Date
July 13, 2025, 11:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.331359] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dbc/0x4858 [ 19.235635] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.094103] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 95.733899] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.740519] Modules linked in: [ 95.741190] CPU: 0 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 95.741695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.742081] Hardware name: linux,dummy-virt (DT) [ 95.742682] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.743089] pc : kunit_test_null_dereference+0x70/0x170 [ 95.743663] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.744230] sp : ffff800080f97d30 [ 95.744526] x29: ffff800080f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.745047] x26: 1ffe000018cb54c1 x25: 0000000000000000 x24: 0000000000000004 [ 95.745463] x23: fff00000c65aa60c x22: ffff946995623438 x21: fff00000c1c86588 [ 95.745947] x20: 1ffff000101f2fa6 x19: ffff800080087990 x18: 000000007a9af8a9 [ 95.746408] x17: 0000000000000001 x16: fff00000c097583c x15: fff00000ff616b08 [ 95.746887] x14: 0000000000018fff x13: 1ffe00001b48ebcd x12: fffd800018e8362c [ 95.747347] x11: 1ffe000018e8362b x10: fffd800018e8362b x9 : ffff94699561a8a0 [ 95.748006] x8 : ffff800080f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.748428] x5 : ffff7000101f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.748850] x2 : dfff800000000000 x1 : fff00000c741a880 x0 : ffff800080087990 [ 95.749344] Call trace: [ 95.749571] kunit_test_null_dereference+0x70/0x170 (P) [ 95.749878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.750195] kthread+0x328/0x630 [ 95.750441] ret_from_fork+0x10/0x20 [ 95.750950] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.751523] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.668429] ================================================================== [ 49.668487] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.668487] [ 49.668570] Use-after-free read at 0x00000000494b2d27 (in kfence-#148): [ 49.668622] test_krealloc+0x51c/0x830 [ 49.668665] kunit_try_run_case+0x170/0x3f0 [ 49.668710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.668756] kthread+0x328/0x630 [ 49.668794] ret_from_fork+0x10/0x20 [ 49.668834] [ 49.668857] kfence-#148: 0x00000000494b2d27-0x00000000616a487a, size=32, cache=kmalloc-32 [ 49.668857] [ 49.668913] allocated by task 338 on cpu 0 at 49.667785s (0.001123s ago): [ 49.668981] test_alloc+0x29c/0x628 [ 49.669019] test_krealloc+0xc0/0x830 [ 49.669059] kunit_try_run_case+0x170/0x3f0 [ 49.669097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.669142] kthread+0x328/0x630 [ 49.669176] ret_from_fork+0x10/0x20 [ 49.669228] [ 49.669252] freed by task 338 on cpu 0 at 49.668001s (0.001248s ago): [ 49.669313] krealloc_noprof+0x148/0x360 [ 49.669355] test_krealloc+0x1dc/0x830 [ 49.669394] kunit_try_run_case+0x170/0x3f0 [ 49.669434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.669477] kthread+0x328/0x630 [ 49.669514] ret_from_fork+0x10/0x20 [ 49.669553] [ 49.669597] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.669674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.669704] Hardware name: linux,dummy-virt (DT) [ 49.669739] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.580071] ================================================================== [ 49.580170] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.580170] [ 49.580284] Use-after-free read at 0x000000003f57073a (in kfence-#147): [ 49.580340] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.580391] kunit_try_run_case+0x170/0x3f0 [ 49.580438] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.580483] kthread+0x328/0x630 [ 49.580523] ret_from_fork+0x10/0x20 [ 49.580563] [ 49.580587] kfence-#147: 0x000000003f57073a-0x0000000083a7a395, size=32, cache=test [ 49.580587] [ 49.580641] allocated by task 336 on cpu 1 at 49.560041s (0.020596s ago): [ 49.580710] test_alloc+0x230/0x628 [ 49.580751] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.580794] kunit_try_run_case+0x170/0x3f0 [ 49.580834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.580879] kthread+0x328/0x630 [ 49.580913] ret_from_fork+0x10/0x20 [ 49.580951] [ 49.580973] freed by task 336 on cpu 1 at 49.560156s (0.020814s ago): [ 49.581029] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.581070] kunit_try_run_case+0x170/0x3f0 [ 49.581111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.581154] kthread+0x328/0x630 [ 49.581198] ret_from_fork+0x10/0x20 [ 49.581235] [ 49.581285] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 49.581364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.581392] Hardware name: linux,dummy-virt (DT) [ 49.581428] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.907722] ================================================================== [ 26.907876] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.907876] [ 26.908008] Invalid read at 0x00000000ba76a943: [ 26.908100] test_invalid_access+0xdc/0x1f0 [ 26.908195] kunit_try_run_case+0x170/0x3f0 [ 26.908274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.908348] kthread+0x328/0x630 [ 26.908416] ret_from_fork+0x10/0x20 [ 26.908490] [ 26.908565] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.908676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.908733] Hardware name: linux,dummy-virt (DT) [ 26.908796] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.680100] ================================================================== [ 26.680214] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.680214] [ 26.680278] Corrupted memory at 0x00000000e4e5b11e [ ! . . . . . . . . . . . . . . . ] (in kfence-#143): [ 26.680593] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.680642] kunit_try_run_case+0x170/0x3f0 [ 26.680686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.680731] kthread+0x328/0x630 [ 26.680771] ret_from_fork+0x10/0x20 [ 26.680810] [ 26.680833] kfence-#143: 0x0000000004e2389b-0x000000003f7ea85e, size=73, cache=kmalloc-96 [ 26.680833] [ 26.680888] allocated by task 326 on cpu 0 at 26.679855s (0.001029s ago): [ 26.680950] test_alloc+0x29c/0x628 [ 26.680992] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.681035] kunit_try_run_case+0x170/0x3f0 [ 26.681074] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.681117] kthread+0x328/0x630 [ 26.681152] ret_from_fork+0x10/0x20 [ 26.681202] [ 26.681225] freed by task 326 on cpu 0 at 26.680003s (0.001218s ago): [ 26.681286] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.681329] kunit_try_run_case+0x170/0x3f0 [ 26.681369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.681411] kthread+0x328/0x630 [ 26.681447] ret_from_fork+0x10/0x20 [ 26.681486] [ 26.681529] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.681607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.681635] Hardware name: linux,dummy-virt (DT) [ 26.681669] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.264025] ================================================================== [ 26.264107] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.264107] [ 26.264220] Out-of-bounds read at 0x0000000062c1c227 (105B right of kfence-#139): [ 26.264281] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.264331] kunit_try_run_case+0x170/0x3f0 [ 26.264376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.264421] kthread+0x328/0x630 [ 26.264461] ret_from_fork+0x10/0x20 [ 26.264502] [ 26.264529] kfence-#139: 0x0000000099ba61f4-0x00000000fe866855, size=73, cache=kmalloc-96 [ 26.264529] [ 26.264583] allocated by task 324 on cpu 0 at 26.263790s (0.000789s ago): [ 26.264653] test_alloc+0x29c/0x628 [ 26.264693] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.264736] kunit_try_run_case+0x170/0x3f0 [ 26.264777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.264821] kthread+0x328/0x630 [ 26.264857] ret_from_fork+0x10/0x20 [ 26.264897] [ 26.264943] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 26.265023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.265052] Hardware name: linux,dummy-virt (DT) [ 26.265087] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.312288] ================================================================== [ 22.312377] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.312377] [ 22.312439] Corrupted memory at 0x0000000027a11da9 [ ! ] (in kfence-#101): [ 22.312568] test_corruption+0x284/0x378 [ 22.312615] kunit_try_run_case+0x170/0x3f0 [ 22.312656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.312699] kthread+0x328/0x630 [ 22.312738] ret_from_fork+0x10/0x20 [ 22.312777] [ 22.312802] kfence-#101: 0x00000000d98c1237-0x000000009b77b3eb, size=32, cache=kmalloc-32 [ 22.312802] [ 22.312857] allocated by task 312 on cpu 1 at 22.311953s (0.000901s ago): [ 22.312917] test_alloc+0x29c/0x628 [ 22.312957] test_corruption+0x198/0x378 [ 22.312996] kunit_try_run_case+0x170/0x3f0 [ 22.313036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.313079] kthread+0x328/0x630 [ 22.313115] ret_from_fork+0x10/0x20 [ 22.313152] [ 22.313176] freed by task 312 on cpu 1 at 22.312055s (0.001118s ago): [ 22.313251] test_corruption+0x284/0x378 [ 22.313289] kunit_try_run_case+0x170/0x3f0 [ 22.313329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.313371] kthread+0x328/0x630 [ 22.313407] ret_from_fork+0x10/0x20 [ 22.313444] [ 22.313484] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.313561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.313590] Hardware name: linux,dummy-virt (DT) [ 22.313623] ================================================================== [ 22.208114] ================================================================== [ 22.208261] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.208261] [ 22.208332] Corrupted memory at 0x00000000680c5183 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 22.209441] test_corruption+0x278/0x378 [ 22.209491] kunit_try_run_case+0x170/0x3f0 [ 22.209535] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.209579] kthread+0x328/0x630 [ 22.209618] ret_from_fork+0x10/0x20 [ 22.209657] [ 22.209681] kfence-#100: 0x000000006fbbe59e-0x0000000047c33481, size=32, cache=kmalloc-32 [ 22.209681] [ 22.209740] allocated by task 312 on cpu 1 at 22.207836s (0.001900s ago): [ 22.209802] test_alloc+0x29c/0x628 [ 22.209843] test_corruption+0xdc/0x378 [ 22.209883] kunit_try_run_case+0x170/0x3f0 [ 22.209924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.209968] kthread+0x328/0x630 [ 22.210010] ret_from_fork+0x10/0x20 [ 22.210049] [ 22.210072] freed by task 312 on cpu 1 at 22.207942s (0.002127s ago): [ 22.210132] test_corruption+0x278/0x378 [ 22.210172] kunit_try_run_case+0x170/0x3f0 [ 22.210226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.210269] kthread+0x328/0x630 [ 22.210305] ret_from_fork+0x10/0x20 [ 22.210345] [ 22.210390] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.210472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.210502] Hardware name: linux,dummy-virt (DT) [ 22.210537] ================================================================== [ 22.832017] ================================================================== [ 22.832109] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.832109] [ 22.832170] Corrupted memory at 0x00000000a4e43b1a [ ! ] (in kfence-#106): [ 22.832305] test_corruption+0x1d8/0x378 [ 22.832350] kunit_try_run_case+0x170/0x3f0 [ 22.832393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.832437] kthread+0x328/0x630 [ 22.832476] ret_from_fork+0x10/0x20 [ 22.832514] [ 22.832539] kfence-#106: 0x0000000029730a8a-0x0000000042514502, size=32, cache=test [ 22.832539] [ 22.832596] allocated by task 314 on cpu 1 at 22.831871s (0.000721s ago): [ 22.832657] test_alloc+0x230/0x628 [ 22.832696] test_corruption+0x198/0x378 [ 22.832737] kunit_try_run_case+0x170/0x3f0 [ 22.832775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.832819] kthread+0x328/0x630 [ 22.832855] ret_from_fork+0x10/0x20 [ 22.832893] [ 22.832916] freed by task 314 on cpu 1 at 22.831931s (0.000981s ago): [ 22.832976] test_corruption+0x1d8/0x378 [ 22.833017] kunit_try_run_case+0x170/0x3f0 [ 22.833055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.833098] kthread+0x328/0x630 [ 22.833133] ret_from_fork+0x10/0x20 [ 22.833172] [ 22.833225] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.833305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.833336] Hardware name: linux,dummy-virt (DT) [ 22.833369] ================================================================== [ 22.415910] ================================================================== [ 22.416003] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.416003] [ 22.416065] Corrupted memory at 0x000000006f35cb6d [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 22.416397] test_corruption+0x120/0x378 [ 22.416444] kunit_try_run_case+0x170/0x3f0 [ 22.416488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.416534] kthread+0x328/0x630 [ 22.416571] ret_from_fork+0x10/0x20 [ 22.416611] [ 22.416636] kfence-#102: 0x000000000e52e521-0x0000000034774a4e, size=32, cache=test [ 22.416636] [ 22.416692] allocated by task 314 on cpu 1 at 22.415767s (0.000921s ago): [ 22.416755] test_alloc+0x230/0x628 [ 22.416796] test_corruption+0xdc/0x378 [ 22.416836] kunit_try_run_case+0x170/0x3f0 [ 22.416877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.416921] kthread+0x328/0x630 [ 22.416957] ret_from_fork+0x10/0x20 [ 22.416997] [ 22.417019] freed by task 314 on cpu 1 at 22.415828s (0.001188s ago): [ 22.417080] test_corruption+0x120/0x378 [ 22.417120] kunit_try_run_case+0x170/0x3f0 [ 22.417160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.417215] kthread+0x328/0x630 [ 22.417251] ret_from_fork+0x10/0x20 [ 22.417289] [ 22.417335] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.417415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.417443] Hardware name: linux,dummy-virt (DT) [ 22.417476] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.895968] ================================================================== [ 21.896058] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.896058] [ 21.896123] Invalid free of 0x00000000675ad5ca (in kfence-#97): [ 21.896198] test_invalid_addr_free+0x1ac/0x238 [ 21.896245] kunit_try_run_case+0x170/0x3f0 [ 21.896291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.896336] kthread+0x328/0x630 [ 21.896375] ret_from_fork+0x10/0x20 [ 21.896415] [ 21.896439] kfence-#97: 0x0000000038b6bad2-0x00000000a0cb9c9f, size=32, cache=kmalloc-32 [ 21.896439] [ 21.896496] allocated by task 308 on cpu 1 at 21.895813s (0.000679s ago): [ 21.896561] test_alloc+0x29c/0x628 [ 21.896601] test_invalid_addr_free+0xd4/0x238 [ 21.896643] kunit_try_run_case+0x170/0x3f0 [ 21.896683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.896727] kthread+0x328/0x630 [ 21.896764] ret_from_fork+0x10/0x20 [ 21.896803] [ 21.896854] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.896936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.896964] Hardware name: linux,dummy-virt (DT) [ 21.897001] ================================================================== [ 21.999900] ================================================================== [ 21.999989] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.999989] [ 22.000050] Invalid free of 0x00000000413592ed (in kfence-#98): [ 22.000109] test_invalid_addr_free+0xec/0x238 [ 22.000155] kunit_try_run_case+0x170/0x3f0 [ 22.000214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.000259] kthread+0x328/0x630 [ 22.000297] ret_from_fork+0x10/0x20 [ 22.000336] [ 22.000360] kfence-#98: 0x0000000071fe5125-0x00000000b3d78962, size=32, cache=test [ 22.000360] [ 22.000415] allocated by task 310 on cpu 0 at 21.999774s (0.000638s ago): [ 22.000477] test_alloc+0x230/0x628 [ 22.000518] test_invalid_addr_free+0xd4/0x238 [ 22.000558] kunit_try_run_case+0x170/0x3f0 [ 22.000599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.000641] kthread+0x328/0x630 [ 22.000677] ret_from_fork+0x10/0x20 [ 22.000716] [ 22.000762] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.000843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.000873] Hardware name: linux,dummy-virt (DT) [ 22.000907] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.792096] ================================================================== [ 21.792204] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.792204] [ 21.792270] Invalid free of 0x00000000202f215f (in kfence-#96): [ 21.792324] test_double_free+0x100/0x238 [ 21.792369] kunit_try_run_case+0x170/0x3f0 [ 21.792414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.792459] kthread+0x328/0x630 [ 21.792497] ret_from_fork+0x10/0x20 [ 21.792537] [ 21.792561] kfence-#96: 0x00000000202f215f-0x000000009cae078c, size=32, cache=test [ 21.792561] [ 21.792614] allocated by task 306 on cpu 0 at 21.791873s (0.000737s ago): [ 21.792674] test_alloc+0x230/0x628 [ 21.792716] test_double_free+0xd4/0x238 [ 21.792756] kunit_try_run_case+0x170/0x3f0 [ 21.792796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.792838] kthread+0x328/0x630 [ 21.792874] ret_from_fork+0x10/0x20 [ 21.792912] [ 21.792936] freed by task 306 on cpu 0 at 21.791946s (0.000986s ago): [ 21.792996] test_double_free+0xf0/0x238 [ 21.793036] kunit_try_run_case+0x170/0x3f0 [ 21.793075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.793118] kthread+0x328/0x630 [ 21.793152] ret_from_fork+0x10/0x20 [ 21.793203] [ 21.793245] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.793324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.793352] Hardware name: linux,dummy-virt (DT) [ 21.793387] ================================================================== [ 21.688077] ================================================================== [ 21.688211] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.688211] [ 21.688282] Invalid free of 0x000000001d53076b (in kfence-#95): [ 21.688347] test_double_free+0x1bc/0x238 [ 21.688393] kunit_try_run_case+0x170/0x3f0 [ 21.688443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.688488] kthread+0x328/0x630 [ 21.688527] ret_from_fork+0x10/0x20 [ 21.688567] [ 21.688591] kfence-#95: 0x000000001d53076b-0x000000004d01d73c, size=32, cache=kmalloc-32 [ 21.688591] [ 21.688646] allocated by task 304 on cpu 0 at 21.687782s (0.000860s ago): [ 21.688710] test_alloc+0x29c/0x628 [ 21.688750] test_double_free+0xd4/0x238 [ 21.688791] kunit_try_run_case+0x170/0x3f0 [ 21.688830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.688874] kthread+0x328/0x630 [ 21.688910] ret_from_fork+0x10/0x20 [ 21.688950] [ 21.688973] freed by task 304 on cpu 0 at 21.687860s (0.001109s ago): [ 21.689034] test_double_free+0x1ac/0x238 [ 21.689073] kunit_try_run_case+0x170/0x3f0 [ 21.689112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.689158] kthread+0x328/0x630 [ 21.689206] ret_from_fork+0x10/0x20 [ 21.689247] [ 21.689291] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.689372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.689401] Hardware name: linux,dummy-virt (DT) [ 21.689438] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.375979] ================================================================== [ 21.376056] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.376056] [ 21.376154] Use-after-free read at 0x0000000076a34882 (in kfence-#92): [ 21.376219] test_use_after_free_read+0x114/0x248 [ 21.376277] kunit_try_run_case+0x170/0x3f0 [ 21.376321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.376375] kthread+0x328/0x630 [ 21.376413] ret_from_fork+0x10/0x20 [ 21.376461] [ 21.376495] kfence-#92: 0x0000000076a34882-0x00000000b71f7d33, size=32, cache=test [ 21.376495] [ 21.376546] allocated by task 298 on cpu 0 at 21.375799s (0.000743s ago): [ 21.376615] test_alloc+0x230/0x628 [ 21.376654] test_use_after_free_read+0xd0/0x248 [ 21.376696] kunit_try_run_case+0x170/0x3f0 [ 21.376736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.376789] kthread+0x328/0x630 [ 21.376826] ret_from_fork+0x10/0x20 [ 21.376865] [ 21.376887] freed by task 298 on cpu 0 at 21.375865s (0.001018s ago): [ 21.376981] test_use_after_free_read+0xf0/0x248 [ 21.377024] kunit_try_run_case+0x170/0x3f0 [ 21.377064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.377108] kthread+0x328/0x630 [ 21.377143] ret_from_fork+0x10/0x20 [ 21.377194] [ 21.377237] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.377344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.377387] Hardware name: linux,dummy-virt (DT) [ 21.377449] ================================================================== [ 21.272915] ================================================================== [ 21.273011] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.273011] [ 21.273125] Use-after-free read at 0x000000001bdd2ab8 (in kfence-#91): [ 21.273192] test_use_after_free_read+0x114/0x248 [ 21.273274] kunit_try_run_case+0x170/0x3f0 [ 21.273380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.273424] kthread+0x328/0x630 [ 21.273481] ret_from_fork+0x10/0x20 [ 21.273522] [ 21.273546] kfence-#91: 0x000000001bdd2ab8-0x0000000048a2d879, size=32, cache=kmalloc-32 [ 21.273546] [ 21.273598] allocated by task 296 on cpu 0 at 21.272591s (0.001003s ago): [ 21.273694] test_alloc+0x29c/0x628 [ 21.273735] test_use_after_free_read+0xd0/0x248 [ 21.273776] kunit_try_run_case+0x170/0x3f0 [ 21.273815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.273859] kthread+0x328/0x630 [ 21.273894] ret_from_fork+0x10/0x20 [ 21.273962] [ 21.274138] freed by task 296 on cpu 0 at 21.272658s (0.001362s ago): [ 21.274309] test_use_after_free_read+0x1c0/0x248 [ 21.274393] kunit_try_run_case+0x170/0x3f0 [ 21.274452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.274510] kthread+0x328/0x630 [ 21.274547] ret_from_fork+0x10/0x20 [ 21.274736] [ 21.274806] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.274998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.275059] Hardware name: linux,dummy-virt (DT) [ 21.275094] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.739957] ================================================================== [ 20.740044] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.740044] [ 20.740211] Out-of-bounds write at 0x000000007506db2f (1B left of kfence-#86): [ 20.740266] test_out_of_bounds_write+0x100/0x240 [ 20.740314] kunit_try_run_case+0x170/0x3f0 [ 20.740357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.740401] kthread+0x328/0x630 [ 20.740441] ret_from_fork+0x10/0x20 [ 20.740482] [ 20.740506] kfence-#86: 0x000000001010e599-0x00000000ecc0f9cc, size=32, cache=kmalloc-32 [ 20.740506] [ 20.740558] allocated by task 292 on cpu 0 at 20.738784s (0.001771s ago): [ 20.740626] test_alloc+0x29c/0x628 [ 20.740666] test_out_of_bounds_write+0xc8/0x240 [ 20.740706] kunit_try_run_case+0x170/0x3f0 [ 20.741219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.741283] kthread+0x328/0x630 [ 20.741318] ret_from_fork+0x10/0x20 [ 20.741360] [ 20.742091] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.742404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.742632] Hardware name: linux,dummy-virt (DT) [ 20.742669] ================================================================== [ 21.163971] ================================================================== [ 21.164051] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.164051] [ 21.166200] Out-of-bounds write at 0x000000007031f779 (1B left of kfence-#90): [ 21.166268] test_out_of_bounds_write+0x100/0x240 [ 21.166319] kunit_try_run_case+0x170/0x3f0 [ 21.166363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.166406] kthread+0x328/0x630 [ 21.166443] ret_from_fork+0x10/0x20 [ 21.166484] [ 21.166508] kfence-#90: 0x00000000f830218b-0x000000007e58a64b, size=32, cache=test [ 21.166508] [ 21.166560] allocated by task 294 on cpu 0 at 21.163869s (0.002687s ago): [ 21.166629] test_alloc+0x230/0x628 [ 21.166669] test_out_of_bounds_write+0xc8/0x240 [ 21.166711] kunit_try_run_case+0x170/0x3f0 [ 21.166751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.166794] kthread+0x328/0x630 [ 21.166829] ret_from_fork+0x10/0x20 [ 21.166868] [ 21.166912] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.166992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.167022] Hardware name: linux,dummy-virt (DT) [ 21.167056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.838110] ================================================================== [ 18.838227] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.838286] Read of size 1 at addr ffff800080a97b4a by task kunit_try_catch/254 [ 18.838392] [ 18.838426] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.838548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.838578] Hardware name: linux,dummy-virt (DT) [ 18.838613] Call trace: [ 18.838638] show_stack+0x20/0x38 (C) [ 18.838689] dump_stack_lvl+0x8c/0xd0 [ 18.840375] print_report+0x310/0x5d0 [ 18.840509] kasan_report+0xdc/0x128 [ 18.840558] __asan_report_load1_noabort+0x20/0x30 [ 18.841294] kasan_alloca_oob_right+0x2dc/0x340 [ 18.841350] kunit_try_run_case+0x170/0x3f0 [ 18.841400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.841457] kthread+0x328/0x630 [ 18.841503] ret_from_fork+0x10/0x20 [ 18.841556] [ 18.841580] The buggy address belongs to stack of task kunit_try_catch/254 [ 18.841637] [ 18.841658] The buggy address ffff800080a97b4a belongs to a vmalloc virtual mapping [ 18.841703] The buggy address belongs to the physical page: [ 18.841737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a9f [ 18.841794] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.841857] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.841909] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.841954] page dumped because: kasan: bad access detected [ 18.842049] [ 18.842095] Memory state around the buggy address: [ 18.842130] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.842208] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.842336] >ffff800080a97b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.842428] ^ [ 18.842468] ffff800080a97b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.842514] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.842883] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.416974] ================================================================== [ 20.417503] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.417503] [ 20.417738] Out-of-bounds read at 0x00000000c0c8f1df (32B right of kfence-#83): [ 20.417827] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.417879] kunit_try_run_case+0x170/0x3f0 [ 20.417923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.417968] kthread+0x328/0x630 [ 20.418348] ret_from_fork+0x10/0x20 [ 20.418451] [ 20.418476] kfence-#83: 0x00000000a9ef4c39-0x000000007a11e9d5, size=32, cache=kmalloc-32 [ 20.418476] [ 20.418640] allocated by task 288 on cpu 0 at 20.416796s (0.001741s ago): [ 20.418741] test_alloc+0x29c/0x628 [ 20.418874] test_out_of_bounds_read+0x198/0x3e0 [ 20.418921] kunit_try_run_case+0x170/0x3f0 [ 20.418961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.419005] kthread+0x328/0x630 [ 20.419076] ret_from_fork+0x10/0x20 [ 20.419119] [ 20.419164] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.419938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.420030] Hardware name: linux,dummy-virt (DT) [ 20.420421] ================================================================== [ 20.629891] ================================================================== [ 20.630332] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.630332] [ 20.630589] Out-of-bounds read at 0x00000000e4cd818a (32B right of kfence-#85): [ 20.630653] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.630699] kunit_try_run_case+0x170/0x3f0 [ 20.630978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.631049] kthread+0x328/0x630 [ 20.631352] ret_from_fork+0x10/0x20 [ 20.631422] [ 20.631569] kfence-#85: 0x000000009c953088-0x000000005c9e26ec, size=32, cache=test [ 20.631569] [ 20.631625] allocated by task 290 on cpu 0 at 20.629778s (0.001843s ago): [ 20.631702] test_alloc+0x230/0x628 [ 20.631743] test_out_of_bounds_read+0x198/0x3e0 [ 20.632272] kunit_try_run_case+0x170/0x3f0 [ 20.632432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.632526] kthread+0x328/0x630 [ 20.632672] ret_from_fork+0x10/0x20 [ 20.633030] [ 20.633158] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.633361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.633487] Hardware name: linux,dummy-virt (DT) [ 20.633524] ================================================================== [ 20.205342] ================================================================== [ 20.205576] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.205576] [ 20.206044] Out-of-bounds read at 0x00000000d39b8d9a (1B left of kfence-#81): [ 20.206213] test_out_of_bounds_read+0x114/0x3e0 [ 20.206547] kunit_try_run_case+0x170/0x3f0 [ 20.206620] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.206933] kthread+0x328/0x630 [ 20.206998] ret_from_fork+0x10/0x20 [ 20.207318] [ 20.207362] kfence-#81: 0x00000000c528aecd-0x00000000394bba7e, size=32, cache=kmalloc-32 [ 20.207362] [ 20.207528] allocated by task 288 on cpu 0 at 20.205071s (0.002452s ago): [ 20.208091] test_alloc+0x29c/0x628 [ 20.208197] test_out_of_bounds_read+0xdc/0x3e0 [ 20.209171] kunit_try_run_case+0x170/0x3f0 [ 20.209239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.209510] kthread+0x328/0x630 [ 20.210140] ret_from_fork+0x10/0x20 [ 20.210264] [ 20.210328] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.210718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.210866] Hardware name: linux,dummy-virt (DT) [ 20.210907] ================================================================== [ 20.525386] ================================================================== [ 20.525461] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.525461] [ 20.525541] Out-of-bounds read at 0x00000000641e907c (1B left of kfence-#84): [ 20.526246] test_out_of_bounds_read+0x114/0x3e0 [ 20.526588] kunit_try_run_case+0x170/0x3f0 [ 20.526658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.527039] kthread+0x328/0x630 [ 20.527228] ret_from_fork+0x10/0x20 [ 20.527278] [ 20.527305] kfence-#84: 0x00000000d2e2afd0-0x000000007104a3fc, size=32, cache=test [ 20.527305] [ 20.527741] allocated by task 290 on cpu 0 at 20.525285s (0.002204s ago): [ 20.527903] test_alloc+0x230/0x628 [ 20.528357] test_out_of_bounds_read+0xdc/0x3e0 [ 20.528499] kunit_try_run_case+0x170/0x3f0 [ 20.528944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.529452] kthread+0x328/0x630 [ 20.529551] ret_from_fork+0x10/0x20 [ 20.529791] [ 20.530065] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.530466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.530541] Hardware name: linux,dummy-virt (DT) [ 20.530665] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-kmalloc_node_oob_right
[ 16.403285] ================================================================== [ 16.403901] BUG: KFENCE: out-of-bounds read in kmalloc_node_oob_right+0x160/0x330 [ 16.403901] [ 16.404084] Out-of-bounds read at 0x000000000eb6691a (4096B right of kfence-#52): [ 16.404860] kmalloc_node_oob_right+0x160/0x330 [ 16.405287] kunit_try_run_case+0x170/0x3f0 [ 16.405605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.405725] kthread+0x328/0x630 [ 16.406133] ret_from_fork+0x10/0x20 [ 16.406192] [ 16.407842] kfence-#52: 0x0000000095760581-0x00000000109ede64, size=4096, cache=kmalloc-4k [ 16.407842] [ 16.408484] allocated by task 141 on cpu 1 at 16.398360s (0.010056s ago): [ 16.410832] kmalloc_node_oob_right+0xbc/0x330 [ 16.411194] kunit_try_run_case+0x170/0x3f0 [ 16.411423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.411482] kthread+0x328/0x630 [ 16.411794] ret_from_fork+0x10/0x20 [ 16.412202] [ 16.412565] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.412658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.412684] Hardware name: linux,dummy-virt (DT) [ 16.413256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.770846] ================================================================== [ 19.770922] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.770980] Write of size 1 at addr fff00000c5ae0b78 by task kunit_try_catch/286 [ 19.771038] [ 19.771071] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.771156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.771197] Hardware name: linux,dummy-virt (DT) [ 19.771230] Call trace: [ 19.771254] show_stack+0x20/0x38 (C) [ 19.771311] dump_stack_lvl+0x8c/0xd0 [ 19.771358] print_report+0x118/0x5d0 [ 19.773250] kasan_report+0xdc/0x128 [ 19.773526] __asan_report_store1_noabort+0x20/0x30 [ 19.774466] strncpy_from_user+0x270/0x2a0 [ 19.774605] copy_user_test_oob+0x5c0/0xec8 [ 19.774731] kunit_try_run_case+0x170/0x3f0 [ 19.775324] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.775841] kthread+0x328/0x630 [ 19.775890] ret_from_fork+0x10/0x20 [ 19.776216] [ 19.776241] Allocated by task 286: [ 19.776883] kasan_save_stack+0x3c/0x68 [ 19.777467] kasan_save_track+0x20/0x40 [ 19.777867] kasan_save_alloc_info+0x40/0x58 [ 19.778468] __kasan_kmalloc+0xd4/0xd8 [ 19.778614] __kmalloc_noprof+0x198/0x4c8 [ 19.778659] kunit_kmalloc_array+0x34/0x88 [ 19.778699] copy_user_test_oob+0xac/0xec8 [ 19.778742] kunit_try_run_case+0x170/0x3f0 [ 19.778783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.778830] kthread+0x328/0x630 [ 19.778866] ret_from_fork+0x10/0x20 [ 19.778903] [ 19.780437] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.780437] which belongs to the cache kmalloc-128 of size 128 [ 19.781229] The buggy address is located 0 bytes to the right of [ 19.781229] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.781828] [ 19.782128] The buggy address belongs to the physical page: [ 19.782451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.783134] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.783750] page_type: f5(slab) [ 19.783986] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.784173] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.784516] page dumped because: kasan: bad access detected [ 19.785486] [ 19.785537] Memory state around the buggy address: [ 19.785578] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.785627] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785678] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.785721] ^ [ 19.787168] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.787605] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.787652] ================================================================== [ 19.758713] ================================================================== [ 19.758925] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.759120] Write of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.759190] [ 19.759225] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.759310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.759375] Hardware name: linux,dummy-virt (DT) [ 19.759446] Call trace: [ 19.759479] show_stack+0x20/0x38 (C) [ 19.759529] dump_stack_lvl+0x8c/0xd0 [ 19.759839] print_report+0x118/0x5d0 [ 19.759892] kasan_report+0xdc/0x128 [ 19.759996] kasan_check_range+0x100/0x1a8 [ 19.760049] __kasan_check_write+0x20/0x30 [ 19.760095] strncpy_from_user+0x3c/0x2a0 [ 19.760286] copy_user_test_oob+0x5c0/0xec8 [ 19.760345] kunit_try_run_case+0x170/0x3f0 [ 19.760450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.760609] kthread+0x328/0x630 [ 19.760705] ret_from_fork+0x10/0x20 [ 19.760889] [ 19.760909] Allocated by task 286: [ 19.760940] kasan_save_stack+0x3c/0x68 [ 19.761136] kasan_save_track+0x20/0x40 [ 19.761270] kasan_save_alloc_info+0x40/0x58 [ 19.761315] __kasan_kmalloc+0xd4/0xd8 [ 19.761353] __kmalloc_noprof+0x198/0x4c8 [ 19.761393] kunit_kmalloc_array+0x34/0x88 [ 19.761435] copy_user_test_oob+0xac/0xec8 [ 19.761550] kunit_try_run_case+0x170/0x3f0 [ 19.761763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.761849] kthread+0x328/0x630 [ 19.762215] ret_from_fork+0x10/0x20 [ 19.762347] [ 19.762408] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.762408] which belongs to the cache kmalloc-128 of size 128 [ 19.762502] The buggy address is located 0 bytes inside of [ 19.762502] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.763537] [ 19.763630] The buggy address belongs to the physical page: [ 19.763691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.763852] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.763903] page_type: f5(slab) [ 19.764075] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.764218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.764395] page dumped because: kasan: bad access detected [ 19.764569] [ 19.764683] Memory state around the buggy address: [ 19.764832] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.764904] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.764961] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.765003] ^ [ 19.765090] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.765225] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.765493] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.746773] ================================================================== [ 19.746826] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.746875] Write of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.746929] [ 19.746960] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.747050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.747079] Hardware name: linux,dummy-virt (DT) [ 19.747139] Call trace: [ 19.747163] show_stack+0x20/0x38 (C) [ 19.747227] dump_stack_lvl+0x8c/0xd0 [ 19.747274] print_report+0x118/0x5d0 [ 19.747321] kasan_report+0xdc/0x128 [ 19.747370] kasan_check_range+0x100/0x1a8 [ 19.747419] __kasan_check_write+0x20/0x30 [ 19.747466] copy_user_test_oob+0x434/0xec8 [ 19.747516] kunit_try_run_case+0x170/0x3f0 [ 19.747564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.747627] kthread+0x328/0x630 [ 19.748149] ret_from_fork+0x10/0x20 [ 19.748217] [ 19.748241] Allocated by task 286: [ 19.748458] kasan_save_stack+0x3c/0x68 [ 19.748547] kasan_save_track+0x20/0x40 [ 19.748608] kasan_save_alloc_info+0x40/0x58 [ 19.748689] __kasan_kmalloc+0xd4/0xd8 [ 19.748772] __kmalloc_noprof+0x198/0x4c8 [ 19.748813] kunit_kmalloc_array+0x34/0x88 [ 19.749007] copy_user_test_oob+0xac/0xec8 [ 19.749160] kunit_try_run_case+0x170/0x3f0 [ 19.749279] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.749364] kthread+0x328/0x630 [ 19.749457] ret_from_fork+0x10/0x20 [ 19.749532] [ 19.749588] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.749588] which belongs to the cache kmalloc-128 of size 128 [ 19.749729] The buggy address is located 0 bytes inside of [ 19.749729] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.749807] [ 19.749828] The buggy address belongs to the physical page: [ 19.749873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.749928] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.750159] page_type: f5(slab) [ 19.750273] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.750366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.750577] page dumped because: kasan: bad access detected [ 19.750790] [ 19.750901] Memory state around the buggy address: [ 19.751296] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.751412] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751524] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.751567] ^ [ 19.751635] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751685] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751881] ================================================================== [ 19.734111] ================================================================== [ 19.734269] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.734340] Write of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.734595] [ 19.734638] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.734761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.734861] Hardware name: linux,dummy-virt (DT) [ 19.734905] Call trace: [ 19.734930] show_stack+0x20/0x38 (C) [ 19.734981] dump_stack_lvl+0x8c/0xd0 [ 19.735027] print_report+0x118/0x5d0 [ 19.735113] kasan_report+0xdc/0x128 [ 19.735264] kasan_check_range+0x100/0x1a8 [ 19.735326] __kasan_check_write+0x20/0x30 [ 19.735376] copy_user_test_oob+0x35c/0xec8 [ 19.735498] kunit_try_run_case+0x170/0x3f0 [ 19.735594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.735871] kthread+0x328/0x630 [ 19.736024] ret_from_fork+0x10/0x20 [ 19.736162] [ 19.736312] Allocated by task 286: [ 19.736403] kasan_save_stack+0x3c/0x68 [ 19.736729] kasan_save_track+0x20/0x40 [ 19.736815] kasan_save_alloc_info+0x40/0x58 [ 19.736939] __kasan_kmalloc+0xd4/0xd8 [ 19.737046] __kmalloc_noprof+0x198/0x4c8 [ 19.737143] kunit_kmalloc_array+0x34/0x88 [ 19.737275] copy_user_test_oob+0xac/0xec8 [ 19.737384] kunit_try_run_case+0x170/0x3f0 [ 19.737424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.737477] kthread+0x328/0x630 [ 19.737513] ret_from_fork+0x10/0x20 [ 19.737550] [ 19.737758] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.737758] which belongs to the cache kmalloc-128 of size 128 [ 19.737944] The buggy address is located 0 bytes inside of [ 19.737944] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.738107] [ 19.738188] The buggy address belongs to the physical page: [ 19.738232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.738289] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.738341] page_type: f5(slab) [ 19.738381] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.738447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.738492] page dumped because: kasan: bad access detected [ 19.738536] [ 19.738559] Memory state around the buggy address: [ 19.738594] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.738647] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.738695] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.738737] ^ [ 19.738782] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.738843] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.738887] ================================================================== [ 19.739363] ================================================================== [ 19.739838] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.740108] Read of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.740306] [ 19.740442] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.740559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.740590] Hardware name: linux,dummy-virt (DT) [ 19.740622] Call trace: [ 19.740646] show_stack+0x20/0x38 (C) [ 19.740699] dump_stack_lvl+0x8c/0xd0 [ 19.740746] print_report+0x118/0x5d0 [ 19.740794] kasan_report+0xdc/0x128 [ 19.740995] kasan_check_range+0x100/0x1a8 [ 19.741108] __kasan_check_read+0x20/0x30 [ 19.741244] copy_user_test_oob+0x3c8/0xec8 [ 19.741517] kunit_try_run_case+0x170/0x3f0 [ 19.741577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.741908] kthread+0x328/0x630 [ 19.742294] ret_from_fork+0x10/0x20 [ 19.742473] [ 19.742550] Allocated by task 286: [ 19.742583] kasan_save_stack+0x3c/0x68 [ 19.742625] kasan_save_track+0x20/0x40 [ 19.742898] kasan_save_alloc_info+0x40/0x58 [ 19.743067] __kasan_kmalloc+0xd4/0xd8 [ 19.743163] __kmalloc_noprof+0x198/0x4c8 [ 19.743516] kunit_kmalloc_array+0x34/0x88 [ 19.743635] copy_user_test_oob+0xac/0xec8 [ 19.743724] kunit_try_run_case+0x170/0x3f0 [ 19.743850] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.743946] kthread+0x328/0x630 [ 19.744000] ret_from_fork+0x10/0x20 [ 19.744039] [ 19.744224] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.744224] which belongs to the cache kmalloc-128 of size 128 [ 19.744291] The buggy address is located 0 bytes inside of [ 19.744291] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.744465] [ 19.744549] The buggy address belongs to the physical page: [ 19.744632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.744744] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.744886] page_type: f5(slab) [ 19.745252] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.745346] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.745453] page dumped because: kasan: bad access detected [ 19.745546] [ 19.745613] Memory state around the buggy address: [ 19.745690] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.745852] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.745900] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.746050] ^ [ 19.746141] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.746237] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.746280] ================================================================== [ 19.709709] ================================================================== [ 19.709811] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.709889] Write of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.710111] [ 19.710170] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.710459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.710531] Hardware name: linux,dummy-virt (DT) [ 19.710617] Call trace: [ 19.710674] show_stack+0x20/0x38 (C) [ 19.710747] dump_stack_lvl+0x8c/0xd0 [ 19.710808] print_report+0x118/0x5d0 [ 19.710874] kasan_report+0xdc/0x128 [ 19.710929] kasan_check_range+0x100/0x1a8 [ 19.710994] __kasan_check_write+0x20/0x30 [ 19.711047] copy_user_test_oob+0x234/0xec8 [ 19.711099] kunit_try_run_case+0x170/0x3f0 [ 19.711397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.713191] kthread+0x328/0x630 [ 19.713515] ret_from_fork+0x10/0x20 [ 19.713598] [ 19.713635] Allocated by task 286: [ 