Allocated by task 266: [ 18.322905] kasan_save_stack+0x3c/0x68 [ 18.322971] kasan_save_track+0x20/0x40 [ 18.323024] kasan_save_alloc_info+0x40/0x58 [ 18.323217] __kasan_kmalloc+0xd4/0xd8 [ 18.323328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.323397] kasan_atomics+0xb8/0x2e0 [ 18.323451] kunit_try_run_case+0x170/0x3f0 [ 18.323491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.323543] kthread+0x328/0x630 [ 18.323588] ret_from_fork+0x10/0x20 [ 18.323635] [ 18.323666] The buggy address belongs to the object at fff00000c7941e80 [ 18.323666] which belongs to the cache kmalloc-64 of size 64 [ 18.323732] The buggy address is located 0 bytes to the right of [ 18.323732] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.323799] [ 18.323837] The buggy address belongs to the physical page: [ 18.323880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.323934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.324086] page_type: f5(slab) [ 18.324191] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.324734] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.324845] page dumped because: kasan: bad access detected [ 18.325193] [ 18.325348] Memory state around the buggy address: [ 18.325417] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.325472] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.325517] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.325560] ^ [ 18.325594] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.325639] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326093] ================================================================== [ 18.420540] ================================================================== [ 18.420792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 18.421004] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.421590] [ 18.421665] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.421819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.421907] Hardware name: linux,dummy-virt (DT) [ 18.422040] Call trace: [ 18.422111] show_stack+0x20/0x38 (C) [ 18.422252] dump_stack_lvl+0x8c/0xd0 [ 18.422299] print_report+0x118/0x5d0 [ 18.422565] kasan_report+0xdc/0x128 [ 18.422742] kasan_check_range+0x100/0x1a8 [ 18.422884] __kasan_check_write+0x20/0x30 [ 18.422973] kasan_atomics_helper+0x154c/0x4858 [ 18.423336] kasan_atomics+0x198/0x2e0 [ 18.423475] kunit_try_run_case+0x170/0x3f0 [ 18.423584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.423764] kthread+0x328/0x630 [ 18.423832] ret_from_fork+0x10/0x20 [ 18.424093] [ 18.424140] Allocated by task 266: [ 18.424297] kasan_save_stack+0x3c/0x68 [ 18.424522] kasan_save_track+0x20/0x40 [ 18.424626] kasan_save_alloc_info+0x40/0x58 [ 18.424769] __kasan_kmalloc+0xd4/0xd8 [ 18.424927] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.425017] kasan_atomics+0xb8/0x2e0 [ 18.425155] kunit_try_run_case+0x170/0x3f0 [ 18.425243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.425294] kthread+0x328/0x630 [ 18.425455] ret_from_fork+0x10/0x20 [ 18.425698] [ 18.426408] The buggy address belongs to the object at fff00000c7941e80 [ 18.426408] which belongs to the cache kmalloc-64 of size 64 [ 18.426550] The buggy address is located 0 bytes to the right of [ 18.426550] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.426623] [ 18.426872] The buggy address belongs to the physical page: [ 18.427007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.427119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.427321] page_type: f5(slab) [ 18.427497] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.427610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.427657] page dumped because: kasan: bad access detected [ 18.427860] [ 18.427989] Memory state around the buggy address: [ 18.428207] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.428337] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.429129] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.429188] ^ [ 18.430109] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.430556] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.430604] ================================================================== [ 18.401328] ================================================================== [ 18.401383] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 18.401432] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.401484] [ 18.401936] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.402057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.402095] Hardware name: linux,dummy-virt (DT) [ 18.402400] Call trace: [ 18.402439] show_stack+0x20/0x38 (C) [ 18.402699] dump_stack_lvl+0x8c/0xd0 [ 18.402770] print_report+0x118/0x5d0 [ 18.402915] kasan_report+0xdc/0x128 [ 18.402988] kasan_check_range+0x100/0x1a8 [ 18.403041] __kasan_check_write+0x20/0x30 [ 18.403087] kasan_atomics_helper+0x1414/0x4858 [ 18.403499] kasan_atomics+0x198/0x2e0 [ 18.403613] kunit_try_run_case+0x170/0x3f0 [ 18.403666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.403720] kthread+0x328/0x630 [ 18.404020] ret_from_fork+0x10/0x20 [ 18.404098] [ 18.404200] Allocated by task 266: [ 18.404234] kasan_save_stack+0x3c/0x68 [ 18.404302] kasan_save_track+0x20/0x40 [ 18.404596] kasan_save_alloc_info+0x40/0x58 [ 18.404812] __kasan_kmalloc+0xd4/0xd8 [ 18.404904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.405022] kasan_atomics+0xb8/0x2e0 [ 18.405257] kunit_try_run_case+0x170/0x3f0 [ 18.405453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.405934] kthread+0x328/0x630 [ 18.405991] ret_from_fork+0x10/0x20 [ 18.406028] [ 18.406302] The buggy address belongs to the object at fff00000c7941e80 [ 18.406302] which belongs to the cache kmalloc-64 of size 64 [ 18.406493] The buggy address is located 0 bytes to the right of [ 18.406493] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.406753] [ 18.406933] The buggy address belongs to the physical page: [ 18.407080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.407277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.407519] page_type: f5(slab) [ 18.407597] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.407782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.408068] page dumped because: kasan: bad access detected [ 18.408197] [ 18.408302] Memory state around the buggy address: [ 18.408391] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.408440] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.408492] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.408684] ^ [ 18.409282] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409439] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.409595] ================================================================== [ 18.282231] ================================================================== [ 18.282333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 18.282390] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.282674] [ 18.282759] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.282856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.282884] Hardware name: linux,dummy-virt (DT) [ 18.283015] Call trace: [ 18.283042] show_stack+0x20/0x38 (C) [ 18.283096] dump_stack_lvl+0x8c/0xd0 [ 18.283230] print_report+0x118/0x5d0 [ 18.283305] kasan_report+0xdc/0x128 [ 18.283564] __asan_report_load8_noabort+0x20/0x30 [ 18.283654] kasan_atomics_helper+0x3f58/0x4858 [ 18.283776] kasan_atomics+0x198/0x2e0 [ 18.283864] kunit_try_run_case+0x170/0x3f0 [ 18.284180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.284307] kthread+0x328/0x630 [ 18.284384] ret_from_fork+0x10/0x20 [ 18.284436] [ 18.284463] Allocated by task 266: [ 18.284492] kasan_save_stack+0x3c/0x68 [ 18.284535] kasan_save_track+0x20/0x40 [ 18.284572] kasan_save_alloc_info+0x40/0x58 [ 18.284614] __kasan_kmalloc+0xd4/0xd8 [ 18.284651] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.284847] kasan_atomics+0xb8/0x2e0 [ 18.284904] kunit_try_run_case+0x170/0x3f0 [ 18.285135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.285391] kthread+0x328/0x630 [ 18.285503] ret_from_fork+0x10/0x20 [ 18.285602] [ 18.285737] The buggy address belongs to the object at fff00000c7941e80 [ 18.285737] which belongs to the cache kmalloc-64 of size 64 [ 18.285832] The buggy address is located 0 bytes to the right of [ 18.285832] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.286022] [ 18.286223] The buggy address belongs to the physical page: [ 18.286293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.286457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.286523] page_type: f5(slab) [ 18.286741] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.286932] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.287200] page dumped because: kasan: bad access detected [ 18.287383] [ 18.287512] Memory state around the buggy address: [ 18.287825] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.287956] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.288211] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.288415] ^ [ 18.288536] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288872] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.289054] ================================================================== [ 18.453035] ================================================================== [ 18.453108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 18.453313] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.453371] [ 18.453408] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.453727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.453757] Hardware name: linux,dummy-virt (DT) [ 18.453789] Call trace: [ 18.453811] show_stack+0x20/0x38 (C) [ 18.453866] dump_stack_lvl+0x8c/0xd0 [ 18.454122] print_report+0x118/0x5d0 [ 18.454365] kasan_report+0xdc/0x128 [ 18.454472] kasan_check_range+0x100/0x1a8 [ 18.454527] __kasan_check_write+0x20/0x30 [ 18.454596] kasan_atomics_helper+0x16d0/0x4858 [ 18.454644] kasan_atomics+0x198/0x2e0 [ 18.454690] kunit_try_run_case+0x170/0x3f0 [ 18.454737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.454826] kthread+0x328/0x630 [ 18.454999] ret_from_fork+0x10/0x20 [ 18.455045] [ 18.455066] Allocated by task 266: [ 18.455094] kasan_save_stack+0x3c/0x68 [ 18.455137] kasan_save_track+0x20/0x40 [ 18.455175] kasan_save_alloc_info+0x40/0x58 [ 18.455218] __kasan_kmalloc+0xd4/0xd8 [ 18.455255] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.455296] kasan_atomics+0xb8/0x2e0 [ 18.455333] kunit_try_run_case+0x170/0x3f0 [ 18.455373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.455424] kthread+0x328/0x630 [ 18.455459] ret_from_fork+0x10/0x20 [ 18.455527] [ 18.455548] The buggy address belongs to the object at fff00000c7941e80 [ 18.455548] which belongs to the cache kmalloc-64 of size 64 [ 18.455608] The buggy address is located 0 bytes to the right of [ 18.455608] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.455958] [ 18.455989] The buggy address belongs to the physical page: [ 18.456032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.456451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.456502] page_type: f5(slab) [ 18.456541] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.456610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.456671] page dumped because: kasan: bad access detected [ 18.456749] [ 18.456865] Memory state around the buggy address: [ 18.456901] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.456947] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.457249] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.457291] ^ [ 18.457348] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.457425] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.457533] ================================================================== [ 18.278183] ================================================================== [ 18.278363] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 18.278454] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.278705] [ 18.278767] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.278863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.278891] Hardware name: linux,dummy-virt (DT) [ 18.278991] Call trace: [ 18.279047] show_stack+0x20/0x38 (C) [ 18.279233] dump_stack_lvl+0x8c/0xd0 [ 18.279311] print_report+0x118/0x5d0 [ 18.279361] kasan_report+0xdc/0x128 [ 18.279409] kasan_check_range+0x100/0x1a8 [ 18.279484] __kasan_check_read+0x20/0x30 [ 18.279532] kasan_atomics_helper+0xdd4/0x4858 [ 18.279579] kasan_atomics+0x198/0x2e0 [ 18.279625] kunit_try_run_case+0x170/0x3f0 [ 18.279671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.279724] kthread+0x328/0x630 [ 18.279768] ret_from_fork+0x10/0x20 [ 18.279815] [ 18.279839] Allocated by task 266: [ 18.279871] kasan_save_stack+0x3c/0x68 [ 18.279914] kasan_save_track+0x20/0x40 [ 18.279954] kasan_save_alloc_info+0x40/0x58 [ 18.280010] __kasan_kmalloc+0xd4/0xd8 [ 18.280047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.280088] kasan_atomics+0xb8/0x2e0 [ 18.280125] kunit_try_run_case+0x170/0x3f0 [ 18.280165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.280211] kthread+0x328/0x630 [ 18.280244] ret_from_fork+0x10/0x20 [ 18.280281] [ 18.280303] The buggy address belongs to the object at fff00000c7941e80 [ 18.280303] which belongs to the cache kmalloc-64 of size 64 [ 18.280363] The buggy address is located 0 bytes to the right of [ 18.280363] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.280430] [ 18.280450] The buggy address belongs to the physical page: [ 18.280494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.280550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.280609] page_type: f5(slab) [ 18.280649] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.280710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.280754] page dumped because: kasan: bad access detected [ 18.280787] [ 18.281237] Memory state around the buggy address: [ 18.281291] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.281339] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.281384] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.281426] ^ [ 18.281492] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281698] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.281792] ================================================================== [ 18.270120] ================================================================== [ 18.270213] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 18.270269] Read of size 4 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.270322] [ 18.270587] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.270756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.270828] Hardware name: linux,dummy-virt (DT) [ 18.271032] Call trace: [ 18.271169] show_stack+0x20/0x38 (C) [ 18.271224] dump_stack_lvl+0x8c/0xd0 [ 18.271276] print_report+0x118/0x5d0 [ 18.271344] kasan_report+0xdc/0x128 [ 18.271391] __asan_report_load4_noabort+0x20/0x30 [ 18.271450] kasan_atomics_helper+0x3e04/0x4858 [ 18.271500] kasan_atomics+0x198/0x2e0 [ 18.271547] kunit_try_run_case+0x170/0x3f0 [ 18.271804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.272094] kthread+0x328/0x630 [ 18.272211] ret_from_fork+0x10/0x20 [ 18.272263] [ 18.272283] Allocated by task 266: [ 18.272340] kasan_save_stack+0x3c/0x68 [ 18.272447] kasan_save_track+0x20/0x40 [ 18.272492] kasan_save_alloc_info+0x40/0x58 [ 18.272549] __kasan_kmalloc+0xd4/0xd8 [ 18.272626] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.272669] kasan_atomics+0xb8/0x2e0 [ 18.272853] kunit_try_run_case+0x170/0x3f0 [ 18.273108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.273345] kthread+0x328/0x630 [ 18.273699] ret_from_fork+0x10/0x20 [ 18.274042] [ 18.274141] The buggy address belongs to the object at fff00000c7941e80 [ 18.274141] which belongs to the cache kmalloc-64 of size 64 [ 18.274286] The buggy address is located 0 bytes to the right of [ 18.274286] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.274517] [ 18.274680] The buggy address belongs to the physical page: [ 18.274745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.274808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.275042] page_type: f5(slab) [ 18.275245] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.275667] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.275785] page dumped because: kasan: bad access detected [ 18.275966] [ 18.276022] Memory state around the buggy address: [ 18.276118] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.276265] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.276450] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.276657] ^ [ 18.276885] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277016] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277155] ================================================================== [ 18.436467] ================================================================== [ 18.436523] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 18.436578] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.436630] [ 18.436662] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.436747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.436774] Hardware name: linux,dummy-virt (DT) [ 18.436807] Call trace: [ 18.436829] show_stack+0x20/0x38 (C) [ 18.436879] dump_stack_lvl+0x8c/0xd0 [ 18.436926] print_report+0x118/0x5d0 [ 18.436973] kasan_report+0xdc/0x128 [ 18.437038] kasan_check_range+0x100/0x1a8 [ 18.437087] __kasan_check_write+0x20/0x30 [ 18.437133] kasan_atomics_helper+0x15b4/0x4858 [ 18.437181] kasan_atomics+0x198/0x2e0 [ 18.439070] kunit_try_run_case+0x170/0x3f0 [ 18.439130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439184] kthread+0x328/0x630 [ 18.439228] ret_from_fork+0x10/0x20 [ 18.439276] [ 18.439298] Allocated by task 266: [ 18.439327] kasan_save_stack+0x3c/0x68 [ 18.439371] kasan_save_track+0x20/0x40 [ 18.439410] kasan_save_alloc_info+0x40/0x58 [ 18.439459] __kasan_kmalloc+0xd4/0xd8 [ 18.439497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.439539] kasan_atomics+0xb8/0x2e0 [ 18.439576] kunit_try_run_case+0x170/0x3f0 [ 18.439617] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.439662] kthread+0x328/0x630 [ 18.439695] ret_from_fork+0x10/0x20 [ 18.439733] [ 18.439754] The buggy address belongs to the object at fff00000c7941e80 [ 18.439754] which belongs to the cache kmalloc-64 of size 64 [ 18.439817] The buggy address is located 0 bytes to the right of [ 18.439817] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.439884] [ 18.439905] The buggy address belongs to the physical page: [ 18.439953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.440110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.440197] page_type: f5(slab) [ 18.440239] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.440295] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.440339] page dumped because: kasan: bad access detected [ 18.440374] [ 18.440394] Memory state around the buggy address: [ 18.440428] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.440475] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.440532] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.440574] ^ [ 18.440610] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.440653] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.440694] ================================================================== [ 18.296659] ================================================================== [ 18.296820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 18.297026] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.297154] [ 18.297268] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.297655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.297861] Hardware name: linux,dummy-virt (DT) [ 18.297964] Call trace: [ 18.298152] show_stack+0x20/0x38 (C) [ 18.298364] dump_stack_lvl+0x8c/0xd0 [ 18.298513] print_report+0x118/0x5d0 [ 18.298699] kasan_report+0xdc/0x128 [ 18.298785] __asan_report_store8_noabort+0x20/0x30 [ 18.298850] kasan_atomics_helper+0x3e5c/0x4858 [ 18.299082] kasan_atomics+0x198/0x2e0 [ 18.299254] kunit_try_run_case+0x170/0x3f0 [ 18.299493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.299685] kthread+0x328/0x630 [ 18.299810] ret_from_fork+0x10/0x20 [ 18.300013] [ 18.300073] Allocated by task 266: [ 18.300315] kasan_save_stack+0x3c/0x68 [ 18.300518] kasan_save_track+0x20/0x40 [ 18.300620] kasan_save_alloc_info+0x40/0x58 [ 18.300859] __kasan_kmalloc+0xd4/0xd8 [ 18.300966] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.301041] kasan_atomics+0xb8/0x2e0 [ 18.301093] kunit_try_run_case+0x170/0x3f0 [ 18.301132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.301233] kthread+0x328/0x630 [ 18.301269] ret_from_fork+0x10/0x20 [ 18.301307] [ 18.301339] The buggy address belongs to the object at fff00000c7941e80 [ 18.301339] which belongs to the cache kmalloc-64 of size 64 [ 18.301404] The buggy address is located 0 bytes to the right of [ 18.301404] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.301765] [ 18.301839] The buggy address belongs to the physical page: [ 18.301966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.302090] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.302320] page_type: f5(slab) [ 18.302429] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.302578] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.302628] page dumped because: kasan: bad access detected [ 18.302835] [ 18.303050] Memory state around the buggy address: [ 18.303130] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.303408] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.303559] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.303603] ^ [ 18.303818] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.303909] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.304053] ================================================================== [ 18.342282] ================================================================== [ 18.342339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 18.342393] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.342445] [ 18.342555] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.342666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.342695] Hardware name: linux,dummy-virt (DT) [ 18.342728] Call trace: [ 18.342757] show_stack+0x20/0x38 (C) [ 18.342810] dump_stack_lvl+0x8c/0xd0 [ 18.342858] print_report+0x118/0x5d0 [ 18.342911] kasan_report+0xdc/0x128 [ 18.342956] kasan_check_range+0x100/0x1a8 [ 18.343027] __kasan_check_write+0x20/0x30 [ 18.343074] kasan_atomics_helper+0x10c0/0x4858 [ 18.343127] kasan_atomics+0x198/0x2e0 [ 18.343174] kunit_try_run_case+0x170/0x3f0 [ 18.343221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.343285] kthread+0x328/0x630 [ 18.343327] ret_from_fork+0x10/0x20 [ 18.343393] [ 18.343425] Allocated by task 266: [ 18.343464] kasan_save_stack+0x3c/0x68 [ 18.343517] kasan_save_track+0x20/0x40 [ 18.343556] kasan_save_alloc_info+0x40/0x58 [ 18.343598] __kasan_kmalloc+0xd4/0xd8 [ 18.343640] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.343682] kasan_atomics+0xb8/0x2e0 [ 18.343719] kunit_try_run_case+0x170/0x3f0 [ 18.343767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.343812] kthread+0x328/0x630 [ 18.343845] ret_from_fork+0x10/0x20 [ 18.343884] [ 18.343905] The buggy address belongs to the object at fff00000c7941e80 [ 18.343905] which belongs to the cache kmalloc-64 of size 64 [ 18.343967] The buggy address is located 0 bytes to the right of [ 18.343967] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.344802] [ 18.344882] The buggy address belongs to the physical page: [ 18.344927] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.345002] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.345053] page_type: f5(slab) [ 18.345092] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.345404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.345766] page dumped because: kasan: bad access detected [ 18.345964] [ 18.345994] Memory state around the buggy address: [ 18.346032] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.346385] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.346680] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.346859] ^ [ 18.347011] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.347058] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.347130] ================================================================== [ 18.381550] ================================================================== [ 18.381623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 18.381676] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.381974] [ 18.382107] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.382258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382296] Hardware name: linux,dummy-virt (DT) [ 18.382338] Call trace: [ 18.382368] show_stack+0x20/0x38 (C) [ 18.382518] dump_stack_lvl+0x8c/0xd0 [ 18.382577] print_report+0x118/0x5d0 [ 18.382622] kasan_report+0xdc/0x128 [ 18.382916] kasan_check_range+0x100/0x1a8 [ 18.383086] __kasan_check_write+0x20/0x30 [ 18.383141] kasan_atomics_helper+0x12d8/0x4858 [ 18.383193] kasan_atomics+0x198/0x2e0 [ 18.383239] kunit_try_run_case+0x170/0x3f0 [ 18.383452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.383623] kthread+0x328/0x630 [ 18.383703] ret_from_fork+0x10/0x20 [ 18.383860] [ 18.383898] Allocated by task 266: [ 18.384086] kasan_save_stack+0x3c/0x68 [ 18.384141] kasan_save_track+0x20/0x40 [ 18.384225] kasan_save_alloc_info+0x40/0x58 [ 18.384271] __kasan_kmalloc+0xd4/0xd8 [ 18.384335] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.384376] kasan_atomics+0xb8/0x2e0 [ 18.384414] kunit_try_run_case+0x170/0x3f0 [ 18.384467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.384514] kthread+0x328/0x630 [ 18.384547] ret_from_fork+0x10/0x20 [ 18.384584] [ 18.384607] The buggy address belongs to the object at fff00000c7941e80 [ 18.384607] which belongs to the cache kmalloc-64 of size 64 [ 18.384678] The buggy address is located 0 bytes to the right of [ 18.384678] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.384748] [ 18.384769] The buggy address belongs to the physical page: [ 18.384803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.384858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.384917] page_type: f5(slab) [ 18.384958] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.385024] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.385069] page dumped because: kasan: bad access detected [ 18.385103] [ 18.385134] Memory state around the buggy address: [ 18.385168] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.385214] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.385272] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.385314] ^ [ 18.385356] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385401] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385442] ================================================================== [ 18.417137] ================================================================== [ 18.417401] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 18.417587] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.417686] [ 18.417735] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.417853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.417881] Hardware name: linux,dummy-virt (DT) [ 18.417913] Call trace: [ 18.417935] show_stack+0x20/0x38 (C) [ 18.418009] dump_stack_lvl+0x8c/0xd0 [ 18.418068] print_report+0x118/0x5d0 [ 18.418118] kasan_report+0xdc/0x128 [ 18.418163] kasan_check_range+0x100/0x1a8 [ 18.418224] __kasan_check_write+0x20/0x30 [ 18.418272] kasan_atomics_helper+0x14e4/0x4858 [ 18.418319] kasan_atomics+0x198/0x2e0 [ 18.418374] kunit_try_run_case+0x170/0x3f0 [ 18.418423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.418482] kthread+0x328/0x630 [ 18.418525] ret_from_fork+0x10/0x20 [ 18.418571] [ 18.418598] Allocated by task 266: [ 18.418631] kasan_save_stack+0x3c/0x68 [ 18.418684] kasan_save_track+0x20/0x40 [ 18.418723] kasan_save_alloc_info+0x40/0x58 [ 18.418765] __kasan_kmalloc+0xd4/0xd8 [ 18.418802] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.418843] kasan_atomics+0xb8/0x2e0 [ 18.418885] kunit_try_run_case+0x170/0x3f0 [ 18.418926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.418969] kthread+0x328/0x630 [ 18.419012] ret_from_fork+0x10/0x20 [ 18.419062] [ 18.419092] The buggy address belongs to the object at fff00000c7941e80 [ 18.419092] which belongs to the cache kmalloc-64 of size 64 [ 18.419163] The buggy address is located 0 bytes to the right of [ 18.419163] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.419236] [ 18.419258] The buggy address belongs to the physical page: [ 18.419292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.419347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.419396] page_type: f5(slab) [ 18.419440] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.419502] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.419551] page dumped because: kasan: bad access detected [ 18.419586] [ 18.419606] Memory state around the buggy address: [ 18.419644] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.419691] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.419735] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.419784] ^ [ 18.419819] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419862] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419902] ================================================================== [ 18.462806] ================================================================== [ 18.462963] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 18.463037] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.463245] [ 18.463276] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.463360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.463677] Hardware name: linux,dummy-virt (DT) [ 18.463709] Call trace: [ 18.463733] show_stack+0x20/0x38 (C) [ 18.463787] dump_stack_lvl+0x8c/0xd0 [ 18.463879] print_report+0x118/0x5d0 [ 18.463926] kasan_report+0xdc/0x128 [ 18.463975] kasan_check_range+0x100/0x1a8 [ 18.464035] __kasan_check_write+0x20/0x30 [ 18.464090] kasan_atomics_helper+0x175c/0x4858 [ 18.464140] kasan_atomics+0x198/0x2e0 [ 18.464185] kunit_try_run_case+0x170/0x3f0 [ 18.464233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.464287] kthread+0x328/0x630 [ 18.464417] ret_from_fork+0x10/0x20 [ 18.464520] [ 18.464541] Allocated by task 266: [ 18.464571] kasan_save_stack+0x3c/0x68 [ 18.464614] kasan_save_track+0x20/0x40 [ 18.464662] kasan_save_alloc_info+0x40/0x58 [ 18.464704] __kasan_kmalloc+0xd4/0xd8 [ 18.464842] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.464885] kasan_atomics+0xb8/0x2e0 [ 18.464923] kunit_try_run_case+0x170/0x3f0 [ 18.464962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.465018] kthread+0x328/0x630 [ 18.465051] ret_from_fork+0x10/0x20 [ 18.465090] [ 18.465111] The buggy address belongs to the object at fff00000c7941e80 [ 18.465111] which belongs to the cache kmalloc-64 of size 64 [ 18.465171] The buggy address is located 0 bytes to the right of [ 18.465171] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.465261] [ 18.465282] The buggy address belongs to the physical page: [ 18.465317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.465372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.465462] page_type: f5(slab) [ 18.465672] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.465737] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.465827] page dumped because: kasan: bad access detected [ 18.465923] [ 18.465945] Memory state around the buggy address: [ 18.465987] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.466200] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.466297] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.466377] ^ [ 18.466545] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.466591] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.466713] ================================================================== [ 18.457791] ================================================================== [ 18.457839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 18.457890] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.457942] [ 18.457971] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.458162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.458353] Hardware name: linux,dummy-virt (DT) [ 18.458387] Call trace: [ 18.458409] show_stack+0x20/0x38 (C) [ 18.458460] dump_stack_lvl+0x8c/0xd0 [ 18.458507] print_report+0x118/0x5d0 [ 18.458605] kasan_report+0xdc/0x128 [ 18.458855] __asan_report_load8_noabort+0x20/0x30 [ 18.458940] kasan_atomics_helper+0x3e10/0x4858 [ 18.459169] kasan_atomics+0x198/0x2e0 [ 18.459288] kunit_try_run_case+0x170/0x3f0 [ 18.459338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.459394] kthread+0x328/0x630 [ 18.459444] ret_from_fork+0x10/0x20 [ 18.459495] [ 18.459547] Allocated by task 266: [ 18.459623] kasan_save_stack+0x3c/0x68 [ 18.459693] kasan_save_track+0x20/0x40 [ 18.459764] kasan_save_alloc_info+0x40/0x58 [ 18.459806] __kasan_kmalloc+0xd4/0xd8 [ 18.459866] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.460891] kasan_atomics+0xb8/0x2e0 [ 18.460932] kunit_try_run_case+0x170/0x3f0 [ 18.460970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.461138] kthread+0x328/0x630 [ 18.461176] ret_from_fork+0x10/0x20 [ 18.461215] [ 18.461315] The buggy address belongs to the object at fff00000c7941e80 [ 18.461315] which belongs to the cache kmalloc-64 of size 64 [ 18.461404] The buggy address is located 0 bytes to the right of [ 18.461404] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.461529] [ 18.461551] The buggy address belongs to the physical page: [ 18.461584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.461655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.461705] page_type: f5(slab) [ 18.461744] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.461798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.461842] page dumped because: kasan: bad access detected [ 18.461876] [ 18.461896] Memory state around the buggy address: [ 18.461929] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.461976] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.462032] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.462073] ^ [ 18.462108] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.462216] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.462257] ================================================================== [ 18.327145] ================================================================== [ 18.327221] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 18.327356] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.327411] [ 18.327464] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.327552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.327582] Hardware name: linux,dummy-virt (DT) [ 18.327702] Call trace: [ 18.327728] show_stack+0x20/0x38 (C) [ 18.327793] dump_stack_lvl+0x8c/0xd0 [ 18.327844] print_report+0x118/0x5d0 [ 18.327890] kasan_report+0xdc/0x128 [ 18.327936] kasan_check_range+0x100/0x1a8 [ 18.328238] __kasan_check_write+0x20/0x30 [ 18.328467] kasan_atomics_helper+0xff0/0x4858 [ 18.328646] kasan_atomics+0x198/0x2e0 [ 18.328721] kunit_try_run_case+0x170/0x3f0 [ 18.328861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.328955] kthread+0x328/0x630 [ 18.329176] ret_from_fork+0x10/0x20 [ 18.329257] [ 18.329277] Allocated by task 266: [ 18.329516] kasan_save_stack+0x3c/0x68 [ 18.329701] kasan_save_track+0x20/0x40 [ 18.329771] kasan_save_alloc_info+0x40/0x58 [ 18.330034] __kasan_kmalloc+0xd4/0xd8 [ 18.330109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.330272] kasan_atomics+0xb8/0x2e0 [ 18.330456] kunit_try_run_case+0x170/0x3f0 [ 18.330562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.330644] kthread+0x328/0x630 [ 18.330910] ret_from_fork+0x10/0x20 [ 18.331030] [ 18.331101] The buggy address belongs to the object at fff00000c7941e80 [ 18.331101] which belongs to the cache kmalloc-64 of size 64 [ 18.331426] The buggy address is located 0 bytes to the right of [ 18.331426] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.331545] [ 18.331638] The buggy address belongs to the physical page: [ 18.331674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.331731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.331779] page_type: f5(slab) [ 18.331836] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.331900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.331961] page dumped because: kasan: bad access detected [ 18.332015] [ 18.332055] Memory state around the buggy address: [ 18.332096] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.332144] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.332190] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.332246] ^ [ 18.332283] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.332327] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.332368] ================================================================== [ 18.441302] ================================================================== [ 18.441353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 18.441414] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.441531] [ 18.441562] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.441646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.441674] Hardware name: linux,dummy-virt (DT) [ 18.441707] Call trace: [ 18.441729] show_stack+0x20/0x38 (C) [ 18.441780] dump_stack_lvl+0x8c/0xd0 [ 18.441827] print_report+0x118/0x5d0 [ 18.441875] kasan_report+0xdc/0x128 [ 18.441921] __asan_report_load8_noabort+0x20/0x30 [ 18.442058] kasan_atomics_helper+0x3db0/0x4858 [ 18.442112] kasan_atomics+0x198/0x2e0 [ 18.442158] kunit_try_run_case+0x170/0x3f0 [ 18.442207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.442262] kthread+0x328/0x630 [ 18.442304] ret_from_fork+0x10/0x20 [ 18.442362] [ 18.442382] Allocated by task 266: [ 18.442412] kasan_save_stack+0x3c/0x68 [ 18.442453] kasan_save_track+0x20/0x40 [ 18.442492] kasan_save_alloc_info+0x40/0x58 [ 18.442533] __kasan_kmalloc+0xd4/0xd8 [ 18.442572] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.442632] kasan_atomics+0xb8/0x2e0 [ 18.442795] kunit_try_run_case+0x170/0x3f0 [ 18.442996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.443044] kthread+0x328/0x630 [ 18.443077] ret_from_fork+0x10/0x20 [ 18.443113] [ 18.443134] The buggy address belongs to the object at fff00000c7941e80 [ 18.443134] which belongs to the cache kmalloc-64 of size 64 [ 18.443196] The buggy address is located 0 bytes to the right of [ 18.443196] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.443270] [ 18.443360] The buggy address belongs to the physical page: [ 18.443537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.443677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.443786] page_type: f5(slab) [ 18.443992] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.444047] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.444092] page dumped because: kasan: bad access detected [ 18.444125] [ 18.444145] Memory state around the buggy address: [ 18.444178] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.444225] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.444270] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.444312] ^ [ 18.444347] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.444392] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.444434] ================================================================== [ 18.358148] ================================================================== [ 18.358209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 18.358340] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.358473] [ 18.358563] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.358848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.359033] Hardware name: linux,dummy-virt (DT) [ 18.359093] Call trace: [ 18.359144] show_stack+0x20/0x38 (C) [ 18.359205] dump_stack_lvl+0x8c/0xd0 [ 18.359429] print_report+0x118/0x5d0 [ 18.359544] kasan_report+0xdc/0x128 [ 18.359642] kasan_check_range+0x100/0x1a8 [ 18.359778] __kasan_check_write+0x20/0x30 [ 18.359907] kasan_atomics_helper+0x1190/0x4858 [ 18.359959] kasan_atomics+0x198/0x2e0 [ 18.360127] kunit_try_run_case+0x170/0x3f0 [ 18.360195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.360250] kthread+0x328/0x630 [ 18.360443] ret_from_fork+0x10/0x20 [ 18.360507] [ 18.360579] Allocated by task 266: [ 18.360627] kasan_save_stack+0x3c/0x68 [ 18.360718] kasan_save_track+0x20/0x40 [ 18.360901] kasan_save_alloc_info+0x40/0x58 [ 18.360962] __kasan_kmalloc+0xd4/0xd8 [ 18.361090] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.361289] kasan_atomics+0xb8/0x2e0 [ 18.361466] kunit_try_run_case+0x170/0x3f0 [ 18.361532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.361688] kthread+0x328/0x630 [ 18.361725] ret_from_fork+0x10/0x20 [ 18.361896] [ 18.362099] The buggy address belongs to the object at fff00000c7941e80 [ 18.362099] which belongs to the cache kmalloc-64 of size 64 [ 18.362276] The buggy address is located 0 bytes to the right of [ 18.362276] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.362501] [ 18.362745] The buggy address belongs to the physical page: [ 18.362783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.362840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.362902] page_type: f5(slab) [ 18.362942] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.363031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.363096] page dumped because: kasan: bad access detected [ 18.363141] [ 18.363170] Memory state around the buggy address: [ 18.363217] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363275] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.363321] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.363372] ^ [ 18.363408] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.363466] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.363524] ================================================================== [ 18.264275] ================================================================== [ 18.264345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 18.264398] Write of size 4 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.264452] [ 18.264483] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.264565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.264594] Hardware name: linux,dummy-virt (DT) [ 18.264626] Call trace: [ 18.264649] show_stack+0x20/0x38 (C) [ 18.264696] dump_stack_lvl+0x8c/0xd0 [ 18.264744] print_report+0x118/0x5d0 [ 18.264793] kasan_report+0xdc/0x128 [ 18.264893] kasan_check_range+0x100/0x1a8 [ 18.264946] __kasan_check_write+0x20/0x30 [ 18.265004] kasan_atomics_helper+0xd3c/0x4858 [ 18.265052] kasan_atomics+0x198/0x2e0 [ 18.265097] kunit_try_run_case+0x170/0x3f0 [ 18.265145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.265214] kthread+0x328/0x630 [ 18.265257] ret_from_fork+0x10/0x20 [ 18.265314] [ 18.265334] Allocated by task 266: [ 18.265364] kasan_save_stack+0x3c/0x68 [ 18.265407] kasan_save_track+0x20/0x40 [ 18.265454] kasan_save_alloc_info+0x40/0x58 [ 18.265496] __kasan_kmalloc+0xd4/0xd8 [ 18.265533] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.265589] kasan_atomics+0xb8/0x2e0 [ 18.265638] kunit_try_run_case+0x170/0x3f0 [ 18.265679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.265732] kthread+0x328/0x630 [ 18.265776] ret_from_fork+0x10/0x20 [ 18.265814] [ 18.265843] The buggy address belongs to the object at fff00000c7941e80 [ 18.265843] which belongs to the cache kmalloc-64 of size 64 [ 18.265913] The buggy address is located 0 bytes to the right of [ 18.265913] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.266284] [ 18.266654] The buggy address belongs to the physical page: [ 18.266701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.266762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.266872] page_type: f5(slab) [ 18.267061] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.267348] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.267466] page dumped because: kasan: bad access detected [ 18.267592] [ 18.267615] Memory state around the buggy address: [ 18.267652] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.268084] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.268208] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.268451] ^ [ 18.268654] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.268876] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.269129] ================================================================== [ 18.467028] ================================================================== [ 18.467075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 18.467125] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.467177] [ 18.467206] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.467288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.467317] Hardware name: linux,dummy-virt (DT) [ 18.467349] Call trace: [ 18.467372] show_stack+0x20/0x38 (C) [ 18.467456] dump_stack_lvl+0x8c/0xd0 [ 18.467612] print_report+0x118/0x5d0 [ 18.467659] kasan_report+0xdc/0x128 [ 18.467708] __asan_report_load8_noabort+0x20/0x30 [ 18.467762] kasan_atomics_helper+0x3e20/0x4858 [ 18.467812] kasan_atomics+0x198/0x2e0 [ 18.467860] kunit_try_run_case+0x170/0x3f0 [ 18.467909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.468021] kthread+0x328/0x630 [ 18.468143] ret_from_fork+0x10/0x20 [ 18.468215] [ 18.468315] Allocated by task 266: [ 18.468349] kasan_save_stack+0x3c/0x68 [ 18.468391] kasan_save_track+0x20/0x40 [ 18.468438] kasan_save_alloc_info+0x40/0x58 [ 18.468881] __kasan_kmalloc+0xd4/0xd8 [ 18.469011] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.469053] kasan_atomics+0xb8/0x2e0 [ 18.469103] kunit_try_run_case+0x170/0x3f0 [ 18.469183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.469316] kthread+0x328/0x630 [ 18.469528] ret_from_fork+0x10/0x20 [ 18.469575] [ 18.469597] The buggy address belongs to the object at fff00000c7941e80 [ 18.469597] which belongs to the cache kmalloc-64 of size 64 [ 18.469659] The buggy address is located 0 bytes to the right of [ 18.469659] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.469729] [ 18.469749] The buggy address belongs to the physical page: [ 18.469784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.469840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.469892] page_type: f5(slab) [ 18.469929] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.469994] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.470038] page dumped because: kasan: bad access detected [ 18.470073] [ 18.470133] Memory state around the buggy address: [ 18.470214] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.470290] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.470337] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.470482] ^ [ 18.470517] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.470562] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.470604] ================================================================== [ 18.373700] ================================================================== [ 18.373808] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 18.373951] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.374018] [ 18.374050] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.374373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.374418] Hardware name: linux,dummy-virt (DT) [ 18.374626] Call trace: [ 18.374652] show_stack+0x20/0x38 (C) [ 18.374812] dump_stack_lvl+0x8c/0xd0 [ 18.374873] print_report+0x118/0x5d0 [ 18.375206] kasan_report+0xdc/0x128 [ 18.375316] kasan_check_range+0x100/0x1a8 [ 18.375367] __kasan_check_write+0x20/0x30 [ 18.375412] kasan_atomics_helper+0x126c/0x4858 [ 18.375649] kasan_atomics+0x198/0x2e0 [ 18.375856] kunit_try_run_case+0x170/0x3f0 [ 18.375940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.376129] kthread+0x328/0x630 [ 18.376180] ret_from_fork+0x10/0x20 [ 18.376236] [ 18.376440] Allocated by task 266: [ 18.376485] kasan_save_stack+0x3c/0x68 [ 18.376586] kasan_save_track+0x20/0x40 [ 18.376641] kasan_save_alloc_info+0x40/0x58 [ 18.376684] __kasan_kmalloc+0xd4/0xd8 [ 18.376729] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.376769] kasan_atomics+0xb8/0x2e0 [ 18.377153] kunit_try_run_case+0x170/0x3f0 [ 18.377359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.377411] kthread+0x328/0x630 [ 18.377471] ret_from_fork+0x10/0x20 [ 18.377516] [ 18.377539] The buggy address belongs to the object at fff00000c7941e80 [ 18.377539] which belongs to the cache kmalloc-64 of size 64 [ 18.377601] The buggy address is located 0 bytes to the right of [ 18.377601] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.377827] [ 18.377946] The buggy address belongs to the physical page: [ 18.378155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.378299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.378469] page_type: f5(slab) [ 18.378542] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.378615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.378863] page dumped because: kasan: bad access detected [ 18.378957] [ 18.379003] Memory state around the buggy address: [ 18.379044] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.379097] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.379141] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.379183] ^ [ 18.379219] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.379264] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.379386] ================================================================== [ 18.449202] ================================================================== [ 18.449257] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 18.449309] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.449362] [ 18.449402] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.449486] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.449515] Hardware name: linux,dummy-virt (DT) [ 18.449550] Call trace: [ 18.449577] show_stack+0x20/0x38 (C) [ 18.449626] dump_stack_lvl+0x8c/0xd0 [ 18.449687] print_report+0x118/0x5d0 [ 18.449753] kasan_report+0xdc/0x128 [ 18.449800] __asan_report_load8_noabort+0x20/0x30 [ 18.450134] kasan_atomics_helper+0x3df4/0x4858 [ 18.450206] kasan_atomics+0x198/0x2e0 [ 18.450440] kunit_try_run_case+0x170/0x3f0 [ 18.450691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.450967] kthread+0x328/0x630 [ 18.451021] ret_from_fork+0x10/0x20 [ 18.451069] [ 18.451089] Allocated by task 266: [ 18.451118] kasan_save_stack+0x3c/0x68 [ 18.451160] kasan_save_track+0x20/0x40 [ 18.451198] kasan_save_alloc_info+0x40/0x58 [ 18.451240] __kasan_kmalloc+0xd4/0xd8 [ 18.451277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.451318] kasan_atomics+0xb8/0x2e0 [ 18.451363] kunit_try_run_case+0x170/0x3f0 [ 18.451404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.451454] kthread+0x328/0x630 [ 18.451489] ret_from_fork+0x10/0x20 [ 18.451525] [ 18.451544] The buggy address belongs to the object at fff00000c7941e80 [ 18.451544] which belongs to the cache kmalloc-64 of size 64 [ 18.451604] The buggy address is located 0 bytes to the right of [ 18.451604] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.451822] [ 18.451844] The buggy address belongs to the physical page: [ 18.451884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.452005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.452055] page_type: f5(slab) [ 18.452094] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.452147] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.452192] page dumped because: kasan: bad access detected [ 18.452322] [ 18.452371] Memory state around the buggy address: [ 18.452403] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.452450] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.452502] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.452636] ^ [ 18.452672] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.452719] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.452816] ================================================================== [ 18.395907] ================================================================== [ 18.396015] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 18.396159] Read of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.396213] [ 18.396283] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.396476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.396522] Hardware name: linux,dummy-virt (DT) [ 18.396611] Call trace: [ 18.396842] show_stack+0x20/0x38 (C) [ 18.397164] dump_stack_lvl+0x8c/0xd0 [ 18.397449] print_report+0x118/0x5d0 [ 18.397514] kasan_report+0xdc/0x128 [ 18.397575] __asan_report_load8_noabort+0x20/0x30 [ 18.398023] kasan_atomics_helper+0x3f04/0x4858 [ 18.398131] kasan_atomics+0x198/0x2e0 [ 18.398346] kunit_try_run_case+0x170/0x3f0 [ 18.398459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.398530] kthread+0x328/0x630 [ 18.398572] ret_from_fork+0x10/0x20 [ 18.398648] [ 18.398692] Allocated by task 266: [ 18.398734] kasan_save_stack+0x3c/0x68 [ 18.398786] kasan_save_track+0x20/0x40 [ 18.398826] kasan_save_alloc_info+0x40/0x58 [ 18.398876] __kasan_kmalloc+0xd4/0xd8 [ 18.398925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.398974] kasan_atomics+0xb8/0x2e0 [ 18.399023] kunit_try_run_case+0x170/0x3f0 [ 18.399061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.399107] kthread+0x328/0x630 [ 18.399140] ret_from_fork+0x10/0x20 [ 18.399176] [ 18.399198] The buggy address belongs to the object at fff00000c7941e80 [ 18.399198] which belongs to the cache kmalloc-64 of size 64 [ 18.399259] The buggy address is located 0 bytes to the right of [ 18.399259] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.399328] [ 18.399348] The buggy address belongs to the physical page: [ 18.399400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.399463] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.399512] page_type: f5(slab) [ 18.399561] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.399624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.399669] page dumped because: kasan: bad access detected [ 18.399704] [ 18.399724] Memory state around the buggy address: [ 18.399767] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.399812] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.399872] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.399913] ^ [ 18.399953] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.400008] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.400048] ================================================================== [ 18.348056] ================================================================== [ 18.348141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 18.348195] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.348419] [ 18.348497] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.348623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.348671] Hardware name: linux,dummy-virt (DT) [ 18.348705] Call trace: [ 18.348755] show_stack+0x20/0x38 (C) [ 18.349041] dump_stack_lvl+0x8c/0xd0 [ 18.349211] print_report+0x118/0x5d0 [ 18.349265] kasan_report+0xdc/0x128 [ 18.349576] kasan_check_range+0x100/0x1a8 [ 18.349670] __kasan_check_write+0x20/0x30 [ 18.349949] kasan_atomics_helper+0x1128/0x4858 [ 18.350111] kasan_atomics+0x198/0x2e0 [ 18.350284] kunit_try_run_case+0x170/0x3f0 [ 18.350414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.350596] kthread+0x328/0x630 [ 18.350641] ret_from_fork+0x10/0x20 [ 18.350993] [ 18.351037] Allocated by task 266: [ 18.351167] kasan_save_stack+0x3c/0x68 [ 18.351343] kasan_save_track+0x20/0x40 [ 18.351630] kasan_save_alloc_info+0x40/0x58 [ 18.351823] __kasan_kmalloc+0xd4/0xd8 [ 18.351922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.352005] kasan_atomics+0xb8/0x2e0 [ 18.352050] kunit_try_run_case+0x170/0x3f0 [ 18.352276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.352480] kthread+0x328/0x630 [ 18.352958] ret_from_fork+0x10/0x20 [ 18.353159] [ 18.353259] The buggy address belongs to the object at fff00000c7941e80 [ 18.353259] which belongs to the cache kmalloc-64 of size 64 [ 18.353492] The buggy address is located 0 bytes to the right of [ 18.353492] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.353631] [ 18.353694] The buggy address belongs to the physical page: [ 18.353833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.353937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.354321] page_type: f5(slab) [ 18.354365] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.354630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.355071] page dumped because: kasan: bad access detected [ 18.355255] [ 18.355355] Memory state around the buggy address: [ 18.355521] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.355571] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.355776] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.356151] ^ [ 18.356274] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.356474] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.356534] ================================================================== [ 18.470849] ================================================================== [ 18.470899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 18.470948] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.471016] [ 18.471047] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.471129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.471158] Hardware name: linux,dummy-virt (DT) [ 18.471190] Call trace: [ 18.471213] show_stack+0x20/0x38 (C) [ 18.471261] dump_stack_lvl+0x8c/0xd0 [ 18.471308] print_report+0x118/0x5d0 [ 18.471364] kasan_report+0xdc/0x128 [ 18.471605] kasan_check_range+0x100/0x1a8 [ 18.471742] __kasan_check_write+0x20/0x30 [ 18.471841] kasan_atomics_helper+0x17ec/0x4858 [ 18.472008] kasan_atomics+0x198/0x2e0 [ 18.472054] kunit_try_run_case+0x170/0x3f0 [ 18.472101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.472154] kthread+0x328/0x630 [ 18.472198] ret_from_fork+0x10/0x20 [ 18.472244] [ 18.472265] Allocated by task 266: [ 18.472292] kasan_save_stack+0x3c/0x68 [ 18.472334] kasan_save_track+0x20/0x40 [ 18.472373] kasan_save_alloc_info+0x40/0x58 [ 18.472415] __kasan_kmalloc+0xd4/0xd8 [ 18.472452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.472538] kasan_atomics+0xb8/0x2e0 [ 18.473035] kunit_try_run_case+0x170/0x3f0 [ 18.473084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.473130] kthread+0x328/0x630 [ 18.473164] ret_from_fork+0x10/0x20 [ 18.473200] [ 18.473223] The buggy address belongs to the object at fff00000c7941e80 [ 18.473223] which belongs to the cache kmalloc-64 of size 64 [ 18.473283] The buggy address is located 0 bytes to the right of [ 18.473283] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.473351] [ 18.473371] The buggy address belongs to the physical page: [ 18.473404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.473459] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.473509] page_type: f5(slab) [ 18.473546] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.473600] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.473644] page dumped because: kasan: bad access detected [ 18.473678] [ 18.473699] Memory state around the buggy address: [ 18.473732] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.473779] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.473824] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.473866] ^ [ 18.473899] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.473945] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.474048] ================================================================== [ 18.410385] ================================================================== [ 18.410567] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 18.410621] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.410673] [ 18.410801] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.411094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.411237] Hardware name: linux,dummy-virt (DT) [ 18.411273] Call trace: [ 18.411328] show_stack+0x20/0x38 (C) [ 18.411410] dump_stack_lvl+0x8c/0xd0 [ 18.411469] print_report+0x118/0x5d0 [ 18.411668] kasan_report+0xdc/0x128 [ 18.411740] kasan_check_range+0x100/0x1a8 [ 18.411828] __kasan_check_write+0x20/0x30 [ 18.411915] kasan_atomics_helper+0x147c/0x4858 [ 18.412043] kasan_atomics+0x198/0x2e0 [ 18.412106] kunit_try_run_case+0x170/0x3f0 [ 18.412155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.412214] kthread+0x328/0x630 [ 18.412382] ret_from_fork+0x10/0x20 [ 18.412533] [ 18.412578] Allocated by task 266: [ 18.412617] kasan_save_stack+0x3c/0x68 [ 18.412671] kasan_save_track+0x20/0x40 [ 18.412867] kasan_save_alloc_info+0x40/0x58 [ 18.413079] __kasan_kmalloc+0xd4/0xd8 [ 18.413272] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.413378] kasan_atomics+0xb8/0x2e0 [ 18.413512] kunit_try_run_case+0x170/0x3f0 [ 18.413555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.413725] kthread+0x328/0x630 [ 18.413897] ret_from_fork+0x10/0x20 [ 18.414048] [ 18.414116] The buggy address belongs to the object at fff00000c7941e80 [ 18.414116] which belongs to the cache kmalloc-64 of size 64 [ 18.414333] The buggy address is located 0 bytes to the right of [ 18.414333] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.414538] [ 18.414618] The buggy address belongs to the physical page: [ 18.414690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.414747] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.414797] page_type: f5(slab) [ 18.415031] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.415157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.415257] page dumped because: kasan: bad access detected [ 18.415585] [ 18.415655] Memory state around the buggy address: [ 18.415694] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.416006] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.416062] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.416265] ^ [ 18.416423] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.416480] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.416638] ================================================================== [ 18.444555] ================================================================== [ 18.444599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 18.444762] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.444856] [ 18.444915] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.445019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.445049] Hardware name: linux,dummy-virt (DT) [ 18.445080] Call trace: [ 18.445105] show_stack+0x20/0x38 (C) [ 18.445152] dump_stack_lvl+0x8c/0xd0 [ 18.445201] print_report+0x118/0x5d0 [ 18.445247] kasan_report+0xdc/0x128 [ 18.445294] kasan_check_range+0x100/0x1a8 [ 18.445344] __kasan_check_write+0x20/0x30 [ 18.445405] kasan_atomics_helper+0x1644/0x4858 [ 18.445455] kasan_atomics+0x198/0x2e0 [ 18.445514] kunit_try_run_case+0x170/0x3f0 [ 18.445562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.445664] kthread+0x328/0x630 [ 18.445821] ret_from_fork+0x10/0x20 [ 18.445877] [ 18.445897] Allocated by task 266: [ 18.445927] kasan_save_stack+0x3c/0x68 [ 18.445967] kasan_save_track+0x20/0x40 [ 18.446021] kasan_save_alloc_info+0x40/0x58 [ 18.446062] __kasan_kmalloc+0xd4/0xd8 [ 18.446101] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.446141] kasan_atomics+0xb8/0x2e0 [ 18.446278] kunit_try_run_case+0x170/0x3f0 [ 18.446444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.446536] kthread+0x328/0x630 [ 18.446570] ret_from_fork+0x10/0x20 [ 18.446607] [ 18.446629] The buggy address belongs to the object at fff00000c7941e80 [ 18.446629] which belongs to the cache kmalloc-64 of size 64 [ 18.446690] The buggy address is located 0 bytes to the right of [ 18.446690] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.446768] [ 18.446789] The buggy address belongs to the physical page: [ 18.446823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.446877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.446929] page_type: f5(slab) [ 18.446970] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.447034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.447203] page dumped because: kasan: bad access detected [ 18.447273] [ 18.447294] Memory state around the buggy address: [ 18.447327] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.447417] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.447483] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.447526] ^ [ 18.447569] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.447825] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.448461] ================================================================== [ 18.385608] ================================================================== [ 18.385702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 18.385752] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.385805] [ 18.385836] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.386792] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.387069] Hardware name: linux,dummy-virt (DT) [ 18.387122] Call trace: [ 18.387294] show_stack+0x20/0x38 (C) [ 18.387600] dump_stack_lvl+0x8c/0xd0 [ 18.387711] print_report+0x118/0x5d0 [ 18.387848] kasan_report+0xdc/0x128 [ 18.388121] kasan_check_range+0x100/0x1a8 [ 18.388179] __kasan_check_write+0x20/0x30 [ 18.388408] kasan_atomics_helper+0x1384/0x4858 [ 18.388620] kasan_atomics+0x198/0x2e0 [ 18.389133] kunit_try_run_case+0x170/0x3f0 [ 18.389345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.389468] kthread+0x328/0x630 [ 18.389559] ret_from_fork+0x10/0x20 [ 18.389616] [ 18.389794] Allocated by task 266: [ 18.389867] kasan_save_stack+0x3c/0x68 [ 18.389914] kasan_save_track+0x20/0x40 [ 18.389955] kasan_save_alloc_info+0x40/0x58 [ 18.390148] __kasan_kmalloc+0xd4/0xd8 [ 18.390483] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.390664] kasan_atomics+0xb8/0x2e0 [ 18.390905] kunit_try_run_case+0x170/0x3f0 [ 18.391027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.391426] kthread+0x328/0x630 [ 18.391585] ret_from_fork+0x10/0x20 [ 18.391684] [ 18.391780] The buggy address belongs to the object at fff00000c7941e80 [ 18.391780] which belongs to the cache kmalloc-64 of size 64 [ 18.392055] The buggy address is located 0 bytes to the right of [ 18.392055] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.392172] [ 18.392194] The buggy address belongs to the physical page: [ 18.392229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.392582] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.392853] page_type: f5(slab) [ 18.392900] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.393072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.393171] page dumped because: kasan: bad access detected [ 18.393207] [ 18.393227] Memory state around the buggy address: [ 18.393289] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.393336] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.393607] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.393834] ^ [ 18.394143] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.394327] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.394438] ================================================================== [ 18.332599] ================================================================== [ 18.332946] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 18.333057] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.333119] [ 18.333149] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.333234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.333280] Hardware name: linux,dummy-virt (DT) [ 18.333509] Call trace: [ 18.333644] show_stack+0x20/0x38 (C) [ 18.333908] dump_stack_lvl+0x8c/0xd0 [ 18.334088] print_report+0x118/0x5d0 [ 18.334198] kasan_report+0xdc/0x128 [ 18.334245] kasan_check_range+0x100/0x1a8 [ 18.334308] __kasan_check_write+0x20/0x30 [ 18.334715] kasan_atomics_helper+0x1058/0x4858 [ 18.334847] kasan_atomics+0x198/0x2e0 [ 18.335141] kunit_try_run_case+0x170/0x3f0 [ 18.335256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.335391] kthread+0x328/0x630 [ 18.335591] ret_from_fork+0x10/0x20 [ 18.335746] [ 18.335790] Allocated by task 266: [ 18.336003] kasan_save_stack+0x3c/0x68 [ 18.336098] kasan_save_track+0x20/0x40 [ 18.336172] kasan_save_alloc_info+0x40/0x58 [ 18.336325] __kasan_kmalloc+0xd4/0xd8 [ 18.336595] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.336814] kasan_atomics+0xb8/0x2e0 [ 18.336916] kunit_try_run_case+0x170/0x3f0 [ 18.337087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.337237] kthread+0x328/0x630 [ 18.337297] ret_from_fork+0x10/0x20 [ 18.337646] [ 18.337799] The buggy address belongs to the object at fff00000c7941e80 [ 18.337799] which belongs to the cache kmalloc-64 of size 64 [ 18.338019] The buggy address is located 0 bytes to the right of [ 18.338019] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.338185] [ 18.338334] The buggy address belongs to the physical page: [ 18.338400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.338739] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.338820] page_type: f5(slab) [ 18.338966] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.339071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.339398] page dumped because: kasan: bad access detected [ 18.339481] [ 18.339672] Memory state around the buggy address: [ 18.339713] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.339766] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.340065] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.340319] ^ [ 18.340648] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.340763] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.340805] ================================================================== [ 18.311207] ================================================================== [ 18.311388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 18.311452] Write of size 8 at addr fff00000c7941eb0 by task kunit_try_catch/266 [ 18.311562] [ 18.311621] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.312079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.312149] Hardware name: linux,dummy-virt (DT) [ 18.312193] Call trace: [ 18.312309] show_stack+0x20/0x38 (C) [ 18.312384] dump_stack_lvl+0x8c/0xd0 [ 18.312573] print_report+0x118/0x5d0 [ 18.312627] kasan_report+0xdc/0x128 [ 18.312673] kasan_check_range+0x100/0x1a8 [ 18.312791] __kasan_check_write+0x20/0x30 [ 18.312856] kasan_atomics_helper+0xf20/0x4858 [ 18.312905] kasan_atomics+0x198/0x2e0 [ 18.312956] kunit_try_run_case+0x170/0x3f0 [ 18.313231] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.313363] kthread+0x328/0x630 [ 18.313608] ret_from_fork+0x10/0x20 [ 18.313779] [ 18.313882] Allocated by task 266: [ 18.313972] kasan_save_stack+0x3c/0x68 [ 18.314100] kasan_save_track+0x20/0x40 [ 18.314287] kasan_save_alloc_info+0x40/0x58 [ 