Date
July 1, 2025, 12:10 a.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.661856] ================================================================== [ 17.661922] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.661976] Read of size 1 at addr fff00000c7800800 by task kunit_try_catch/196 [ 17.666273] [ 17.667011] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.667574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.667727] Hardware name: linux,dummy-virt (DT) [ 17.668184] Call trace: [ 17.668274] show_stack+0x20/0x38 (C) [ 17.668507] dump_stack_lvl+0x8c/0xd0 [ 17.668601] print_report+0x118/0x608 [ 17.668674] kasan_report+0xdc/0x128 [ 17.668732] __kasan_check_byte+0x54/0x70 [ 17.668777] ksize+0x30/0x88 [ 17.668821] ksize_uaf+0x168/0x5f8 [ 17.668862] kunit_try_run_case+0x170/0x3f0 [ 17.668911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.668964] kthread+0x328/0x630 [ 17.670609] ret_from_fork+0x10/0x20 [ 17.671481] [ 17.671505] Allocated by task 196: [ 17.671538] kasan_save_stack+0x3c/0x68 [ 17.671585] kasan_save_track+0x20/0x40 [ 17.671630] kasan_save_alloc_info+0x40/0x58 [ 17.671672] __kasan_kmalloc+0xd4/0xd8 [ 17.672371] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.672859] ksize_uaf+0xb8/0x5f8 [ 17.673132] kunit_try_run_case+0x170/0x3f0 [ 17.673601] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.673787] kthread+0x328/0x630 [ 17.673823] ret_from_fork+0x10/0x20 [ 17.674801] [ 17.674894] Freed by task 196: [ 17.675336] kasan_save_stack+0x3c/0x68 [ 17.675820] kasan_save_track+0x20/0x40 [ 17.675914] kasan_save_free_info+0x4c/0x78 [ 17.676273] __kasan_slab_free+0x6c/0x98 [ 17.676409] kfree+0x214/0x3c8 [ 17.676774] ksize_uaf+0x11c/0x5f8 [ 17.677195] kunit_try_run_case+0x170/0x3f0 [ 17.677656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.678112] kthread+0x328/0x630 [ 17.678555] ret_from_fork+0x10/0x20 [ 17.678794] [ 17.678882] The buggy address belongs to the object at fff00000c7800800 [ 17.678882] which belongs to the cache kmalloc-128 of size 128 [ 17.678957] The buggy address is located 0 bytes inside of [ 17.678957] freed 128-byte region [fff00000c7800800, fff00000c7800880) [ 17.680069] [ 17.680295] The buggy address belongs to the physical page: [ 17.680513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.680817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.680872] page_type: f5(slab) [ 17.680913] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.681811] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.682226] page dumped because: kasan: bad access detected [ 17.682272] [ 17.682852] Memory state around the buggy address: [ 17.683218] fff00000c7800700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.683405] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.683465] >fff00000c7800800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.683506] ^ [ 17.684221] fff00000c7800880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684695] fff00000c7800900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.684749] ================================================================== [ 17.689078] ================================================================== [ 17.689132] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.690191] Read of size 1 at addr fff00000c7800800 by task kunit_try_catch/196 [ 17.690344] [ 17.690381] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.691533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.691631] Hardware name: linux,dummy-virt (DT) [ 17.691803] Call trace: [ 17.691833] show_stack+0x20/0x38 (C) [ 17.692506] dump_stack_lvl+0x8c/0xd0 [ 17.692984] print_report+0x118/0x608 [ 17.693171] kasan_report+0xdc/0x128 [ 17.693330] __asan_report_load1_noabort+0x20/0x30 [ 17.693458] ksize_uaf+0x598/0x5f8 [ 17.694126] kunit_try_run_case+0x170/0x3f0 [ 17.694436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.695100] kthread+0x328/0x630 [ 17.695245] ret_from_fork+0x10/0x20 [ 17.695471] [ 17.696049] Allocated by task 196: [ 17.696236] kasan_save_stack+0x3c/0x68 [ 17.696489] kasan_save_track+0x20/0x40 [ 17.696531] kasan_save_alloc_info+0x40/0x58 [ 17.696572] __kasan_kmalloc+0xd4/0xd8 [ 17.696608] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.696647] ksize_uaf+0xb8/0x5f8 [ 17.696681] kunit_try_run_case+0x170/0x3f0 [ 17.696719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.696764] kthread+0x328/0x630 [ 17.696798] ret_from_fork+0x10/0x20 [ 17.696833] [ 17.696852] Freed by task 196: [ 17.696879] kasan_save_stack+0x3c/0x68 [ 17.696915] kasan_save_track+0x20/0x40 [ 17.698662] kasan_save_free_info+0x4c/0x78 [ 17.698775] __kasan_slab_free+0x6c/0x98 [ 17.699277] kfree+0x214/0x3c8 [ 17.699631] ksize_uaf+0x11c/0x5f8 [ 17.699666] kunit_try_run_case+0x170/0x3f0 [ 17.699708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.700342] kthread+0x328/0x630 [ 17.701390] ret_from_fork+0x10/0x20 [ 17.701569] [ 17.701590] The buggy address belongs to the object at fff00000c7800800 [ 17.701590] which belongs to the cache kmalloc-128 of size 128 [ 17.702004] The buggy address is located 0 bytes inside of [ 17.702004] freed 128-byte region [fff00000c7800800, fff00000c7800880) [ 17.702591] [ 17.702770] The buggy address belongs to the physical page: [ 17.703416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.704187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.704316] page_type: f5(slab) [ 17.704756] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.705244] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.705298] page dumped because: kasan: bad access detected [ 17.705755] [ 17.705778] Memory state around the buggy address: [ 17.706815] fff00000c7800700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.706934] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.707779] >fff00000c7800800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.708430] ^ [ 17.708583] fff00000c7800880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.709069] fff00000c7800900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.709394] ================================================================== [ 17.717345] ================================================================== [ 17.717484] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.717542] Read of size 1 at addr fff00000c7800878 by task kunit_try_catch/196 [ 17.717593] [ 17.717630] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.717712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.717739] Hardware name: linux,dummy-virt (DT) [ 17.717770] Call trace: [ 17.719015] show_stack+0x20/0x38 (C) [ 17.719158] dump_stack_lvl+0x8c/0xd0 [ 17.719209] print_report+0x118/0x608 [ 17.719256] kasan_report+0xdc/0x128 [ 17.719300] __asan_report_load1_noabort+0x20/0x30 [ 17.719352] ksize_uaf+0x544/0x5f8 [ 17.719395] kunit_try_run_case+0x170/0x3f0 [ 17.719455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.719510] kthread+0x328/0x630 [ 17.719551] ret_from_fork+0x10/0x20 [ 17.719601] [ 17.719619] Allocated by task 196: [ 17.719648] kasan_save_stack+0x3c/0x68 [ 17.719688] kasan_save_track+0x20/0x40 [ 17.719727] kasan_save_alloc_info+0x40/0x58 [ 17.722280] __kasan_kmalloc+0xd4/0xd8 [ 17.723341] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.723419] ksize_uaf+0xb8/0x5f8 [ 17.723919] kunit_try_run_case+0x170/0x3f0 [ 17.724307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.724441] kthread+0x328/0x630 [ 17.724491] ret_from_fork+0x10/0x20 [ 17.724529] [ 17.725205] Freed by task 196: [ 17.725638] kasan_save_stack+0x3c/0x68 [ 17.725782] kasan_save_track+0x20/0x40 [ 17.726129] kasan_save_free_info+0x4c/0x78 [ 17.726300] __kasan_slab_free+0x6c/0x98 [ 17.727107] kfree+0x214/0x3c8 [ 17.727206] ksize_uaf+0x11c/0x5f8 [ 17.727242] kunit_try_run_case+0x170/0x3f0 [ 17.727907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.728586] kthread+0x328/0x630 [ 17.728641] ret_from_fork+0x10/0x20 [ 17.729043] [ 17.729280] The buggy address belongs to the object at fff00000c7800800 [ 17.729280] which belongs to the cache kmalloc-128 of size 128 [ 17.729897] The buggy address is located 120 bytes inside of [ 17.729897] freed 128-byte region [fff00000c7800800, fff00000c7800880) [ 17.730177] [ 17.730504] The buggy address belongs to the physical page: [ 17.730625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.731276] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.731660] page_type: f5(slab) [ 17.731979] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.732038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.732083] page dumped because: kasan: bad access detected [ 17.732629] [ 17.732654] Memory state around the buggy address: [ 17.732691] fff00000c7800700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.732738] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.733196] >fff00000c7800800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.733467] ^ [ 17.734289] fff00000c7800880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.734714] fff00000c7800900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.735145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.628718] ================================================================== [ 17.628801] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.628931] Read of size 1 at addr fff00000c7800773 by task kunit_try_catch/194 [ 17.628985] [ 17.629019] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.629212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.630471] Hardware name: linux,dummy-virt (DT) [ 17.630521] Call trace: [ 17.630545] show_stack+0x20/0x38 (C) [ 17.630601] dump_stack_lvl+0x8c/0xd0 [ 17.630657] print_report+0x118/0x608 [ 17.630879] kasan_report+0xdc/0x128 [ 17.630954] __asan_report_load1_noabort+0x20/0x30 [ 17.631055] ksize_unpoisons_memory+0x628/0x740 [ 17.631105] kunit_try_run_case+0x170/0x3f0 [ 17.631155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.631209] kthread+0x328/0x630 [ 17.631251] ret_from_fork+0x10/0x20 [ 17.631424] [ 17.631619] Allocated by task 194: [ 17.631653] kasan_save_stack+0x3c/0x68 [ 17.631931] kasan_save_track+0x20/0x40 [ 17.632149] kasan_save_alloc_info+0x40/0x58 [ 17.632206] __kasan_kmalloc+0xd4/0xd8 [ 17.632246] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.632287] ksize_unpoisons_memory+0xc0/0x740 [ 17.632326] kunit_try_run_case+0x170/0x3f0 [ 17.632366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.632411] kthread+0x328/0x630 [ 17.632530] ret_from_fork+0x10/0x20 [ 17.632882] [ 17.632955] The buggy address belongs to the object at fff00000c7800700 [ 17.632955] which belongs to the cache kmalloc-128 of size 128 [ 17.633048] The buggy address is located 0 bytes to the right of [ 17.633048] allocated 115-byte region [fff00000c7800700, fff00000c7800773) [ 17.633568] [ 17.633638] The buggy address belongs to the physical page: [ 17.633674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.633875] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.633993] page_type: f5(slab) [ 17.634032] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.634084] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.634125] page dumped because: kasan: bad access detected [ 17.634155] [ 17.634335] Memory state around the buggy address: [ 17.634377] fff00000c7800600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.634429] fff00000c7800680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.634481] >fff00000c7800700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.634524] ^ [ 17.634708] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.634872] fff00000c7800800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.635041] ================================================================== [ 17.642632] ================================================================== [ 17.642684] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.642921] Read of size 1 at addr fff00000c780077f by task kunit_try_catch/194 [ 17.643141] [ 17.643198] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.643367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.643489] Hardware name: linux,dummy-virt (DT) [ 17.643580] Call trace: [ 17.643610] show_stack+0x20/0x38 (C) [ 17.643684] dump_stack_lvl+0x8c/0xd0 [ 17.643733] print_report+0x118/0x608 [ 17.643778] kasan_report+0xdc/0x128 [ 17.643993] __asan_report_load1_noabort+0x20/0x30 [ 17.644056] ksize_unpoisons_memory+0x690/0x740 [ 17.644297] kunit_try_run_case+0x170/0x3f0 [ 17.644649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.645257] kthread+0x328/0x630 [ 17.645459] ret_from_fork+0x10/0x20 [ 17.645748] [ 17.645863] Allocated by task 194: [ 17.645892] kasan_save_stack+0x3c/0x68 [ 17.645964] kasan_save_track+0x20/0x40 [ 17.646277] kasan_save_alloc_info+0x40/0x58 [ 17.646867] __kasan_kmalloc+0xd4/0xd8 [ 17.647015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.647097] ksize_unpoisons_memory+0xc0/0x740 [ 17.647243] kunit_try_run_case+0x170/0x3f0 [ 17.647386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.647520] kthread+0x328/0x630 [ 17.647583] ret_from_fork+0x10/0x20 [ 17.647617] [ 17.647638] The buggy address belongs to the object at fff00000c7800700 [ 17.647638] which belongs to the cache kmalloc-128 of size 128 [ 17.647697] The buggy address is located 12 bytes to the right of [ 17.647697] allocated 115-byte region [fff00000c7800700, fff00000c7800773) [ 17.648051] [ 17.648179] The buggy address belongs to the physical page: [ 17.648255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.648416] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.648764] page_type: f5(slab) [ 17.648890] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.648978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.649019] page dumped because: kasan: bad access detected [ 17.649365] [ 17.649471] Memory state around the buggy address: [ 17.649682] fff00000c7800600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.649801] fff00000c7800680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.650015] >fff00000c7800700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.650128] ^ [ 17.650234] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.650279] fff00000c7800800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.650536] ================================================================== [ 17.637705] ================================================================== [ 17.637784] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.637839] Read of size 1 at addr fff00000c7800778 by task kunit_try_catch/194 [ 17.637889] [ 17.637923] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.638007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.638035] Hardware name: linux,dummy-virt (DT) [ 17.638067] Call trace: [ 17.638097] show_stack+0x20/0x38 (C) [ 17.638146] dump_stack_lvl+0x8c/0xd0 [ 17.638194] print_report+0x118/0x608 [ 17.638242] kasan_report+0xdc/0x128 [ 17.638288] __asan_report_load1_noabort+0x20/0x30 [ 17.638340] ksize_unpoisons_memory+0x618/0x740 [ 17.638389] kunit_try_run_case+0x170/0x3f0 [ 17.638442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.638509] kthread+0x328/0x630 [ 17.638550] ret_from_fork+0x10/0x20 [ 17.638596] [ 17.638615] Allocated by task 194: [ 17.638641] kasan_save_stack+0x3c/0x68 [ 17.638682] kasan_save_track+0x20/0x40 [ 17.638718] kasan_save_alloc_info+0x40/0x58 [ 17.638778] __kasan_kmalloc+0xd4/0xd8 [ 17.638816] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.638862] ksize_unpoisons_memory+0xc0/0x740 [ 17.638910] kunit_try_run_case+0x170/0x3f0 [ 17.638954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.639003] kthread+0x328/0x630 [ 17.639060] ret_from_fork+0x10/0x20 [ 17.639097] [ 17.639116] The buggy address belongs to the object at fff00000c7800700 [ 17.639116] which belongs to the cache kmalloc-128 of size 128 [ 17.639177] The buggy address is located 5 bytes to the right of [ 17.639177] allocated 115-byte region [fff00000c7800700, fff00000c7800773) [ 17.639245] [ 17.639264] The buggy address belongs to the physical page: [ 17.639296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.639728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.639844] page_type: f5(slab) [ 17.639887] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.639941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.640184] page dumped because: kasan: bad access detected [ 17.640259] [ 17.640404] Memory state around the buggy address: [ 17.640441] fff00000c7800600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.640721] fff00000c7800680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.640906] >fff00000c7800700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.641017] ^ [ 17.641117] fff00000c7800780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.641260] fff00000c7800800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.641532] ==================================================================
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.008641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4e4/0x4858 [ 20.069110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858 [ 20.038399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 20.056822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858 [ 19.929031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.834262] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 19.856649] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 98.801254] Internal error: Oops: 0000000096000005 [#1] SMP [ 98.808107] Modules linked in: [ 98.808692] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 98.809679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 98.810152] Hardware name: linux,dummy-virt (DT) [ 98.810774] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 98.811601] pc : kunit_test_null_dereference+0x70/0x170 [ 98.812378] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.813056] sp : ffff800080fd7d30 [ 98.813478] x29: ffff800080fd7d90 x28: 0000000000000000 x27: 0000000000000000 [ 98.814319] x26: 1ffe000018f064a1 x25: 0000000000000000 x24: 0000000000000004 [ 98.815081] x23: fff00000c783250c x22: ffffa141d50245f8 x21: fff00000c12e1a08 [ 98.815883] x20: 1ffff000101fafa6 x19: ffff800080087990 x18: 00000000f27b1752 [ 98.816734] x17: 0000000000000001 x16: fff00000da452d28 x15: fff00000ff616b08 [ 98.817626] x14: 0000000000018fff x13: 1ffe00001b48a589 x12: fffd800018bc811c [ 98.818537] x11: 1ffe000018bc811b x10: fffd800018bc811b x9 : ffffa141d501ba60 [ 98.819289] x8 : ffff800080fd7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 98.819789] x5 : ffff7000101fafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 98.820147] x2 : dfff800000000000 x1 : fff00000c5e40000 x0 : ffff800080087990 [ 98.820554] Call trace: [ 98.820758] kunit_test_null_dereference+0x70/0x170 (P) [ 98.821041] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.821366] kthread+0x328/0x630 [ 98.821572] ret_from_fork+0x10/0x20 [ 98.822045] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 98.822609] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.483975] ================================================================== [ 51.484035] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.484035] [ 51.484112] Use-after-free read at 0x00000000c0597d49 (in kfence-#164): [ 51.484164] test_krealloc+0x51c/0x830 [ 51.484209] kunit_try_run_case+0x170/0x3f0 [ 51.484251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.484296] kthread+0x328/0x630 [ 51.484334] ret_from_fork+0x10/0x20 [ 51.484374] [ 51.484397] kfence-#164: 0x00000000c0597d49-0x00000000a1a639ed, size=32, cache=kmalloc-32 [ 51.484397] [ 51.484465] allocated by task 337 on cpu 1 at 51.483342s (0.001119s ago): [ 51.484533] test_alloc+0x29c/0x628 [ 51.484576] test_krealloc+0xc0/0x830 [ 51.484614] kunit_try_run_case+0x170/0x3f0 [ 51.484654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.484699] kthread+0x328/0x630 [ 51.484735] ret_from_fork+0x10/0x20 [ 51.484773] [ 51.484796] freed by task 337 on cpu 1 at 51.483566s (0.001227s ago): [ 51.484856] krealloc_noprof+0x148/0x360 [ 51.484897] test_krealloc+0x1dc/0x830 [ 51.484937] kunit_try_run_case+0x170/0x3f0 [ 51.484978] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.485023] kthread+0x328/0x630 [ 51.485061] ret_from_fork+0x10/0x20 [ 51.485101] [ 51.485143] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.485220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.485249] Hardware name: linux,dummy-virt (DT) [ 51.485284] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.407480] ================================================================== [ 51.407589] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.407589] [ 51.407694] Use-after-free read at 0x000000003eef7124 (in kfence-#163): [ 51.407750] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.407799] kunit_try_run_case+0x170/0x3f0 [ 51.407846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.407893] kthread+0x328/0x630 [ 51.407932] ret_from_fork+0x10/0x20 [ 51.407974] [ 