19.713672] kasan_save_stack+0x3c/0x68 [ 19.713716] kasan_save_track+0x20/0x40 [ 19.713755] kasan_save_alloc_info+0x40/0x58 [ 19.713974] __kasan_kmalloc+0xd4/0xd8 [ 19.714216] __kmalloc_noprof+0x198/0x4c8 [ 19.714345] kunit_kmalloc_array+0x34/0x88 [ 19.714425] copy_user_test_oob+0xac/0xec8 [ 19.714489] kunit_try_run_case+0x170/0x3f0 [ 19.714591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714668] kthread+0x328/0x630 [ 19.714712] ret_from_fork+0x10/0x20 [ 19.714811] [ 19.714894] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.714894] which belongs to the cache kmalloc-128 of size 128 [ 19.714991] The buggy address is located 0 bytes inside of [ 19.714991] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.715307] [ 19.715499] The buggy address belongs to the physical page: [ 19.715562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.715656] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.715791] page_type: f5(slab) [ 19.715857] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.715962] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.716081] page dumped because: kasan: bad access detected [ 19.716148] [ 19.716254] Memory state around the buggy address: [ 19.716317] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.716365] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.716414] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.716457] ^ [ 19.716752] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717000] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717088] ================================================================== [ 19.722196] ================================================================== [ 19.722260] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.722312] Read of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.722366] [ 19.722648] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.722815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.722851] Hardware name: linux,dummy-virt (DT) [ 19.723213] Call trace: [ 19.723277] show_stack+0x20/0x38 (C) [ 19.723347] dump_stack_lvl+0x8c/0xd0 [ 19.723486] print_report+0x118/0x5d0 [ 19.723582] kasan_report+0xdc/0x128 [ 19.723637] kasan_check_range+0x100/0x1a8 [ 19.723687] __kasan_check_read+0x20/0x30 [ 19.723748] copy_user_test_oob+0x728/0xec8 [ 19.723798] kunit_try_run_case+0x170/0x3f0 [ 19.724059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.724216] kthread+0x328/0x630 [ 19.724297] ret_from_fork+0x10/0x20 [ 19.724678] [ 19.724806] Allocated by task 286: [ 19.724893] kasan_save_stack+0x3c/0x68 [ 19.724940] kasan_save_track+0x20/0x40 [ 19.725285] kasan_save_alloc_info+0x40/0x58 [ 19.725396] __kasan_kmalloc+0xd4/0xd8 [ 19.725517] __kmalloc_noprof+0x198/0x4c8 [ 19.725598] kunit_kmalloc_array+0x34/0x88 [ 19.725644] copy_user_test_oob+0xac/0xec8 [ 19.725779] kunit_try_run_case+0x170/0x3f0 [ 19.726001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726092] kthread+0x328/0x630 [ 19.726193] ret_from_fork+0x10/0x20 [ 19.726281] [ 19.726355] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.726355] which belongs to the cache kmalloc-128 of size 128 [ 19.726419] The buggy address is located 0 bytes inside of [ 19.726419] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.726484] [ 19.726509] The buggy address belongs to the physical page: [ 19.726542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.726884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.727012] page_type: f5(slab) [ 19.727085] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.727165] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.727215] page dumped because: kasan: bad access detected [ 19.727286] [ 19.727623] Memory state around the buggy address: [ 19.727729] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.727843] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.727891] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.727932] ^ [ 19.728089] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.728137] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.728353] ================================================================== [ 19.753308] ================================================================== [ 19.753393] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.753539] Read of size 121 at addr fff00000c5ae0b00 by task kunit_try_catch/286 [ 19.753601] [ 19.753790] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.753909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.753970] Hardware name: linux,dummy-virt (DT) [ 19.754011] Call trace: [ 19.754035] show_stack+0x20/0x38 (C) [ 19.754106] dump_stack_lvl+0x8c/0xd0 [ 19.754421] print_report+0x118/0x5d0 [ 19.754493] kasan_report+0xdc/0x128 [ 19.754585] kasan_check_range+0x100/0x1a8 [ 19.754637] __kasan_check_read+0x20/0x30 [ 19.754684] copy_user_test_oob+0x4a0/0xec8 [ 19.754812] kunit_try_run_case+0x170/0x3f0 [ 19.754871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.754928] kthread+0x328/0x630 [ 19.755203] ret_from_fork+0x10/0x20 [ 19.755391] [ 19.755684] Allocated by task 286: [ 19.755768] kasan_save_stack+0x3c/0x68 [ 19.755836] kasan_save_track+0x20/0x40 [ 19.755876] kasan_save_alloc_info+0x40/0x58 [ 19.755920] __kasan_kmalloc+0xd4/0xd8 [ 19.756072] __kmalloc_noprof+0x198/0x4c8 [ 19.756249] kunit_kmalloc_array+0x34/0x88 [ 19.756374] copy_user_test_oob+0xac/0xec8 [ 19.756488] kunit_try_run_case+0x170/0x3f0 [ 19.756658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756875] kthread+0x328/0x630 [ 19.757021] ret_from_fork+0x10/0x20 [ 19.757091] [ 19.757115] The buggy address belongs to the object at fff00000c5ae0b00 [ 19.757115] which belongs to the cache kmalloc-128 of size 128 [ 19.757205] The buggy address is located 0 bytes inside of [ 19.757205] allocated 120-byte region [fff00000c5ae0b00, fff00000c5ae0b78) [ 19.757273] [ 19.757295] The buggy address belongs to the physical page: [ 19.757328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.757405] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.757456] page_type: f5(slab) [ 19.757495] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.757558] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.757610] page dumped because: kasan: bad access detected [ 19.757661] [ 19.757681] Memory state around the buggy address: [ 19.757746] fff00000c5ae0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.757793] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.757853] >fff00000c5ae0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.757920] ^ [ 19.757963] fff00000c5ae0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758036] fff00000c5ae0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.758092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.663260] ================================================================== [ 19.663345] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.663775] Read of size 8 at addr fff00000c5ae0a78 by task kunit_try_catch/282 [ 19.663930] [ 19.664027] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.664307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.664378] Hardware name: linux,dummy-virt (DT) [ 19.664620] Call trace: [ 19.664764] show_stack+0x20/0x38 (C) [ 19.664829] dump_stack_lvl+0x8c/0xd0 [ 19.664956] print_report+0x118/0x5d0 [ 19.665025] kasan_report+0xdc/0x128 [ 19.665101] __asan_report_load8_noabort+0x20/0x30 [ 19.665472] copy_to_kernel_nofault+0x204/0x250 [ 19.665810] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.665903] kunit_try_run_case+0x170/0x3f0 [ 19.666063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.666138] kthread+0x328/0x630 [ 19.666270] ret_from_fork+0x10/0x20 [ 19.666360] [ 19.666408] Allocated by task 282: [ 19.666465] kasan_save_stack+0x3c/0x68 [ 19.666899] kasan_save_track+0x20/0x40 [ 19.666974] kasan_save_alloc_info+0x40/0x58 [ 19.667093] __kasan_kmalloc+0xd4/0xd8 [ 19.667174] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.667292] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.667466] kunit_try_run_case+0x170/0x3f0 [ 19.667523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667585] kthread+0x328/0x630 [ 19.667765] ret_from_fork+0x10/0x20 [ 19.667999] [ 19.668055] The buggy address belongs to the object at fff00000c5ae0a00 [ 19.668055] which belongs to the cache kmalloc-128 of size 128 [ 19.668205] The buggy address is located 0 bytes to the right of [ 19.668205] allocated 120-byte region [fff00000c5ae0a00, fff00000c5ae0a78) [ 19.668434] [ 19.668645] The buggy address belongs to the physical page: [ 19.668712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.669222] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.669315] page_type: f5(slab) [ 19.669674] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.669803] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.669904] page dumped because: kasan: bad access detected [ 19.669973] [ 19.670111] Memory state around the buggy address: [ 19.670172] fff00000c5ae0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.670504] fff00000c5ae0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670642] >fff00000c5ae0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.670781] ^ [ 19.670848] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670996] fff00000c5ae0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671072] ================================================================== [ 19.673671] ================================================================== [ 19.673741] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.673803] Write of size 8 at addr fff00000c5ae0a78 by task kunit_try_catch/282 [ 19.673860] [ 19.673891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.673975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.674013] Hardware name: linux,dummy-virt (DT) [ 19.674046] Call trace: [ 19.674084] show_stack+0x20/0x38 (C) [ 19.674135] dump_stack_lvl+0x8c/0xd0 [ 19.674193] print_report+0x118/0x5d0 [ 19.675469] kasan_report+0xdc/0x128 [ 19.675519] kasan_check_range+0x100/0x1a8 [ 19.675685] __kasan_check_write+0x20/0x30 [ 19.675742] copy_to_kernel_nofault+0x8c/0x250 [ 19.675792] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.675843] kunit_try_run_case+0x170/0x3f0 [ 19.675891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.675947] kthread+0x328/0x630 [ 19.675991] ret_from_fork+0x10/0x20 [ 19.676041] [ 19.676062] Allocated by task 282: [ 19.676091] kasan_save_stack+0x3c/0x68 [ 19.676134] kasan_save_track+0x20/0x40 [ 19.676174] kasan_save_alloc_info+0x40/0x58 [ 19.677794] __kasan_kmalloc+0xd4/0xd8 [ 19.678202] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.678927] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.678984] kunit_try_run_case+0x170/0x3f0 [ 19.679288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.679507] kthread+0x328/0x630 [ 19.679609] ret_from_fork+0x10/0x20 [ 19.679650] [ 19.679992] The buggy address belongs to the object at fff00000c5ae0a00 [ 19.679992] which belongs to the cache kmalloc-128 of size 128 [ 19.680435] The buggy address is located 0 bytes to the right of [ 19.680435] allocated 120-byte region [fff00000c5ae0a00, fff00000c5ae0a78) [ 19.680692] [ 19.680898] The buggy address belongs to the physical page: [ 19.681159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 19.681261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.681312] page_type: f5(slab) [ 19.681353] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.681406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.681450] page dumped because: kasan: bad access detected [ 19.681484] [ 19.681504] Memory state around the buggy address: [ 19.681535] fff00000c5ae0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.682319] fff00000c5ae0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.682372] >fff00000c5ae0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.682415] ^ [ 19.682459] fff00000c5ae0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.682504] fff00000c5ae0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.682547] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.566887] ================================================================== [ 19.566959] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.567061] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 19.567115] [ 19.567154] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.567300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.567334] Hardware name: linux,dummy-virt (DT) [ 19.567369] Call trace: [ 19.568281] show_stack+0x20/0x38 (C) [ 19.568380] dump_stack_lvl+0x8c/0xd0 [ 19.568452] print_report+0x310/0x5d0 [ 19.568541] kasan_report+0xdc/0x128 [ 19.568625] __asan_report_load1_noabort+0x20/0x30 [ 19.568696] vmalloc_oob+0x578/0x5d0 [ 19.568966] kunit_try_run_case+0x170/0x3f0 [ 19.569208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.569321] kthread+0x328/0x630 [ 19.569368] ret_from_fork+0x10/0x20 [ 19.569726] [ 19.569799] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 19.569903] The buggy address belongs to the physical page: [ 19.569940] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae9 [ 19.570278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.570470] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.570544] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.570606] page dumped because: kasan: bad access detected [ 19.570901] [ 19.570990] Memory state around the buggy address: [ 19.571083] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.571168] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.571293] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.571358] ^ [ 19.571540] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.571733] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.571859] ================================================================== [ 19.573523] ================================================================== [ 19.573587] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.573858] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 19.574882] [ 19.574936] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.575089] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.575342] Hardware name: linux,dummy-virt (DT) [ 19.575375] Call trace: [ 19.575398] show_stack+0x20/0x38 (C) [ 19.575450] dump_stack_lvl+0x8c/0xd0 [ 19.575496] print_report+0x310/0x5d0 [ 19.575543] kasan_report+0xdc/0x128 [ 19.576316] __asan_report_load1_noabort+0x20/0x30 [ 19.576553] vmalloc_oob+0x51c/0x5d0 [ 19.576599] kunit_try_run_case+0x170/0x3f0 [ 19.576649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577198] kthread+0x328/0x630 [ 19.577654] ret_from_fork+0x10/0x20 [ 19.578153] [ 19.578424] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 19.578564] The buggy address belongs to the physical page: [ 19.578864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae9 [ 19.579074] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.579139] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.580060] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.580117] page dumped because: kasan: bad access detected [ 19.580215] [ 19.580338] Memory state around the buggy address: [ 19.580518] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.580867] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.581285] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.581680] ^ [ 19.581768] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.581971] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.582534] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.418197] ================================================================== [ 19.418251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.418390] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.418449] [ 19.418481] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.418720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.418878] Hardware name: linux,dummy-virt (DT) [ 19.418915] Call trace: [ 19.418941] show_stack+0x20/0x38 (C) [ 19.419080] dump_stack_lvl+0x8c/0xd0 [ 19.419141] print_report+0x118/0x5d0 [ 19.419266] kasan_report+0xdc/0x128 [ 19.419318] kasan_check_range+0x100/0x1a8 [ 19.419447] __kasan_check_write+0x20/0x30 [ 19.419537] kasan_atomics_helper+0xff0/0x4858 [ 19.419680] kasan_atomics+0x198/0x2e0 [ 19.419778] kunit_try_run_case+0x170/0x3f0 [ 19.419852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.419907] kthread+0x328/0x630 [ 19.419948] ret_from_fork+0x10/0x20 [ 19.420199] [ 19.420226] Allocated by task 266: [ 19.420308] kasan_save_stack+0x3c/0x68 [ 19.420387] kasan_save_track+0x20/0x40 [ 19.420452] kasan_save_alloc_info+0x40/0x58 [ 19.420686] __kasan_kmalloc+0xd4/0xd8 [ 19.420897] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.421012] kasan_atomics+0xb8/0x2e0 [ 19.421127] kunit_try_run_case+0x170/0x3f0 [ 19.421193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.421260] kthread+0x328/0x630 [ 19.421296] ret_from_fork+0x10/0x20 [ 19.421334] [ 19.421356] The buggy address belongs to the object at fff00000c5aee400 [ 19.421356] which belongs to the cache kmalloc-64 of size 64 [ 19.421471] The buggy address is located 0 bytes to the right of [ 19.421471] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.421541] [ 19.421572] The buggy address belongs to the physical page: [ 19.421615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.421684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.421750] page_type: f5(slab) [ 19.421790] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.421845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.421889] page dumped because: kasan: bad access detected [ 19.421933] [ 19.421954] Memory state around the buggy address: [ 19.422017] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.422064] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.422119] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.422160] ^ [ 19.422489] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422803] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422941] ================================================================== [ 19.460526] ================================================================== [ 19.460578] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.460626] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.460679] [ 19.460709] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.460791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.460820] Hardware name: linux,dummy-virt (DT) [ 19.460853] Call trace: [ 19.460876] show_stack+0x20/0x38 (C) [ 19.460924] dump_stack_lvl+0x8c/0xd0 [ 19.460969] print_report+0x118/0x5d0 [ 19.461017] kasan_report+0xdc/0x128 [ 19.461062] kasan_check_range+0x100/0x1a8 [ 19.461111] __kasan_check_write+0x20/0x30 [ 19.461156] kasan_atomics_helper+0x1384/0x4858 [ 19.461489] kasan_atomics+0x198/0x2e0 [ 19.461589] kunit_try_run_case+0x170/0x3f0 [ 19.461655] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.461710] kthread+0x328/0x630 [ 19.461754] ret_from_fork+0x10/0x20 [ 19.461838] [ 19.461923] Allocated by task 266: [ 19.461972] kasan_save_stack+0x3c/0x68 [ 19.462089] kasan_save_track+0x20/0x40 [ 19.462155] kasan_save_alloc_info+0x40/0x58 [ 19.462242] __kasan_kmalloc+0xd4/0xd8 [ 19.462342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.462428] kasan_atomics+0xb8/0x2e0 [ 19.462485] kunit_try_run_case+0x170/0x3f0 [ 19.462524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462570] kthread+0x328/0x630 [ 19.462663] ret_from_fork+0x10/0x20 [ 19.462717] [ 19.462740] The buggy address belongs to the object at fff00000c5aee400 [ 19.462740] which belongs to the cache kmalloc-64 of size 64 [ 19.462801] The buggy address is located 0 bytes to the right of [ 19.462801] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.463015] [ 19.463037] The buggy address belongs to the physical page: [ 19.463212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.463286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.463341] page_type: f5(slab) [ 19.463487] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.463587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.463710] page dumped because: kasan: bad access detected [ 19.464037] [ 19.464113] Memory state around the buggy address: [ 19.464289] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.464428] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.464477] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.464518] ^ [ 19.465221] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.465388] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.465477] ================================================================== [ 19.518457] ================================================================== [ 19.518517] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.518821] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.519025] [ 19.519075] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.519207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.519285] Hardware name: linux,dummy-virt (DT) [ 19.519321] Call trace: [ 19.519347] show_stack+0x20/0x38 (C) [ 19.519417] dump_stack_lvl+0x8c/0xd0 [ 19.519562] print_report+0x118/0x5d0 [ 19.519639] kasan_report+0xdc/0x128 [ 19.519775] kasan_check_range+0x100/0x1a8 [ 19.519839] __kasan_check_write+0x20/0x30 [ 19.519951] kasan_atomics_helper+0x16d0/0x4858 [ 19.520009] kasan_atomics+0x198/0x2e0 [ 19.520158] kunit_try_run_case+0x170/0x3f0 [ 19.520230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.520355] kthread+0x328/0x630 [ 19.520435] ret_from_fork+0x10/0x20 [ 19.520568] [ 19.520619] Allocated by task 266: [ 19.520863] kasan_save_stack+0x3c/0x68 [ 19.520954] kasan_save_track+0x20/0x40 [ 19.521020] kasan_save_alloc_info+0x40/0x58 [ 19.521131] __kasan_kmalloc+0xd4/0xd8 [ 19.521219] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.521320] kasan_atomics+0xb8/0x2e0 [ 19.521390] kunit_try_run_case+0x170/0x3f0 [ 19.521488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.521561] kthread+0x328/0x630 [ 19.521609] ret_from_fork+0x10/0x20 [ 19.521776] [ 19.521800] The buggy address belongs to the object at fff00000c5aee400 [ 19.521800] which belongs to the cache kmalloc-64 of size 64 [ 19.521907] The buggy address is located 0 bytes to the right of [ 19.521907] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.522050] [ 19.522089] The buggy address belongs to the physical page: [ 19.522165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.522266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.522317] page_type: f5(slab) [ 19.522358] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.522415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.522458] page dumped because: kasan: bad access detected [ 19.522493] [ 19.522514] Memory state around the buggy address: [ 19.522550] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.522618] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.522675] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.522733] ^ [ 19.522778] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.522836] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.522898] ================================================================== [ 19.412015] ================================================================== [ 19.412114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.412166] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.412233] [ 19.412265] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.412360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.412388] Hardware name: linux,dummy-virt (DT) [ 19.412534] Call trace: [ 19.412571] show_stack+0x20/0x38 (C) [ 19.412640] dump_stack_lvl+0x8c/0xd0 [ 19.412738] print_report+0x118/0x5d0 [ 19.412808] kasan_report+0xdc/0x128 [ 19.412862] kasan_check_range+0x100/0x1a8 [ 19.412961] __kasan_check_write+0x20/0x30 [ 19.413026] kasan_atomics_helper+0xf88/0x4858 [ 19.413092] kasan_atomics+0x198/0x2e0 [ 19.413303] kunit_try_run_case+0x170/0x3f0 [ 19.413835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.413899] kthread+0x328/0x630 [ 19.413950] ret_from_fork+0x10/0x20 [ 19.414005] [ 19.414033] Allocated by task 266: [ 19.414062] kasan_save_stack+0x3c/0x68 [ 19.414106] kasan_save_track+0x20/0x40 [ 19.414145] kasan_save_alloc_info+0x40/0x58 [ 19.414196] __kasan_kmalloc+0xd4/0xd8 [ 19.414236] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.414277] kasan_atomics+0xb8/0x2e0 [ 19.414315] kunit_try_run_case+0x170/0x3f0 [ 19.414556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.414799] kthread+0x328/0x630 [ 19.414843] ret_from_fork+0x10/0x20 [ 19.414890] [ 19.415023] The buggy address belongs to the object at fff00000c5aee400 [ 19.415023] which belongs to the cache kmalloc-64 of size 64 [ 19.415105] The buggy address is located 0 bytes to the right of [ 19.415105] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.415294] [ 19.415423] The buggy address belongs to the physical page: [ 19.415507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.415655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.415733] page_type: f5(slab) [ 19.415994] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.416081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.416195] page dumped because: kasan: bad access detected [ 19.416250] [ 19.416302] Memory state around the buggy address: [ 19.416463] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.416583] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.416725] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.416871] ^ [ 19.416968] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.417020] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.417105] ================================================================== [ 19.389624] ================================================================== [ 19.389706] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.389773] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.389856] [ 19.389905] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.390014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.390053] Hardware name: linux,dummy-virt (DT) [ 19.390091] Call trace: [ 19.390220] show_stack+0x20/0x38 (C) [ 19.390284] dump_stack_lvl+0x8c/0xd0 [ 19.390340] print_report+0x118/0x5d0 [ 19.390473] kasan_report+0xdc/0x128 [ 19.390520] kasan_check_range+0x100/0x1a8 [ 19.390576] __kasan_check_write+0x20/0x30 [ 19.390631] kasan_atomics_helper+0xe44/0x4858 [ 19.390681] kasan_atomics+0x198/0x2e0 [ 19.390755] kunit_try_run_case+0x170/0x3f0 [ 19.390822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.390885] kthread+0x328/0x630 [ 19.390938] ret_from_fork+0x10/0x20 [ 19.390991] [ 19.391019] Allocated by task 266: [ 19.391067] kasan_save_stack+0x3c/0x68 [ 19.391110] kasan_save_track+0x20/0x40 [ 19.391150] kasan_save_alloc_info+0x40/0x58 [ 19.391216] __kasan_kmalloc+0xd4/0xd8 [ 19.391256] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.391298] kasan_atomics+0xb8/0x2e0 [ 19.391336] kunit_try_run_case+0x170/0x3f0 [ 19.391500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.391622] kthread+0x328/0x630 [ 19.391695] ret_from_fork+0x10/0x20 [ 19.391744] [ 19.391779] The buggy address belongs to the object at fff00000c5aee400 [ 19.391779] which belongs to the cache kmalloc-64 of size 64 [ 19.391841] The buggy address is located 0 bytes to the right of [ 19.391841] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.391919] [ 19.391949] The buggy address belongs to the physical page: [ 19.392001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.392055] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.392105] page_type: f5(slab) [ 19.392382] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.392456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.392652] page dumped because: kasan: bad access detected [ 19.392706] [ 19.392824] Memory state around the buggy address: [ 19.392879] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.392951] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.393196] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.393310] ^ [ 19.393377] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.393522] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.393621] ================================================================== [ 19.482784] ================================================================== [ 19.482954] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.483008] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.483061] [ 19.483136] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.483244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.483483] Hardware name: linux,dummy-virt (DT) [ 19.483539] Call trace: [ 19.483604] show_stack+0x20/0x38 (C) [ 19.483673] dump_stack_lvl+0x8c/0xd0 [ 19.483906] print_report+0x118/0x5d0 [ 19.484047] kasan_report+0xdc/0x128 [ 19.484123] kasan_check_range+0x100/0x1a8 [ 19.484210] __kasan_check_write+0x20/0x30 [ 19.484258] kasan_atomics_helper+0x14e4/0x4858 [ 19.484618] kasan_atomics+0x198/0x2e0 [ 19.484775] kunit_try_run_case+0x170/0x3f0 [ 19.484862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.485201] kthread+0x328/0x630 [ 19.485287] ret_from_fork+0x10/0x20 [ 19.485442] [ 19.485526] Allocated by task 266: [ 19.485588] kasan_save_stack+0x3c/0x68 [ 19.485742] kasan_save_track+0x20/0x40 [ 19.485824] kasan_save_alloc_info+0x40/0x58 [ 19.485892] __kasan_kmalloc+0xd4/0xd8 [ 19.485930] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.486221] kasan_atomics+0xb8/0x2e0 [ 19.486329] kunit_try_run_case+0x170/0x3f0 [ 19.486407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.486631] kthread+0x328/0x630 [ 19.486931] ret_from_fork+0x10/0x20 [ 19.487165] [ 19.487224] The buggy address belongs to the object at fff00000c5aee400 [ 19.487224] which belongs to the cache kmalloc-64 of size 64 [ 19.487488] The buggy address is located 0 bytes to the right of [ 19.487488] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.487758] [ 19.487800] The buggy address belongs to the physical page: [ 19.487834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.487890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.488117] page_type: f5(slab) [ 19.488335] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.488409] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.488654] page dumped because: kasan: bad access detected [ 19.488849] [ 19.488934] Memory state around the buggy address: [ 19.488994] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.489041] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.489333] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.489440] ^ [ 19.489504] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.489714] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.489787] ================================================================== [ 19.506883] ================================================================== [ 19.506948] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.506997] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.507051] [ 19.507081] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.507163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.507204] Hardware name: linux,dummy-virt (DT) [ 19.507238] Call trace: [ 19.507262] show_stack+0x20/0x38 (C) [ 19.507310] dump_stack_lvl+0x8c/0xd0 [ 19.507357] print_report+0x118/0x5d0 [ 19.507676] kasan_report+0xdc/0x128 [ 19.507883] kasan_check_range+0x100/0x1a8 [ 19.507940] __kasan_check_write+0x20/0x30 [ 19.507986] kasan_atomics_helper+0x1644/0x4858 [ 19.508349] kasan_atomics+0x198/0x2e0 [ 19.508433] kunit_try_run_case+0x170/0x3f0 [ 19.508725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.508814] kthread+0x328/0x630 [ 19.508989] ret_from_fork+0x10/0x20 [ 19.509074] [ 19.509124] Allocated by task 266: [ 19.509155] kasan_save_stack+0x3c/0x68 [ 19.509473] kasan_save_track+0x20/0x40 [ 19.509567] kasan_save_alloc_info+0x40/0x58 [ 19.509838] __kasan_kmalloc+0xd4/0xd8 [ 19.509915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.510061] kasan_atomics+0xb8/0x2e0 [ 19.510138] kunit_try_run_case+0x170/0x3f0 [ 19.510219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.510634] kthread+0x328/0x630 [ 19.510713] ret_from_fork+0x10/0x20 [ 19.510780] [ 19.510867] The buggy address belongs to the object at fff00000c5aee400 [ 19.510867] which belongs to the cache kmalloc-64 of size 64 [ 19.510932] The buggy address is located 0 bytes to the right of [ 19.510932] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.511034] [ 19.511264] The buggy address belongs to the physical page: [ 19.511935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.512033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.512214] page_type: f5(slab) [ 19.512384] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.512456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.512504] page dumped because: kasan: bad access detected [ 19.512546] [ 19.512568] Memory state around the buggy address: [ 19.512603] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.512650] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.512785] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.512854] ^ [ 19.512985] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.513069] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.513353] ================================================================== [ 19.513783] ================================================================== [ 19.513836] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.513885] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.513963] [ 19.514008] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.514237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.514284] Hardware name: linux,dummy-virt (DT) [ 19.514384] Call trace: [ 19.514410] show_stack+0x20/0x38 (C) [ 19.514463] dump_stack_lvl+0x8c/0xd0 [ 19.514517] print_report+0x118/0x5d0 [ 19.514596] kasan_report+0xdc/0x128 [ 19.514646] __asan_report_load8_noabort+0x20/0x30 [ 19.514709] kasan_atomics_helper+0x3df4/0x4858 [ 19.514779] kasan_atomics+0x198/0x2e0 [ 19.514827] kunit_try_run_case+0x170/0x3f0 [ 19.514876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.514931] kthread+0x328/0x630 [ 19.514972] ret_from_fork+0x10/0x20 [ 19.515031] [ 19.515059] Allocated by task 266: [ 19.515096] kasan_save_stack+0x3c/0x68 [ 19.515139] kasan_save_track+0x20/0x40 [ 19.515208] kasan_save_alloc_info+0x40/0x58 [ 19.515251] __kasan_kmalloc+0xd4/0xd8 [ 19.515289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.515330] kasan_atomics+0xb8/0x2e0 [ 19.515366] kunit_try_run_case+0x170/0x3f0 [ 19.515706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.515944] kthread+0x328/0x630 [ 19.516036] ret_from_fork+0x10/0x20 [ 19.516074] [ 19.516104] The buggy address belongs to the object at fff00000c5aee400 [ 19.516104] which belongs to the cache kmalloc-64 of size 64 [ 19.516167] The buggy address is located 0 bytes to the right of [ 19.516167] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.516323] [ 19.516394] The buggy address belongs to the physical page: [ 19.516526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.516601] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.516667] page_type: f5(slab) [ 19.516885] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.517027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.517124] page dumped because: kasan: bad access detected [ 19.517240] [ 19.517261] Memory state around the buggy address: [ 19.517296] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.517379] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.517447] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.517613] ^ [ 19.517775] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517831] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517899] ================================================================== [ 19.473402] ================================================================== [ 19.473481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.473537] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.473591] [ 19.473629] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.473713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.473875] Hardware name: linux,dummy-virt (DT) [ 19.473917] Call trace: [ 19.473944] show_stack+0x20/0x38 (C) [ 19.474106] dump_stack_lvl+0x8c/0xd0 [ 19.474153] print_report+0x118/0x5d0 [ 19.474332] kasan_report+0xdc/0x128 [ 19.474387] kasan_check_range+0x100/0x1a8 [ 19.474438] __kasan_check_write+0x20/0x30 [ 19.474492] kasan_atomics_helper+0x1414/0x4858 [ 19.474542] kasan_atomics+0x198/0x2e0 [ 19.474655] kunit_try_run_case+0x170/0x3f0 [ 19.474713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.474768] kthread+0x328/0x630 [ 19.474811] ret_from_fork+0x10/0x20 [ 19.474857] [ 19.474877] Allocated by task 266: [ 19.474907] kasan_save_stack+0x3c/0x68 [ 19.474948] kasan_save_track+0x20/0x40 [ 19.474993] kasan_save_alloc_info+0x40/0x58 [ 19.475034] __kasan_kmalloc+0xd4/0xd8 [ 19.475073] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.475118] kasan_atomics+0xb8/0x2e0 [ 19.475158] kunit_try_run_case+0x170/0x3f0 [ 19.475215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.475262] kthread+0x328/0x630 [ 19.475304] ret_from_fork+0x10/0x20 [ 19.475342] [ 19.475364] The buggy address belongs to the object at fff00000c5aee400 [ 19.475364] which belongs to the cache kmalloc-64 of size 64 [ 19.475425] The buggy address is located 0 bytes to the right of [ 19.475425] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.475493] [ 19.475514] The buggy address belongs to the physical page: [ 19.475548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.475608] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.475658] page_type: f5(slab) [ 19.475698] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.475752] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.475821] page dumped because: kasan: bad access detected [ 19.475965] [ 19.475987] Memory state around the buggy address: [ 19.476020] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.476120] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.476262] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.476324] ^ [ 19.476358] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.476413] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.476455] ================================================================== [ 19.383554] ================================================================== [ 19.383833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.383896] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.383979] [ 19.384050] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.384162] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.384228] Hardware name: linux,dummy-virt (DT) [ 19.384312] Call trace: [ 19.384343] show_stack+0x20/0x38 (C) [ 19.384392] dump_stack_lvl+0x8c/0xd0 [ 19.384442] print_report+0x118/0x5d0 [ 19.384490] kasan_report+0xdc/0x128 [ 19.384536] __asan_report_load8_noabort+0x20/0x30 [ 19.384932] kasan_atomics_helper+0x3f58/0x4858 [ 19.385043] kasan_atomics+0x198/0x2e0 [ 19.385140] kunit_try_run_case+0x170/0x3f0 [ 19.385337] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.385470] kthread+0x328/0x630 [ 19.385588] ret_from_fork+0x10/0x20 [ 19.385712] [ 19.385748] Allocated by task 266: [ 19.385834] kasan_save_stack+0x3c/0x68 [ 19.385910] kasan_save_track+0x20/0x40 [ 19.385971] kasan_save_alloc_info+0x40/0x58 [ 19.386049] __kasan_kmalloc+0xd4/0xd8 [ 19.386116] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.386188] kasan_atomics+0xb8/0x2e0 [ 19.386252] kunit_try_run_case+0x170/0x3f0 [ 19.386328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.386432] kthread+0x328/0x630 [ 19.386478] ret_from_fork+0x10/0x20 [ 19.386514] [ 19.387104] The buggy address belongs to the object at fff00000c5aee400 [ 19.387104] which belongs to the cache kmalloc-64 of size 64 [ 19.387220] The buggy address is located 0 bytes to the right of [ 19.387220] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.387422] [ 19.387648] The buggy address belongs to the physical page: [ 19.387785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.387887] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.387969] page_type: f5(slab) [ 19.388010] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.388064] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.388107] page dumped because: kasan: bad access detected [ 19.388139] [ 19.388158] Memory state around the buggy address: [ 19.388203] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.388398] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.388476] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.388611] ^ [ 19.388648] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.388708] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.388798] ================================================================== [ 19.496407] ================================================================== [ 19.496459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.496699] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.496779] [ 19.496829] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.496916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.496945] Hardware name: linux,dummy-virt (DT) [ 19.497067] Call trace: [ 19.497103] show_stack+0x20/0x38 (C) [ 19.497154] dump_stack_lvl+0x8c/0xd0 [ 19.497406] print_report+0x118/0x5d0 [ 19.497474] kasan_report+0xdc/0x128 [ 19.497607] kasan_check_range+0x100/0x1a8 [ 19.497661] __kasan_check_write+0x20/0x30 [ 19.497726] kasan_atomics_helper+0x15b4/0x4858 [ 19.497785] kasan_atomics+0x198/0x2e0 [ 19.497830] kunit_try_run_case+0x170/0x3f0 [ 19.498046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.498138] kthread+0x328/0x630 [ 19.498245] ret_from_fork+0x10/0x20 [ 19.498385] [ 19.498424] Allocated by task 266: [ 19.498461] kasan_save_stack+0x3c/0x68 [ 19.498505] kasan_save_track+0x20/0x40 [ 19.498551] kasan_save_alloc_info+0x40/0x58 [ 19.498659] __kasan_kmalloc+0xd4/0xd8 [ 19.498714] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.498758] kasan_atomics+0xb8/0x2e0 [ 19.498794] kunit_try_run_case+0x170/0x3f0 [ 19.498833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.498880] kthread+0x328/0x630 [ 19.498913] ret_from_fork+0x10/0x20 [ 19.498951] [ 19.498972] The buggy address belongs to the object at fff00000c5aee400 [ 19.498972] which belongs to the cache kmalloc-64 of size 64 [ 19.499033] The buggy address is located 0 bytes to the right of [ 19.499033] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.499105] [ 19.499127] The buggy address belongs to the physical page: [ 19.499161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.499225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.499275] page_type: f5(slab) [ 19.499315] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.499368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.499412] page dumped because: kasan: bad access detected [ 19.499446] [ 19.499467] Memory state around the buggy address: [ 19.499515] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.499561] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.499607] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.499648] ^ [ 19.499681] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.499725] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.499767] ================================================================== [ 19.400776] ================================================================== [ 19.400859] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.400921] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.400973] [ 19.401083] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.401403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.401477] Hardware name: linux,dummy-virt (DT) [ 19.401512] Call trace: [ 19.401537] show_stack+0x20/0x38 (C) [ 19.401641] dump_stack_lvl+0x8c/0xd0 [ 19.401693] print_report+0x118/0x5d0 [ 19.401759] kasan_report+0xdc/0x128 [ 19.401863] kasan_check_range+0x100/0x1a8 [ 19.401917] __kasan_check_write+0x20/0x30 [ 19.401964] kasan_atomics_helper+0xeb8/0x4858 [ 19.402024] kasan_atomics+0x198/0x2e0 [ 19.402231] kunit_try_run_case+0x170/0x3f0 [ 19.402310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.402373] kthread+0x328/0x630 [ 19.402552] ret_from_fork+0x10/0x20 [ 19.402627] [ 19.402656] Allocated by task 266: [ 19.402693] kasan_save_stack+0x3c/0x68 [ 19.402782] kasan_save_track+0x20/0x40 [ 19.402826] kasan_save_alloc_info+0x40/0x58 [ 19.402869] __kasan_kmalloc+0xd4/0xd8 [ 19.402922] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.402971] kasan_atomics+0xb8/0x2e0 [ 19.403010] kunit_try_run_case+0x170/0x3f0 [ 19.403050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.403096] kthread+0x328/0x630 [ 19.403131] ret_from_fork+0x10/0x20 [ 19.403167] [ 19.403197] The buggy address belongs to the object at fff00000c5aee400 [ 19.403197] which belongs to the cache kmalloc-64 of size 64 [ 19.403260] The buggy address is located 0 bytes to the right of [ 19.403260] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.403338] [ 19.403360] The buggy address belongs to the physical page: [ 19.403729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.403810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.403953] page_type: f5(slab) [ 19.404021] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.404156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.404214] page dumped because: kasan: bad access detected [ 19.404250] [ 19.404293] Memory state around the buggy address: [ 19.404333] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.404380] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.404426] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.404468] ^ [ 19.404701] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404778] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.404910] ================================================================== [ 19.536631] ================================================================== [ 19.536691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.536740] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.536793] [ 19.537024] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.537209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.537245] Hardware name: linux,dummy-virt (DT) [ 19.537279] Call trace: [ 19.537315] show_stack+0x20/0x38 (C) [ 19.537376] dump_stack_lvl+0x8c/0xd0 [ 19.537592] print_report+0x118/0x5d0 [ 19.537691] kasan_report+0xdc/0x128 [ 19.537814] __asan_report_load8_noabort+0x20/0x30 [ 19.537872] kasan_atomics_helper+0x3e20/0x4858 [ 19.538065] kasan_atomics+0x198/0x2e0 [ 19.538230] kunit_try_run_case+0x170/0x3f0 [ 19.538325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.538398] kthread+0x328/0x630 [ 19.538604] ret_from_fork+0x10/0x20 [ 19.538696] [ 19.538785] Allocated by task 266: [ 19.538824] kasan_save_stack+0x3c/0x68 [ 19.538878] kasan_save_track+0x20/0x40 [ 19.538923] kasan_save_alloc_info+0x40/0x58 [ 19.538974] __kasan_kmalloc+0xd4/0xd8 [ 19.539011] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.539104] kasan_atomics+0xb8/0x2e0 [ 19.539150] kunit_try_run_case+0x170/0x3f0 [ 19.539202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.539424] kthread+0x328/0x630 [ 19.539620] ret_from_fork+0x10/0x20 [ 19.539700] [ 19.539803] The buggy address belongs to the object at fff00000c5aee400 [ 19.539803] which belongs to the cache kmalloc-64 of size 64 [ 19.539885] The buggy address is located 0 bytes to the right of [ 19.539885] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.540197] [ 19.540321] The buggy address belongs to the physical page: [ 19.540380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.540457] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.540516] page_type: f5(slab) [ 19.540735] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.540908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.541004] page dumped because: kasan: bad access detected [ 19.541138] [ 19.541199] Memory state around the buggy address: [ 19.541282] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.541484] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.541620] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.541697] ^ [ 19.541859] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.541911] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.541952] ================================================================== [ 19.444884] ================================================================== [ 19.444937] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.444986] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.445038] [ 19.445070] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.445153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.445194] Hardware name: linux,dummy-virt (DT) [ 19.445227] Call trace: [ 19.445252] show_stack+0x20/0x38 (C) [ 19.445301] dump_stack_lvl+0x8c/0xd0 [ 19.445349] print_report+0x118/0x5d0 [ 19.445395] kasan_report+0xdc/0x128 [ 19.445442] kasan_check_range+0x100/0x1a8 [ 19.445491] __kasan_check_write+0x20/0x30 [ 19.445537] kasan_atomics_helper+0x1190/0x4858 [ 19.445585] kasan_atomics+0x198/0x2e0 [ 19.445631] kunit_try_run_case+0x170/0x3f0 [ 19.445680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.445734] kthread+0x328/0x630 [ 19.445775] ret_from_fork+0x10/0x20 [ 19.445823] [ 19.445843] Allocated by task 266: [ 19.445871] kasan_save_stack+0x3c/0x68 [ 19.445913] kasan_save_track+0x20/0x40 [ 19.445951] kasan_save_alloc_info+0x40/0x58 [ 19.446004] __kasan_kmalloc+0xd4/0xd8 [ 19.446041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.446424] kasan_atomics+0xb8/0x2e0 [ 19.446464] kunit_try_run_case+0x170/0x3f0 [ 19.446505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.446550] kthread+0x328/0x630 [ 19.446584] ret_from_fork+0x10/0x20 [ 19.446621] [ 19.446645] The buggy address belongs to the object at fff00000c5aee400 [ 19.446645] which belongs to the cache kmalloc-64 of size 64 [ 19.446707] The buggy address is located 0 bytes to the right of [ 19.446707] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.446855] [ 19.446895] The buggy address belongs to the physical page: [ 19.446929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.446983] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.447033] page_type: f5(slab) [ 19.447072] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.447127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.447171] page dumped because: kasan: bad access detected [ 19.447216] [ 19.447237] Memory state around the buggy address: [ 19.447270] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.447317] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.447363] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.447476] ^ [ 19.447553] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.447739] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.447838] ================================================================== [ 19.430321] ================================================================== [ 19.430395] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.430451] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.430659] [ 19.430819] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.430927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.430964] Hardware name: linux,dummy-virt (DT) [ 19.431013] Call trace: [ 19.431160] show_stack+0x20/0x38 (C) [ 19.431255] dump_stack_lvl+0x8c/0xd0 [ 19.431390] print_report+0x118/0x5d0 [ 19.431448] kasan_report+0xdc/0x128 [ 19.431503] kasan_check_range+0x100/0x1a8 [ 19.431630] __kasan_check_write+0x20/0x30 [ 19.431705] kasan_atomics_helper+0x10c0/0x4858 [ 19.431770] kasan_atomics+0x198/0x2e0 [ 19.431825] kunit_try_run_case+0x170/0x3f0 [ 19.432051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.432242] kthread+0x328/0x630 [ 19.432321] ret_from_fork+0x10/0x20 [ 19.432464] [ 19.432487] Allocated by task 266: [ 19.432518] kasan_save_stack+0x3c/0x68 [ 19.432561] kasan_save_track+0x20/0x40 [ 19.432602] kasan_save_alloc_info+0x40/0x58 [ 19.432933] __kasan_kmalloc+0xd4/0xd8 [ 19.433000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.433076] kasan_atomics+0xb8/0x2e0 [ 19.433334] kunit_try_run_case+0x170/0x3f0 [ 19.433385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.433518] kthread+0x328/0x630 [ 19.433580] ret_from_fork+0x10/0x20 [ 19.433796] [ 19.433837] The buggy address belongs to the object at fff00000c5aee400 [ 19.433837] which belongs to the cache kmalloc-64 of size 64 [ 19.433903] The buggy address is located 0 bytes to the right of [ 19.433903] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.434028] [ 19.434076] The buggy address belongs to the physical page: [ 19.434773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.434840] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.434893] page_type: f5(slab) [ 19.434941] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.434997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.435050] page dumped because: kasan: bad access detected [ 19.435093] [ 19.435122] Memory state around the buggy address: [ 19.435157] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.435783] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.435993] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.436078] ^ [ 19.436123] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.436168] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.436219] ================================================================== [ 19.394125] ================================================================== [ 19.394272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.394325] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.394378] [ 19.394451] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.394551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.394588] Hardware name: linux,dummy-virt (DT) [ 19.394676] Call trace: [ 19.394700] show_stack+0x20/0x38 (C) [ 19.394757] dump_stack_lvl+0x8c/0xd0 [ 19.394812] print_report+0x118/0x5d0 [ 19.395027] kasan_report+0xdc/0x128 [ 19.395165] __asan_report_store8_noabort+0x20/0x30 [ 19.395235] kasan_atomics_helper+0x3e5c/0x4858 [ 19.395290] kasan_atomics+0x198/0x2e0 [ 19.395343] kunit_try_run_case+0x170/0x3f0 [ 19.395574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.395770] kthread+0x328/0x630 [ 19.395838] ret_from_fork+0x10/0x20 [ 19.395893] [ 19.395951] Allocated by task 266: [ 19.395993] kasan_save_stack+0x3c/0x68 [ 19.396039] kasan_save_track+0x20/0x40 [ 19.396175] kasan_save_alloc_info+0x40/0x58 [ 19.396239] __kasan_kmalloc+0xd4/0xd8 [ 19.396287] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.396337] kasan_atomics+0xb8/0x2e0 [ 19.396877] kunit_try_run_case+0x170/0x3f0 [ 19.397094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.397239] kthread+0x328/0x630 [ 19.397325] ret_from_fork+0x10/0x20 [ 19.397528] [ 19.397568] The buggy address belongs to the object at fff00000c5aee400 [ 19.397568] which belongs to the cache kmalloc-64 of size 64 [ 19.397631] The buggy address is located 0 bytes to the right of [ 19.397631] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.397933] [ 19.398029] The buggy address belongs to the physical page: [ 19.398086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.398191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.398462] page_type: f5(slab) [ 19.398536] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.398616] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.398664] page dumped because: kasan: bad access detected [ 19.398698] [ 19.398901] Memory state around the buggy address: [ 19.398992] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.399058] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.399104] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.399167] ^ [ 19.399216] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.399279] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.399321] ================================================================== [ 19.280283] ================================================================== [ 19.281867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.281940] Read of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.282218] [ 19.282472] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.282568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.282937] Hardware name: linux,dummy-virt (DT) [ 19.283203] Call trace: [ 19.283237] show_stack+0x20/0x38 (C) [ 19.283291] dump_stack_lvl+0x8c/0xd0 [ 19.283555] print_report+0x118/0x5d0 [ 19.283660] kasan_report+0xdc/0x128 [ 19.284136] __asan_report_load4_noabort+0x20/0x30 [ 19.284231] kasan_atomics_helper+0x42d8/0x4858 [ 19.284282] kasan_atomics+0x198/0x2e0 [ 19.285076] __kasan_kmalloc+0xd4/0xd8 [ 19.285115] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.285157] kasan_atomics+0xb8/0x2e0 [ 19.285493] The buggy address is located 0 bytes to the right of [ 19.285493] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.285641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.285766] page_type: f5(slab) [ 19.285812] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.285868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.286092] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.286187] ^ [ 19.286859] ================================================================== [ 19.453789] ================================================================== [ 19.453841] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.453891] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.453967] [ 19.454003] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.454086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.454115] Hardware name: linux,dummy-virt (DT) [ 19.454149] Call trace: [ 19.454172] show_stack+0x20/0x38 (C) [ 19.454240] dump_stack_lvl+0x8c/0xd0 [ 19.454286] print_report+0x118/0x5d0 [ 19.454345] kasan_report+0xdc/0x128 [ 19.454391] kasan_check_range+0x100/0x1a8 [ 19.454440] __kasan_check_write+0x20/0x30 [ 19.454486] kasan_atomics_helper+0x126c/0x4858 [ 19.454535] kasan_atomics+0x198/0x2e0 [ 19.454582] kunit_try_run_case+0x170/0x3f0 [ 19.454628] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.454691] kthread+0x328/0x630 [ 19.454743] ret_from_fork+0x10/0x20 [ 19.454791] [ 19.454820] Allocated by task 266: [ 19.454858] kasan_save_stack+0x3c/0x68 [ 19.454900] kasan_save_track+0x20/0x40 [ 19.454940] kasan_save_alloc_info+0x40/0x58 [ 19.454981] __kasan_kmalloc+0xd4/0xd8 [ 19.455020] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.455059] kasan_atomics+0xb8/0x2e0 [ 19.455098] kunit_try_run_case+0x170/0x3f0 [ 19.455136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.455191] kthread+0x328/0x630 [ 19.455225] ret_from_fork+0x10/0x20 [ 19.455263] [ 19.455285] The buggy address belongs to the object at fff00000c5aee400 [ 19.455285] which belongs to the cache kmalloc-64 of size 64 [ 19.455345] The buggy address is located 0 bytes to the right of [ 19.455345] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.455414] [ 19.455436] The buggy address belongs to the physical page: [ 19.455472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.455527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.455588] page_type: f5(slab) [ 19.455627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.455681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.455725] page dumped because: kasan: bad access detected [ 19.455759] [ 19.455780] Memory state around the buggy address: [ 19.455813] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.455859] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.455905] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.455947] ^ [ 19.455979] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456069] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456145] ================================================================== [ 19.476747] ================================================================== [ 19.476921] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.477585] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.477646] [ 19.477772] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.478147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.478228] Hardware name: linux,dummy-virt (DT) [ 19.478264] Call trace: [ 19.478289] show_stack+0x20/0x38 (C) [ 19.478348] dump_stack_lvl+0x8c/0xd0 [ 19.478464] print_report+0x118/0x5d0 [ 19.478530] kasan_report+0xdc/0x128 [ 19.478602] kasan_check_range+0x100/0x1a8 [ 19.478658] __kasan_check_write+0x20/0x30 [ 19.478959] kasan_atomics_helper+0x147c/0x4858 [ 19.479032] kasan_atomics+0x198/0x2e0 [ 19.479077] kunit_try_run_case+0x170/0x3f0 [ 19.479366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.479459] kthread+0x328/0x630 [ 19.479532] ret_from_fork+0x10/0x20 [ 19.479680] [ 19.479714] Allocated by task 266: [ 19.479743] kasan_save_stack+0x3c/0x68 [ 19.479787] kasan_save_track+0x20/0x40 [ 19.479826] kasan_save_alloc_info+0x40/0x58 [ 19.479972] __kasan_kmalloc+0xd4/0xd8 [ 19.480067] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.480218] kasan_atomics+0xb8/0x2e0 [ 19.480277] kunit_try_run_case+0x170/0x3f0 [ 19.480359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.480614] kthread+0x328/0x630 [ 19.480896] ret_from_fork+0x10/0x20 [ 19.481106] [ 19.481140] The buggy address belongs to the object at fff00000c5aee400 [ 19.481140] which belongs to the cache kmalloc-64 of size 64 [ 19.481231] The buggy address is located 0 bytes to the right of [ 19.481231] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.481318] [ 19.481340] The buggy address belongs to the physical page: [ 19.481374] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.481437] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.481496] page_type: f5(slab) [ 19.481537] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.481591] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.481636] page dumped because: kasan: bad access detected [ 19.481679] [ 19.481708] Memory state around the buggy address: [ 19.481747] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.481803] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.481858] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.481898] ^ [ 19.481940] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.482005] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.482076] ================================================================== [ 19.499852] ================================================================== [ 19.499894] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.499939] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.499990] [ 19.500020] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.500102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.500139] Hardware name: linux,dummy-virt (DT) [ 19.500173] Call trace: [ 19.500815] show_stack+0x20/0x38 (C) [ 19.500874] dump_stack_lvl+0x8c/0xd0 [ 19.501023] print_report+0x118/0x5d0 [ 19.501459] kasan_report+0xdc/0x128 [ 19.501536] __asan_report_load8_noabort+0x20/0x30 [ 19.501784] kasan_atomics_helper+0x3db0/0x4858 [ 19.501978] kasan_atomics+0x198/0x2e0 [ 19.502068] kunit_try_run_case+0x170/0x3f0 [ 19.502148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.502319] kthread+0x328/0x630 [ 19.502395] ret_from_fork+0x10/0x20 [ 19.502651] [ 19.502680] Allocated by task 266: [ 19.502713] kasan_save_stack+0x3c/0x68 [ 19.502756] kasan_save_track+0x20/0x40 [ 19.502837] kasan_save_alloc_info+0x40/0x58 [ 19.502967] __kasan_kmalloc+0xd4/0xd8 [ 19.503059] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.503133] kasan_atomics+0xb8/0x2e0 [ 19.503352] kunit_try_run_case+0x170/0x3f0 [ 19.503594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.503731] kthread+0x328/0x630 [ 19.503799] ret_from_fork+0x10/0x20 [ 19.503943] [ 19.504004] The buggy address belongs to the object at fff00000c5aee400 [ 19.504004] which belongs to the cache kmalloc-64 of size 64 [ 19.504084] The buggy address is located 0 bytes to the right of [ 19.504084] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.504325] [ 19.504390] The buggy address belongs to the physical page: [ 19.504482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.504603] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.504677] page_type: f5(slab) [ 19.504753] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.505060] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.505161] page dumped because: kasan: bad access detected [ 19.505234] [ 19.505334] Memory state around the buggy address: [ 19.505411] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.505485] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.505532] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.505841] ^ [ 19.506037] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.506118] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.506389] ================================================================== [ 19.523081] ================================================================== [ 19.523137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.523475] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.523790] [ 19.523919] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.524019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.524193] Hardware name: linux,dummy-virt (DT) [ 19.524260] Call trace: [ 19.524354] show_stack+0x20/0x38 (C) [ 19.524437] dump_stack_lvl+0x8c/0xd0 [ 19.524494] print_report+0x118/0x5d0 [ 19.524542] kasan_report+0xdc/0x128 [ 19.524590] __asan_report_load8_noabort+0x20/0x30 [ 19.524641] kasan_atomics_helper+0x3e10/0x4858 [ 19.524692] kasan_atomics+0x198/0x2e0 [ 19.524738] kunit_try_run_case+0x170/0x3f0 [ 19.524956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.525081] kthread+0x328/0x630 [ 19.525405] ret_from_fork+0x10/0x20 [ 19.525511] [ 19.525632] Allocated by task 266: [ 19.525712] kasan_save_stack+0x3c/0x68 [ 19.525818] kasan_save_track+0x20/0x40 [ 19.525888] kasan_save_alloc_info+0x40/0x58 [ 19.525940] __kasan_kmalloc+0xd4/0xd8 [ 19.525986] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.526299] kasan_atomics+0xb8/0x2e0 [ 19.526398] kunit_try_run_case+0x170/0x3f0 [ 19.526484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.526558] kthread+0x328/0x630 [ 19.526767] ret_from_fork+0x10/0x20 [ 19.526895] [ 19.526935] The buggy address belongs to the object at fff00000c5aee400 [ 19.526935] which belongs to the cache kmalloc-64 of size 64 [ 19.527018] The buggy address is located 0 bytes to the right of [ 19.527018] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.527158] [ 19.527214] The buggy address belongs to the physical page: [ 19.527310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.527422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.527478] page_type: f5(slab) [ 19.527516] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.527882] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.528044] page dumped because: kasan: bad access detected [ 19.528102] [ 19.528189] Memory state around the buggy address: [ 19.528389] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.528559] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.528653] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.528703] ^ [ 19.528740] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.528946] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.529116] ================================================================== [ 19.448639] ================================================================== [ 19.448724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.448773] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.448825] [ 19.448854] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.449121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.449163] Hardware name: linux,dummy-virt (DT) [ 19.449351] Call trace: [ 19.449395] show_stack+0x20/0x38 (C) [ 19.449445] dump_stack_lvl+0x8c/0xd0 [ 19.449490] print_report+0x118/0x5d0 [ 19.449538] kasan_report+0xdc/0x128 [ 19.449584] kasan_check_range+0x100/0x1a8 [ 19.449634] __kasan_check_write+0x20/0x30 [ 19.449688] kasan_atomics_helper+0x11f8/0x4858 [ 19.449741] kasan_atomics+0x198/0x2e0 [ 19.449795] kunit_try_run_case+0x170/0x3f0 [ 19.449843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.449897] kthread+0x328/0x630 [ 19.449949] ret_from_fork+0x10/0x20 [ 19.450010] [ 19.450030] Allocated by task 266: [ 19.450060] kasan_save_stack+0x3c/0x68 [ 19.450101] kasan_save_track+0x20/0x40 [ 19.450153] kasan_save_alloc_info+0x40/0x58 [ 19.450595] __kasan_kmalloc+0xd4/0xd8 [ 19.450726] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.450774] kasan_atomics+0xb8/0x2e0 [ 19.450814] kunit_try_run_case+0x170/0x3f0 [ 19.450862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.450947] kthread+0x328/0x630 [ 19.450982] ret_from_fork+0x10/0x20 [ 19.451352] [ 19.452066] The buggy address belongs to the object at fff00000c5aee400 [ 19.452066] which belongs to the cache kmalloc-64 of size 64 [ 19.452140] The buggy address is located 0 bytes to the right of [ 19.452140] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.452220] [ 19.452242] The buggy address belongs to the physical page: [ 19.452276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.452331] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.452380] page_type: f5(slab) [ 19.452420] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.452474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.452518] page dumped because: kasan: bad access detected [ 19.452552] [ 19.452573] Memory state around the buggy address: [ 19.452608] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.452654] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.452701] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.452742] ^ [ 19.452775] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.452821] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.452860] ================================================================== [ 19.456560] ================================================================== [ 19.456615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.456712] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.456795] [ 19.456842] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.456929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.456986] Hardware name: linux,dummy-virt (DT) [ 19.457020] Call trace: [ 19.457135] show_stack+0x20/0x38 (C) [ 19.457199] dump_stack_lvl+0x8c/0xd0 [ 19.457245] print_report+0x118/0x5d0 [ 19.457293] kasan_report+0xdc/0x128 [ 19.457339] kasan_check_range+0x100/0x1a8 [ 19.457388] __kasan_check_write+0x20/0x30 [ 19.457433] kasan_atomics_helper+0x12d8/0x4858 [ 19.457483] kasan_atomics+0x198/0x2e0 [ 19.457529] kunit_try_run_case+0x170/0x3f0 [ 19.457576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457631] kthread+0x328/0x630 [ 19.457674] ret_from_fork+0x10/0x20 [ 19.457720] [ 19.457740] Allocated by task 266: [ 19.457769] kasan_save_stack+0x3c/0x68 [ 19.457810] kasan_save_track+0x20/0x40 [ 19.457849] kasan_save_alloc_info+0x40/0x58 [ 19.457890] __kasan_kmalloc+0xd4/0xd8 [ 19.457944] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.457992] kasan_atomics+0xb8/0x2e0 [ 19.458046] kunit_try_run_case+0x170/0x3f0 [ 19.458086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.458133] kthread+0x328/0x630 [ 19.458206] ret_from_fork+0x10/0x20 [ 19.458263] [ 19.458292] The buggy address belongs to the object at fff00000c5aee400 [ 19.458292] which belongs to the cache kmalloc-64 of size 64 [ 19.458444] The buggy address is located 0 bytes to the right of [ 19.458444] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.458513] [ 19.458578] The buggy address belongs to the physical page: [ 19.458614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.458841] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.458922] page_type: f5(slab) [ 19.458980] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.459034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.459078] page dumped because: kasan: bad access detected [ 19.459112] [ 19.459148] Memory state around the buggy address: [ 19.459227] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.459292] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.459414] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.459541] ^ [ 19.459632] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.459773] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.459813] ================================================================== [ 19.306828] ================================================================== [ 19.306947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.307022] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.307085] [ 19.307124] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.307373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.307540] Hardware name: linux,dummy-virt (DT) [ 19.307644] Call trace: [ 19.307671] show_stack+0x20/0x38 (C) [ 19.307722] dump_stack_lvl+0x8c/0xd0 [ 19.308040] print_report+0x118/0x5d0 [ 19.308217] kasan_report+0xdc/0x128 [ 19.308294] kasan_check_range+0x100/0x1a8 [ 19.308427] __kasan_check_write+0x20/0x30 [ 19.308503] kasan_atomics_helper+0xa6c/0x4858 [ 19.308635] kasan_atomics+0x198/0x2e0 [ 19.308720] kunit_try_run_case+0x170/0x3f0 [ 19.308776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.309011] kthread+0x328/0x630 [ 19.309075] ret_from_fork+0x10/0x20 [ 19.309341] [ 19.309410] Allocated by task 266: [ 19.309467] kasan_save_stack+0x3c/0x68 [ 19.309615] kasan_save_track+0x20/0x40 [ 19.309673] kasan_save_alloc_info+0x40/0x58 [ 19.309750] __kasan_kmalloc+0xd4/0xd8 [ 19.310028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.310214] kasan_atomics+0xb8/0x2e0 [ 19.310280] kunit_try_run_case+0x170/0x3f0 [ 19.310357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.310478] kthread+0x328/0x630 [ 19.310526] ret_from_fork+0x10/0x20 [ 19.310570] [ 19.310713] The buggy address belongs to the object at fff00000c5aee400 [ 19.310713] which belongs to the cache kmalloc-64 of size 64 [ 19.310798] The buggy address is located 0 bytes to the right of [ 19.310798] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.310882] [ 19.310905] The buggy address belongs to the physical page: [ 19.310944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.311009] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.311058] page_type: f5(slab) [ 19.311114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.311257] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.311639] page dumped because: kasan: bad access detected [ 19.311775] [ 19.311895] Memory state around the buggy address: [ 19.311961] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.312010] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.312069] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.312369] ^ [ 19.312436] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.312563] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.312640] ================================================================== [ 19.423450] ================================================================== [ 19.423503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.423554] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.423839] [ 19.423904] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.424075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.424143] Hardware name: linux,dummy-virt (DT) [ 19.424523] Call trace: [ 19.424571] show_stack+0x20/0x38 (C) [ 19.424662] dump_stack_lvl+0x8c/0xd0 [ 19.424868] print_report+0x118/0x5d0 [ 19.424919] kasan_report+0xdc/0x128 [ 19.424967] kasan_check_range+0x100/0x1a8 [ 19.425148] __kasan_check_write+0x20/0x30 [ 19.425219] kasan_atomics_helper+0x1058/0x4858 [ 19.425281] kasan_atomics+0x198/0x2e0 [ 19.425353] kunit_try_run_case+0x170/0x3f0 [ 19.425493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.425608] kthread+0x328/0x630 [ 19.425880] ret_from_fork+0x10/0x20 [ 19.425969] [ 19.426017] Allocated by task 266: [ 19.426140] kasan_save_stack+0x3c/0x68 [ 19.426226] kasan_save_track+0x20/0x40 [ 19.426367] kasan_save_alloc_info+0x40/0x58 [ 19.426492] __kasan_kmalloc+0xd4/0xd8 [ 19.426560] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.426768] kasan_atomics+0xb8/0x2e0 [ 19.426873] kunit_try_run_case+0x170/0x3f0 [ 19.427006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427271] kthread+0x328/0x630 [ 19.427350] ret_from_fork+0x10/0x20 [ 19.427493] [ 19.427534] The buggy address belongs to the object at fff00000c5aee400 [ 19.427534] which belongs to the cache kmalloc-64 of size 64 [ 19.427681] The buggy address is located 0 bytes to the right of [ 19.427681] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.427771] [ 19.427795] The buggy address belongs to the physical page: [ 19.427833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.427888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.427940] page_type: f5(slab) [ 19.428196] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.428338] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.428412] page dumped because: kasan: bad access detected [ 19.428486] [ 19.428673] Memory state around the buggy address: [ 19.428858] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.428911] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.429111] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.429195] ^ [ 19.429235] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429306] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.429436] ================================================================== [ 19.529610] ================================================================== [ 19.529663] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.529805] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.531527] [ 19.531706] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.532128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.532228] Hardware name: linux,dummy-virt (DT) [ 19.532291] Call trace: [ 19.532330] show_stack+0x20/0x38 (C) [ 19.532495] dump_stack_lvl+0x8c/0xd0 [ 19.532590] print_report+0x118/0x5d0 [ 19.532872] kasan_report+0xdc/0x128 [ 19.532997] kasan_check_range+0x100/0x1a8 [ 19.533125] __kasan_check_write+0x20/0x30 [ 19.533216] kasan_atomics_helper+0x175c/0x4858 [ 19.533377] kasan_atomics+0x198/0x2e0 [ 19.533432] kunit_try_run_case+0x170/0x3f0 [ 19.533488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.533720] kthread+0x328/0x630 [ 19.533786] ret_from_fork+0x10/0x20 [ 19.533859] [ 19.533928] Allocated by task 266: [ 19.533976] kasan_save_stack+0x3c/0x68 [ 19.534052] kasan_save_track+0x20/0x40 [ 19.534093] kasan_save_alloc_info+0x40/0x58 [ 19.534135] __kasan_kmalloc+0xd4/0xd8 [ 19.534195] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.534236] kasan_atomics+0xb8/0x2e0 [ 19.534280] kunit_try_run_case+0x170/0x3f0 [ 19.534321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.534367] kthread+0x328/0x630 [ 19.534400] ret_from_fork+0x10/0x20 [ 19.534437] [ 19.534467] The buggy address belongs to the object at fff00000c5aee400 [ 19.534467] which belongs to the cache kmalloc-64 of size 64 [ 19.534530] The buggy address is located 0 bytes to the right of [ 19.534530] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.534600] [ 19.534661] The buggy address belongs to the physical page: [ 19.534702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.534758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.534808] page_type: f5(slab) [ 19.534856] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.534918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.534964] page dumped because: kasan: bad access detected [ 19.535008] [ 19.535037] Memory state around the buggy address: [ 19.535081] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.535127] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.535266] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.535702] ^ [ 19.535884] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.535968] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536040] ================================================================== [ 19.294010] ================================================================== [ 19.294064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.294115] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.294169] [ 19.294453] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.294604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.294652] Hardware name: linux,dummy-virt (DT) [ 19.294871] Call trace: [ 19.294904] show_stack+0x20/0x38 (C) [ 19.294966] dump_stack_lvl+0x8c/0xd0 [ 19.295013] print_report+0x118/0x5d0 [ 19.295059] kasan_report+0xdc/0x128 [ 19.295374] kasan_check_range+0x100/0x1a8 [ 19.295593] __kasan_check_write+0x20/0x30 [ 19.295796] kasan_atomics_helper+0x99c/0x4858 [ 19.295909] kasan_atomics+0x198/0x2e0 [ 19.295986] kunit_try_run_case+0x170/0x3f0 [ 19.296133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.296220] kthread+0x328/0x630 [ 19.296563] ret_from_fork+0x10/0x20 [ 19.296752] [ 19.296777] Allocated by task 266: [ 19.297038] kasan_save_stack+0x3c/0x68 [ 19.297273] kasan_save_track+0x20/0x40 [ 19.297557] kasan_save_alloc_info+0x40/0x58 [ 19.297671] __kasan_kmalloc+0xd4/0xd8 [ 19.297732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.297862] kasan_atomics+0xb8/0x2e0 [ 19.297919] kunit_try_run_case+0x170/0x3f0 [ 19.297960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298056] kthread+0x328/0x630 [ 19.298093] ret_from_fork+0x10/0x20 [ 19.298141] [ 19.298211] The buggy address belongs to the object at fff00000c5aee400 [ 19.298211] which belongs to the cache kmalloc-64 of size 64 [ 19.298296] The buggy address is located 0 bytes to the right of [ 19.298296] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.298370] [ 19.298401] The buggy address belongs to the physical page: [ 19.298442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.298505] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.298555] page_type: f5(slab) [ 19.298603] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.298662] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.298713] page dumped because: kasan: bad access detected [ 19.298757] [ 19.298779] Memory state around the buggy address: [ 19.298812] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.298858] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.298914] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.298956] ^ [ 19.299011] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299080] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299122] ================================================================== [ 19.466935] ================================================================== [ 19.466994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.467074] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.467133] [ 19.467209] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.467301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.467391] Hardware name: linux,dummy-virt (DT) [ 19.467509] Call trace: [ 19.467593] show_stack+0x20/0x38 (C) [ 19.467771] dump_stack_lvl+0x8c/0xd0 [ 19.467868] print_report+0x118/0x5d0 [ 19.467982] kasan_report+0xdc/0x128 [ 19.468132] __asan_report_load8_noabort+0x20/0x30 [ 19.468224] kasan_atomics_helper+0x3f04/0x4858 [ 19.468276] kasan_atomics+0x198/0x2e0 [ 19.468513] kunit_try_run_case+0x170/0x3f0 [ 19.468563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.468619] kthread+0x328/0x630 [ 19.468871] ret_from_fork+0x10/0x20 [ 19.469029] [ 19.469159] Allocated by task 266: [ 19.469253] kasan_save_stack+0x3c/0x68 [ 19.469317] kasan_save_track+0x20/0x40 [ 19.469531] kasan_save_alloc_info+0x40/0x58 [ 19.469738] __kasan_kmalloc+0xd4/0xd8 [ 19.469925] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.469997] kasan_atomics+0xb8/0x2e0 [ 19.470091] kunit_try_run_case+0x170/0x3f0 [ 19.471705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.471767] kthread+0x328/0x630 [ 19.471828] ret_from_fork+0x10/0x20 [ 19.471866] [ 19.471897] The buggy address belongs to the object at fff00000c5aee400 [ 19.471897] which belongs to the cache kmalloc-64 of size 64 [ 19.471960] The buggy address is located 0 bytes to the right of [ 19.471960] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.472226] [ 19.472248] The buggy address belongs to the physical page: [ 19.472283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.472339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.472390] page_type: f5(slab) [ 19.472431] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.472487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.472532] page dumped because: kasan: bad access detected [ 19.472566] [ 19.472586] Memory state around the buggy address: [ 19.472621] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.472667] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.472714] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.472756] ^ [ 19.472789] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.472834] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.472873] ================================================================== [ 19.313596] ================================================================== [ 19.313651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.313703] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.313757] [ 19.313846] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.313963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.314262] Hardware name: linux,dummy-virt (DT) [ 19.314440] Call trace: [ 19.314481] show_stack+0x20/0x38 (C) [ 19.314543] dump_stack_lvl+0x8c/0xd0 [ 19.314655] print_report+0x118/0x5d0 [ 19.314708] kasan_report+0xdc/0x128 [ 19.314771] kasan_check_range+0x100/0x1a8 [ 19.315545] kthread+0x328/0x630 [ 19.315777] kasan_save_stack+0x3c/0x68 [ 19.315828] kasan_save_track+0x20/0x40 [ 19.316282] kasan_save_alloc_info+0x40/0x58 [ 19.316386] __kasan_kmalloc+0xd4/0xd8 [ 19.316462] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.316591] kasan_atomics+0xb8/0x2e0 [ 19.316670] kunit_try_run_case+0x170/0x3f0 [ 19.316745] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316793] kthread+0x328/0x630 [ 19.317082] ret_from_fork+0x10/0x20 [ 19.317293] The buggy address is located 0 bytes to the right of [ 19.317293] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.317947] ^ [ 19.320251] Hardware name: linux,dummy-virt (DT) [ 19.321885] kasan_save_alloc_info+0x40/0x58 [ 19.323138] [ 19.323480] page_type: f5(slab) [ 19.324106] page dumped because: kasan: bad access detected [ 19.325307] ================================================================== [ 19.300530] ================================================================== [ 19.300590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 19.300961] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.301068] [ 19.301104] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.301201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301324] Hardware name: linux,dummy-virt (DT) [ 19.301369] Call trace: [ 19.301393] show_stack+0x20/0x38 (C) [ 19.301514] dump_stack_lvl+0x8c/0xd0 [ 19.301566] print_report+0x118/0x5d0 [ 19.301630] kasan_report+0xdc/0x128 [ 19.301911] kasan_check_range+0x100/0x1a8 [ 19.301990] __kasan_check_write+0x20/0x30 [ 19.302046] kasan_atomics_helper+0xa04/0x4858 [ 19.302191] kasan_atomics+0x198/0x2e0 [ 19.302257] kunit_try_run_case+0x170/0x3f0 [ 19.302307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.302487] kthread+0x328/0x630 [ 19.302552] ret_from_fork+0x10/0x20 [ 19.302760] [ 19.302794] Allocated by task 266: [ 19.302856] kasan_save_stack+0x3c/0x68 [ 19.302921] kasan_save_track+0x20/0x40 [ 19.302964] kasan_save_alloc_info+0x40/0x58 [ 19.303155] __kasan_kmalloc+0xd4/0xd8 [ 19.303220] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.303343] kasan_atomics+0xb8/0x2e0 [ 19.303392] kunit_try_run_case+0x170/0x3f0 [ 19.303446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.303557] kthread+0x328/0x630 [ 19.303625] ret_from_fork+0x10/0x20 [ 19.303745] [ 19.303835] The buggy address belongs to the object at fff00000c5aee400 [ 19.303835] which belongs to the cache kmalloc-64 of size 64 [ 19.304044] The buggy address is located 0 bytes to the right of [ 19.304044] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.304258] [ 19.304315] The buggy address belongs to the physical page: [ 19.304426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.304533] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.304890] page_type: f5(slab) [ 19.304962] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.305118] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.305454] page dumped because: kasan: bad access detected [ 19.305526] [ 19.305624] Memory state around the buggy address: [ 19.305715] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305790] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305908] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.305975] ^ [ 19.306045] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306138] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.306219] ================================================================== [ 19.405687] ================================================================== [ 19.405751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.405803] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.405855] [ 19.405887] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.406228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.406395] Hardware name: linux,dummy-virt (DT) [ 19.406441] Call trace: [ 19.406465] show_stack+0x20/0x38 (C) [ 19.406692] dump_stack_lvl+0x8c/0xd0 [ 19.406756] print_report+0x118/0x5d0 [ 19.406915] kasan_report+0xdc/0x128 [ 19.406993] kasan_check_range+0x100/0x1a8 [ 19.407097] __kasan_check_write+0x20/0x30 [ 19.407162] kasan_atomics_helper+0xf20/0x4858 [ 19.407265] kasan_atomics+0x198/0x2e0 [ 19.407329] kunit_try_run_case+0x170/0x3f0 [ 19.407379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407580] kthread+0x328/0x630 [ 19.407709] ret_from_fork+0x10/0x20 [ 19.407808] [ 19.408030] Allocated by task 266: [ 19.408273] kasan_save_stack+0x3c/0x68 [ 19.408410] kasan_save_track+0x20/0x40 [ 19.408464] kasan_save_alloc_info+0x40/0x58 [ 19.408524] __kasan_kmalloc+0xd4/0xd8 [ 19.408621] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.408668] kasan_atomics+0xb8/0x2e0 [ 19.408708] kunit_try_run_case+0x170/0x3f0 [ 19.408749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.408896] kthread+0x328/0x630 [ 19.408938] ret_from_fork+0x10/0x20 [ 19.409111] [ 19.409159] The buggy address belongs to the object at fff00000c5aee400 [ 19.409159] which belongs to the cache kmalloc-64 of size 64 [ 19.409295] The buggy address is located 0 bytes to the right of [ 19.409295] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.409547] [ 19.409617] The buggy address belongs to the physical page: [ 19.409740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.409884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.409958] page_type: f5(slab) [ 19.410022] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.410078] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.410372] page dumped because: kasan: bad access detected [ 19.410514] [ 19.410598] Memory state around the buggy address: [ 