18.314415] __kasan_kmalloc+0xd4/0xd8 [ 18.314461] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.314728] kasan_atomics+0xb8/0x2e0 [ 18.314863] kunit_try_run_case+0x170/0x3f0 [ 18.315139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.315266] kthread+0x328/0x630 [ 18.315337] ret_from_fork+0x10/0x20 [ 18.315416] [ 18.315590] The buggy address belongs to the object at fff00000c7941e80 [ 18.315590] which belongs to the cache kmalloc-64 of size 64 [ 18.315946] The buggy address is located 0 bytes to the right of [ 18.315946] allocated 48-byte region [fff00000c7941e80, fff00000c7941eb0) [ 18.316083] [ 18.316155] The buggy address belongs to the physical page: [ 18.316566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107941 [ 18.316703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.316958] page_type: f5(slab) [ 18.317229] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.317310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.317506] page dumped because: kasan: bad access detected [ 18.317629] [ 18.317756] Memory state around the buggy address: [ 18.317816] fff00000c7941d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.318031] fff00000c7941e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.318132] >fff00000c7941e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.318314] ^ [ 18.318401] fff00000c7941f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318458] fff00000c7941f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318534] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 17.879288] ================================================================== [ 17.879373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.879432] Read of size 8 at addr fff00000c433ec88 by task kunit_try_catch/262 [ 17.879509] [ 17.879566] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.879678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.879747] Hardware name: linux,dummy-virt (DT) [ 17.879806] Call trace: [ 17.879879] show_stack+0x20/0x38 (C) [ 17.879960] dump_stack_lvl+0x8c/0xd0 [ 17.880051] print_report+0x118/0x5d0 [ 17.880117] kasan_report+0xdc/0x128 [ 17.880187] __asan_report_load8_noabort+0x20/0x30 [ 17.880241] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.880313] kasan_bitops_generic+0x110/0x1c8 [ 17.880542] kunit_try_run_case+0x170/0x3f0 [ 17.880652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.880718] kthread+0x328/0x630 [ 17.880790] ret_from_fork+0x10/0x20 [ 17.880882] [ 17.880995] Allocated by task 262: [ 17.881038] kasan_save_stack+0x3c/0x68 [ 17.881082] kasan_save_track+0x20/0x40 [ 17.881122] kasan_save_alloc_info+0x40/0x58 [ 17.881162] __kasan_kmalloc+0xd4/0xd8 [ 17.881200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.881251] kasan_bitops_generic+0xa0/0x1c8 [ 17.881292] kunit_try_run_case+0x170/0x3f0 [ 17.881474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.881552] kthread+0x328/0x630 [ 17.881636] ret_from_fork+0x10/0x20 [ 17.881746] [ 17.881804] The buggy address belongs to the object at fff00000c433ec80 [ 17.881804] which belongs to the cache kmalloc-16 of size 16 [ 17.881952] The buggy address is located 8 bytes inside of [ 17.881952] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.882031] [ 17.882052] The buggy address belongs to the physical page: [ 17.882085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 17.882142] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.882378] page_type: f5(slab) [ 17.882459] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.882542] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.882612] page dumped because: kasan: bad access detected [ 17.882657] [ 17.882678] Memory state around the buggy address: [ 17.882712] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.882882] fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.882957] >fff00000c433ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.883010] ^ [ 17.883060] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.883117] fff00000c433ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.883160] ================================================================== [ 17.884159] ================================================================== [ 17.884219] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.884272] Write of size 8 at addr fff00000c433ec88 by task kunit_try_catch/262 [ 17.884325] [ 17.884358] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.884455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.884484] Hardware name: linux,dummy-virt (DT) [ 17.884518] Call trace: [ 17.884541] show_stack+0x20/0x38 (C) [ 17.884589] dump_stack_lvl+0x8c/0xd0 [ 17.884638] print_report+0x118/0x5d0 [ 17.884685] kasan_report+0xdc/0x128 [ 17.884732] kasan_check_range+0x100/0x1a8 [ 17.884780] __kasan_check_write+0x20/0x30 [ 17.884840] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 17.884902] kasan_bitops_generic+0x110/0x1c8 [ 17.884950] kunit_try_run_case+0x170/0x3f0 [ 17.885010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.885062] kthread+0x328/0x630 [ 17.885340] ret_from_fork+0x10/0x20 [ 17.885524] [ 17.885605] Allocated by task 262: [ 17.885645] kasan_save_stack+0x3c/0x68 [ 17.885687] kasan_save_track+0x20/0x40 [ 17.885727] kasan_save_alloc_info+0x40/0x58 [ 17.885878] __kasan_kmalloc+0xd4/0xd8 [ 17.885991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.886073] kasan_bitops_generic+0xa0/0x1c8 [ 17.886183] kunit_try_run_case+0x170/0x3f0 [ 17.886318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.886445] kthread+0x328/0x630 [ 17.887132] The buggy address is located 8 bytes inside of [ 17.887132] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.888652] >fff00000c433ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.889596] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.890331] print_report+0x118/0x5d0 [ 17.891054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.892166] The buggy address is located 8 bytes inside of [ 17.892166] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.892488] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.892799] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.893782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.894085] kasan_report+0xdc/0x128 [ 17.894679] ret_from_fork+0x10/0x20 [ 17.895318] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.895836] [ 17.896334] page_type: f5(slab) [ 17.896446] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.896932] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.897917] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.899678] kasan_save_track+0x20/0x40 [ 17.900334] The buggy address belongs to the object at fff00000c433ec80 [ 17.900334] which belongs to the cache kmalloc-16 of size 16 [ 17.900914] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.901796] ================================================================== [ 17.874106] ================================================================== [ 17.874169] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.874222] Write of size 8 at addr fff00000c433ec88 by task kunit_try_catch/262 [ 17.874309] [ 17.874341] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.874464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.874621] Hardware name: linux,dummy-virt (DT) [ 17.874678] Call trace: [ 17.874718] show_stack+0x20/0x38 (C) [ 17.874769] dump_stack_lvl+0x8c/0xd0 [ 17.874856] print_report+0x118/0x5d0 [ 17.874911] kasan_report+0xdc/0x128 [ 17.874960] kasan_check_range+0x100/0x1a8 [ 17.875021] __kasan_check_write+0x20/0x30 [ 17.875067] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.875120] kasan_bitops_generic+0x110/0x1c8 [ 17.875195] kunit_try_run_case+0x170/0x3f0 [ 17.875250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.875342] kthread+0x328/0x630 [ 17.875386] ret_from_fork+0x10/0x20 [ 17.875436] [ 17.875471] Allocated by task 262: [ 17.875501] kasan_save_stack+0x3c/0x68 [ 17.875544] kasan_save_track+0x20/0x40 [ 17.875600] kasan_save_alloc_info+0x40/0x58 [ 17.875643] __kasan_kmalloc+0xd4/0xd8 [ 17.875680] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.875761] kasan_bitops_generic+0xa0/0x1c8 [ 17.875800] kunit_try_run_case+0x170/0x3f0 [ 17.875943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.876035] kthread+0x328/0x630 [ 17.876253] ret_from_fork+0x10/0x20 [ 17.876464] [ 17.876512] The buggy address belongs to the object at fff00000c433ec80 [ 17.876512] which belongs to the cache kmalloc-16 of size 16 [ 17.876576] The buggy address is located 8 bytes inside of [ 17.876576] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.876823] [ 17.876912] The buggy address belongs to the physical page: [ 17.877155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 17.877407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.877643] page_type: f5(slab) [ 17.877722] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.877813] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.877921] page dumped because: kasan: bad access detected [ 17.878042] [ 17.878087] Memory state around the buggy address: [ 17.878122] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.878187] fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.878385] >fff00000c433ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878542] ^ [ 17.878601] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878852] fff00000c433ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.878913] ================================================================== [ 17.863492] ================================================================== [ 17.863556] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.863614] Write of size 8 at addr fff00000c433ec88 by task kunit_try_catch/262 [ 17.863670] [ 17.863788] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.863874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.863949] Hardware name: linux,dummy-virt (DT) [ 17.864104] Call trace: [ 17.864134] show_stack+0x20/0x38 (C) [ 17.864188] dump_stack_lvl+0x8c/0xd0 [ 17.864235] print_report+0x118/0x5d0 [ 17.864342] kasan_report+0xdc/0x128 [ 17.864388] kasan_check_range+0x100/0x1a8 [ 17.864466] __kasan_check_write+0x20/0x30 [ 17.864571] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.864645] kasan_bitops_generic+0x110/0x1c8 [ 17.864708] kunit_try_run_case+0x170/0x3f0 [ 17.864759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.864914] kthread+0x328/0x630 [ 17.865008] ret_from_fork+0x10/0x20 [ 17.865060] [ 17.865207] Allocated by task 262: [ 17.865282] kasan_save_stack+0x3c/0x68 [ 17.865359] kasan_save_track+0x20/0x40 [ 17.865480] kasan_save_alloc_info+0x40/0x58 [ 17.865575] __kasan_kmalloc+0xd4/0xd8 [ 17.865688] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.865812] kasan_bitops_generic+0xa0/0x1c8 [ 17.865952] kunit_try_run_case+0x170/0x3f0 [ 17.866018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.866064] kthread+0x328/0x630 [ 17.866254] ret_from_fork+0x10/0x20 [ 17.866300] [ 17.866321] The buggy address belongs to the object at fff00000c433ec80 [ 17.866321] which belongs to the cache kmalloc-16 of size 16 [ 17.866384] The buggy address is located 8 bytes inside of [ 17.866384] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.866598] [ 17.866681] The buggy address belongs to the physical page: [ 17.866749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 17.866838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.866930] page_type: f5(slab) [ 17.866969] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.867067] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.867226] page dumped because: kasan: bad access detected [ 17.867261] [ 17.867292] Memory state around the buggy address: [ 17.867560] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.867656] fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.867770] >fff00000c433ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.867859] ^ [ 17.867913] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868034] fff00000c433ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.868137] ================================================================== [ 17.869746] ================================================================== [ 17.869799] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.869916] Read of size 8 at addr fff00000c433ec88 by task kunit_try_catch/262 [ 17.869975] [ 17.870020] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.870245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.870314] Hardware name: linux,dummy-virt (DT) [ 17.870351] Call trace: [ 17.870379] show_stack+0x20/0x38 (C) [ 17.870451] dump_stack_lvl+0x8c/0xd0 [ 17.870507] print_report+0x118/0x5d0 [ 17.870573] kasan_report+0xdc/0x128 [ 17.870621] __asan_report_load8_noabort+0x20/0x30 [ 17.870700] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.870813] kasan_bitops_generic+0x110/0x1c8 [ 17.870899] kunit_try_run_case+0x170/0x3f0 [ 17.870971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.871039] kthread+0x328/0x630 [ 17.871094] ret_from_fork+0x10/0x20 [ 17.871151] [ 17.871171] Allocated by task 262: [ 17.871210] kasan_save_stack+0x3c/0x68 [ 17.871252] kasan_save_track+0x20/0x40 [ 17.871291] kasan_save_alloc_info+0x40/0x58 [ 17.871331] __kasan_kmalloc+0xd4/0xd8 [ 17.871369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.871410] kasan_bitops_generic+0xa0/0x1c8 [ 17.871453] kunit_try_run_case+0x170/0x3f0 [ 17.871500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.871554] kthread+0x328/0x630 [ 17.871600] ret_from_fork+0x10/0x20 [ 17.871642] [ 17.871664] The buggy address belongs to the object at fff00000c433ec80 [ 17.871664] which belongs to the cache kmalloc-16 of size 16 [ 17.871725] The buggy address is located 8 bytes inside of [ 17.871725] allocated 9-byte region [fff00000c433ec80, fff00000c433ec89) [ 17.871807] [ 17.871837] The buggy address belongs to the physical page: [ 17.871871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 17.871927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.871995] page_type: f5(slab) [ 17.872034] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.872087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.872701] page dumped because: kasan: bad access detected [ 17.872832] [ 17.872868] Memory state around the buggy address: [ 17.872917] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.873027] fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.873081] >fff00000c433ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873130] ^ [ 17.873235] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873326] fff00000c433ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873396] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 17.854646] ================================================================== [ 17.854697] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 17.854745] Read of size 1 at addr fff00000c7940d90 by task kunit_try_catch/260 [ 17.854797] [ 17.854827] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.854910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.854939] Hardware name: linux,dummy-virt (DT) [ 17.854971] Call trace: [ 17.855230] show_stack+0x20/0x38 (C) [ 17.855282] dump_stack_lvl+0x8c/0xd0 [ 17.855345] print_report+0x118/0x5d0 [ 17.855394] kasan_report+0xdc/0x128 [ 17.855444] __asan_report_load1_noabort+0x20/0x30 [ 17.855499] strnlen+0x80/0x88 [ 17.855540] kasan_strings+0x478/0xb00 [ 17.855584] kunit_try_run_case+0x170/0x3f0 [ 17.855641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.855706] kthread+0x328/0x630 [ 17.855757] ret_from_fork+0x10/0x20 [ 17.855804] [ 17.855824] Allocated by task 260: [ 17.855853] kasan_save_stack+0x3c/0x68 [ 17.855902] kasan_save_track+0x20/0x40 [ 17.855957] kasan_save_alloc_info+0x40/0x58 [ 17.856010] __kasan_kmalloc+0xd4/0xd8 [ 17.856049] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.856089] kasan_strings+0xc8/0xb00 [ 17.856127] kunit_try_run_case+0x170/0x3f0 [ 17.856166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.856212] kthread+0x328/0x630 [ 17.856246] ret_from_fork+0x10/0x20 [ 17.856282] [ 17.856302] Freed by task 260: [ 17.856330] kasan_save_stack+0x3c/0x68 [ 17.856368] kasan_save_track+0x20/0x40 [ 17.856415] kasan_save_free_info+0x4c/0x78 [ 17.856464] __kasan_slab_free+0x6c/0x98 [ 17.856513] kfree+0x214/0x3c8 [ 17.856548] kasan_strings+0x24c/0xb00 [ 17.856585] kunit_try_run_case+0x170/0x3f0 [ 17.856623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.856669] kthread+0x328/0x630 [ 17.856701] ret_from_fork+0x10/0x20 [ 17.856739] [ 17.856764] The buggy address belongs to the object at fff00000c7940d80 [ 17.856764] which belongs to the cache kmalloc-32 of size 32 [ 17.856825] The buggy address is located 16 bytes inside of [ 17.856825] freed 32-byte region [fff00000c7940d80, fff00000c7940da0) [ 17.856889] [ 17.856910] The buggy address belongs to the physical page: [ 17.856943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 17.857005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.857053] page_type: f5(slab) [ 17.857341] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.857443] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 17.857584] page dumped because: kasan: bad access detected [ 17.857644] [ 17.857703] Memory state around the buggy address: [ 17.857818] fff00000c7940c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.857945] fff00000c7940d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.858043] >fff00000c7940d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.858108] ^ [ 17.858175] fff00000c7940e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.858220] fff00000c7940e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.858260] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 17.848637] ================================================================== [ 17.848697] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 17.848747] Read of size 1 at addr fff00000c7940d90 by task kunit_try_catch/260 [ 17.848884] [ 17.848941] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.849055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.849085] Hardware name: linux,dummy-virt (DT) [ 17.849117] Call trace: [ 17.849141] show_stack+0x20/0x38 (C) [ 17.849385] dump_stack_lvl+0x8c/0xd0 [ 17.849552] print_report+0x118/0x5d0 [ 17.849649] kasan_report+0xdc/0x128 [ 17.849748] __asan_report_load1_noabort+0x20/0x30 [ 17.849911] strlen+0xa8/0xb0 [ 17.849996] kasan_strings+0x418/0xb00 [ 17.850069] kunit_try_run_case+0x170/0x3f0 [ 17.850128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.850194] kthread+0x328/0x630 [ 17.850238] ret_from_fork+0x10/0x20 [ 17.850513] [ 17.850558] Allocated by task 260: [ 17.850641] kasan_save_stack+0x3c/0x68 [ 17.850729] kasan_save_track+0x20/0x40 [ 17.850776] kasan_save_alloc_info+0x40/0x58 [ 17.850817] __kasan_kmalloc+0xd4/0xd8 [ 17.852784] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.852839] kasan_strings+0xc8/0xb00 [ 17.852877] kunit_try_run_case+0x170/0x3f0 [ 17.852915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.852960] kthread+0x328/0x630 [ 17.853003] ret_from_fork+0x10/0x20 [ 17.853055] [ 17.853076] Freed by task 260: [ 17.853104] kasan_save_stack+0x3c/0x68 [ 17.853144] kasan_save_track+0x20/0x40 [ 17.853181] kasan_save_free_info+0x4c/0x78 [ 17.853222] __kasan_slab_free+0x6c/0x98 [ 17.853260] kfree+0x214/0x3c8 [ 17.853296] kasan_strings+0x24c/0xb00 [ 17.853331] kunit_try_run_case+0x170/0x3f0 [ 17.853370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.853415] kthread+0x328/0x630 [ 17.853448] ret_from_fork+0x10/0x20 [ 17.853485] [ 17.853504] The buggy address belongs to the object at fff00000c7940d80 [ 17.853504] which belongs to the cache kmalloc-32 of size 32 [ 17.853563] The buggy address is located 16 bytes inside of [ 17.853563] freed 32-byte region [fff00000c7940d80, fff00000c7940da0) [ 17.853627] [ 17.853647] The buggy address belongs to the physical page: [ 17.853680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 17.853736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.853785] page_type: f5(slab) [ 17.853826] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.853878] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 17.853922] page dumped because: kasan: bad access detected [ 17.853953] [ 17.853972] Memory state around the buggy address: [ 17.854016] fff00000c7940c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.854063] fff00000c7940d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.854109] >fff00000c7940d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.854149] ^ [ 17.854178] fff00000c7940e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.854223] fff00000c7940e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.854264] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 17.843624] ================================================================== [ 17.843678] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 17.843833] Read of size 1 at addr fff00000c7940d90 by task kunit_try_catch/260 [ 17.843923] [ 17.843958] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.844056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.844090] Hardware name: linux,dummy-virt (DT) [ 17.844148] Call trace: [ 17.844172] show_stack+0x20/0x38 (C) [ 17.844223] dump_stack_lvl+0x8c/0xd0 [ 17.844271] print_report+0x118/0x5d0 [ 17.844317] kasan_report+0xdc/0x128 [ 17.844388] __asan_report_load1_noabort+0x20/0x30 [ 17.844527] kasan_strings+0x95c/0xb00 [ 17.844573] kunit_try_run_case+0x170/0x3f0 [ 17.844649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.844731] kthread+0x328/0x630 [ 17.844808] ret_from_fork+0x10/0x20 [ 17.844934] [ 17.844955] Allocated by task 260: [ 17.844998] kasan_save_stack+0x3c/0x68 [ 17.845043] kasan_save_track+0x20/0x40 [ 17.845083] kasan_save_alloc_info+0x40/0x58 [ 17.845124] __kasan_kmalloc+0xd4/0xd8 [ 17.845303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.845352] kasan_strings+0xc8/0xb00 [ 17.845433] kunit_try_run_case+0x170/0x3f0 [ 17.845507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.845564] kthread+0x328/0x630 [ 17.845632] ret_from_fork+0x10/0x20 [ 17.845792] [ 17.845813] Freed by task 260: [ 17.845842] kasan_save_stack+0x3c/0x68 [ 17.845965] kasan_save_track+0x20/0x40 [ 17.846074] kasan_save_free_info+0x4c/0x78 [ 17.846127] __kasan_slab_free+0x6c/0x98 [ 17.846218] kfree+0x214/0x3c8 [ 17.846281] kasan_strings+0x24c/0xb00 [ 17.846359] kunit_try_run_case+0x170/0x3f0 [ 17.846410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.846454] kthread+0x328/0x630 [ 17.846490] ret_from_fork+0x10/0x20 [ 17.846526] [ 17.846546] The buggy address belongs to the object at fff00000c7940d80 [ 17.846546] which belongs to the cache kmalloc-32 of size 32 [ 17.846758] The buggy address is located 16 bytes inside of [ 17.846758] freed 32-byte region [fff00000c7940d80, fff00000c7940da0) [ 17.846898] [ 17.846976] The buggy address belongs to the physical page: [ 17.847079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 17.847187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.847260] page_type: f5(slab) [ 17.847300] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.847387] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 17.847436] page dumped because: kasan: bad access detected [ 17.847472] [ 17.847515] Memory state around the buggy address: [ 17.847600] fff00000c7940c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.847740] fff00000c7940d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.847868] >fff00000c7940d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.847970] ^ [ 17.848046] fff00000c7940e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.848212] fff00000c7940e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.848255] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 17.836044] ================================================================== [ 17.836097] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 17.836315] Read of size 1 at addr fff00000c7940d90 by task kunit_try_catch/260 [ 17.836507] [ 17.836563] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.837047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.837126] Hardware name: linux,dummy-virt (DT) [ 17.837160] Call trace: [ 17.837208] show_stack+0x20/0x38 (C) [ 17.837280] dump_stack_lvl+0x8c/0xd0 [ 17.837369] print_report+0x118/0x5d0 [ 17.837494] kasan_report+0xdc/0x128 [ 17.837665] __asan_report_load1_noabort+0x20/0x30 [ 17.837780] strcmp+0xc0/0xc8 [ 17.837824] kasan_strings+0x340/0xb00 [ 17.837869] kunit_try_run_case+0x170/0x3f0 [ 17.837919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.837973] kthread+0x328/0x630 [ 17.838072] ret_from_fork+0x10/0x20 [ 17.838121] [ 17.838141] Allocated by task 260: [ 17.838172] kasan_save_stack+0x3c/0x68 [ 17.838218] kasan_save_track+0x20/0x40 [ 17.838383] kasan_save_alloc_info+0x40/0x58 [ 17.838479] __kasan_kmalloc+0xd4/0xd8 [ 17.838548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.838678] kasan_strings+0xc8/0xb00 [ 17.838753] kunit_try_run_case+0x170/0x3f0 [ 17.838805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.838911] kthread+0x328/0x630 [ 17.838993] ret_from_fork+0x10/0x20 [ 17.839061] [ 17.839083] Freed by task 260: [ 17.839121] kasan_save_stack+0x3c/0x68 [ 17.839210] kasan_save_track+0x20/0x40 [ 17.839250] kasan_save_free_info+0x4c/0x78 [ 17.839293] __kasan_slab_free+0x6c/0x98 [ 17.839357] kfree+0x214/0x3c8 [ 17.839516] kasan_strings+0x24c/0xb00 [ 17.839635] kunit_try_run_case+0x170/0x3f0 [ 17.839685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.839788] kthread+0x328/0x630 [ 17.839825] ret_from_fork+0x10/0x20 [ 17.839861] [ 17.840038] The buggy address belongs to the object at fff00000c7940d80 [ 17.840038] which belongs to the cache kmalloc-32 of size 32 [ 17.840123] The buggy address is located 16 bytes inside of [ 17.840123] freed 32-byte region [fff00000c7940d80, fff00000c7940da0) [ 17.840235] [ 17.840293] The buggy address belongs to the physical page: [ 17.840373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 17.840462] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.840580] page_type: f5(slab) [ 17.840668] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.840809] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.840885] page dumped because: kasan: bad access detected [ 17.840953] [ 17.841049] Memory state around the buggy address: [ 17.841136] fff00000c7940c80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.841182] fff00000c7940d00: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.841228] >fff00000c7940d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.841269] ^ [ 17.841300] fff00000c7940e00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.841344] fff00000c7940e80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.841387] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 17.824546] ================================================================== [ 17.824608] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 17.824664] Read of size 1 at addr fff00000c7940c18 by task kunit_try_catch/258 [ 17.824735] [ 17.824804] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.824916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.824946] Hardware name: linux,dummy-virt (DT) [ 17.825006] Call trace: [ 17.825221] show_stack+0x20/0x38 (C) [ 17.825342] dump_stack_lvl+0x8c/0xd0 [ 17.825439] print_report+0x118/0x5d0 [ 17.825590] kasan_report+0xdc/0x128 [ 17.825724] __asan_report_load1_noabort+0x20/0x30 [ 17.825820] memcmp+0x198/0x1d8 [ 17.825865] kasan_memcmp+0x16c/0x300 [ 17.825936] kunit_try_run_case+0x170/0x3f0 [ 17.825998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.826054] kthread+0x328/0x630 [ 17.826193] ret_from_fork+0x10/0x20 [ 17.826251] [ 17.826324] Allocated by task 258: [ 17.826382] kasan_save_stack+0x3c/0x68 [ 17.826443] kasan_save_track+0x20/0x40 [ 17.826534] kasan_save_alloc_info+0x40/0x58 [ 17.826611] __kasan_kmalloc+0xd4/0xd8 [ 17.826736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.826848] kasan_memcmp+0xbc/0x300 [ 17.826928] kunit_try_run_case+0x170/0x3f0 [ 17.827045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.827102] kthread+0x328/0x630 [ 17.827137] ret_from_fork+0x10/0x20 [ 17.827296] [ 17.827318] The buggy address belongs to the object at fff00000c7940c00 [ 17.827318] which belongs to the cache kmalloc-32 of size 32 [ 17.827475] The buggy address is located 0 bytes to the right of [ 17.827475] allocated 24-byte region [fff00000c7940c00, fff00000c7940c18) [ 17.827550] [ 17.827572] The buggy address belongs to the physical page: [ 17.827606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107940 [ 17.827660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.827731] page_type: f5(slab) [ 17.827921] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.828014] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.828116] page dumped because: kasan: bad access detected [ 17.828169] [ 17.828189] Memory state around the buggy address: [ 17.828250] fff00000c7940b00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 17.828345] fff00000c7940b80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.828392] >fff00000c7940c00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.828474] ^ [ 17.828507] fff00000c7940c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.828801] fff00000c7940d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.828861] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 17.810887] ================================================================== [ 17.810950] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 17.811027] Read of size 1 at addr ffff800080a27b4a by task kunit_try_catch/254 [ 17.811083] [ 17.811118] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.811206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.811236] Hardware name: linux,dummy-virt (DT) [ 17.811269] Call trace: [ 17.811294] show_stack+0x20/0x38 (C) [ 17.811343] dump_stack_lvl+0x8c/0xd0 [ 17.811390] print_report+0x310/0x5d0 [ 17.811445] kasan_report+0xdc/0x128 [ 17.811493] __asan_report_load1_noabort+0x20/0x30 [ 17.811546] kasan_alloca_oob_right+0x2dc/0x340 [ 17.811595] kunit_try_run_case+0x170/0x3f0 [ 17.811672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.811729] kthread+0x328/0x630 [ 17.811919] ret_from_fork+0x10/0x20 [ 17.812091] [ 17.812115] The buggy address belongs to stack of task kunit_try_catch/254 [ 17.812245] [ 17.812291] The buggy address ffff800080a27b4a belongs to a vmalloc virtual mapping [ 17.812339] The buggy address belongs to the physical page: [ 17.812558] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107826 [ 17.812667] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.812859] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.812932] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.812989] page dumped because: kasan: bad access detected [ 17.813038] [ 17.813058] Memory state around the buggy address: [ 17.813093] ffff800080a27a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.813155] ffff800080a27a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.813201] >ffff800080a27b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 17.813241] ^ [ 17.813285] ffff800080a27b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.813331] ffff800080a27c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.813374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 17.793511] ================================================================== [ 17.793603] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 17.793899] Read of size 1 at addr ffff800080a27b5f by task kunit_try_catch/252 [ 17.793961] [ 17.794256] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.794344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.794373] Hardware name: linux,dummy-virt (DT) [ 17.794406] Call trace: [ 17.794429] show_stack+0x20/0x38 (C) [ 17.794481] dump_stack_lvl+0x8c/0xd0 [ 17.795288] print_report+0x310/0x5d0 [ 17.795359] kasan_report+0xdc/0x128 [ 17.795625] __asan_report_load1_noabort+0x20/0x30 [ 17.795685] kasan_alloca_oob_left+0x2b8/0x310 [ 17.796375] kunit_try_run_case+0x170/0x3f0 [ 17.796898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.797068] kthread+0x328/0x630 [ 17.797276] ret_from_fork+0x10/0x20 [ 17.797352] [ 17.797418] The buggy address belongs to stack of task kunit_try_catch/252 [ 17.797779] [ 17.798080] The buggy address ffff800080a27b5f belongs to a vmalloc virtual mapping [ 17.798392] The buggy address belongs to the physical page: [ 17.798537] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107826 [ 17.798791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.798867] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.799284] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.799386] page dumped because: kasan: bad access detected [ 17.799791] [ 17.799900] Memory state around the buggy address: [ 17.800021] ffff800080a27a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.800093] ffff800080a27a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.800464] >ffff800080a27b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 17.800584] ^ [ 17.800956] ffff800080a27b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 17.801066] ffff800080a27c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.801395] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 17.774744] ================================================================== [ 17.774825] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 17.774881] Read of size 1 at addr ffff800080a27c2a by task kunit_try_catch/250 [ 17.774931] [ 17.774966] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.775066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.775092] Hardware name: linux,dummy-virt (DT) [ 17.775124] Call trace: [ 17.775146] show_stack+0x20/0x38 (C) [ 17.775195] dump_stack_lvl+0x8c/0xd0 [ 17.775242] print_report+0x310/0x5d0 [ 17.775288] kasan_report+0xdc/0x128 [ 17.775417] __asan_report_load1_noabort+0x20/0x30 [ 17.775478] kasan_stack_oob+0x238/0x270 [ 17.775542] kunit_try_run_case+0x170/0x3f0 [ 17.775594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.775648] kthread+0x328/0x630 [ 17.775693] ret_from_fork+0x10/0x20 [ 17.775743] [ 17.775794] The buggy address belongs to stack of task kunit_try_catch/250 [ 17.775898] and is located at offset 138 in frame: [ 17.775938] kasan_stack_oob+0x0/0x270 [ 17.776309] [ 17.776352] This frame has 4 objects: [ 17.776449] [48, 49) '__assertion' [ 17.776489] [64, 72) 'array' [ 17.776527] [96, 112) '__assertion' [ 17.776593] [128, 138) 'stack_array' [ 17.776640] [ 17.776667] The buggy address ffff800080a27c2a belongs to a vmalloc virtual mapping [ 17.776718] The buggy address belongs to the physical page: [ 17.776752] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107826 [ 17.776822] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.776891] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.776945] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.777005] page dumped because: kasan: bad access detected [ 17.777039] [ 17.777059] Memory state around the buggy address: [ 17.777095] ffff800080a27b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.777141] ffff800080a27b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 17.777186] >ffff800080a27c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 17.777242] ^ [ 17.777277] ffff800080a27c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 17.777323] ffff800080a27d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 17.777365] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 17.746899] ================================================================== [ 