51.407998] kfence-#163: 0x000000003eef7124-0x0000000094005140, size=32, cache=test [ 51.407998] [ 51.408051] allocated by task 335 on cpu 0 at 51.387400s (0.020647s ago): [ 51.408122] test_alloc+0x230/0x628 [ 51.408163] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.408206] kunit_try_run_case+0x170/0x3f0 [ 51.408247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.408290] kthread+0x328/0x630 [ 51.408327] ret_from_fork+0x10/0x20 [ 51.408364] [ 51.408387] freed by task 335 on cpu 0 at 51.387532s (0.020851s ago): [ 51.408455] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.408497] kunit_try_run_case+0x170/0x3f0 [ 51.408537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.408581] kthread+0x328/0x630 [ 51.408616] ret_from_fork+0x10/0x20 [ 51.408656] [ 51.408703] CPU: 0 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.408780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.408811] Hardware name: linux,dummy-virt (DT) [ 51.408846] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 29.043174] ================================================================== [ 29.043328] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 29.043328] [ 29.043437] Invalid read at 0x000000009b4daa6d: [ 29.043611] test_invalid_access+0xdc/0x1f0 [ 29.043864] kunit_try_run_case+0x170/0x3f0 [ 29.046290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.046592] kthread+0x328/0x630 [ 29.046662] ret_from_fork+0x10/0x20 [ 29.046725] [ 29.046820] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 29.046916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.046997] Hardware name: linux,dummy-virt (DT) [ 29.047190] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.811637] ================================================================== [ 28.811759] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.811759] [ 28.811834] Corrupted memory at 0x00000000bbc9798b [ ! . . . . . . . . . . . . . . . ] (in kfence-#159): [ 28.812156] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.812206] kunit_try_run_case+0x170/0x3f0 [ 28.812250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.812294] kthread+0x328/0x630 [ 28.812331] ret_from_fork+0x10/0x20 [ 28.812373] [ 28.812397] kfence-#159: 0x00000000209b5705-0x000000008d4e2900, size=73, cache=kmalloc-96 [ 28.812397] [ 28.812467] allocated by task 325 on cpu 0 at 28.811371s (0.001092s ago): [ 28.812531] test_alloc+0x29c/0x628 [ 28.812572] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.812614] kunit_try_run_case+0x170/0x3f0 [ 28.812654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.812698] kthread+0x328/0x630 [ 28.812733] ret_from_fork+0x10/0x20 [ 28.812773] [ 28.812796] freed by task 325 on cpu 0 at 28.811545s (0.001247s ago): [ 28.812857] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.812901] kunit_try_run_case+0x170/0x3f0 [ 28.812940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.812983] kthread+0x328/0x630 [ 28.813018] ret_from_fork+0x10/0x20 [ 28.813058] [ 28.813103] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.813183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.813212] Hardware name: linux,dummy-virt (DT) [ 28.813247] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 28.707573] ================================================================== [ 28.707660] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.707660] [ 28.707757] Out-of-bounds read at 0x00000000267e1a29 (105B right of kfence-#158): [ 28.707819] test_kmalloc_aligned_oob_read+0x238/0x468 [ 28.707868] kunit_try_run_case+0x170/0x3f0 [ 28.707914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.707959] kthread+0x328/0x630 [ 28.707999] ret_from_fork+0x10/0x20 [ 28.708040] [ 28.708064] kfence-#158: 0x0000000027a1dfd2-0x0000000066eaf546, size=73, cache=kmalloc-96 [ 28.708064] [ 28.708118] allocated by task 323 on cpu 0 at 28.707320s (0.000795s ago): [ 28.708191] test_alloc+0x29c/0x628 [ 28.708236] test_kmalloc_aligned_oob_read+0x100/0x468 [ 28.708281] kunit_try_run_case+0x170/0x3f0 [ 28.708322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.708366] kthread+0x328/0x630 [ 28.708403] ret_from_fork+0x10/0x20 [ 28.708456] [ 28.708504] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.708586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.708617] Hardware name: linux,dummy-virt (DT) [ 28.708655] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.403626] ================================================================== [ 23.403740] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.403740] [ 23.403807] Corrupted memory at 0x000000005e5cf4e0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#107): [ 23.404954] test_corruption+0x278/0x378 [ 23.405007] kunit_try_run_case+0x170/0x3f0 [ 23.405053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.405104] kthread+0x328/0x630 [ 23.405144] ret_from_fork+0x10/0x20 [ 23.405185] [ 23.405209] kfence-#107: 0x00000000045ae702-0x000000007b772a88, size=32, cache=kmalloc-32 [ 23.405209] [ 23.405268] allocated by task 311 on cpu 1 at 23.403309s (0.001956s ago): [ 23.405331] test_alloc+0x29c/0x628 [ 23.405372] test_corruption+0xdc/0x378 [ 23.405413] kunit_try_run_case+0x170/0x3f0 [ 23.405467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.405511] kthread+0x328/0x630 [ 23.405548] ret_from_fork+0x10/0x20 [ 23.405588] [ 23.405613] freed by task 311 on cpu 1 at 23.403417s (0.002191s ago): [ 23.405674] test_corruption+0x278/0x378 [ 23.405712] kunit_try_run_case+0x170/0x3f0 [ 23.405753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.405799] kthread+0x328/0x630 [ 23.405835] ret_from_fork+0x10/0x20 [ 23.405874] [ 23.405921] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.406000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.406030] Hardware name: linux,dummy-virt (DT) [ 23.406067] ================================================================== [ 23.611573] ================================================================== [ 23.611661] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.611661] [ 23.611724] Corrupted memory at 0x00000000d131c413 [ ! . . . . . . . . . . . . . . . ] (in kfence-#109): [ 23.612032] test_corruption+0x120/0x378 [ 23.612078] kunit_try_run_case+0x170/0x3f0 [ 23.612122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.612166] kthread+0x328/0x630 [ 23.612204] ret_from_fork+0x10/0x20 [ 23.612245] [ 23.612268] kfence-#109: 0x0000000095815c72-0x000000002be5e1d7, size=32, cache=test [ 23.612268] [ 23.612323] allocated by task 313 on cpu 1 at 23.611409s (0.000911s ago): [ 23.612384] test_alloc+0x230/0x628 [ 23.612425] test_corruption+0xdc/0x378 [ 23.612480] kunit_try_run_case+0x170/0x3f0 [ 23.612520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.612565] kthread+0x328/0x630 [ 23.612602] ret_from_fork+0x10/0x20 [ 23.612641] [ 23.612665] freed by task 313 on cpu 1 at 23.611488s (0.001174s ago): [ 23.612728] test_corruption+0x120/0x378 [ 23.612769] kunit_try_run_case+0x170/0x3f0 [ 23.612809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.612853] kthread+0x328/0x630 [ 23.612888] ret_from_fork+0x10/0x20 [ 23.612928] [ 23.612969] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.613045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.613075] Hardware name: linux,dummy-virt (DT) [ 23.613109] ================================================================== [ 23.715602] ================================================================== [ 23.715694] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.715694] [ 23.715756] Corrupted memory at 0x00000000777b1688 [ ! ] (in kfence-#110): [ 23.715871] test_corruption+0x1d8/0x378 [ 23.715915] kunit_try_run_case+0x170/0x3f0 [ 23.715958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.716004] kthread+0x328/0x630 [ 23.716041] ret_from_fork+0x10/0x20 [ 23.716083] [ 23.716108] kfence-#110: 0x0000000000eb045d-0x00000000655f619e, size=32, cache=test [ 23.716108] [ 23.716164] allocated by task 313 on cpu 1 at 23.715456s (0.000705s ago): [ 23.716227] test_alloc+0x230/0x628 [ 23.716267] test_corruption+0x198/0x378 [ 23.716307] kunit_try_run_case+0x170/0x3f0 [ 23.716347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.716390] kthread+0x328/0x630 [ 23.716424] ret_from_fork+0x10/0x20 [ 23.716477] [ 23.716499] freed by task 313 on cpu 1 at 23.715519s (0.000976s ago): [ 23.716561] test_corruption+0x1d8/0x378 [ 23.716600] kunit_try_run_case+0x170/0x3f0 [ 23.716639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.716683] kthread+0x328/0x630 [ 23.716717] ret_from_fork+0x10/0x20 [ 23.716755] [ 23.716798] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.716874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.716904] Hardware name: linux,dummy-virt (DT) [ 23.716938] ================================================================== [ 23.507658] ================================================================== [ 23.507746] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.507746] [ 23.507806] Corrupted memory at 0x000000007a82e498 [ ! ] (in kfence-#108): [ 23.507931] test_corruption+0x284/0x378 [ 23.507977] kunit_try_run_case+0x170/0x3f0 [ 23.508021] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.508066] kthread+0x328/0x630 [ 23.508103] ret_from_fork+0x10/0x20 [ 23.508144] [ 23.508167] kfence-#108: 0x000000000275d15e-0x000000004aba4047, size=32, cache=kmalloc-32 [ 23.508167] [ 23.508223] allocated by task 311 on cpu 1 at 23.507370s (0.000850s ago): [ 23.508284] test_alloc+0x29c/0x628 [ 23.508323] test_corruption+0x198/0x378 [ 23.508362] kunit_try_run_case+0x170/0x3f0 [ 23.508402] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.508462] kthread+0x328/0x630 [ 23.508498] ret_from_fork+0x10/0x20 [ 23.508537] [ 23.508559] freed by task 311 on cpu 1 at 23.507492s (0.001063s ago): [ 23.508622] test_corruption+0x284/0x378 [ 23.508663] kunit_try_run_case+0x170/0x3f0 [ 23.508701] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.508744] kthread+0x328/0x630 [ 23.508780] ret_from_fork+0x10/0x20 [ 23.508817] [ 23.508857] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.508933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.508962] Hardware name: linux,dummy-virt (DT) [ 23.508998] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.091567] ================================================================== [ 23.091652] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.091652] [ 23.091715] Invalid free of 0x00000000f4ef0129 (in kfence-#104): [ 23.091773] test_invalid_addr_free+0x1ac/0x238 [ 23.091824] kunit_try_run_case+0x170/0x3f0 [ 23.091870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.091915] kthread+0x328/0x630 [ 23.091956] ret_from_fork+0x10/0x20 [ 23.092000] [ 23.092024] kfence-#104: 0x000000009ed88615-0x0000000039b2a707, size=32, cache=kmalloc-32 [ 23.092024] [ 23.092083] allocated by task 307 on cpu 0 at 23.091409s (0.000670s ago): [ 23.092149] test_alloc+0x29c/0x628 [ 23.092191] test_invalid_addr_free+0xd4/0x238 [ 23.092235] kunit_try_run_case+0x170/0x3f0 [ 23.092277] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.092323] kthread+0x328/0x630 [ 23.092361] ret_from_fork+0x10/0x20 [ 23.092401] [ 23.092460] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.092543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.092575] Hardware name: linux,dummy-virt (DT) [ 23.092612] ================================================================== [ 23.198002] ================================================================== [ 23.198089] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.198089] [ 23.198149] Invalid free of 0x00000000e1731049 (in kfence-#105): [ 23.198204] test_invalid_addr_free+0xec/0x238 [ 23.198261] kunit_try_run_case+0x170/0x3f0 [ 23.198304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.198355] kthread+0x328/0x630 [ 23.198392] ret_from_fork+0x10/0x20 [ 23.198442] [ 23.198475] kfence-#105: 0x000000008757fb3e-0x00000000054abc4f, size=32, cache=test [ 23.198475] [ 23.198529] allocated by task 309 on cpu 0 at 23.197877s (0.000648s ago): [ 23.198595] test_alloc+0x230/0x628 [ 23.198636] test_invalid_addr_free+0xd4/0x238 [ 23.198676] kunit_try_run_case+0x170/0x3f0 [ 23.198717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.198761] kthread+0x328/0x630 [ 23.198795] ret_from_fork+0x10/0x20 [ 23.198837] [ 23.198880] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.198963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.199007] Hardware name: linux,dummy-virt (DT) [ 23.199042] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.987689] ================================================================== [ 22.987789] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.987789] [ 22.987853] Invalid free of 0x00000000285f5f6c (in kfence-#103): [ 22.987910] test_double_free+0x100/0x238 [ 22.987959] kunit_try_run_case+0x170/0x3f0 [ 22.988004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.988049] kthread+0x328/0x630 [ 22.988088] ret_from_fork+0x10/0x20 [ 22.988128] [ 22.988152] kfence-#103: 0x00000000285f5f6c-0x0000000091961e0a, size=32, cache=test [ 22.988152] [ 22.988209] allocated by task 305 on cpu 1 at 22.987435s (0.000769s ago): [ 22.988274] test_alloc+0x230/0x628 [ 22.988315] test_double_free+0xd4/0x238 [ 22.988357] kunit_try_run_case+0x170/0x3f0 [ 22.988397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.988458] kthread+0x328/0x630 [ 22.988495] ret_from_fork+0x10/0x20 [ 22.988533] [ 22.988559] freed by task 305 on cpu 1 at 22.987520s (0.001034s ago): [ 22.988622] test_double_free+0xf0/0x238 [ 22.988664] kunit_try_run_case+0x170/0x3f0 [ 22.988706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.988752] kthread+0x328/0x630 [ 22.988787] ret_from_fork+0x10/0x20 [ 22.988827] [ 22.988871] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.988952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.988982] Hardware name: linux,dummy-virt (DT) [ 22.989017] ================================================================== [ 22.883676] ================================================================== [ 22.883797] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.883797] [ 22.883869] Invalid free of 0x00000000e44db0e6 (in kfence-#102): [ 22.883940] test_double_free+0x1bc/0x238 [ 22.883989] kunit_try_run_case+0x170/0x3f0 [ 22.884035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.884079] kthread+0x328/0x630 [ 22.884119] ret_from_fork+0x10/0x20 [ 22.884159] [ 22.884183] kfence-#102: 0x00000000e44db0e6-0x00000000e969e2e5, size=32, cache=kmalloc-32 [ 22.884183] [ 22.884237] allocated by task 303 on cpu 1 at 22.883355s (0.000879s ago): [ 22.884303] test_alloc+0x29c/0x628 [ 22.884345] test_double_free+0xd4/0x238 [ 22.884385] kunit_try_run_case+0x170/0x3f0 [ 22.884427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.884751] kthread+0x328/0x630 [ 22.884787] ret_from_fork+0x10/0x20 [ 22.884827] [ 22.884853] freed by task 303 on cpu 1 at 22.883428s (0.001421s ago): [ 22.884918] test_double_free+0x1ac/0x238 [ 22.884960] kunit_try_run_case+0x170/0x3f0 [ 22.885001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.885045] kthread+0x328/0x630 [ 22.885082] ret_from_fork+0x10/0x20 [ 22.885123] [ 22.885171] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.885253] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.885283] Hardware name: linux,dummy-virt (DT) [ 22.885320] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.467670] ================================================================== [ 22.467773] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.467773] [ 22.467873] Use-after-free read at 0x00000000b78814de (in kfence-#98): [ 22.467927] test_use_after_free_read+0x114/0x248 [ 22.467974] kunit_try_run_case+0x170/0x3f0 [ 22.468024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.468070] kthread+0x328/0x630 [ 22.468112] ret_from_fork+0x10/0x20 [ 22.468152] [ 22.468179] kfence-#98: 0x00000000b78814de-0x000000008b99802a, size=32, cache=kmalloc-32 [ 22.468179] [ 22.468235] allocated by task 295 on cpu 0 at 22.467399s (0.000832s ago): [ 22.468308] test_alloc+0x29c/0x628 [ 22.468351] test_use_after_free_read+0xd0/0x248 [ 22.468394] kunit_try_run_case+0x170/0x3f0 [ 22.468435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.468499] kthread+0x328/0x630 [ 22.468535] ret_from_fork+0x10/0x20 [ 22.468577] [ 22.468602] freed by task 295 on cpu 0 at 22.467491s (0.001107s ago): [ 22.468681] test_use_after_free_read+0x1c0/0x248 [ 22.468724] kunit_try_run_case+0x170/0x3f0 [ 22.468765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.468810] kthread+0x328/0x630 [ 22.468846] ret_from_fork+0x10/0x20 [ 22.468887] [ 22.468935] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.469018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.469047] Hardware name: linux,dummy-virt (DT) [ 22.469084] ================================================================== [ 22.571678] ================================================================== [ 22.571783] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.571783] [ 22.571881] Use-after-free read at 0x00000000117492f9 (in kfence-#99): [ 22.571935] test_use_after_free_read+0x114/0x248 [ 22.571983] kunit_try_run_case+0x170/0x3f0 [ 22.572029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.572075] kthread+0x328/0x630 [ 22.572114] ret_from_fork+0x10/0x20 [ 22.572154] [ 22.572178] kfence-#99: 0x00000000117492f9-0x00000000929e8b69, size=32, cache=test [ 22.572178] [ 22.572231] allocated by task 297 on cpu 0 at 22.571477s (0.000751s ago): [ 22.572304] test_alloc+0x230/0x628 [ 22.572345] test_use_after_free_read+0xd0/0x248 [ 22.572388] kunit_try_run_case+0x170/0x3f0 [ 22.572430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.572490] kthread+0x328/0x630 [ 22.572527] ret_from_fork+0x10/0x20 [ 22.572567] [ 22.572590] freed by task 297 on cpu 0 at 22.571546s (0.001041s ago): [ 22.572655] test_use_after_free_read+0xf0/0x248 [ 22.572698] kunit_try_run_case+0x170/0x3f0 [ 22.572738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.572785] kthread+0x328/0x630 [ 22.572822] ret_from_fork+0x10/0x20 [ 22.572862] [ 22.572907] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.572986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.573016] Hardware name: linux,dummy-virt (DT) [ 22.573052] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.157608] ================================================================== [ 22.157703] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.157703] [ 22.158145] Out-of-bounds write at 0x00000000e431ada1 (1B left of kfence-#95): [ 22.158557] test_out_of_bounds_write+0x100/0x240 [ 22.158837] kunit_try_run_case+0x170/0x3f0 [ 22.158982] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.159076] kthread+0x328/0x630 [ 22.159121] ret_from_fork+0x10/0x20 [ 22.159591] [ 22.159769] kfence-#95: 0x0000000067b98917-0x000000005613dfcf, size=32, cache=kmalloc-32 [ 22.159769] [ 22.159975] allocated by task 291 on cpu 0 at 22.157367s (0.002576s ago): [ 22.160136] test_alloc+0x29c/0x628 [ 22.160640] test_out_of_bounds_write+0xc8/0x240 [ 22.160825] kunit_try_run_case+0x170/0x3f0 [ 22.161066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.161152] kthread+0x328/0x630 [ 22.161572] ret_from_fork+0x10/0x20 [ 22.161711] [ 22.162051] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.162437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.162624] Hardware name: linux,dummy-virt (DT) [ 22.162864] ================================================================== [ 22.363435] ================================================================== [ 22.363559] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.363559] [ 22.363656] Out-of-bounds write at 0x000000000e678661 (1B left of kfence-#97): [ 22.363716] test_out_of_bounds_write+0x100/0x240 [ 22.363763] kunit_try_run_case+0x170/0x3f0 [ 22.363810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.363860] kthread+0x328/0x630 [ 22.363900] ret_from_fork+0x10/0x20 [ 22.363940] [ 22.363965] kfence-#97: 0x00000000f6bfd2cb-0x000000006a1152d2, size=32, cache=test [ 22.363965] [ 22.364017] allocated by task 293 on cpu 0 at 22.363350s (0.000663s ago): [ 22.364088] test_alloc+0x230/0x628 [ 22.364130] test_out_of_bounds_write+0xc8/0x240 [ 22.364173] kunit_try_run_case+0x170/0x3f0 [ 22.364214] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.364259] kthread+0x328/0x630 [ 22.364296] ret_from_fork+0x10/0x20 [ 22.364337] [ 22.364383] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.364475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.364506] Hardware name: linux,dummy-virt (DT) [ 22.364543] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.522422] ================================================================== [ 21.522547] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.522547] [ 21.522983] Out-of-bounds read at 0x000000005e8469dd (32B right of kfence-#89): [ 21.523112] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.523591] kunit_try_run_case+0x170/0x3f0 [ 21.523720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.523836] kthread+0x328/0x630 [ 21.523945] ret_from_fork+0x10/0x20 [ 21.524086] [ 21.524293] kfence-#89: 0x00000000c87117ec-0x000000004321b504, size=32, cache=kmalloc-32 [ 21.524293] [ 21.524613] allocated by task 287 on cpu 0 at 21.521725s (0.002813s ago): [ 21.524802] test_alloc+0x29c/0x628 [ 21.524877] test_out_of_bounds_read+0x198/0x3e0 [ 21.524930] kunit_try_run_case+0x170/0x3f0 [ 21.525160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.525471] kthread+0x328/0x630 [ 21.525680] ret_from_fork+0x10/0x20 [ 21.525818] [ 21.525896] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.526411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.526564] Hardware name: linux,dummy-virt (DT) [ 21.526742] ================================================================== [ 21.418393] ================================================================== [ 21.418821] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.418821] [ 21.418985] Out-of-bounds read at 0x0000000011d69da5 (1B left of kfence-#88): [ 21.419155] test_out_of_bounds_read+0x114/0x3e0 [ 21.419687] kunit_try_run_case+0x170/0x3f0 [ 21.419863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.420111] kthread+0x328/0x630 [ 21.420461] ret_from_fork+0x10/0x20 [ 21.420919] [ 21.421757] kfence-#88: 0x00000000d8fd6e8a-0x000000001a5e21cf, size=32, cache=kmalloc-32 [ 21.421757] [ 21.422226] allocated by task 287 on cpu 0 at 21.416528s (0.005691s ago): [ 21.422433] test_alloc+0x29c/0x628 [ 21.422496] test_out_of_bounds_read+0xdc/0x3e0 [ 21.422565] kunit_try_run_case+0x170/0x3f0 [ 21.422613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.422659] kthread+0x328/0x630 [ 21.422715] ret_from_fork+0x10/0x20 [ 21.422779] [ 21.422860] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.422946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.423409] Hardware name: linux,dummy-virt (DT) [ 21.423477] ================================================================== [ 21.736773] ================================================================== [ 21.736872] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.736872] [ 21.737342] Out-of-bounds read at 0x0000000074ccff31 (32B right of kfence-#91): [ 21.737456] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.737546] kunit_try_run_case+0x170/0x3f0 [ 21.737707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.737762] kthread+0x328/0x630 [ 21.737821] ret_from_fork+0x10/0x20 [ 21.738154] [ 21.738207] kfence-#91: 0x00000000e85720d7-0x0000000014ddcd44, size=32, cache=test [ 21.738207] [ 21.738621] allocated by task 289 on cpu 0 at 21.736293s (0.001969s ago): [ 21.738721] test_alloc+0x230/0x628 [ 21.739022] test_out_of_bounds_read+0x198/0x3e0 [ 21.739409] kunit_try_run_case+0x170/0x3f0 [ 21.739477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.739527] kthread+0x328/0x630 [ 21.739564] ret_from_fork+0x10/0x20 [ 21.740049] [ 21.740103] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.740557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.740837] Hardware name: linux,dummy-virt (DT) [ 21.741048] ================================================================== [ 21.628719] ================================================================== [ 21.628843] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.628843] [ 21.628988] Out-of-bounds read at 0x0000000075a64073 (1B left of kfence-#90): [ 21.629351] test_out_of_bounds_read+0x114/0x3e0 [ 21.629562] kunit_try_run_case+0x170/0x3f0 [ 21.629810] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.629876] kthread+0x328/0x630 [ 21.630113] ret_from_fork+0x10/0x20 [ 21.630235] [ 21.630314] kfence-#90: 0x00000000439bc6bf-0x0000000045214819, size=32, cache=test [ 21.630314] [ 21.630478] allocated by task 289 on cpu 0 at 21.628498s (0.001870s ago): [ 21.630559] test_alloc+0x230/0x628 [ 21.630945] test_out_of_bounds_read+0xdc/0x3e0 [ 21.631138] kunit_try_run_case+0x170/0x3f0 [ 21.631219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.631417] kthread+0x328/0x630 [ 21.631472] ret_from_fork+0x10/0x20 [ 21.631515] [ 21.631580] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.632112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.632286] Hardware name: linux,dummy-virt (DT) [ 21.632398] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-kmem_cache_destroy
[ 18.775428] ================================================================== [ 18.775553] BUG: KFENCE: use-after-free read in kmem_cache_destroy+0x50/0x218 [ 18.775553] [ 18.775651] Use-after-free read at 0x000000009f16f94f (in kfence-#68): [ 18.775844] kmem_cache_destroy+0x50/0x218 [ 18.775890] kmem_cache_double_destroy+0x174/0x300 [ 18.775952] kunit_try_run_case+0x170/0x3f0 [ 18.775996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.776042] kthread+0x328/0x630 [ 18.776078] ret_from_fork+0x10/0x20 [ 18.776120] [ 18.776278] kfence-#68: 0x00000000d256800a-0x0000000045a62457, size=208, cache=kmem_cache [ 18.776278] [ 18.776464] allocated by task 215 on cpu 1 at 18.771686s (0.004708s ago): [ 18.776815] __kmem_cache_create_args+0x178/0x280 [ 18.776887] kmem_cache_double_destroy+0xc0/0x300 [ 18.776928] kunit_try_run_case+0x170/0x3f0 [ 18.776965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.777011] kthread+0x328/0x630 [ 18.777042] ret_from_fork+0x10/0x20 [ 18.777114] [ 18.777217] freed by task 215 on cpu 1 at 18.774252s (0.002898s ago): [ 18.777330] slab_kmem_cache_release+0x38/0x50 [ 18.777370] kmem_cache_release+0x1c/0x30 [ 18.777407] kobject_put+0x17c/0x420 [ 18.777474] sysfs_slab_release+0x1c/0x30 [ 18.777514] kmem_cache_destroy+0x118/0x218 [ 18.777567] kmem_cache_double_destroy+0x128/0x300 [ 18.777607] kunit_try_run_case+0x170/0x3f0 [ 18.777656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.777700] kthread+0x328/0x630 [ 18.777731] ret_from_fork+0x10/0x20 [ 18.777786] [ 18.777850] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.777935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.777962] Hardware name: linux,dummy-virt (DT) [ 18.777999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.774640] ================================================================== [ 20.774857] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.775048] Write of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.775390] [ 20.775695] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.776255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.776321] Hardware name: linux,dummy-virt (DT) [ 20.776421] Call trace: [ 20.776783] show_stack+0x20/0x38 (C) [ 20.776962] dump_stack_lvl+0x8c/0xd0 [ 20.777094] print_report+0x118/0x608 [ 20.777563] kasan_report+0xdc/0x128 [ 20.777797] kasan_check_range+0x100/0x1a8 [ 20.778002] __kasan_check_write+0x20/0x30 [ 20.778340] strncpy_from_user+0x3c/0x2a0 [ 20.778440] copy_user_test_oob+0x5c0/0xec8 [ 20.778878] kunit_try_run_case+0x170/0x3f0 [ 20.779077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.779391] kthread+0x328/0x630 [ 20.779621] ret_from_fork+0x10/0x20 [ 20.779686] [ 20.779714] Allocated by task 285: [ 20.779886] kasan_save_stack+0x3c/0x68 [ 20.780335] kasan_save_track+0x20/0x40 [ 20.780469] kasan_save_alloc_info+0x40/0x58 [ 20.780635] __kasan_kmalloc+0xd4/0xd8 [ 20.780740] __kmalloc_noprof+0x198/0x4c8 [ 20.780902] kunit_kmalloc_array+0x34/0x88 [ 20.781051] copy_user_test_oob+0xac/0xec8 [ 20.781250] kunit_try_run_case+0x170/0x3f0 [ 20.781387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.781865] kthread+0x328/0x630 [ 20.781925] ret_from_fork+0x10/0x20 [ 20.782049] [ 20.782130] The buggy address belongs to the object at fff00000c79f0a00 [ 20.782130] which belongs to the cache kmalloc-128 of size 128 [ 20.782214] The buggy address is located 0 bytes inside of [ 20.782214] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.782549] [ 20.783029] The buggy address belongs to the physical page: [ 20.783088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.783313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.783739] page_type: f5(slab) [ 20.783926] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.784020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.784332] page dumped because: kasan: bad access detected [ 20.784488] [ 20.784530] Memory state around the buggy address: [ 20.784715] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.784826] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.784993] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.785050] ^ [ 20.785107] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.785171] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.785214] ================================================================== [ 20.788394] ================================================================== [ 20.788468] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.788524] Write of size 1 at addr fff00000c79f0a78 by task kunit_try_catch/285 [ 20.788575] [ 20.788980] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.789456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.789526] Hardware name: linux,dummy-virt (DT) [ 20.789591] Call trace: [ 20.789617] show_stack+0x20/0x38 (C) [ 20.789669] dump_stack_lvl+0x8c/0xd0 [ 20.789721] print_report+0x118/0x608 [ 20.789865] kasan_report+0xdc/0x128 [ 20.789917] __asan_report_store1_noabort+0x20/0x30 [ 20.790206] strncpy_from_user+0x270/0x2a0 [ 20.790345] copy_user_test_oob+0x5c0/0xec8 [ 20.790630] kunit_try_run_case+0x170/0x3f0 [ 20.790685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.790896] kthread+0x328/0x630 [ 20.790983] ret_from_fork+0x10/0x20 [ 20.791146] [ 20.791168] Allocated by task 285: [ 20.791201] kasan_save_stack+0x3c/0x68 [ 20.791245] kasan_save_track+0x20/0x40 [ 20.791285] kasan_save_alloc_info+0x40/0x58 [ 20.791328] __kasan_kmalloc+0xd4/0xd8 [ 20.791368] __kmalloc_noprof+0x198/0x4c8 [ 20.791837] kunit_kmalloc_array+0x34/0x88 [ 20.792118] copy_user_test_oob+0xac/0xec8 [ 20.792313] kunit_try_run_case+0x170/0x3f0 [ 20.792533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.792624] kthread+0x328/0x630 [ 20.792700] ret_from_fork+0x10/0x20 [ 20.792928] [ 20.793014] The buggy address belongs to the object at fff00000c79f0a00 [ 20.793014] which belongs to the cache kmalloc-128 of size 128 [ 20.793208] The buggy address is located 0 bytes to the right of [ 20.793208] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.793288] [ 20.793312] The buggy address belongs to the physical page: [ 20.793356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.793434] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.793506] page_type: f5(slab) [ 20.793547] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.793601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.793661] page dumped because: kasan: bad access detected [ 20.793697] [ 20.793717] Memory state around the buggy address: [ 20.793753] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.793800] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.793853] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.793905] ^ [ 20.793959] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.794017] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.794065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.765508] ================================================================== [ 20.765848] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.765910] Read of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.765965] [ 20.766281] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.766379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.766550] Hardware name: linux,dummy-virt (DT) [ 20.766616] Call trace: [ 20.766642] show_stack+0x20/0x38 (C) [ 20.767017] dump_stack_lvl+0x8c/0xd0 [ 20.767087] print_report+0x118/0x608 [ 20.767226] kasan_report+0xdc/0x128 [ 20.767280] kasan_check_range+0x100/0x1a8 [ 20.767331] __kasan_check_read+0x20/0x30 [ 20.767739] copy_user_test_oob+0x4a0/0xec8 [ 20.767821] kunit_try_run_case+0x170/0x3f0 [ 20.768059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.768351] kthread+0x328/0x630 [ 20.768582] ret_from_fork+0x10/0x20 [ 20.768661] [ 20.768682] Allocated by task 285: [ 20.768849] kasan_save_stack+0x3c/0x68 [ 20.769126] kasan_save_track+0x20/0x40 [ 20.769193] kasan_save_alloc_info+0x40/0x58 [ 20.769236] __kasan_kmalloc+0xd4/0xd8 [ 20.769512] __kmalloc_noprof+0x198/0x4c8 [ 20.770130] kunit_kmalloc_array+0x34/0x88 [ 20.770244] copy_user_test_oob+0xac/0xec8 [ 20.770404] kunit_try_run_case+0x170/0x3f0 [ 20.770464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.770547] kthread+0x328/0x630 [ 20.770879] ret_from_fork+0x10/0x20 [ 20.771078] [ 20.771427] The buggy address belongs to the object at fff00000c79f0a00 [ 20.771427] which belongs to the cache kmalloc-128 of size 128 [ 20.771592] The buggy address is located 0 bytes inside of [ 20.771592] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.771664] [ 20.771687] The buggy address belongs to the physical page: [ 20.771733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.771923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.771986] page_type: f5(slab) [ 20.772170] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.772249] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.772298] page dumped because: kasan: bad access detected [ 20.772422] [ 20.772472] Memory state around the buggy address: [ 20.772513] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.772561] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.772607] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.772649] ^ [ 20.772703] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.772750] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.772792] ================================================================== [ 20.717133] ================================================================== [ 20.717398] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.717464] Read of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.717518] [ 20.718121] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.718288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.718356] Hardware name: linux,dummy-virt (DT) [ 20.718394] Call trace: [ 20.718579] show_stack+0x20/0x38 (C) [ 20.718642] dump_stack_lvl+0x8c/0xd0 [ 20.718700] print_report+0x118/0x608 [ 20.718748] kasan_report+0xdc/0x128 [ 20.719189] kasan_check_range+0x100/0x1a8 [ 20.719372] __kasan_check_read+0x20/0x30 [ 20.719899] copy_user_test_oob+0x728/0xec8 [ 20.719989] kunit_try_run_case+0x170/0x3f0 [ 20.720186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.720328] kthread+0x328/0x630 [ 20.720384] ret_from_fork+0x10/0x20 [ 20.720488] [ 20.720509] Allocated by task 285: [ 20.720822] kasan_save_stack+0x3c/0x68 [ 20.721299] kasan_save_track+0x20/0x40 [ 20.721357] kasan_save_alloc_info+0x40/0x58 [ 20.721745] __kasan_kmalloc+0xd4/0xd8 [ 20.722062] __kmalloc_noprof+0x198/0x4c8 [ 20.722346] kunit_kmalloc_array+0x34/0x88 [ 20.722597] copy_user_test_oob+0xac/0xec8 [ 20.722723] kunit_try_run_case+0x170/0x3f0 [ 20.722943] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.723035] kthread+0x328/0x630 [ 20.723073] ret_from_fork+0x10/0x20 [ 20.723118] [ 20.723140] The buggy address belongs to the object at fff00000c79f0a00 [ 20.723140] which belongs to the cache kmalloc-128 of size 128 [ 20.723209] The buggy address is located 0 bytes inside of [ 20.723209] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.723636] [ 20.723712] The buggy address belongs to the physical page: [ 20.723781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.723969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.724495] page_type: f5(slab) [ 20.724628] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.724695] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.724742] page dumped because: kasan: bad access detected [ 20.724777] [ 20.724821] Memory state around the buggy address: [ 20.724873] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.724927] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.724972] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.725014] ^ [ 20.725059] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.725105] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.725148] ================================================================== [ 20.736779] ================================================================== [ 20.736841] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.736899] Write of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.736954] [ 20.736987] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.737094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.737127] Hardware name: linux,dummy-virt (DT) [ 20.737161] Call trace: [ 20.737276] show_stack+0x20/0x38 (C) [ 20.737339] dump_stack_lvl+0x8c/0xd0 [ 20.737388] print_report+0x118/0x608 [ 20.737438] kasan_report+0xdc/0x128 [ 20.737505] kasan_check_range+0x100/0x1a8 [ 20.737556] __kasan_check_write+0x20/0x30 [ 20.737602] copy_user_test_oob+0x35c/0xec8 [ 20.737651] kunit_try_run_case+0x170/0x3f0 [ 20.737711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.737766] kthread+0x328/0x630 [ 20.737807] ret_from_fork+0x10/0x20 [ 20.737856] [ 20.737876] Allocated by task 285: [ 20.737913] kasan_save_stack+0x3c/0x68 [ 20.737956] kasan_save_track+0x20/0x40 [ 20.737997] kasan_save_alloc_info+0x40/0x58 [ 20.738038] __kasan_kmalloc+0xd4/0xd8 [ 20.738077] __kmalloc_noprof+0x198/0x4c8 [ 20.738131] kunit_kmalloc_array+0x34/0x88 [ 20.738174] copy_user_test_oob+0xac/0xec8 [ 20.738221] kunit_try_run_case+0x170/0x3f0 [ 20.738261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.738307] kthread+0x328/0x630 [ 20.738340] ret_from_fork+0x10/0x20 [ 20.738378] [ 20.738406] The buggy address belongs to the object at fff00000c79f0a00 [ 20.738406] which belongs to the cache kmalloc-128 of size 128 [ 20.739906] The buggy address is located 0 bytes inside of [ 20.739906] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.740025] [ 20.740063] The buggy address belongs to the physical page: [ 20.740284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.740367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.740491] page_type: f5(slab) [ 20.740562] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.741355] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.741549] page dumped because: kasan: bad access detected [ 20.741624] [ 20.741694] Memory state around the buggy address: [ 20.741738] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.741804] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.742320] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.742524] ^ [ 20.742599] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.742921] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.743184] ================================================================== [ 20.744320] ================================================================== [ 20.744436] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.744502] Read of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.744557] [ 20.744773] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.744880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.745085] Hardware name: linux,dummy-virt (DT) [ 20.745128] Call trace: [ 20.745199] show_stack+0x20/0x38 (C) [ 20.745401] dump_stack_lvl+0x8c/0xd0 [ 20.745597] print_report+0x118/0x608 [ 20.745665] kasan_report+0xdc/0x128 [ 20.745815] kasan_check_range+0x100/0x1a8 [ 20.745907] __kasan_check_read+0x20/0x30 [ 20.746012] copy_user_test_oob+0x3c8/0xec8 [ 20.746067] kunit_try_run_case+0x170/0x3f0 [ 20.746114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.746550] kthread+0x328/0x630 [ 20.746785] ret_from_fork+0x10/0x20 [ 20.746855] [ 20.746948] Allocated by task 285: [ 20.746999] kasan_save_stack+0x3c/0x68 [ 20.747095] kasan_save_track+0x20/0x40 [ 20.747258] kasan_save_alloc_info+0x40/0x58 [ 20.747343] __kasan_kmalloc+0xd4/0xd8 [ 20.747535] __kmalloc_noprof+0x198/0x4c8 [ 20.747784] kunit_kmalloc_array+0x34/0x88 [ 20.747934] copy_user_test_oob+0xac/0xec8 [ 20.747994] kunit_try_run_case+0x170/0x3f0 [ 20.748303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.748546] kthread+0x328/0x630 [ 20.748674] ret_from_fork+0x10/0x20 [ 20.748875] [ 20.749094] The buggy address belongs to the object at fff00000c79f0a00 [ 20.749094] which belongs to the cache kmalloc-128 of size 128 [ 20.749376] The buggy address is located 0 bytes inside of [ 20.749376] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.749663] [ 20.749708] The buggy address belongs to the physical page: [ 20.749820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.749961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.750023] page_type: f5(slab) [ 20.750486] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.750616] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.750787] page dumped because: kasan: bad access detected [ 20.751496] [ 20.751573] Memory