19.410793] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.410952] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.411019] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.411114] ^ [ 19.411190] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.411243] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.411459] ================================================================== [ 19.359890] ================================================================== [ 19.359941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.359991] Read of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.360044] [ 19.360075] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.360158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.360202] Hardware name: linux,dummy-virt (DT) [ 19.360235] Call trace: [ 19.360258] show_stack+0x20/0x38 (C) [ 19.360305] dump_stack_lvl+0x8c/0xd0 [ 19.360355] print_report+0x118/0x5d0 [ 19.360402] kasan_report+0xdc/0x128 [ 19.360448] __asan_report_load4_noabort+0x20/0x30 [ 19.360501] kasan_atomics_helper+0x3dd8/0x4858 [ 19.360559] kasan_atomics+0x198/0x2e0 [ 19.360607] kunit_try_run_case+0x170/0x3f0 [ 19.360656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.360710] kthread+0x328/0x630 [ 19.360755] ret_from_fork+0x10/0x20 [ 19.360804] [ 19.360824] Allocated by task 266: [ 19.360854] kasan_save_stack+0x3c/0x68 [ 19.360896] kasan_save_track+0x20/0x40 [ 19.360935] kasan_save_alloc_info+0x40/0x58 [ 19.360977] __kasan_kmalloc+0xd4/0xd8 [ 19.361014] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.361055] kasan_atomics+0xb8/0x2e0 [ 19.361093] kunit_try_run_case+0x170/0x3f0 [ 19.361133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.362283] kthread+0x328/0x630 [ 19.362338] ret_from_fork+0x10/0x20 [ 19.362379] [ 19.362402] The buggy address belongs to the object at fff00000c5aee400 [ 19.362402] which belongs to the cache kmalloc-64 of size 64 [ 19.362485] The buggy address is located 0 bytes to the right of [ 19.362485] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.362556] [ 19.362578] The buggy address belongs to the physical page: [ 19.365587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.365671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.365724] page_type: f5(slab) [ 19.365764] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.365820] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.365864] page dumped because: kasan: bad access detected [ 19.365899] [ 19.365919] Memory state around the buggy address: [ 19.365954] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.366010] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.366057] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.366098] ^ [ 19.366316] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.366404] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.367911] ================================================================== [ 19.490370] ================================================================== [ 19.490449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.490516] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.490570] [ 19.490784] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.490989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.491055] Hardware name: linux,dummy-virt (DT) [ 19.491090] Call trace: [ 19.491115] show_stack+0x20/0x38 (C) [ 19.491268] dump_stack_lvl+0x8c/0xd0 [ 19.491332] print_report+0x118/0x5d0 [ 19.491390] kasan_report+0xdc/0x128 [ 19.491477] kasan_check_range+0x100/0x1a8 [ 19.491535] __kasan_check_write+0x20/0x30 [ 19.491644] kasan_atomics_helper+0x154c/0x4858 [ 19.491722] kasan_atomics+0x198/0x2e0 [ 19.491782] kunit_try_run_case+0x170/0x3f0 [ 19.491848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.491904] kthread+0x328/0x630 [ 19.491946] ret_from_fork+0x10/0x20 [ 19.491995] [ 19.492032] Allocated by task 266: [ 19.492077] kasan_save_stack+0x3c/0x68 [ 19.492126] kasan_save_track+0x20/0x40 [ 19.492356] kasan_save_alloc_info+0x40/0x58 [ 19.492474] __kasan_kmalloc+0xd4/0xd8 [ 19.492523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.492698] kasan_atomics+0xb8/0x2e0 [ 19.492865] kunit_try_run_case+0x170/0x3f0 [ 19.493020] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.493096] kthread+0x328/0x630 [ 19.493326] ret_from_fork+0x10/0x20 [ 19.493379] [ 19.493401] The buggy address belongs to the object at fff00000c5aee400 [ 19.493401] which belongs to the cache kmalloc-64 of size 64 [ 19.493555] The buggy address is located 0 bytes to the right of [ 19.493555] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.493664] [ 19.493828] The buggy address belongs to the physical page: [ 19.493997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.494228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.494336] page_type: f5(slab) [ 19.494483] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.494561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.494606] page dumped because: kasan: bad access detected [ 19.494641] [ 19.494669] Memory state around the buggy address: [ 19.495056] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.495128] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.495200] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.495460] ^ [ 19.495529] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.495699] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.495742] ================================================================== [ 19.369888] ================================================================== [ 19.369942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.370000] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.370055] [ 19.370089] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.370174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.373251] Hardware name: linux,dummy-virt (DT) [ 19.373286] Call trace: [ 19.373310] show_stack+0x20/0x38 (C) [ 19.373367] dump_stack_lvl+0x8c/0xd0 [ 19.373414] print_report+0x118/0x5d0 [ 19.373463] kasan_report+0xdc/0x128 [ 19.373509] kasan_check_range+0x100/0x1a8 [ 19.373558] __kasan_check_write+0x20/0x30 [ 19.373605] kasan_atomics_helper+0xd3c/0x4858 [ 19.373654] kasan_atomics+0x198/0x2e0 [ 19.373702] kunit_try_run_case+0x170/0x3f0 [ 19.373752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373808] kthread+0x328/0x630 [ 19.373936] ret_from_fork+0x10/0x20 [ 19.374011] [ 19.374042] Allocated by task 266: [ 19.374097] kasan_save_stack+0x3c/0x68 [ 19.374142] kasan_save_track+0x20/0x40 [ 19.374195] kasan_save_alloc_info+0x40/0x58 [ 19.374241] __kasan_kmalloc+0xd4/0xd8 [ 19.374279] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.374321] kasan_atomics+0xb8/0x2e0 [ 19.374360] kunit_try_run_case+0x170/0x3f0 [ 19.374400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.374710] kthread+0x328/0x630 [ 19.374767] ret_from_fork+0x10/0x20 [ 19.374878] [ 19.374927] The buggy address belongs to the object at fff00000c5aee400 [ 19.374927] which belongs to the cache kmalloc-64 of size 64 [ 19.375009] The buggy address is located 0 bytes to the right of [ 19.375009] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.375078] [ 19.375100] The buggy address belongs to the physical page: [ 19.375135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.375279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.375384] page_type: f5(slab) [ 19.375425] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.375532] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.375589] page dumped because: kasan: bad access detected [ 19.375654] [ 19.375714] Memory state around the buggy address: [ 19.375794] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.375841] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.375887] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.375937] ^ [ 19.375972] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.376018] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.376060] ================================================================== [ 19.379599] ================================================================== [ 19.379648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.379695] Read of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.379746] [ 19.379776] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.379858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.379887] Hardware name: linux,dummy-virt (DT) [ 19.379918] Call trace: [ 19.379942] show_stack+0x20/0x38 (C) [ 19.379989] dump_stack_lvl+0x8c/0xd0 [ 19.380037] print_report+0x118/0x5d0 [ 19.380084] kasan_report+0xdc/0x128 [ 19.380131] kasan_check_range+0x100/0x1a8 [ 19.380235] __kasan_check_read+0x20/0x30 [ 19.380290] kasan_atomics_helper+0xdd4/0x4858 [ 19.380345] kasan_atomics+0x198/0x2e0 [ 19.380397] kunit_try_run_case+0x170/0x3f0 [ 19.380452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.380524] kthread+0x328/0x630 [ 19.380584] ret_from_fork+0x10/0x20 [ 19.380715] [ 19.380736] Allocated by task 266: [ 19.380861] kasan_save_stack+0x3c/0x68 [ 19.380920] kasan_save_track+0x20/0x40 [ 19.380974] kasan_save_alloc_info+0x40/0x58 [ 19.381017] __kasan_kmalloc+0xd4/0xd8 [ 19.381055] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.381111] kasan_atomics+0xb8/0x2e0 [ 19.381200] kunit_try_run_case+0x170/0x3f0 [ 19.381247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.381300] kthread+0x328/0x630 [ 19.381345] ret_from_fork+0x10/0x20 [ 19.381385] [ 19.381418] The buggy address belongs to the object at fff00000c5aee400 [ 19.381418] which belongs to the cache kmalloc-64 of size 64 [ 19.381480] The buggy address is located 0 bytes to the right of [ 19.381480] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.381553] [ 19.381574] The buggy address belongs to the physical page: [ 19.381608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.381662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.381711] page_type: f5(slab) [ 19.381961] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.382099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.382142] page dumped because: kasan: bad access detected [ 19.382215] [ 19.382249] Memory state around the buggy address: [ 19.382283] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.382328] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.382382] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.382423] ^ [ 19.383379] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.383430] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.383472] ================================================================== [ 19.376600] ================================================================== [ 19.376652] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.376708] Read of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.376879] [ 19.376921] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.377029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.377060] Hardware name: linux,dummy-virt (DT) [ 19.377093] Call trace: [ 19.377116] show_stack+0x20/0x38 (C) [ 19.377171] dump_stack_lvl+0x8c/0xd0 [ 19.377236] print_report+0x118/0x5d0 [ 19.377284] kasan_report+0xdc/0x128 [ 19.377333] __asan_report_load4_noabort+0x20/0x30 [ 19.377402] kasan_atomics_helper+0x3e04/0x4858 [ 19.377458] kasan_atomics+0x198/0x2e0 [ 19.377506] kunit_try_run_case+0x170/0x3f0 [ 19.377555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.377610] kthread+0x328/0x630 [ 19.377654] ret_from_fork+0x10/0x20 [ 19.377703] [ 19.377722] Allocated by task 266: [ 19.377767] kasan_save_stack+0x3c/0x68 [ 19.377810] kasan_save_track+0x20/0x40 [ 19.377850] kasan_save_alloc_info+0x40/0x58 [ 19.377892] __kasan_kmalloc+0xd4/0xd8 [ 19.377930] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.377971] kasan_atomics+0xb8/0x2e0 [ 19.378015] kunit_try_run_case+0x170/0x3f0 [ 19.378055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.378101] kthread+0x328/0x630 [ 19.378134] ret_from_fork+0x10/0x20 [ 19.378173] [ 19.378203] The buggy address belongs to the object at fff00000c5aee400 [ 19.378203] which belongs to the cache kmalloc-64 of size 64 [ 19.378264] The buggy address is located 0 bytes to the right of [ 19.378264] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.378333] [ 19.378354] The buggy address belongs to the physical page: [ 19.378388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.378449] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.378499] page_type: f5(slab) [ 19.378537] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.378590] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.378632] page dumped because: kasan: bad access detected [ 19.378684] [ 19.378704] Memory state around the buggy address: [ 19.378742] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.378795] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.379097] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.379157] ^ [ 19.379227] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.379273] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.379317] ================================================================== [ 19.438038] ================================================================== [ 19.438199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.438258] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.438318] [ 19.438566] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.438907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.438958] Hardware name: linux,dummy-virt (DT) [ 19.439001] Call trace: [ 19.439026] show_stack+0x20/0x38 (C) [ 19.439078] dump_stack_lvl+0x8c/0xd0 [ 19.439124] print_report+0x118/0x5d0 [ 19.439279] kasan_report+0xdc/0x128 [ 19.439331] kasan_check_range+0x100/0x1a8 [ 19.439409] __kasan_check_write+0x20/0x30 [ 19.439573] kasan_atomics_helper+0x1128/0x4858 [ 19.439717] kasan_atomics+0x198/0x2e0 [ 19.439768] kunit_try_run_case+0x170/0x3f0 [ 19.439817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.439872] kthread+0x328/0x630 [ 19.439914] ret_from_fork+0x10/0x20 [ 19.440299] [ 19.440343] Allocated by task 266: [ 19.440423] kasan_save_stack+0x3c/0x68 [ 19.440744] kasan_save_track+0x20/0x40 [ 19.440836] kasan_save_alloc_info+0x40/0x58 [ 19.440993] __kasan_kmalloc+0xd4/0xd8 [ 19.441061] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.441103] kasan_atomics+0xb8/0x2e0 [ 19.441148] kunit_try_run_case+0x170/0x3f0 [ 19.441490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.441650] kthread+0x328/0x630 [ 19.441874] ret_from_fork+0x10/0x20 [ 19.441950] [ 19.441972] The buggy address belongs to the object at fff00000c5aee400 [ 19.441972] which belongs to the cache kmalloc-64 of size 64 [ 19.442195] The buggy address is located 0 bytes to the right of [ 19.442195] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.442309] [ 19.442566] The buggy address belongs to the physical page: [ 19.442635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.442720] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.443200] page_type: f5(slab) [ 19.443252] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.443315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.443360] page dumped because: kasan: bad access detected [ 19.444027] [ 19.444062] Memory state around the buggy address: [ 19.444098] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.444146] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.444203] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.444246] ^ [ 19.444282] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444325] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444366] ================================================================== [ 19.543221] ================================================================== [ 19.543295] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.543661] Write of size 8 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.543820] [ 19.543889] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.544059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.544173] Hardware name: linux,dummy-virt (DT) [ 19.544217] Call trace: [ 19.544241] show_stack+0x20/0x38 (C) [ 19.544293] dump_stack_lvl+0x8c/0xd0 [ 19.544678] print_report+0x118/0x5d0 [ 19.544764] kasan_report+0xdc/0x128 [ 19.544976] kasan_check_range+0x100/0x1a8 [ 19.545172] __kasan_check_write+0x20/0x30 [ 19.545556] kasan_atomics_helper+0x17ec/0x4858 [ 19.545879] kasan_atomics+0x198/0x2e0 [ 19.545969] kunit_try_run_case+0x170/0x3f0 [ 19.546140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.546328] kthread+0x328/0x630 [ 19.546378] ret_from_fork+0x10/0x20 [ 19.546458] [ 19.546504] Allocated by task 266: [ 19.546807] kasan_save_stack+0x3c/0x68 [ 19.546879] kasan_save_track+0x20/0x40 [ 19.547082] kasan_save_alloc_info+0x40/0x58 [ 19.547216] __kasan_kmalloc+0xd4/0xd8 [ 19.547386] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.547493] kasan_atomics+0xb8/0x2e0 [ 19.547571] kunit_try_run_case+0x170/0x3f0 [ 19.547630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.547963] kthread+0x328/0x630 [ 19.548048] ret_from_fork+0x10/0x20 [ 19.548253] [ 19.548279] The buggy address belongs to the object at fff00000c5aee400 [ 19.548279] which belongs to the cache kmalloc-64 of size 64 [ 19.548353] The buggy address is located 0 bytes to the right of [ 19.548353] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.548422] [ 19.548445] The buggy address belongs to the physical page: [ 19.548488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.548544] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.548608] page_type: f5(slab) [ 19.548654] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.548709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.548754] page dumped because: kasan: bad access detected [ 19.548799] [ 19.548839] Memory state around the buggy address: [ 19.548873] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.548933] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.548995] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.549036] ^ [ 19.549071] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549117] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.549156] ================================================================== [ 19.352353] ================================================================== [ 19.352427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 19.352490] Write of size 4 at addr fff00000c5aee430 by task kunit_try_catch/266 [ 19.352617] [ 19.352650] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.352741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.352770] Hardware name: linux,dummy-virt (DT) [ 19.352803] Call trace: [ 19.352992] show_stack+0x20/0x38 (C) [ 19.353057] dump_stack_lvl+0x8c/0xd0 [ 19.353104] print_report+0x118/0x5d0 [ 19.353159] kasan_report+0xdc/0x128 [ 19.353218] kasan_check_range+0x100/0x1a8 [ 19.353269] __kasan_check_write+0x20/0x30 [ 19.353763] kasan_atomics_helper+0xca0/0x4858 [ 19.353839] kasan_atomics+0x198/0x2e0 [ 19.354152] kunit_try_run_case+0x170/0x3f0 [ 19.354498] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.355334] kasan_save_stack+0x3c/0x68 [ 19.355411] kasan_save_track+0x20/0x40 [ 19.355563] kasan_save_alloc_info+0x40/0x58 [ 19.355638] __kasan_kmalloc+0xd4/0xd8 [ 19.356171] kunit_try_run_case+0x170/0x3f0 [ 19.356247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.356302] kthread+0x328/0x630 [ 19.356336] ret_from_fork+0x10/0x20 [ 19.356517] [ 19.356545] The buggy address belongs to the object at fff00000c5aee400 [ 19.356545] which belongs to the cache kmalloc-64 of size 64 [ 19.356610] The buggy address is located 0 bytes to the right of [ 19.356610] allocated 48-byte region [fff00000c5aee400, fff00000c5aee430) [ 19.356856] [ 19.356903] The buggy address belongs to the physical page: [ 19.357030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aee [ 19.357115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.357445] page_type: f5(slab) [ 19.357537] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.357679] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.357757] page dumped because: kasan: bad access detected [ 19.357808] [ 19.357829] Memory state around the buggy address: [ 19.357864] fff00000c5aee300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.359267] fff00000c5aee380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.359335] >fff00000c5aee400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.359379] ^ [ 19.359425] fff00000c5aee480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.359471] fff00000c5aee500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.359513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.011345] ================================================================== [ 19.011438] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.011512] Write of size 8 at addr fff00000c44abae8 by task kunit_try_catch/262 [ 19.011568] [ 19.011610] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.011699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.011727] Hardware name: linux,dummy-virt (DT) [ 19.011761] Call trace: [ 19.011792] show_stack+0x20/0x38 (C) [ 19.011844] dump_stack_lvl+0x8c/0xd0 [ 19.011894] print_report+0x118/0x5d0 [ 19.011940] kasan_report+0xdc/0x128 [ 19.022479] kasan_check_range+0x100/0x1a8 [ 19.023056] __kasan_check_write+0x20/0x30 [ 19.024587] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.024663] kasan_bitops_generic+0x110/0x1c8 [ 19.024714] kunit_try_run_case+0x170/0x3f0 [ 19.025478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.026126] kthread+0x328/0x630 [ 19.026330] ret_from_fork+0x10/0x20 [ 19.026888] [ 19.027231] Allocated by task 262: [ 19.029143] kasan_save_stack+0x3c/0x68 [ 19.029417] kasan_save_track+0x20/0x40 [ 19.029797] kasan_save_alloc_info+0x40/0x58 [ 19.029949] __kasan_kmalloc+0xd4/0xd8 [ 19.032653] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.033096] kasan_bitops_generic+0xa0/0x1c8 [ 19.033514] kunit_try_run_case+0x170/0x3f0 [ 19.033576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.033778] kthread+0x328/0x630 [ 19.033910] ret_from_fork+0x10/0x20 [ 19.034795] [ 19.034937] The buggy address belongs to the object at fff00000c44abae0 [ 19.034937] which belongs to the cache kmalloc-16 of size 16 [ 19.035151] The buggy address is located 8 bytes inside of [ 19.035151] allocated 9-byte region [fff00000c44abae0, fff00000c44abae9) [ 19.035230] [ 19.035256] The buggy address belongs to the physical page: [ 19.035295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 19.035356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.035762] page_type: f5(slab) [ 19.035810] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.035864] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.037316] page dumped because: kasan: bad access detected [ 19.037924] [ 19.038168] Memory state around the buggy address: [ 19.038478] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.039360] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.040093] >fff00000c44aba80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.040149] ^ [ 19.040403] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.044386] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.044658] ================================================================== [ 19.046294] ================================================================== [ 19.046407] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.046610] Read of size 8 at addr fff00000c44abae8 by task kunit_try_catch/262 [ 19.047026] [ 19.047463] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.047975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.048008] Hardware name: linux,dummy-virt (DT) [ 19.048225] Call trace: [ 19.048253] show_stack+0x20/0x38 (C) [ 19.048323] dump_stack_lvl+0x8c/0xd0 [ 19.048372] print_report+0x118/0x5d0 [ 19.048826] kasan_report+0xdc/0x128 [ 19.049431] __asan_report_load8_noabort+0x20/0x30 [ 19.049501] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.051221] kasan_bitops_generic+0x110/0x1c8 [ 19.051307] kunit_try_run_case+0x170/0x3f0 [ 19.051497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.052011] kthread+0x328/0x630 [ 19.052577] ret_from_fork+0x10/0x20 [ 19.053326] [ 19.053362] Allocated by task 262: [ 19.053463] kasan_save_stack+0x3c/0x68 [ 19.053780] kasan_save_track+0x20/0x40 [ 19.055126] kasan_save_alloc_info+0x40/0x58 [ 19.055193] __kasan_kmalloc+0xd4/0xd8 [ 19.055776] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.055832] kasan_bitops_generic+0xa0/0x1c8 [ 19.056066] kunit_try_run_case+0x170/0x3f0 [ 19.056350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.056649] kthread+0x328/0x630 [ 19.056894] ret_from_fork+0x10/0x20 [ 19.056940] [ 19.059874] The buggy address belongs to the object at fff00000c44abae0 [ 19.059874] which belongs to the cache kmalloc-16 of size 16 [ 19.059962] The buggy address is located 8 bytes inside of [ 19.059962] allocated 9-byte region [fff00000c44abae0, fff00000c44abae9) [ 19.060030] [ 19.060052] The buggy address belongs to the physical page: [ 19.060110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 19.060203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.060511] page_type: f5(slab) [ 19.060684] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.060799] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.060846] page dumped because: kasan: bad access detected [ 19.060892] [ 19.060914] Memory state around the buggy address: [ 19.061211] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 19.062193] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.062252] >fff00000c44aba80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 19.063232] ^ [ 19.063332] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.063579] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.063623] ================================================================== [ 19.067435] ================================================================== [ 19.067617] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.067691] Write of size 8 at addr fff00000c44abae8 by task kunit_try_catch/262 [ 19.067847] [ 19.067925] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.068335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.068677] Hardware name: linux,dummy-virt (DT) [ 19.068714] Call trace: [ 19.069144] show_stack+0x20/0x38 (C) [ 19.069651] dump_stack_lvl+0x8c/0xd0 [ 19.069990] print_report+0x118/0x5d0 [ 19.071293] kasan_report+0xdc/0x128 [ 19.071344] kasan_check_range+0x100/0x1a8 [ 19.071406] __kasan_check_write+0x20/0x30 [ 19.071949] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.072011] kasan_bitops_generic+0x110/0x1c8 [ 19.072061] kunit_try_run_case+0x170/0x3f0 [ 19.072110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.072163] kthread+0x328/0x630 [ 19.072279] ret_from_fork+0x10/0x20 [ 19.072513] [ 19.072554] Allocated by task 262: [ 19.072585] kasan_save_stack+0x3c/0x68 [ 19.074074] kasan_save_track+0x20/0x40 [ 19.074171] kasan_save_alloc_info+0x40/0x58 [ 19.074238] __kasan_kmalloc+0xd4/0xd8 [ 19.074277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.074333] kasan_bitops_generic+0xa0/0x1c8 [ 19.074379] kunit_try_run_case+0x170/0x3f0 [ 19.074420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.074474] kthread+0x328/0x630 [ 19.074667] The buggy address is located 8 bytes inside of [ 19.074667] allocated 9-byte region [fff00000c44abae0, fff00000c44abae9) [ 19.075466] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.925852] ================================================================== [ 18.925921] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.926090] Read of size 1 at addr fff00000c5ae3c90 by task kunit_try_catch/260 [ 18.926605] [ 18.926757] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.926958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.927091] Hardware name: linux,dummy-virt (DT) [ 18.927132] Call trace: [ 18.927156] show_stack+0x20/0x38 (C) [ 18.927220] dump_stack_lvl+0x8c/0xd0 [ 18.927268] print_report+0x118/0x5d0 [ 18.928036] kasan_report+0xdc/0x128 [ 18.928090] __asan_report_load1_noabort+0x20/0x30 [ 18.928142] strnlen+0x80/0x88 [ 18.928195] kasan_strings+0x478/0xb00 [ 18.928246] kunit_try_run_case+0x170/0x3f0 [ 18.928329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.928530] kthread+0x328/0x630 [ 18.928578] ret_from_fork+0x10/0x20 [ 18.928723] [ 18.928860] Allocated by task 260: [ 18.928936] kasan_save_stack+0x3c/0x68 [ 18.929002] kasan_save_track+0x20/0x40 [ 18.929051] kasan_save_alloc_info+0x40/0x58 [ 18.929237] __kasan_kmalloc+0xd4/0xd8 [ 18.929279] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.929319] kasan_strings+0xc8/0xb00 [ 18.929356] kunit_try_run_case+0x170/0x3f0 [ 18.929683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.929740] kthread+0x328/0x630 [ 18.929785] ret_from_fork+0x10/0x20 [ 18.930170] [ 18.930232] Freed by task 260: [ 18.930264] kasan_save_stack+0x3c/0x68 [ 18.930308] kasan_save_track+0x20/0x40 [ 18.930389] kasan_save_free_info+0x4c/0x78 [ 18.930597] __kasan_slab_free+0x6c/0x98 [ 18.930643] kfree+0x214/0x3c8 [ 18.930717] kasan_strings+0x24c/0xb00 [ 18.931588] kunit_try_run_case+0x170/0x3f0 [ 18.932221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.932362] kthread+0x328/0x630 [ 18.932536] ret_from_fork+0x10/0x20 [ 18.933532] [ 18.934028] The buggy address belongs to the object at fff00000c5ae3c80 [ 18.934028] which belongs to the cache kmalloc-32 of size 32 [ 18.934292] The buggy address is located 16 bytes inside of [ 18.934292] freed 32-byte region [fff00000c5ae3c80, fff00000c5ae3ca0) [ 18.934404] [ 18.936078] The buggy address belongs to the physical page: [ 18.936125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae3 [ 18.936748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.937137] page_type: f5(slab) [ 18.937347] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.937408] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.937454] page dumped because: kasan: bad access detected [ 18.937489] [ 18.937510] Memory state around the buggy address: [ 18.940062] fff00000c5ae3b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.940127] fff00000c5ae3c00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.940692] >fff00000c5ae3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.941112] ^ [ 18.941773] fff00000c5ae3d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.943234] fff00000c5ae3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.943746] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.914721] ================================================================== [ 18.915029] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.915119] Read of size 1 at addr fff00000c5ae3c90 by task kunit_try_catch/260 [ 18.915173] [ 18.915316] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.915689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.915782] Hardware name: linux,dummy-virt (DT) [ 18.915840] Call trace: [ 18.915865] show_stack+0x20/0x38 (C) [ 18.915918] dump_stack_lvl+0x8c/0xd0 [ 18.916175] print_report+0x118/0x5d0 [ 18.916249] kasan_report+0xdc/0x128 [ 18.916298] __asan_report_load1_noabort+0x20/0x30 [ 18.916405] strlen+0xa8/0xb0 [ 18.916537] kasan_strings+0x418/0xb00 [ 18.916627] kunit_try_run_case+0x170/0x3f0 [ 18.917087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.917223] kthread+0x328/0x630 [ 18.917308] ret_from_fork+0x10/0x20 [ 18.917760] [ 18.917827] Allocated by task 260: [ 18.917865] kasan_save_stack+0x3c/0x68 [ 18.917952] kasan_save_track+0x20/0x40 [ 18.918008] kasan_save_alloc_info+0x40/0x58 [ 18.918051] __kasan_kmalloc+0xd4/0xd8 [ 18.918386] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.918513] kasan_strings+0xc8/0xb00 [ 18.918551] kunit_try_run_case+0x170/0x3f0 [ 18.918597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.918819] kthread+0x328/0x630 [ 18.918862] ret_from_fork+0x10/0x20 [ 18.918903] [ 18.920117] Freed by task 260: [ 18.920157] kasan_save_stack+0x3c/0x68 [ 18.920221] kasan_save_track+0x20/0x40 [ 18.920260] kasan_save_free_info+0x4c/0x78 [ 18.920302] __kasan_slab_free+0x6c/0x98 [ 18.920689] kfree+0x214/0x3c8 [ 18.920732] kasan_strings+0x24c/0xb00 [ 18.920975] kunit_try_run_case+0x170/0x3f0 [ 18.921402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.921463] kthread+0x328/0x630 [ 18.921511] ret_from_fork+0x10/0x20 [ 18.921550] [ 18.921571] The buggy address belongs to the object at fff00000c5ae3c80 [ 18.921571] which belongs to the cache kmalloc-32 of size 32 [ 18.921635] The buggy address is located 16 bytes inside of [ 18.921635] freed 32-byte region [fff00000c5ae3c80, fff00000c5ae3ca0) [ 18.921699] [ 18.921729] The buggy address belongs to the physical page: [ 18.921763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae3 [ 18.922202] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.922318] page_type: f5(slab) [ 18.922360] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.922488] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.922813] page dumped because: kasan: bad access detected [ 18.924049] [ 18.924125] Memory state around the buggy address: [ 18.924275] fff00000c5ae3b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.924361] fff00000c5ae3c00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.924410] >fff00000c5ae3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.924452] ^ [ 18.924484] fff00000c5ae3d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.924530] fff00000c5ae3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.924571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.901371] ================================================================== [ 18.901521] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.901689] Read of size 1 at addr fff00000c5ae3c90 by task kunit_try_catch/260 [ 18.901927] [ 18.903564] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.904194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.904504] Hardware name: linux,dummy-virt (DT) [ 18.904887] Call trace: [ 18.904922] show_stack+0x20/0x38 (C) [ 18.904977] dump_stack_lvl+0x8c/0xd0 [ 18.905112] print_report+0x118/0x5d0 [ 18.905434] kasan_report+0xdc/0x128 [ 18.905491] __asan_report_load1_noabort+0x20/0x30 [ 18.905544] kasan_strings+0x95c/0xb00 [ 18.906036] kunit_try_run_case+0x170/0x3f0 [ 18.906099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.906156] kthread+0x328/0x630 [ 18.907514] ret_from_fork+0x10/0x20 [ 18.907733] [ 18.907756] Allocated by task 260: [ 18.907787] kasan_save_stack+0x3c/0x68 [ 18.907833] kasan_save_track+0x20/0x40 [ 18.908380] kasan_save_alloc_info+0x40/0x58 [ 18.908512] __kasan_kmalloc+0xd4/0xd8 [ 18.908834] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.909001] kasan_strings+0xc8/0xb00 [ 18.909073] kunit_try_run_case+0x170/0x3f0 [ 18.909114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.909477] kthread+0x328/0x630 [ 18.909615] ret_from_fork+0x10/0x20 [ 18.909717] [ 18.909740] Freed by task 260: [ 18.909768] kasan_save_stack+0x3c/0x68 [ 18.909815] kasan_save_track+0x20/0x40 [ 18.909862] kasan_save_free_info+0x4c/0x78 [ 18.909904] __kasan_slab_free+0x6c/0x98 [ 18.910213] kfree+0x214/0x3c8 [ 18.910309] kasan_strings+0x24c/0xb00 [ 18.910353] kunit_try_run_case+0x170/0x3f0 [ 18.910682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.910731] kthread+0x328/0x630 [ 18.910775] ret_from_fork+0x10/0x20 [ 18.910859] [ 18.910882] The buggy address belongs to the object at fff00000c5ae3c80 [ 18.910882] which belongs to the cache kmalloc-32 of size 32 [ 18.910965] The buggy address is located 16 bytes inside of [ 18.910965] freed 32-byte region [fff00000c5ae3c80, fff00000c5ae3ca0) [ 18.911354] [ 18.911554] The buggy address belongs to the physical page: [ 18.911649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae3 [ 18.912003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.912060] page_type: f5(slab) [ 18.912106] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.912251] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.912397] page dumped because: kasan: bad access detected [ 18.912465] [ 18.912505] Memory state around the buggy address: [ 18.912568] fff00000c5ae3b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.912614] fff00000c5ae3c00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.912660] >fff00000c5ae3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.912708] ^ [ 18.912809] fff00000c5ae3d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.912891] fff00000c5ae3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.913067] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.892637] ================================================================== [ 18.892693] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.892743] Read of size 1 at addr fff00000c5ae3c90 by task kunit_try_catch/260 [ 18.892794] [ 18.892831] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.892917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.892948] Hardware name: linux,dummy-virt (DT) [ 18.892982] Call trace: [ 18.893014] show_stack+0x20/0x38 (C) [ 18.893064] dump_stack_lvl+0x8c/0xd0 [ 18.893111] print_report+0x118/0x5d0 [ 18.893800] kasan_report+0xdc/0x128 [ 18.894086] __asan_report_load1_noabort+0x20/0x30 [ 18.894150] strcmp+0xc0/0xc8 [ 18.894275] kasan_strings+0x340/0xb00 [ 18.894368] kunit_try_run_case+0x170/0x3f0 [ 18.894442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.894546] kthread+0x328/0x630 [ 18.894671] ret_from_fork+0x10/0x20 [ 18.894736] [ 18.894818] Allocated by task 260: [ 18.894859] kasan_save_stack+0x3c/0x68 [ 18.894997] kasan_save_track+0x20/0x40 [ 18.895068] kasan_save_alloc_info+0x40/0x58 [ 18.895134] __kasan_kmalloc+0xd4/0xd8 [ 18.895173] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.895233] kasan_strings+0xc8/0xb00 [ 18.895892] kunit_try_run_case+0x170/0x3f0 [ 18.895982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.896030] kthread+0x328/0x630 [ 18.896065] ret_from_fork+0x10/0x20 [ 18.896105] [ 18.896176] Freed by task 260: [ 18.897224] kasan_save_stack+0x3c/0x68 [ 18.897296] kasan_save_track+0x20/0x40 [ 18.897336] kasan_save_free_info+0x4c/0x78 [ 18.897380] __kasan_slab_free+0x6c/0x98 [ 18.897751] kfree+0x214/0x3c8 [ 18.898049] kasan_strings+0x24c/0xb00 [ 18.898111] kunit_try_run_case+0x170/0x3f0 [ 18.898200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898248] kthread+0x328/0x630 [ 18.898442] ret_from_fork+0x10/0x20 [ 18.898586] [ 18.898614] The buggy address belongs to the object at fff00000c5ae3c80 [ 18.898614] which belongs to the cache kmalloc-32 of size 32 [ 18.898677] The buggy address is located 16 bytes inside of [ 18.898677] freed 32-byte region [fff00000c5ae3c80, fff00000c5ae3ca0) [ 18.899173] [ 18.899246] The buggy address belongs to the physical page: [ 18.899295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae3 [ 18.899413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.899468] page_type: f5(slab) [ 18.899733] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.899801] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.899948] page dumped because: kasan: bad access detected [ 18.900017] [ 18.900092] Memory state around the buggy address: [ 18.900129] fff00000c5ae3b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.900175] fff00000c5ae3c00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.900231] >fff00000c5ae3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.900297] ^ [ 18.900571] fff00000c5ae3d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.900772] fff00000c5ae3d80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.900820] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.866937] ================================================================== [ 18.867001] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.867057] Read of size 1 at addr fff00000c5ae3a98 by task kunit_try_catch/258 [ 18.867110] [ 18.867145] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.867797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.868206] Hardware name: linux,dummy-virt (DT) [ 18.868465] Call trace: [ 18.868740] show_stack+0x20/0x38 (C) [ 18.868830] dump_stack_lvl+0x8c/0xd0 [ 18.869197] print_report+0x118/0x5d0 [ 18.869394] kasan_report+0xdc/0x128 [ 18.869557] __asan_report_load1_noabort+0x20/0x30 [ 18.869661] memcmp+0x198/0x1d8 [ 18.869740] kasan_memcmp+0x16c/0x300 [ 18.870196] kunit_try_run_case+0x170/0x3f0 [ 18.870307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.870422] kthread+0x328/0x630 [ 18.870586] ret_from_fork+0x10/0x20 [ 18.872175] [ 18.872330] Allocated by task 258: [ 18.872461] kasan_save_stack+0x3c/0x68 [ 18.872558] kasan_save_track+0x20/0x40 [ 18.872690] kasan_save_alloc_info+0x40/0x58 [ 18.872777] __kasan_kmalloc+0xd4/0xd8 [ 18.872886] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.873253] kasan_memcmp+0xbc/0x300 [ 18.874226] kunit_try_run_case+0x170/0x3f0 [ 18.874294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.874344] kthread+0x328/0x630 [ 18.874474] ret_from_fork+0x10/0x20 [ 18.874675] [ 18.874721] The buggy address belongs to the object at fff00000c5ae3a80 [ 18.874721] which belongs to the cache kmalloc-32 of size 32 [ 18.874794] The buggy address is located 0 bytes to the right of [ 18.874794] allocated 24-byte region [fff00000c5ae3a80, fff00000c5ae3a98) [ 18.874976] [ 18.875102] The buggy address belongs to the physical page: [ 18.875162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae3 [ 18.875261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.875337] page_type: f5(slab) [ 18.875420] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.875476] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.875526] page dumped because: kasan: bad access detected [ 18.875560] [ 18.875579] Memory state around the buggy address: [ 18.875615] fff00000c5ae3980: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.875660] fff00000c5ae3a00: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.875706] >fff00000c5ae3a80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875748] ^ [ 18.875780] fff00000c5ae3b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875850] fff00000c5ae3b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875978] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.821847] ================================================================== [ 18.822148] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.822222] Read of size 1 at addr ffff800080ac7b5f by task kunit_try_catch/252 [ 18.822681] [ 18.822731] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.822816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.822852] Hardware name: linux,dummy-virt (DT) [ 18.823015] Call trace: [ 18.823083] show_stack+0x20/0x38 (C) [ 18.823213] dump_stack_lvl+0x8c/0xd0 [ 18.823337] print_report+0x310/0x5d0 [ 18.823453] kasan_report+0xdc/0x128 [ 18.823718] __asan_report_load1_noabort+0x20/0x30 [ 18.823786] kasan_alloca_oob_left+0x2b8/0x310 [ 18.823982] kunit_try_run_case+0x170/0x3f0 [ 18.824035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824123] kthread+0x328/0x630 [ 18.824168] ret_from_fork+0x10/0x20 [ 18.824229] [ 18.824254] The buggy address belongs to stack of task kunit_try_catch/252 [ 18.824329] [ 18.824360] The buggy address ffff800080ac7b5f belongs to a vmalloc virtual mapping [ 18.824406] The buggy address belongs to the physical page: [ 18.824534] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aef [ 18.824717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.825005] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.825172] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.825227] page dumped because: kasan: bad access detected [ 18.825537] [ 18.825706] Memory state around the buggy address: [ 18.825775] ffff800080ac7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.825874] ffff800080ac7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.826023] >ffff800080ac7b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.826065] ^ [ 18.826106] ffff800080ac7b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.826151] ffff800080ac7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.826397] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.809047] ================================================================== [ 18.809259] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.809436] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/250 [ 18.809564] [ 18.809717] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.809852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.809877] Hardware name: linux,dummy-virt (DT) [ 18.809910] Call trace: [ 18.809931] show_stack+0x20/0x38 (C) [ 18.809977] dump_stack_lvl+0x8c/0xd0 [ 18.810030] print_report+0x310/0x5d0 [ 18.810075] kasan_report+0xdc/0x128 [ 18.810128] __asan_report_load1_noabort+0x20/0x30 [ 18.810282] kasan_stack_oob+0x238/0x270 [ 18.810498] kunit_try_run_case+0x170/0x3f0 [ 18.810953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.811135] kthread+0x328/0x630 [ 18.811287] ret_from_fork+0x10/0x20 [ 18.811528] [ 18.811596] The buggy address belongs to stack of task kunit_try_catch/250 [ 18.812005] and is located at offset 138 in frame: [ 18.812049] kasan_stack_oob+0x0/0x270 [ 18.812292] [ 18.812325] This frame has 4 objects: [ 18.812873] [48, 49) '__assertion' [ 18.812942] [64, 72) 'array' [ 18.812975] [96, 112) '__assertion' [ 18.813058] [128, 138) 'stack_array' [ 18.813115] [ 18.813141] The buggy address ffff800080a97c2a belongs to a vmalloc virtual mapping [ 18.813291] The buggy address belongs to the physical page: [ 18.813491] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a9f [ 18.813589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.813665] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.813718] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.814001] page dumped because: kasan: bad access detected [ 18.814114] [ 18.814133] Memory