17.746969] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 17.747041] Read of size 1 at addr ffffa8482db4f58d by task kunit_try_catch/246 [ 17.747094] [ 17.747135] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.747220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.747247] Hardware name: linux,dummy-virt (DT) [ 17.747279] Call trace: [ 17.747302] show_stack+0x20/0x38 (C) [ 17.748871] dump_stack_lvl+0x8c/0xd0 [ 17.749012] print_report+0x310/0x5d0 [ 17.749066] kasan_report+0xdc/0x128 [ 17.749112] __asan_report_load1_noabort+0x20/0x30 [ 17.749335] kasan_global_oob_right+0x230/0x270 [ 17.749383] kunit_try_run_case+0x170/0x3f0 [ 17.749433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.749488] kthread+0x328/0x630 [ 17.749530] ret_from_fork+0x10/0x20 [ 17.750620] [ 17.751010] The buggy address belongs to the variable: [ 17.751054] global_array+0xd/0x40 [ 17.751110] [ 17.751461] The buggy address ffffa8482db4f58d belongs to a vmalloc virtual mapping [ 17.752090] The buggy address belongs to the physical page: [ 17.752132] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 17.752640] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 17.753232] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 17.753292] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.753336] page dumped because: kasan: bad access detected [ 17.753368] [ 17.753387] Memory state around the buggy address: [ 17.753419] ffffa8482db4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.753464] ffffa8482db4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 17.753510] >ffffa8482db4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 17.753548] ^ [ 17.754525] ffffa8482db4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 17.754591] ffffa8482db4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.754661] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 17.723201] ================================================================== [ 17.723314] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.723674] Free of addr fff00000c7974001 by task kunit_try_catch/244 [ 17.723719] [ 17.723994] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.724328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.724362] Hardware name: linux,dummy-virt (DT) [ 17.724394] Call trace: [ 17.724417] show_stack+0x20/0x38 (C) [ 17.724473] dump_stack_lvl+0x8c/0xd0 [ 17.724522] print_report+0x118/0x5d0 [ 17.724568] kasan_report_invalid_free+0xc0/0xe8 [ 17.724617] __kasan_mempool_poison_object+0xfc/0x150 [ 17.724669] mempool_free+0x28c/0x328 [ 17.724737] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.724858] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 17.725268] kunit_try_run_case+0x170/0x3f0 [ 17.725765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.726138] kthread+0x328/0x630 [ 17.726295] ret_from_fork+0x10/0x20 [ 17.726396] [ 17.726514] The buggy address belongs to the physical page: [ 17.726930] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107974 [ 17.727234] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.727453] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.727622] page_type: f8(unknown) [ 17.727663] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.727714] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.728281] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.728343] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.728395] head: 0bfffe0000000002 ffffc1ffc31e5d01 00000000ffffffff 00000000ffffffff [ 17.728446] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.728488] page dumped because: kasan: bad access detected [ 17.728520] [ 17.728539] Memory state around the buggy address: [ 17.729333] fff00000c7973f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.729501] fff00000c7973f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.729805] >fff00000c7974000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.729848] ^ [ 17.729876] fff00000c7974080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.729919] fff00000c7974100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.729959] ================================================================== [ 17.690149] ================================================================== [ 17.690211] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.690269] Free of addr fff00000c65ee701 by task kunit_try_catch/242 [ 17.690312] [ 17.692554] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.692705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.692812] Hardware name: linux,dummy-virt (DT) [ 17.693237] Call trace: [ 17.693288] show_stack+0x20/0x38 (C) [ 17.693348] dump_stack_lvl+0x8c/0xd0 [ 17.693394] print_report+0x118/0x5d0 [ 17.693589] kasan_report_invalid_free+0xc0/0xe8 [ 17.693640] check_slab_allocation+0xfc/0x108 [ 17.694102] __kasan_mempool_poison_object+0x78/0x150 [ 17.694165] mempool_free+0x28c/0x328 [ 17.694336] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 17.694821] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.694916] kunit_try_run_case+0x170/0x3f0 [ 17.695270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.695492] kthread+0x328/0x630 [ 17.695540] ret_from_fork+0x10/0x20 [ 17.696000] [ 17.696049] Allocated by task 242: [ 17.696091] kasan_save_stack+0x3c/0x68 [ 17.696369] kasan_save_track+0x20/0x40 [ 17.696409] kasan_save_alloc_info+0x40/0x58 [ 17.696870] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.696925] remove_element+0x130/0x1f8 [ 17.696971] mempool_alloc_preallocated+0x58/0xc0 [ 17.697179] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 17.697356] mempool_kmalloc_invalid_free+0xc0/0x118 [ 17.697402] kunit_try_run_case+0x170/0x3f0 [ 17.698119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.698174] kthread+0x328/0x630 [ 17.698206] ret_from_fork+0x10/0x20 [ 17.698242] [ 17.698262] The buggy address belongs to the object at fff00000c65ee700 [ 17.698262] which belongs to the cache kmalloc-128 of size 128 [ 17.698743] The buggy address is located 1 bytes inside of [ 17.698743] 128-byte region [fff00000c65ee700, fff00000c65ee780) [ 17.699199] [ 17.699226] The buggy address belongs to the physical page: [ 17.699501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 17.699892] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.700342] page_type: f5(slab) [ 17.700654] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.700712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.700878] page dumped because: kasan: bad access detected [ 17.700916] [ 17.700933] Memory state around the buggy address: [ 17.700967] fff00000c65ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.701377] fff00000c65ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.701531] >fff00000c65ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.701576] ^ [ 17.701778] fff00000c65ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.701885] fff00000c65ee800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.702227] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 17.583806] ================================================================== [ 17.584014] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.584133] Free of addr fff00000c65ee300 by task kunit_try_catch/236 [ 17.584203] [ 17.584282] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.584364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.584635] Hardware name: linux,dummy-virt (DT) [ 17.584767] Call trace: [ 17.584816] show_stack+0x20/0x38 (C) [ 17.584871] dump_stack_lvl+0x8c/0xd0 [ 17.585063] print_report+0x118/0x5d0 [ 17.585217] kasan_report_invalid_free+0xc0/0xe8 [ 17.585276] check_slab_allocation+0xd4/0x108 [ 17.585327] __kasan_mempool_poison_object+0x78/0x150 [ 17.585430] mempool_free+0x28c/0x328 [ 17.585488] mempool_double_free_helper+0x150/0x2e8 [ 17.585536] mempool_kmalloc_double_free+0xc0/0x118 [ 17.585771] kunit_try_run_case+0x170/0x3f0 [ 17.585829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.585880] kthread+0x328/0x630 [ 17.586244] ret_from_fork+0x10/0x20 [ 17.586298] [ 17.586317] Allocated by task 236: [ 17.586354] kasan_save_stack+0x3c/0x68 [ 17.586410] kasan_save_track+0x20/0x40 [ 17.586445] kasan_save_alloc_info+0x40/0x58 [ 17.586755] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.586803] remove_element+0x130/0x1f8 [ 17.586840] mempool_alloc_preallocated+0x58/0xc0 [ 17.586878] mempool_double_free_helper+0x94/0x2e8 [ 17.586917] mempool_kmalloc_double_free+0xc0/0x118 [ 17.586969] kunit_try_run_case+0x170/0x3f0 [ 17.587020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.587326] kthread+0x328/0x630 [ 17.587785] ret_from_fork+0x10/0x20 [ 17.587832] [ 17.587850] Freed by task 236: [ 17.587878] kasan_save_stack+0x3c/0x68 [ 17.587920] kasan_save_track+0x20/0x40 [ 17.587958] kasan_save_free_info+0x4c/0x78 [ 17.588342] __kasan_mempool_poison_object+0xc0/0x150 [ 17.588449] mempool_free+0x28c/0x328 [ 17.588485] mempool_double_free_helper+0x100/0x2e8 [ 17.588764] mempool_kmalloc_double_free+0xc0/0x118 [ 17.588814] kunit_try_run_case+0x170/0x3f0 [ 17.588867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.588919] kthread+0x328/0x630 [ 17.589018] ret_from_fork+0x10/0x20 [ 17.589052] [ 17.589073] The buggy address belongs to the object at fff00000c65ee300 [ 17.589073] which belongs to the cache kmalloc-128 of size 128 [ 17.589136] The buggy address is located 0 bytes inside of [ 17.589136] 128-byte region [fff00000c65ee300, fff00000c65ee380) [ 17.589333] [ 17.589376] The buggy address belongs to the physical page: [ 17.589444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee [ 17.589555] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.589657] page_type: f5(slab) [ 17.589735] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.589786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.589839] page dumped because: kasan: bad access detected [ 17.589871] [ 17.589940] Memory state around the buggy address: [ 17.590601] fff00000c65ee200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.590659] fff00000c65ee280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.590826] >fff00000c65ee300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.590906] ^ [ 17.591103] fff00000c65ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.591167] fff00000c65ee400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.591304] ================================================================== [ 17.657668] ================================================================== [ 17.657729] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.660682] Free of addr fff00000c7974000 by task kunit_try_catch/240 [ 17.660727] [ 17.660886] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.661348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.661378] Hardware name: linux,dummy-virt (DT) [ 17.662155] Call trace: [ 17.662782] show_stack+0x20/0x38 (C) [ 17.663500] dump_stack_lvl+0x8c/0xd0 [ 17.663672] print_report+0x118/0x5d0 [ 17.664115] kasan_report_invalid_free+0xc0/0xe8 [ 17.664531] __kasan_mempool_poison_pages+0xe0/0xe8 [ 17.665169] mempool_free+0x24c/0x328 [ 17.665539] mempool_double_free_helper+0x150/0x2e8 [ 17.665921] mempool_page_alloc_double_free+0xbc/0x118 [ 17.666285] kunit_try_run_case+0x170/0x3f0 [ 17.666340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.666398] kthread+0x328/0x630 [ 17.666443] ret_from_fork+0x10/0x20 [ 17.667728] [ 17.667754] The buggy address belongs to the physical page: [ 17.668143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107974 [ 17.668818] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.669420] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.670010] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.670554] page dumped because: kasan: bad access detected [ 17.671067] [ 17.671312] Memory state around the buggy address: [ 17.671471] fff00000c7973f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.672159] fff00000c7973f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.673049] >fff00000c7974000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.673122] ^ [ 17.673156] fff00000c7974080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.673278] fff00000c7974100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.673370] ================================================================== [ 17.614792] ================================================================== [ 17.614860] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 17.614920] Free of addr fff00000c7970000 by task kunit_try_catch/238 [ 17.614963] [ 17.615010] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.617273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.617810] Hardware name: linux,dummy-virt (DT) [ 17.617898] Call trace: [ 17.617922] show_stack+0x20/0x38 (C) [ 17.619197] dump_stack_lvl+0x8c/0xd0 [ 17.619569] print_report+0x118/0x5d0 [ 17.620148] kasan_report_invalid_free+0xc0/0xe8 [ 17.620448] __kasan_mempool_poison_object+0x14c/0x150 [ 17.621243] mempool_free+0x28c/0x328 [ 17.621493] mempool_double_free_helper+0x150/0x2e8 [ 17.621708] mempool_kmalloc_large_double_free+0xc0/0x118 [ 17.622360] kunit_try_run_case+0x170/0x3f0 [ 17.622863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.622931] kthread+0x328/0x630 [ 17.622976] ret_from_fork+0x10/0x20 [ 17.623767] [ 17.624015] The buggy address belongs to the physical page: [ 17.624366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107970 [ 17.625015] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.625180] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.625841] page_type: f8(unknown) [ 17.626227] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.626754] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.626815] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.626865] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.626915] head: 0bfffe0000000002 ffffc1ffc31e5c01 00000000ffffffff 00000000ffffffff [ 17.628085] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.628556] page dumped because: kasan: bad access detected [ 17.628600] [ 17.628617] Memory state around the buggy address: [ 17.629271] fff00000c796ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.630051] fff00000c796ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.630266] >fff00000c7970000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.630394] ^ [ 17.631068] fff00000c7970080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.631294] fff00000c7970100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.631348] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 17.510615] ================================================================== [ 17.510675] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.510728] Read of size 1 at addr fff00000c7970000 by task kunit_try_catch/230 [ 17.510785] [ 17.510946] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.511143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.511217] Hardware name: linux,dummy-virt (DT) [ 17.511247] Call trace: [ 17.511596] show_stack+0x20/0x38 (C) [ 17.511660] dump_stack_lvl+0x8c/0xd0 [ 17.511715] print_report+0x118/0x5d0 [ 17.511919] kasan_report+0xdc/0x128 [ 17.511963] __asan_report_load1_noabort+0x20/0x30 [ 17.512025] mempool_uaf_helper+0x314/0x340 [ 17.512077] mempool_kmalloc_large_uaf+0xc4/0x120 [ 17.512313] kunit_try_run_case+0x170/0x3f0 [ 17.512451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.512662] kthread+0x328/0x630 [ 17.512728] ret_from_fork+0x10/0x20 [ 17.513086] [ 17.513122] The buggy address belongs to the physical page: [ 17.513157] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107970 [ 17.513214] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.513260] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.513314] page_type: f8(unknown) [ 17.513354] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.513405] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.513858] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.514035] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.514263] head: 0bfffe0000000002 ffffc1ffc31e5c01 00000000ffffffff 00000000ffffffff [ 17.514315] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.514356] page dumped because: kasan: bad access detected [ 17.514460] [ 17.514479] Memory state around the buggy address: [ 17.514559] fff00000c796ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.514666] fff00000c796ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.514759] >fff00000c7970000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.514797] ^ [ 17.514824] fff00000c7970080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.514930] fff00000c7970100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.515019] ================================================================== [ 17.562822] ================================================================== [ 17.562888] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.562961] Read of size 1 at addr fff00000c7970000 by task kunit_try_catch/234 [ 17.563216] [ 17.563529] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.564071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.564130] Hardware name: linux,dummy-virt (DT) [ 17.564244] Call trace: [ 17.564269] show_stack+0x20/0x38 (C) [ 17.564328] dump_stack_lvl+0x8c/0xd0 [ 17.564378] print_report+0x118/0x5d0 [ 17.564808] kasan_report+0xdc/0x128 [ 17.565027] __asan_report_load1_noabort+0x20/0x30 [ 17.565082] mempool_uaf_helper+0x314/0x340 [ 17.565126] mempool_page_alloc_uaf+0xc0/0x118 [ 17.565191] kunit_try_run_case+0x170/0x3f0 [ 17.565241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.565295] kthread+0x328/0x630 [ 17.565457] ret_from_fork+0x10/0x20 [ 17.565514] [ 17.565535] The buggy address belongs to the physical page: [ 17.565568] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107970 [ 17.565765] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.565867] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 17.565918] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.565960] page dumped because: kasan: bad access detected [ 17.566002] [ 17.566021] Memory state around the buggy address: [ 17.566076] fff00000c796ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.566184] fff00000c796ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.566228] >fff00000c7970000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.566294] ^ [ 17.566326] fff00000c7970080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.566472] fff00000c7970100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.566546] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 17.528349] ================================================================== [ 17.528517] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.528672] Read of size 1 at addr fff00000c793d240 by task kunit_try_catch/232 [ 17.528722] [ 17.528913] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.529027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.529054] Hardware name: linux,dummy-virt (DT) [ 17.529101] Call trace: [ 17.529176] show_stack+0x20/0x38 (C) [ 17.529551] dump_stack_lvl+0x8c/0xd0 [ 17.529646] print_report+0x118/0x5d0 [ 17.529724] kasan_report+0xdc/0x128 [ 17.529770] __asan_report_load1_noabort+0x20/0x30 [ 17.529821] mempool_uaf_helper+0x314/0x340 [ 17.529865] mempool_slab_uaf+0xc0/0x118 [ 17.529910] kunit_try_run_case+0x170/0x3f0 [ 17.529966] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.530028] kthread+0x328/0x630 [ 17.530551] ret_from_fork+0x10/0x20 [ 17.530613] [ 17.530634] Allocated by task 232: [ 17.530665] kasan_save_stack+0x3c/0x68 [ 17.530708] kasan_save_track+0x20/0x40 [ 17.530758] kasan_save_alloc_info+0x40/0x58 [ 17.530800] __kasan_mempool_unpoison_object+0xbc/0x180 [ 17.530999] remove_element+0x16c/0x1f8 [ 17.531038] mempool_alloc_preallocated+0x58/0xc0 [ 17.531078] mempool_uaf_helper+0xa4/0x340 [ 17.531115] mempool_slab_uaf+0xc0/0x118 [ 17.531633] kunit_try_run_case+0x170/0x3f0 [ 17.531674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.531719] kthread+0x328/0x630 [ 17.532005] ret_from_fork+0x10/0x20 [ 17.532055] [ 17.532103] Freed by task 232: [ 17.532129] kasan_save_stack+0x3c/0x68 [ 17.532244] kasan_save_track+0x20/0x40 [ 17.532282] kasan_save_free_info+0x4c/0x78 [ 17.532322] __kasan_mempool_poison_object+0xc0/0x150 [ 17.532384] mempool_free+0x28c/0x328 [ 17.532420] mempool_uaf_helper+0x104/0x340 [ 17.532458] mempool_slab_uaf+0xc0/0x118 [ 17.532494] kunit_try_run_case+0x170/0x3f0 [ 17.532532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.532641] kthread+0x328/0x630 [ 17.532675] ret_from_fork+0x10/0x20 [ 17.532718] [ 17.532775] The buggy address belongs to the object at fff00000c793d240 [ 17.532775] which belongs to the cache test_cache of size 123 [ 17.532914] The buggy address is located 0 bytes inside of [ 17.532914] freed 123-byte region [fff00000c793d240, fff00000c793d2bb) [ 17.533015] [ 17.533036] The buggy address belongs to the physical page: [ 17.533305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10793d [ 17.533364] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.533414] page_type: f5(slab) [ 17.533451] raw: 0bfffe0000000000 fff00000c78a1500 dead000000000122 0000000000000000 [ 17.533502] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 17.533543] page dumped because: kasan: bad access detected [ 17.533575] [ 17.533592] Memory state around the buggy address: [ 17.533624] fff00000c793d100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.533971] fff00000c793d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.534109] >fff00000c793d200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.534195] ^ [ 17.534271] fff00000c793d280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.534337] fff00000c793d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.534376] ================================================================== [ 17.494195] ================================================================== [ 17.494263] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 17.494326] Read of size 1 at addr fff00000c786af00 by task kunit_try_catch/228 [ 17.494553] [ 17.494872] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.495127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.495155] Hardware name: linux,dummy-virt (DT) [ 17.495187] Call trace: [ 17.495209] show_stack+0x20/0x38 (C) [ 17.495487] dump_stack_lvl+0x8c/0xd0 [ 17.495580] print_report+0x118/0x5d0 [ 17.495705] kasan_report+0xdc/0x128 [ 17.495851] __asan_report_load1_noabort+0x20/0x30 [ 17.495903] mempool_uaf_helper+0x314/0x340 [ 17.495949] mempool_kmalloc_uaf+0xc4/0x120 [ 17.496006] kunit_try_run_case+0x170/0x3f0 [ 17.496054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.496107] kthread+0x328/0x630 [ 17.496155] ret_from_fork+0x10/0x20 [ 17.496400] [ 17.496424] Allocated by task 228: [ 17.496455] kasan_save_stack+0x3c/0x68 [ 17.496647] kasan_save_track+0x20/0x40 [ 17.496808] kasan_save_alloc_info+0x40/0x58 [ 17.497020] __kasan_mempool_unpoison_object+0x11c/0x180 [ 17.497103] remove_element+0x130/0x1f8 [ 17.497243] mempool_alloc_preallocated+0x58/0xc0 [ 17.497420] mempool_uaf_helper+0xa4/0x340 [ 17.497458] mempool_kmalloc_uaf+0xc4/0x120 [ 17.497496] kunit_try_run_case+0x170/0x3f0 [ 17.497533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.497583] kthread+0x328/0x630 [ 17.497651] ret_from_fork+0x10/0x20 [ 17.497757] [ 17.497843] Freed by task 228: [ 17.497964] kasan_save_stack+0x3c/0x68 [ 17.498019] kasan_save_track+0x20/0x40 [ 17.498056] kasan_save_free_info+0x4c/0x78 [ 17.498094] __kasan_mempool_poison_object+0xc0/0x150 [ 17.498134] mempool_free+0x28c/0x328 [ 17.498169] mempool_uaf_helper+0x104/0x340 [ 17.498205] mempool_kmalloc_uaf+0xc4/0x120 [ 17.498254] kunit_try_run_case+0x170/0x3f0 [ 17.498597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.498647] kthread+0x328/0x630 [ 17.498679] ret_from_fork+0x10/0x20 [ 17.498716] [ 17.498736] The buggy address belongs to the object at fff00000c786af00 [ 17.498736] which belongs to the cache kmalloc-128 of size 128 [ 17.498910] The buggy address is located 0 bytes inside of [ 17.498910] freed 128-byte region [fff00000c786af00, fff00000c786af80) [ 17.498975] [ 17.499014] The buggy address belongs to the physical page: [ 17.499191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 17.499263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.499312] page_type: f5(slab) [ 17.499352] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.499403] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 17.499450] page dumped because: kasan: bad access detected [ 17.499788] [ 17.499807] Memory state around the buggy address: [ 17.500084] fff00000c786ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.500174] fff00000c786ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500303] >fff00000c786af00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.500388] ^ [ 17.500511] fff00000c786af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500590] fff00000c786b000: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.500693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 16.823462] ================================================================== [ 16.823543] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 16.823617] Read of size 1 at addr fff00000c78a1280 by task kunit_try_catch/216 [ 16.823671] [ 16.823710] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.823806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.823835] Hardware name: linux,dummy-virt (DT) [ 16.823867] Call trace: [ 16.823889] show_stack+0x20/0x38 (C) [ 16.823940] dump_stack_lvl+0x8c/0xd0 [ 16.824006] print_report+0x118/0x5d0 [ 16.824051] kasan_report+0xdc/0x128 [ 16.824094] __kasan_check_byte+0x54/0x70 [ 16.824141] kmem_cache_destroy+0x34/0x218 [ 16.824187] kmem_cache_double_destroy+0x174/0x300 [ 16.824234] kunit_try_run_case+0x170/0x3f0 [ 16.824284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.824335] kthread+0x328/0x630 [ 16.824380] ret_from_fork+0x10/0x20 [ 16.824426] [ 16.824444] Allocated by task 216: [ 16.824474] kasan_save_stack+0x3c/0x68 [ 16.824515] kasan_save_track+0x20/0x40 [ 16.824553] kasan_save_alloc_info+0x40/0x58 [ 16.824593] __kasan_slab_alloc+0xa8/0xb0 [ 16.824630] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.824671] __kmem_cache_create_args+0x178/0x280 [ 16.824710] kmem_cache_double_destroy+0xc0/0x300 [ 16.824748] kunit_try_run_case+0x170/0x3f0 [ 16.824797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.824841] kthread+0x328/0x630 [ 16.824874] ret_from_fork+0x10/0x20 [ 16.824908] [ 16.824926] Freed by task 216: [ 16.824952] kasan_save_stack+0x3c/0x68 [ 16.824998] kasan_save_track+0x20/0x40 [ 16.825037] kasan_save_free_info+0x4c/0x78 [ 16.825076] __kasan_slab_free+0x6c/0x98 [ 16.825112] kmem_cache_free+0x260/0x468 [ 16.825149] slab_kmem_cache_release+0x38/0x50 [ 16.825187] kmem_cache_release+0x1c/0x30 [ 16.825224] kobject_put+0x17c/0x420 [ 16.825259] sysfs_slab_release+0x1c/0x30 [ 16.825297] kmem_cache_destroy+0x118/0x218 [ 16.825333] kmem_cache_double_destroy+0x128/0x300 [ 16.825373] kunit_try_run_case+0x170/0x3f0 [ 16.825410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.825452] kthread+0x328/0x630 [ 16.825485] ret_from_fork+0x10/0x20 [ 16.825519] [ 16.825537] The buggy address belongs to the object at fff00000c78a1280 [ 16.825537] which belongs to the cache kmem_cache of size 208 [ 16.825603] The buggy address is located 0 bytes inside of [ 16.825603] freed 208-byte region [fff00000c78a1280, fff00000c78a1350) [ 16.825664] [ 16.825687] The buggy address belongs to the physical page: [ 16.825722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a1 [ 16.825777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.825830] page_type: f5(slab) [ 16.825873] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 16.825924] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 16.825966] page dumped because: kasan: bad access detected [ 16.826006] [ 16.826023] Memory state around the buggy address: [ 16.826058] fff00000c78a1180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.826101] fff00000c78a1200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.826145] >fff00000c78a1280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.826185] ^ [ 16.826213] fff00000c78a1300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 16.826255] fff00000c78a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.826296] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 16.662934] ================================================================== [ 16.663405] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 16.663657] Read of size 1 at addr fff00000c7939000 by task kunit_try_catch/214 [ 16.663818] [ 16.664143] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.664572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.664671] Hardware name: linux,dummy-virt (DT) [ 16.664711] Call trace: [ 16.664734] show_stack+0x20/0x38 (C) [ 16.664826] dump_stack_lvl+0x8c/0xd0 [ 16.665093] print_report+0x118/0x5d0 [ 16.665398] kasan_report+0xdc/0x128 [ 16.665577] __asan_report_load1_noabort+0x20/0x30 [ 16.666518] kmem_cache_rcu_uaf+0x388/0x468 [ 16.666772] kunit_try_run_case+0x170/0x3f0 [ 16.666865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.667139] kthread+0x328/0x630 [ 16.667489] ret_from_fork+0x10/0x20 [ 16.668045] [ 16.668215] Allocated by task 214: [ 16.668485] kasan_save_stack+0x3c/0x68 [ 16.668558] kasan_save_track+0x20/0x40 [ 16.668597] kasan_save_alloc_info+0x40/0x58 [ 16.668875] __kasan_slab_alloc+0xa8/0xb0 [ 16.669068] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.669122] kmem_cache_rcu_uaf+0x12c/0x468 [ 16.669170] kunit_try_run_case+0x170/0x3f0 [ 16.669208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669252] kthread+0x328/0x630 [ 16.669285] ret_from_fork+0x10/0x20 [ 16.669321] [ 16.669339] Freed by task 0: [ 16.669366] kasan_save_stack+0x3c/0x68 [ 16.669405] kasan_save_track+0x20/0x40 [ 16.669441] kasan_save_free_info+0x4c/0x78 [ 16.669480] __kasan_slab_free+0x6c/0x98 [ 16.669519] slab_free_after_rcu_debug+0xd4/0x2f8 [ 16.669561] rcu_core+0x9f4/0x1e20 [ 16.669603] rcu_core_si+0x18/0x30 [ 16.669636] handle_softirqs+0x374/0xb28 [ 16.669674] __do_softirq+0x1c/0x28 [ 16.669705] [ 16.669724] Last potentially related work creation: [ 16.669752] kasan_save_stack+0x3c/0x68 [ 16.669790] kasan_record_aux_stack+0xb4/0xc8 [ 16.669828] kmem_cache_free+0x120/0x468 [ 16.669866] kmem_cache_rcu_uaf+0x16c/0x468 [ 16.669901] kunit_try_run_case+0x170/0x3f0 [ 16.669939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669992] kthread+0x328/0x630 [ 16.670488] ret_from_fork+0x10/0x20 [ 16.670540] [ 16.670559] The buggy address belongs to the object at fff00000c7939000 [ 16.670559] which belongs to the cache test_cache of size 200 [ 16.670629] The buggy address is located 0 bytes inside of [ 16.670629] freed 200-byte region [fff00000c7939000, fff00000c79390c8) [ 16.670693] [ 16.670716] The buggy address belongs to the physical page: [ 16.670750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 16.670846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.670901] page_type: f5(slab) [ 16.670945] raw: 0bfffe0000000000 fff00000c78a1140 dead000000000122 0000000000000000 [ 16.671009] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.671061] page dumped because: kasan: bad access detected [ 16.671105] [ 16.671133] Memory state around the buggy address: [ 16.671177] fff00000c7938f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671221] fff00000c7938f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671283] >fff00000c7939000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671337] ^ [ 16.671372] fff00000c7939080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 16.671437] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.671478] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 15.959806] ================================================================== [ 15.959976] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 15.960054] Free of addr fff00000c7938001 by task kunit_try_catch/212 [ 15.960302] [ 15.960359] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.960562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.960600] Hardware name: linux,dummy-virt (DT) [ 15.960649] Call trace: [ 15.960672] show_stack+0x20/0x38 (C) [ 15.961091] dump_stack_lvl+0x8c/0xd0 [ 15.961219] print_report+0x118/0x5d0 [ 15.961270] kasan_report_invalid_free+0xc0/0xe8 [ 15.961321] check_slab_allocation+0xfc/0x108 [ 15.961617] __kasan_slab_pre_free+0x2c/0x48 [ 15.961745] kmem_cache_free+0xf0/0x468 [ 15.961897] kmem_cache_invalid_free+0x184/0x3c8 [ 15.962093] kunit_try_run_case+0x170/0x3f0 [ 15.962315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.962428] kthread+0x328/0x630 [ 15.962475] ret_from_fork+0x10/0x20 [ 15.962546] [ 15.962579] Allocated by task 212: [ 15.962618] kasan_save_stack+0x3c/0x68 [ 15.962662] kasan_save_track+0x20/0x40 [ 15.962709] kasan_save_alloc_info+0x40/0x58 [ 15.962750] __kasan_slab_alloc+0xa8/0xb0 [ 15.962804] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.962852] kmem_cache_invalid_free+0x12c/0x3c8 [ 15.962891] kunit_try_run_case+0x170/0x3f0 [ 15.962927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.962971] kthread+0x328/0x630 [ 15.963291] ret_from_fork+0x10/0x20 [ 15.963518] [ 15.963562] The buggy address belongs to the object at fff00000c7938000 [ 15.963562] which belongs to the cache test_cache of size 200 [ 15.963663] The buggy address is located 1 bytes inside of [ 15.963663] 200-byte region [fff00000c7938000, fff00000c79380c8) [ 15.964113] [ 15.964155] The buggy address belongs to the physical page: [ 15.964309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 15.964371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.964711] page_type: f5(slab) [ 15.964859] raw: 0bfffe0000000000 fff00000c78a1000 dead000000000122 0000000000000000 [ 15.964913] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.964961] page dumped because: kasan: bad access detected [ 15.965000] [ 15.965140] Memory state around the buggy address: [ 15.965363] fff00000c7937f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.965510] fff00000c7937f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.965594] >fff00000c7938000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.965894] ^ [ 15.965988] fff00000c7938080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.966124] fff00000c7938100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.966165] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 15.922884] ================================================================== [ 15.922950] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 15.923032] Free of addr fff00000c78a1000 by task kunit_try_catch/210 [ 15.923076] [ 15.923113] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.923225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.923256] Hardware name: linux,dummy-virt (DT) [ 15.923288] Call trace: [ 15.923311] show_stack+0x20/0x38 (C) [ 15.923364] dump_stack_lvl+0x8c/0xd0 [ 15.923431] print_report+0x118/0x5d0 [ 15.923480] kasan_report_invalid_free+0xc0/0xe8 [ 15.923540] check_slab_allocation+0xd4/0x108 [ 15.923590] __kasan_slab_pre_free+0x2c/0x48 [ 15.923638] kmem_cache_free+0xf0/0x468 [ 15.923685] kmem_cache_double_free+0x190/0x3c8 [ 15.923731] kunit_try_run_case+0x170/0x3f0 [ 15.923781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.923831] kthread+0x328/0x630 [ 15.923874] ret_from_fork+0x10/0x20 [ 15.923922] [ 15.923939] Allocated by task 210: [ 15.923974] kasan_save_stack+0x3c/0x68 [ 15.925045] kasan_save_track+0x20/0x40 [ 15.925234] kasan_save_alloc_info+0x40/0x58 [ 