state around the buggy address: [ 20.751652] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.751717] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.751765] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.751807] ^ [ 20.752281] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.752641] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.752972] ================================================================== [ 20.755526] ================================================================== [ 20.755715] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.755863] Write of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.755923] [ 20.755956] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.756616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.756772] Hardware name: linux,dummy-virt (DT) [ 20.756868] Call trace: [ 20.756978] show_stack+0x20/0x38 (C) [ 20.757298] dump_stack_lvl+0x8c/0xd0 [ 20.757483] print_report+0x118/0x608 [ 20.757621] kasan_report+0xdc/0x128 [ 20.757745] kasan_check_range+0x100/0x1a8 [ 20.757917] __kasan_check_write+0x20/0x30 [ 20.757973] copy_user_test_oob+0x434/0xec8 [ 20.758022] kunit_try_run_case+0x170/0x3f0 [ 20.758242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.758362] kthread+0x328/0x630 [ 20.758409] ret_from_fork+0x10/0x20 [ 20.758497] [ 20.758530] Allocated by task 285: [ 20.758579] kasan_save_stack+0x3c/0x68 [ 20.758629] kasan_save_track+0x20/0x40 [ 20.758670] kasan_save_alloc_info+0x40/0x58 [ 20.758727] __kasan_kmalloc+0xd4/0xd8 [ 20.758765] __kmalloc_noprof+0x198/0x4c8 [ 20.758805] kunit_kmalloc_array+0x34/0x88 [ 20.758844] copy_user_test_oob+0xac/0xec8 [ 20.758884] kunit_try_run_case+0x170/0x3f0 [ 20.758922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.758969] kthread+0x328/0x630 [ 20.759486] ret_from_fork+0x10/0x20 [ 20.759765] [ 20.759932] The buggy address belongs to the object at fff00000c79f0a00 [ 20.759932] which belongs to the cache kmalloc-128 of size 128 [ 20.760204] The buggy address is located 0 bytes inside of [ 20.760204] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.760480] [ 20.760701] The buggy address belongs to the physical page: [ 20.761091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.761227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.761344] page_type: f5(slab) [ 20.761482] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.761538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.761984] page dumped because: kasan: bad access detected [ 20.762210] [ 20.762273] Memory state around the buggy address: [ 20.762353] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.762403] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.762972] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.763223] ^ [ 20.763378] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.763429] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.763484] ================================================================== [ 20.699820] ================================================================== [ 20.699918] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.700600] Write of size 121 at addr fff00000c79f0a00 by task kunit_try_catch/285 [ 20.701037] [ 20.701137] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.701359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.701392] Hardware name: linux,dummy-virt (DT) [ 20.701429] Call trace: [ 20.701470] show_stack+0x20/0x38 (C) [ 20.701529] dump_stack_lvl+0x8c/0xd0 [ 20.701581] print_report+0x118/0x608 [ 20.701774] kasan_report+0xdc/0x128 [ 20.701842] kasan_check_range+0x100/0x1a8 [ 20.701892] __kasan_check_write+0x20/0x30 [ 20.701939] copy_user_test_oob+0x234/0xec8 [ 20.701986] kunit_try_run_case+0x170/0x3f0 [ 20.702052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.702109] kthread+0x328/0x630 [ 20.702163] ret_from_fork+0x10/0x20 [ 20.702220] [ 20.702248] Allocated by task 285: [ 20.702279] kasan_save_stack+0x3c/0x68 [ 20.702325] kasan_save_track+0x20/0x40 [ 20.702366] kasan_save_alloc_info+0x40/0x58 [ 20.702411] __kasan_kmalloc+0xd4/0xd8 [ 20.702873] __kmalloc_noprof+0x198/0x4c8 [ 20.703172] kunit_kmalloc_array+0x34/0x88 [ 20.703589] copy_user_test_oob+0xac/0xec8 [ 20.703646] kunit_try_run_case+0x170/0x3f0 [ 20.703717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.703992] kthread+0x328/0x630 [ 20.704151] ret_from_fork+0x10/0x20 [ 20.704503] [ 20.704583] The buggy address belongs to the object at fff00000c79f0a00 [ 20.704583] which belongs to the cache kmalloc-128 of size 128 [ 20.704697] The buggy address is located 0 bytes inside of [ 20.704697] allocated 120-byte region [fff00000c79f0a00, fff00000c79f0a78) [ 20.704831] [ 20.704867] The buggy address belongs to the physical page: [ 20.704904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.705160] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.705643] page_type: f5(slab) [ 20.705901] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.706289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.706751] page dumped because: kasan: bad access detected [ 20.706930] [ 20.706968] Memory state around the buggy address: [ 20.707116] fff00000c79f0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.707287] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.707341] >fff00000c79f0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.707519] ^ [ 20.707629] fff00000c79f0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.707743] fff00000c79f0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.708125] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 20.634510] ================================================================== [ 20.634895] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 20.635107] Read of size 8 at addr fff00000c79f0978 by task kunit_try_catch/281 [ 20.635169] [ 20.635236] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.635632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.635862] Hardware name: linux,dummy-virt (DT) [ 20.635991] Call trace: [ 20.636127] show_stack+0x20/0x38 (C) [ 20.636349] dump_stack_lvl+0x8c/0xd0 [ 20.636507] print_report+0x118/0x608 [ 20.636563] kasan_report+0xdc/0x128 [ 20.636977] __asan_report_load8_noabort+0x20/0x30 [ 20.637057] copy_to_kernel_nofault+0x204/0x250 [ 20.637458] copy_to_kernel_nofault_oob+0x158/0x418 [ 20.637549] kunit_try_run_case+0x170/0x3f0 [ 20.637618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.637685] kthread+0x328/0x630 [ 20.637812] ret_from_fork+0x10/0x20 [ 20.637866] [ 20.637888] Allocated by task 281: [ 20.637930] kasan_save_stack+0x3c/0x68 [ 20.637977] kasan_save_track+0x20/0x40 [ 20.638026] kasan_save_alloc_info+0x40/0x58 [ 20.638078] __kasan_kmalloc+0xd4/0xd8 [ 20.638122] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.638165] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.638206] kunit_try_run_case+0x170/0x3f0 [ 20.638248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.638304] kthread+0x328/0x630 [ 20.638337] ret_from_fork+0x10/0x20 [ 20.638385] [ 20.638424] The buggy address belongs to the object at fff00000c79f0900 [ 20.638424] which belongs to the cache kmalloc-128 of size 128 [ 20.638506] The buggy address is located 0 bytes to the right of [ 20.638506] allocated 120-byte region [fff00000c79f0900, fff00000c79f0978) [ 20.638606] [ 20.638638] The buggy address belongs to the physical page: [ 20.638700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.638773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.638826] page_type: f5(slab) [ 20.638875] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.638937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.639300] page dumped because: kasan: bad access detected [ 20.639826] [ 20.640148] Memory state around the buggy address: [ 20.640559] fff00000c79f0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.640804] fff00000c79f0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.641002] >fff00000c79f0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.641326] ^ [ 20.641920] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.642323] fff00000c79f0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.642469] ================================================================== [ 20.646454] ================================================================== [ 20.646992] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 20.647083] Write of size 8 at addr fff00000c79f0978 by task kunit_try_catch/281 [ 20.647386] [ 20.647442] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.647866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.647942] Hardware name: linux,dummy-virt (DT) [ 20.648025] Call trace: [ 20.648081] show_stack+0x20/0x38 (C) [ 20.648181] dump_stack_lvl+0x8c/0xd0 [ 20.648579] print_report+0x118/0x608 [ 20.648727] kasan_report+0xdc/0x128 [ 20.648882] kasan_check_range+0x100/0x1a8 [ 20.649140] __kasan_check_write+0x20/0x30 [ 20.649408] copy_to_kernel_nofault+0x8c/0x250 [ 20.649528] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 20.649703] kunit_try_run_case+0x170/0x3f0 [ 20.650186] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.650380] kthread+0x328/0x630 [ 20.650637] ret_from_fork+0x10/0x20 [ 20.651250] [ 20.651362] Allocated by task 281: [ 20.651495] kasan_save_stack+0x3c/0x68 [ 20.651544] kasan_save_track+0x20/0x40 [ 20.651916] kasan_save_alloc_info+0x40/0x58 [ 20.652006] __kasan_kmalloc+0xd4/0xd8 [ 20.652160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.652333] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.652478] kunit_try_run_case+0x170/0x3f0 [ 20.652610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.652805] kthread+0x328/0x630 [ 20.652904] ret_from_fork+0x10/0x20 [ 20.653093] [ 20.653322] The buggy address belongs to the object at fff00000c79f0900 [ 20.653322] which belongs to the cache kmalloc-128 of size 128 [ 20.653422] The buggy address is located 0 bytes to the right of [ 20.653422] allocated 120-byte region [fff00000c79f0900, fff00000c79f0978) [ 20.653639] [ 20.653861] The buggy address belongs to the physical page: [ 20.654136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 20.654318] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.654466] page_type: f5(slab) [ 20.654583] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.654785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.654871] page dumped because: kasan: bad access detected [ 20.655153] [ 20.655369] Memory state around the buggy address: [ 20.655461] fff00000c79f0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.655566] fff00000c79f0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.655663] >fff00000c79f0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.655905] ^ [ 20.656134] fff00000c79f0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.656257] fff00000c79f0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.656405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 20.554574] ================================================================== [ 20.554681] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 20.554983] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 20.555309] [ 20.555364] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.555741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.555790] Hardware name: linux,dummy-virt (DT) [ 20.555888] Call trace: [ 20.556506] show_stack+0x20/0x38 (C) [ 20.556763] dump_stack_lvl+0x8c/0xd0 [ 20.556999] print_report+0x310/0x608 [ 20.557120] kasan_report+0xdc/0x128 [ 20.557354] __asan_report_load1_noabort+0x20/0x30 [ 20.557625] vmalloc_oob+0x578/0x5d0 [ 20.557902] kunit_try_run_case+0x170/0x3f0 [ 20.558172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.558525] kthread+0x328/0x630 [ 20.558615] ret_from_fork+0x10/0x20 [ 20.558864] [ 20.559043] The buggy address belongs to the virtual mapping at [ 20.559043] [ffff8000800fe000, ffff800080100000) created by: [ 20.559043] vmalloc_oob+0x98/0x5d0 [ 20.559291] [ 20.559640] The buggy address belongs to the physical page: [ 20.559689] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fc [ 20.559923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.560235] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.560657] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.560758] page dumped because: kasan: bad access detected [ 20.560964] [ 20.561045] Memory state around the buggy address: [ 20.561312] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.561403] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.561610] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.561830] ^ [ 20.561915] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.562148] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.563006] ================================================================== [ 20.565052] ================================================================== [ 20.565242] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 20.565627] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 20.565805] [ 20.565928] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.566023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.566051] Hardware name: linux,dummy-virt (DT) [ 20.566085] Call trace: [ 20.566109] show_stack+0x20/0x38 (C) [ 20.566411] dump_stack_lvl+0x8c/0xd0 [ 20.566611] print_report+0x310/0x608 [ 20.566842] kasan_report+0xdc/0x128 [ 20.566902] __asan_report_load1_noabort+0x20/0x30 [ 20.567159] vmalloc_oob+0x51c/0x5d0 [ 20.567574] kunit_try_run_case+0x170/0x3f0 [ 20.567813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.567909] kthread+0x328/0x630 [ 20.568157] ret_from_fork+0x10/0x20 [ 20.568390] [ 20.568533] The buggy address belongs to the virtual mapping at [ 20.568533] [ffff8000800fe000, ffff800080100000) created by: [ 20.568533] vmalloc_oob+0x98/0x5d0 [ 20.568647] [ 20.568690] The buggy address belongs to the physical page: [ 20.568999] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079fc [ 20.569640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.569998] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.570115] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.570337] page dumped because: kasan: bad access detected [ 20.570551] [ 20.570722] Memory state around the buggy address: [ 20.570763] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.570980] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.571212] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.571486] ^ [ 20.571719] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.571924] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.571972] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.203747] ================================================================== [ 20.204115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.204323] Read of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.204473] [ 20.204539] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.204783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.204819] Hardware name: linux,dummy-virt (DT) [ 20.204982] Call trace: [ 20.205042] show_stack+0x20/0x38 (C) [ 20.205098] dump_stack_lvl+0x8c/0xd0 [ 20.205151] print_report+0x118/0x608 [ 20.205350] kasan_report+0xdc/0x128 [ 20.205673] __asan_report_load4_noabort+0x20/0x30 [ 20.205786] kasan_atomics_helper+0x3dd8/0x4858 [ 20.205846] kasan_atomics+0x198/0x2e0 [ 20.205895] kunit_try_run_case+0x170/0x3f0 [ 20.206173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.206262] kthread+0x328/0x630 [ 20.206616] ret_from_fork+0x10/0x20 [ 20.206849] [ 20.206977] Allocated by task 265: [ 20.207053] kasan_save_stack+0x3c/0x68 [ 20.207102] kasan_save_track+0x20/0x40 [ 20.207143] kasan_save_alloc_info+0x40/0x58 [ 20.207187] __kasan_kmalloc+0xd4/0xd8 [ 20.207628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.207905] kasan_atomics+0xb8/0x2e0 [ 20.208074] kunit_try_run_case+0x170/0x3f0 [ 20.208334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.208560] kthread+0x328/0x630 [ 20.208623] ret_from_fork+0x10/0x20 [ 20.208947] [ 20.208978] The buggy address belongs to the object at fff00000c79f5980 [ 20.208978] which belongs to the cache kmalloc-64 of size 64 [ 20.209275] The buggy address is located 0 bytes to the right of [ 20.209275] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.209775] [ 20.209912] The buggy address belongs to the physical page: [ 20.209951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.210196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.210617] page_type: f5(slab) [ 20.210700] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.210926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.210988] page dumped because: kasan: bad access detected [ 20.211121] [ 20.211266] Memory state around the buggy address: [ 20.211401] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.211798] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.212120] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.212383] ^ [ 20.212473] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.212537] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.212806] ================================================================== [ 20.304611] ================================================================== [ 20.304792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 20.304853] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.304908] [ 20.304949] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.305301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.305591] Hardware name: linux,dummy-virt (DT) [ 20.305678] Call trace: [ 20.305835] show_stack+0x20/0x38 (C) [ 20.306151] dump_stack_lvl+0x8c/0xd0 [ 20.306235] print_report+0x118/0x608 [ 20.306741] kasan_report+0xdc/0x128 [ 20.306856] kasan_check_range+0x100/0x1a8 [ 20.306971] __kasan_check_write+0x20/0x30 [ 20.307071] kasan_atomics_helper+0xff0/0x4858 [ 20.307211] kasan_atomics+0x198/0x2e0 [ 20.307272] kunit_try_run_case+0x170/0x3f0 [ 20.307328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.307382] kthread+0x328/0x630 [ 20.307939] ret_from_fork+0x10/0x20 [ 20.308299] [ 20.308427] Allocated by task 265: [ 20.308527] kasan_save_stack+0x3c/0x68 [ 20.308635] kasan_save_track+0x20/0x40 [ 20.308684] kasan_save_alloc_info+0x40/0x58 [ 20.308894] __kasan_kmalloc+0xd4/0xd8 [ 20.309210] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.310693] kasan_atomics+0xb8/0x2e0 [ 20.310772] kunit_try_run_case+0x170/0x3f0 [ 20.310835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.310918] kthread+0x328/0x630 [ 20.310977] ret_from_fork+0x10/0x20 [ 20.311301] [ 20.311474] The buggy address belongs to the object at fff00000c79f5980 [ 20.311474] which belongs to the cache kmalloc-64 of size 64 [ 20.311690] The buggy address is located 0 bytes to the right of [ 20.311690] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.312009] [ 20.312040] The buggy address belongs to the physical page: [ 20.312076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.312558] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.312966] page_type: f5(slab) [ 20.313073] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.313294] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.313386] page dumped because: kasan: bad access detected [ 20.313669] [ 20.313750] Memory state around the buggy address: [ 20.313937] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.314169] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.314581] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.314662] ^ [ 20.314875] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.314939] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.314990] ================================================================== [ 20.484116] ================================================================== [ 20.484331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 20.484535] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.484632] [ 20.484666] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.484751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.485007] Hardware name: linux,dummy-virt (DT) [ 20.485399] Call trace: [ 20.485487] show_stack+0x20/0x38 (C) [ 20.485549] dump_stack_lvl+0x8c/0xd0 [ 20.485651] print_report+0x118/0x608 [ 20.485723] kasan_report+0xdc/0x128 [ 20.485771] kasan_check_range+0x100/0x1a8 [ 20.486098] __kasan_check_write+0x20/0x30 [ 20.486266] kasan_atomics_helper+0x16d0/0x4858 [ 20.486329] kasan_atomics+0x198/0x2e0 [ 20.486442] kunit_try_run_case+0x170/0x3f0 [ 20.486519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.486572] kthread+0x328/0x630 [ 20.486619] ret_from_fork+0x10/0x20 [ 20.486666] [ 20.486688] Allocated by task 265: [ 20.486717] kasan_save_stack+0x3c/0x68 [ 20.486760] kasan_save_track+0x20/0x40 [ 20.486882] kasan_save_alloc_info+0x40/0x58 [ 20.486933] __kasan_kmalloc+0xd4/0xd8 [ 20.486970] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.487061] kasan_atomics+0xb8/0x2e0 [ 20.487326] kunit_try_run_case+0x170/0x3f0 [ 20.487389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.488032] kthread+0x328/0x630 [ 20.488184] ret_from_fork+0x10/0x20 [ 20.488548] [ 20.488634] The buggy address belongs to the object at fff00000c79f5980 [ 20.488634] which belongs to the cache kmalloc-64 of size 64 [ 20.488913] The buggy address is located 0 bytes to the right of [ 20.488913] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.489352] [ 20.489542] The buggy address belongs to the physical page: [ 20.489769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.489887] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.489941] page_type: f5(slab) [ 20.490027] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.490606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.490698] page dumped because: kasan: bad access detected [ 20.491118] [ 20.491206] Memory state around the buggy address: [ 20.491484] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.491739] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.491982] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.492094] ^ [ 20.492197] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.492283] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.492673] ================================================================== [ 20.511565] ================================================================== [ 20.511691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 20.511764] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.511819] [ 20.511851] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.512084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.512167] Hardware name: linux,dummy-virt (DT) [ 20.512304] Call trace: [ 20.512357] show_stack+0x20/0x38 (C) [ 20.512800] dump_stack_lvl+0x8c/0xd0 [ 20.512989] print_report+0x118/0x608 [ 20.513051] kasan_report+0xdc/0x128 [ 20.513103] __asan_report_load8_noabort+0x20/0x30 [ 20.513340] kasan_atomics_helper+0x3e20/0x4858 [ 20.513914] kasan_atomics+0x198/0x2e0 [ 20.514093] kunit_try_run_case+0x170/0x3f0 [ 20.514154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.514247] kthread+0x328/0x630 [ 20.514358] ret_from_fork+0x10/0x20 [ 20.514411] [ 20.514442] Allocated by task 265: [ 20.514484] kasan_save_stack+0x3c/0x68 [ 20.514683] kasan_save_track+0x20/0x40 [ 20.514726] kasan_save_alloc_info+0x40/0x58 [ 20.514769] __kasan_kmalloc+0xd4/0xd8 [ 20.514805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.515144] kasan_atomics+0xb8/0x2e0 [ 20.515434] kunit_try_run_case+0x170/0x3f0 [ 20.515636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.515707] kthread+0x328/0x630 [ 20.515768] ret_from_fork+0x10/0x20 [ 20.515814] [ 20.516092] The buggy address belongs to the object at fff00000c79f5980 [ 20.516092] which belongs to the cache kmalloc-64 of size 64 [ 20.516959] The buggy address is located 0 bytes to the right of [ 20.516959] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.517377] [ 20.517426] The buggy address belongs to the physical page: [ 20.517496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.517807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.517971] page_type: f5(slab) [ 20.518114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.518337] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.518945] page dumped because: kasan: bad access detected [ 20.519049] [ 20.519237] Memory state around the buggy address: [ 20.519286] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.519404] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.519908] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.520002] ^ [ 20.520102] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.520157] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.520199] ================================================================== [ 20.341668] ================================================================== [ 20.341730] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.342238] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.342291] [ 20.342625] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.342723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.342751] Hardware name: linux,dummy-virt (DT) [ 20.342784] Call trace: [ 20.343138] show_stack+0x20/0x38 (C) [ 20.343226] dump_stack_lvl+0x8c/0xd0 [ 20.343507] print_report+0x118/0x608 [ 20.343937] kasan_report+0xdc/0x128 [ 20.344114] kasan_check_range+0x100/0x1a8 [ 20.344426] __kasan_check_write+0x20/0x30 [ 20.344750] kasan_atomics_helper+0x1190/0x4858 [ 20.344928] kasan_atomics+0x198/0x2e0 [ 20.345188] kunit_try_run_case+0x170/0x3f0 [ 20.345573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.345706] kthread+0x328/0x630 [ 20.345759] ret_from_fork+0x10/0x20 [ 20.345941] [ 20.346046] Allocated by task 265: [ 20.346285] kasan_save_stack+0x3c/0x68 [ 20.346614] kasan_save_track+0x20/0x40 [ 20.346873] kasan_save_alloc_info+0x40/0x58 [ 20.347019] __kasan_kmalloc+0xd4/0xd8 [ 20.347061] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.347103] kasan_atomics+0xb8/0x2e0 [ 20.347147] kunit_try_run_case+0x170/0x3f0 [ 20.347189] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.348174] kthread+0x328/0x630 [ 20.348241] ret_from_fork+0x10/0x20 [ 20.348316] [ 20.348372] The buggy address belongs to the object at fff00000c79f5980 [ 20.348372] which belongs to the cache kmalloc-64 of size 64 [ 20.348480] The buggy address is located 0 bytes to the right of [ 20.348480] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.348818] [ 20.348949] The buggy address belongs to the physical page: [ 20.349363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.349484] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.349540] page_type: f5(slab) [ 20.349581] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.349895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.350100] page dumped because: kasan: bad access detected [ 20.350148] [ 20.350422] Memory state around the buggy address: [ 20.350701] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.351079] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.351134] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.351179] ^ [ 20.351214] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.351539] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.351852] ================================================================== [ 20.234139] ================================================================== [ 20.234402] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.234790] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.234855] [ 20.235037] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.235985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.236069] Hardware name: linux,dummy-virt (DT) [ 20.236107] Call trace: [ 20.236133] show_stack+0x20/0x38 (C) [ 20.236363] dump_stack_lvl+0x8c/0xd0 [ 20.236544] print_report+0x118/0x608 [ 20.236959] kasan_report+0xdc/0x128 [ 20.237110] kasan_check_range+0x100/0x1a8 [ 20.237560] __kasan_check_read+0x20/0x30 [ 20.237650] kasan_atomics_helper+0xdd4/0x4858 [ 20.238000] kasan_atomics+0x198/0x2e0 [ 20.238238] kunit_try_run_case+0x170/0x3f0 [ 20.238427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.238585] kthread+0x328/0x630 [ 20.238651] ret_from_fork+0x10/0x20 [ 20.238959] [ 20.239204] Allocated by task 265: [ 20.239261] kasan_save_stack+0x3c/0x68 [ 20.239310] kasan_save_track+0x20/0x40 [ 20.239349] kasan_save_alloc_info+0x40/0x58 [ 20.239782] __kasan_kmalloc+0xd4/0xd8 [ 20.240277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.240506] kasan_atomics+0xb8/0x2e0 [ 20.240747] kunit_try_run_case+0x170/0x3f0 [ 20.240821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.241108] kthread+0x328/0x630 [ 20.241393] ret_from_fork+0x10/0x20 [ 20.241583] [ 20.241852] The buggy address belongs to the object at fff00000c79f5980 [ 20.241852] which belongs to the cache kmalloc-64 of size 64 [ 20.242052] The buggy address is located 0 bytes to the right of [ 20.242052] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.242273] [ 20.242455] The buggy address belongs to the physical page: [ 20.242813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.242958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.243252] page_type: f5(slab) [ 20.243677] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.243891] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.243952] page dumped because: kasan: bad access detected [ 20.243994] [ 20.244022] Memory state around the buggy address: [ 20.244715] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.244841] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.244978] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.245184] ^ [ 20.245429] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.245524] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.245689] ================================================================== [ 20.124205] ================================================================== [ 20.124316] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.124371] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.124425] [ 20.124473] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.124559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.124588] Hardware name: linux,dummy-virt (DT) [ 20.124624] Call trace: [ 20.124648] show_stack+0x20/0x38 (C) [ 20.124698] dump_stack_lvl+0x8c/0xd0 [ 20.124766] print_report+0x118/0x608 [ 20.124816] kasan_report+0xdc/0x128 [ 20.124862] kasan_check_range+0x100/0x1a8 [ 20.124913] __kasan_check_write+0x20/0x30 [ 20.124961] kasan_atomics_helper+0xa04/0x4858 [ 20.125011] kasan_atomics+0x198/0x2e0 [ 20.125057] kunit_try_run_case+0x170/0x3f0 [ 20.125107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.125162] kthread+0x328/0x630 [ 20.125206] ret_from_fork+0x10/0x20 [ 20.125255] [ 20.125285] Allocated by task 265: [ 20.125316] kasan_save_stack+0x3c/0x68 [ 20.125357] kasan_save_track+0x20/0x40 [ 20.125398] kasan_save_alloc_info+0x40/0x58 [ 20.125441] __kasan_kmalloc+0xd4/0xd8 [ 20.125655] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.125706] kasan_atomics+0xb8/0x2e0 [ 20.125743] kunit_try_run_case+0x170/0x3f0 [ 20.126407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.126711] kthread+0x328/0x630 [ 20.126802] ret_from_fork+0x10/0x20 [ 20.126882] [ 20.127198] The buggy address belongs to the object at fff00000c79f5980 [ 20.127198] which belongs to the cache kmalloc-64 of size 64 [ 20.127324] The buggy address is located 0 bytes to the right of [ 20.127324] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.127497] [ 20.127680] The buggy address belongs to the physical page: [ 20.127736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.128080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.128261] page_type: f5(slab) [ 20.128388] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.128625] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.128886] page dumped because: kasan: bad access detected [ 20.129294] [ 20.129344] Memory state around the buggy address: [ 20.129486] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.129539] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.129776] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.129976] ^ [ 20.130083] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.130179] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.130222] ================================================================== [ 20.257034] ================================================================== [ 20.257168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 20.257222] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.257288] [ 20.257321] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.257408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.257659] Hardware name: linux,dummy-virt (DT) [ 20.257801] Call trace: [ 20.257835] show_stack+0x20/0x38 (C) [ 20.258143] dump_stack_lvl+0x8c/0xd0 [ 20.258563] print_report+0x118/0x608 [ 20.258633] kasan_report+0xdc/0x128 [ 20.258733] kasan_check_range+0x100/0x1a8 [ 20.258787] __kasan_check_write+0x20/0x30 [ 20.259300] kasan_atomics_helper+0xe44/0x4858 [ 20.259470] kasan_atomics+0x198/0x2e0 [ 20.259832] kunit_try_run_case+0x170/0x3f0 [ 20.260470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.260659] kthread+0x328/0x630 [ 20.260785] ret_from_fork+0x10/0x20 [ 20.261189] [ 20.261221] Allocated by task 265: [ 20.261438] kasan_save_stack+0x3c/0x68 [ 20.261695] kasan_save_track+0x20/0x40 [ 20.261754] kasan_save_alloc_info+0x40/0x58 [ 20.262006] __kasan_kmalloc+0xd4/0xd8 [ 20.262259] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.262544] kasan_atomics+0xb8/0x2e0 [ 20.262820] kunit_try_run_case+0x170/0x3f0 [ 20.263087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.263431] kthread+0x328/0x630 [ 20.263488] ret_from_fork+0x10/0x20 [ 20.263529] [ 20.263553] The buggy address belongs to the object at fff00000c79f5980 [ 20.263553] which belongs to the cache kmalloc-64 of size 64 [ 20.263940] The buggy address is located 0 bytes to the right of [ 20.263940] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.264433] [ 20.264480] The buggy address belongs to the physical page: [ 20.264655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.264934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.265314] page_type: f5(slab) [ 20.265647] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.266081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.266300] page dumped because: kasan: bad access detected [ 20.266557] [ 20.266585] Memory state around the buggy address: [ 20.266628] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.266675] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.266889] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.266983] ^ [ 20.267041] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.267331] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.267689] ================================================================== [ 20.324245] ================================================================== [ 20.324476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 20.324602] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.324673] [ 20.324853] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.324950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.324980] Hardware name: linux,dummy-virt (DT) [ 20.325144] Call trace: [ 20.325382] show_stack+0x20/0x38 (C) [ 20.325594] dump_stack_lvl+0x8c/0xd0 [ 20.325798] print_report+0x118/0x608 [ 20.325860] kasan_report+0xdc/0x128 [ 20.325913] kasan_check_range+0x100/0x1a8 [ 20.325964] __kasan_check_write+0x20/0x30 [ 20.326533] kasan_atomics_helper+0x10c0/0x4858 [ 20.326743] kasan_atomics+0x198/0x2e0 [ 20.326806] kunit_try_run_case+0x170/0x3f0 [ 20.326856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.326918] kthread+0x328/0x630 [ 20.327368] ret_from_fork+0x10/0x20 [ 20.327817] [ 20.327856] Allocated by task 265: [ 20.327950] kasan_save_stack+0x3c/0x68 [ 20.328006] kasan_save_track+0x20/0x40 [ 20.328045] kasan_save_alloc_info+0x40/0x58 [ 20.328089] __kasan_kmalloc+0xd4/0xd8 [ 20.328127] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.328391] kasan_atomics+0xb8/0x2e0 [ 20.328797] kunit_try_run_case+0x170/0x3f0 [ 20.329168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.329600] kthread+0x328/0x630 [ 20.329889] ret_from_fork+0x10/0x20 [ 20.330086] [ 20.330130] The buggy address belongs to the object at fff00000c79f5980 [ 20.330130] which belongs to the cache kmalloc-64 of size 64 [ 20.330378] The buggy address is located 0 bytes to the right of [ 20.330378] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.330601] [ 20.330799] The buggy address belongs to the physical page: [ 20.330873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.331071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.331129] page_type: f5(slab) [ 20.331171] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.331227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.331273] page dumped because: kasan: bad access detected [ 20.331596] [ 20.331813] Memory state around the buggy address: [ 20.331870] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.332405] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.332707] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.332829] ^ [ 20.333406] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.333669] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.333897] ================================================================== [ 20.441424] ================================================================== [ 20.441495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 20.441547] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.441600] [ 20.442128] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.442241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.442270] Hardware name: linux,dummy-virt (DT) [ 20.442526] Call trace: [ 20.442711] show_stack+0x20/0x38 (C) [ 20.442863] dump_stack_lvl+0x8c/0xd0 [ 20.443069] print_report+0x118/0x608 [ 20.443750] kasan_report+0xdc/0x128 [ 20.443938] kasan_check_range+0x100/0x1a8 [ 20.444182] __kasan_check_write+0x20/0x30 [ 20.444234] kasan_atomics_helper+0x15b4/0x4858 [ 20.444285] kasan_atomics+0x198/0x2e0 [ 20.444332] kunit_try_run_case+0x170/0x3f0 [ 20.444825] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.445121] kthread+0x328/0x630 [ 20.445395] ret_from_fork+0x10/0x20 [ 20.445522] [ 20.445548] Allocated by task 265: [ 20.445719] kasan_save_stack+0x3c/0x68 [ 20.445827] kasan_save_track+0x20/0x40 [ 20.446013] kasan_save_alloc_info+0x40/0x58 [ 20.446326] __kasan_kmalloc+0xd4/0xd8 [ 20.446539] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.446658] kasan_atomics+0xb8/0x2e0 [ 20.446705] kunit_try_run_case+0x170/0x3f0 [ 20.446744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.446791] kthread+0x328/0x630 [ 20.446826] ret_from_fork+0x10/0x20 [ 20.446865] [ 20.446888] The buggy address belongs to the object at fff00000c79f5980 [ 20.446888] which belongs to the cache kmalloc-64 of size 64 [ 20.446951] The buggy address is located 0 bytes to the right of [ 20.446951] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.447021] [ 20.447333] The buggy address belongs to the physical page: [ 20.447531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.447620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.447674] page_type: f5(slab) [ 20.447726] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.447780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.447837] page dumped because: kasan: bad access detected [ 20.447873] [ 20.447902] Memory state around the buggy address: [ 20.447948] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.447995] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.448041] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.448094] ^ [ 20.448138] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.448189] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.448240] ================================================================== [ 20.411024] ================================================================== [ 20.411215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 20.411628] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.411825] [ 20.411930] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.412024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.412202] Hardware name: linux,dummy-virt (DT) [ 20.412619] Call trace: [ 20.412675] show_stack+0x20/0x38 (C) [ 20.413116] dump_stack_lvl+0x8c/0xd0 [ 20.413624] print_report+0x118/0x608 [ 20.413814] kasan_report+0xdc/0x128 [ 20.413912] kasan_check_range+0x100/0x1a8 [ 20.414162] __kasan_check_write+0x20/0x30 [ 20.414574] kasan_atomics_helper+0x147c/0x4858 [ 20.414804] kasan_atomics+0x198/0x2e0 [ 20.414957] kunit_try_run_case+0x170/0x3f0 [ 20.415022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.415429] kthread+0x328/0x630 [ 20.415535] ret_from_fork+0x10/0x20 [ 20.415860] [ 20.416030] Allocated by task 265: [ 20.416119] kasan_save_stack+0x3c/0x68 [ 20.416274] kasan_save_track+0x20/0x40 [ 20.416381] kasan_save_alloc_info+0x40/0x58 [ 20.416517] __kasan_kmalloc+0xd4/0xd8 [ 20.416560] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.416605] kasan_atomics+0xb8/0x2e0 [ 20.416641] kunit_try_run_case+0x170/0x3f0 [ 20.416681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.416728] kthread+0x328/0x630 [ 20.416764] ret_from_fork+0x10/0x20 [ 20.416802] [ 20.416841] The buggy address belongs to the object at fff00000c79f5980 [ 20.416841] which belongs to the cache kmalloc-64 of size 64 [ 20.416912] The buggy address is located 0 bytes to the right of [ 20.416912] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.416981] [ 20.417017] The buggy address belongs to the physical page: [ 20.417060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.417137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.417198] page_type: f5(slab) [ 20.417239] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.417293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.417357] page dumped because: kasan: bad access detected [ 20.417393] [ 20.417422] Memory state around the buggy address: [ 20.417479] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.417526] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.417582] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.417631] ^ [ 20.417665] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.417721] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.417763] ================================================================== [ 20.114227] ================================================================== [ 20.114392] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.114466] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.114521] [ 20.114634] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.114728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.114775] Hardware name: linux,dummy-virt (DT) [ 20.115164] Call trace: [ 20.115215] show_stack+0x20/0x38 (C) [ 20.115457] dump_stack_lvl+0x8c/0xd0 [ 20.115607] print_report+0x118/0x608 [ 20.115711] kasan_report+0xdc/0x128 [ 20.115768] kasan_check_range+0x100/0x1a8 [ 20.115818] __kasan_check_write+0x20/0x30 [ 20.116045] kasan_atomics_helper+0x99c/0x4858 [ 20.116201] kasan_atomics+0x198/0x2e0 [ 20.116401] kunit_try_run_case+0x170/0x3f0 [ 20.116633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.116713] kthread+0x328/0x630 [ 20.116799] ret_from_fork+0x10/0x20 [ 20.117288] [ 20.117319] Allocated by task 265: [ 20.117390] kasan_save_stack+0x3c/0x68 [ 20.117727] kasan_save_track+0x20/0x40 [ 20.117920] kasan_save_alloc_info+0x40/0x58 [ 20.118072] __kasan_kmalloc+0xd4/0xd8 [ 20.118183] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.118329] kasan_atomics+0xb8/0x2e0 [ 20.118623] kunit_try_run_case+0x170/0x3f0 [ 20.118870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.118974] kthread+0x328/0x630 [ 20.119122] ret_from_fork+0x10/0x20 [ 20.119163] [ 20.119185] The buggy address belongs to the object at fff00000c79f5980 [ 20.119185] which belongs to the cache kmalloc-64 of size 64 [ 20.119255] The buggy address is located 0 bytes to the right of [ 20.119255] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.119666] [ 20.119701] The buggy address belongs to the physical page: [ 20.119825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.119958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.120102] page_type: f5(slab) [ 20.120149] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.120410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.120665] page dumped because: kasan: bad access detected [ 20.121181] [ 20.121228] Memory state around the buggy address: [ 20.121694] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.121978] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.122042] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.122436] ^ [ 20.122711] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.122809] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.122921] ================================================================== [ 19.885600] ================================================================== [ 19.900033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 19.900456] dump_stack_lvl+0x8c/0xd0 [ 19.901145] __kasan_kmalloc+0xd4/0xd8 [ 19.902268] The buggy address belongs to the physical page: [ 19.903568] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.904804] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.905202] ^ [ 19.905404] ================================================================== [ 20.431305] ================================================================== [ 20.431805] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 20.432041] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.432156] [ 20.432217] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.432878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.433079] Hardware name: linux,dummy-virt (DT) [ 20.433266] Call trace: [ 20.433371] show_stack+0x20/0x38 (C) [ 20.433842] dump_stack_lvl+0x8c/0xd0 [ 20.434042] print_report+0x118/0x608 [ 20.434133] kasan_report+0xdc/0x128 [ 20.434296] kasan_check_range+0x100/0x1a8 [ 20.434436] __kasan_check_write+0x20/0x30 [ 20.434494] kasan_atomics_helper+0x154c/0x4858 [ 20.434546] kasan_atomics+0x198/0x2e0 [ 20.434601] kunit_try_run_case+0x170/0x3f0 [ 20.434651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.434705] kthread+0x328/0x630 [ 20.434751] ret_from_fork+0x10/0x20 [ 20.434800] [ 20.434832] Allocated by task 265: [ 20.434878] kasan_save_stack+0x3c/0x68 [ 20.434921] kasan_save_track+0x20/0x40 [ 20.434971] kasan_save_alloc_info+0x40/0x58 [ 20.435276] __kasan_kmalloc+0xd4/0xd8 [ 20.435640] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.435728] kasan_atomics+0xb8/0x2e0 [ 20.436085] kunit_try_run_case+0x170/0x3f0 [ 20.436135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.436191] kthread+0x328/0x630 [ 20.436226] ret_from_fork+0x10/0x20 [ 20.436587] [ 20.437036] The buggy address belongs to the object at fff00000c79f5980 [ 20.437036] which belongs to the cache kmalloc-64 of size 64 [ 20.437164] The buggy address is located 0 bytes to the right of [ 20.437164] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.437525] [ 20.437740] The buggy address belongs to the physical page: [ 20.437860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.438028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.438246] page_type: f5(slab) [ 20.438722] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.438793] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.439016] page dumped because: kasan: bad access detected [ 20.439567] [ 20.439613] Memory state around the buggy address: [ 20.439668] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.439717] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.439763] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.439805] ^ [ 20.440368] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.440602] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.440766] ================================================================== [ 20.298112] ================================================================== [ 20.298361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 20.298657] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.298727] [ 20.298826] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.298956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.299021] Hardware name: linux,dummy-virt (DT) [ 20.299110] Call trace: [ 20.299170] show_stack+0x20/0x38 (C) [ 20.299310] dump_stack_lvl+0x8c/0xd0 [ 20.299488] print_report+0x118/0x608 [ 20.299610] kasan_report+0xdc/0x128 [ 20.299658] kasan_check_range+0x100/0x1a8 [ 20.299717] __kasan_check_write+0x20/0x30 [ 20.299926] kasan_atomics_helper+0xf88/0x4858 [ 20.300028] kasan_atomics+0x198/0x2e0 [ 20.300086] kunit_try_run_case+0x170/0x3f0 [ 20.300136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.300192] kthread+0x328/0x630 [ 20.300237] ret_from_fork+0x10/0x20 [ 20.300295] [ 20.300318] Allocated by task 265: [ 20.300347] kasan_save_stack+0x3c/0x68 [ 20.300407] kasan_save_track+0x20/0x40 [ 20.300460] kasan_save_alloc_info+0x40/0x58 [ 20.300511] __kasan_kmalloc+0xd4/0xd8 [ 20.300552] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.300601] kasan_atomics+0xb8/0x2e0 [ 20.300647] kunit_try_run_case+0x170/0x3f0 [ 20.300688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.300748] kthread+0x328/0x630 [ 20.300783] ret_from_fork+0x10/0x20 [ 20.300821] [ 20.300852] The buggy address belongs to the object at fff00000c79f5980 [ 20.300852] which belongs to the cache kmalloc-64 of size 64 [ 20.300920] The buggy address is located 0 bytes to the right of [ 20.300920] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.300997] [ 20.301034] The buggy address belongs to the physical page: [ 20.301068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.301136] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.301188] page_type: f5(slab) [ 20.301228] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.301282] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.301336] page dumped because: kasan: bad access detected [ 20.301380] [ 20.301410] Memory state around the buggy address: [ 20.301552] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.302409] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.302618] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.302968] ^ [ 20.303031] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.303576] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.303708] ================================================================== [ 20.400083] ================================================================== [ 20.400612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 20.400769] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.400866] [ 20.400900] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.401046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.401410] Hardware name: linux,dummy-virt (DT) [ 20.401824] Call trace: [ 20.401870] show_stack+0x20/0x38 (C) [ 20.402014] dump_stack_lvl+0x8c/0xd0 [ 20.402071] print_report+0x118/0x608 [ 20.402203] kasan_report+0xdc/0x128 [ 20.402255] kasan_check_range+0x100/0x1a8 [ 20.402546] __kasan_check_write+0x20/0x30 [ 20.402596] kasan_atomics_helper+0x1414/0x4858 [ 20.402648] kasan_atomics+0x198/0x2e0 [ 20.402804] kunit_try_run_case+0x170/0x3f0 [ 20.402867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.402923] kthread+0x328/0x630 [ 20.402968] ret_from_fork+0x10/0x20 [ 20.403751] [ 20.403878] Allocated by task 265: [ 20.404004] kasan_save_stack+0x3c/0x68 [ 20.404076] kasan_save_track+0x20/0x40 [ 20.404195] kasan_save_alloc_info+0x40/0x58 [ 20.404237] __kasan_kmalloc+0xd4/0xd8 [ 20.404277] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.404318] kasan_atomics+0xb8/0x2e0 [ 20.404521] kunit_try_run_case+0x170/0x3f0 [ 20.404756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.405046] kthread+0x328/0x630 [ 20.405283] ret_from_fork+0x10/0x20 [ 20.405366] [ 20.405415] The buggy address belongs to the object at fff00000c79f5980 [ 20.405415] which belongs to the cache kmalloc-64 of size 64 [ 20.405698] The buggy address is located 0 bytes to the right of [ 20.405698] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.406166] [ 20.406534] The buggy address belongs to the physical page: [ 20.406810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.407247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.407309] page_type: f5(slab) [ 20.407607] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.408210] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.408293] page dumped because: kasan: bad access detected [ 20.408334] [ 20.408514] Memory state around the buggy address: [ 20.408788] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.409016] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.409071] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.409122] ^ [ 20.409158] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.409728] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.409793] ================================================================== [ 20.498979] ================================================================== [ 20.499927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 20.500026] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.500406] [ 20.500474] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.500632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.500871] Hardware name: linux,dummy-virt (DT) [ 20.500911] Call trace: [ 20.501129] show_stack+0x20/0x38 (C) [ 20.501328] dump_stack_lvl+0x8c/0xd0 [ 20.501567] print_report+0x118/0x608 [ 20.501871] kasan_report+0xdc/0x128 [ 20.501930] kasan_check_range+0x100/0x1a8 [ 20.502251] __kasan_check_write+0x20/0x30 [ 20.502682] kasan_atomics_helper+0x175c/0x4858 [ 20.502892] kasan_atomics+0x198/0x2e0 [ 20.503008] kunit_try_run_case+0x170/0x3f0 [ 20.503105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.503253] kthread+0x328/0x630 [ 20.503300] ret_from_fork+0x10/0x20 [ 20.503730] [ 20.503772] Allocated by task 265: [ 20.504289] kasan_save_stack+0x3c/0x68 [ 20.504421] kasan_save_track+0x20/0x40 [ 20.504574] kasan_save_alloc_info+0x40/0x58 [ 20.504617] __kasan_kmalloc+0xd4/0xd8 [ 20.504832] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.504953] kasan_atomics+0xb8/0x2e0 [ 20.505529] kunit_try_run_case+0x170/0x3f0 [ 20.505653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.505807] kthread+0x328/0x630 [ 20.505847] ret_from_fork+0x10/0x20 [ 20.506477] [ 20.506709] The buggy address belongs to the object at fff00000c79f5980 [ 20.506709] which belongs to the cache kmalloc-64 of size 64 [ 20.506949] The buggy address is located 0 bytes to the right of [ 20.506949] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.507292] [ 20.507506] The buggy address belongs to the physical page: [ 20.507566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.507753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.508009] page_type: f5(slab) [ 20.508256] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.508738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.508831] page dumped because: kasan: bad access detected [ 20.508992] [ 20.509301] Memory state around the buggy address: [ 20.509553] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.509618] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.509817] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.509915] ^ [ 20.510244] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.510557] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.510761] ================================================================== [ 20.316514] ================================================================== [ 20.316997] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 20.317207] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.317262] [ 20.317298] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.317422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.317462] Hardware name: linux,dummy-virt (DT) [ 20.317497] Call trace: [ 20.317532] show_stack+0x20/0x38 (C) [ 20.317582] dump_stack_lvl+0x8c/0xd0 [ 20.317640] print_report+0x118/0x608 [ 20.317688] kasan_report+0xdc/0x128 [ 20.317744] kasan_check_range+0x100/0x1a8 [ 20.317794] __kasan_check_write+0x20/0x30 [ 20.317841] kasan_atomics_helper+0x1058/0x4858 [ 20.317894] kasan_atomics+0x198/0x2e0 [ 20.317939] kunit_try_run_case+0x170/0x3f0 [ 20.317988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.318043] kthread+0x328/0x630 [ 20.318085] ret_from_fork+0x10/0x20 [ 20.318134] [ 20.318154] Allocated by task 265: [ 20.318188] kasan_save_stack+0x3c/0x68 [ 20.318231] kasan_save_track+0x20/0x40 [ 20.318269] kasan_save_alloc_info+0x40/0x58 [ 20.318312] __kasan_kmalloc+0xd4/0xd8 [ 20.318349] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.318397] kasan_atomics+0xb8/0x2e0 [ 20.318439] kunit_try_run_case+0x170/0x3f0 [ 20.318486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.318531] kthread+0x328/0x630 [ 20.318566] ret_from_fork+0x10/0x20 [ 20.318613] [ 20.318636] The buggy address belongs to the object at fff00000c79f5980 [ 20.318636] which belongs to the cache kmalloc-64 of size 64 [ 20.318699] The buggy address is located 0 bytes to the right of [ 20.318699] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.318768] [ 20.318789] The buggy address belongs to the physical page: [ 20.318823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.318878] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.318930] page_type: f5(slab) [ 20.318971] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.319411] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.319960] page dumped because: kasan: bad access detected [ 20.320021] [ 20.320089] Memory state around the buggy address: [ 20.320162] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.320396] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.320493] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.320821] ^ [ 20.321371] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.321657] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.321960] ================================================================== [ 20.364840] ================================================================== [ 20.364899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 20.364950] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.365014] [ 20.365056] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.365141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.365176] Hardware name: linux,dummy-virt (DT) [ 20.365218] Call trace: [ 20.365253] show_stack+0x20/0x38 (C) [ 20.365303] dump_stack_lvl+0x8c/0xd0 [ 20.365352] print_report+0x118/0x608 [ 20.365410] kasan_report+0xdc/0x128 [ 20.365471] kasan_check_range+0x100/0x1a8 [ 20.365531] __kasan_check_write+0x20/0x30 [ 20.365586] kasan_atomics_helper+0x126c/0x4858 [ 20.365644] kasan_atomics+0x198/0x2e0 [ 20.365700] kunit_try_run_case+0x170/0x3f0 [ 20.365750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.365805] kthread+0x328/0x630 [ 20.365847] ret_from_fork+0x10/0x20 [ 20.365896] [ 20.365916] Allocated by task 265: [ 20.365946] kasan_save_stack+0x3c/0x68 [ 20.365987] kasan_save_track+0x20/0x40 [ 20.366027] kasan_save_alloc_info+0x40/0x58 [ 20.366073] __kasan_kmalloc+0xd4/0xd8 [ 20.366113] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.366158] kasan_atomics+0xb8/0x2e0 [ 20.366207] kunit_try_run_case+0x170/0x3f0 [ 20.366252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.366296] kthread+0x328/0x630 [ 20.366332] ret_from_fork+0x10/0x20 [ 20.366370] [ 20.366399] The buggy address belongs to the object at fff00000c79f5980 [ 20.366399] which belongs to the cache kmalloc-64 of size 64 [ 20.366898] The buggy address is located 0 bytes to the right of [ 20.366898] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.366975] [ 20.366997] The buggy address belongs to the physical page: [ 20.367486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.367565] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.367801] page_type: f5(slab) [ 20.368513] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.369161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.369581] page dumped because: kasan: bad access detected [ 20.369627] [ 20.370336] Memory state around the buggy address: [ 20.370397] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.370502] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.370552] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.370846] ^ [ 20.371278] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.371339] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.371380] ================================================================== [ 20.335917] ================================================================== [ 20.336008] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.336071] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.336123] [ 20.336154] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.336239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.336472] Hardware name: linux,dummy-virt (DT) [ 20.336907] Call trace: [ 20.336955] show_stack+0x20/0x38 (C) [ 20.337009] dump_stack_lvl+0x8c/0xd0 [ 20.337210] print_report+0x118/0x608 [ 20.337286] kasan_report+0xdc/0x128 [ 20.337701] kasan_check_range+0x100/0x1a8 [ 20.337790] __kasan_check_write+0x20/0x30 [ 20.337840] kasan_atomics_helper+0x1128/0x4858 [ 20.338091] kasan_atomics+0x198/0x2e0 [ 20.338278] kunit_try_run_case+0x170/0x3f0 [ 20.338532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.338605] kthread+0x328/0x630 [ 20.338789] ret_from_fork+0x10/0x20 [ 20.339181] [ 20.339291] Allocated by task 265: [ 20.339378] kasan_save_stack+0x3c/0x68 [ 20.339617] kasan_save_track+0x20/0x40 [ 20.339666] kasan_save_alloc_info+0x40/0x58 [ 20.339833] __kasan_kmalloc+0xd4/0xd8 [ 20.340043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.340094] kasan_atomics+0xb8/0x2e0 [ 20.340135] kunit_try_run_case+0x170/0x3f0 [ 20.340176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.340246] kthread+0x328/0x630 [ 20.340290] ret_from_fork+0x10/0x20 [ 20.340327] [ 20.340361] The buggy address belongs to the object at fff00000c79f5980 [ 20.340361] which belongs to the cache kmalloc-64 of size 64 [ 20.340431] The buggy address is located 0 bytes to the right of [ 20.340431] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.340512] [ 20.340552] The buggy address belongs to the physical page: [ 20.340593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.340662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.340724] page_type: f5(slab) [ 