state around the buggy address: [ 18.814202] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.814356] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.814785] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.814973] ^ [ 18.815011] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.815118] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.815161] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.790381] ================================================================== [ 18.790576] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.790958] Read of size 1 at addr ffff94699bf4f58d by task kunit_try_catch/246 [ 18.791174] [ 18.791232] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.791623] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.791672] Hardware name: linux,dummy-virt (DT) [ 18.791735] Call trace: [ 18.791847] show_stack+0x20/0x38 (C) [ 18.791945] dump_stack_lvl+0x8c/0xd0 [ 18.792049] print_report+0x310/0x5d0 [ 18.792097] kasan_report+0xdc/0x128 [ 18.792143] __asan_report_load1_noabort+0x20/0x30 [ 18.792231] kasan_global_oob_right+0x230/0x270 [ 18.792279] kunit_try_run_case+0x170/0x3f0 [ 18.792349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.792780] kthread+0x328/0x630 [ 18.792833] ret_from_fork+0x10/0x20 [ 18.792988] [ 18.793082] The buggy address belongs to the variable: [ 18.793227] global_array+0xd/0x40 [ 18.793279] [ 18.793370] The buggy address ffff94699bf4f58d belongs to a vmalloc virtual mapping [ 18.793619] The buggy address belongs to the physical page: [ 18.793745] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.793800] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.793866] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.793916] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.793956] page dumped because: kasan: bad access detected [ 18.793986] [ 18.794008] Memory state around the buggy address: [ 18.794040] ffff94699bf4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.794084] ffff94699bf4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.794192] >ffff94699bf4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.794233] ^ [ 18.794262] ffff94699bf4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.794340] ffff94699bf4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.794380] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.778410] ================================================================== [ 18.778497] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.778548] Free of addr fff00000c78ec001 by task kunit_try_catch/244 [ 18.778812] [ 18.778846] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.778927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.778955] Hardware name: linux,dummy-virt (DT) [ 18.778987] Call trace: [ 18.779009] show_stack+0x20/0x38 (C) [ 18.779292] dump_stack_lvl+0x8c/0xd0 [ 18.779358] print_report+0x118/0x5d0 [ 18.779760] kasan_report_invalid_free+0xc0/0xe8 [ 18.779812] __kasan_mempool_poison_object+0xfc/0x150 [ 18.779879] mempool_free+0x28c/0x328 [ 18.779924] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.780128] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.780285] kunit_try_run_case+0x170/0x3f0 [ 18.780332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.780386] kthread+0x328/0x630 [ 18.780431] ret_from_fork+0x10/0x20 [ 18.780490] [ 18.780510] The buggy address belongs to the physical page: [ 18.780543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ec [ 18.780878] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.780929] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.780983] page_type: f8(unknown) [ 18.781154] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.781501] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.781576] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.781760] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.781920] head: 0bfffe0000000002 ffffc1ffc31e3b01 00000000ffffffff 00000000ffffffff [ 18.782043] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.782086] page dumped because: kasan: bad access detected [ 18.782119] [ 18.782138] Memory state around the buggy address: [ 18.782169] fff00000c78ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.782471] fff00000c78ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.782580] >fff00000c78ec000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.782619] ^ [ 18.782677] fff00000c78ec080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.782721] fff00000c78ec100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.782806] ================================================================== [ 18.764619] ================================================================== [ 18.764681] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.764994] Free of addr fff00000c5ae0601 by task kunit_try_catch/242 [ 18.765212] [ 18.765250] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.765333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.765360] Hardware name: linux,dummy-virt (DT) [ 18.765390] Call trace: [ 18.765412] show_stack+0x20/0x38 (C) [ 18.765462] dump_stack_lvl+0x8c/0xd0 [ 18.765509] print_report+0x118/0x5d0 [ 18.765555] kasan_report_invalid_free+0xc0/0xe8 [ 18.765605] check_slab_allocation+0xfc/0x108 [ 18.765652] __kasan_mempool_poison_object+0x78/0x150 [ 18.765716] mempool_free+0x28c/0x328 [ 18.765761] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.766070] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.766142] kunit_try_run_case+0x170/0x3f0 [ 18.766201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.766461] kthread+0x328/0x630 [ 18.766585] ret_from_fork+0x10/0x20 [ 18.766635] [ 18.766652] Allocated by task 242: [ 18.766811] kasan_save_stack+0x3c/0x68 [ 18.766947] kasan_save_track+0x20/0x40 [ 18.766992] kasan_save_alloc_info+0x40/0x58 [ 18.767065] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.767142] remove_element+0x130/0x1f8 [ 18.767177] mempool_alloc_preallocated+0x58/0xc0 [ 18.767496] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.767643] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.767752] kunit_try_run_case+0x170/0x3f0 [ 18.767848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.767968] kthread+0x328/0x630 [ 18.767999] ret_from_fork+0x10/0x20 [ 18.768036] [ 18.768055] The buggy address belongs to the object at fff00000c5ae0600 [ 18.768055] which belongs to the cache kmalloc-128 of size 128 [ 18.768116] The buggy address is located 1 bytes inside of [ 18.768116] 128-byte region [fff00000c5ae0600, fff00000c5ae0680) [ 18.768190] [ 18.768234] The buggy address belongs to the physical page: [ 18.768266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 18.768362] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.768723] page_type: f5(slab) [ 18.769039] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.769127] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.769191] page dumped because: kasan: bad access detected [ 18.769224] [ 18.769280] Memory state around the buggy address: [ 18.769413] fff00000c5ae0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.769486] fff00000c5ae0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.769565] >fff00000c5ae0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.769643] ^ [ 18.769683] fff00000c5ae0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.769762] fff00000c5ae0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.769871] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.735330] ================================================================== [ 18.735394] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.735447] Free of addr fff00000c78ec000 by task kunit_try_catch/238 [ 18.735491] [ 18.735525] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.735605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.735632] Hardware name: linux,dummy-virt (DT) [ 18.735664] Call trace: [ 18.735686] show_stack+0x20/0x38 (C) [ 18.735733] dump_stack_lvl+0x8c/0xd0 [ 18.735779] print_report+0x118/0x5d0 [ 18.735825] kasan_report_invalid_free+0xc0/0xe8 [ 18.736228] __kasan_mempool_poison_object+0x14c/0x150 [ 18.736427] mempool_free+0x28c/0x328 [ 18.736606] mempool_double_free_helper+0x150/0x2e8 [ 18.736708] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.736774] kunit_try_run_case+0x170/0x3f0 [ 18.736821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.737177] kthread+0x328/0x630 [ 18.737249] ret_from_fork+0x10/0x20 [ 18.737299] [ 18.737320] The buggy address belongs to the physical page: [ 18.737366] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ec [ 18.737425] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.737794] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.737874] page_type: f8(unknown) [ 18.738081] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.738251] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.738307] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.738358] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.738419] head: 0bfffe0000000002 ffffc1ffc31e3b01 00000000ffffffff 00000000ffffffff [ 18.738704] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.738805] page dumped because: kasan: bad access detected [ 18.738837] [ 18.738854] Memory state around the buggy address: [ 18.738906] fff00000c78ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739259] fff00000c78ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739422] >fff00000c78ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739469] ^ [ 18.739496] fff00000c78ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739539] fff00000c78ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.739578] ================================================================== [ 18.718922] ================================================================== [ 18.719099] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.719201] Free of addr fff00000c5ae0200 by task kunit_try_catch/236 [ 18.719246] [ 18.719479] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.719816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.719872] Hardware name: linux,dummy-virt (DT) [ 18.719957] Call trace: [ 18.719978] show_stack+0x20/0x38 (C) [ 18.720047] dump_stack_lvl+0x8c/0xd0 [ 18.720092] print_report+0x118/0x5d0 [ 18.720140] kasan_report_invalid_free+0xc0/0xe8 [ 18.720199] check_slab_allocation+0xd4/0x108 [ 18.720447] __kasan_mempool_poison_object+0x78/0x150 [ 18.720562] mempool_free+0x28c/0x328 [ 18.720655] mempool_double_free_helper+0x150/0x2e8 [ 18.720784] mempool_kmalloc_double_free+0xc0/0x118 [ 18.720851] kunit_try_run_case+0x170/0x3f0 [ 18.720993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.721047] kthread+0x328/0x630 [ 18.721089] ret_from_fork+0x10/0x20 [ 18.721154] [ 18.721254] Allocated by task 236: [ 18.721284] kasan_save_stack+0x3c/0x68 [ 18.721324] kasan_save_track+0x20/0x40 [ 18.721361] kasan_save_alloc_info+0x40/0x58 [ 18.721399] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.721559] remove_element+0x130/0x1f8 [ 18.721604] mempool_alloc_preallocated+0x58/0xc0 [ 18.721762] mempool_double_free_helper+0x94/0x2e8 [ 18.721954] mempool_kmalloc_double_free+0xc0/0x118 [ 18.722070] kunit_try_run_case+0x170/0x3f0 [ 18.722107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.722151] kthread+0x328/0x630 [ 18.722235] ret_from_fork+0x10/0x20 [ 18.722272] [ 18.722291] Freed by task 236: [ 18.722319] kasan_save_stack+0x3c/0x68 [ 18.722357] kasan_save_track+0x20/0x40 [ 18.722509] kasan_save_free_info+0x4c/0x78 [ 18.722550] __kasan_mempool_poison_object+0xc0/0x150 [ 18.722887] mempool_free+0x28c/0x328 [ 18.722962] mempool_double_free_helper+0x100/0x2e8 [ 18.723010] mempool_kmalloc_double_free+0xc0/0x118 [ 18.723052] kunit_try_run_case+0x170/0x3f0 [ 18.723191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.723236] kthread+0x328/0x630 [ 18.723269] ret_from_fork+0x10/0x20 [ 18.723305] [ 18.723324] The buggy address belongs to the object at fff00000c5ae0200 [ 18.723324] which belongs to the cache kmalloc-128 of size 128 [ 18.723385] The buggy address is located 0 bytes inside of [ 18.723385] 128-byte region [fff00000c5ae0200, fff00000c5ae0280) [ 18.723446] [ 18.723465] The buggy address belongs to the physical page: [ 18.723504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 18.723610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.723820] page_type: f5(slab) [ 18.723866] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.724004] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.724046] page dumped because: kasan: bad access detected [ 18.724078] [ 18.724096] Memory state around the buggy address: [ 18.724127] fff00000c5ae0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.724458] fff00000c5ae0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.724774] >fff00000c5ae0200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.724858] ^ [ 18.725077] fff00000c5ae0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.725173] fff00000c5ae0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.725246] ================================================================== [ 18.752901] ================================================================== [ 18.752963] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.753027] Free of addr fff00000c78ec000 by task kunit_try_catch/240 [ 18.753242] [ 18.753275] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.753594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.753622] Hardware name: linux,dummy-virt (DT) [ 18.753731] Call trace: [ 18.753839] show_stack+0x20/0x38 (C) [ 18.754008] dump_stack_lvl+0x8c/0xd0 [ 18.754457] print_report+0x118/0x5d0 [ 18.754555] kasan_report_invalid_free+0xc0/0xe8 [ 18.754607] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.754659] mempool_free+0x24c/0x328 [ 18.754703] mempool_double_free_helper+0x150/0x2e8 [ 18.755295] mempool_page_alloc_double_free+0xbc/0x118 [ 18.755542] kunit_try_run_case+0x170/0x3f0 [ 18.755861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.755946] kthread+0x328/0x630 [ 18.756005] ret_from_fork+0x10/0x20 [ 18.756053] [ 18.756075] The buggy address belongs to the physical page: [ 18.756107] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ec [ 18.756167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.756241] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.756292] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.756334] page dumped because: kasan: bad access detected [ 18.756759] [ 18.756779] Memory state around the buggy address: [ 18.756819] fff00000c78ebf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.757013] fff00000c78ebf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.757320] >fff00000c78ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.757364] ^ [ 18.757395] fff00000c78ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.757441] fff00000c78ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.757479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.660469] ================================================================== [ 18.660526] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.660573] Read of size 1 at addr fff00000c78e8000 by task kunit_try_catch/230 [ 18.660622] [ 18.660654] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.660735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.660762] Hardware name: linux,dummy-virt (DT) [ 18.660794] Call trace: [ 18.660816] show_stack+0x20/0x38 (C) [ 18.660862] dump_stack_lvl+0x8c/0xd0 [ 18.660908] print_report+0x118/0x5d0 [ 18.660953] kasan_report+0xdc/0x128 [ 18.660998] __asan_report_load1_noabort+0x20/0x30 [ 18.661048] mempool_uaf_helper+0x314/0x340 [ 18.661093] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.661141] kunit_try_run_case+0x170/0x3f0 [ 18.661201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.661253] kthread+0x328/0x630 [ 18.661294] ret_from_fork+0x10/0x20 [ 18.661340] [ 18.661361] The buggy address belongs to the physical page: [ 18.661394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 18.661464] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.661512] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.661564] page_type: f8(unknown) [ 18.661603] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.662131] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.662243] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.662294] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.662344] head: 0bfffe0000000002 ffffc1ffc31e3a01 00000000ffffffff 00000000ffffffff [ 18.662394] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.662443] page dumped because: kasan: bad access detected [ 18.662593] [ 18.662613] Memory state around the buggy address: [ 18.662644] fff00000c78e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.662709] fff00000c78e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.662761] >fff00000c78e8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.662850] ^ [ 18.662898] fff00000c78e8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.663099] fff00000c78e8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.663291] ================================================================== [ 18.705305] ================================================================== [ 18.705369] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.705430] Read of size 1 at addr fff00000c78e8000 by task kunit_try_catch/234 [ 18.705481] [ 18.705514] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.705610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.705735] Hardware name: linux,dummy-virt (DT) [ 18.705791] Call trace: [ 18.705833] show_stack+0x20/0x38 (C) [ 18.706084] dump_stack_lvl+0x8c/0xd0 [ 18.706139] print_report+0x118/0x5d0 [ 18.706203] kasan_report+0xdc/0x128 [ 18.706246] __asan_report_load1_noabort+0x20/0x30 [ 18.706875] mempool_uaf_helper+0x314/0x340 [ 18.706944] mempool_page_alloc_uaf+0xc0/0x118 [ 18.706993] kunit_try_run_case+0x170/0x3f0 [ 18.707307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.707702] kthread+0x328/0x630 [ 18.707883] ret_from_fork+0x10/0x20 [ 18.707937] [ 18.707959] The buggy address belongs to the physical page: [ 18.707990] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e8 [ 18.708045] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.708405] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.708464] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.708507] page dumped because: kasan: bad access detected [ 18.708540] [ 18.708588] Memory state around the buggy address: [ 18.708624] fff00000c78e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.708731] fff00000c78e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.708777] >fff00000c78e8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.708817] ^ [ 18.708845] fff00000c78e8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.708953] fff00000c78e8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.709038] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.647085] ================================================================== [ 18.647275] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.647356] Read of size 1 at addr fff00000c5aaee00 by task kunit_try_catch/228 [ 18.647432] [ 18.647467] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.647752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.647781] Hardware name: linux,dummy-virt (DT) [ 18.647813] Call trace: [ 18.647947] show_stack+0x20/0x38 (C) [ 18.648040] dump_stack_lvl+0x8c/0xd0 [ 18.648113] print_report+0x118/0x5d0 [ 18.648160] kasan_report+0xdc/0x128 [ 18.648217] __asan_report_load1_noabort+0x20/0x30 [ 18.648269] mempool_uaf_helper+0x314/0x340 [ 18.648315] mempool_kmalloc_uaf+0xc4/0x120 [ 18.648361] kunit_try_run_case+0x170/0x3f0 [ 18.648409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.648501] kthread+0x328/0x630 [ 18.648711] ret_from_fork+0x10/0x20 [ 18.648935] [ 18.648982] Allocated by task 228: [ 18.649027] kasan_save_stack+0x3c/0x68 [ 18.649069] kasan_save_track+0x20/0x40 [ 18.649127] kasan_save_alloc_info+0x40/0x58 [ 18.649503] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.649782] remove_element+0x130/0x1f8 [ 18.649906] mempool_alloc_preallocated+0x58/0xc0 [ 18.649956] mempool_uaf_helper+0xa4/0x340 [ 18.650001] mempool_kmalloc_uaf+0xc4/0x120 [ 18.650060] kunit_try_run_case+0x170/0x3f0 [ 18.650105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.650148] kthread+0x328/0x630 [ 18.650547] ret_from_fork+0x10/0x20 [ 18.650590] [ 18.650622] Freed by task 228: [ 18.650650] kasan_save_stack+0x3c/0x68 [ 18.650688] kasan_save_track+0x20/0x40 [ 18.650725] kasan_save_free_info+0x4c/0x78 [ 18.650850] __kasan_mempool_poison_object+0xc0/0x150 [ 18.651134] mempool_free+0x28c/0x328 [ 18.651279] mempool_uaf_helper+0x104/0x340 [ 18.651339] mempool_kmalloc_uaf+0xc4/0x120 [ 18.651382] kunit_try_run_case+0x170/0x3f0 [ 18.651422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.651467] kthread+0x328/0x630 [ 18.651498] ret_from_fork+0x10/0x20 [ 18.651534] [ 18.651564] The buggy address belongs to the object at fff00000c5aaee00 [ 18.651564] which belongs to the cache kmalloc-128 of size 128 [ 18.651625] The buggy address is located 0 bytes inside of [ 18.651625] freed 128-byte region [fff00000c5aaee00, fff00000c5aaee80) [ 18.651687] [ 18.651822] The buggy address belongs to the physical page: [ 18.651953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 18.652071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.652122] page_type: f5(slab) [ 18.652278] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.652330] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.652411] page dumped because: kasan: bad access detected [ 18.652497] [ 18.652517] Memory state around the buggy address: [ 18.652605] fff00000c5aaed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.652752] fff00000c5aaed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.652795] >fff00000c5aaee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.652878] ^ [ 18.652906] fff00000c5aaee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.652950] fff00000c5aaef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.652994] ================================================================== [ 18.673394] ================================================================== [ 18.673457] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.673510] Read of size 1 at addr fff00000c5ae0240 by task kunit_try_catch/232 [ 18.673573] [ 18.673743] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.673961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.674108] Hardware name: linux,dummy-virt (DT) [ 18.674197] Call trace: [ 18.674221] show_stack+0x20/0x38 (C) [ 18.674267] dump_stack_lvl+0x8c/0xd0 [ 18.674314] print_report+0x118/0x5d0 [ 18.674358] kasan_report+0xdc/0x128 [ 18.674402] __asan_report_load1_noabort+0x20/0x30 [ 18.674451] mempool_uaf_helper+0x314/0x340 [ 18.674496] mempool_slab_uaf+0xc0/0x118 [ 18.674539] kunit_try_run_case+0x170/0x3f0 [ 18.674584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.674992] kthread+0x328/0x630 [ 18.675457] ret_from_fork+0x10/0x20 [ 18.675576] [ 18.675757] Allocated by task 232: [ 18.675898] kasan_save_stack+0x3c/0x68 [ 18.675944] kasan_save_track+0x20/0x40 [ 18.676151] kasan_save_alloc_info+0x40/0x58 [ 18.676211] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.676672] remove_element+0x16c/0x1f8 [ 18.676782] mempool_alloc_preallocated+0x58/0xc0 [ 18.676823] mempool_uaf_helper+0xa4/0x340 [ 18.676863] mempool_slab_uaf+0xc0/0x118 [ 18.677159] kunit_try_run_case+0x170/0x3f0 [ 18.677342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.677388] kthread+0x328/0x630 [ 18.677421] ret_from_fork+0x10/0x20 [ 18.677456] [ 18.677478] Freed by task 232: [ 18.677506] kasan_save_stack+0x3c/0x68 [ 18.677542] kasan_save_track+0x20/0x40 [ 18.677580] kasan_save_free_info+0x4c/0x78 [ 18.677629] __kasan_mempool_poison_object+0xc0/0x150 [ 18.677674] mempool_free+0x28c/0x328 [ 18.677903] mempool_uaf_helper+0x104/0x340 [ 18.678235] mempool_slab_uaf+0xc0/0x118 [ 18.678342] kunit_try_run_case+0x170/0x3f0 [ 18.678481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.678526] kthread+0x328/0x630 [ 18.678820] ret_from_fork+0x10/0x20 [ 18.678862] [ 18.678902] The buggy address belongs to the object at fff00000c5ae0240 [ 18.678902] which belongs to the cache test_cache of size 123 [ 18.679131] The buggy address is located 0 bytes inside of [ 18.679131] freed 123-byte region [fff00000c5ae0240, fff00000c5ae02bb) [ 18.679216] [ 18.679236] The buggy address belongs to the physical page: [ 18.679266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ae0 [ 18.679320] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.679369] page_type: f5(slab) [ 18.679409] raw: 0bfffe0000000000 fff00000c5add000 dead000000000122 0000000000000000 [ 18.679459] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.679499] page dumped because: kasan: bad access detected [ 18.679531] [ 18.679548] Memory state around the buggy address: [ 18.679580] fff00000c5ae0100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.679630] fff00000c5ae0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.679673] >fff00000c5ae0200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.679711] ^ [ 18.679746] fff00000c5ae0280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.679788] fff00000c5ae0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.679835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.566525] ================================================================== [ 18.566598] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.566668] Read of size 1 at addr fff00000c5aaea73 by task kunit_try_catch/222 [ 18.566722] [ 18.566761] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.566847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.566873] Hardware name: linux,dummy-virt (DT) [ 18.566906] Call trace: [ 18.566931] show_stack+0x20/0x38 (C) [ 18.566982] dump_stack_lvl+0x8c/0xd0 [ 18.567032] print_report+0x118/0x5d0 [ 18.567077] kasan_report+0xdc/0x128 [ 18.567121] __asan_report_load1_noabort+0x20/0x30 [ 18.567172] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.567234] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.567281] kunit_try_run_case+0x170/0x3f0 [ 18.567332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.567383] kthread+0x328/0x630 [ 18.567942] ret_from_fork+0x10/0x20 [ 18.567992] [ 18.568011] Allocated by task 222: [ 18.568041] kasan_save_stack+0x3c/0x68 [ 18.568081] kasan_save_track+0x20/0x40 [ 18.568120] kasan_save_alloc_info+0x40/0x58 [ 18.568160] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.568221] remove_element+0x130/0x1f8 [ 18.568260] mempool_alloc_preallocated+0x58/0xc0 [ 18.568299] mempool_oob_right_helper+0x98/0x2f0 [ 18.568337] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.568377] kunit_try_run_case+0x170/0x3f0 [ 18.568417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.568461] kthread+0x328/0x630 [ 18.568493] ret_from_fork+0x10/0x20 [ 18.568530] [ 18.568549] The buggy address belongs to the object at fff00000c5aaea00 [ 18.568549] which belongs to the cache kmalloc-128 of size 128 [ 18.568608] The buggy address is located 0 bytes to the right of [ 18.568608] allocated 115-byte region [fff00000c5aaea00, fff00000c5aaea73) [ 18.568674] [ 18.568695] The buggy address belongs to the physical page: [ 18.568729] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 18.568783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.568835] page_type: f5(slab) [ 18.568878] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.568929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.568971] page dumped because: kasan: bad access detected [ 18.569004] [ 18.569022] Memory state around the buggy address: [ 18.569054] fff00000c5aae900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.569099] fff00000c5aae980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569144] >fff00000c5aaea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.569197] ^ [ 18.569238] fff00000c5aaea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.569281] fff00000c5aaeb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.569321] ================================================================== [ 18.622290] ================================================================== [ 18.622373] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.622431] Read of size 1 at addr fff00000c5ada2bb by task kunit_try_catch/226 [ 18.622483] [ 18.622519] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.622605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.622634] Hardware name: linux,dummy-virt (DT) [ 18.622666] Call trace: [ 18.622688] show_stack+0x20/0x38 (C) [ 18.622736] dump_stack_lvl+0x8c/0xd0 [ 18.622783] print_report+0x118/0x5d0 [ 18.622829] kasan_report+0xdc/0x128 [ 18.622872] __asan_report_load1_noabort+0x20/0x30 [ 18.622923] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.622972] mempool_slab_oob_right+0xc0/0x118 [ 18.623020] kunit_try_run_case+0x170/0x3f0 [ 18.623070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623124] kthread+0x328/0x630 [ 18.623167] ret_from_fork+0x10/0x20 [ 18.623231] [ 18.623249] Allocated by task 226: [ 18.623278] kasan_save_stack+0x3c/0x68 [ 18.623319] kasan_save_track+0x20/0x40 [ 18.623357] kasan_save_alloc_info+0x40/0x58 [ 18.623612] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.623666] remove_element+0x16c/0x1f8 [ 18.623704] mempool_alloc_preallocated+0x58/0xc0 [ 18.623744] mempool_oob_right_helper+0x98/0x2f0 [ 18.623784] mempool_slab_oob_right+0xc0/0x118 [ 18.623821] kunit_try_run_case+0x170/0x3f0 [ 18.623859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623902] kthread+0x328/0x630 [ 18.623933] ret_from_fork+0x10/0x20 [ 18.624261] [ 18.624283] The buggy address belongs to the object at fff00000c5ada240 [ 18.624283] which belongs to the cache test_cache of size 123 [ 18.624345] The buggy address is located 0 bytes to the right of [ 18.624345] allocated 123-byte region [fff00000c5ada240, fff00000c5ada2bb) [ 18.624410] [ 18.624431] The buggy address belongs to the physical page: [ 18.624464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ada [ 18.624520] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.624570] page_type: f5(slab) [ 18.624610] raw: 0bfffe0000000000 fff00000ffe8cf00 dead000000000122 0000000000000000 [ 18.624661] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.624702] page dumped because: kasan: bad access detected [ 18.624733] [ 18.624750] Memory state around the buggy address: [ 18.624783] fff00000c5ada180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.624828] fff00000c5ada200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.624873] >fff00000c5ada280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.624913] ^ [ 18.624947] fff00000c5ada300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.624991] fff00000c5ada380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625030] ================================================================== [ 18.582596] ================================================================== [ 18.582661] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.582714] Read of size 1 at addr fff00000c78e2001 by task kunit_try_catch/224 [ 18.582765] [ 18.582797] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.582881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.582908] Hardware name: linux,dummy-virt (DT) [ 18.582939] Call trace: [ 18.582960] show_stack+0x20/0x38 (C) [ 18.583008] dump_stack_lvl+0x8c/0xd0 [ 18.583053] print_report+0x118/0x5d0 [ 18.583099] kasan_report+0xdc/0x128 [ 18.583143] __asan_report_load1_noabort+0x20/0x30 [ 18.586005] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.586122] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.586441] kunit_try_run_case+0x170/0x3f0 [ 18.586500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.586553] kthread+0x328/0x630 [ 18.586593] ret_from_fork+0x10/0x20 [ 18.586642] [ 18.586664] The buggy address belongs to the physical page: [ 18.586697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 18.587068] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.587130] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.587251] page_type: f8(unknown) [ 18.587377] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.587573] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.587669] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.587719] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.588006] head: 0bfffe0000000002 ffffc1ffc31e3801 00000000ffffffff 00000000ffffffff [ 18.588109] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.588227] page dumped because: kasan: bad access detected [ 18.588278] [ 18.588296] Memory state around the buggy address: [ 18.588329] fff00000c78e1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.588373] fff00000c78e1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.588452] >fff00000c78e2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.588598] ^ [ 18.588624] fff00000c78e2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.588667] fff00000c78e2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.588755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.009718] ================================================================== [ 18.010076] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.010200] Read of size 1 at addr fff00000c472ac80 by task kunit_try_catch/216 [ 18.010257] [ 18.010297] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.010384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.010412] Hardware name: linux,dummy-virt (DT) [ 18.010482] Call trace: [ 18.010507] show_stack+0x20/0x38 (C) [ 18.010559] dump_stack_lvl+0x8c/0xd0 [ 18.010610] print_report+0x118/0x5d0 [ 18.010677] kasan_report+0xdc/0x128 [ 18.010721] __kasan_check_byte+0x54/0x70 [ 18.010767] kmem_cache_destroy+0x34/0x218 [ 18.010814] kmem_cache_double_destroy+0x174/0x300 [ 18.010870] kunit_try_run_case+0x170/0x3f0 [ 18.010920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.010980] kthread+0x328/0x630 [ 18.011033] ret_from_fork+0x10/0x20 [ 18.011081] [ 18.011099] Allocated by task 216: [ 18.011128] kasan_save_stack+0x3c/0x68 [ 18.011167] kasan_save_track+0x20/0x40 [ 18.011217] kasan_save_alloc_info+0x40/0x58 [ 18.011256] __kasan_slab_alloc+0xa8/0xb0 [ 18.011295] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.011349] __kmem_cache_create_args+0x178/0x280 [ 18.012147] kmem_cache_double_destroy+0xc0/0x300 [ 18.012252] kunit_try_run_case+0x170/0x3f0 [ 18.012300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.012522] kthread+0x328/0x630 [ 18.012755] ret_from_fork+0x10/0x20 [ 18.012809] [ 18.012930] Freed by task 216: [ 18.012992] kasan_save_stack+0x3c/0x68 [ 18.013088] kasan_save_track+0x20/0x40 [ 18.013227] kasan_save_free_info+0x4c/0x78 [ 18.013280] __kasan_slab_free+0x6c/0x98 [ 18.013318] kmem_cache_free+0x260/0x468 [ 18.013589] slab_kmem_cache_release+0x38/0x50 [ 18.013672] kmem_cache_release+0x1c/0x30 [ 18.013749] kobject_put+0x17c/0x420 [ 18.014041] sysfs_slab_release+0x1c/0x30 [ 18.014244] kmem_cache_destroy+0x118/0x218 [ 18.014401] kmem_cache_double_destroy+0x128/0x300 [ 18.014609] kunit_try_run_case+0x170/0x3f0 [ 18.014671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.014727] kthread+0x328/0x630 [ 18.014788] ret_from_fork+0x10/0x20 [ 18.014906] [ 18.014928] The buggy address belongs to the object at fff00000c472ac80 [ 18.014928] which belongs to the cache kmem_cache of size 208 [ 18.015193] The buggy address is located 0 bytes inside of [ 18.015193] freed 208-byte region [fff00000c472ac80, fff00000c472ad50) [ 18.015561] [ 18.015609] The buggy address belongs to the physical page: [ 18.015764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10472a [ 18.015894] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.016107] page_type: f5(slab) [ 18.016158] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.016311] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.016444] page dumped because: kasan: bad access detected [ 18.016587] [ 18.016641] Memory state around the buggy address: [ 18.016730] fff00000c472ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.016939] fff00000c472ac00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.016990] >fff00000c472ac80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.017151] ^ [ 18.017241] fff00000c472ad00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.017396] fff00000c472ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.017494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.906624] ================================================================== [ 17.906722] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.908493] Read of size 1 at addr fff00000c5ad4000 by task kunit_try_catch/214 [ 17.908805] [ 17.909793] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.910485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.910518] Hardware name: linux,dummy-virt (DT) [ 17.910555] Call trace: [ 17.911046] show_stack+0x20/0x38 (C) [ 17.911593] dump_stack_lvl+0x8c/0xd0 [ 17.912046] print_report+0x118/0x5d0 [ 17.912581] kasan_report+0xdc/0x128 [ 17.913207] __asan_report_load1_noabort+0x20/0x30 [ 17.913276] kmem_cache_rcu_uaf+0x388/0x468 [ 17.913325] kunit_try_run_case+0x170/0x3f0 [ 17.913376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.913430] kthread+0x328/0x630 [ 17.913474] ret_from_fork+0x10/0x20 [ 17.913526] [ 17.913545] Allocated by task 214: [ 17.913574] kasan_save_stack+0x3c/0x68 [ 17.913617] kasan_save_track+0x20/0x40 [ 17.913655] kasan_save_alloc_info+0x40/0x58 [ 17.913695] __kasan_slab_alloc+0xa8/0xb0 [ 17.913733] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.913774] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.913812] kunit_try_run_case+0x170/0x3f0 [ 17.913851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.913942] kthread+0x328/0x630 [ 17.913975] ret_from_fork+0x10/0x20 [ 17.914016] [ 17.914035] Freed by task 0: [ 17.914086] kasan_save_stack+0x3c/0x68 [ 17.914124] kasan_save_track+0x20/0x40 [ 17.914161] kasan_save_free_info+0x4c/0x78 [ 17.914220] __kasan_slab_free+0x6c/0x98 [ 17.914256] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.914297] rcu_core+0x9f4/0x1e20 [ 17.914333] rcu_core_si+0x18/0x30 [ 17.914369] handle_softirqs+0x374/0xb28 [ 17.914413] __do_softirq+0x1c/0x28 [ 17.914448] [ 17.914468] Last potentially related work creation: [ 17.914503] kasan_save_stack+0x3c/0x68 [ 17.914557] kasan_record_aux_stack+0xb4/0xc8 [ 17.914606] kmem_cache_free+0x120/0x468 [ 17.914653] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.914691] kunit_try_run_case+0x170/0x3f0 [ 17.914736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.914780] kthread+0x328/0x630 [ 17.914811] ret_from_fork+0x10/0x20 [ 17.914868] [ 17.914886] The buggy address belongs to the object at fff00000c5ad4000 [ 17.914886] which belongs to the cache test_cache of size 200 [ 17.914948] The buggy address is located 0 bytes inside of [ 17.914948] freed 200-byte region [fff00000c5ad4000, fff00000c5ad40c8) [ 17.915011] [ 17.915034] The buggy address belongs to the physical page: [ 17.915083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ad4 [ 17.915157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.915229] page_type: f5(slab) [ 17.915274] raw: 0bfffe0000000000 fff00000c472ab40 dead000000000122 0000000000000000 [ 17.915325] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.915381] page dumped because: kasan: bad access detected [ 17.915422] [ 17.915444] Memory state around the buggy address: [ 17.915487] fff00000c5ad3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915547] fff00000c5ad3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915600] >fff00000c5ad4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.915652] ^ [ 17.915700] fff00000c5ad4080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.915754] fff00000c5ad4100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915817] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.321687] ================================================================== [ 17.321752] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.321815] Free of addr fff00000c5ad1001 by task kunit_try_catch/212 [ 17.321869] [ 17.322053] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.322534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.322799] Hardware name: linux,dummy-virt (DT) [ 17.323098] Call trace: [ 17.323536] show_stack+0x20/0x38 (C) [ 17.323602] dump_stack_lvl+0x8c/0xd0 [ 17.323651] print_report+0x118/0x5d0 [ 17.323698] kasan_report_invalid_free+0xc0/0xe8 [ 17.323921] check_slab_allocation+0xfc/0x108 [ 17.324136] __kasan_slab_pre_free+0x2c/0x48 [ 17.324193] kmem_cache_free+0xf0/0x468 [ 17.324244] kmem_cache_invalid_free+0x184/0x3c8 [ 17.324291] kunit_try_run_case+0x170/0x3f0 [ 17.324627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.324737] kthread+0x328/0x630 [ 17.324872] ret_from_fork+0x10/0x20 [ 17.325093] [ 17.325113] Allocated by task 212: [ 17.325153] kasan_save_stack+0x3c/0x68 [ 17.325258] kasan_save_track+0x20/0x40 [ 17.325399] kasan_save_alloc_info+0x40/0x58 [ 17.325438] __kasan_slab_alloc+0xa8/0xb0 [ 17.325476] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.325522] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.325702] kunit_try_run_case+0x170/0x3f0 [ 17.325760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.325837] kthread+0x328/0x630 [ 17.325907] ret_from_fork+0x10/0x20 [ 17.325986] [ 17.326096] The buggy address belongs to the object at fff00000c5ad1000 [ 17.326096] which belongs to the cache test_cache of size 200 [ 17.326199] The buggy address is located 1 bytes inside of [ 17.326199] 200-byte region [fff00000c5ad1000, fff00000c5ad10c8) [ 17.326260] [ 17.326281] The buggy address belongs to the physical page: [ 17.326314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ad1 [ 17.326372] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.326421] page_type: f5(slab) [ 17.326649] raw: 0bfffe0000000000 fff00000c472aa00 dead000000000122 0000000000000000 [ 17.326880] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.326933] page dumped because: kasan: bad access detected [ 17.326967] [ 17.327229] Memory state around the buggy address: [ 17.327336] fff00000c5ad0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.327482] fff00000c5ad0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.327527] >fff00000c5ad1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.327566] ^ [ 17.327595] fff00000c5ad1080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.327638] fff00000c5ad1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.327805] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.278370] ================================================================== [ 17.278445] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.279230] Free of addr fff00000c5ace000 by task kunit_try_catch/210 [ 17.279839] [ 17.279888] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.280606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.280731] Hardware name: linux,dummy-virt (DT) [ 17.280768] Call trace: [ 17.280791] show_stack+0x20/0x38 (C) [ 17.280847] dump_stack_lvl+0x8c/0xd0 [ 17.280898] print_report+0x118/0x5d0 [ 17.282726] kasan_report_invalid_free+0xc0/0xe8 [ 17.282822] check_slab_allocation+0xd4/0x108 [ 17.282872] __kasan_slab_pre_free+0x2c/0x48 [ 17.282956] kmem_cache_free+0xf0/0x468 [ 17.283017] kmem_cache_double_free+0x190/0x3c8 [ 17.283094] kunit_try_run_case+0x170/0x3f0 [ 17.283660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.283830] kthread+0x328/0x630 [ 17.283880] ret_from_fork+0x10/0x20 [ 17.283984] [ 17.284003] Allocated by task 210: [ 17.284032] kasan_save_stack+0x3c/0x68 [ 17.284369] kasan_save_track+0x20/0x40 [ 17.284419] kasan_save_alloc_info+0x40/0x58 [ 17.284459] __kasan_slab_alloc+0xa8/0xb0 [ 17.284495] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.284569] kmem_cache_double_free+0x12c/0x3c8 [ 17.284606] kunit_try_run_case+0x170/0x3f0 [ 17.284682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.284764] kthread+0x328/0x630 [ 17.284823] ret_from_fork+0x10/0x20 [ 17.284965] [ 17.284983] Freed by task 210: [ 17.285011] kasan_save_stack+0x3c/0x68 [ 17.285135] kasan_save_track+0x20/0x40 [ 17.285255] kasan_save_free_info+0x4c/0x78 [ 17.285762] __kasan_slab_free+0x6c/0x98 [ 17.285838] kmem_cache_free+0x260/0x468 [ 17.285877] kmem_cache_double_free+0x140/0x3c8 [ 17.286696] kunit_try_run_case+0x170/0x3f0 [ 17.286865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.286912] kthread+0x328/0x630 [ 17.286948] ret_from_fork+0x10/0x20 [ 17.286985] [ 17.287011] The buggy address belongs to the object at fff00000c5ace000 [ 17.287011] which belongs to the cache test_cache of size 200 [ 17.287222] The buggy address is located 0 bytes inside of [ 17.287222] 200-byte region [fff00000c5ace000, fff00000c5ace0c8) [ 17.287435] [ 17.287459] The buggy address belongs to the physical page: [ 17.287493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ace [ 17.287801] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.287876] page_type: f5(slab) [ 17.287943] raw: 0bfffe0000000000 fff00000c472a8c0 dead000000000122 0000000000000000 [ 17.287994] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.288036] page dumped because: kasan: bad access detected [ 17.288069] [ 17.288087] Memory state around the buggy address: [ 17.288121] fff00000c5acdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288167] fff00000c5acdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288285] >fff00000c5ace000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.288431] ^ [ 