15.925287] __kasan_slab_alloc+0xa8/0xb0 [ 15.925331] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.925474] kmem_cache_double_free+0x12c/0x3c8 [ 15.925525] kunit_try_run_case+0x170/0x3f0 [ 15.925563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.925852] kthread+0x328/0x630 [ 15.926036] ret_from_fork+0x10/0x20 [ 15.926115] [ 15.926358] Freed by task 210: [ 15.926491] kasan_save_stack+0x3c/0x68 [ 15.926571] kasan_save_track+0x20/0x40 [ 15.926680] kasan_save_free_info+0x4c/0x78 [ 15.926763] __kasan_slab_free+0x6c/0x98 [ 15.927159] kmem_cache_free+0x260/0x468 [ 15.927225] kmem_cache_double_free+0x140/0x3c8 [ 15.927396] kunit_try_run_case+0x170/0x3f0 [ 15.927441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.927738] kthread+0x328/0x630 [ 15.927825] ret_from_fork+0x10/0x20 [ 15.928153] [ 15.928203] The buggy address belongs to the object at fff00000c78a1000 [ 15.928203] which belongs to the cache test_cache of size 200 [ 15.928381] The buggy address is located 0 bytes inside of [ 15.928381] 200-byte region [fff00000c78a1000, fff00000c78a10c8) [ 15.928447] [ 15.928699] The buggy address belongs to the physical page: [ 15.928777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a1 [ 15.929157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.929245] page_type: f5(slab) [ 15.929295] raw: 0bfffe0000000000 fff00000c1378dc0 dead000000000122 0000000000000000 [ 15.929348] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.929390] page dumped because: kasan: bad access detected [ 15.929423] [ 15.929440] Memory state around the buggy address: [ 15.929836] fff00000c78a0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.929966] fff00000c78a0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.930392] >fff00000c78a1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.930492] ^ [ 15.930766] fff00000c78a1080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 15.930846] fff00000c78a1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.931040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 15.874086] ================================================================== [ 15.874437] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 15.874564] Read of size 1 at addr fff00000c78a00c8 by task kunit_try_catch/208 [ 15.874618] [ 15.874654] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.874836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.874966] Hardware name: linux,dummy-virt (DT) [ 15.875028] Call trace: [ 15.875076] show_stack+0x20/0x38 (C) [ 15.875164] dump_stack_lvl+0x8c/0xd0 [ 15.875230] print_report+0x118/0x5d0 [ 15.875295] kasan_report+0xdc/0x128 [ 15.875354] __asan_report_load1_noabort+0x20/0x30 [ 15.875425] kmem_cache_oob+0x344/0x430 [ 15.875507] kunit_try_run_case+0x170/0x3f0 [ 15.875555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.875609] kthread+0x328/0x630 [ 15.875683] ret_from_fork+0x10/0x20 [ 15.875782] [ 15.875800] Allocated by task 208: [ 15.875828] kasan_save_stack+0x3c/0x68 [ 15.875966] kasan_save_track+0x20/0x40 [ 15.876032] kasan_save_alloc_info+0x40/0x58 [ 15.876074] __kasan_slab_alloc+0xa8/0xb0 [ 15.876110] kmem_cache_alloc_noprof+0x10c/0x398 [ 15.876150] kmem_cache_oob+0x12c/0x430 [ 15.876212] kunit_try_run_case+0x170/0x3f0 [ 15.876353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.876514] kthread+0x328/0x630 [ 15.876556] ret_from_fork+0x10/0x20 [ 15.876591] [ 15.876609] The buggy address belongs to the object at fff00000c78a0000 [ 15.876609] which belongs to the cache test_cache of size 200 [ 15.876669] The buggy address is located 0 bytes to the right of [ 15.876669] allocated 200-byte region [fff00000c78a0000, fff00000c78a00c8) [ 15.876735] [ 15.876755] The buggy address belongs to the physical page: [ 15.876787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 15.876852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.876902] page_type: f5(slab) [ 15.876940] raw: 0bfffe0000000000 fff00000c1378c80 dead000000000122 0000000000000000 [ 15.877002] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 15.877043] page dumped because: kasan: bad access detected [ 15.877081] [ 15.877098] Memory state around the buggy address: [ 15.877130] fff00000c789ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877173] fff00000c78a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.877216] >fff00000c78a0080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 15.877253] ^ [ 15.877288] fff00000c78a0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877330] fff00000c78a0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877369] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 15.851789] ================================================================== [ 15.851966] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 15.852153] Read of size 8 at addr fff00000c789a5c0 by task kunit_try_catch/201 [ 15.852262] [ 15.852318] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.852426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.852511] Hardware name: linux,dummy-virt (DT) [ 15.852581] Call trace: [ 15.852619] show_stack+0x20/0x38 (C) [ 15.852669] dump_stack_lvl+0x8c/0xd0 [ 15.852752] print_report+0x118/0x5d0 [ 15.852814] kasan_report+0xdc/0x128 [ 15.852909] __asan_report_load8_noabort+0x20/0x30 [ 15.853414] workqueue_uaf+0x480/0x4a8 [ 15.853472] kunit_try_run_case+0x170/0x3f0 [ 15.853524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.853578] kthread+0x328/0x630 [ 15.853619] ret_from_fork+0x10/0x20 [ 15.853667] [ 15.853685] Allocated by task 201: [ 15.853714] kasan_save_stack+0x3c/0x68 [ 15.853756] kasan_save_track+0x20/0x40 [ 15.853793] kasan_save_alloc_info+0x40/0x58 [ 15.853832] __kasan_kmalloc+0xd4/0xd8 [ 15.853869] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.853908] workqueue_uaf+0x13c/0x4a8 [ 15.853944] kunit_try_run_case+0x170/0x3f0 [ 15.853993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.854037] kthread+0x328/0x630 [ 15.854071] ret_from_fork+0x10/0x20 [ 15.854105] [ 15.854123] Freed by task 119: [ 15.854171] kasan_save_stack+0x3c/0x68 [ 15.854218] kasan_save_track+0x20/0x40 [ 15.854254] kasan_save_free_info+0x4c/0x78 [ 15.854292] __kasan_slab_free+0x6c/0x98 [ 15.854339] kfree+0x214/0x3c8 [ 15.854379] workqueue_uaf_work+0x18/0x30 [ 15.854415] process_one_work+0x530/0xf98 [ 15.854451] worker_thread+0x618/0xf38 [ 15.854499] kthread+0x328/0x630 [ 15.854547] ret_from_fork+0x10/0x20 [ 15.854581] [ 15.854601] Last potentially related work creation: [ 15.854635] kasan_save_stack+0x3c/0x68 [ 15.854672] kasan_record_aux_stack+0xb4/0xc8 [ 15.854713] __queue_work+0x65c/0x1008 [ 15.854748] queue_work_on+0xbc/0xf8 [ 15.854784] workqueue_uaf+0x210/0x4a8 [ 15.854829] kunit_try_run_case+0x170/0x3f0 [ 15.854867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.854912] kthread+0x328/0x630 [ 15.854943] ret_from_fork+0x10/0x20 [ 15.854988] [ 15.855005] The buggy address belongs to the object at fff00000c789a5c0 [ 15.855005] which belongs to the cache kmalloc-32 of size 32 [ 15.855066] The buggy address is located 0 bytes inside of [ 15.855066] freed 32-byte region [fff00000c789a5c0, fff00000c789a5e0) [ 15.855137] [ 15.855156] The buggy address belongs to the physical page: [ 15.855197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10789a [ 15.855258] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.855308] page_type: f5(slab) [ 15.855356] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.855406] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.855465] page dumped because: kasan: bad access detected [ 15.855507] [ 15.855532] Memory state around the buggy address: [ 15.855570] fff00000c789a480: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 15.855624] fff00000c789a500: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.855668] >fff00000c789a580: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 15.855708] ^ [ 15.855743] fff00000c789a600: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.855787] fff00000c789a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.855834] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 15.826359] ================================================================== [ 15.826513] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 15.826582] Read of size 4 at addr fff00000c789a380 by task swapper/0/0 [ 15.827039] [ 15.827097] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.827531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.827571] Hardware name: linux,dummy-virt (DT) [ 15.827605] Call trace: [ 15.827628] show_stack+0x20/0x38 (C) [ 15.827691] dump_stack_lvl+0x8c/0xd0 [ 15.827853] print_report+0x118/0x5d0 [ 15.828047] kasan_report+0xdc/0x128 [ 15.828111] __asan_report_load4_noabort+0x20/0x30 [ 15.828475] rcu_uaf_reclaim+0x64/0x70 [ 15.828569] rcu_core+0x9f4/0x1e20 [ 15.828642] rcu_core_si+0x18/0x30 [ 15.828686] handle_softirqs+0x374/0xb28 [ 15.828853] __do_softirq+0x1c/0x28 [ 15.829187] ____do_softirq+0x18/0x30 [ 15.829236] call_on_irq_stack+0x24/0x30 [ 15.829528] do_softirq_own_stack+0x24/0x38 [ 15.829678] __irq_exit_rcu+0x1fc/0x318 [ 15.829801] irq_exit_rcu+0x1c/0x80 [ 15.830034] el1_interrupt+0x38/0x58 [ 15.830096] el1h_64_irq_handler+0x18/0x28 [ 15.830145] el1h_64_irq+0x6c/0x70 [ 15.830259] arch_local_irq_enable+0x4/0x8 (P) [ 15.830310] do_idle+0x384/0x4e8 [ 15.830354] cpu_startup_entry+0x64/0x80 [ 15.830570] rest_init+0x160/0x188 [ 15.832052] start_kernel+0x30c/0x3d0 [ 15.832114] __primary_switched+0x8c/0xa0 [ 15.832183] [ 15.832203] Allocated by task 199: [ 15.832237] kasan_save_stack+0x3c/0x68 [ 15.832286] kasan_save_track+0x20/0x40 [ 15.832333] kasan_save_alloc_info+0x40/0x58 [ 15.832374] __kasan_kmalloc+0xd4/0xd8 [ 15.832412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.832461] rcu_uaf+0xb0/0x2d8 [ 15.832496] kunit_try_run_case+0x170/0x3f0 [ 15.832544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.832598] kthread+0x328/0x630 [ 15.832631] ret_from_fork+0x10/0x20 [ 15.832668] [ 15.832702] Freed by task 0: [ 15.832729] kasan_save_stack+0x3c/0x68 [ 15.833172] kasan_save_track+0x20/0x40 [ 15.833228] kasan_save_free_info+0x4c/0x78 [ 15.833271] __kasan_slab_free+0x6c/0x98 [ 15.833319] kfree+0x214/0x3c8 [ 15.833354] rcu_uaf_reclaim+0x28/0x70 [ 15.833390] rcu_core+0x9f4/0x1e20 [ 15.833425] rcu_core_si+0x18/0x30 [ 15.833460] handle_softirqs+0x374/0xb28 [ 15.833496] __do_softirq+0x1c/0x28 [ 15.833530] [ 15.833564] Last potentially related work creation: [ 15.833600] kasan_save_stack+0x3c/0x68 [ 15.833637] kasan_record_aux_stack+0xb4/0xc8 [ 15.833679] __call_rcu_common.constprop.0+0x74/0x8c8 [ 15.833720] call_rcu+0x18/0x30 [ 15.833754] rcu_uaf+0x14c/0x2d8 [ 15.833788] kunit_try_run_case+0x170/0x3f0 [ 15.833827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.833869] kthread+0x328/0x630 [ 15.833900] ret_from_fork+0x10/0x20 [ 15.833942] [ 15.833967] The buggy address belongs to the object at fff00000c789a380 [ 15.833967] which belongs to the cache kmalloc-32 of size 32 [ 15.834382] The buggy address is located 0 bytes inside of [ 15.834382] freed 32-byte region [fff00000c789a380, fff00000c789a3a0) [ 15.834454] [ 15.834475] The buggy address belongs to the physical page: [ 15.835353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10789a [ 15.835429] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.836125] page_type: f5(slab) [ 15.836387] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 15.837958] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.838062] page dumped because: kasan: bad access detected [ 15.838102] [ 15.838133] Memory state around the buggy address: [ 15.838171] fff00000c789a280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.838233] fff00000c789a300: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.838276] >fff00000c789a380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.838325] ^ [ 15.838365] fff00000c789a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838410] fff00000c789a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 15.575677] ================================================================== [ 15.575736] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 15.575787] Read of size 1 at addr fff00000c786a800 by task kunit_try_catch/197 [ 15.575837] [ 15.575868] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.575952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.578301] Hardware name: linux,dummy-virt (DT) [ 15.578359] Call trace: [ 15.578384] show_stack+0x20/0x38 (C) [ 15.578440] dump_stack_lvl+0x8c/0xd0 [ 15.578486] print_report+0x118/0x5d0 [ 15.578530] kasan_report+0xdc/0x128 [ 15.578575] __kasan_check_byte+0x54/0x70 [ 15.578620] ksize+0x30/0x88 [ 15.578661] ksize_uaf+0x168/0x5f8 [ 15.578705] kunit_try_run_case+0x170/0x3f0 [ 15.578752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.578803] kthread+0x328/0x630 [ 15.578844] ret_from_fork+0x10/0x20 [ 15.578891] [ 15.578908] Allocated by task 197: [ 15.578938] kasan_save_stack+0x3c/0x68 [ 15.578990] kasan_save_track+0x20/0x40 [ 15.579027] kasan_save_alloc_info+0x40/0x58 [ 15.579067] __kasan_kmalloc+0xd4/0xd8 [ 15.579103] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.579142] ksize_uaf+0xb8/0x5f8 [ 15.579175] kunit_try_run_case+0x170/0x3f0 [ 15.579213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.579257] kthread+0x328/0x630 [ 15.579288] ret_from_fork+0x10/0x20 [ 15.579324] [ 15.579342] Freed by task 197: [ 15.579366] kasan_save_stack+0x3c/0x68 [ 15.579404] kasan_save_track+0x20/0x40 [ 15.579445] kasan_save_free_info+0x4c/0x78 [ 15.579485] __kasan_slab_free+0x6c/0x98 [ 15.579520] kfree+0x214/0x3c8 [ 15.579554] ksize_uaf+0x11c/0x5f8 [ 15.579586] kunit_try_run_case+0x170/0x3f0 [ 15.579624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.579668] kthread+0x328/0x630 [ 15.579699] ret_from_fork+0x10/0x20 [ 15.579733] [ 15.579752] The buggy address belongs to the object at fff00000c786a800 [ 15.579752] which belongs to the cache kmalloc-128 of size 128 [ 15.579810] The buggy address is located 0 bytes inside of [ 15.579810] freed 128-byte region [fff00000c786a800, fff00000c786a880) [ 15.579873] [ 15.579892] The buggy address belongs to the physical page: [ 15.579923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.580903] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.581024] page_type: f5(slab) [ 15.581069] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.581119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.581213] page dumped because: kasan: bad access detected [ 15.581302] [ 15.581415] Memory state around the buggy address: [ 15.581514] fff00000c786a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.581570] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581709] >fff00000c786a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.581750] ^ [ 15.581804] fff00000c786a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581882] fff00000c786a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.581921] ================================================================== [ 15.583370] ================================================================== [ 15.583458] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 15.583541] Read of size 1 at addr fff00000c786a800 by task kunit_try_catch/197 [ 15.583616] [ 15.583664] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.583774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.583801] Hardware name: linux,dummy-virt (DT) [ 15.583831] Call trace: [ 15.583851] show_stack+0x20/0x38 (C) [ 15.583898] dump_stack_lvl+0x8c/0xd0 [ 15.583942] print_report+0x118/0x5d0 [ 15.584007] kasan_report+0xdc/0x128 [ 15.584062] __asan_report_load1_noabort+0x20/0x30 [ 15.584287] ksize_uaf+0x598/0x5f8 [ 15.584340] kunit_try_run_case+0x170/0x3f0 [ 15.584384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.584484] kthread+0x328/0x630 [ 15.584529] ret_from_fork+0x10/0x20 [ 15.584573] [ 15.584648] Allocated by task 197: [ 15.584675] kasan_save_stack+0x3c/0x68 [ 15.584743] kasan_save_track+0x20/0x40 [ 15.584832] kasan_save_alloc_info+0x40/0x58 [ 15.584959] __kasan_kmalloc+0xd4/0xd8 [ 15.585131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.585273] ksize_uaf+0xb8/0x5f8 [ 15.585308] kunit_try_run_case+0x170/0x3f0 [ 15.585345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.585388] kthread+0x328/0x630 [ 15.585418] ret_from_fork+0x10/0x20 [ 15.585454] [ 15.585472] Freed by task 197: [ 15.585498] kasan_save_stack+0x3c/0x68 [ 15.585535] kasan_save_track+0x20/0x40 [ 15.585570] kasan_save_free_info+0x4c/0x78 [ 15.585610] __kasan_slab_free+0x6c/0x98 [ 15.585645] kfree+0x214/0x3c8 [ 15.585679] ksize_uaf+0x11c/0x5f8 [ 15.585713] kunit_try_run_case+0x170/0x3f0 [ 15.585751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.585921] kthread+0x328/0x630 [ 15.586048] ret_from_fork+0x10/0x20 [ 15.586156] [ 15.586186] The buggy address belongs to the object at fff00000c786a800 [ 15.586186] which belongs to the cache kmalloc-128 of size 128 [ 15.586295] The buggy address is located 0 bytes inside of [ 15.586295] freed 128-byte region [fff00000c786a800, fff00000c786a880) [ 15.586439] [ 15.586507] The buggy address belongs to the physical page: [ 15.586645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.586799] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.586905] page_type: f5(slab) [ 15.587046] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.587137] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.587529] page dumped because: kasan: bad access detected [ 15.587653] [ 15.587684] Memory state around the buggy address: [ 15.587725] fff00000c786a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.587834] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.587876] >fff00000c786a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.587960] ^ [ 15.588113] fff00000c786a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588177] fff00000c786a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588541] ================================================================== [ 15.590639] ================================================================== [ 15.590694] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 15.590785] Read of size 1 at addr fff00000c786a878 by task kunit_try_catch/197 [ 15.590893] [ 15.590931] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.591026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.591053] Hardware name: linux,dummy-virt (DT) [ 15.591082] Call trace: [ 15.591102] show_stack+0x20/0x38 (C) [ 15.591410] dump_stack_lvl+0x8c/0xd0 [ 15.591478] print_report+0x118/0x5d0 [ 15.591524] kasan_report+0xdc/0x128 [ 15.591634] __asan_report_load1_noabort+0x20/0x30 [ 15.591750] ksize_uaf+0x544/0x5f8 [ 15.591833] kunit_try_run_case+0x170/0x3f0 [ 15.591894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.591971] kthread+0x328/0x630 [ 15.592025] ret_from_fork+0x10/0x20 [ 15.592151] [ 15.592199] Allocated by task 197: [ 15.592227] kasan_save_stack+0x3c/0x68 [ 15.592269] kasan_save_track+0x20/0x40 [ 15.592304] kasan_save_alloc_info+0x40/0x58 [ 15.592344] __kasan_kmalloc+0xd4/0xd8 [ 15.592629] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.592716] ksize_uaf+0xb8/0x5f8 [ 15.592752] kunit_try_run_case+0x170/0x3f0 [ 15.592932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.593033] kthread+0x328/0x630 [ 15.593182] ret_from_fork+0x10/0x20 [ 15.593231] [ 15.593249] Freed by task 197: [ 15.593277] kasan_save_stack+0x3c/0x68 [ 15.593314] kasan_save_track+0x20/0x40 [ 15.593361] kasan_save_free_info+0x4c/0x78 [ 15.593401] __kasan_slab_free+0x6c/0x98 [ 15.593461] kfree+0x214/0x3c8 [ 15.593493] ksize_uaf+0x11c/0x5f8 [ 15.593528] kunit_try_run_case+0x170/0x3f0 [ 15.593566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.593618] kthread+0x328/0x630 [ 15.593651] ret_from_fork+0x10/0x20 [ 15.593686] [ 15.593719] The buggy address belongs to the object at fff00000c786a800 [ 15.593719] which belongs to the cache kmalloc-128 of size 128 [ 15.593780] The buggy address is located 120 bytes inside of [ 15.593780] freed 128-byte region [fff00000c786a800, fff00000c786a880) [ 15.593843] [ 15.593862] The buggy address belongs to the physical page: [ 15.593903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.593956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.594025] page_type: f5(slab) [ 15.594060] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.594111] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.594152] page dumped because: kasan: bad access detected [ 15.594185] [ 15.594203] Memory state around the buggy address: [ 15.594255] fff00000c786a700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.594319] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594370] >fff00000c786a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.594416] ^ [ 15.594458] fff00000c786a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594523] fff00000c786a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594570] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 15.563531] ================================================================== [ 15.563591] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 15.563951] Read of size 1 at addr fff00000c786a77f by task kunit_try_catch/195 [ 15.564089] [ 15.564158] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.564403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.564489] Hardware name: linux,dummy-virt (DT) [ 15.564546] Call trace: [ 15.564569] show_stack+0x20/0x38 (C) [ 15.564621] dump_stack_lvl+0x8c/0xd0 [ 15.564675] print_report+0x118/0x5d0 [ 15.564721] kasan_report+0xdc/0x128 [ 15.564777] __asan_report_load1_noabort+0x20/0x30 [ 15.564827] ksize_unpoisons_memory+0x690/0x740 [ 15.564883] kunit_try_run_case+0x170/0x3f0 [ 15.564930] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.564999] kthread+0x328/0x630 [ 15.565049] ret_from_fork+0x10/0x20 [ 15.565096] [ 15.565128] Allocated by task 195: [ 15.565156] kasan_save_stack+0x3c/0x68 [ 15.565205] kasan_save_track+0x20/0x40 [ 15.565242] kasan_save_alloc_info+0x40/0x58 [ 15.565282] __kasan_kmalloc+0xd4/0xd8 [ 15.565326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.565368] ksize_unpoisons_memory+0xc0/0x740 [ 15.565404] kunit_try_run_case+0x170/0x3f0 [ 15.565442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.565485] kthread+0x328/0x630 [ 15.565516] ret_from_fork+0x10/0x20 [ 15.565551] [ 15.565569] The buggy address belongs to the object at fff00000c786a700 [ 15.565569] which belongs to the cache kmalloc-128 of size 128 [ 15.565639] The buggy address is located 12 bytes to the right of [ 15.565639] allocated 115-byte region [fff00000c786a700, fff00000c786a773) [ 15.565704] [ 15.565730] The buggy address belongs to the physical page: [ 15.565761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.565814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.565862] page_type: f5(slab) [ 15.565898] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.565949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.566000] page dumped because: kasan: bad access detected [ 15.566032] [ 15.566050] Memory state around the buggy address: [ 15.566723] fff00000c786a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.566888] fff00000c786a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.566992] >fff00000c786a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.567173] ^ [ 15.567354] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.567439] fff00000c786a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.567588] ================================================================== [ 15.550639] ================================================================== [ 15.550874] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 15.551003] Read of size 1 at addr fff00000c786a773 by task kunit_try_catch/195 [ 15.551060] [ 15.551094] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.551229] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.551257] Hardware name: linux,dummy-virt (DT) [ 15.551339] Call trace: [ 15.551377] show_stack+0x20/0x38 (C) [ 15.551436] dump_stack_lvl+0x8c/0xd0 [ 15.551783] print_report+0x118/0x5d0 [ 15.551865] kasan_report+0xdc/0x128 [ 15.551931] __asan_report_load1_noabort+0x20/0x30 [ 15.552043] ksize_unpoisons_memory+0x628/0x740 [ 15.552096] kunit_try_run_case+0x170/0x3f0 [ 15.552310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.552395] kthread+0x328/0x630 [ 15.552546] ret_from_fork+0x10/0x20 [ 15.552608] [ 15.552627] Allocated by task 195: [ 15.552803] kasan_save_stack+0x3c/0x68 [ 15.552889] kasan_save_track+0x20/0x40 [ 15.553019] kasan_save_alloc_info+0x40/0x58 [ 15.553064] __kasan_kmalloc+0xd4/0xd8 [ 15.553109] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.553349] ksize_unpoisons_memory+0xc0/0x740 [ 15.553477] kunit_try_run_case+0x170/0x3f0 [ 15.553633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.553718] kthread+0x328/0x630 [ 15.553758] ret_from_fork+0x10/0x20 [ 15.553921] [ 15.554108] The buggy address belongs to the object at fff00000c786a700 [ 15.554108] which belongs to the cache kmalloc-128 of size 128 [ 15.554253] The buggy address is located 0 bytes to the right of [ 15.554253] allocated 115-byte region [fff00000c786a700, fff00000c786a773) [ 15.554332] [ 15.554487] The buggy address belongs to the physical page: [ 15.554544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.554669] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.554845] page_type: f5(slab) [ 15.555052] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.555172] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.555273] page dumped because: kasan: bad access detected [ 15.555366] [ 15.555406] Memory state around the buggy address: [ 15.555565] fff00000c786a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.555609] fff00000c786a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.555835] >fff00000c786a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.556042] ^ [ 15.556200] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556275] fff00000c786a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556320] ================================================================== [ 15.557654] ================================================================== [ 15.557705] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 15.557753] Read of size 1 at addr fff00000c786a778 by task kunit_try_catch/195 [ 15.557976] [ 15.558082] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.558220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.558268] Hardware name: linux,dummy-virt (DT) [ 15.558339] Call trace: [ 15.558379] show_stack+0x20/0x38 (C) [ 15.558433] dump_stack_lvl+0x8c/0xd0 [ 15.558489] print_report+0x118/0x5d0 [ 15.558677] kasan_report+0xdc/0x128 [ 15.558750] __asan_report_load1_noabort+0x20/0x30 [ 15.558860] ksize_unpoisons_memory+0x618/0x740 [ 15.558932] kunit_try_run_case+0x170/0x3f0 [ 15.559107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.559172] kthread+0x328/0x630 [ 15.559215] ret_from_fork+0x10/0x20 [ 15.559345] [ 15.559403] Allocated by task 195: [ 15.559450] kasan_save_stack+0x3c/0x68 [ 15.559641] kasan_save_track+0x20/0x40 [ 15.559741] kasan_save_alloc_info+0x40/0x58 [ 15.559785] __kasan_kmalloc+0xd4/0xd8 [ 15.559839] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.560035] ksize_unpoisons_memory+0xc0/0x740 [ 15.560155] kunit_try_run_case+0x170/0x3f0 [ 15.560226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.560415] kthread+0x328/0x630 [ 15.560550] ret_from_fork+0x10/0x20 [ 15.560619] [ 15.560714] The buggy address belongs to the object at fff00000c786a700 [ 15.560714] which belongs to the cache kmalloc-128 of size 128 [ 15.560778] The buggy address is located 5 bytes to the right of [ 15.560778] allocated 115-byte region [fff00000c786a700, fff00000c786a773) [ 15.560885] [ 15.560933] The buggy address belongs to the physical page: [ 15.560966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.561230] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.561378] page_type: f5(slab) [ 15.561445] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.561509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.561639] page dumped because: kasan: bad access detected [ 15.561673] [ 15.561890] Memory state around the buggy address: [ 15.562133] fff00000c786a600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.562200] fff00000c786a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562306] >fff00000c786a700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.562392] ^ [ 15.562631] fff00000c786a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562723] fff00000c786a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.562841] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 15.536042] ================================================================== [ 15.536204] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 15.536292] Free of addr fff00000c433ec60 by task kunit_try_catch/193 [ 15.536337] [ 15.536386] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.536623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.536744] Hardware name: linux,dummy-virt (DT) [ 15.536896] Call trace: [ 15.537037] show_stack+0x20/0x38 (C) [ 15.537175] dump_stack_lvl+0x8c/0xd0 [ 15.537284] print_report+0x118/0x5d0 [ 15.537416] kasan_report_invalid_free+0xc0/0xe8 [ 15.537492] check_slab_allocation+0xd4/0x108 [ 15.537556] __kasan_slab_pre_free+0x2c/0x48 [ 15.537609] kfree+0xe8/0x3c8 [ 15.537805] kfree_sensitive+0x3c/0xb0 [ 15.537947] kmalloc_double_kzfree+0x168/0x308 [ 15.538120] kunit_try_run_case+0x170/0x3f0 [ 15.538217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.538315] kthread+0x328/0x630 [ 15.538469] ret_from_fork+0x10/0x20 [ 15.538556] [ 15.538737] Allocated by task 193: [ 15.538897] kasan_save_stack+0x3c/0x68 [ 15.539028] kasan_save_track+0x20/0x40 [ 15.539108] kasan_save_alloc_info+0x40/0x58 [ 15.539223] __kasan_kmalloc+0xd4/0xd8 [ 15.539359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.539434] kmalloc_double_kzfree+0xb8/0x308 [ 15.539480] kunit_try_run_case+0x170/0x3f0 [ 15.539671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.540047] kthread+0x328/0x630 [ 15.540206] ret_from_fork+0x10/0x20 [ 15.540300] [ 15.540343] Freed by task 193: [ 15.540677] kasan_save_stack+0x3c/0x68 [ 15.540807] kasan_save_track+0x20/0x40 [ 15.540907] kasan_save_free_info+0x4c/0x78 [ 15.541013] __kasan_slab_free+0x6c/0x98 [ 15.541139] kfree+0x214/0x3c8 [ 15.541206] kfree_sensitive+0x80/0xb0 [ 15.541363] kmalloc_double_kzfree+0x11c/0x308 [ 15.541428] kunit_try_run_case+0x170/0x3f0 [ 15.541474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.541690] kthread+0x328/0x630 [ 15.541731] ret_from_fork+0x10/0x20 [ 15.541800] [ 15.541908] The buggy address belongs to the object at fff00000c433ec60 [ 15.541908] which belongs to the cache kmalloc-16 of size 16 [ 15.542154] The buggy address is located 0 bytes inside of [ 15.542154] 16-byte region [fff00000c433ec60, fff00000c433ec70) [ 15.542381] [ 15.542421] The buggy address belongs to the physical page: [ 15.542470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.542664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.542861] page_type: f5(slab) [ 15.543017] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.543162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.543351] page dumped because: kasan: bad access detected [ 15.543448] [ 15.543551] Memory state around the buggy address: [ 15.543583] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.543665] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.543863] >fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.544049] ^ [ 15.544209] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544373] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.544772] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 15.530204] ================================================================== [ 15.530301] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 15.530436] Read of size 1 at addr fff00000c433ec60 by task kunit_try_catch/193 [ 15.530490] [ 15.530625] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.530714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.530741] Hardware name: linux,dummy-virt (DT) [ 15.530848] Call trace: [ 15.530909] show_stack+0x20/0x38 (C) [ 15.530962] dump_stack_lvl+0x8c/0xd0 [ 15.531027] print_report+0x118/0x5d0 [ 15.531072] kasan_report+0xdc/0x128 [ 15.531297] __kasan_check_byte+0x54/0x70 [ 15.531461] kfree_sensitive+0x30/0xb0 [ 15.531528] kmalloc_double_kzfree+0x168/0x308 [ 15.531628] kunit_try_run_case+0x170/0x3f0 [ 15.531706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.531839] kthread+0x328/0x630 [ 15.531904] ret_from_fork+0x10/0x20 [ 15.531977] [ 15.532017] Allocated by task 193: [ 15.532046] kasan_save_stack+0x3c/0x68 [ 15.532089] kasan_save_track+0x20/0x40 [ 15.532127] kasan_save_alloc_info+0x40/0x58 [ 15.532358] __kasan_kmalloc+0xd4/0xd8 [ 15.532493] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.532541] kmalloc_double_kzfree+0xb8/0x308 [ 15.532596] kunit_try_run_case+0x170/0x3f0 [ 15.532679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.532747] kthread+0x328/0x630 [ 15.532818] ret_from_fork+0x10/0x20 [ 15.532948] [ 15.532993] Freed by task 193: [ 15.533022] kasan_save_stack+0x3c/0x68 [ 15.533274] kasan_save_track+0x20/0x40 [ 15.533448] kasan_save_free_info+0x4c/0x78 [ 15.533646] __kasan_slab_free+0x6c/0x98 [ 15.533690] kfree+0x214/0x3c8 [ 15.533857] kfree_sensitive+0x80/0xb0 [ 15.533929] kmalloc_double_kzfree+0x11c/0x308 [ 15.534008] kunit_try_run_case+0x170/0x3f0 [ 15.534060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.534121] kthread+0x328/0x630 [ 15.534157] ret_from_fork+0x10/0x20 [ 15.534211] [ 15.534231] The buggy address belongs to the object at fff00000c433ec60 [ 15.534231] which belongs to the cache kmalloc-16 of size 16 [ 15.534291] The buggy address is located 0 bytes inside of [ 15.534291] freed 16-byte region [fff00000c433ec60, fff00000c433ec70) [ 15.534360] [ 15.534398] The buggy address belongs to the physical page: [ 15.534431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.534496] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.534545] page_type: f5(slab) [ 15.534582] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.534633] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.534683] page dumped because: kasan: bad access detected [ 15.534715] [ 15.534732] Memory state around the buggy address: [ 15.534778] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.534828] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.534871] >fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.534919] ^ [ 15.534967] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535018] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.535067] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 15.506431] ================================================================== [ 15.506496] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 15.506652] Read of size 1 at addr fff00000c7891da8 by task kunit_try_catch/189 [ 15.506706] [ 15.506755] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.507094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.507220] Hardware name: linux,dummy-virt (DT) [ 15.507255] Call trace: [ 15.507317] show_stack+0x20/0x38 (C) [ 15.507410] dump_stack_lvl+0x8c/0xd0 [ 15.507632] print_report+0x118/0x5d0 [ 15.507713] kasan_report+0xdc/0x128 [ 15.507870] __asan_report_load1_noabort+0x20/0x30 [ 15.507938] kmalloc_uaf2+0x3f4/0x468 [ 15.507998] kunit_try_run_case+0x170/0x3f0 [ 15.508046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.508099] kthread+0x328/0x630 [ 15.508142] ret_from_fork+0x10/0x20 [ 15.508188] [ 15.508206] Allocated by task 189: [ 15.508234] kasan_save_stack+0x3c/0x68 [ 15.508273] kasan_save_track+0x20/0x40 [ 15.508311] kasan_save_alloc_info+0x40/0x58 [ 15.508351] __kasan_kmalloc+0xd4/0xd8 [ 15.508388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.508429] kmalloc_uaf2+0xc4/0x468 [ 15.508463] kunit_try_run_case+0x170/0x3f0 [ 15.508500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.508543] kthread+0x328/0x630 [ 15.508573] ret_from_fork+0x10/0x20 [ 15.508676] [ 15.508700] Freed by task 189: [ 15.508728] kasan_save_stack+0x3c/0x68 [ 15.509189] kasan_save_track+0x20/0x40 [ 15.509249] kasan_save_free_info+0x4c/0x78 [ 15.509463] __kasan_slab_free+0x6c/0x98 [ 15.509541] kfree+0x214/0x3c8 [ 15.509631] kmalloc_uaf2+0x134/0x468 [ 15.509745] kunit_try_run_case+0x170/0x3f0 [ 15.509879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.510053] kthread+0x328/0x630 [ 15.510109] ret_from_fork+0x10/0x20 [ 15.510366] [ 15.510406] The buggy address belongs to the object at fff00000c7891d80 [ 15.510406] which belongs to the cache kmalloc-64 of size 64 [ 15.510624] The buggy address is located 40 bytes inside of [ 15.510624] freed 64-byte region [fff00000c7891d80, fff00000c7891dc0) [ 15.510739] [ 15.510802] The buggy address belongs to the physical page: [ 15.510960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107891 [ 15.511148] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.511328] page_type: f5(slab) [ 15.511414] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.511519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.511631] page dumped because: kasan: bad access detected [ 15.511727] [ 15.511797] Memory state around the buggy address: [ 15.511832] fff00000c7891c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.512212] fff00000c7891d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.512307] >fff00000c7891d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.512463] ^ [ 15.512555] fff00000c7891e00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 15.512681] fff00000c7891e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512795] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 15.488437] ================================================================== [ 15.488681] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 15.488749] Write of size 33 at addr fff00000c7891c00 by task kunit_try_catch/187 [ 15.488802] [ 15.489022] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.489215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.489295] Hardware name: linux,dummy-virt (DT) [ 15.489337] Call trace: [ 15.489372] show_stack+0x20/0x38 (C) [ 15.489550] dump_stack_lvl+0x8c/0xd0 [ 15.489607] print_report+0x118/0x5d0 [ 15.489786] kasan_report+0xdc/0x128 [ 15.489969] kasan_check_range+0x100/0x1a8 [ 15.490156] __asan_memset+0x34/0x78 [ 15.490226] kmalloc_uaf_memset+0x170/0x310 [ 15.490403] kunit_try_run_case+0x170/0x3f0 [ 15.490508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.490574] kthread+0x328/0x630 [ 15.490785] ret_from_fork+0x10/0x20 [ 15.490844] [ 15.490964] Allocated by task 187: [ 15.491280] kasan_save_stack+0x3c/0x68 [ 15.491368] kasan_save_track+0x20/0x40 [ 15.491501] kasan_save_alloc_info+0x40/0x58 [ 15.491568] __kasan_kmalloc+0xd4/0xd8 [ 15.491650] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.491815] kmalloc_uaf_memset+0xb8/0x310 [ 15.491942] kunit_try_run_case+0x170/0x3f0 [ 15.492061] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.492203] kthread+0x328/0x630 [ 15.492413] ret_from_fork+0x10/0x20 [ 15.492494] [ 15.492693] Freed by task 187: [ 15.492771] kasan_save_stack+0x3c/0x68 [ 15.492918] kasan_save_track+0x20/0x40 [ 15.493046] kasan_save_free_info+0x4c/0x78 [ 15.493204] __kasan_slab_free+0x6c/0x98 [ 15.493279] kfree+0x214/0x3c8 [ 15.493312] kmalloc_uaf_memset+0x11c/0x310 [ 15.493699] kunit_try_run_case+0x170/0x3f0 [ 15.493801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.494147] kthread+0x328/0x630 [ 15.494219] ret_from_fork+0x10/0x20 [ 15.494349] [ 15.494392] The buggy address belongs to the object at fff00000c7891c00 [ 15.494392] which belongs to the cache kmalloc-64 of size 64 [ 15.494491] The buggy address is located 0 bytes inside of [ 15.494491] freed 64-byte region [fff00000c7891c00, fff00000c7891c40) [ 15.494689] [ 15.494758] The buggy address belongs to the physical page: [ 15.494792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107891 [ 15.494938] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.495124] page_type: f5(slab) [ 15.495273] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.495402] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.495579] page dumped because: kasan: bad access detected [ 15.495613] [ 15.495631] Memory state around the buggy address: [ 15.495714] fff00000c7891b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496017] fff00000c7891b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496198] >fff00000c7891c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.496356] ^ [ 15.496400] fff00000c7891c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496460] fff00000c7891d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.496500] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 15.472808] ================================================================== [ 15.472873] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 15.473071] Read of size 1 at addr fff00000c433ec48 by task kunit_try_catch/185 [ 15.473298] [ 15.473366] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.473518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.473567] Hardware name: linux,dummy-virt (DT) [ 15.473674] Call trace: [ 15.473714] show_stack+0x20/0x38 (C) [ 15.473824] dump_stack_lvl+0x8c/0xd0 [ 15.474161] print_report+0x118/0x5d0 [ 15.474253] kasan_report+0xdc/0x128 [ 15.474391] __asan_report_load1_noabort+0x20/0x30 [ 15.474614] kmalloc_uaf+0x300/0x338 [ 15.474759] kunit_try_run_case+0x170/0x3f0 [ 15.474923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.475076] kthread+0x328/0x630 [ 15.475181] ret_from_fork+0x10/0x20 [ 15.475522] [ 15.475578] Allocated by task 185: [ 15.475610] kasan_save_stack+0x3c/0x68 [ 15.475816] kasan_save_track+0x20/0x40 [ 15.475864] kasan_save_alloc_info+0x40/0x58 [ 15.476111] __kasan_kmalloc+0xd4/0xd8 [ 15.476247] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.476359] kmalloc_uaf+0xb8/0x338 [ 15.476394] kunit_try_run_case+0x170/0x3f0 [ 15.476433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.476499] kthread+0x328/0x630 [ 15.476531] ret_from_fork+0x10/0x20 [ 15.476576] [ 15.476605] Freed by task 185: [ 15.476652] kasan_save_stack+0x3c/0x68 [ 15.476689] kasan_save_track+0x20/0x40 [ 15.476726] kasan_save_free_info+0x4c/0x78 [ 15.476923] __kasan_slab_free+0x6c/0x98 [ 15.477147] kfree+0x214/0x3c8 [ 15.477262] kmalloc_uaf+0x11c/0x338 [ 15.477299] kunit_try_run_case+0x170/0x3f0 [ 15.477335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.477386] kthread+0x328/0x630 [ 15.477581] ret_from_fork+0x10/0x20 [ 15.477629] [ 15.477650] The buggy address belongs to the object at fff00000c433ec40 [ 15.477650] which belongs to the cache kmalloc-16 of size 16 [ 15.477875] The buggy address is located 8 bytes inside of [ 15.477875] freed 16-byte region [fff00000c433ec40, fff00000c433ec50) [ 15.478087] [ 15.478109] The buggy address belongs to the physical page: [ 15.478143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.478389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.478493] page_type: f5(slab) [ 15.478743] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.479138] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.479299] page dumped because: kasan: bad access detected [ 15.479345] [ 15.479363] Memory state around the buggy address: [ 15.479441] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.479695] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.479855] >fff00000c433ec00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 15.479976] ^ [ 15.480046] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.480090] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.480249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 15.455248] ================================================================== [ 15.455337] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.455393] Read of size 64 at addr fff00000c7891984 by task kunit_try_catch/183 [ 15.455451] [ 15.455484] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.455567] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.455602] Hardware name: linux,dummy-virt (DT) [ 15.455634] Call trace: [ 15.455655] show_stack+0x20/0x38 (C) [ 15.455713] dump_stack_lvl+0x8c/0xd0 [ 15.455766] print_report+0x118/0x5d0 [ 15.455811] kasan_report+0xdc/0x128 [ 15.455856] kasan_check_range+0x100/0x1a8 [ 15.455902] __asan_memmove+0x3c/0x98 [ 15.455952] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 15.456038] kunit_try_run_case+0x170/0x3f0 [ 15.456441] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.456543] kthread+0x328/0x630 [ 15.456589] ret_from_fork+0x10/0x20 [ 15.456636] [ 15.456654] Allocated by task 183: [ 15.456681] kasan_save_stack+0x3c/0x68 [ 15.456818] kasan_save_track+0x20/0x40 [ 15.456861] kasan_save_alloc_info+0x40/0x58 [ 15.456902] __kasan_kmalloc+0xd4/0xd8 [ 15.457094] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.457380] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 15.457487] kunit_try_run_case+0x170/0x3f0 [ 15.457642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.457733] kthread+0x328/0x630 [ 15.457853] ret_from_fork+0x10/0x20 [ 15.457954] [ 15.458079] The buggy address belongs to the object at fff00000c7891980 [ 15.458079] which belongs to the cache kmalloc-64 of size 64 [ 15.458373] The buggy address is located 4 bytes inside of [ 15.458373] allocated 64-byte region [fff00000c7891980, fff00000c78919c0) [ 15.458622] [ 15.458712] The buggy address belongs to the physical page: [ 15.458874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107891 [ 15.459072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.459158] page_type: f5(slab) [ 15.459249] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.459681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.459753] page dumped because: kasan: bad access detected [ 15.459946] [ 15.460079] Memory state around the buggy address: [ 15.460135] fff00000c7891880: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.460227] fff00000c7891900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.460495] >fff00000c7891980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.460651] ^ [ 15.460729] fff00000c7891a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.460891] fff00000c7891a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.461065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 15.438597] ================================================================== [ 15.438942] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.439055] Read of size 18446744073709551614 at addr fff00000c7891784 by task kunit_try_catch/181 [ 15.439523] [ 15.439615] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.439930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439992] Hardware name: linux,dummy-virt (DT) [ 15.440156] Call trace: [ 15.440183] show_stack+0x20/0x38 (C) [ 15.440287] dump_stack_lvl+0x8c/0xd0 [ 15.440368] print_report+0x118/0x5d0 [ 15.440474] kasan_report+0xdc/0x128 [ 15.440616] kasan_check_range+0x100/0x1a8 [ 15.440699] __asan_memmove+0x3c/0x98 [ 15.440912] kmalloc_memmove_negative_size+0x154/0x2e0 [ 15.441149] kunit_try_run_case+0x170/0x3f0 [ 15.441330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.441408] kthread+0x328/0x630 [ 15.441593] ret_from_fork+0x10/0x20 [ 15.441801] [ 15.441943] Allocated by task 181: [ 15.442028] kasan_save_stack+0x3c/0x68 [ 15.442179] kasan_save_track+0x20/0x40 [ 15.442273] kasan_save_alloc_info+0x40/0x58 [ 15.443279] __kasan_kmalloc+0xd4/0xd8 [ 15.443351] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.443861] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 15.443966] kunit_try_run_case+0x170/0x3f0 [ 15.444017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.444081] kthread+0x328/0x630 [ 15.444114] ret_from_fork+0x10/0x20 [ 15.444150] [ 15.444191] The buggy address belongs to the object at fff00000c7891780 [ 15.444191] which belongs to the cache kmalloc-64 of size 64 [ 15.444251] The buggy address is located 4 bytes inside of [ 15.444251] 64-byte region [fff00000c7891780, fff00000c78917c0) [ 15.444311] [ 15.444345] The buggy address belongs to the physical page: [ 15.444388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107891 [ 15.444458] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.444514] page_type: f5(slab) [ 15.444569] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 15.444620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.444661] page dumped because: kasan: bad access detected [ 15.444722] [ 15.444740] Memory state around the buggy address: [ 15.444781] fff00000c7891680: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 15.445086] fff00000c7891700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.445158] >fff00000c7891780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 15.445430] ^ [ 15.445503] fff00000c7891800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445731] fff00000c7891880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 15.425690] ================================================================== [ 15.425877] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 15.425937] Write of size 16 at addr fff00000c786a669 by task kunit_try_catch/179 [ 15.426340] [ 15.426417] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.426502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.426528] Hardware name: linux,dummy-virt (DT) [ 15.426558] Call trace: [ 15.426616] show_stack+0x20/0x38 (C) [ 15.426668] dump_stack_lvl+0x8c/0xd0 [ 15.426713] print_report+0x118/0x5d0 [ 15.426768] kasan_report+0xdc/0x128 [ 15.426813] kasan_check_range+0x100/0x1a8 [ 15.426867] __asan_memset+0x34/0x78 [ 15.426909] kmalloc_oob_memset_16+0x150/0x2f8 [ 15.426953] kunit_try_run_case+0x170/0x3f0 [ 15.427012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.427065] kthread+0x328/0x630 [ 15.427106] ret_from_fork+0x10/0x20 [ 15.427153] [ 15.427170] Allocated by task 179: [ 15.427197] kasan_save_stack+0x3c/0x68 [ 15.427236] kasan_save_track+0x20/0x40 [ 15.427280] kasan_save_alloc_info+0x40/0x58 [ 15.427320] __kasan_kmalloc+0xd4/0xd8 [ 15.427355] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.427392] kmalloc_oob_memset_16+0xb0/0x2f8 [ 15.427441] kunit_try_run_case+0x170/0x3f0 [ 15.427478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.427530] kthread+0x328/0x630 [ 15.427561] ret_from_fork+0x10/0x20 [ 15.427602] [ 15.427621] The buggy address belongs to the object at fff00000c786a600 [ 15.427621] which belongs to the cache kmalloc-128 of size 128 [ 15.427686] The buggy address is located 105 bytes inside of [ 15.427686] allocated 120-byte region [fff00000c786a600, fff00000c786a678) [ 15.427753] [ 15.427771] The buggy address belongs to the physical page: [ 15.427802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.427855] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.427903] page_type: f5(slab) [ 15.427944] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.428003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.428814] page dumped because: kasan: bad access detected [ 15.428877] [ 15.428912] Memory state around the buggy address: [ 15.428997] fff00000c786a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.429061] fff00000c786a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429287] >fff00000c786a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.429340] ^ [ 15.429565] fff00000c786a680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429685] fff00000c786a700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.429783] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 15.409748] ================================================================== [ 15.409863] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 15.409914] Write of size 8 at addr fff00000c786a571 by task kunit_try_catch/177 [ 15.410000] [ 15.410354] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.410453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.410479] Hardware name: linux,dummy-virt (DT) [ 15.410607] Call trace: [ 15.410633] show_stack+0x20/0x38 (C) [ 15.410687] dump_stack_lvl+0x8c/0xd0 [ 15.410732] print_report+0x118/0x5d0 [ 15.410902] kasan_report+0xdc/0x128 [ 15.410949] kasan_check_range+0x100/0x1a8 [ 15.411140] __asan_memset+0x34/0x78 [ 15.411196] kmalloc_oob_memset_8+0x150/0x2f8 [ 15.411395] kunit_try_run_case+0x170/0x3f0 [ 15.411520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.411615] kthread+0x328/0x630 [ 15.411658] ret_from_fork+0x10/0x20 [ 15.411711] [ 15.411729] Allocated by task 177: [ 15.411756] kasan_save_stack+0x3c/0x68 [ 15.411871] kasan_save_track+0x20/0x40 [ 15.411911] kasan_save_alloc_info+0x40/0x58 [ 15.411950] __kasan_kmalloc+0xd4/0xd8 [ 15.412325] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.412386] kmalloc_oob_memset_8+0xb0/0x2f8 [ 15.412423] kunit_try_run_case+0x170/0x3f0 [ 15.412478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.412522] kthread+0x328/0x630 [ 15.412590] ret_from_fork+0x10/0x20 [ 15.412720] [ 15.412790] The buggy address belongs to the object at fff00000c786a500 [ 15.412790] which belongs to the cache kmalloc-128 of size 128 [ 15.412917] The buggy address is located 113 bytes inside of [ 15.412917] allocated 120-byte region [fff00000c786a500, fff00000c786a578) [ 15.413163] [ 15.413257] The buggy address belongs to the physical page: [ 15.413519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.413635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.413769] page_type: f5(slab) [ 15.414041] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.414489] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.414560] page dumped because: kasan: bad access detected [ 15.414666] [ 15.414684] Memory state around the buggy address: [ 15.414970] fff00000c786a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.415143] fff00000c786a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415253] >fff00000c786a500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.415405] ^ [ 15.415486] fff00000c786a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415626] fff00000c786a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.415762] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 15.396120] ================================================================== [ 15.396224] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 15.396285] Write of size 4 at addr fff00000c786a475 by task kunit_try_catch/175 [ 15.396333] [ 15.396486] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.396584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.396611] Hardware name: linux,dummy-virt (DT) [ 15.396649] Call trace: [ 15.396827] show_stack+0x20/0x38 (C) [ 15.397193] dump_stack_lvl+0x8c/0xd0 [ 15.397335] print_report+0x118/0x5d0 [ 15.397471] kasan_report+0xdc/0x128 [ 15.397662] kasan_check_range+0x100/0x1a8 [ 15.397877] __asan_memset+0x34/0x78 [ 15.397943] kmalloc_oob_memset_4+0x150/0x300 [ 15.398121] kunit_try_run_case+0x170/0x3f0 [ 15.398359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.398516] kthread+0x328/0x630 [ 15.398672] ret_from_fork+0x10/0x20 [ 15.398891] [ 15.399045] Allocated by task 175: [ 15.399158] kasan_save_stack+0x3c/0x68 [ 15.399306] kasan_save_track+0x20/0x40 [ 15.399385] kasan_save_alloc_info+0x40/0x58 [ 15.399455] __kasan_kmalloc+0xd4/0xd8 [ 15.399652] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.399813] kmalloc_oob_memset_4+0xb0/0x300 [ 15.399857] kunit_try_run_case+0x170/0x3f0 [ 15.399894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.400188] kthread+0x328/0x630 [ 15.400313] ret_from_fork+0x10/0x20 [ 15.400364] [ 15.400383] The buggy address belongs to the object at fff00000c786a400 [ 15.400383] which belongs to the cache kmalloc-128 of size 128 [ 15.400587] The buggy address is located 117 bytes inside of [ 15.400587] allocated 120-byte region [fff00000c786a400, fff00000c786a478) [ 15.400785] [ 15.400831] The buggy address belongs to the physical page: [ 15.401107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.401325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.401456] page_type: f5(slab) [ 15.401582] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.401939] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.401998] page dumped because: kasan: bad access detected [ 15.402029] [ 15.402117] Memory state around the buggy address: [ 15.402207] fff00000c786a300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.402262] fff00000c786a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402583] >fff00000c786a400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.402646] ^ [ 15.402831] fff00000c786a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.402986] fff00000c786a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.403064] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 15.379666] ================================================================== [ 15.380082] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 15.380187] Write of size 2 at addr fff00000c786a377 by task kunit_try_catch/173 [ 15.380524] [ 15.380579] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.380715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.380773] Hardware name: linux,dummy-virt (DT) [ 15.380820] Call trace: [ 15.380879] show_stack+0x20/0x38 (C) [ 15.381034] dump_stack_lvl+0x8c/0xd0 [ 15.381167] print_report+0x118/0x5d0 [ 15.381215] kasan_report+0xdc/0x128 [ 15.381258] kasan_check_range+0x100/0x1a8 [ 15.381311] __asan_memset+0x34/0x78 [ 15.381480] kmalloc_oob_memset_2+0x150/0x2f8 [ 15.381691] kunit_try_run_case+0x170/0x3f0 [ 15.381763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.382093] kthread+0x328/0x630 [ 15.382699] ret_from_fork+0x10/0x20 [ 15.382815] [ 15.382859] Allocated by task 173: [ 15.383045] kasan_save_stack+0x3c/0x68 [ 15.383249] kasan_save_track+0x20/0x40 [ 15.383508] kasan_save_alloc_info+0x40/0x58 [ 15.383680] __kasan_kmalloc+0xd4/0xd8 [ 15.383858] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.384070] kmalloc_oob_memset_2+0xb0/0x2f8 [ 15.384181] kunit_try_run_case+0x170/0x3f0 [ 15.384337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.384416] kthread+0x328/0x630 [ 15.384577] ret_from_fork+0x10/0x20 [ 15.384616] [ 15.384879] The buggy address belongs to the object at fff00000c786a300 [ 15.384879] which belongs to the cache kmalloc-128 of size 128 [ 15.385244] The buggy address is located 119 bytes inside of [ 15.385244] allocated 120-byte region [fff00000c786a300, fff00000c786a378) [ 15.385366] [ 15.385439] The buggy address belongs to the physical page: [ 15.385539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.385650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.385741] page_type: f5(slab) [ 15.385875] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.386052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.386171] page dumped because: kasan: bad access detected [ 15.386242] [ 15.386292] Memory state around the buggy address: [ 15.386636] fff00000c786a200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.386722] fff00000c786a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.386831] >fff00000c786a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.387222] ^ [ 15.387324] fff00000c786a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.387477] fff00000c786a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.387585] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 15.363230] ================================================================== [ 15.363293] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 15.363780] Write of size 128 at addr fff00000c786a200 by task kunit_try_catch/171 [ 15.363859] [ 15.363914] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.364009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.364037] Hardware name: linux,dummy-virt (DT) [ 15.364067] Call trace: [ 15.364088] show_stack+0x20/0x38 (C) [ 15.364137] dump_stack_lvl+0x8c/0xd0 [ 15.364466] print_report+0x118/0x5d0 [ 15.364536] kasan_report+0xdc/0x128 [ 15.364581] kasan_check_range+0x100/0x1a8 [ 15.364895] __asan_memset+0x34/0x78 [ 15.365062] kmalloc_oob_in_memset+0x144/0x2d0 [ 15.365135] kunit_try_run_case+0x170/0x3f0 [ 15.365186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.365238] kthread+0x328/0x630 [ 15.365279] ret_from_fork+0x10/0x20 [ 15.365651] [ 15.365721] Allocated by task 171: [ 15.365781] kasan_save_stack+0x3c/0x68 [ 15.365994] kasan_save_track+0x20/0x40 [ 15.366210] kasan_save_alloc_info+0x40/0x58 [ 15.366416] __kasan_kmalloc+0xd4/0xd8 [ 15.366475] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.366808] kmalloc_oob_in_memset+0xb0/0x2d0 [ 15.366870] kunit_try_run_case+0x170/0x3f0 [ 15.367046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.367275] kthread+0x328/0x630 [ 15.367344] ret_from_fork+0x10/0x20 [ 15.367495] [ 15.367541] The buggy address belongs to the object at fff00000c786a200 [ 15.367541] which belongs to the cache kmalloc-128 of size 128 [ 15.368048] The buggy address is located 0 bytes inside of [ 15.368048] allocated 120-byte region [fff00000c786a200, fff00000c786a278) [ 15.368157] [ 15.368283] The buggy address belongs to the physical page: [ 15.368319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.368400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.368566] page_type: f5(slab) [ 15.368760] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.369110] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.369269] page dumped because: kasan: bad access detected [ 15.369329] [ 15.369346] Memory state around the buggy address: [ 15.369386] fff00000c786a100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.369429] fff00000c786a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.369628] >fff00000c786a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.369679] ^ [ 15.369722] fff00000c786a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370135] fff00000c786a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.370261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 15.344878] ================================================================== [ 15.345166] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 15.345261] Read of size 16 at addr fff00000c433ec20 by task kunit_try_catch/169 [ 15.345426] [ 15.345592] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.345676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.345702] Hardware name: linux,dummy-virt (DT) [ 15.346013] Call trace: [ 15.346100] show_stack+0x20/0x38 (C) [ 15.346208] dump_stack_lvl+0x8c/0xd0 [ 15.346359] print_report+0x118/0x5d0 [ 15.346591] kasan_report+0xdc/0x128 [ 15.346995] __asan_report_load16_noabort+0x20/0x30 [ 15.347081] kmalloc_uaf_16+0x3bc/0x438 [ 15.347214] kunit_try_run_case+0x170/0x3f0 [ 15.347357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.347483] kthread+0x328/0x630 [ 15.347582] ret_from_fork+0x10/0x20 [ 15.347723] [ 15.347740] Allocated by task 169: [ 15.347779] kasan_save_stack+0x3c/0x68 [ 15.348096] kasan_save_track+0x20/0x40 [ 15.348241] kasan_save_alloc_info+0x40/0x58 [ 15.348397] __kasan_kmalloc+0xd4/0xd8 [ 15.348495] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.348669] kmalloc_uaf_16+0x140/0x438 [ 15.348736] kunit_try_run_case+0x170/0x3f0 [ 15.349049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.349173] kthread+0x328/0x630 [ 15.349253] ret_from_fork+0x10/0x20 [ 15.349379] [ 15.349440] Freed by task 169: [ 15.349511] kasan_save_stack+0x3c/0x68 [ 15.349637] kasan_save_track+0x20/0x40 [ 15.349850] kasan_save_free_info+0x4c/0x78 [ 15.350061] __kasan_slab_free+0x6c/0x98 [ 15.350146] kfree+0x214/0x3c8 [ 15.350307] kmalloc_uaf_16+0x190/0x438 [ 15.350470] kunit_try_run_case+0x170/0x3f0 [ 15.350559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.350613] kthread+0x328/0x630 [ 15.350651] ret_from_fork+0x10/0x20 [ 15.350878] [ 15.350901] The buggy address belongs to the object at fff00000c433ec20 [ 15.350901] which belongs to the cache kmalloc-16 of size 16 [ 15.351433] The buggy address is located 0 bytes inside of [ 15.351433] freed 16-byte region [fff00000c433ec20, fff00000c433ec30) [ 15.351636] [ 15.351855] The buggy address belongs to the physical page: [ 15.351933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.352122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.352268] page_type: f5(slab) [ 15.352337] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.352430] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.352807] page dumped because: kasan: bad access detected [ 15.352867] [ 15.353068] Memory state around the buggy address: [ 15.353244] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.353351] fff00000c433eb80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.353446] >fff00000c433ec00: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 15.353493] ^ [ 15.353523] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353564] fff00000c433ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.353609] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 15.328345] ================================================================== [ 15.328416] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 15.328472] Write of size 16 at addr fff00000c433ebc0 by task kunit_try_catch/167 [ 15.329071] [ 15.329197] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.329914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.330127] Hardware name: linux,dummy-virt (DT) [ 15.330362] Call trace: [ 15.330537] show_stack+0x20/0x38 (C) [ 15.330598] dump_stack_lvl+0x8c/0xd0 [ 15.330887] print_report+0x118/0x5d0 [ 15.331135] kasan_report+0xdc/0x128 [ 15.331836] __asan_report_store16_noabort+0x20/0x30 [ 15.331938] kmalloc_oob_16+0x3a0/0x3f8 [ 15.332118] kunit_try_run_case+0x170/0x3f0 [ 15.332216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.332366] kthread+0x328/0x630 [ 15.332442] ret_from_fork+0x10/0x20 [ 15.332620] [ 15.332658] Allocated by task 167: [ 15.332687] kasan_save_stack+0x3c/0x68 [ 15.333003] kasan_save_track+0x20/0x40 [ 15.333069] kasan_save_alloc_info+0x40/0x58 [ 15.333214] __kasan_kmalloc+0xd4/0xd8 [ 15.333284] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.333440] kmalloc_oob_16+0xb4/0x3f8 [ 15.333641] kunit_try_run_case+0x170/0x3f0 [ 15.333766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.333868] kthread+0x328/0x630 [ 15.333995] ret_from_fork+0x10/0x20 [ 15.334032] [ 15.334107] The buggy address belongs to the object at fff00000c433ebc0 [ 15.334107] which belongs to the cache kmalloc-16 of size 16 [ 15.334302] The buggy address is located 0 bytes inside of [ 15.334302] allocated 13-byte region [fff00000c433ebc0, fff00000c433ebcd) [ 15.334371] [ 15.334391] The buggy address belongs to the physical page: [ 15.334729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.334793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.334866] page_type: f5(slab) [ 15.334921] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.334971] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.335024] page dumped because: kasan: bad access detected [ 15.335055] [ 15.335072] Memory state around the buggy address: [ 15.335112] fff00000c433ea80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.335164] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.335205] >fff00000c433eb80: 00 04 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 15.335243] ^ [ 15.335283] fff00000c433ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335325] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335361] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 15.295772] ================================================================== [ 15.295872] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 15.296235] Read of size 1 at addr fff00000c0919c00 by task kunit_try_catch/165 [ 15.296434] [ 15.296561] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.296698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.296726] Hardware name: linux,dummy-virt (DT) [ 15.296755] Call trace: [ 15.296775] show_stack+0x20/0x38 (C) [ 15.296927] dump_stack_lvl+0x8c/0xd0 [ 15.297261] print_report+0x118/0x5d0 [ 15.297429] kasan_report+0xdc/0x128 [ 15.297510] __kasan_check_byte+0x54/0x70 [ 15.297636] krealloc_noprof+0x44/0x360 [ 15.297700] krealloc_uaf+0x180/0x520 [ 15.297804] kunit_try_run_case+0x170/0x3f0 [ 15.298331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.298467] kthread+0x328/0x630 [ 15.298999] ret_from_fork+0x10/0x20 [ 15.299175] [ 15.299953] Allocated by task 165: [ 15.300068] kasan_save_stack+0x3c/0x68 [ 15.300115] kasan_save_track+0x20/0x40 [ 15.300152] kasan_save_alloc_info+0x40/0x58 [ 15.300217] __kasan_kmalloc+0xd4/0xd8 [ 15.300266] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.300305] krealloc_uaf+0xc8/0x520 [ 15.300349] kunit_try_run_case+0x170/0x3f0 [ 15.300385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.300429] kthread+0x328/0x630 [ 15.300460] ret_from_fork+0x10/0x20 [ 15.300496] [ 15.300541] Freed by task 165: [ 15.300605] kasan_save_stack+0x3c/0x68 [ 15.300654] kasan_save_track+0x20/0x40 [ 15.300690] kasan_save_free_info+0x4c/0x78 [ 15.300741] __kasan_slab_free+0x6c/0x98 [ 15.300777] kfree+0x214/0x3c8 [ 15.300816] krealloc_uaf+0x12c/0x520 [ 15.300858] kunit_try_run_case+0x170/0x3f0 [ 15.300900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.300957] kthread+0x328/0x630 [ 15.300999] ret_from_fork+0x10/0x20 [ 15.301062] [ 15.301085] The buggy address belongs to the object at fff00000c0919c00 [ 15.301085] which belongs to the cache kmalloc-256 of size 256 [ 15.301204] The buggy address is located 0 bytes inside of [ 15.301204] freed 256-byte region [fff00000c0919c00, fff00000c0919d00) [ 15.301278] [ 15.301297] The buggy address belongs to the physical page: [ 15.301350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.301403] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.301463] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.301515] page_type: f5(slab) [ 15.301561] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.301611] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.301668] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.301716] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.301770] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.301825] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.301865] page dumped because: kasan: bad access detected [ 15.301905] [ 15.301930] Memory state around the buggy address: [ 15.301960] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302375] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302449] >fff00000c0919c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.302897] ^ [ 15.302931] fff00000c0919c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.303019] fff00000c0919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.303111] ================================================================== [ 15.305407] ================================================================== [ 15.305483] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 15.305532] Read of size 1 at addr fff00000c0919c00 by task kunit_try_catch/165 [ 15.305589] [ 15.305617] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.305889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305945] Hardware