17.288508] fff00000c5ace080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.288571] fff00000c5ace100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.288639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.077377] ================================================================== [ 17.077462] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.077584] Read of size 1 at addr fff00000c5acb0c8 by task kunit_try_catch/208 [ 17.077698] [ 17.077771] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.077860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.077888] Hardware name: linux,dummy-virt (DT) [ 17.077965] Call trace: [ 17.078018] show_stack+0x20/0x38 (C) [ 17.078071] dump_stack_lvl+0x8c/0xd0 [ 17.078174] print_report+0x118/0x5d0 [ 17.078236] kasan_report+0xdc/0x128 [ 17.078574] __asan_report_load1_noabort+0x20/0x30 [ 17.078654] kmem_cache_oob+0x344/0x430 [ 17.078699] kunit_try_run_case+0x170/0x3f0 [ 17.078886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.078975] kthread+0x328/0x630 [ 17.079110] ret_from_fork+0x10/0x20 [ 17.079170] [ 17.079199] Allocated by task 208: [ 17.079231] kasan_save_stack+0x3c/0x68 [ 17.079272] kasan_save_track+0x20/0x40 [ 17.079311] kasan_save_alloc_info+0x40/0x58 [ 17.079516] __kasan_slab_alloc+0xa8/0xb0 [ 17.079780] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.080006] kmem_cache_oob+0x12c/0x430 [ 17.080368] kunit_try_run_case+0x170/0x3f0 [ 17.080492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.080619] kthread+0x328/0x630 [ 17.080823] ret_from_fork+0x10/0x20 [ 17.081039] [ 17.081152] The buggy address belongs to the object at fff00000c5acb000 [ 17.081152] which belongs to the cache test_cache of size 200 [ 17.081228] The buggy address is located 0 bytes to the right of [ 17.081228] allocated 200-byte region [fff00000c5acb000, fff00000c5acb0c8) [ 17.081327] [ 17.081650] The buggy address belongs to the physical page: [ 17.081758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acb [ 17.082205] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.082338] page_type: f5(slab) [ 17.082454] raw: 0bfffe0000000000 fff00000c472a780 dead000000000122 0000000000000000 [ 17.082756] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.082927] page dumped because: kasan: bad access detected [ 17.083041] [ 17.083061] Memory state around the buggy address: [ 17.083106] fff00000c5acaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083159] fff00000c5acb000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.083222] >fff00000c5acb080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.083262] ^ [ 17.083298] fff00000c5acb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083357] fff00000c5acb180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083598] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.032907] ================================================================== [ 17.033088] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.033195] Read of size 8 at addr fff00000c5ac9280 by task kunit_try_catch/201 [ 17.033247] [ 17.033283] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.033506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.033534] Hardware name: linux,dummy-virt (DT) [ 17.033567] Call trace: [ 17.033706] show_stack+0x20/0x38 (C) [ 17.033891] dump_stack_lvl+0x8c/0xd0 [ 17.033949] print_report+0x118/0x5d0 [ 17.034000] kasan_report+0xdc/0x128 [ 17.034052] __asan_report_load8_noabort+0x20/0x30 [ 17.034219] workqueue_uaf+0x480/0x4a8 [ 17.034311] kunit_try_run_case+0x170/0x3f0 [ 17.034608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.034671] kthread+0x328/0x630 [ 17.034744] ret_from_fork+0x10/0x20 [ 17.034795] [ 17.034813] Allocated by task 201: [ 17.034880] kasan_save_stack+0x3c/0x68 [ 17.035026] kasan_save_track+0x20/0x40 [ 17.035155] kasan_save_alloc_info+0x40/0x58 [ 17.035220] __kasan_kmalloc+0xd4/0xd8 [ 17.035261] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.035305] workqueue_uaf+0x13c/0x4a8 [ 17.035405] kunit_try_run_case+0x170/0x3f0 [ 17.035843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.035922] kthread+0x328/0x630 [ 17.036005] ret_from_fork+0x10/0x20 [ 17.036172] [ 17.036316] Freed by task 48: [ 17.036347] kasan_save_stack+0x3c/0x68 [ 17.036412] kasan_save_track+0x20/0x40 [ 17.036458] kasan_save_free_info+0x4c/0x78 [ 17.036808] __kasan_slab_free+0x6c/0x98 [ 17.036955] kfree+0x214/0x3c8 [ 17.037051] workqueue_uaf_work+0x18/0x30 [ 17.037173] process_one_work+0x530/0xf98 [ 17.037221] worker_thread+0x618/0xf38 [ 17.037293] kthread+0x328/0x630 [ 17.037753] ret_from_fork+0x10/0x20 [ 17.037822] [ 17.037923] Last potentially related work creation: [ 17.038021] kasan_save_stack+0x3c/0x68 [ 17.038079] kasan_record_aux_stack+0xb4/0xc8 [ 17.038428] __queue_work+0x65c/0x1008 [ 17.038582] queue_work_on+0xbc/0xf8 [ 17.038680] workqueue_uaf+0x210/0x4a8 [ 17.038774] kunit_try_run_case+0x170/0x3f0 [ 17.038881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.038928] kthread+0x328/0x630 [ 17.038961] ret_from_fork+0x10/0x20 [ 17.038999] [ 17.039030] The buggy address belongs to the object at fff00000c5ac9280 [ 17.039030] which belongs to the cache kmalloc-32 of size 32 [ 17.039094] The buggy address is located 0 bytes inside of [ 17.039094] freed 32-byte region [fff00000c5ac9280, fff00000c5ac92a0) [ 17.039158] [ 17.039195] The buggy address belongs to the physical page: [ 17.039240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ac9 [ 17.039311] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.039367] page_type: f5(slab) [ 17.039413] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.039640] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.039914] page dumped because: kasan: bad access detected [ 17.039975] [ 17.040087] Memory state around the buggy address: [ 17.040177] fff00000c5ac9180: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.040338] fff00000c5ac9200: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.040406] >fff00000c5ac9280: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.040445] ^ [ 17.040718] fff00000c5ac9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.040952] fff00000c5ac9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.008800] ================================================================== [ 17.008997] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.009068] Read of size 4 at addr fff00000c5ac90c0 by task swapper/1/0 [ 17.009165] [ 17.009250] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.009375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.009403] Hardware name: linux,dummy-virt (DT) [ 17.009438] Call trace: [ 17.009462] show_stack+0x20/0x38 (C) [ 17.009759] dump_stack_lvl+0x8c/0xd0 [ 17.009831] print_report+0x118/0x5d0 [ 17.009877] kasan_report+0xdc/0x128 [ 17.009953] __asan_report_load4_noabort+0x20/0x30 [ 17.010010] rcu_uaf_reclaim+0x64/0x70 [ 17.010054] rcu_core+0x9f4/0x1e20 [ 17.010101] rcu_core_si+0x18/0x30 [ 17.010145] handle_softirqs+0x374/0xb28 [ 17.010419] __do_softirq+0x1c/0x28 [ 17.010512] ____do_softirq+0x18/0x30 [ 17.010634] call_on_irq_stack+0x24/0x30 [ 17.011404] do_softirq_own_stack+0x24/0x38 [ 17.011475] __irq_exit_rcu+0x1fc/0x318 [ 17.012522] irq_exit_rcu+0x1c/0x80 [ 17.012579] el1_interrupt+0x38/0x58 [ 17.012631] el1h_64_irq_handler+0x18/0x28 [ 17.012686] el1h_64_irq+0x6c/0x70 [ 17.012792] arch_local_irq_enable+0x4/0x8 (P) [ 17.012843] do_idle+0x384/0x4e8 [ 17.012885] cpu_startup_entry+0x68/0x80 [ 17.012930] secondary_start_kernel+0x288/0x340 [ 17.012978] __secondary_switched+0xc0/0xc8 [ 17.013033] [ 17.013051] Allocated by task 199: [ 17.013083] kasan_save_stack+0x3c/0x68 [ 17.013124] kasan_save_track+0x20/0x40 [ 17.013160] kasan_save_alloc_info+0x40/0x58 [ 17.013214] __kasan_kmalloc+0xd4/0xd8 [ 17.013251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.013292] rcu_uaf+0xb0/0x2d8 [ 17.013324] kunit_try_run_case+0x170/0x3f0 [ 17.013364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.013407] kthread+0x328/0x630 [ 17.013439] ret_from_fork+0x10/0x20 [ 17.013477] [ 17.013495] Freed by task 0: [ 17.013520] kasan_save_stack+0x3c/0x68 [ 17.013558] kasan_save_track+0x20/0x40 [ 17.013595] kasan_save_free_info+0x4c/0x78 [ 17.013635] __kasan_slab_free+0x6c/0x98 [ 17.013673] kfree+0x214/0x3c8 [ 17.013704] rcu_uaf_reclaim+0x28/0x70 [ 17.013739] rcu_core+0x9f4/0x1e20 [ 17.013774] rcu_core_si+0x18/0x30 [ 17.013807] handle_softirqs+0x374/0xb28 [ 17.013844] __do_softirq+0x1c/0x28 [ 17.013877] [ 17.013906] Last potentially related work creation: [ 17.013942] kasan_save_stack+0x3c/0x68 [ 17.013981] kasan_record_aux_stack+0xb4/0xc8 [ 17.014035] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.014778] call_rcu+0x18/0x30 [ 17.014815] rcu_uaf+0x14c/0x2d8 [ 17.015279] kunit_try_run_case+0x170/0x3f0 [ 17.015342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.015396] kthread+0x328/0x630 [ 17.015433] ret_from_fork+0x10/0x20 [ 17.015483] [ 17.015515] The buggy address belongs to the object at fff00000c5ac90c0 [ 17.015515] which belongs to the cache kmalloc-32 of size 32 [ 17.015950] The buggy address is located 0 bytes inside of [ 17.015950] freed 32-byte region [fff00000c5ac90c0, fff00000c5ac90e0) [ 17.016027] [ 17.016050] The buggy address belongs to the physical page: [ 17.016128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ac9 [ 17.016211] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.016263] page_type: f5(slab) [ 17.016308] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.016364] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.016407] page dumped because: kasan: bad access detected [ 17.016439] [ 17.016456] Memory state around the buggy address: [ 17.016490] fff00000c5ac8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016536] fff00000c5ac9000: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.016581] >fff00000c5ac9080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.016620] ^ [ 17.016656] fff00000c5ac9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016699] fff00000c5ac9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.851291] ================================================================== [ 16.851404] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.851544] Read of size 1 at addr fff00000c5aae700 by task kunit_try_catch/197 [ 16.851630] [ 16.851718] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.851839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.851864] Hardware name: linux,dummy-virt (DT) [ 16.852109] Call trace: [ 16.852136] show_stack+0x20/0x38 (C) [ 16.852200] dump_stack_lvl+0x8c/0xd0 [ 16.852359] print_report+0x118/0x5d0 [ 16.852426] kasan_report+0xdc/0x128 [ 16.852511] __kasan_check_byte+0x54/0x70 [ 16.852645] ksize+0x30/0x88 [ 16.852767] ksize_uaf+0x168/0x5f8 [ 16.852873] kunit_try_run_case+0x170/0x3f0 [ 16.852919] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.852990] kthread+0x328/0x630 [ 16.853332] ret_from_fork+0x10/0x20 [ 16.853476] [ 16.853565] Allocated by task 197: [ 16.853652] kasan_save_stack+0x3c/0x68 [ 16.853693] kasan_save_track+0x20/0x40 [ 16.853771] kasan_save_alloc_info+0x40/0x58 [ 16.854046] __kasan_kmalloc+0xd4/0xd8 [ 16.854138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.854272] ksize_uaf+0xb8/0x5f8 [ 16.854388] kunit_try_run_case+0x170/0x3f0 [ 16.854427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.854574] kthread+0x328/0x630 [ 16.854611] ret_from_fork+0x10/0x20 [ 16.854647] [ 16.854666] Freed by task 197: [ 16.854787] kasan_save_stack+0x3c/0x68 [ 16.854904] kasan_save_track+0x20/0x40 [ 16.854990] kasan_save_free_info+0x4c/0x78 [ 16.855083] __kasan_slab_free+0x6c/0x98 [ 16.855151] kfree+0x214/0x3c8 [ 16.855194] ksize_uaf+0x11c/0x5f8 [ 16.855229] kunit_try_run_case+0x170/0x3f0 [ 16.855463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.855561] kthread+0x328/0x630 [ 16.855613] ret_from_fork+0x10/0x20 [ 16.855708] [ 16.855825] The buggy address belongs to the object at fff00000c5aae700 [ 16.855825] which belongs to the cache kmalloc-128 of size 128 [ 16.855901] The buggy address is located 0 bytes inside of [ 16.855901] freed 128-byte region [fff00000c5aae700, fff00000c5aae780) [ 16.855976] [ 16.855997] The buggy address belongs to the physical page: [ 16.856029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.856263] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.856410] page_type: f5(slab) [ 16.856512] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.856595] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.856638] page dumped because: kasan: bad access detected [ 16.856668] [ 16.856686] Memory state around the buggy address: [ 16.856719] fff00000c5aae600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.856763] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.856954] >fff00000c5aae700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.857013] ^ [ 16.857041] fff00000c5aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.857084] fff00000c5aae800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.857123] ================================================================== [ 16.864483] ================================================================== [ 16.864539] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.864585] Read of size 1 at addr fff00000c5aae778 by task kunit_try_catch/197 [ 16.864846] [ 16.864914] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.865057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.865104] Hardware name: linux,dummy-virt (DT) [ 16.865141] Call trace: [ 16.865191] show_stack+0x20/0x38 (C) [ 16.865316] dump_stack_lvl+0x8c/0xd0 [ 16.865401] print_report+0x118/0x5d0 [ 16.865482] kasan_report+0xdc/0x128 [ 16.865546] __asan_report_load1_noabort+0x20/0x30 [ 16.865598] ksize_uaf+0x544/0x5f8 [ 16.865638] kunit_try_run_case+0x170/0x3f0 [ 16.865859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.866032] kthread+0x328/0x630 [ 16.866083] ret_from_fork+0x10/0x20 [ 16.866148] [ 16.866216] Allocated by task 197: [ 16.866265] kasan_save_stack+0x3c/0x68 [ 16.866343] kasan_save_track+0x20/0x40 [ 16.866409] kasan_save_alloc_info+0x40/0x58 [ 16.866450] __kasan_kmalloc+0xd4/0xd8 [ 16.866486] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.866687] ksize_uaf+0xb8/0x5f8 [ 16.866747] kunit_try_run_case+0x170/0x3f0 [ 16.866817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.866890] kthread+0x328/0x630 [ 16.866924] ret_from_fork+0x10/0x20 [ 16.866961] [ 16.866980] Freed by task 197: [ 16.867035] kasan_save_stack+0x3c/0x68 [ 16.867103] kasan_save_track+0x20/0x40 [ 16.867218] kasan_save_free_info+0x4c/0x78 [ 16.867263] __kasan_slab_free+0x6c/0x98 [ 16.867300] kfree+0x214/0x3c8 [ 16.867359] ksize_uaf+0x11c/0x5f8 [ 16.867395] kunit_try_run_case+0x170/0x3f0 [ 16.867625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.867798] kthread+0x328/0x630 [ 16.867923] ret_from_fork+0x10/0x20 [ 16.868077] [ 16.868156] The buggy address belongs to the object at fff00000c5aae700 [ 16.868156] which belongs to the cache kmalloc-128 of size 128 [ 16.868311] The buggy address is located 120 bytes inside of [ 16.868311] freed 128-byte region [fff00000c5aae700, fff00000c5aae780) [ 16.868501] [ 16.868550] The buggy address belongs to the physical page: [ 16.868582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.868634] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.868682] page_type: f5(slab) [ 16.868965] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.869050] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.869091] page dumped because: kasan: bad access detected [ 16.869323] [ 16.869449] Memory state around the buggy address: [ 16.869621] fff00000c5aae600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.869727] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.869844] >fff00000c5aae700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.869973] ^ [ 16.870058] fff00000c5aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.870102] fff00000c5aae800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.870401] ================================================================== [ 16.858106] ================================================================== [ 16.858157] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.858217] Read of size 1 at addr fff00000c5aae700 by task kunit_try_catch/197 [ 16.858272] [ 16.858303] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.858392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.858418] Hardware name: linux,dummy-virt (DT) [ 16.858449] Call trace: [ 16.858479] show_stack+0x20/0x38 (C) [ 16.858526] dump_stack_lvl+0x8c/0xd0 [ 16.858570] print_report+0x118/0x5d0 [ 16.858616] kasan_report+0xdc/0x128 [ 16.858659] __asan_report_load1_noabort+0x20/0x30 [ 16.858711] ksize_uaf+0x598/0x5f8 [ 16.858756] kunit_try_run_case+0x170/0x3f0 [ 16.858803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.858864] kthread+0x328/0x630 [ 16.858905] ret_from_fork+0x10/0x20 [ 16.858952] [ 16.858969] Allocated by task 197: [ 16.858996] kasan_save_stack+0x3c/0x68 [ 16.859045] kasan_save_track+0x20/0x40 [ 16.859089] kasan_save_alloc_info+0x40/0x58 [ 16.859129] __kasan_kmalloc+0xd4/0xd8 [ 16.859166] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.859705] ksize_uaf+0xb8/0x5f8 [ 16.859780] kunit_try_run_case+0x170/0x3f0 [ 16.859960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.860008] kthread+0x328/0x630 [ 16.860042] ret_from_fork+0x10/0x20 [ 16.860078] [ 16.860098] Freed by task 197: [ 16.860232] kasan_save_stack+0x3c/0x68 [ 16.860345] kasan_save_track+0x20/0x40 [ 16.860556] kasan_save_free_info+0x4c/0x78 [ 16.860671] __kasan_slab_free+0x6c/0x98 [ 16.860709] kfree+0x214/0x3c8 [ 16.860766] ksize_uaf+0x11c/0x5f8 [ 16.860831] kunit_try_run_case+0x170/0x3f0 [ 16.860869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.861049] kthread+0x328/0x630 [ 16.861094] ret_from_fork+0x10/0x20 [ 16.861216] [ 16.861310] The buggy address belongs to the object at fff00000c5aae700 [ 16.861310] which belongs to the cache kmalloc-128 of size 128 [ 16.861470] The buggy address is located 0 bytes inside of [ 16.861470] freed 128-byte region [fff00000c5aae700, fff00000c5aae780) [ 16.861542] [ 16.861823] The buggy address belongs to the physical page: [ 16.861931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.862028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.862116] page_type: f5(slab) [ 16.862224] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.862331] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.862455] page dumped because: kasan: bad access detected [ 16.862488] [ 16.862507] Memory state around the buggy address: [ 16.862746] fff00000c5aae600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.862882] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863002] >fff00000c5aae700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.863109] ^ [ 16.863139] fff00000c5aae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863193] fff00000c5aae800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.863418] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.835656] ================================================================== [ 16.835710] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.835763] Read of size 1 at addr fff00000c5aae678 by task kunit_try_catch/195 [ 16.835882] [ 16.836009] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.836202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.836302] Hardware name: linux,dummy-virt (DT) [ 16.836378] Call trace: [ 16.836401] show_stack+0x20/0x38 (C) [ 16.836618] dump_stack_lvl+0x8c/0xd0 [ 16.836669] print_report+0x118/0x5d0 [ 16.836714] kasan_report+0xdc/0x128 [ 16.836861] __asan_report_load1_noabort+0x20/0x30 [ 16.837030] ksize_unpoisons_memory+0x618/0x740 [ 16.837194] kunit_try_run_case+0x170/0x3f0 [ 16.837314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.837442] kthread+0x328/0x630 [ 16.837519] ret_from_fork+0x10/0x20 [ 16.837720] [ 16.837758] Allocated by task 195: [ 16.837787] kasan_save_stack+0x3c/0x68 [ 16.838174] kasan_save_track+0x20/0x40 [ 16.838272] kasan_save_alloc_info+0x40/0x58 [ 16.838402] __kasan_kmalloc+0xd4/0xd8 [ 16.838496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.838544] ksize_unpoisons_memory+0xc0/0x740 [ 16.838581] kunit_try_run_case+0x170/0x3f0 [ 16.838618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838666] kthread+0x328/0x630 [ 16.838698] ret_from_fork+0x10/0x20 [ 16.838732] [ 16.838751] The buggy address belongs to the object at fff00000c5aae600 [ 16.838751] which belongs to the cache kmalloc-128 of size 128 [ 16.838812] The buggy address is located 5 bytes to the right of [ 16.838812] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.838890] [ 16.838910] The buggy address belongs to the physical page: [ 16.838959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.839011] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.839061] page_type: f5(slab) [ 16.839103] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.839170] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.839232] page dumped because: kasan: bad access detected [ 16.839264] [ 16.839283] Memory state around the buggy address: [ 16.839316] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.839369] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839414] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.839461] ^ [ 16.839514] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839567] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.839606] ================================================================== [ 16.841251] ================================================================== [ 16.841481] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.841589] Read of size 1 at addr fff00000c5aae67f by task kunit_try_catch/195 [ 16.841642] [ 16.841734] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.841874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.841904] Hardware name: linux,dummy-virt (DT) [ 16.841982] Call trace: [ 16.842027] show_stack+0x20/0x38 (C) [ 16.842317] dump_stack_lvl+0x8c/0xd0 [ 16.842423] print_report+0x118/0x5d0 [ 16.842477] kasan_report+0xdc/0x128 [ 16.842591] __asan_report_load1_noabort+0x20/0x30 [ 16.842644] ksize_unpoisons_memory+0x690/0x740 [ 16.842704] kunit_try_run_case+0x170/0x3f0 [ 16.842753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842808] kthread+0x328/0x630 [ 16.842967] ret_from_fork+0x10/0x20 [ 16.843039] [ 16.843078] Allocated by task 195: [ 16.843135] kasan_save_stack+0x3c/0x68 [ 16.843204] kasan_save_track+0x20/0x40 [ 16.843279] kasan_save_alloc_info+0x40/0x58 [ 16.843335] __kasan_kmalloc+0xd4/0xd8 [ 16.843371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.843502] ksize_unpoisons_memory+0xc0/0x740 [ 16.843593] kunit_try_run_case+0x170/0x3f0 [ 16.843702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.843770] kthread+0x328/0x630 [ 16.843881] ret_from_fork+0x10/0x20 [ 16.843937] [ 16.843955] The buggy address belongs to the object at fff00000c5aae600 [ 16.843955] which belongs to the cache kmalloc-128 of size 128 [ 16.844014] The buggy address is located 12 bytes to the right of [ 16.844014] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.844081] [ 16.844142] The buggy address belongs to the physical page: [ 16.844288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.844360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.844426] page_type: f5(slab) [ 16.844465] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.844551] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.844675] page dumped because: kasan: bad access detected [ 16.844776] [ 16.844858] Memory state around the buggy address: [ 16.844996] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.845114] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845197] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.845285] ^ [ 16.845366] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845433] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.845519] ================================================================== [ 16.828133] ================================================================== [ 16.828208] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.828258] Read of size 1 at addr fff00000c5aae673 by task kunit_try_catch/195 [ 16.828310] [ 16.828340] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.828755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.828829] Hardware name: linux,dummy-virt (DT) [ 16.828878] Call trace: [ 16.828965] show_stack+0x20/0x38 (C) [ 16.829046] dump_stack_lvl+0x8c/0xd0 [ 16.829191] print_report+0x118/0x5d0 [ 16.829304] kasan_report+0xdc/0x128 [ 16.829395] __asan_report_load1_noabort+0x20/0x30 [ 16.829485] ksize_unpoisons_memory+0x628/0x740 [ 16.829620] kunit_try_run_case+0x170/0x3f0 [ 16.829755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.829843] kthread+0x328/0x630 [ 16.829884] ret_from_fork+0x10/0x20 [ 16.830195] [ 16.830218] Allocated by task 195: [ 16.830441] kasan_save_stack+0x3c/0x68 [ 16.830656] kasan_save_track+0x20/0x40 [ 16.830743] kasan_save_alloc_info+0x40/0x58 [ 16.830794] __kasan_kmalloc+0xd4/0xd8 [ 16.830853] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.830928] ksize_unpoisons_memory+0xc0/0x740 [ 16.830966] kunit_try_run_case+0x170/0x3f0 [ 16.831005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.831050] kthread+0x328/0x630 [ 16.831083] ret_from_fork+0x10/0x20 [ 16.831410] [ 16.831449] The buggy address belongs to the object at fff00000c5aae600 [ 16.831449] which belongs to the cache kmalloc-128 of size 128 [ 16.831664] The buggy address is located 0 bytes to the right of [ 16.831664] allocated 115-byte region [fff00000c5aae600, fff00000c5aae673) [ 16.831734] [ 16.831753] The buggy address belongs to the physical page: [ 16.831865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.832017] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.832087] page_type: f5(slab) [ 16.832145] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.832256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.832370] page dumped because: kasan: bad access detected [ 16.832501] [ 16.832519] Memory state around the buggy address: [ 16.832550] fff00000c5aae500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.832613] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.832818] >fff00000c5aae600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.833013] ^ [ 16.833216] fff00000c5aae680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.833323] fff00000c5aae700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.833495] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.819144] ================================================================== [ 16.819226] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.819290] Free of addr fff00000c44abac0 by task kunit_try_catch/193 [ 16.819352] [ 16.819448] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.819655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.819700] Hardware name: linux,dummy-virt (DT) [ 16.819732] Call trace: [ 16.819753] show_stack+0x20/0x38 (C) [ 16.819805] dump_stack_lvl+0x8c/0xd0 [ 16.819850] print_report+0x118/0x5d0 [ 16.819896] kasan_report_invalid_free+0xc0/0xe8 [ 16.820293] check_slab_allocation+0xd4/0x108 [ 16.820398] __kasan_slab_pre_free+0x2c/0x48 [ 16.820494] kfree+0xe8/0x3c8 [ 16.820553] kfree_sensitive+0x3c/0xb0 [ 16.820600] kmalloc_double_kzfree+0x168/0x308 [ 16.820647] kunit_try_run_case+0x170/0x3f0 [ 16.820694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.820756] kthread+0x328/0x630 [ 16.820796] ret_from_fork+0x10/0x20 [ 16.820843] [ 16.820870] Allocated by task 193: [ 16.820898] kasan_save_stack+0x3c/0x68 [ 16.820938] kasan_save_track+0x20/0x40 [ 16.820976] kasan_save_alloc_info+0x40/0x58 [ 16.821023] __kasan_kmalloc+0xd4/0xd8 [ 16.821060] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.821098] kmalloc_double_kzfree+0xb8/0x308 [ 16.821142] kunit_try_run_case+0x170/0x3f0 [ 16.821223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.821277] kthread+0x328/0x630 [ 16.821313] ret_from_fork+0x10/0x20 [ 16.821356] [ 16.821373] Freed by task 193: [ 16.821398] kasan_save_stack+0x3c/0x68 [ 16.821445] kasan_save_track+0x20/0x40 [ 16.821489] kasan_save_free_info+0x4c/0x78 [ 16.821527] __kasan_slab_free+0x6c/0x98 [ 16.821564] kfree+0x214/0x3c8 [ 16.821596] kfree_sensitive+0x80/0xb0 [ 16.821641] kmalloc_double_kzfree+0x11c/0x308 [ 16.821689] kunit_try_run_case+0x170/0x3f0 [ 16.821737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.821790] kthread+0x328/0x630 [ 16.821823] ret_from_fork+0x10/0x20 [ 16.821866] [ 16.821885] The buggy address belongs to the object at fff00000c44abac0 [ 16.821885] which belongs to the cache kmalloc-16 of size 16 [ 16.821942] The buggy address is located 0 bytes inside of [ 16.821942] 16-byte region [fff00000c44abac0, fff00000c44abad0) [ 16.822005] [ 16.822025] The buggy address belongs to the physical page: [ 16.822065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.822119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.822176] page_type: f5(slab) [ 16.822222] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.822273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.822594] page dumped because: kasan: bad access detected [ 16.822686] [ 16.822726] Memory state around the buggy address: [ 16.822797] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.822917] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.823060] >fff00000c44aba80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.823147] ^ [ 16.823195] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.823237] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.823310] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.811004] ================================================================== [ 16.811065] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.811131] Read of size 1 at addr fff00000c44abac0 by task kunit_try_catch/193 [ 16.811194] [ 16.811230] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.811323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.811357] Hardware name: linux,dummy-virt (DT) [ 16.811419] Call trace: [ 16.811443] show_stack+0x20/0x38 (C) [ 16.811491] dump_stack_lvl+0x8c/0xd0 [ 16.811539] print_report+0x118/0x5d0 [ 16.811756] kasan_report+0xdc/0x128 [ 16.811844] __kasan_check_byte+0x54/0x70 [ 16.811993] kfree_sensitive+0x30/0xb0 [ 16.812043] kmalloc_double_kzfree+0x168/0x308 [ 16.812140] kunit_try_run_case+0x170/0x3f0 [ 16.812211] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.812335] kthread+0x328/0x630 [ 16.812452] ret_from_fork+0x10/0x20 [ 16.812549] [ 16.812632] Allocated by task 193: [ 16.812663] kasan_save_stack+0x3c/0x68 [ 16.812868] kasan_save_track+0x20/0x40 [ 16.813050] kasan_save_alloc_info+0x40/0x58 [ 16.813303] __kasan_kmalloc+0xd4/0xd8 [ 16.813412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.813556] kmalloc_double_kzfree+0xb8/0x308 [ 16.813760] kunit_try_run_case+0x170/0x3f0 [ 16.813849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.814008] kthread+0x328/0x630 [ 16.814088] ret_from_fork+0x10/0x20 [ 16.814434] [ 16.814558] Freed by task 193: [ 16.814666] kasan_save_stack+0x3c/0x68 [ 16.814818] kasan_save_track+0x20/0x40 [ 16.814925] kasan_save_free_info+0x4c/0x78 [ 16.815019] __kasan_slab_free+0x6c/0x98 [ 16.815094] kfree+0x214/0x3c8 [ 16.815128] kfree_sensitive+0x80/0xb0 [ 16.815437] kmalloc_double_kzfree+0x11c/0x308 [ 16.815702] kunit_try_run_case+0x170/0x3f0 [ 16.815839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815928] kthread+0x328/0x630 [ 16.816012] ret_from_fork+0x10/0x20 [ 16.816104] [ 16.816438] The buggy address belongs to the object at fff00000c44abac0 [ 16.816438] which belongs to the cache kmalloc-16 of size 16 [ 16.816534] The buggy address is located 0 bytes inside of [ 16.816534] freed 16-byte region [fff00000c44abac0, fff00000c44abad0) [ 16.816618] [ 16.816648] The buggy address belongs to the physical page: [ 16.816691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.816748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.816810] page_type: f5(slab) [ 16.816849] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.816923] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.816965] page dumped because: kasan: bad access detected [ 16.817030] [ 16.817048] Memory state around the buggy address: [ 16.817232] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.817317] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.817362] >fff00000c44aba80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 16.817404] ^ [ 16.817440] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.817685] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.817795] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.790450] ================================================================== [ 16.790514] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.790574] Read of size 1 at addr fff00000c5ac51a8 by task kunit_try_catch/189 [ 16.790625] [ 16.790656] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.790736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.790888] Hardware name: linux,dummy-virt (DT) [ 16.790968] Call trace: [ 16.790991] show_stack+0x20/0x38 (C) [ 16.791042] dump_stack_lvl+0x8c/0xd0 [ 16.791088] print_report+0x118/0x5d0 [ 16.791145] kasan_report+0xdc/0x128 [ 16.791202] __asan_report_load1_noabort+0x20/0x30 [ 16.791504] kmalloc_uaf2+0x3f4/0x468 [ 16.791606] kunit_try_run_case+0x170/0x3f0 [ 16.791726] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.791781] kthread+0x328/0x630 [ 16.791846] ret_from_fork+0x10/0x20 [ 16.791895] [ 16.791918] Allocated by task 189: [ 16.791950] kasan_save_stack+0x3c/0x68 [ 16.792008] kasan_save_track+0x20/0x40 [ 16.792066] kasan_save_alloc_info+0x40/0x58 [ 16.792115] __kasan_kmalloc+0xd4/0xd8 [ 16.792160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.792220] kmalloc_uaf2+0xc4/0x468 [ 16.792253] kunit_try_run_case+0x170/0x3f0 [ 16.792290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.792342] kthread+0x328/0x630 [ 16.792374] ret_from_fork+0x10/0x20 [ 16.792423] [ 16.792444] Freed by task 189: [ 16.792477] kasan_save_stack+0x3c/0x68 [ 16.792516] kasan_save_track+0x20/0x40 [ 16.792552] kasan_save_free_info+0x4c/0x78 [ 16.792597] __kasan_slab_free+0x6c/0x98 [ 16.792645] kfree+0x214/0x3c8 [ 16.792684] kmalloc_uaf2+0x134/0x468 [ 16.792734] kunit_try_run_case+0x170/0x3f0 [ 16.792772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.792831] kthread+0x328/0x630 [ 16.792870] ret_from_fork+0x10/0x20 [ 16.792903] [ 16.792923] The buggy address belongs to the object at fff00000c5ac5180 [ 16.792923] which belongs to the cache kmalloc-64 of size 64 [ 16.792997] The buggy address is located 40 bytes inside of [ 16.792997] freed 64-byte region [fff00000c5ac5180, fff00000c5ac51c0) [ 16.793067] [ 16.793087] The buggy address belongs to the physical page: [ 16.793116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ac5 [ 16.793170] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.793577] page_type: f5(slab) [ 16.793734] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.793808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.793897] page dumped because: kasan: bad access detected [ 16.793975] [ 16.793993] Memory state around the buggy address: [ 16.794030] fff00000c5ac5080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.794349] fff00000c5ac5100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.794464] >fff00000c5ac5180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.794528] ^ [ 16.794662] fff00000c5ac5200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.794757] fff00000c5ac5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.794796] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.778021] ================================================================== [ 16.778084] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.778136] Write of size 33 at addr fff00000c5ac5000 by task kunit_try_catch/187 [ 16.778405] [ 16.778447] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.778530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.778557] Hardware name: linux,dummy-virt (DT) [ 16.778648] Call trace: [ 16.778687] show_stack+0x20/0x38 (C) [ 16.778738] dump_stack_lvl+0x8c/0xd0 [ 16.778785] print_report+0x118/0x5d0 [ 16.778902] kasan_report+0xdc/0x128 [ 16.778975] kasan_check_range+0x100/0x1a8 [ 16.779024] __asan_memset+0x34/0x78 [ 16.779065] kmalloc_uaf_memset+0x170/0x310 [ 16.779235] kunit_try_run_case+0x170/0x3f0 [ 16.779318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.779373] kthread+0x328/0x630 [ 16.779462] ret_from_fork+0x10/0x20 [ 16.779529] [ 16.779546] Allocated by task 187: [ 16.779575] kasan_save_stack+0x3c/0x68 [ 16.779615] kasan_save_track+0x20/0x40 [ 16.779651] kasan_save_alloc_info+0x40/0x58 [ 16.779692] __kasan_kmalloc+0xd4/0xd8 [ 16.779727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.779908] kmalloc_uaf_memset+0xb8/0x310 [ 16.780003] kunit_try_run_case+0x170/0x3f0 [ 16.780080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.780259] kthread+0x328/0x630 [ 16.780303] ret_from_fork+0x10/0x20 [ 16.780339] [ 16.780357] Freed by task 187: [ 16.780385] kasan_save_stack+0x3c/0x68 [ 16.780429] kasan_save_track+0x20/0x40 [ 16.780478] kasan_save_free_info+0x4c/0x78 [ 16.780526] __kasan_slab_free+0x6c/0x98 [ 16.780570] kfree+0x214/0x3c8 [ 16.780602] kmalloc_uaf_memset+0x11c/0x310 [ 16.780639] kunit_try_run_case+0x170/0x3f0 [ 16.780676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.780740] kthread+0x328/0x630 [ 16.780779] ret_from_fork+0x10/0x20 [ 16.780822] [ 16.780840] The buggy address belongs to the object at fff00000c5ac5000 [ 16.780840] which belongs to the cache kmalloc-64 of size 64 [ 16.780905] The buggy address is located 0 bytes inside of [ 16.780905] freed 64-byte region [fff00000c5ac5000, fff00000c5ac5040) [ 16.780968] [ 16.780989] The buggy address belongs to the physical page: [ 16.781027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ac5 [ 16.781089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.781146] page_type: f5(slab) [ 16.781208] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.781259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.781300] page dumped because: kasan: bad access detected [ 16.781608] [ 16.781678] Memory state around the buggy address: [ 16.781714] fff00000c5ac4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.781760] fff00000c5ac4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.781806] >fff00000c5ac5000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.782037] ^ [ 16.782116] fff00000c5ac5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.782310] fff00000c5ac5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.782436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.764419] ================================================================== [ 16.764484] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.764540] Read of size 1 at addr fff00000c44abaa8 by task kunit_try_catch/185 [ 16.764620] [ 16.764655] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.765127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.765297] Hardware name: linux,dummy-virt (DT) [ 16.765372] Call trace: [ 16.765462] show_stack+0x20/0x38 (C) [ 16.765553] dump_stack_lvl+0x8c/0xd0 [ 16.765659] print_report+0x118/0x5d0 [ 16.765777] kasan_report+0xdc/0x128 [ 16.765876] __asan_report_load1_noabort+0x20/0x30 [ 16.766014] kmalloc_uaf+0x300/0x338 [ 16.766059] kunit_try_run_case+0x170/0x3f0 [ 16.766154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.766224] kthread+0x328/0x630 [ 16.766441] ret_from_fork+0x10/0x20 [ 16.766612] [ 16.766809] Allocated by task 185: [ 16.766987] kasan_save_stack+0x3c/0x68 [ 16.767150] kasan_save_track+0x20/0x40 [ 16.767328] kasan_save_alloc_info+0x40/0x58 [ 16.767370] __kasan_kmalloc+0xd4/0xd8 [ 16.767450] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.767712] kmalloc_uaf+0xb8/0x338 [ 16.767871] kunit_try_run_case+0x170/0x3f0 [ 16.768021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.768140] kthread+0x328/0x630 [ 16.768242] ret_from_fork+0x10/0x20 [ 16.768311] [ 16.768469] Freed by task 185: [ 16.768549] kasan_save_stack+0x3c/0x68 [ 16.768670] kasan_save_track+0x20/0x40 [ 16.768709] kasan_save_free_info+0x4c/0x78 [ 16.768749] __kasan_slab_free+0x6c/0x98 [ 16.768811] kfree+0x214/0x3c8 [ 16.768844] kmalloc_uaf+0x11c/0x338 [ 16.769277] kunit_try_run_case+0x170/0x3f0 [ 16.769374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.769461] kthread+0x328/0x630 [ 16.769515] ret_from_fork+0x10/0x20 [ 16.769600] [ 16.769668] The buggy address belongs to the object at fff00000c44abaa0 [ 16.769668] which belongs to the cache kmalloc-16 of size 16 [ 16.769781] The buggy address is located 8 bytes inside of [ 16.769781] freed 16-byte region [fff00000c44abaa0, fff00000c44abab0) [ 16.769860] [ 16.769880] The buggy address belongs to the physical page: [ 16.769956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.770022] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.770084] page_type: f5(slab) [ 16.770125] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.770505] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.770569] page dumped because: kasan: bad access detected [ 16.770602] [ 16.770666] Memory state around the buggy address: [ 16.770756] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.770800] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.770843] >fff00000c44aba80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.770882] ^ [ 16.771065] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771259] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.771358] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.745664] ================================================================== [ 16.745726] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.745897] Read of size 64 at addr fff00000c5ab4c84 by task kunit_try_catch/183 [ 16.746027] [ 16.746062] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.746291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.746323] Hardware name: linux,dummy-virt (DT) [ 16.746473] Call trace: [ 16.746510] show_stack+0x20/0x38 (C) [ 16.746561] dump_stack_lvl+0x8c/0xd0 [ 16.746662] print_report+0x118/0x5d0 [ 16.746707] kasan_report+0xdc/0x128 [ 16.746752] kasan_check_range+0x100/0x1a8 [ 16.746818] __asan_memmove+0x3c/0x98 [ 16.746862] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.746911] kunit_try_run_case+0x170/0x3f0 [ 16.746958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.747009] kthread+0x328/0x630 [ 16.747225] ret_from_fork+0x10/0x20 [ 16.747291] [ 16.747311] Allocated by task 183: [ 16.747459] kasan_save_stack+0x3c/0x68 [ 16.747678] kasan_save_track+0x20/0x40 [ 16.747879] kasan_save_alloc_info+0x40/0x58 [ 16.747998] __kasan_kmalloc+0xd4/0xd8 [ 16.748044] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.748082] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.748123] kunit_try_run_case+0x170/0x3f0 [ 16.748161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.748369] kthread+0x328/0x630 [ 16.748458] ret_from_fork+0x10/0x20 [ 16.748606] [ 16.748751] The buggy address belongs to the object at fff00000c5ab4c80 [ 16.748751] which belongs to the cache kmalloc-64 of size 64 [ 16.748832] The buggy address is located 4 bytes inside of [ 16.748832] allocated 64-byte region [fff00000c5ab4c80, fff00000c5ab4cc0) [ 16.748897] [ 16.748917] The buggy address belongs to the physical page: [ 16.748949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ab4 [ 16.749043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.749170] page_type: f5(slab) [ 16.749242] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.749358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.749534] page dumped because: kasan: bad access detected [ 16.750724] [ 16.750873] Memory state around the buggy address: [ 16.750914] fff00000c5ab4b80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.751532] fff00000c5ab4c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.753410] >fff00000c5ab4c80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.753932] ^ [ 16.753974] fff00000c5ab4d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754024] fff00000c5ab4d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754064] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.734775] ================================================================== [ 16.734934] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.734988] Read of size 18446744073709551614 at addr fff00000c5ab4a84 by task kunit_try_catch/181 [ 16.735368] [ 16.735436] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.735618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.735703] Hardware name: linux,dummy-virt (DT) [ 16.735734] Call trace: [ 16.735784] show_stack+0x20/0x38 (C) [ 16.735834] dump_stack_lvl+0x8c/0xd0 [ 16.735888] print_report+0x118/0x5d0 [ 16.735937] kasan_report+0xdc/0x128 [ 16.735980] kasan_check_range+0x100/0x1a8 [ 16.736026] __asan_memmove+0x3c/0x98 [ 16.736198] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.736295] kunit_try_run_case+0x170/0x3f0 [ 16.736446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.736567] kthread+0x328/0x630 [ 16.736683] ret_from_fork+0x10/0x20 [ 16.736839] [ 16.736938] Allocated by task 181: [ 16.737014] kasan_save_stack+0x3c/0x68 [ 16.737071] kasan_save_track+0x20/0x40 [ 16.737108] kasan_save_alloc_info+0x40/0x58 [ 16.737431] __kasan_kmalloc+0xd4/0xd8 [ 16.737497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.737754] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.737860] kunit_try_run_case+0x170/0x3f0 [ 16.737942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.738043] kthread+0x328/0x630 [ 16.738142] ret_from_fork+0x10/0x20 [ 16.738300] [ 16.738369] The buggy address belongs to the object at fff00000c5ab4a80 [ 16.738369] which