name: linux,dummy-virt (DT) [ 15.306018] Call trace: [ 15.306042] show_stack+0x20/0x38 (C) [ 15.306130] dump_stack_lvl+0x8c/0xd0 [ 15.306198] print_report+0x118/0x5d0 [ 15.306526] kasan_report+0xdc/0x128 [ 15.306607] __asan_report_load1_noabort+0x20/0x30 [ 15.306721] krealloc_uaf+0x4c8/0x520 [ 15.306772] kunit_try_run_case+0x170/0x3f0 [ 15.306858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.307077] kthread+0x328/0x630 [ 15.307121] ret_from_fork+0x10/0x20 [ 15.307175] [ 15.307427] Allocated by task 165: [ 15.307593] kasan_save_stack+0x3c/0x68 [ 15.307646] kasan_save_track+0x20/0x40 [ 15.307683] kasan_save_alloc_info+0x40/0x58 [ 15.308029] __kasan_kmalloc+0xd4/0xd8 [ 15.308099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.308410] krealloc_uaf+0xc8/0x520 [ 15.308489] kunit_try_run_case+0x170/0x3f0 [ 15.308527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.308569] kthread+0x328/0x630 [ 15.308635] ret_from_fork+0x10/0x20 [ 15.308672] [ 15.308690] Freed by task 165: [ 15.308716] kasan_save_stack+0x3c/0x68 [ 15.308763] kasan_save_track+0x20/0x40 [ 15.308933] kasan_save_free_info+0x4c/0x78 [ 15.309003] __kasan_slab_free+0x6c/0x98 [ 15.309087] kfree+0x214/0x3c8 [ 15.309244] krealloc_uaf+0x12c/0x520 [ 15.309450] kunit_try_run_case+0x170/0x3f0 [ 15.309601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.309701] kthread+0x328/0x630 [ 15.309810] ret_from_fork+0x10/0x20 [ 15.309924] [ 15.309972] The buggy address belongs to the object at fff00000c0919c00 [ 15.309972] which belongs to the cache kmalloc-256 of size 256 [ 15.310179] The buggy address is located 0 bytes inside of [ 15.310179] freed 256-byte region [fff00000c0919c00, fff00000c0919d00) [ 15.310425] [ 15.310468] The buggy address belongs to the physical page: [ 15.310539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.310673] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.310807] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.310858] page_type: f5(slab) [ 15.311210] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.311298] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.311369] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.311505] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.311659] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.311760] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.311829] page dumped because: kasan: bad access detected [ 15.311860] [ 15.312161] Memory state around the buggy address: [ 15.312224] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312280] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.312357] >fff00000c0919c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.312535] ^ [ 15.312619] fff00000c0919c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.312723] fff00000c0919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.313409] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 15.190682] ================================================================== [ 15.190741] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.191004] Write of size 1 at addr fff00000c0919ac9 by task kunit_try_catch/159 [ 15.191069] [ 15.191215] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.191306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.191332] Hardware name: linux,dummy-virt (DT) [ 15.191368] Call trace: [ 15.191534] show_stack+0x20/0x38 (C) [ 15.191596] dump_stack_lvl+0x8c/0xd0 [ 15.191644] print_report+0x118/0x5d0 [ 15.191947] kasan_report+0xdc/0x128 [ 15.192086] __asan_report_store1_noabort+0x20/0x30 [ 15.192142] krealloc_less_oob_helper+0xa48/0xc50 [ 15.192218] krealloc_less_oob+0x20/0x38 [ 15.192325] kunit_try_run_case+0x170/0x3f0 [ 15.192402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.192696] kthread+0x328/0x630 [ 15.192955] ret_from_fork+0x10/0x20 [ 15.193152] [ 15.193233] Allocated by task 159: [ 15.193366] kasan_save_stack+0x3c/0x68 [ 15.193474] kasan_save_track+0x20/0x40 [ 15.193518] kasan_save_alloc_info+0x40/0x58 [ 15.193700] __kasan_krealloc+0x118/0x178 [ 15.193922] krealloc_noprof+0x128/0x360 [ 15.194063] krealloc_less_oob_helper+0x168/0xc50 [ 15.194178] krealloc_less_oob+0x20/0x38 [ 15.194266] kunit_try_run_case+0x170/0x3f0 [ 15.194412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.194491] kthread+0x328/0x630 [ 15.195484] ret_from_fork+0x10/0x20 [ 15.195562] [ 15.195581] The buggy address belongs to the object at fff00000c0919a00 [ 15.195581] which belongs to the cache kmalloc-256 of size 256 [ 15.195659] The buggy address is located 0 bytes to the right of [ 15.195659] allocated 201-byte region [fff00000c0919a00, fff00000c0919ac9) [ 15.195752] [ 15.195801] The buggy address belongs to the physical page: [ 15.196120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.196675] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.197053] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.197146] page_type: f5(slab) [ 15.197239] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.197327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.197464] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.197553] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.197609] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.197657] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.197697] page dumped because: kasan: bad access detected [ 15.197744] [ 15.197762] Memory state around the buggy address: [ 15.197796] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.197839] fff00000c0919a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.197880] >fff00000c0919a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.197918] ^ [ 15.197964] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198032] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.198070] ================================================================== [ 15.276427] ================================================================== [ 15.276472] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.276519] Write of size 1 at addr fff00000c65ca0ea by task kunit_try_catch/163 [ 15.276567] [ 15.276594] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.276680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.276711] Hardware name: linux,dummy-virt (DT) [ 15.276749] Call trace: [ 15.276770] show_stack+0x20/0x38 (C) [ 15.276829] dump_stack_lvl+0x8c/0xd0 [ 15.277018] print_report+0x118/0x5d0 [ 15.277304] kasan_report+0xdc/0x128 [ 15.277425] __asan_report_store1_noabort+0x20/0x30 [ 15.278030] krealloc_less_oob_helper+0xae4/0xc50 [ 15.278144] krealloc_large_less_oob+0x20/0x38 [ 15.278295] kunit_try_run_case+0x170/0x3f0 [ 15.278345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.278688] kthread+0x328/0x630 [ 15.278769] ret_from_fork+0x10/0x20 [ 15.278817] [ 15.278836] The buggy address belongs to the physical page: [ 15.279255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c8 [ 15.279349] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.279457] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.279996] page_type: f8(unknown) [ 15.280043] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.280165] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.280240] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.280352] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.280671] head: 0bfffe0000000002 ffffc1ffc3197201 00000000ffffffff 00000000ffffffff [ 15.280841] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.281024] page dumped because: kasan: bad access detected [ 15.281104] [ 15.281179] Memory state around the buggy address: [ 15.281268] fff00000c65c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.281352] fff00000c65ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.281518] >fff00000c65ca080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.281560] ^ [ 15.281598] fff00000c65ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.281764] fff00000c65ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.282009] ================================================================== [ 15.207369] ================================================================== [ 15.207429] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.207833] Write of size 1 at addr fff00000c0919ada by task kunit_try_catch/159 [ 15.207975] [ 15.208040] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.208129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.208157] Hardware name: linux,dummy-virt (DT) [ 15.208433] Call trace: [ 15.208536] show_stack+0x20/0x38 (C) [ 15.208591] dump_stack_lvl+0x8c/0xd0 [ 15.208685] print_report+0x118/0x5d0 [ 15.208740] kasan_report+0xdc/0x128 [ 15.208785] __asan_report_store1_noabort+0x20/0x30 [ 15.209222] krealloc_less_oob_helper+0xa80/0xc50 [ 15.209343] krealloc_less_oob+0x20/0x38 [ 15.209414] kunit_try_run_case+0x170/0x3f0 [ 15.209525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.209581] kthread+0x328/0x630 [ 15.209622] ret_from_fork+0x10/0x20 [ 15.209785] [ 15.210033] Allocated by task 159: [ 15.210193] kasan_save_stack+0x3c/0x68 [ 15.210272] kasan_save_track+0x20/0x40 [ 15.210378] kasan_save_alloc_info+0x40/0x58 [ 15.210439] __kasan_krealloc+0x118/0x178 [ 15.210499] krealloc_noprof+0x128/0x360 [ 15.211052] krealloc_less_oob_helper+0x168/0xc50 [ 15.211097] krealloc_less_oob+0x20/0x38 [ 15.211417] kunit_try_run_case+0x170/0x3f0 [ 15.211569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.211677] kthread+0x328/0x630 [ 15.211821] ret_from_fork+0x10/0x20 [ 15.211860] [ 15.211930] The buggy address belongs to the object at fff00000c0919a00 [ 15.211930] which belongs to the cache kmalloc-256 of size 256 [ 15.212143] The buggy address is located 17 bytes to the right of [ 15.212143] allocated 201-byte region [fff00000c0919a00, fff00000c0919ac9) [ 15.212233] [ 15.212252] The buggy address belongs to the physical page: [ 15.212293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.212354] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.212400] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.212449] page_type: f5(slab) [ 15.212487] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.212548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.212597] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.212654] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.212703] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.212760] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.213017] page dumped because: kasan: bad access detected [ 15.213339] [ 15.213396] Memory state around the buggy address: [ 15.213461] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.213545] fff00000c0919a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.213684] >fff00000c0919a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.213804] ^ [ 15.214021] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214068] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214106] ================================================================== [ 15.283078] ================================================================== [ 15.283207] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.283331] Write of size 1 at addr fff00000c65ca0eb by task kunit_try_catch/163 [ 15.283382] [ 15.283412] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.283543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.283570] Hardware name: linux,dummy-virt (DT) [ 15.283599] Call trace: [ 15.283658] show_stack+0x20/0x38 (C) [ 15.284001] dump_stack_lvl+0x8c/0xd0 [ 15.284071] print_report+0x118/0x5d0 [ 15.284118] kasan_report+0xdc/0x128 [ 15.284163] __asan_report_store1_noabort+0x20/0x30 [ 15.284341] krealloc_less_oob_helper+0xa58/0xc50 [ 15.284402] krealloc_large_less_oob+0x20/0x38 [ 15.284448] kunit_try_run_case+0x170/0x3f0 [ 15.284494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.284545] kthread+0x328/0x630 [ 15.284585] ret_from_fork+0x10/0x20 [ 15.284631] [ 15.284650] The buggy address belongs to the physical page: [ 15.284706] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c8 [ 15.284769] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.284826] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.284876] page_type: f8(unknown) [ 15.284913] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.284968] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.285411] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.285674] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.285870] head: 0bfffe0000000002 ffffc1ffc3197201 00000000ffffffff 00000000ffffffff [ 15.286062] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.286162] page dumped because: kasan: bad access detected [ 15.286299] [ 15.286380] Memory state around the buggy address: [ 15.286413] fff00000c65c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.286472] fff00000c65ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.286779] >fff00000c65ca080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.286864] ^ [ 15.287021] fff00000c65ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.287106] fff00000c65ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.287244] ================================================================== [ 15.269723] ================================================================== [ 15.269816] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 15.269953] Write of size 1 at addr fff00000c65ca0da by task kunit_try_catch/163 [ 15.270280] [ 15.270325] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.271120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.271376] Hardware name: linux,dummy-virt (DT) [ 15.271430] Call trace: [ 15.271461] show_stack+0x20/0x38 (C) [ 15.271514] dump_stack_lvl+0x8c/0xd0 [ 15.271624] print_report+0x118/0x5d0 [ 15.271710] kasan_report+0xdc/0x128 [ 15.271755] __asan_report_store1_noabort+0x20/0x30 [ 15.271897] krealloc_less_oob_helper+0xa80/0xc50 [ 15.271963] krealloc_large_less_oob+0x20/0x38 [ 15.272051] kunit_try_run_case+0x170/0x3f0 [ 15.272096] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.272208] kthread+0x328/0x630 [ 15.272253] ret_from_fork+0x10/0x20 [ 15.272593] [ 15.272646] The buggy address belongs to the physical page: [ 15.272704] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c8 [ 15.272842] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.272919] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.272970] page_type: f8(unknown) [ 15.273128] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.273409] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.273549] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.273658] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.274353] head: 0bfffe0000000002 ffffc1ffc3197201 00000000ffffffff 00000000ffffffff [ 15.274481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.274606] page dumped because: kasan: bad access detected [ 15.274637] [ 15.274689] Memory state around the buggy address: [ 15.275100] fff00000c65c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.275180] fff00000c65ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.275223] >fff00000c65ca080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.275379] ^ [ 15.275579] fff00000c65ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.275649] fff00000c65ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.275913] ================================================================== [ 15.215122] ================================================================== [ 15.215434] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 15.215551] Write of size 1 at addr fff00000c0919aea by task kunit_try_catch/159 [ 15.215648] [ 15.215685] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.215856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.215885] Hardware name: linux,dummy-virt (DT) [ 15.215922] Call trace: [ 15.215961] show_stack+0x20/0x38 (C) [ 15.216148] dump_stack_lvl+0x8c/0xd0 [ 15.216523] print_report+0x118/0x5d0 [ 15.216666] kasan_report+0xdc/0x128 [ 15.216742] __asan_report_store1_noabort+0x20/0x30 [ 15.216882] krealloc_less_oob_helper+0xae4/0xc50 [ 15.216954] krealloc_less_oob+0x20/0x38 [ 15.217245] kunit_try_run_case+0x170/0x3f0 [ 15.217388] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.217577] kthread+0x328/0x630 [ 15.217655] ret_from_fork+0x10/0x20 [ 15.217787] [ 15.217922] Allocated by task 159: [ 15.218031] kasan_save_stack+0x3c/0x68 [ 15.218100] kasan_save_track+0x20/0x40 [ 15.218137] kasan_save_alloc_info+0x40/0x58 [ 15.218544] __kasan_krealloc+0x118/0x178 [ 15.218622] krealloc_noprof+0x128/0x360 [ 15.218741] krealloc_less_oob_helper+0x168/0xc50 [ 15.218843] krealloc_less_oob+0x20/0x38 [ 15.218920] kunit_try_run_case+0x170/0x3f0 [ 15.219315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.219437] kthread+0x328/0x630 [ 15.219480] ret_from_fork+0x10/0x20 [ 15.219515] [ 15.219551] The buggy address belongs to the object at fff00000c0919a00 [ 15.219551] which belongs to the cache kmalloc-256 of size 256 [ 15.219617] The buggy address is located 33 bytes to the right of [ 15.219617] allocated 201-byte region [fff00000c0919a00, fff00000c0919ac9) [ 15.219728] [ 15.219747] The buggy address belongs to the physical page: [ 15.219778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.219838] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.219885] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.219945] page_type: f5(slab) [ 15.219991] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.220041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.220091] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.220149] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.220198] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.220246] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.220295] page dumped because: kasan: bad access detected [ 15.220325] [ 15.220342] Memory state around the buggy address: [ 15.220371] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220413] fff00000c0919a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.220455] >fff00000c0919a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.220491] ^ [ 15.220529] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220580] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.220618] ================================================================== [ 15.263436] ================================================================== [ 15.263488] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.263647] Write of size 1 at addr fff00000c65ca0d0 by task kunit_try_catch/163 [ 15.263766] [ 15.263817] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.263899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.264023] Hardware name: linux,dummy-virt (DT) [ 15.264092] Call trace: [ 15.264122] show_stack+0x20/0x38 (C) [ 15.264336] dump_stack_lvl+0x8c/0xd0 [ 15.264391] print_report+0x118/0x5d0 [ 15.264537] kasan_report+0xdc/0x128 [ 15.264595] __asan_report_store1_noabort+0x20/0x30 [ 15.264801] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.264872] krealloc_large_less_oob+0x20/0x38 [ 15.265076] kunit_try_run_case+0x170/0x3f0 [ 15.265302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.265408] kthread+0x328/0x630 [ 15.265494] ret_from_fork+0x10/0x20 [ 15.265675] [ 15.265699] The buggy address belongs to the physical page: [ 15.265733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c8 [ 15.265789] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.266024] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.266091] page_type: f8(unknown) [ 15.266210] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.266261] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.266319] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.266367] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.266415] head: 0bfffe0000000002 ffffc1ffc3197201 00000000ffffffff 00000000ffffffff [ 15.266469] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.266524] page dumped because: kasan: bad access detected [ 15.266554] [ 15.266571] Memory state around the buggy address: [ 15.266600] fff00000c65c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.266642] fff00000c65ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.266694] >fff00000c65ca080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.266731] ^ [ 15.266767] fff00000c65ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.266809] fff00000c65ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.266845] ================================================================== [ 15.256833] ================================================================== [ 15.257178] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 15.257325] Write of size 1 at addr fff00000c65ca0c9 by task kunit_try_catch/163 [ 15.257421] [ 15.257525] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.257897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.257954] Hardware name: linux,dummy-virt (DT) [ 15.258080] Call trace: [ 15.258140] show_stack+0x20/0x38 (C) [ 15.258276] dump_stack_lvl+0x8c/0xd0 [ 15.258386] print_report+0x118/0x5d0 [ 15.258582] kasan_report+0xdc/0x128 [ 15.258679] __asan_report_store1_noabort+0x20/0x30 [ 15.259201] krealloc_less_oob_helper+0xa48/0xc50 [ 15.259369] krealloc_large_less_oob+0x20/0x38 [ 15.259503] kunit_try_run_case+0x170/0x3f0 [ 15.259672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.259758] kthread+0x328/0x630 [ 15.259808] ret_from_fork+0x10/0x20 [ 15.260088] [ 15.260225] The buggy address belongs to the physical page: [ 15.260368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c8 [ 15.260528] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.260579] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.260655] page_type: f8(unknown) [ 15.260728] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.260997] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.261256] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.261334] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.261470] head: 0bfffe0000000002 ffffc1ffc3197201 00000000ffffffff 00000000ffffffff [ 15.261703] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.261903] page dumped because: kasan: bad access detected [ 15.261998] [ 15.262032] Memory state around the buggy address: [ 15.262100] fff00000c65c9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.262161] fff00000c65ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.262203] >fff00000c65ca080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 15.262240] ^ [ 15.262283] fff00000c65ca100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.262324] fff00000c65ca180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.262377] ================================================================== [ 15.222150] ================================================================== [ 15.222203] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 15.222251] Write of size 1 at addr fff00000c0919aeb by task kunit_try_catch/159 [ 15.222489] [ 15.222610] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.222701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.222726] Hardware name: linux,dummy-virt (DT) [ 15.222764] Call trace: [ 15.222802] show_stack+0x20/0x38 (C) [ 15.222908] dump_stack_lvl+0x8c/0xd0 [ 15.223187] print_report+0x118/0x5d0 [ 15.223401] kasan_report+0xdc/0x128 [ 15.223495] __asan_report_store1_noabort+0x20/0x30 [ 15.223576] krealloc_less_oob_helper+0xa58/0xc50 [ 15.223667] krealloc_less_oob+0x20/0x38 [ 15.223753] kunit_try_run_case+0x170/0x3f0 [ 15.224135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.224308] kthread+0x328/0x630 [ 15.224354] ret_from_fork+0x10/0x20 [ 15.224439] [ 15.224506] Allocated by task 159: [ 15.224533] kasan_save_stack+0x3c/0x68 [ 15.224590] kasan_save_track+0x20/0x40 [ 15.224627] kasan_save_alloc_info+0x40/0x58 [ 15.224714] __kasan_krealloc+0x118/0x178 [ 15.224823] krealloc_noprof+0x128/0x360 [ 15.224863] krealloc_less_oob_helper+0x168/0xc50 [ 15.224925] krealloc_less_oob+0x20/0x38 [ 15.224967] kunit_try_run_case+0x170/0x3f0 [ 15.225155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.225403] kthread+0x328/0x630 [ 15.225527] ret_from_fork+0x10/0x20 [ 15.225634] [ 15.225755] The buggy address belongs to the object at fff00000c0919a00 [ 15.225755] which belongs to the cache kmalloc-256 of size 256 [ 15.225860] The buggy address is located 34 bytes to the right of [ 15.225860] allocated 201-byte region [fff00000c0919a00, fff00000c0919ac9) [ 15.226075] [ 15.226291] The buggy address belongs to the physical page: [ 15.226344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.226478] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.226615] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.226766] page_type: f5(slab) [ 15.226816] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.227170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.227393] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.227482] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.227628] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.227739] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.228159] page dumped because: kasan: bad access detected [ 15.228237] [ 15.228277] Memory state around the buggy address: [ 15.228338] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.228505] fff00000c0919a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.228604] >fff00000c0919a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.228830] ^ [ 15.229015] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.229079] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.229492] ================================================================== [ 15.198544] ================================================================== [ 15.198591] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 15.198640] Write of size 1 at addr fff00000c0919ad0 by task kunit_try_catch/159 [ 15.198688] [ 15.198717] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.198813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198840] Hardware name: linux,dummy-virt (DT) [ 15.198869] Call trace: [ 15.198890] show_stack+0x20/0x38 (C) [ 15.198936] dump_stack_lvl+0x8c/0xd0 [ 15.199308] print_report+0x118/0x5d0 [ 15.199407] kasan_report+0xdc/0x128 [ 15.199464] __asan_report_store1_noabort+0x20/0x30 [ 15.199872] krealloc_less_oob_helper+0xb9c/0xc50 [ 15.200044] krealloc_less_oob+0x20/0x38 [ 15.200258] kunit_try_run_case+0x170/0x3f0 [ 15.200474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.200540] kthread+0x328/0x630 [ 15.200804] ret_from_fork+0x10/0x20 [ 15.201033] [ 15.201183] Allocated by task 159: [ 15.201215] kasan_save_stack+0x3c/0x68 [ 15.201446] kasan_save_track+0x20/0x40 [ 15.201540] kasan_save_alloc_info+0x40/0x58 [ 15.201651] __kasan_krealloc+0x118/0x178 [ 15.201717] krealloc_noprof+0x128/0x360 [ 15.201753] krealloc_less_oob_helper+0x168/0xc50 [ 15.202034] krealloc_less_oob+0x20/0x38 [ 15.202164] kunit_try_run_case+0x170/0x3f0 [ 15.202243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.202387] kthread+0x328/0x630 [ 15.202422] ret_from_fork+0x10/0x20 [ 15.202508] [ 15.202821] The buggy address belongs to the object at fff00000c0919a00 [ 15.202821] which belongs to the cache kmalloc-256 of size 256 [ 15.202909] The buggy address is located 7 bytes to the right of [ 15.202909] allocated 201-byte region [fff00000c0919a00, fff00000c0919ac9) [ 15.203095] [ 15.203115] The buggy address belongs to the physical page: [ 15.203147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.203615] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.203712] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.203774] page_type: f5(slab) [ 15.204126] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.204258] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.204355] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.204507] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.204714] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.204926] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.205004] page dumped because: kasan: bad access detected [ 15.205036] [ 15.205053] Memory state around the buggy address: [ 15.205199] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205494] fff00000c0919a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.205547] >fff00000c0919a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 15.205650] ^ [ 15.205739] fff00000c0919b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205781] fff00000c0919b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.205830] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 15.175310] ================================================================== [ 15.175368] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.175480] Write of size 1 at addr fff00000c09198f0 by task kunit_try_catch/157 [ 15.175557] [ 15.175650] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.175755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.175782] Hardware name: linux,dummy-virt (DT) [ 15.175811] Call trace: [ 15.175850] show_stack+0x20/0x38 (C) [ 15.176163] dump_stack_lvl+0x8c/0xd0 [ 15.176241] print_report+0x118/0x5d0 [ 15.176548] kasan_report+0xdc/0x128 [ 15.176688] __asan_report_store1_noabort+0x20/0x30 [ 15.176753] krealloc_more_oob_helper+0x5c0/0x678 [ 15.176830] krealloc_more_oob+0x20/0x38 [ 15.176974] kunit_try_run_case+0x170/0x3f0 [ 15.177081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.177256] kthread+0x328/0x630 [ 15.177319] ret_from_fork+0x10/0x20 [ 15.177492] [ 15.177583] Allocated by task 157: [ 15.177662] kasan_save_stack+0x3c/0x68 [ 15.177976] kasan_save_track+0x20/0x40 [ 15.178198] kasan_save_alloc_info+0x40/0x58 [ 15.178726] __kasan_kmalloc+0xd4/0xd8 [ 15.178900] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.179057] krealloc_noprof+0xdc/0x360 [ 15.179118] krealloc_more_oob_helper+0x168/0x678 [ 15.179261] krealloc_more_oob+0x20/0x38 [ 15.179402] kunit_try_run_case+0x170/0x3f0 [ 15.179663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.179870] kthread+0x328/0x630 [ 15.179957] ret_from_fork+0x10/0x20 [ 15.180091] [ 15.180164] The buggy address belongs to the object at fff00000c0919800 [ 15.180164] which belongs to the cache kmalloc-256 of size 256 [ 15.180245] The buggy address is located 5 bytes to the right of [ 15.180245] allocated 235-byte region [fff00000c0919800, fff00000c09198eb) [ 15.180585] [ 15.180675] The buggy address belongs to the physical page: [ 15.180755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.180831] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.180969] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.181184] page_type: f5(slab) [ 15.181437] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.181526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.181654] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.181818] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.181900] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.181956] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.182127] page dumped because: kasan: bad access detected [ 15.182315] [ 15.182336] Memory state around the buggy address: [ 15.182619] fff00000c0919780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182791] fff00000c0919800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.182845] >fff00000c0919880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.182930] ^ [ 15.182970] fff00000c0919900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183023] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183060] ================================================================== [ 15.246352] ================================================================== [ 15.246404] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 15.246453] Write of size 1 at addr fff00000c65c60f0 by task kunit_try_catch/161 [ 15.246511] [ 15.246540] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.246618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.246679] Hardware name: linux,dummy-virt (DT) [ 15.246710] Call trace: [ 15.246731] show_stack+0x20/0x38 (C) [ 15.246778] dump_stack_lvl+0x8c/0xd0 [ 15.246824] print_report+0x118/0x5d0 [ 15.246868] kasan_report+0xdc/0x128 [ 15.246913] __asan_report_store1_noabort+0x20/0x30 [ 15.246974] krealloc_more_oob_helper+0x5c0/0x678 [ 15.247032] krealloc_large_more_oob+0x20/0x38 [ 15.247078] kunit_try_run_case+0x170/0x3f0 [ 15.247131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.247183] kthread+0x328/0x630 [ 15.247224] ret_from_fork+0x10/0x20 [ 15.247269] [ 15.247287] The buggy address belongs to the physical page: [ 15.247318] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 15.247380] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.247438] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.247488] page_type: f8(unknown) [ 15.247524] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.247583] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.247633] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.247681] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.247730] head: 0bfffe0000000002 ffffc1ffc3197101 00000000ffffffff 00000000ffffffff [ 15.247777] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.247825] page dumped because: kasan: bad access detected [ 15.247865] [ 15.247889] Memory state around the buggy address: [ 15.247919] fff00000c65c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.247960] fff00000c65c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.248705] >fff00000c65c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.248749] ^ [ 15.248789] fff00000c65c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.248857] fff00000c65c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.248904] ================================================================== [ 15.164887] ================================================================== [ 15.165152] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.165208] Write of size 1 at addr fff00000c09198eb by task kunit_try_catch/157 [ 15.165257] [ 15.165472] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.165582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.165780] Hardware name: linux,dummy-virt (DT) [ 15.165886] Call trace: [ 15.165915] show_stack+0x20/0x38 (C) [ 15.166127] dump_stack_lvl+0x8c/0xd0 [ 15.166317] print_report+0x118/0x5d0 [ 15.166420] kasan_report+0xdc/0x128 [ 15.166468] __asan_report_store1_noabort+0x20/0x30 [ 15.166745] krealloc_more_oob_helper+0x60c/0x678 [ 15.166941] krealloc_more_oob+0x20/0x38 [ 15.167000] kunit_try_run_case+0x170/0x3f0 [ 15.167401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.167509] kthread+0x328/0x630 [ 15.167629] ret_from_fork+0x10/0x20 [ 15.167690] [ 15.167708] Allocated by task 157: [ 15.167737] kasan_save_stack+0x3c/0x68 [ 15.168100] kasan_save_track+0x20/0x40 [ 15.168192] kasan_save_alloc_info+0x40/0x58 [ 15.168301] __kasan_kmalloc+0xd4/0xd8 [ 15.168425] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.168491] krealloc_noprof+0xdc/0x360 [ 15.168652] krealloc_more_oob_helper+0x168/0x678 [ 15.168835] krealloc_more_oob+0x20/0x38 [ 15.168904] kunit_try_run_case+0x170/0x3f0 [ 15.169035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.169100] kthread+0x328/0x630 [ 15.169279] ret_from_fork+0x10/0x20 [ 15.169473] [ 15.169581] The buggy address belongs to the object at fff00000c0919800 [ 15.169581] which belongs to the cache kmalloc-256 of size 256 [ 15.169666] The buggy address is located 0 bytes to the right of [ 15.169666] allocated 235-byte region [fff00000c0919800, fff00000c09198eb) [ 15.169805] [ 15.169896] The buggy address belongs to the physical page: [ 