belongs to the cache kmalloc-64 of size 64 [ 16.738466] The buggy address is located 4 bytes inside of [ 16.738466] 64-byte region [fff00000c5ab4a80, fff00000c5ab4ac0) [ 16.738549] [ 16.738657] The buggy address belongs to the physical page: [ 16.738706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ab4 [ 16.738778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.738890] page_type: f5(slab) [ 16.738952] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.739251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.739321] page dumped because: kasan: bad access detected [ 16.739368] [ 16.739405] Memory state around the buggy address: [ 16.739472] fff00000c5ab4980: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.739556] fff00000c5ab4a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.739631] >fff00000c5ab4a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.739671] ^ [ 16.739697] fff00000c5ab4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739748] fff00000c5ab4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.739785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.724665] ================================================================== [ 16.724741] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.724788] Write of size 16 at addr fff00000c5aae569 by task kunit_try_catch/179 [ 16.724843] [ 16.724875] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.724965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.724999] Hardware name: linux,dummy-virt (DT) [ 16.725033] Call trace: [ 16.725055] show_stack+0x20/0x38 (C) [ 16.725109] dump_stack_lvl+0x8c/0xd0 [ 16.725162] print_report+0x118/0x5d0 [ 16.725220] kasan_report+0xdc/0x128 [ 16.725263] kasan_check_range+0x100/0x1a8 [ 16.725354] __asan_memset+0x34/0x78 [ 16.725396] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.725440] kunit_try_run_case+0x170/0x3f0 [ 16.725981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.726042] kthread+0x328/0x630 [ 16.726084] ret_from_fork+0x10/0x20 [ 16.726205] [ 16.726308] Allocated by task 179: [ 16.726376] kasan_save_stack+0x3c/0x68 [ 16.726497] kasan_save_track+0x20/0x40 [ 16.726597] kasan_save_alloc_info+0x40/0x58 [ 16.726729] __kasan_kmalloc+0xd4/0xd8 [ 16.726824] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.726962] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.727060] kunit_try_run_case+0x170/0x3f0 [ 16.727167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.727221] kthread+0x328/0x630 [ 16.727252] ret_from_fork+0x10/0x20 [ 16.727414] [ 16.727449] The buggy address belongs to the object at fff00000c5aae500 [ 16.727449] which belongs to the cache kmalloc-128 of size 128 [ 16.727570] The buggy address is located 105 bytes inside of [ 16.727570] allocated 120-byte region [fff00000c5aae500, fff00000c5aae578) [ 16.727708] [ 16.727734] The buggy address belongs to the physical page: [ 16.727781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.727845] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.727929] page_type: f5(slab) [ 16.727966] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.728030] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.728069] page dumped because: kasan: bad access detected [ 16.728100] [ 16.728117] Memory state around the buggy address: [ 16.728348] fff00000c5aae400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.728425] fff00000c5aae480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728484] >fff00000c5aae500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.728580] ^ [ 16.728663] fff00000c5aae580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728748] fff00000c5aae600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.728837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.714553] ================================================================== [ 16.714646] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.714731] Write of size 8 at addr fff00000c5aae471 by task kunit_try_catch/177 [ 16.714783] [ 16.714838] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.714919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.715098] Hardware name: linux,dummy-virt (DT) [ 16.715154] Call trace: [ 16.715218] show_stack+0x20/0x38 (C) [ 16.715270] dump_stack_lvl+0x8c/0xd0 [ 16.715315] print_report+0x118/0x5d0 [ 16.715359] kasan_report+0xdc/0x128 [ 16.715580] kasan_check_range+0x100/0x1a8 [ 16.715637] __asan_memset+0x34/0x78 [ 16.715678] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.715723] kunit_try_run_case+0x170/0x3f0 [ 16.715768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.715851] kthread+0x328/0x630 [ 16.715996] ret_from_fork+0x10/0x20 [ 16.716106] [ 16.716252] Allocated by task 177: [ 16.716319] kasan_save_stack+0x3c/0x68 [ 16.716368] kasan_save_track+0x20/0x40 [ 16.716405] kasan_save_alloc_info+0x40/0x58 [ 16.716444] __kasan_kmalloc+0xd4/0xd8 [ 16.716479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.716517] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.716721] kunit_try_run_case+0x170/0x3f0 [ 16.716788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.716831] kthread+0x328/0x630 [ 16.716862] ret_from_fork+0x10/0x20 [ 16.716897] [ 16.717062] The buggy address belongs to the object at fff00000c5aae400 [ 16.717062] which belongs to the cache kmalloc-128 of size 128 [ 16.717214] The buggy address is located 113 bytes inside of [ 16.717214] allocated 120-byte region [fff00000c5aae400, fff00000c5aae478) [ 16.717343] [ 16.717411] The buggy address belongs to the physical page: [ 16.717498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.717610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.717739] page_type: f5(slab) [ 16.717795] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.717866] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.718119] page dumped because: kasan: bad access detected [ 16.718303] [ 16.718412] Memory state around the buggy address: [ 16.718500] fff00000c5aae300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.718632] fff00000c5aae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.718747] >fff00000c5aae400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.718870] ^ [ 16.718955] fff00000c5aae480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719049] fff00000c5aae500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.705041] ================================================================== [ 16.705101] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.705149] Write of size 4 at addr fff00000c5aae375 by task kunit_try_catch/175 [ 16.705212] [ 16.705263] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.705344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.705369] Hardware name: linux,dummy-virt (DT) [ 16.705399] Call trace: [ 16.705421] show_stack+0x20/0x38 (C) [ 16.705474] dump_stack_lvl+0x8c/0xd0 [ 16.705528] print_report+0x118/0x5d0 [ 16.705573] kasan_report+0xdc/0x128 [ 16.705625] kasan_check_range+0x100/0x1a8 [ 16.705673] __asan_memset+0x34/0x78 [ 16.705718] kmalloc_oob_memset_4+0x150/0x300 [ 16.705763] kunit_try_run_case+0x170/0x3f0 [ 16.705817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.705868] kthread+0x328/0x630 [ 16.705908] ret_from_fork+0x10/0x20 [ 16.705954] [ 16.705977] Allocated by task 175: [ 16.706012] kasan_save_stack+0x3c/0x68 [ 16.706051] kasan_save_track+0x20/0x40 [ 16.706087] kasan_save_alloc_info+0x40/0x58 [ 16.706134] __kasan_kmalloc+0xd4/0xd8 [ 16.706189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.706227] kmalloc_oob_memset_4+0xb0/0x300 [ 16.706263] kunit_try_run_case+0x170/0x3f0 [ 16.706413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.706686] kthread+0x328/0x630 [ 16.706731] ret_from_fork+0x10/0x20 [ 16.706767] [ 16.706786] The buggy address belongs to the object at fff00000c5aae300 [ 16.706786] which belongs to the cache kmalloc-128 of size 128 [ 16.706844] The buggy address is located 117 bytes inside of [ 16.706844] allocated 120-byte region [fff00000c5aae300, fff00000c5aae378) [ 16.706905] [ 16.706924] The buggy address belongs to the physical page: [ 16.707003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.707296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.707362] page_type: f5(slab) [ 16.707406] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.707471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.707519] page dumped because: kasan: bad access detected [ 16.707550] [ 16.707567] Memory state around the buggy address: [ 16.707598] fff00000c5aae200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.707858] fff00000c5aae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.707965] >fff00000c5aae300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.708174] ^ [ 16.708229] fff00000c5aae380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.708271] fff00000c5aae400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.708402] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.693684] ================================================================== [ 16.693754] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.693823] Write of size 2 at addr fff00000c5aae277 by task kunit_try_catch/173 [ 16.693888] [ 16.693920] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.694004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.694031] Hardware name: linux,dummy-virt (DT) [ 16.694081] Call trace: [ 16.694129] show_stack+0x20/0x38 (C) [ 16.694205] dump_stack_lvl+0x8c/0xd0 [ 16.694321] print_report+0x118/0x5d0 [ 16.694366] kasan_report+0xdc/0x128 [ 16.694427] kasan_check_range+0x100/0x1a8 [ 16.694473] __asan_memset+0x34/0x78 [ 16.694516] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.694561] kunit_try_run_case+0x170/0x3f0 [ 16.694741] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.694820] kthread+0x328/0x630 [ 16.694867] ret_from_fork+0x10/0x20 [ 16.694920] [ 16.694938] Allocated by task 173: [ 16.694966] kasan_save_stack+0x3c/0x68 [ 16.695024] kasan_save_track+0x20/0x40 [ 16.695061] kasan_save_alloc_info+0x40/0x58 [ 16.695100] __kasan_kmalloc+0xd4/0xd8 [ 16.695135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.695172] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.695238] kunit_try_run_case+0x170/0x3f0 [ 16.695275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.695336] kthread+0x328/0x630 [ 16.695449] ret_from_fork+0x10/0x20 [ 16.695509] [ 16.695573] The buggy address belongs to the object at fff00000c5aae200 [ 16.695573] which belongs to the cache kmalloc-128 of size 128 [ 16.695630] The buggy address is located 119 bytes inside of [ 16.695630] allocated 120-byte region [fff00000c5aae200, fff00000c5aae278) [ 16.695692] [ 16.695711] The buggy address belongs to the physical page: [ 16.695884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.695968] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.696088] page_type: f5(slab) [ 16.696163] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.696303] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.696410] page dumped because: kasan: bad access detected [ 16.696453] [ 16.696470] Memory state around the buggy address: [ 16.696707] fff00000c5aae100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.696925] fff00000c5aae180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697009] >fff00000c5aae200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.697058] ^ [ 16.697126] fff00000c5aae280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697196] fff00000c5aae300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697233] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.684329] ================================================================== [ 16.684411] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.684476] Write of size 128 at addr fff00000c5aae100 by task kunit_try_catch/171 [ 16.684584] [ 16.684642] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.684723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.684749] Hardware name: linux,dummy-virt (DT) [ 16.684823] Call trace: [ 16.684851] show_stack+0x20/0x38 (C) [ 16.684959] dump_stack_lvl+0x8c/0xd0 [ 16.685005] print_report+0x118/0x5d0 [ 16.685059] kasan_report+0xdc/0x128 [ 16.685103] kasan_check_range+0x100/0x1a8 [ 16.685149] __asan_memset+0x34/0x78 [ 16.685409] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.685504] kunit_try_run_case+0x170/0x3f0 [ 16.685552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.685660] kthread+0x328/0x630 [ 16.685706] ret_from_fork+0x10/0x20 [ 16.685777] [ 16.685795] Allocated by task 171: [ 16.685822] kasan_save_stack+0x3c/0x68 [ 16.685907] kasan_save_track+0x20/0x40 [ 16.685961] kasan_save_alloc_info+0x40/0x58 [ 16.686053] __kasan_kmalloc+0xd4/0xd8 [ 16.686138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.686189] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.686226] kunit_try_run_case+0x170/0x3f0 [ 16.686263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.686306] kthread+0x328/0x630 [ 16.686338] ret_from_fork+0x10/0x20 [ 16.686372] [ 16.686390] The buggy address belongs to the object at fff00000c5aae100 [ 16.686390] which belongs to the cache kmalloc-128 of size 128 [ 16.686591] The buggy address is located 0 bytes inside of [ 16.686591] allocated 120-byte region [fff00000c5aae100, fff00000c5aae178) [ 16.686664] [ 16.686683] The buggy address belongs to the physical page: [ 16.686751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.686832] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.686917] page_type: f5(slab) [ 16.686988] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.687076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.687133] page dumped because: kasan: bad access detected [ 16.687211] [ 16.687280] Memory state around the buggy address: [ 16.687338] fff00000c5aae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.687413] fff00000c5aae080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687466] >fff00000c5aae100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.687573] ^ [ 16.687613] fff00000c5aae180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687655] fff00000c5aae200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.687711] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.673192] ================================================================== [ 16.673255] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.673349] Read of size 16 at addr fff00000c44aba80 by task kunit_try_catch/169 [ 16.673401] [ 16.673433] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.673625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.673720] Hardware name: linux,dummy-virt (DT) [ 16.673767] Call trace: [ 16.673789] show_stack+0x20/0x38 (C) [ 16.673878] dump_stack_lvl+0x8c/0xd0 [ 16.673943] print_report+0x118/0x5d0 [ 16.674038] kasan_report+0xdc/0x128 [ 16.674091] __asan_report_load16_noabort+0x20/0x30 [ 16.674142] kmalloc_uaf_16+0x3bc/0x438 [ 16.674404] kunit_try_run_case+0x170/0x3f0 [ 16.674523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.674578] kthread+0x328/0x630 [ 16.674620] ret_from_fork+0x10/0x20 [ 16.674673] [ 16.674691] Allocated by task 169: [ 16.674720] kasan_save_stack+0x3c/0x68 [ 16.674759] kasan_save_track+0x20/0x40 [ 16.674794] kasan_save_alloc_info+0x40/0x58 [ 16.674832] __kasan_kmalloc+0xd4/0xd8 [ 16.674881] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.674919] kmalloc_uaf_16+0x140/0x438 [ 16.674952] kunit_try_run_case+0x170/0x3f0 [ 16.674988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.675030] kthread+0x328/0x630 [ 16.675060] ret_from_fork+0x10/0x20 [ 16.675094] [ 16.675110] Freed by task 169: [ 16.675135] kasan_save_stack+0x3c/0x68 [ 16.675368] kasan_save_track+0x20/0x40 [ 16.675616] kasan_save_free_info+0x4c/0x78 [ 16.675709] __kasan_slab_free+0x6c/0x98 [ 16.675749] kfree+0x214/0x3c8 [ 16.675782] kmalloc_uaf_16+0x190/0x438 [ 16.675836] kunit_try_run_case+0x170/0x3f0 [ 16.675873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.675951] kthread+0x328/0x630 [ 16.675984] ret_from_fork+0x10/0x20 [ 16.676018] [ 16.676127] The buggy address belongs to the object at fff00000c44aba80 [ 16.676127] which belongs to the cache kmalloc-16 of size 16 [ 16.676228] The buggy address is located 0 bytes inside of [ 16.676228] freed 16-byte region [fff00000c44aba80, fff00000c44aba90) [ 16.676354] [ 16.676391] The buggy address belongs to the physical page: [ 16.676439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.676547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.676675] page_type: f5(slab) [ 16.676779] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.676848] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.676910] page dumped because: kasan: bad access detected [ 16.677231] [ 16.677336] Memory state around the buggy address: [ 16.677417] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.677460] fff00000c44aba00: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.677710] >fff00000c44aba80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677840] ^ [ 16.677960] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678077] fff00000c44abb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678133] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.661132] ================================================================== [ 16.661243] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.661295] Write of size 16 at addr fff00000c44aba20 by task kunit_try_catch/167 [ 16.661345] [ 16.661376] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.661588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.661632] Hardware name: linux,dummy-virt (DT) [ 16.661725] Call trace: [ 16.661764] show_stack+0x20/0x38 (C) [ 16.661830] dump_stack_lvl+0x8c/0xd0 [ 16.661934] print_report+0x118/0x5d0 [ 16.662016] kasan_report+0xdc/0x128 [ 16.662087] __asan_report_store16_noabort+0x20/0x30 [ 16.662155] kmalloc_oob_16+0x3a0/0x3f8 [ 16.662230] kunit_try_run_case+0x170/0x3f0 [ 16.662320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.662390] kthread+0x328/0x630 [ 16.662432] ret_from_fork+0x10/0x20 [ 16.662478] [ 16.662512] Allocated by task 167: [ 16.662546] kasan_save_stack+0x3c/0x68 [ 16.662821] kasan_save_track+0x20/0x40 [ 16.662930] kasan_save_alloc_info+0x40/0x58 [ 16.663365] __kasan_kmalloc+0xd4/0xd8 [ 16.663427] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.663482] kmalloc_oob_16+0xb4/0x3f8 [ 16.663674] kunit_try_run_case+0x170/0x3f0 [ 16.663780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663857] kthread+0x328/0x630 [ 16.664140] ret_from_fork+0x10/0x20 [ 16.664240] [ 16.664284] The buggy address belongs to the object at fff00000c44aba20 [ 16.664284] which belongs to the cache kmalloc-16 of size 16 [ 16.664344] The buggy address is located 0 bytes inside of [ 16.664344] allocated 13-byte region [fff00000c44aba20, fff00000c44aba2d) [ 16.664427] [ 16.664447] The buggy address belongs to the physical page: [ 16.664476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.664531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.664578] page_type: f5(slab) [ 16.664753] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.664824] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.664932] page dumped because: kasan: bad access detected [ 16.665017] [ 16.665034] Memory state around the buggy address: [ 16.665164] fff00000c44ab900: fa fb fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 16.665496] fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.665549] >fff00000c44aba00: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 16.665587] ^ [ 16.665873] fff00000c44aba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.665948] fff00000c44abb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666004] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.650084] ================================================================== [ 16.650132] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.650177] Read of size 1 at addr fff00000c4519000 by task kunit_try_catch/165 [ 16.650238] [ 16.650267] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.650344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.650370] Hardware name: linux,dummy-virt (DT) [ 16.650400] Call trace: [ 16.650440] show_stack+0x20/0x38 (C) [ 16.650487] dump_stack_lvl+0x8c/0xd0 [ 16.650532] print_report+0x118/0x5d0 [ 16.650581] kasan_report+0xdc/0x128 [ 16.650626] __asan_report_load1_noabort+0x20/0x30 [ 16.650675] krealloc_uaf+0x4c8/0x520 [ 16.650723] kunit_try_run_case+0x170/0x3f0 [ 16.650771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.650822] kthread+0x328/0x630 [ 16.650862] ret_from_fork+0x10/0x20 [ 16.650908] [ 16.650925] Allocated by task 165: [ 16.650952] kasan_save_stack+0x3c/0x68 [ 16.650991] kasan_save_track+0x20/0x40 [ 16.651026] kasan_save_alloc_info+0x40/0x58 [ 16.651065] __kasan_kmalloc+0xd4/0xd8 [ 16.651110] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.651149] krealloc_uaf+0xc8/0x520 [ 16.651193] kunit_try_run_case+0x170/0x3f0 [ 16.651229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.651270] kthread+0x328/0x630 [ 16.651301] ret_from_fork+0x10/0x20 [ 16.651334] [ 16.651351] Freed by task 165: [ 16.651496] kasan_save_stack+0x3c/0x68 [ 16.651708] kasan_save_track+0x20/0x40 [ 16.651750] kasan_save_free_info+0x4c/0x78 [ 16.651811] __kasan_slab_free+0x6c/0x98 [ 16.651865] kfree+0x214/0x3c8 [ 16.652003] krealloc_uaf+0x12c/0x520 [ 16.652102] kunit_try_run_case+0x170/0x3f0 [ 16.652216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.652355] kthread+0x328/0x630 [ 16.652484] ret_from_fork+0x10/0x20 [ 16.652606] [ 16.652657] The buggy address belongs to the object at fff00000c4519000 [ 16.652657] which belongs to the cache kmalloc-256 of size 256 [ 16.652789] The buggy address is located 0 bytes inside of [ 16.652789] freed 256-byte region [fff00000c4519000, fff00000c4519100) [ 16.653088] [ 16.653111] The buggy address belongs to the physical page: [ 16.653232] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.653288] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.653334] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.653492] page_type: f5(slab) [ 16.653589] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.653719] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.653814] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.653883] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.654016] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.654107] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.654147] page dumped because: kasan: bad access detected [ 16.654195] [ 16.654212] Memory state around the buggy address: [ 16.654242] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654439] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654542] >fff00000c4519000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.654620] ^ [ 16.654648] fff00000c4519080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.654728] fff00000c4519100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.654801] ================================================================== [ 16.642715] ================================================================== [ 16.642793] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.642843] Read of size 1 at addr fff00000c4519000 by task kunit_try_catch/165 [ 16.642908] [ 16.642939] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.643019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.643045] Hardware name: linux,dummy-virt (DT) [ 16.643075] Call trace: [ 16.643095] show_stack+0x20/0x38 (C) [ 16.643141] dump_stack_lvl+0x8c/0xd0 [ 16.643209] print_report+0x118/0x5d0 [ 16.643255] kasan_report+0xdc/0x128 [ 16.643298] __kasan_check_byte+0x54/0x70 [ 16.643342] krealloc_noprof+0x44/0x360 [ 16.643417] krealloc_uaf+0x180/0x520 [ 16.643460] kunit_try_run_case+0x170/0x3f0 [ 16.643505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.643555] kthread+0x328/0x630 [ 16.643595] ret_from_fork+0x10/0x20 [ 16.643640] [ 16.643993] Allocated by task 165: [ 16.644060] kasan_save_stack+0x3c/0x68 [ 16.644125] kasan_save_track+0x20/0x40 [ 16.644244] kasan_save_alloc_info+0x40/0x58 [ 16.644315] __kasan_kmalloc+0xd4/0xd8 [ 16.644383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.644421] krealloc_uaf+0xc8/0x520 [ 16.644483] kunit_try_run_case+0x170/0x3f0 [ 16.644520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.644563] kthread+0x328/0x630 [ 16.644784] ret_from_fork+0x10/0x20 [ 16.644852] [ 16.644947] Freed by task 165: [ 16.645013] kasan_save_stack+0x3c/0x68 [ 16.645124] kasan_save_track+0x20/0x40 [ 16.645171] kasan_save_free_info+0x4c/0x78 [ 16.645219] __kasan_slab_free+0x6c/0x98 [ 16.645257] kfree+0x214/0x3c8 [ 16.645477] krealloc_uaf+0x12c/0x520 [ 16.645635] kunit_try_run_case+0x170/0x3f0 [ 16.645722] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.645834] kthread+0x328/0x630 [ 16.645915] ret_from_fork+0x10/0x20 [ 16.646034] [ 16.646124] The buggy address belongs to the object at fff00000c4519000 [ 16.646124] which belongs to the cache kmalloc-256 of size 256 [ 16.646364] The buggy address is located 0 bytes inside of [ 16.646364] freed 256-byte region [fff00000c4519000, fff00000c4519100) [ 16.646620] [ 16.646691] The buggy address belongs to the physical page: [ 16.646734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.646971] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.647090] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.647218] page_type: f5(slab) [ 16.647363] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.647457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.647521] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.647924] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.648087] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.648271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.648371] page dumped because: kasan: bad access detected [ 16.648460] [ 16.648521] Memory state around the buggy address: [ 16.648605] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648746] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648849] >fff00000c4519000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.648911] ^ [ 16.648938] fff00000c4519080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.649110] fff00000c4519100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649286] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.620931] ================================================================== [ 16.621046] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.621123] Write of size 1 at addr fff00000c78360d0 by task kunit_try_catch/163 [ 16.621176] [ 16.621217] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.621544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.621583] Hardware name: linux,dummy-virt (DT) [ 16.621642] Call trace: [ 16.621664] show_stack+0x20/0x38 (C) [ 16.621740] dump_stack_lvl+0x8c/0xd0 [ 16.621805] print_report+0x118/0x5d0 [ 16.621887] kasan_report+0xdc/0x128 [ 16.621958] __asan_report_store1_noabort+0x20/0x30 [ 16.622017] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.622091] krealloc_large_less_oob+0x20/0x38 [ 16.622140] kunit_try_run_case+0x170/0x3f0 [ 16.622233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.622286] kthread+0x328/0x630 [ 16.622413] ret_from_fork+0x10/0x20 [ 16.622467] [ 16.622487] The buggy address belongs to the physical page: [ 16.622518] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 16.622590] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.622939] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.623008] page_type: f8(unknown) [ 16.623076] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.623127] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.623196] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.623278] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.623365] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 16.623592] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.623685] page dumped because: kasan: bad access detected [ 16.623794] [ 16.623821] Memory state around the buggy address: [ 16.623852] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.623892] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.623955] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.623993] ^ [ 16.624028] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.624072] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.624109] ================================================================== [ 16.625019] ================================================================== [ 16.625081] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.625387] Write of size 1 at addr fff00000c78360da by task kunit_try_catch/163 [ 16.625454] [ 16.625484] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.625563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.625600] Hardware name: linux,dummy-virt (DT) [ 16.625630] Call trace: [ 16.625650] show_stack+0x20/0x38 (C) [ 16.625699] dump_stack_lvl+0x8c/0xd0 [ 16.625745] print_report+0x118/0x5d0 [ 16.625789] kasan_report+0xdc/0x128 [ 16.625849] __asan_report_store1_noabort+0x20/0x30 [ 16.625900] krealloc_less_oob_helper+0xa80/0xc50 [ 16.625948] krealloc_large_less_oob+0x20/0x38 [ 16.625999] kunit_try_run_case+0x170/0x3f0 [ 16.626045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.626096] kthread+0x328/0x630 [ 16.626136] ret_from_fork+0x10/0x20 [ 16.626192] [ 16.626211] The buggy address belongs to the physical page: [ 16.626244] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 16.626296] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.626342] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.626392] page_type: f8(unknown) [ 16.626429] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.626478] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.626543] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.626601] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.626652] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 16.626700] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.626739] page dumped because: kasan: bad access detected [ 16.626769] [ 16.626786] Memory state around the buggy address: [ 16.626820] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.626863] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.626910] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.626947] ^ [ 16.626982] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.627031] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.627068] ================================================================== [ 16.566768] ================================================================== [ 16.566821] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.566870] Write of size 1 at addr fff00000c4518ec9 by task kunit_try_catch/159 [ 16.566920] [ 16.567076] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.567302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.567369] Hardware name: linux,dummy-virt (DT) [ 16.567436] Call trace: [ 16.567564] show_stack+0x20/0x38 (C) [ 16.567708] dump_stack_lvl+0x8c/0xd0 [ 16.567844] print_report+0x118/0x5d0 [ 16.567891] kasan_report+0xdc/0x128 [ 16.567935] __asan_report_store1_noabort+0x20/0x30 [ 16.568170] krealloc_less_oob_helper+0xa48/0xc50 [ 16.568244] krealloc_less_oob+0x20/0x38 [ 16.568370] kunit_try_run_case+0x170/0x3f0 [ 16.568482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.568622] kthread+0x328/0x630 [ 16.568706] ret_from_fork+0x10/0x20 [ 16.568813] [ 16.568832] Allocated by task 159: [ 16.568863] kasan_save_stack+0x3c/0x68 [ 16.568936] kasan_save_track+0x20/0x40 [ 16.569281] kasan_save_alloc_info+0x40/0x58 [ 16.569397] __kasan_krealloc+0x118/0x178 [ 16.569491] krealloc_noprof+0x128/0x360 [ 16.569529] krealloc_less_oob_helper+0x168/0xc50 [ 16.569823] krealloc_less_oob+0x20/0x38 [ 16.569895] kunit_try_run_case+0x170/0x3f0 [ 16.569931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.570258] kthread+0x328/0x630 [ 16.570313] ret_from_fork+0x10/0x20 [ 16.570349] [ 16.570368] The buggy address belongs to the object at fff00000c4518e00 [ 16.570368] which belongs to the cache kmalloc-256 of size 256 [ 16.570436] The buggy address is located 0 bytes to the right of [ 16.570436] allocated 201-byte region [fff00000c4518e00, fff00000c4518ec9) [ 16.570499] [ 16.570538] The buggy address belongs to the physical page: [ 16.570569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.570633] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.570689] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.570752] page_type: f5(slab) [ 16.570789] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.570865] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.570914] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.570962] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.571034] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.571090] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.571145] page dumped because: kasan: bad access detected [ 16.571175] [ 16.571439] Memory state around the buggy address: [ 16.571600] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.571664] fff00000c4518e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.571707] >fff00000c4518e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.571746] ^ [ 16.571929] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572027] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.572208] ================================================================== [ 16.592140] ================================================================== [ 16.592199] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.592246] Write of size 1 at addr fff00000c4518eeb by task kunit_try_catch/159 [ 16.592294] [ 16.592322] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.592446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.592473] Hardware name: linux,dummy-virt (DT) [ 16.592637] Call trace: [ 16.592663] show_stack+0x20/0x38 (C) [ 16.592748] dump_stack_lvl+0x8c/0xd0 [ 16.592834] print_report+0x118/0x5d0 [ 16.592908] kasan_report+0xdc/0x128 [ 16.592971] __asan_report_store1_noabort+0x20/0x30 [ 16.593022] krealloc_less_oob_helper+0xa58/0xc50 [ 16.593069] krealloc_less_oob+0x20/0x38 [ 16.593253] kunit_try_run_case+0x170/0x3f0 [ 16.593330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.593394] kthread+0x328/0x630 [ 16.593436] ret_from_fork+0x10/0x20 [ 16.593482] [ 16.593500] Allocated by task 159: [ 16.593527] kasan_save_stack+0x3c/0x68 [ 16.593566] kasan_save_track+0x20/0x40 [ 16.593602] kasan_save_alloc_info+0x40/0x58 [ 16.593641] __kasan_krealloc+0x118/0x178 [ 16.593677] krealloc_noprof+0x128/0x360 [ 16.593713] krealloc_less_oob_helper+0x168/0xc50 [ 16.593750] krealloc_less_oob+0x20/0x38 [ 16.593785] kunit_try_run_case+0x170/0x3f0 [ 16.593820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.593861] kthread+0x328/0x630 [ 16.593892] ret_from_fork+0x10/0x20 [ 16.593936] [ 16.593954] The buggy address belongs to the object at fff00000c4518e00 [ 16.593954] which belongs to the cache kmalloc-256 of size 256 [ 16.594014] The buggy address is located 34 bytes to the right of [ 16.594014] allocated 201-byte region [fff00000c4518e00, fff00000c4518ec9) [ 16.594078] [ 16.594097] The buggy address belongs to the physical page: [ 16.594126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.594509] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.594570] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.594669] page_type: f5(slab) [ 16.594786] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.594853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.594930] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.594979] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.595034] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.595087] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.595137] page dumped because: kasan: bad access detected [ 16.595167] [ 16.595195] Memory state around the buggy address: [ 16.595230] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595273] fff00000c4518e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.595320] >fff00000c4518e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.595428] ^ [ 16.595489] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595530] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.595570] ================================================================== [ 16.632706] ================================================================== [ 16.632771] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.632825] Write of size 1 at addr fff00000c78360eb by task kunit_try_catch/163 [ 16.632925] [ 16.632992] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.633071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.633097] Hardware name: linux,dummy-virt (DT) [ 16.633460] Call trace: [ 16.633556] show_stack+0x20/0x38 (C) [ 16.633634] dump_stack_lvl+0x8c/0xd0 [ 16.633718] print_report+0x118/0x5d0 [ 16.633789] kasan_report+0xdc/0x128 [ 16.633854] __asan_report_store1_noabort+0x20/0x30 [ 16.633906] krealloc_less_oob_helper+0xa58/0xc50 [ 16.634017] krealloc_large_less_oob+0x20/0x38 [ 16.634101] kunit_try_run_case+0x170/0x3f0 [ 16.634163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.634226] kthread+0x328/0x630 [ 16.634280] ret_from_fork+0x10/0x20 [ 16.634327] [ 16.634346] The buggy address belongs to the physical page: [ 16.634488] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 16.634543] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.634589] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.634788] page_type: f8(unknown) [ 16.634850] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.634901] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.634978] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.635027] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.635246] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 16.635306] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.635508] page dumped because: kasan: bad access detected [ 16.635651] [ 16.635672] Memory state around the buggy address: [ 16.635705] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.635764] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.636000] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.636146] ^ [ 16.636245] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.636371] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.636477] ================================================================== [ 16.580581] ================================================================== [ 16.580628] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.580674] Write of size 1 at addr fff00000c4518eda by task kunit_try_catch/159 [ 16.580723] [ 16.580751] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.580829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.580855] Hardware name: linux,dummy-virt (DT) [ 16.580884] Call trace: [ 16.580926] show_stack+0x20/0x38 (C) [ 16.580975] dump_stack_lvl+0x8c/0xd0 [ 16.581025] print_report+0x118/0x5d0 [ 16.581071] kasan_report+0xdc/0x128 [ 16.581120] __asan_report_store1_noabort+0x20/0x30 [ 16.581170] krealloc_less_oob_helper+0xa80/0xc50 [ 16.581478] krealloc_less_oob+0x20/0x38 [ 16.581664] kunit_try_run_case+0x170/0x3f0 [ 16.581718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.581789] kthread+0x328/0x630 [ 16.581831] ret_from_fork+0x10/0x20 [ 16.581881] [ 16.581899] Allocated by task 159: [ 16.582151] kasan_save_stack+0x3c/0x68 [ 16.582245] kasan_save_track+0x20/0x40 [ 16.582351] kasan_save_alloc_info+0x40/0x58 [ 16.582437] __kasan_krealloc+0x118/0x178 [ 16.582504] krealloc_noprof+0x128/0x360 [ 16.582560] krealloc_less_oob_helper+0x168/0xc50 [ 16.582637] krealloc_less_oob+0x20/0x38 [ 16.582672] kunit_try_run_case+0x170/0x3f0 [ 16.582708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.582775] kthread+0x328/0x630 [ 16.582809] ret_from_fork+0x10/0x20 [ 16.582863] [ 16.582911] The buggy address belongs to the object at fff00000c4518e00 [ 16.582911] which belongs to the cache kmalloc-256 of size 256 [ 16.583053] The buggy address is located 17 bytes to the right of [ 16.583053] allocated 201-byte region [fff00000c4518e00, fff00000c4518ec9) [ 16.583153] [ 16.583172] The buggy address belongs to the physical page: [ 16.583213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.583265] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.583312] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.583477] page_type: f5(slab) [ 16.583555] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.583724] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.583838] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.583998] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.584144] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.584289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.584427] page dumped because: kasan: bad access detected [ 16.584522] [ 16.584541] Memory state around the buggy address: [ 16.584572] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.584763] fff00000c4518e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.584810] >fff00000c4518e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.584848] ^ [ 16.585105] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585246] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.585372] ================================================================== [ 16.627121] ================================================================== [ 16.627155] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.627467] Write of size 1 at addr fff00000c78360ea by task kunit_try_catch/163 [ 16.627787] [ 16.627816] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.627970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.628015] Hardware name: linux,dummy-virt (DT) [ 16.628046] Call trace: [ 16.628066] show_stack+0x20/0x38 (C) [ 16.628152] dump_stack_lvl+0x8c/0xd0 [ 16.628238] print_report+0x118/0x5d0 [ 16.628285] kasan_report+0xdc/0x128 [ 16.628330] __asan_report_store1_noabort+0x20/0x30 [ 16.628380] krealloc_less_oob_helper+0xae4/0xc50 [ 16.628532] krealloc_large_less_oob+0x20/0x38 [ 16.628654] kunit_try_run_case+0x170/0x3f0 [ 16.628809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.628895] kthread+0x328/0x630 [ 16.628963] ret_from_fork+0x10/0x20 [ 16.629085] [ 16.629142] The buggy address belongs to the physical page: [ 16.629263] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 16.629347] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.629436] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.629517] page_type: f8(unknown) [ 16.629553] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.629603] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.629652] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.629901] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.630069] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 16.630236] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.630337] page dumped because: kasan: bad access detected [ 16.630502] [ 16.630630] Memory state around the buggy address: [ 16.630728] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.630848] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.630890] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.631339] ^ [ 16.631443] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.631488] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.631573] ================================================================== [ 16.573910] ================================================================== [ 16.574051] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.574106] Write of size 1 at addr fff00000c4518ed0 by task kunit_try_catch/159 [ 16.574161] [ 16.574230] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.574310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.574336] Hardware name: linux,dummy-virt (DT) [ 16.574374] Call trace: [ 16.574395] show_stack+0x20/0x38 (C) [ 16.574441] dump_stack_lvl+0x8c/0xd0 [ 16.574486] print_report+0x118/0x5d0 [ 16.574530] kasan_report+0xdc/0x128 [ 16.574862] __asan_report_store1_noabort+0x20/0x30 [ 16.574971] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.575022] krealloc_less_oob+0x20/0x38 [ 16.575067] kunit_try_run_case+0x170/0x3f0 [ 16.575114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.575272] kthread+0x328/0x630 [ 16.575316] ret_from_fork+0x10/0x20 [ 16.575362] [ 16.575428] Allocated by task 159: [ 16.575536] kasan_save_stack+0x3c/0x68 [ 16.575661] kasan_save_track+0x20/0x40 [ 16.575810] kasan_save_alloc_info+0x40/0x58 [ 16.575902] __kasan_krealloc+0x118/0x178 [ 16.575939] krealloc_noprof+0x128/0x360 [ 16.575975] krealloc_less_oob_helper+0x168/0xc50 [ 16.576012] krealloc_less_oob+0x20/0x38 [ 16.576047] kunit_try_run_case+0x170/0x3f0 [ 16.576083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.576124] kthread+0x328/0x630 [ 16.576154] ret_from_fork+0x10/0x20 [ 16.576197] [ 16.576215] The buggy address belongs to the object at fff00000c4518e00 [ 16.576215] which belongs to the cache kmalloc-256 of size 256 [ 16.576427] The buggy address is located 7 bytes to the right of [ 16.576427] allocated 201-byte region [fff00000c4518e00, fff00000c4518ec9) [ 16.576583] [ 16.576686] The buggy address belongs to the physical page: [ 16.576734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.576840] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.576957] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.577073] page_type: f5(slab) [ 16.577176] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.577261] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.577353] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.577604] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.577799] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.577920] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.578086] page