15.169989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100918 [ 15.170294] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.170483] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.170696] page_type: f5(slab) [ 15.170987] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.171053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.171660] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 15.171824] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.171904] head: 0bfffe0000000001 ffffc1ffc3024601 00000000ffffffff 00000000ffffffff [ 15.172335] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.172675] page dumped because: kasan: bad access detected [ 15.172819] [ 15.172888] Memory state around the buggy address: [ 15.172999] fff00000c0919780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173047] fff00000c0919800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.173355] >fff00000c0919880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.173481] ^ [ 15.173584] fff00000c0919900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.173659] fff00000c0919980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174000] ================================================================== [ 15.239016] ================================================================== [ 15.239074] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 15.239478] Write of size 1 at addr fff00000c65c60eb by task kunit_try_catch/161 [ 15.239548] [ 15.239583] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.239664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.239737] Hardware name: linux,dummy-virt (DT) [ 15.239768] Call trace: [ 15.239788] show_stack+0x20/0x38 (C) [ 15.240058] dump_stack_lvl+0x8c/0xd0 [ 15.240197] print_report+0x118/0x5d0 [ 15.240378] kasan_report+0xdc/0x128 [ 15.240439] __asan_report_store1_noabort+0x20/0x30 [ 15.240490] krealloc_more_oob_helper+0x60c/0x678 [ 15.240538] krealloc_large_more_oob+0x20/0x38 [ 15.240584] kunit_try_run_case+0x170/0x3f0 [ 15.240632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.240683] kthread+0x328/0x630 [ 15.240722] ret_from_fork+0x10/0x20 [ 15.240769] [ 15.241317] The buggy address belongs to the physical page: [ 15.241462] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 15.241714] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.241775] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.241945] page_type: f8(unknown) [ 15.242055] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.242214] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.242300] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.242610] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.242776] head: 0bfffe0000000002 ffffc1ffc3197101 00000000ffffffff 00000000ffffffff [ 15.243126] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.243188] page dumped because: kasan: bad access detected [ 15.243246] [ 15.243354] Memory state around the buggy address: [ 15.243429] fff00000c65c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.243592] fff00000c65c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.243818] >fff00000c65c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 15.243880] ^ [ 15.244077] fff00000c65c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.244505] fff00000c65c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.244593] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.150997] ================================================================== [ 15.151106] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 15.151215] Read of size 1 at addr fff00000c78c0000 by task kunit_try_catch/155 [ 15.151279] [ 15.151314] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.151395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.151657] Hardware name: linux,dummy-virt (DT) [ 15.151828] Call trace: [ 15.151889] show_stack+0x20/0x38 (C) [ 15.152102] dump_stack_lvl+0x8c/0xd0 [ 15.152176] print_report+0x118/0x5d0 [ 15.152230] kasan_report+0xdc/0x128 [ 15.152275] __asan_report_load1_noabort+0x20/0x30 [ 15.152500] page_alloc_uaf+0x328/0x350 [ 15.152563] kunit_try_run_case+0x170/0x3f0 [ 15.152626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.152683] kthread+0x328/0x630 [ 15.152724] ret_from_fork+0x10/0x20 [ 15.152772] [ 15.152792] The buggy address belongs to the physical page: [ 15.152823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0 [ 15.152875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.152924] page_type: f0(buddy) [ 15.152962] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 15.153307] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 15.153623] page dumped because: kasan: bad access detected [ 15.153662] [ 15.153681] Memory state around the buggy address: [ 15.153713] fff00000c78bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154031] fff00000c78bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154157] >fff00000c78c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.154270] ^ [ 15.154422] fff00000c78c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.154546] fff00000c78c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.154627] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 15.125480] ================================================================== [ 15.125579] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 15.125669] Free of addr fff00000c65c4001 by task kunit_try_catch/151 [ 15.125716] [ 15.125761] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.125857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.125891] Hardware name: linux,dummy-virt (DT) [ 15.125921] Call trace: [ 15.125942] show_stack+0x20/0x38 (C) [ 15.126009] dump_stack_lvl+0x8c/0xd0 [ 15.126056] print_report+0x118/0x5d0 [ 15.126100] kasan_report_invalid_free+0xc0/0xe8 [ 15.126153] __kasan_kfree_large+0x5c/0xa8 [ 15.126198] free_large_kmalloc+0x64/0x190 [ 15.126242] kfree+0x270/0x3c8 [ 15.126281] kmalloc_large_invalid_free+0x108/0x270 [ 15.126327] kunit_try_run_case+0x170/0x3f0 [ 15.126382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.126432] kthread+0x328/0x630 [ 15.126471] ret_from_fork+0x10/0x20 [ 15.126525] [ 15.126545] The buggy address belongs to the physical page: [ 15.126577] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c4 [ 15.126629] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.126685] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.126737] page_type: f8(unknown) [ 15.126776] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.126833] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.126891] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.126954] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.127426] head: 0bfffe0000000002 ffffc1ffc3197101 00000000ffffffff 00000000ffffffff [ 15.127486] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.127534] page dumped because: kasan: bad access detected [ 15.128011] [ 15.128164] Memory state around the buggy address: [ 15.128301] fff00000c65c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128416] fff00000c65c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128480] >fff00000c65c4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.128653] ^ [ 15.128689] fff00000c65c4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.128731] fff00000c65c4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.128912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.110756] ================================================================== [ 15.110837] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 15.110889] Read of size 1 at addr fff00000c65c0000 by task kunit_try_catch/149 [ 15.110947] [ 15.110990] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.111072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.111217] Hardware name: linux,dummy-virt (DT) [ 15.111255] Call trace: [ 15.111302] show_stack+0x20/0x38 (C) [ 15.111528] dump_stack_lvl+0x8c/0xd0 [ 15.111585] print_report+0x118/0x5d0 [ 15.111796] kasan_report+0xdc/0x128 [ 15.111913] __asan_report_load1_noabort+0x20/0x30 [ 15.112006] kmalloc_large_uaf+0x2cc/0x2f8 [ 15.112162] kunit_try_run_case+0x170/0x3f0 [ 15.112215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.112518] kthread+0x328/0x630 [ 15.112604] ret_from_fork+0x10/0x20 [ 15.112662] [ 15.112746] The buggy address belongs to the physical page: [ 15.112779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c0 [ 15.113018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.113094] raw: 0bfffe0000000000 ffffc1ffc3197108 fff00000da457c40 0000000000000000 [ 15.113287] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.113364] page dumped because: kasan: bad access detected [ 15.113512] [ 15.113565] Memory state around the buggy address: [ 15.113619] fff00000c65bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.113992] fff00000c65bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.114120] >fff00000c65c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.114165] ^ [ 15.114194] fff00000c65c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.114548] fff00000c65c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.114617] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.095670] ================================================================== [ 15.095880] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 15.095936] Write of size 1 at addr fff00000c65c200a by task kunit_try_catch/147 [ 15.096117] [ 15.096154] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.096236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.096366] Hardware name: linux,dummy-virt (DT) [ 15.096404] Call trace: [ 15.096425] show_stack+0x20/0x38 (C) [ 15.096688] dump_stack_lvl+0x8c/0xd0 [ 15.096868] print_report+0x118/0x5d0 [ 15.096939] kasan_report+0xdc/0x128 [ 15.096993] __asan_report_store1_noabort+0x20/0x30 [ 15.097043] kmalloc_large_oob_right+0x278/0x2b8 [ 15.097327] kunit_try_run_case+0x170/0x3f0 [ 15.097542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.097786] kthread+0x328/0x630 [ 15.098122] ret_from_fork+0x10/0x20 [ 15.098656] [ 15.098775] The buggy address belongs to the physical page: [ 15.098936] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c0 [ 15.099151] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.099407] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.099566] page_type: f8(unknown) [ 15.099869] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.100065] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.100248] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.100330] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.100491] head: 0bfffe0000000002 ffffc1ffc3197001 00000000ffffffff 00000000ffffffff [ 15.100568] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.100748] page dumped because: kasan: bad access detected [ 15.100880] [ 15.100900] Memory state around the buggy address: [ 15.100932] fff00000c65c1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.101014] fff00000c65c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.101170] >fff00000c65c2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.101386] ^ [ 15.101500] fff00000c65c2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.101547] fff00000c65c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.101937] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.082275] ================================================================== [ 15.082372] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.082505] Write of size 1 at addr fff00000c12ddf00 by task kunit_try_catch/145 [ 15.082570] [ 15.082629] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.082836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.082866] Hardware name: linux,dummy-virt (DT) [ 15.082895] Call trace: [ 15.082945] show_stack+0x20/0x38 (C) [ 15.083146] dump_stack_lvl+0x8c/0xd0 [ 15.083343] print_report+0x118/0x5d0 [ 15.083412] kasan_report+0xdc/0x128 [ 15.083462] __asan_report_store1_noabort+0x20/0x30 [ 15.083766] kmalloc_big_oob_right+0x2a4/0x2f0 [ 15.083846] kunit_try_run_case+0x170/0x3f0 [ 15.083996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.084054] kthread+0x328/0x630 [ 15.084095] ret_from_fork+0x10/0x20 [ 15.084202] [ 15.084221] Allocated by task 145: [ 15.084249] kasan_save_stack+0x3c/0x68 [ 15.084298] kasan_save_track+0x20/0x40 [ 15.084335] kasan_save_alloc_info+0x40/0x58 [ 15.084374] __kasan_kmalloc+0xd4/0xd8 [ 15.084409] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.084447] kmalloc_big_oob_right+0xb8/0x2f0 [ 15.084483] kunit_try_run_case+0x170/0x3f0 [ 15.084520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.084562] kthread+0x328/0x630 [ 15.084593] ret_from_fork+0x10/0x20 [ 15.084629] [ 15.084647] The buggy address belongs to the object at fff00000c12dc000 [ 15.084647] which belongs to the cache kmalloc-8k of size 8192 [ 15.084703] The buggy address is located 0 bytes to the right of [ 15.084703] allocated 7936-byte region [fff00000c12dc000, fff00000c12ddf00) [ 15.084765] [ 15.084783] The buggy address belongs to the physical page: [ 15.084817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1012d8 [ 15.085293] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.085433] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.085605] page_type: f5(slab) [ 15.085699] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.086608] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.086679] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 15.086757] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.086910] head: 0bfffe0000000003 ffffc1ffc304b601 00000000ffffffff 00000000ffffffff [ 15.086996] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.087083] page dumped because: kasan: bad access detected [ 15.087115] [ 15.087245] Memory state around the buggy address: [ 15.087438] fff00000c12dde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.087524] fff00000c12dde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.087632] >fff00000c12ddf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087994] ^ [ 15.088031] fff00000c12ddf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088232] fff00000c12de000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088514] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.068114] ================================================================== [ 15.068161] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 15.068393] Write of size 1 at addr fff00000c786a178 by task kunit_try_catch/143 [ 15.068493] [ 15.068538] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.068653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.068680] Hardware name: linux,dummy-virt (DT) [ 15.068727] Call trace: [ 15.068794] show_stack+0x20/0x38 (C) [ 15.068877] dump_stack_lvl+0x8c/0xd0 [ 15.068925] print_report+0x118/0x5d0 [ 15.068971] kasan_report+0xdc/0x128 [ 15.069029] __asan_report_store1_noabort+0x20/0x30 [ 15.069104] kmalloc_track_caller_oob_right+0x418/0x488 [ 15.069155] kunit_try_run_case+0x170/0x3f0 [ 15.069200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.069353] kthread+0x328/0x630 [ 15.069460] ret_from_fork+0x10/0x20 [ 15.069508] [ 15.069525] Allocated by task 143: [ 15.069551] kasan_save_stack+0x3c/0x68 [ 15.069728] kasan_save_track+0x20/0x40 [ 15.069834] kasan_save_alloc_info+0x40/0x58 [ 15.069913] __kasan_kmalloc+0xd4/0xd8 [ 15.070068] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.070166] kmalloc_track_caller_oob_right+0x184/0x488 [ 15.070297] kunit_try_run_case+0x170/0x3f0 [ 15.070373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.070440] kthread+0x328/0x630 [ 15.070522] ret_from_fork+0x10/0x20 [ 15.070608] [ 15.070678] The buggy address belongs to the object at fff00000c786a100 [ 15.070678] which belongs to the cache kmalloc-128 of size 128 [ 15.070938] The buggy address is located 0 bytes to the right of [ 15.070938] allocated 120-byte region [fff00000c786a100, fff00000c786a178) [ 15.071054] [ 15.071126] The buggy address belongs to the physical page: [ 15.071178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.071287] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.071404] page_type: f5(slab) [ 15.071524] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.071620] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.071682] page dumped because: kasan: bad access detected [ 15.071712] [ 15.071728] Memory state around the buggy address: [ 15.072121] fff00000c786a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.072237] fff00000c786a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.072286] >fff00000c786a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.072331] ^ [ 15.072405] fff00000c786a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.072457] fff00000c786a200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.072495] ================================================================== [ 15.063115] ================================================================== [ 15.063342] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.063404] Write of size 1 at addr fff00000c786a078 by task kunit_try_catch/143 [ 15.063478] [ 15.063520] CPU: 0 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.063622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.063648] Hardware name: linux,dummy-virt (DT) [ 15.063698] Call trace: [ 15.063738] show_stack+0x20/0x38 (C) [ 15.063803] dump_stack_lvl+0x8c/0xd0 [ 15.063850] print_report+0x118/0x5d0 [ 15.064026] kasan_report+0xdc/0x128 [ 15.064227] __asan_report_store1_noabort+0x20/0x30 [ 15.064309] kmalloc_track_caller_oob_right+0x40c/0x488 [ 15.064367] kunit_try_run_case+0x170/0x3f0 [ 15.064452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.064524] kthread+0x328/0x630 [ 15.064565] ret_from_fork+0x10/0x20 [ 15.064613] [ 15.064630] Allocated by task 143: [ 15.064674] kasan_save_stack+0x3c/0x68 [ 15.064715] kasan_save_track+0x20/0x40 [ 15.064865] kasan_save_alloc_info+0x40/0x58 [ 15.065170] __kasan_kmalloc+0xd4/0xd8 [ 15.065260] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.065318] kmalloc_track_caller_oob_right+0xa8/0x488 [ 15.065359] kunit_try_run_case+0x170/0x3f0 [ 15.065395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.065548] kthread+0x328/0x630 [ 15.065580] ret_from_fork+0x10/0x20 [ 15.065614] [ 15.065720] The buggy address belongs to the object at fff00000c786a000 [ 15.065720] which belongs to the cache kmalloc-128 of size 128 [ 15.065852] The buggy address is located 0 bytes to the right of [ 15.065852] allocated 120-byte region [fff00000c786a000, fff00000c786a078) [ 15.065966] [ 15.066028] The buggy address belongs to the physical page: [ 15.066117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a [ 15.066220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.066287] page_type: f5(slab) [ 15.066437] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.066573] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.066670] page dumped because: kasan: bad access detected [ 15.066761] [ 15.066862] Memory state around the buggy address: [ 15.066929] fff00000c7869f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.066989] fff00000c7869f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067031] >fff00000c786a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.067077] ^ [ 15.067126] fff00000c786a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067167] fff00000c786a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067206] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.042947] ================================================================== [ 15.043101] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 15.043264] Read of size 1 at addr fff00000c5d1d000 by task kunit_try_catch/141 [ 15.043317] [ 15.043351] CPU: 0 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.043436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.043835] Hardware name: linux,dummy-virt (DT) [ 15.043993] Call trace: [ 15.044018] show_stack+0x20/0x38 (C) [ 15.044073] dump_stack_lvl+0x8c/0xd0 [ 15.044139] print_report+0x118/0x5d0 [ 15.044242] kasan_report+0xdc/0x128 [ 15.044456] __asan_report_load1_noabort+0x20/0x30 [ 15.044519] kmalloc_node_oob_right+0x2f4/0x330 [ 15.044565] kunit_try_run_case+0x170/0x3f0 [ 15.044620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.044990] kthread+0x328/0x630 [ 15.045303] ret_from_fork+0x10/0x20 [ 15.045997] [ 15.046053] Allocated by task 141: [ 15.046117] kasan_save_stack+0x3c/0x68 [ 15.046169] kasan_save_track+0x20/0x40 [ 15.046204] kasan_save_alloc_info+0x40/0x58 [ 15.046488] __kasan_kmalloc+0xd4/0xd8 [ 15.046725] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 15.046992] kmalloc_node_oob_right+0xbc/0x330 [ 15.047089] kunit_try_run_case+0x170/0x3f0 [ 15.047137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.047342] kthread+0x328/0x630 [ 15.047407] ret_from_fork+0x10/0x20 [ 15.047707] [ 15.047933] The buggy address belongs to the object at fff00000c5d1c000 [ 15.047933] which belongs to the cache kmalloc-4k of size 4096 [ 15.048065] The buggy address is located 0 bytes to the right of [ 15.048065] allocated 4096-byte region [fff00000c5d1c000, fff00000c5d1d000) [ 15.048213] [ 15.048332] The buggy address belongs to the physical page: [ 15.048523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105d18 [ 15.049315] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.049518] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 15.049859] page_type: f5(slab) [ 15.049944] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.050013] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.050411] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 15.050549] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.050906] head: 0bfffe0000000003 ffffc1ffc3174601 00000000ffffffff 00000000ffffffff [ 15.051154] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.051407] page dumped because: kasan: bad access detected [ 15.051697] [ 15.051856] Memory state around the buggy address: [ 15.051896] fff00000c5d1cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.051956] fff00000c5d1cf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.052018] >fff00000c5d1d000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052056] ^ [ 15.052083] fff00000c5d1d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052125] fff00000c5d1d100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052163] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.028202] ================================================================== [ 15.028263] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 15.028317] Read of size 1 at addr fff00000c433eb9f by task kunit_try_catch/139 [ 15.028537] [ 15.028602] CPU: 0 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.028688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.028714] Hardware name: linux,dummy-virt (DT) [ 15.028743] Call trace: [ 15.028764] show_stack+0x20/0x38 (C) [ 15.029457] dump_stack_lvl+0x8c/0xd0 [ 15.029810] print_report+0x118/0x5d0 [ 15.029867] kasan_report+0xdc/0x128 [ 15.029912] __asan_report_load1_noabort+0x20/0x30 [ 15.030287] kmalloc_oob_left+0x2ec/0x320 [ 15.030384] kunit_try_run_case+0x170/0x3f0 [ 15.030697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.030907] kthread+0x328/0x630 [ 15.031073] ret_from_fork+0x10/0x20 [ 15.031182] [ 15.031199] Allocated by task 9: [ 15.031484] kasan_save_stack+0x3c/0x68 [ 15.031726] kasan_save_track+0x20/0x40 [ 15.031915] kasan_save_alloc_info+0x40/0x58 [ 15.031971] __kasan_kmalloc+0xd4/0xd8 [ 15.032017] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 15.032065] kvasprintf+0xe0/0x180 [ 15.032135] __kthread_create_on_node+0x16c/0x350 [ 15.032196] kthread_create_on_node+0xe4/0x130 [ 15.032233] create_worker+0x380/0x6b8 [ 15.032276] worker_thread+0x808/0xf38 [ 15.032309] kthread+0x328/0x630 [ 15.032355] ret_from_fork+0x10/0x20 [ 15.032390] [ 15.032418] The buggy address belongs to the object at fff00000c433eb80 [ 15.032418] which belongs to the cache kmalloc-16 of size 16 [ 15.032488] The buggy address is located 19 bytes to the right of [ 15.032488] allocated 12-byte region [fff00000c433eb80, fff00000c433eb8c) [ 15.032561] [ 15.032594] The buggy address belongs to the physical page: [ 15.032625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10433e [ 15.032677] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.032735] page_type: f5(slab) [ 15.032787] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 15.033344] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.033599] page dumped because: kasan: bad access detected [ 15.033666] [ 15.033712] Memory state around the buggy address: [ 15.033804] fff00000c433ea80: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.033868] fff00000c433eb00: 00 07 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.033918] >fff00000c433eb80: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 15.033956] ^ [ 15.033998] fff00000c433ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034039] fff00000c433ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.003855] ================================================================== [ 15.003902] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 15.003948] Read of size 1 at addr fff00000c122af80 by task kunit_try_catch/137 [ 15.004011] [ 15.004040] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 15.004117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.004144] Hardware name: linux,dummy-virt (DT) [ 15.004173] Call trace: [ 15.004192] show_stack+0x20/0x38 (C) [ 15.004237] dump_stack_lvl+0x8c/0xd0 [ 15.004283] print_report+0x118/0x5d0 [ 15.004327] kasan_report+0xdc/0x128 [ 15.004371] __asan_report_load1_noabort+0x20/0x30 [ 15.004420] kmalloc_oob_right+0x5d0/0x660 [ 15.004463] kunit_try_run_case+0x170/0x3f0 [ 15.004858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.005287] kthread+0x328/0x630 [ 15.005370] ret_from_fork+0x10/0x20 [ 15.005418] [ 15.005436] Allocated by task 137: [ 15.005462] kasan_save_stack+0x3c/0x68 [ 15.005628] kasan_save_track+0x20/0x40 [ 15.005669] kasan_save_alloc_info+0x40/0x58 [ 15.005820] __kasan_kmalloc+0xd4/0xd8 [ 15.006013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.006160] kmalloc_oob_right+0xb0/0x660 [ 15.006197] kunit_try_run_case+0x170/0x3f0 [ 15.006233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.006274] kthread+0x328/0x630 [ 15.006305] ret_from_fork+0x10/0x20 [ 15.006339] [ 15.006590] The buggy address belongs to the object at fff00000c122af00 [ 15.006590] which belongs to the cache kmalloc-128 of size 128 [ 15.006835] The buggy address is located 13 bytes to the right of [ 15.006835] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 15.007043] [ 15.007094] The buggy address belongs to the physical page: [ 15.007127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 15.007180] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.007255] page_type: f5(slab) [ 15.007292] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.007418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.007574] page dumped because: kasan: bad access detected [ 15.007607] [ 15.007638] Memory state around the buggy address: [ 15.007680] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007722] fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.007763] >fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.007799] ^ [ 15.007831] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.008213] fff00000c122b080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 15.008343] ================================================================== [ 14.997748] ================================================================== [ 14.997806] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 14.997891] Write of size 1 at addr fff00000c122af78 by task kunit_try_catch/137 [ 14.998007] [ 14.998111] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 14.998191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.998216] Hardware name: linux,dummy-virt (DT) [ 14.998251] Call trace: [ 14.998352] show_stack+0x20/0x38 (C) [ 14.998595] dump_stack_lvl+0x8c/0xd0 [ 14.998697] print_report+0x118/0x5d0 [ 14.998748] kasan_report+0xdc/0x128 [ 14.998863] __asan_report_store1_noabort+0x20/0x30 [ 14.999277] kmalloc_oob_right+0x538/0x660 [ 14.999646] kunit_try_run_case+0x170/0x3f0 [ 14.999710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.999763] kthread+0x328/0x630 [ 14.999803] ret_from_fork+0x10/0x20 [ 14.999848] [ 14.999866] Allocated by task 137: [ 14.999902] kasan_save_stack+0x3c/0x68 [ 14.999942] kasan_save_track+0x20/0x40 [ 15.000133] kasan_save_alloc_info+0x40/0x58 [ 15.000272] __kasan_kmalloc+0xd4/0xd8 [ 15.000437] __kmalloc_cache_noprof+0x16c/0x3c0 [ 15.000649] kmalloc_oob_right+0xb0/0x660 [ 15.000716] kunit_try_run_case+0x170/0x3f0 [ 15.000915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 15.001188] kthread+0x328/0x630 [ 15.001291] ret_from_fork+0x10/0x20 [ 15.001394] [ 15.001436] The buggy address belongs to the object at fff00000c122af00 [ 15.001436] which belongs to the cache kmalloc-128 of size 128 [ 15.001501] The buggy address is located 5 bytes to the right of [ 15.001501] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 15.001564] [ 15.001582] The buggy address belongs to the physical page: [ 15.001613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 15.001685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 15.001766] page_type: f5(slab) [ 15.001802] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 15.001852] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.001891] page dumped because: kasan: bad access detected [ 15.001921] [ 15.001939] Memory state around the buggy address: [ 15.001968] fff00000c122ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.002263] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002321] >fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.002358] ^ [ 15.002404] fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.002465] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.002504] ================================================================== [ 14.978526] ================================================================== [ 14.978883] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 14.979711] Write of size 1 at addr fff00000c122af73 by task kunit_try_catch/137 [ 14.980103] [ 14.982662] CPU: 0 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 14.982954] Tainted: [N]=TEST [ 14.983072] Hardware name: linux,dummy-virt (DT) [ 14.983605] Call trace: [ 14.984370] show_stack+0x20/0x38 (C) [ 14.985043] dump_stack_lvl+0x8c/0xd0 [ 14.985171] print_report+0x118/0x5d0 [ 14.985329] kasan_report+0xdc/0x128 [ 14.985422] __asan_report_store1_noabort+0x20/0x30 [ 14.985476] kmalloc_oob_right+0x5a4/0x660 [ 14.985555] kunit_try_run_case+0x170/0x3f0 [ 14.985606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.985698] kthread+0x328/0x630 [ 14.986116] ret_from_fork+0x10/0x20 [ 14.986682] [ 14.987025] Allocated by task 137: [ 14.987410] kasan_save_stack+0x3c/0x68 [ 14.987597] kasan_save_track+0x20/0x40 [ 14.987635] kasan_save_alloc_info+0x40/0x58 [ 14.987950] __kasan_kmalloc+0xd4/0xd8 [ 14.988009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 14.988050] kmalloc_oob_right+0xb0/0x660 [ 14.988188] kunit_try_run_case+0x170/0x3f0 [ 14.988369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 14.988543] kthread+0x328/0x630 [ 14.988574] ret_from_fork+0x10/0x20 [ 14.989101] [ 14.989171] The buggy address belongs to the object at fff00000c122af00 [ 14.989171] which belongs to the cache kmalloc-128 of size 128 [ 14.989551] The buggy address is located 0 bytes to the right of [ 14.989551] allocated 115-byte region [fff00000c122af00, fff00000c122af73) [ 14.989629] [ 14.989929] The buggy address belongs to the physical page: [ 14.990551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10122a [ 14.991316] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 14.992609] page_type: f5(slab) [ 14.993291] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 14.993614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.993843] page dumped because: kasan: bad access detected [ 14.993885] [ 14.993911] Memory state around the buggy address: [ 14.994625] fff00000c122ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.995084] fff00000c122ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.995164] >fff00000c122af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.995293] ^ [ 14.995672] fff00000c122af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.995719] fff00000c122b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.995793] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.713964] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.714957] Modules linked in: [ 95.715195] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 95.715675] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.715914] Hardware name: linux,dummy-virt (DT) [ 95.716347] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.717026] pc : intlog10+0x38/0x48 [ 95.717435] lr : intlog10_test+0xe4/0x200 [ 95.717894] sp : ffff800082417c10 [ 95.718499] x29: ffff800082417c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.719239] x26: 1ffe000018845ce1 x25: 0000000000000000 x24: ffff800082417ce0 [ 95.719990] x23: ffff800082417d00 x22: 0000000000000000 x21: 1ffff00010482f82 [ 95.720922] x20: ffffa84829c89d80 x19: ffff800080087990 x18: 00000000ac87c410 [ 95.722047] x17: 00000000415a47e1 x16: fff00000c0975c3c x15: 00000000abf4a859 [ 95.723127] x14: 000000000524bebc x13: 1ffe00001b48eb89 x12: ffff750905b63379 [ 95.724253] x11: 1ffff50905b63378 x10: ffff750905b63378 x9 : ffffa84827235e5c [ 95.724605] x8 : ffffa8482db19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.724969] x5 : ffff700010482f82 x4 : 1ffff00010010f3a x3 : 1ffff509053913b0 [ 95.725804] x2 : 1ffff509053913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.726649] Call trace: [ 95.726927] intlog10+0x38/0x48 (P) [ 95.727282] kunit_try_run_case+0x170/0x3f0 [ 95.727578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.727821] kthread+0x328/0x630 [ 95.728009] ret_from_fork+0x10/0x20 [ 95.728220] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.673476] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.674576] Modules linked in: [ 95.674834] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 95.675367] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.675661] Hardware name: linux,dummy-virt (DT) [ 95.675920] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.676301] pc : intlog2+0xd8/0xf8 [ 95.676519] lr : intlog2_test+0xe4/0x200 [ 95.676731] sp : ffff800082347c10 [ 95.676895] x29: ffff800082347c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.677698] x26: 1ffe000018f5f7c1 x25: 0000000000000000 x24: ffff800082347ce0 [ 95.678139] x23: ffff800082347d00 x22: 0000000000000000 x21: 1ffff00010468f82 [ 95.678582] x20: ffffa84829c89c80 x19: ffff800080087990 x18: 000000009f0f6ddf [ 95.679005] x17: 00000000cd8bdb4e x16: 00000000ee984d8b x15: 0000000029b725ce [ 95.679427] x14: 00000000c128f1ca x13: 0000000000000005 x12: ffff750905b63379 [ 95.679827] x11: 1ffff50905b63378 x10: ffff750905b63378 x9 : ffffa8482723605c [ 95.680274] x8 : ffffa8482db19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.680697] x5 : ffff700010468f82 x4 : 1ffff00010010f3a x3 : 1ffff50905391390 [ 95.681218] x2 : 1ffff50905391390 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.681655] Call trace: [ 95.681817] intlog2+0xd8/0xf8 (P) [ 95.682041] kunit_try_run_case+0x170/0x3f0 [ 95.682303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.682616] kthread+0x328/0x630 [ 95.682834] ret_from_fork+0x10/0x20 [ 95.683096] ---[ end trace 0000000000000000 ]---