dumped because: kasan: bad access detected [ 16.578224] [ 16.578325] Memory state around the buggy address: [ 16.578402] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.578544] fff00000c4518e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.578587] >fff00000c4518e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.578667] ^ [ 16.579025] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579116] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579166] ================================================================== [ 16.585961] ================================================================== [ 16.586029] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.586078] Write of size 1 at addr fff00000c4518eea by task kunit_try_catch/159 [ 16.586423] [ 16.586466] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.586547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.586575] Hardware name: linux,dummy-virt (DT) [ 16.586655] Call trace: [ 16.586693] show_stack+0x20/0x38 (C) [ 16.586792] dump_stack_lvl+0x8c/0xd0 [ 16.586867] print_report+0x118/0x5d0 [ 16.586932] kasan_report+0xdc/0x128 [ 16.586977] __asan_report_store1_noabort+0x20/0x30 [ 16.587026] krealloc_less_oob_helper+0xae4/0xc50 [ 16.587073] krealloc_less_oob+0x20/0x38 [ 16.587118] kunit_try_run_case+0x170/0x3f0 [ 16.587164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.587227] kthread+0x328/0x630 [ 16.587268] ret_from_fork+0x10/0x20 [ 16.587314] [ 16.587476] Allocated by task 159: [ 16.587563] kasan_save_stack+0x3c/0x68 [ 16.587618] kasan_save_track+0x20/0x40 [ 16.587654] kasan_save_alloc_info+0x40/0x58 [ 16.587701] __kasan_krealloc+0x118/0x178 [ 16.587737] krealloc_noprof+0x128/0x360 [ 16.588040] krealloc_less_oob_helper+0x168/0xc50 [ 16.588158] krealloc_less_oob+0x20/0x38 [ 16.588302] kunit_try_run_case+0x170/0x3f0 [ 16.588436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.588589] kthread+0x328/0x630 [ 16.588622] ret_from_fork+0x10/0x20 [ 16.588656] [ 16.588675] The buggy address belongs to the object at fff00000c4518e00 [ 16.588675] which belongs to the cache kmalloc-256 of size 256 [ 16.589012] The buggy address is located 33 bytes to the right of [ 16.589012] allocated 201-byte region [fff00000c4518e00, fff00000c4518ec9) [ 16.589257] [ 16.589333] The buggy address belongs to the physical page: [ 16.589420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.589565] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.589716] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.589855] page_type: f5(slab) [ 16.589891] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.590230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.590375] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.590524] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.590750] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.590836] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.591018] page dumped because: kasan: bad access detected [ 16.591086] [ 16.591103] Memory state around the buggy address: [ 16.591133] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.591221] fff00000c4518e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.591275] >fff00000c4518e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.591323] ^ [ 16.591362] fff00000c4518f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.591414] fff00000c4518f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.591451] ================================================================== [ 16.616924] ================================================================== [ 16.617045] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.617097] Write of size 1 at addr fff00000c78360c9 by task kunit_try_catch/163 [ 16.617146] [ 16.617192] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.617272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.617441] Hardware name: linux,dummy-virt (DT) [ 16.617474] Call trace: [ 16.617495] show_stack+0x20/0x38 (C) [ 16.617560] dump_stack_lvl+0x8c/0xd0 [ 16.617675] print_report+0x118/0x5d0 [ 16.617751] kasan_report+0xdc/0x128 [ 16.617815] __asan_report_store1_noabort+0x20/0x30 [ 16.617883] krealloc_less_oob_helper+0xa48/0xc50 [ 16.617958] krealloc_large_less_oob+0x20/0x38 [ 16.618055] kunit_try_run_case+0x170/0x3f0 [ 16.618119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618171] kthread+0x328/0x630 [ 16.618223] ret_from_fork+0x10/0x20 [ 16.618268] [ 16.618316] The buggy address belongs to the physical page: [ 16.618353] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 16.618427] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.618474] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.618542] page_type: f8(unknown) [ 16.618582] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618630] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618833] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618887] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618974] head: 0bfffe0000000002 ffffc1ffc31e0d01 00000000ffffffff 00000000ffffffff [ 16.619064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.619124] page dumped because: kasan: bad access detected [ 16.619172] [ 16.619229] Memory state around the buggy address: [ 16.619282] fff00000c7835f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.619344] fff00000c7836000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.619493] >fff00000c7836080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.619611] ^ [ 16.619728] fff00000c7836100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.619771] fff00000c7836180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.619808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.550090] ================================================================== [ 16.550164] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.550245] Write of size 1 at addr fff00000c4518ceb by task kunit_try_catch/157 [ 16.550295] [ 16.550347] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.550652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.550691] Hardware name: linux,dummy-virt (DT) [ 16.550721] Call trace: [ 16.550770] show_stack+0x20/0x38 (C) [ 16.550996] dump_stack_lvl+0x8c/0xd0 [ 16.551054] print_report+0x118/0x5d0 [ 16.551100] kasan_report+0xdc/0x128 [ 16.551145] __asan_report_store1_noabort+0x20/0x30 [ 16.551207] krealloc_more_oob_helper+0x60c/0x678 [ 16.551254] krealloc_more_oob+0x20/0x38 [ 16.551299] kunit_try_run_case+0x170/0x3f0 [ 16.551372] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.551562] kthread+0x328/0x630 [ 16.551639] ret_from_fork+0x10/0x20 [ 16.551719] [ 16.551770] Allocated by task 157: [ 16.551826] kasan_save_stack+0x3c/0x68 [ 16.551906] kasan_save_track+0x20/0x40 [ 16.552058] kasan_save_alloc_info+0x40/0x58 [ 16.552163] __kasan_krealloc+0x118/0x178 [ 16.552211] krealloc_noprof+0x128/0x360 [ 16.552455] krealloc_more_oob_helper+0x168/0x678 [ 16.552579] krealloc_more_oob+0x20/0x38 [ 16.552695] kunit_try_run_case+0x170/0x3f0 [ 16.552787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.552942] kthread+0x328/0x630 [ 16.553015] ret_from_fork+0x10/0x20 [ 16.553071] [ 16.553091] The buggy address belongs to the object at fff00000c4518c00 [ 16.553091] which belongs to the cache kmalloc-256 of size 256 [ 16.553159] The buggy address is located 0 bytes to the right of [ 16.553159] allocated 235-byte region [fff00000c4518c00, fff00000c4518ceb) [ 16.553235] [ 16.553254] The buggy address belongs to the physical page: [ 16.553285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.553339] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.553395] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.553449] page_type: f5(slab) [ 16.553495] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.553553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.553621] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.553669] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.553723] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.553780] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.553830] page dumped because: kasan: bad access detected [ 16.553866] [ 16.553883] Memory state around the buggy address: [ 16.553921] fff00000c4518b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553964] fff00000c4518c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.554011] >fff00000c4518c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.554048] ^ [ 16.554096] fff00000c4518d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554138] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554175] ================================================================== [ 16.556485] ================================================================== [ 16.556540] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.556614] Write of size 1 at addr fff00000c4518cf0 by task kunit_try_catch/157 [ 16.556669] [ 16.556698] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.556776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.556802] Hardware name: linux,dummy-virt (DT) [ 16.556831] Call trace: [ 16.556852] show_stack+0x20/0x38 (C) [ 16.556897] dump_stack_lvl+0x8c/0xd0 [ 16.556941] print_report+0x118/0x5d0 [ 16.557142] kasan_report+0xdc/0x128 [ 16.557226] __asan_report_store1_noabort+0x20/0x30 [ 16.557311] krealloc_more_oob_helper+0x5c0/0x678 [ 16.557376] krealloc_more_oob+0x20/0x38 [ 16.557451] kunit_try_run_case+0x170/0x3f0 [ 16.557515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.557566] kthread+0x328/0x630 [ 16.557608] ret_from_fork+0x10/0x20 [ 16.557818] [ 16.557923] Allocated by task 157: [ 16.557961] kasan_save_stack+0x3c/0x68 [ 16.558010] kasan_save_track+0x20/0x40 [ 16.558058] kasan_save_alloc_info+0x40/0x58 [ 16.558133] __kasan_krealloc+0x118/0x178 [ 16.558191] krealloc_noprof+0x128/0x360 [ 16.558228] krealloc_more_oob_helper+0x168/0x678 [ 16.558275] krealloc_more_oob+0x20/0x38 [ 16.558310] kunit_try_run_case+0x170/0x3f0 [ 16.558478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.558610] kthread+0x328/0x630 [ 16.558649] ret_from_fork+0x10/0x20 [ 16.558683] [ 16.558702] The buggy address belongs to the object at fff00000c4518c00 [ 16.558702] which belongs to the cache kmalloc-256 of size 256 [ 16.558769] The buggy address is located 5 bytes to the right of [ 16.558769] allocated 235-byte region [fff00000c4518c00, fff00000c4518ceb) [ 16.558833] [ 16.558851] The buggy address belongs to the physical page: [ 16.558933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104518 [ 16.558985] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.559047] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.559103] page_type: f5(slab) [ 16.559168] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.559231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.559280] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.559446] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.559712] head: 0bfffe0000000001 ffffc1ffc3114601 00000000ffffffff 00000000ffffffff [ 16.559802] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.559893] page dumped because: kasan: bad access detected [ 16.559923] [ 16.559941] Memory state around the buggy address: [ 16.559979] fff00000c4518b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.560026] fff00000c4518c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.560213] >fff00000c4518c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.560409] ^ [ 16.560475] fff00000c4518d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.560672] fff00000c4518d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.560749] ================================================================== [ 16.608396] ================================================================== [ 16.608756] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.608840] Write of size 1 at addr fff00000c78320f0 by task kunit_try_catch/161 [ 16.608895] [ 16.608924] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.609015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.609041] Hardware name: linux,dummy-virt (DT) [ 16.609070] Call trace: [ 16.609090] show_stack+0x20/0x38 (C) [ 16.609317] dump_stack_lvl+0x8c/0xd0 [ 16.609408] print_report+0x118/0x5d0 [ 16.609484] kasan_report+0xdc/0x128 [ 16.609530] __asan_report_store1_noabort+0x20/0x30 [ 16.609597] krealloc_more_oob_helper+0x5c0/0x678 [ 16.609671] krealloc_large_more_oob+0x20/0x38 [ 16.609718] kunit_try_run_case+0x170/0x3f0 [ 16.609794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.609846] kthread+0x328/0x630 [ 16.609894] ret_from_fork+0x10/0x20 [ 16.609941] [ 16.609977] The buggy address belongs to the physical page: [ 16.610013] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 16.610275] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.610388] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.610462] page_type: f8(unknown) [ 16.610499] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.610566] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.610618] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.610667] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.610715] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 16.610763] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.610803] page dumped because: kasan: bad access detected [ 16.610832] [ 16.610849] Memory state around the buggy address: [ 16.610991] fff00000c7831f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.611070] fff00000c7832000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.611132] >fff00000c7832080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.611219] ^ [ 16.611281] fff00000c7832100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.611466] fff00000c7832180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.611513] ================================================================== [ 16.604329] ================================================================== [ 16.604390] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.604441] Write of size 1 at addr fff00000c78320eb by task kunit_try_catch/161 [ 16.604645] [ 16.604748] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.604832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.605147] Hardware name: linux,dummy-virt (DT) [ 16.605235] Call trace: [ 16.605265] show_stack+0x20/0x38 (C) [ 16.605314] dump_stack_lvl+0x8c/0xd0 [ 16.605359] print_report+0x118/0x5d0 [ 16.605414] kasan_report+0xdc/0x128 [ 16.605461] __asan_report_store1_noabort+0x20/0x30 [ 16.605512] krealloc_more_oob_helper+0x60c/0x678 [ 16.605575] krealloc_large_more_oob+0x20/0x38 [ 16.605621] kunit_try_run_case+0x170/0x3f0 [ 16.605667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.605718] kthread+0x328/0x630 [ 16.605758] ret_from_fork+0x10/0x20 [ 16.605804] [ 16.605848] The buggy address belongs to the physical page: [ 16.605880] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 16.605940] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.606006] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.606082] page_type: f8(unknown) [ 16.606129] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.606190] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.606239] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.606287] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.606335] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 16.606383] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.606667] page dumped because: kasan: bad access detected [ 16.606711] [ 16.606728] Memory state around the buggy address: [ 16.606802] fff00000c7831f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.606891] fff00000c7832000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.607008] >fff00000c7832080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.607108] ^ [ 16.607148] fff00000c7832100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.607214] fff00000c7832180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.607706] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.539254] ================================================================== [ 16.539339] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.539436] Read of size 1 at addr fff00000c7860000 by task kunit_try_catch/155 [ 16.539511] [ 16.539592] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.539724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.539767] Hardware name: linux,dummy-virt (DT) [ 16.539798] Call trace: [ 16.539841] show_stack+0x20/0x38 (C) [ 16.539909] dump_stack_lvl+0x8c/0xd0 [ 16.539955] print_report+0x118/0x5d0 [ 16.540000] kasan_report+0xdc/0x128 [ 16.540044] __asan_report_load1_noabort+0x20/0x30 [ 16.540241] page_alloc_uaf+0x328/0x350 [ 16.540290] kunit_try_run_case+0x170/0x3f0 [ 16.540395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.540489] kthread+0x328/0x630 [ 16.540675] ret_from_fork+0x10/0x20 [ 16.540831] [ 16.540985] The buggy address belongs to the physical page: [ 16.541084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107860 [ 16.541283] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.541339] page_type: f0(buddy) [ 16.541424] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 16.541474] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 16.541513] page dumped because: kasan: bad access detected [ 16.541543] [ 16.541559] Memory state around the buggy address: [ 16.541590] fff00000c785ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541767] fff00000c785ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541834] >fff00000c7860000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.541921] ^ [ 16.541949] fff00000c7860080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.542054] fff00000c7860100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.542226] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.522996] ================================================================== [ 16.523083] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.523240] Free of addr fff00000c7830001 by task kunit_try_catch/151 [ 16.523289] [ 16.523338] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.523431] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.523457] Hardware name: linux,dummy-virt (DT) [ 16.523635] Call trace: [ 16.523657] show_stack+0x20/0x38 (C) [ 16.523706] dump_stack_lvl+0x8c/0xd0 [ 16.523750] print_report+0x118/0x5d0 [ 16.523936] kasan_report_invalid_free+0xc0/0xe8 [ 16.524043] __kasan_kfree_large+0x5c/0xa8 [ 16.524175] free_large_kmalloc+0x64/0x190 [ 16.524269] kfree+0x270/0x3c8 [ 16.524312] kmalloc_large_invalid_free+0x108/0x270 [ 16.524602] kunit_try_run_case+0x170/0x3f0 [ 16.524747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.524853] kthread+0x328/0x630 [ 16.524956] ret_from_fork+0x10/0x20 [ 16.525002] [ 16.525049] The buggy address belongs to the physical page: [ 16.525248] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107830 [ 16.525305] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.525351] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.525715] page_type: f8(unknown) [ 16.525761] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.525834] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.525884] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.525942] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.526015] head: 0bfffe0000000002 ffffc1ffc31e0c01 00000000ffffffff 00000000ffffffff [ 16.526065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.526113] page dumped because: kasan: bad access detected [ 16.526143] [ 16.526161] Memory state around the buggy address: [ 16.526221] fff00000c782ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526264] fff00000c782ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.526306] >fff00000c7830000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.526342] ^ [ 16.526376] fff00000c7830080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.526418] fff00000c7830100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.526476] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.514917] ================================================================== [ 16.514982] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.515031] Read of size 1 at addr fff00000c782c000 by task kunit_try_catch/149 [ 16.515080] [ 16.515113] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.515211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.515237] Hardware name: linux,dummy-virt (DT) [ 16.515513] Call trace: [ 16.515548] show_stack+0x20/0x38 (C) [ 16.515598] dump_stack_lvl+0x8c/0xd0 [ 16.515643] print_report+0x118/0x5d0 [ 16.515687] kasan_report+0xdc/0x128 [ 16.515730] __asan_report_load1_noabort+0x20/0x30 [ 16.515778] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.515821] kunit_try_run_case+0x170/0x3f0 [ 16.515866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.515917] kthread+0x328/0x630 [ 16.515956] ret_from_fork+0x10/0x20 [ 16.516001] [ 16.516020] The buggy address belongs to the physical page: [ 16.516049] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10782c [ 16.516102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.516162] raw: 0bfffe0000000000 ffffc1ffc31e0c08 fff00000da479c40 0000000000000000 [ 16.516275] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.516314] page dumped because: kasan: bad access detected [ 16.516344] [ 16.516361] Memory state around the buggy address: [ 16.516392] fff00000c782bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.516434] fff00000c782bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.516476] >fff00000c782c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.516729] ^ [ 16.516764] fff00000c782c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.516848] fff00000c782c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.516886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.505093] ================================================================== [ 16.505166] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.505301] Write of size 1 at addr fff00000c782e00a by task kunit_try_catch/147 [ 16.505353] [ 16.505388] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.505487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.505514] Hardware name: linux,dummy-virt (DT) [ 16.505562] Call trace: [ 16.505651] show_stack+0x20/0x38 (C) [ 16.505701] dump_stack_lvl+0x8c/0xd0 [ 16.505747] print_report+0x118/0x5d0 [ 16.506011] kasan_report+0xdc/0x128 [ 16.506103] __asan_report_store1_noabort+0x20/0x30 [ 16.506173] kmalloc_large_oob_right+0x278/0x2b8 [ 16.506260] kunit_try_run_case+0x170/0x3f0 [ 16.506328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.506380] kthread+0x328/0x630 [ 16.506420] ret_from_fork+0x10/0x20 [ 16.506466] [ 16.506504] The buggy address belongs to the physical page: [ 16.506538] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10782c [ 16.506594] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.506640] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.506813] page_type: f8(unknown) [ 16.506884] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.506963] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.507051] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.507129] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.507201] head: 0bfffe0000000002 ffffc1ffc31e0b01 00000000ffffffff 00000000ffffffff [ 16.507251] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.507565] page dumped because: kasan: bad access detected [ 16.507663] [ 16.507704] Memory state around the buggy address: [ 16.507788] fff00000c782df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.507831] fff00000c782df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.507873] >fff00000c782e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.507910] ^ [ 16.507957] fff00000c782e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.508000] fff00000c782e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.508037] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.474309] ================================================================== [ 16.474372] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.474423] Write of size 1 at addr fff00000c457df00 by task kunit_try_catch/145 [ 16.475742] [ 16.475898] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.476109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.476138] Hardware name: linux,dummy-virt (DT) [ 16.476370] Call trace: [ 16.476710] show_stack+0x20/0x38 (C) [ 16.476824] dump_stack_lvl+0x8c/0xd0 [ 16.477060] print_report+0x118/0x5d0 [ 16.477113] kasan_report+0xdc/0x128 [ 16.477158] __asan_report_store1_noabort+0x20/0x30 [ 16.477220] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.477266] kunit_try_run_case+0x170/0x3f0 [ 16.477311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.478170] kthread+0x328/0x630 [ 16.478522] ret_from_fork+0x10/0x20 [ 16.478827] [ 16.478967] Allocated by task 145: [ 16.479002] kasan_save_stack+0x3c/0x68 [ 16.479052] kasan_save_track+0x20/0x40 [ 16.479090] kasan_save_alloc_info+0x40/0x58 [ 16.479466] __kasan_kmalloc+0xd4/0xd8 [ 16.479850] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.480150] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.480202] kunit_try_run_case+0x170/0x3f0 [ 16.480599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.480653] kthread+0x328/0x630 [ 16.480685] ret_from_fork+0x10/0x20 [ 16.480720] [ 16.480740] The buggy address belongs to the object at fff00000c457c000 [ 16.480740] which belongs to the cache kmalloc-8k of size 8192 [ 16.481417] The buggy address is located 0 bytes to the right of [ 16.481417] allocated 7936-byte region [fff00000c457c000, fff00000c457df00) [ 16.481501] [ 16.481532] The buggy address belongs to the physical page: [ 16.481957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104578 [ 16.482775] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.483150] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.483346] page_type: f5(slab) [ 16.483428] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.483621] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.483758] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.483920] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.484139] head: 0bfffe0000000003 ffffc1ffc3115e01 00000000ffffffff 00000000ffffffff [ 16.484252] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.484668] page dumped because: kasan: bad access detected [ 16.484907] [ 16.484930] Memory state around the buggy address: [ 16.485142] fff00000c457de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.485414] fff00000c457de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.485476] >fff00000c457df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.485521] ^ [ 16.485549] fff00000c457df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486394] fff00000c457e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.486453] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.449365] ================================================================== [ 16.449416] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.450975] Write of size 1 at addr fff00000c5aae078 by task kunit_try_catch/143 [ 16.451054] [ 16.451086] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.451360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.451616] Hardware name: linux,dummy-virt (DT) [ 16.451658] Call trace: [ 16.451971] show_stack+0x20/0x38 (C) [ 16.452083] dump_stack_lvl+0x8c/0xd0 [ 16.452308] print_report+0x118/0x5d0 [ 16.452496] kasan_report+0xdc/0x128 [ 16.452744] __asan_report_store1_noabort+0x20/0x30 [ 16.452871] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.453026] kunit_try_run_case+0x170/0x3f0 [ 16.453075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.453127] kthread+0x328/0x630 [ 16.453167] ret_from_fork+0x10/0x20 [ 16.453943] [ 16.453969] Allocated by task 143: [ 16.454006] kasan_save_stack+0x3c/0x68 [ 16.454337] kasan_save_track+0x20/0x40 [ 16.454582] kasan_save_alloc_info+0x40/0x58 [ 16.454633] __kasan_kmalloc+0xd4/0xd8 [ 16.454869] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.455311] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.455504] kunit_try_run_case+0x170/0x3f0 [ 16.455568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.455801] kthread+0x328/0x630 [ 16.456020] ret_from_fork+0x10/0x20 [ 16.456123] [ 16.456154] The buggy address belongs to the object at fff00000c5aae000 [ 16.456154] which belongs to the cache kmalloc-128 of size 128 [ 16.456229] The buggy address is located 0 bytes to the right of [ 16.456229] allocated 120-byte region [fff00000c5aae000, fff00000c5aae078) [ 16.456293] [ 16.456311] The buggy address belongs to the physical page: [ 16.456341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105aae [ 16.456392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.456439] page_type: f5(slab) [ 16.457405] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.457477] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.457548] page dumped because: kasan: bad access detected [ 16.457578] [ 16.457597] Memory state around the buggy address: [ 16.458120] fff00000c5aadf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458501] fff00000c5aadf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458613] >fff00000c5aae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.458808] ^ [ 16.459088] fff00000c5aae080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459282] fff00000c5aae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.459324] ================================================================== [ 16.437926] ================================================================== [ 16.438772] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.438844] Write of size 1 at addr fff00000c46fff78 by task kunit_try_catch/143 [ 16.438905] [ 16.439097] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.439462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.439491] Hardware name: linux,dummy-virt (DT) [ 16.439716] Call trace: [ 16.439745] show_stack+0x20/0x38 (C) [ 16.439973] dump_stack_lvl+0x8c/0xd0 [ 16.440371] print_report+0x118/0x5d0 [ 16.440466] kasan_report+0xdc/0x128 [ 16.441021] __asan_report_store1_noabort+0x20/0x30 [ 16.441461] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.441729] kunit_try_run_case+0x170/0x3f0 [ 16.441801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.441856] kthread+0x328/0x630 [ 16.441898] ret_from_fork+0x10/0x20 [ 16.441946] [ 16.442735] Allocated by task 143: [ 16.442781] kasan_save_stack+0x3c/0x68 [ 16.442824] kasan_save_track+0x20/0x40 [ 16.442861] kasan_save_alloc_info+0x40/0x58 [ 16.442899] __kasan_kmalloc+0xd4/0xd8 [ 16.442935] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.442978] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.443019] kunit_try_run_case+0x170/0x3f0 [ 16.443055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.443097] kthread+0x328/0x630 [ 16.443807] ret_from_fork+0x10/0x20 [ 16.443853] [ 16.443931] The buggy address belongs to the object at fff00000c46fff00 [ 16.443931] which belongs to the cache kmalloc-128 of size 128 [ 16.443991] The buggy address is located 0 bytes to the right of [ 16.443991] allocated 120-byte region [fff00000c46fff00, fff00000c46fff78) [ 16.444261] [ 16.444283] The buggy address belongs to the physical page: [ 16.444315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.444380] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.444819] page_type: f5(slab) [ 16.445221] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.445570] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.445701] page dumped because: kasan: bad access detected [ 16.446049] [ 16.446073] Memory state around the buggy address: [ 16.446390] fff00000c46ffe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.446724] fff00000c46ffe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.446770] >fff00000c46fff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.446808] ^ [ 16.446849] fff00000c46fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447415] fff00000c4700000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.447596] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.369850] ================================================================== [ 16.370704] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.370789] Read of size 1 at addr fff00000c44ab9ff by task kunit_try_catch/139 [ 16.370993] [ 16.371094] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.371175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.371210] Hardware name: linux,dummy-virt (DT) [ 16.371243] Call trace: [ 16.371264] show_stack+0x20/0x38 (C) [ 16.371312] dump_stack_lvl+0x8c/0xd0 [ 16.372096] print_report+0x118/0x5d0 [ 16.372210] kasan_report+0xdc/0x128 [ 16.372607] __asan_report_load1_noabort+0x20/0x30 [ 16.373061] kmalloc_oob_left+0x2ec/0x320 [ 16.373151] kunit_try_run_case+0x170/0x3f0 [ 16.373701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.373774] kthread+0x328/0x630 [ 16.374323] ret_from_fork+0x10/0x20 [ 16.374772] [ 16.374793] Allocated by task 26: [ 16.374824] kasan_save_stack+0x3c/0x68 [ 16.374865] kasan_save_track+0x20/0x40 [ 16.374902] kasan_save_alloc_info+0x40/0x58 [ 16.374941] __kasan_kmalloc+0xd4/0xd8 [ 16.374976] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.375817] kstrdup+0x54/0xc8 [ 16.375863] devtmpfs_work_loop+0x6f8/0xa58 [ 16.375904] devtmpfsd+0x50/0x58 [ 16.375938] kthread+0x328/0x630 [ 16.376439] ret_from_fork+0x10/0x20 [ 16.376493] [ 16.376704] Freed by task 26: [ 16.376808] kasan_save_stack+0x3c/0x68 [ 16.377079] kasan_save_track+0x20/0x40 [ 16.377124] kasan_save_free_info+0x4c/0x78 [ 16.377361] __kasan_slab_free+0x6c/0x98 [ 16.377741] kfree+0x214/0x3c8 [ 16.377780] devtmpfs_work_loop+0x804/0xa58 [ 16.378118] devtmpfsd+0x50/0x58 [ 16.378249] kthread+0x328/0x630 [ 16.378291] ret_from_fork+0x10/0x20 [ 16.378340] [ 16.378809] The buggy address belongs to the object at fff00000c44ab9e0 [ 16.378809] which belongs to the cache kmalloc-16 of size 16 [ 16.378902] The buggy address is located 15 bytes to the right of [ 16.378902] allocated 16-byte region [fff00000c44ab9e0, fff00000c44ab9f0) [ 16.379342] [ 16.379369] The buggy address belongs to the physical page: [ 16.379403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044ab [ 16.379757] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.379828] page_type: f5(slab) [ 16.379875] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.380022] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.380358] page dumped because: kasan: bad access detected [ 16.380393] [ 16.380537] Memory state around the buggy address: [ 16.380578] fff00000c44ab880: 00 06 fc fc fa fb fc fc 00 06 fc fc 00 06 fc fc [ 16.380940] fff00000c44ab900: fa fb fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 16.381011] >fff00000c44ab980: 00 00 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 16.381050] ^ [ 16.381291] fff00000c44aba00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381621] fff00000c44aba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.335304] ================================================================== [ 16.335662] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.336487] Write of size 1 at addr fff00000c46ffd73 by task kunit_try_catch/137 [ 16.336593] [ 16.337377] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.337521] Tainted: [N]=TEST [ 16.337554] Hardware name: linux,dummy-virt (DT) [ 16.337771] Call trace: [ 16.337936] show_stack+0x20/0x38 (C) [ 16.338077] dump_stack_lvl+0x8c/0xd0 [ 16.338138] print_report+0x118/0x5d0 [ 16.338198] kasan_report+0xdc/0x128 [ 16.338243] __asan_report_store1_noabort+0x20/0x30 [ 16.338295] kmalloc_oob_right+0x5a4/0x660 [ 16.338340] kunit_try_run_case+0x170/0x3f0 [ 16.338390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.338443] kthread+0x328/0x630 [ 16.338486] ret_from_fork+0x10/0x20 [ 16.338639] [ 16.338676] Allocated by task 137: [ 16.338811] kasan_save_stack+0x3c/0x68 [ 16.338879] kasan_save_track+0x20/0x40 [ 16.338916] kasan_save_alloc_info+0x40/0x58 [ 16.338955] __kasan_kmalloc+0xd4/0xd8 [ 16.338991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.339031] kmalloc_oob_right+0xb0/0x660 [ 16.339066] kunit_try_run_case+0x170/0x3f0 [ 16.339103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.339146] kthread+0x328/0x630 [ 16.339177] ret_from_fork+0x10/0x20 [ 16.339243] [ 16.339303] The buggy address belongs to the object at fff00000c46ffd00 [ 16.339303] which belongs to the cache kmalloc-128 of size 128 [ 16.339415] The buggy address is located 0 bytes to the right of [ 16.339415] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.339484] [ 16.339579] The buggy address belongs to the physical page: [ 16.339781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.340052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.340354] page_type: f5(slab) [ 16.340651] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.340715] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.340820] page dumped because: kasan: bad access detected [ 16.340860] [ 16.340885] Memory state around the buggy address: [ 16.341103] fff00000c46ffc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.341167] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341236] >fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.341291] ^ [ 16.341376] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341418] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341478] ================================================================== [ 16.345890] ================================================================== [ 16.345935] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.345979] Read of size 1 at addr fff00000c46ffd80 by task kunit_try_catch/137 [ 16.346036] [ 16.346064] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.346142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.346168] Hardware name: linux,dummy-virt (DT) [ 16.346211] Call trace: [ 16.346231] show_stack+0x20/0x38 (C) [ 16.346276] dump_stack_lvl+0x8c/0xd0 [ 16.346320] print_report+0x118/0x5d0 [ 16.346365] kasan_report+0xdc/0x128 [ 16.346409] __asan_report_load1_noabort+0x20/0x30 [ 16.346459] kmalloc_oob_right+0x5d0/0x660 [ 16.346503] kunit_try_run_case+0x170/0x3f0 [ 16.346549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.346739] kthread+0x328/0x630 [ 16.346956] ret_from_fork+0x10/0x20 [ 16.347003] [ 16.347026] Allocated by task 137: [ 16.347128] kasan_save_stack+0x3c/0x68 [ 16.347219] kasan_save_track+0x20/0x40 [ 16.348344] kasan_save_alloc_info+0x40/0x58 [ 16.348628] __kasan_kmalloc+0xd4/0xd8 [ 16.348685] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.348724] kmalloc_oob_right+0xb0/0x660 [ 16.348766] kunit_try_run_case+0x170/0x3f0 [ 16.348803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.348846] kthread+0x328/0x630 [ 16.348876] ret_from_fork+0x10/0x20 [ 16.349007] [ 16.349027] The buggy address belongs to the object at fff00000c46ffd00 [ 16.349027] which belongs to the cache kmalloc-128 of size 128 [ 16.349125] The buggy address is located 13 bytes to the right of [ 16.349125] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.349604] [ 16.349634] The buggy address belongs to the physical page: [ 16.349768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.350266] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.350534] page_type: f5(slab) [ 16.350644] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.350695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.350736] page dumped because: kasan: bad access detected [ 16.350766] [ 16.350783] Memory state around the buggy address: [ 16.350813] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351464] fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.351507] >fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351573] ^ [ 16.351601] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351646] fff00000c46ffe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.351841] ================================================================== [ 16.342359] ================================================================== [ 16.342398] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.342442] Write of size 1 at addr fff00000c46ffd78 by task kunit_try_catch/137 [ 16.342492] [ 16.342521] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.342600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343242] Hardware name: linux,dummy-virt (DT) [ 16.343275] Call trace: [ 16.343295] show_stack+0x20/0x38 (C) [ 16.343342] dump_stack_lvl+0x8c/0xd0 [ 16.343386] print_report+0x118/0x5d0 [ 16.343430] kasan_report+0xdc/0x128 [ 16.343474] __asan_report_store1_noabort+0x20/0x30 [ 16.343940] kmalloc_oob_right+0x538/0x660 [ 16.343987] kunit_try_run_case+0x170/0x3f0 [ 16.344034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.344086] kthread+0x328/0x630 [ 16.344126] ret_from_fork+0x10/0x20 [ 16.344172] [ 16.344202] Allocated by task 137: [ 16.344229] kasan_save_stack+0x3c/0x68 [ 16.344268] kasan_save_track+0x20/0x40 [ 16.344304] kasan_save_alloc_info+0x40/0x58 [ 16.344342] __kasan_kmalloc+0xd4/0xd8 [ 16.344377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.344415] kmalloc_oob_right+0xb0/0x660 [ 16.344449] kunit_try_run_case+0x170/0x3f0 [ 16.344485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.344528] kthread+0x328/0x630 [ 16.344559] ret_from_fork+0x10/0x20 [ 16.344593] [ 16.344611] The buggy address belongs to the object at fff00000c46ffd00 [ 16.344611] which belongs to the cache kmalloc-128 of size 128 [ 16.344667] The buggy address is located 5 bytes to the right of [ 16.344667] allocated 115-byte region [fff00000c46ffd00, fff00000c46ffd73) [ 16.344730] [ 16.344748] The buggy address belongs to the physical page: [ 16.344777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046ff [ 16.344828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.344874] page_type: f5(slab) [ 16.344910] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.344959] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.344998] page dumped because: kasan: bad access detected [ 16.345028] [ 16.345045] Memory state around the buggy address: [ 16.345075] fff00000c46ffc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.345117] fff00000c46ffc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345157] >fff00000c46ffd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.345203] ^ [ 16.345243] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345286] fff00000c46ffe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.345323] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 96.672678] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 96.673364] Modules linked in: [ 96.673570] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 96.673952] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.674213] Hardware name: linux,dummy-virt (DT) [ 96.674655] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.675335] pc : intlog10+0x38/0x48 [ 96.675768] lr : intlog10_test+0xe4/0x200 [ 96.676274] sp : ffff800082117c10 [ 96.676624] x29: ffff800082117c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.677355] x26: 1ffe000019597cc1 x25: 0000000000000000 x24: ffff800082117ce0 [ 96.678287] x23: ffff800082117d00 x22: 0000000000000000 x21: 1ffff00010422f82 [ 96.679115] x20: ffff946998089d80 x19: ffff800080087990 x18: 00000000d2e31cc1 [ 96.679962] x17: 0000000009e39dc3 x16: fff00000c0975c3c x15: 000000008faf9eb6 [ 96.680763] x14: 00000000869db0da x13: 1ffe00001b48a7cd x12: ffff728d337e3379 [ 96.681643] x11: 1ffff28d337e3378 x10: ffff728d337e3378 x9 : ffff946995635e5c [ 96.682394] x8 : ffff94699bf19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.682759] x5 : ffff700010422f82 x4 : 1ffff00010010f3a x3 : 1ffff28d330113b0 [ 96.683108] x2 : 1ffff28d330113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.683674] Call trace: [ 96.683954] intlog10+0x38/0x48 (P) [ 96.684379] kunit_try_run_case+0x170/0x3f0 [ 96.684826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.685388] kthread+0x328/0x630 [ 96.685747] ret_from_fork+0x10/0x20 [ 96.686141] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 96.628939] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 96.629795] Modules linked in: [ 96.630084] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 96.630562] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.630824] Hardware name: linux,dummy-virt (DT) [ 96.631091] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.631469] pc : intlog2+0xd8/0xf8 [ 96.631691] lr : intlog2_test+0xe4/0x200 [ 96.631922] sp : ffff8000821a7c10 [ 96.632091] x29: ffff8000821a7c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.632751] x26: 1ffe000018cb22c1 x25: 0000000000000000 x24: ffff8000821a7ce0 [ 96.633195] x23: ffff8000821a7d00 x22: 0000000000000000 x21: 1ffff00010434f82 [ 96.633623] x20: ffff946998089c80 x19: ffff800080087990 x18: 0000000065d74743 [ 96.634026] x17: 00000000c6098a42 x16: fff00000c0975c3c x15: 0000000046e6b291 [ 96.634472] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff728d337e3379 [ 96.634896] x11: 1ffff28d337e3378 x10: ffff728d337e3378 x9 : ffff94699563605c [ 96.635279] x8 : ffff94699bf19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.635874] x5 : ffff700010434f82 x4 : 1ffff00010010f3a x3 : 1ffff28d33011390 [ 96.636315] x2 : 1ffff28d33011390 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.636751] Call trace: [ 96.636922] intlog2+0xd8/0xf8 (P) [ 96.637127] kunit_try_run_case+0x170/0x3f0 [ 96.637404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.637694] kthread+0x328/0x630 [ 96.637926] ret_from_fork+0x10/0x20 [ 96.638175] ---[ end trace 0000000000000000 ]---