20.340763] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.340819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.340865] page dumped because: kasan: bad access detected [ 20.340900] [ 20.340939] Memory state around the buggy address: [ 20.340994] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.341052] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.341108] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.341151] ^ [ 20.341187] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.341241] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.341285] ================================================================== [ 20.493652] ================================================================== [ 20.493720] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 20.493772] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.493825] [ 20.493855] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.493937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.493965] Hardware name: linux,dummy-virt (DT) [ 20.494000] Call trace: [ 20.494460] show_stack+0x20/0x38 (C) [ 20.494725] dump_stack_lvl+0x8c/0xd0 [ 20.494809] print_report+0x118/0x608 [ 20.494862] kasan_report+0xdc/0x128 [ 20.494974] __asan_report_load8_noabort+0x20/0x30 [ 20.495092] kasan_atomics_helper+0x3e10/0x4858 [ 20.495434] kasan_atomics+0x198/0x2e0 [ 20.495588] kunit_try_run_case+0x170/0x3f0 [ 20.495700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.495914] kthread+0x328/0x630 [ 20.496125] ret_from_fork+0x10/0x20 [ 20.496622] [ 20.496654] Allocated by task 265: [ 20.496691] kasan_save_stack+0x3c/0x68 [ 20.496935] kasan_save_track+0x20/0x40 [ 20.496987] kasan_save_alloc_info+0x40/0x58 [ 20.497029] __kasan_kmalloc+0xd4/0xd8 [ 20.497130] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.497183] kasan_atomics+0xb8/0x2e0 [ 20.497233] kunit_try_run_case+0x170/0x3f0 [ 20.497273] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.497320] kthread+0x328/0x630 [ 20.497353] ret_from_fork+0x10/0x20 [ 20.497389] [ 20.497411] The buggy address belongs to the object at fff00000c79f5980 [ 20.497411] which belongs to the cache kmalloc-64 of size 64 [ 20.497485] The buggy address is located 0 bytes to the right of [ 20.497485] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.497566] [ 20.497605] The buggy address belongs to the physical page: [ 20.497639] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.497697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.497747] page_type: f5(slab) [ 20.497788] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.497852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.497899] page dumped because: kasan: bad access detected [ 20.497941] [ 20.497985] Memory state around the buggy address: [ 20.498025] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.498093] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.498139] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.498183] ^ [ 20.498219] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.498264] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.498306] ================================================================== [ 20.094976] ================================================================== [ 20.095254] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.095426] Read of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.095692] [ 20.095740] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.095917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.096115] Hardware name: linux,dummy-virt (DT) [ 20.096155] Call trace: [ 20.096177] show_stack+0x20/0x38 (C) [ 20.096462] dump_stack_lvl+0x8c/0xd0 [ 20.096683] print_report+0x118/0x608 [ 20.096736] kasan_report+0xdc/0x128 [ 20.097199] __asan_report_load4_noabort+0x20/0x30 [ 20.097298] kasan_atomics_helper+0x42d8/0x4858 [ 20.097753] kasan_atomics+0x198/0x2e0 [ 20.097907] kunit_try_run_case+0x170/0x3f0 [ 20.097974] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.098185] kthread+0x328/0x630 [ 20.098402] ret_from_fork+0x10/0x20 [ 20.098824] [ 20.098881] Allocated by task 265: [ 20.099091] kasan_save_stack+0x3c/0x68 [ 20.099255] kasan_save_track+0x20/0x40 [ 20.099442] kasan_save_alloc_info+0x40/0x58 [ 20.099663] __kasan_kmalloc+0xd4/0xd8 [ 20.099710] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.100188] kasan_atomics+0xb8/0x2e0 [ 20.100364] kunit_try_run_case+0x170/0x3f0 [ 20.100496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.100693] kthread+0x328/0x630 [ 20.100738] ret_from_fork+0x10/0x20 [ 20.100986] [ 20.101206] The buggy address belongs to the object at fff00000c79f5980 [ 20.101206] which belongs to the cache kmalloc-64 of size 64 [ 20.101278] The buggy address is located 0 bytes to the right of [ 20.101278] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.101625] [ 20.101717] The buggy address belongs to the physical page: [ 20.101763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.101983] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.102172] page_type: f5(slab) [ 20.102456] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.102527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.102890] Memory state around the buggy address: [ 20.103410] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.104911] ================================================================== [ 20.473272] ================================================================== [ 20.473325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 20.473377] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.473803] [ 20.473884] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.474039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.474137] Hardware name: linux,dummy-virt (DT) [ 20.474181] Call trace: [ 20.474510] show_stack+0x20/0x38 (C) [ 20.474576] dump_stack_lvl+0x8c/0xd0 [ 20.474871] print_report+0x118/0x608 [ 20.475207] kasan_report+0xdc/0x128 [ 20.475434] __asan_report_load8_noabort+0x20/0x30 [ 20.475674] kasan_atomics_helper+0x3df4/0x4858 [ 20.475790] kasan_atomics+0x198/0x2e0 [ 20.476085] kunit_try_run_case+0x170/0x3f0 [ 20.476367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.476531] kthread+0x328/0x630 [ 20.476581] ret_from_fork+0x10/0x20 [ 20.477146] [ 20.477229] Allocated by task 265: [ 20.477544] kasan_save_stack+0x3c/0x68 [ 20.477683] kasan_save_track+0x20/0x40 [ 20.477964] kasan_save_alloc_info+0x40/0x58 [ 20.478327] __kasan_kmalloc+0xd4/0xd8 [ 20.478537] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.478599] kasan_atomics+0xb8/0x2e0 [ 20.478647] kunit_try_run_case+0x170/0x3f0 [ 20.478689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.478744] kthread+0x328/0x630 [ 20.478787] ret_from_fork+0x10/0x20 [ 20.478826] [ 20.478849] The buggy address belongs to the object at fff00000c79f5980 [ 20.478849] which belongs to the cache kmalloc-64 of size 64 [ 20.478922] The buggy address is located 0 bytes to the right of [ 20.478922] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.479186] [ 20.479430] The buggy address belongs to the physical page: [ 20.479485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.480378] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.480918] page_type: f5(slab) [ 20.481001] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.481079] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.481149] page dumped because: kasan: bad access detected [ 20.481201] [ 20.481261] Memory state around the buggy address: [ 20.481610] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.481678] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.481855] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.482369] ^ [ 20.482651] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.482729] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.482978] ================================================================== [ 20.287934] ================================================================== [ 20.287991] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 20.288043] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.288097] [ 20.288603] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.288708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.288737] Hardware name: linux,dummy-virt (DT) [ 20.288781] Call trace: [ 20.289241] show_stack+0x20/0x38 (C) [ 20.289490] dump_stack_lvl+0x8c/0xd0 [ 20.289686] print_report+0x118/0x608 [ 20.289780] kasan_report+0xdc/0x128 [ 20.289959] kasan_check_range+0x100/0x1a8 [ 20.290195] __kasan_check_write+0x20/0x30 [ 20.290263] kasan_atomics_helper+0xf20/0x4858 [ 20.290313] kasan_atomics+0x198/0x2e0 [ 20.290361] kunit_try_run_case+0x170/0x3f0 [ 20.290551] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.290748] kthread+0x328/0x630 [ 20.290834] ret_from_fork+0x10/0x20 [ 20.290896] [ 20.290918] Allocated by task 265: [ 20.290947] kasan_save_stack+0x3c/0x68 [ 20.291354] kasan_save_track+0x20/0x40 [ 20.291441] kasan_save_alloc_info+0x40/0x58 [ 20.291586] __kasan_kmalloc+0xd4/0xd8 [ 20.291919] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.292305] kasan_atomics+0xb8/0x2e0 [ 20.292387] kunit_try_run_case+0x170/0x3f0 [ 20.292486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.292568] kthread+0x328/0x630 [ 20.292778] ret_from_fork+0x10/0x20 [ 20.292866] [ 20.293361] The buggy address belongs to the object at fff00000c79f5980 [ 20.293361] which belongs to the cache kmalloc-64 of size 64 [ 20.293631] The buggy address is located 0 bytes to the right of [ 20.293631] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.294032] [ 20.294109] The buggy address belongs to the physical page: [ 20.294254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.294705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.294771] page_type: f5(slab) [ 20.294943] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.295240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.295425] page dumped because: kasan: bad access detected [ 20.295678] [ 20.295706] Memory state around the buggy address: [ 20.295748] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.296044] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.296510] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.296653] ^ [ 20.296715] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.296769] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.296812] ================================================================== [ 20.214784] ================================================================== [ 20.214926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.214982] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.215355] [ 20.215464] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.215604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.215645] Hardware name: linux,dummy-virt (DT) [ 20.215678] Call trace: [ 20.215796] show_stack+0x20/0x38 (C) [ 20.215869] dump_stack_lvl+0x8c/0xd0 [ 20.215920] print_report+0x118/0x608 [ 20.215977] kasan_report+0xdc/0x128 [ 20.216025] kasan_check_range+0x100/0x1a8 [ 20.216073] __kasan_check_write+0x20/0x30 [ 20.216120] kasan_atomics_helper+0xd3c/0x4858 [ 20.216179] kasan_atomics+0x198/0x2e0 [ 20.216245] kunit_try_run_case+0x170/0x3f0 [ 20.216302] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.216375] kthread+0x328/0x630 [ 20.216441] ret_from_fork+0x10/0x20 [ 20.217190] [ 20.217337] Allocated by task 265: [ 20.217968] kasan_save_stack+0x3c/0x68 [ 20.218035] kasan_save_track+0x20/0x40 [ 20.218405] kasan_save_alloc_info+0x40/0x58 [ 20.218735] __kasan_kmalloc+0xd4/0xd8 [ 20.218887] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.219220] kasan_atomics+0xb8/0x2e0 [ 20.219628] kunit_try_run_case+0x170/0x3f0 [ 20.219875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.220473] kthread+0x328/0x630 [ 20.220533] ret_from_fork+0x10/0x20 [ 20.220872] [ 20.221124] The buggy address belongs to the object at fff00000c79f5980 [ 20.221124] which belongs to the cache kmalloc-64 of size 64 [ 20.221266] The buggy address is located 0 bytes to the right of [ 20.221266] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.221636] [ 20.221722] The buggy address belongs to the physical page: [ 20.221890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.222189] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.222381] page_type: f5(slab) [ 20.222816] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.222901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.223148] page dumped because: kasan: bad access detected [ 20.223377] [ 20.223407] Memory state around the buggy address: [ 20.223583] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.223745] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.223983] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.224430] ^ [ 20.224515] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.224950] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.225103] ================================================================== [ 20.391414] ================================================================== [ 20.391737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 20.391805] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.391859] [ 20.391890] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.391974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.392002] Hardware name: linux,dummy-virt (DT) [ 20.392037] Call trace: [ 20.392059] show_stack+0x20/0x38 (C) [ 20.392108] dump_stack_lvl+0x8c/0xd0 [ 20.392156] print_report+0x118/0x608 [ 20.392883] kasan_report+0xdc/0x128 [ 20.392955] __asan_report_load8_noabort+0x20/0x30 [ 20.393008] kasan_atomics_helper+0x3f04/0x4858 [ 20.393069] kasan_atomics+0x198/0x2e0 [ 20.393189] kunit_try_run_case+0x170/0x3f0 [ 20.393271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.393329] kthread+0x328/0x630 [ 20.393797] ret_from_fork+0x10/0x20 [ 20.393994] [ 20.394071] Allocated by task 265: [ 20.394106] kasan_save_stack+0x3c/0x68 [ 20.394159] kasan_save_track+0x20/0x40 [ 20.394248] kasan_save_alloc_info+0x40/0x58 [ 20.394293] __kasan_kmalloc+0xd4/0xd8 [ 20.394359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.394562] kasan_atomics+0xb8/0x2e0 [ 20.394732] kunit_try_run_case+0x170/0x3f0 [ 20.394787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.394832] kthread+0x328/0x630 [ 20.394867] ret_from_fork+0x10/0x20 [ 20.395280] [ 20.395333] The buggy address belongs to the object at fff00000c79f5980 [ 20.395333] which belongs to the cache kmalloc-64 of size 64 [ 20.395774] The buggy address is located 0 bytes to the right of [ 20.395774] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.396338] [ 20.396373] The buggy address belongs to the physical page: [ 20.396518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.396675] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.396899] page_type: f5(slab) [ 20.397158] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.397589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.397858] page dumped because: kasan: bad access detected [ 20.398097] [ 20.398440] Memory state around the buggy address: [ 20.398514] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.398563] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.399002] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.399191] ^ [ 20.399433] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.399573] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.399614] ================================================================== [ 20.521940] ================================================================== [ 20.522520] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 20.522653] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.522711] [ 20.522742] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.522973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.523014] Hardware name: linux,dummy-virt (DT) [ 20.523477] Call trace: [ 20.523506] show_stack+0x20/0x38 (C) [ 20.523561] dump_stack_lvl+0x8c/0xd0 [ 20.523610] print_report+0x118/0x608 [ 20.523659] kasan_report+0xdc/0x128 [ 20.523957] kasan_check_range+0x100/0x1a8 [ 20.524078] __kasan_check_write+0x20/0x30 [ 20.524126] kasan_atomics_helper+0x17ec/0x4858 [ 20.524193] kasan_atomics+0x198/0x2e0 [ 20.524261] kunit_try_run_case+0x170/0x3f0 [ 20.524320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.524382] kthread+0x328/0x630 [ 20.524438] ret_from_fork+0x10/0x20 [ 20.524506] [ 20.524530] Allocated by task 265: [ 20.524560] kasan_save_stack+0x3c/0x68 [ 20.524613] kasan_save_track+0x20/0x40 [ 20.524661] kasan_save_alloc_info+0x40/0x58 [ 20.524714] __kasan_kmalloc+0xd4/0xd8 [ 20.524751] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.524794] kasan_atomics+0xb8/0x2e0 [ 20.524840] kunit_try_run_case+0x170/0x3f0 [ 20.524882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.524928] kthread+0x328/0x630 [ 20.524963] ret_from_fork+0x10/0x20 [ 20.525000] [ 20.525035] The buggy address belongs to the object at fff00000c79f5980 [ 20.525035] which belongs to the cache kmalloc-64 of size 64 [ 20.525106] The buggy address is located 0 bytes to the right of [ 20.525106] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.525175] [ 20.525196] The buggy address belongs to the physical page: [ 20.525239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.525306] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.525356] page_type: f5(slab) [ 20.525406] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.526379] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.526471] page dumped because: kasan: bad access detected [ 20.526521] [ 20.526543] Memory state around the buggy address: [ 20.527139] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.527339] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.527886] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.528211] ^ [ 20.528359] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.528498] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.528824] ================================================================== [ 20.248316] ================================================================== [ 20.248459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.248658] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.248718] [ 20.248831] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.248919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.248948] Hardware name: linux,dummy-virt (DT) [ 20.249017] Call trace: [ 20.249045] show_stack+0x20/0x38 (C) [ 20.249097] dump_stack_lvl+0x8c/0xd0 [ 20.249457] print_report+0x118/0x608 [ 20.249528] kasan_report+0xdc/0x128 [ 20.249577] __asan_report_load8_noabort+0x20/0x30 [ 20.249634] kasan_atomics_helper+0x3f58/0x4858 [ 20.249703] kasan_atomics+0x198/0x2e0 [ 20.249752] kunit_try_run_case+0x170/0x3f0 [ 20.249809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.249865] kthread+0x328/0x630 [ 20.249912] ret_from_fork+0x10/0x20 [ 20.249963] [ 20.249985] Allocated by task 265: [ 20.250020] kasan_save_stack+0x3c/0x68 [ 20.250063] kasan_save_track+0x20/0x40 [ 20.250103] kasan_save_alloc_info+0x40/0x58 [ 20.250154] __kasan_kmalloc+0xd4/0xd8 [ 20.250195] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.250237] kasan_atomics+0xb8/0x2e0 [ 20.250276] kunit_try_run_case+0x170/0x3f0 [ 20.250317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.250363] kthread+0x328/0x630 [ 20.250396] ret_from_fork+0x10/0x20 [ 20.250438] [ 20.250785] The buggy address belongs to the object at fff00000c79f5980 [ 20.250785] which belongs to the cache kmalloc-64 of size 64 [ 20.250854] The buggy address is located 0 bytes to the right of [ 20.250854] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.250973] [ 20.251156] The buggy address belongs to the physical page: [ 20.251774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.251877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.252287] page_type: f5(slab) [ 20.252612] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.253288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.253403] page dumped because: kasan: bad access detected [ 20.253673] [ 20.253818] Memory state around the buggy address: [ 20.253888] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.254476] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.254978] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.255319] ^ [ 20.255550] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.255699] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.255784] ================================================================== [ 20.269501] ================================================================== [ 20.269562] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 20.269618] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.269705] [ 20.269740] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.269824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.269852] Hardware name: linux,dummy-virt (DT) [ 20.269888] Call trace: [ 20.270488] show_stack+0x20/0x38 (C) [ 20.270651] dump_stack_lvl+0x8c/0xd0 [ 20.270711] print_report+0x118/0x608 [ 20.270925] kasan_report+0xdc/0x128 [ 20.270982] __asan_report_store8_noabort+0x20/0x30 [ 20.271151] kasan_atomics_helper+0x3e5c/0x4858 [ 20.271677] kasan_atomics+0x198/0x2e0 [ 20.271834] kunit_try_run_case+0x170/0x3f0 [ 20.271948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.272132] kthread+0x328/0x630 [ 20.272199] ret_from_fork+0x10/0x20 [ 20.272370] [ 20.272583] Allocated by task 265: [ 20.272630] kasan_save_stack+0x3c/0x68 [ 20.273034] kasan_save_track+0x20/0x40 [ 20.273108] kasan_save_alloc_info+0x40/0x58 [ 20.273154] __kasan_kmalloc+0xd4/0xd8 [ 20.273194] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.273237] kasan_atomics+0xb8/0x2e0 [ 20.273372] kunit_try_run_case+0x170/0x3f0 [ 20.273420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.273476] kthread+0x328/0x630 [ 20.273511] ret_from_fork+0x10/0x20 [ 20.273550] [ 20.273798] The buggy address belongs to the object at fff00000c79f5980 [ 20.273798] which belongs to the cache kmalloc-64 of size 64 [ 20.273883] The buggy address is located 0 bytes to the right of [ 20.273883] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.273955] [ 20.273978] The buggy address belongs to the physical page: [ 20.274020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.274105] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.274168] page_type: f5(slab) [ 20.274210] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.274265] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.274311] page dumped because: kasan: bad access detected [ 20.274354] [ 20.274379] Memory state around the buggy address: [ 20.274427] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.274945] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.274997] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.275040] ^ [ 20.275625] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.275945] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.276562] ================================================================== [ 20.450083] ================================================================== [ 20.450186] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 20.450492] Read of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.450728] [ 20.450803] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.450899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.450927] Hardware name: linux,dummy-virt (DT) [ 20.451011] Call trace: [ 20.451062] show_stack+0x20/0x38 (C) [ 20.451116] dump_stack_lvl+0x8c/0xd0 [ 20.451324] print_report+0x118/0x608 [ 20.451839] kasan_report+0xdc/0x128 [ 20.452029] __asan_report_load8_noabort+0x20/0x30 [ 20.452333] kasan_atomics_helper+0x3db0/0x4858 [ 20.452503] kasan_atomics+0x198/0x2e0 [ 20.452787] kunit_try_run_case+0x170/0x3f0 [ 20.453264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.453707] kthread+0x328/0x630 [ 20.453768] ret_from_fork+0x10/0x20 [ 20.453977] [ 20.454121] Allocated by task 265: [ 20.454291] kasan_save_stack+0x3c/0x68 [ 20.454595] kasan_save_track+0x20/0x40 [ 20.455347] kasan_save_alloc_info+0x40/0x58 [ 20.455751] __kasan_kmalloc+0xd4/0xd8 [ 20.455834] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.455877] kasan_atomics+0xb8/0x2e0 [ 20.455917] kunit_try_run_case+0x170/0x3f0 [ 20.455956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.456393] kthread+0x328/0x630 [ 20.456492] ret_from_fork+0x10/0x20 [ 20.456833] [ 20.456869] The buggy address belongs to the object at fff00000c79f5980 [ 20.456869] which belongs to the cache kmalloc-64 of size 64 [ 20.457333] The buggy address is located 0 bytes to the right of [ 20.457333] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.457960] [ 20.458292] The buggy address belongs to the physical page: [ 20.458436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.458838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.459227] page_type: f5(slab) [ 20.459503] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.459719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.459782] page dumped because: kasan: bad access detected [ 20.459818] [ 20.459838] Memory state around the buggy address: [ 20.459876] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.460405] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.460726] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.460942] ^ [ 20.461114] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.461355] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.461537] ================================================================== [ 20.277856] ================================================================== [ 20.277926] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.277980] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.278041] [ 20.278362] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.278552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.278597] Hardware name: linux,dummy-virt (DT) [ 20.278634] Call trace: [ 20.278676] show_stack+0x20/0x38 (C) [ 20.278730] dump_stack_lvl+0x8c/0xd0 [ 20.279161] print_report+0x118/0x608 [ 20.279293] kasan_report+0xdc/0x128 [ 20.279582] kasan_check_range+0x100/0x1a8 [ 20.279677] __kasan_check_write+0x20/0x30 [ 20.279725] kasan_atomics_helper+0xeb8/0x4858 [ 20.279774] kasan_atomics+0x198/0x2e0 [ 20.280307] kunit_try_run_case+0x170/0x3f0 [ 20.280594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.280710] kthread+0x328/0x630 [ 20.280818] ret_from_fork+0x10/0x20 [ 20.280927] [ 20.280947] Allocated by task 265: [ 20.281383] kasan_save_stack+0x3c/0x68 [ 20.281721] kasan_save_track+0x20/0x40 [ 20.281930] kasan_save_alloc_info+0x40/0x58 [ 20.282193] __kasan_kmalloc+0xd4/0xd8 [ 20.282238] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.282573] kasan_atomics+0xb8/0x2e0 [ 20.282907] kunit_try_run_case+0x170/0x3f0 [ 20.283093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.283149] kthread+0x328/0x630 [ 20.283186] ret_from_fork+0x10/0x20 [ 20.283225] [ 20.283249] The buggy address belongs to the object at fff00000c79f5980 [ 20.283249] which belongs to the cache kmalloc-64 of size 64 [ 20.283312] The buggy address is located 0 bytes to the right of [ 20.283312] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.283921] [ 20.284096] The buggy address belongs to the physical page: [ 20.284170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.284236] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.284297] page_type: f5(slab) [ 20.284528] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.285099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.285400] page dumped because: kasan: bad access detected [ 20.285558] [ 20.285767] Memory state around the buggy address: [ 20.285845] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.286015] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.286225] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.286410] ^ [ 20.286642] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.286871] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.287145] ================================================================== [ 20.131497] ================================================================== [ 20.131560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.131613] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.131666] [ 20.132248] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.132461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.132500] Hardware name: linux,dummy-virt (DT) [ 20.132681] Call trace: [ 20.132717] show_stack+0x20/0x38 (C) [ 20.132945] dump_stack_lvl+0x8c/0xd0 [ 20.133035] print_report+0x118/0x608 [ 20.133086] kasan_report+0xdc/0x128 [ 20.133411] kasan_check_range+0x100/0x1a8 [ 20.133500] __kasan_check_write+0x20/0x30 [ 20.133717] kasan_atomics_helper+0xa6c/0x4858 [ 20.133904] kasan_atomics+0x198/0x2e0 [ 20.134090] kunit_try_run_case+0x170/0x3f0 [ 20.134225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.134428] kthread+0x328/0x630 [ 20.134508] ret_from_fork+0x10/0x20 [ 20.134577] [ 20.134722] Allocated by task 265: [ 20.134765] kasan_save_stack+0x3c/0x68 [ 20.134999] kasan_save_track+0x20/0x40 [ 20.135077] kasan_save_alloc_info+0x40/0x58 [ 20.135122] __kasan_kmalloc+0xd4/0xd8 [ 20.135162] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.135204] kasan_atomics+0xb8/0x2e0 [ 20.135411] kunit_try_run_case+0x170/0x3f0 [ 20.135702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.135904] kthread+0x328/0x630 [ 20.136142] ret_from_fork+0x10/0x20 [ 20.136211] [ 20.136289] The buggy address belongs to the object at fff00000c79f5980 [ 20.136289] which belongs to the cache kmalloc-64 of size 64 [ 20.136394] The buggy address is located 0 bytes to the right of [ 20.136394] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.136683] [ 20.136779] The buggy address belongs to the physical page: [ 20.136817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.137238] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.137305] page_type: f5(slab) [ 20.137508] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.137763] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.138189] page dumped because: kasan: bad access detected [ 20.138342] [ 20.138574] Memory state around the buggy address: [ 20.138627] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.138830] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.138908] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.138988] ^ [ 20.139041] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.139089] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.139139] ================================================================== [ 20.140733] ================================================================== [ 20.140790] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 20.140841] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.140892] [ 20.140923] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.141008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.141081] Hardware name: linux,dummy-virt (DT) [ 20.141121] Call trace: [ 20.141165] show_stack+0x20/0x38 (C) [ 20.141218] dump_stack_lvl+0x8c/0xd0 [ 20.141267] print_report+0x118/0x608 [ 20.141315] kasan_report+0xdc/0x128 [ 20.141367] kasan_check_range+0x100/0x1a8 [ 20.141418] __kasan_check_write+0x20/0x30 [ 20.141476] kasan_atomics_helper+0xad4/0x4858 [ 20.141526] kasan_atomics+0x198/0x2e0 [ 20.141572] kunit_try_run_case+0x170/0x3f0 [ 20.141629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.141684] kthread+0x328/0x630 [ 20.141738] ret_from_fork+0x10/0x20 [ 20.141787] [ 20.141809] Allocated by task 265: [ 20.141849] kasan_save_stack+0x3c/0x68 [ 20.141900] kasan_save_track+0x20/0x40 [ 20.141941] kasan_save_alloc_info+0x40/0x58 [ 20.141983] __kasan_kmalloc+0xd4/0xd8 [ 20.142022] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.142064] kasan_atomics+0xb8/0x2e0 [ 20.142102] kunit_try_run_case+0x170/0x3f0 [ 20.142142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.142189] kthread+0x328/0x630 [ 20.142238] ret_from_fork+0x10/0x20 [ 20.142276] [ 20.142298] The buggy address belongs to the object at fff00000c79f5980 [ 20.142298] which belongs to the cache kmalloc-64 of size 64 [ 20.142362] The buggy address is located 0 bytes to the right of [ 20.142362] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.142436] [ 20.143364] The buggy address belongs to the physical page: [ 20.143606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.143778] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.144096] page_type: f5(slab) [ 20.144147] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.144293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.144417] page dumped because: kasan: bad access detected [ 20.144558] [ 20.144777] Memory state around the buggy address: [ 20.145042] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.145527] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.145772] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.145937] ^ [ 20.146180] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.146367] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.146412] ================================================================== [ 20.147245] ================================================================== [ 20.147320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 20.147374] Read of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.147428] [ 20.147470] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.147924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.148099] Hardware name: linux,dummy-virt (DT) [ 20.148165] Call trace: [ 20.148192] show_stack+0x20/0x38 (C) [ 20.148305] dump_stack_lvl+0x8c/0xd0 [ 20.148470] print_report+0x118/0x608 [ 20.148675] kasan_report+0xdc/0x128 [ 20.148737] __asan_report_load4_noabort+0x20/0x30 [ 20.148788] kasan_atomics_helper+0x3dcc/0x4858 [ 20.149009] kasan_atomics+0x198/0x2e0 [ 20.149219] kunit_try_run_case+0x170/0x3f0 [ 20.149513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.149584] kthread+0x328/0x630 [ 20.149636] ret_from_fork+0x10/0x20 [ 20.149819] [ 20.149991] Allocated by task 265: [ 20.150037] kasan_save_stack+0x3c/0x68 [ 20.150226] kasan_save_track+0x20/0x40 [ 20.150331] kasan_save_alloc_info+0x40/0x58 [ 20.150383] __kasan_kmalloc+0xd4/0xd8 [ 20.150430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.150797] kasan_atomics+0xb8/0x2e0 [ 20.150859] kunit_try_run_case+0x170/0x3f0 [ 20.150901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.151063] kthread+0x328/0x630 [ 20.151154] ret_from_fork+0x10/0x20 [ 20.151320] [ 20.151391] The buggy address belongs to the object at fff00000c79f5980 [ 20.151391] which belongs to the cache kmalloc-64 of size 64 [ 20.151633] The buggy address is located 0 bytes to the right of [ 20.151633] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.153687] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.154999] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.155733] ================================================================== [ 20.015344] ================================================================== [ 20.016915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858 [ 20.017642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.017759] Call trace: [ 20.018922] kasan_atomics_helper+0x54c/0x4858 [ 20.018974] kasan_atomics+0x198/0x2e0 [ 20.019826] ret_from_fork+0x10/0x20 [ 20.021576] kunit_try_run_case+0x170/0x3f0 [ 20.022153] The buggy address is located 0 bytes to the right of [ 20.022153] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.022361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.022442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.022783] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.022940] ^ [ 20.023610] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.026313] Write of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.026526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.027778] kasan_report+0xdc/0x128 [ 20.029279] kasan_atomics+0x198/0x2e0 [ 20.031901] kunit_try_run_case+0x170/0x3f0 [ 20.032919] The buggy address is located 0 bytes to the right of [ 20.032919] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.035030] Memory state around the buggy address: [ 20.035514] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.036128] ================================================================== [ 20.353216] ================================================================== [ 20.353458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.353898] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.353968] [ 20.354185] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.354477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.354520] Hardware name: linux,dummy-virt (DT) [ 20.354701] Call trace: [ 20.354759] show_stack+0x20/0x38 (C) [ 20.354972] dump_stack_lvl+0x8c/0xd0 [ 20.355422] print_report+0x118/0x608 [ 20.355490] kasan_report+0xdc/0x128 [ 20.355538] kasan_check_range+0x100/0x1a8 [ 20.356118] __kasan_check_write+0x20/0x30 [ 20.356315] kasan_atomics_helper+0x11f8/0x4858 [ 20.356517] kasan_atomics+0x198/0x2e0 [ 20.356638] kunit_try_run_case+0x170/0x3f0 [ 20.356757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.356842] kthread+0x328/0x630 [ 20.357180] ret_from_fork+0x10/0x20 [ 20.357413] [ 20.357672] Allocated by task 265: [ 20.357748] kasan_save_stack+0x3c/0x68 [ 20.357975] kasan_save_track+0x20/0x40 [ 20.358021] kasan_save_alloc_info+0x40/0x58 [ 20.358234] __kasan_kmalloc+0xd4/0xd8 [ 20.358503] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.358733] kasan_atomics+0xb8/0x2e0 [ 20.358891] kunit_try_run_case+0x170/0x3f0 [ 20.358938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.359457] kthread+0x328/0x630 [ 20.359664] ret_from_fork+0x10/0x20 [ 20.359757] [ 20.359781] The buggy address belongs to the object at fff00000c79f5980 [ 20.359781] which belongs to the cache kmalloc-64 of size 64 [ 20.360014] The buggy address is located 0 bytes to the right of [ 20.360014] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.360216] [ 20.360339] The buggy address belongs to the physical page: [ 20.360713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.360809] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.360992] page_type: f5(slab) [ 20.361579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.361996] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.362069] page dumped because: kasan: bad access detected [ 20.362106] [ 20.362126] Memory state around the buggy address: [ 20.362167] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.362785] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.363001] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.363053] ^ [ 20.363089] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.363136] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.363177] ================================================================== [ 20.372215] ================================================================== [ 20.372286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 20.372438] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.372508] [ 20.372569] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.372656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.373060] Hardware name: linux,dummy-virt (DT) [ 20.373246] Call trace: [ 20.373282] show_stack+0x20/0x38 (C) [ 20.373639] dump_stack_lvl+0x8c/0xd0 [ 20.373728] print_report+0x118/0x608 [ 20.374030] kasan_report+0xdc/0x128 [ 20.374313] kasan_check_range+0x100/0x1a8 [ 20.374454] __kasan_check_write+0x20/0x30 [ 20.374507] kasan_atomics_helper+0x12d8/0x4858 [ 20.374700] kasan_atomics+0x198/0x2e0 [ 20.374951] kunit_try_run_case+0x170/0x3f0 [ 20.375197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.375515] kthread+0x328/0x630 [ 20.375873] ret_from_fork+0x10/0x20 [ 20.376291] [ 20.376336] Allocated by task 265: [ 20.376473] kasan_save_stack+0x3c/0x68 [ 20.376628] kasan_save_track+0x20/0x40 [ 20.376744] kasan_save_alloc_info+0x40/0x58 [ 20.376786] __kasan_kmalloc+0xd4/0xd8 [ 20.376826] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.376985] kasan_atomics+0xb8/0x2e0 [ 20.377986] kunit_try_run_case+0x170/0x3f0 [ 20.378062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.378143] kthread+0x328/0x630 [ 20.378204] ret_from_fork+0x10/0x20 [ 20.378244] [ 20.378283] The buggy address belongs to the object at fff00000c79f5980 [ 20.378283] which belongs to the cache kmalloc-64 of size 64 [ 20.378579] The buggy address is located 0 bytes to the right of [ 20.378579] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.378848] [ 20.379192] The buggy address belongs to the physical page: [ 20.379873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.379953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.380331] page_type: f5(slab) [ 20.380684] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.380765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.380913] page dumped because: kasan: bad access detected [ 20.381019] [ 20.381048] Memory state around the buggy address: [ 20.381088] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.381275] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.381716] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.381912] ^ [ 20.381955] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.382243] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.382641] ================================================================== [ 20.419457] ================================================================== [ 20.419513] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 20.420093] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.420180] [ 20.420216] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.420440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.420546] Hardware name: linux,dummy-virt (DT) [ 20.420680] Call trace: [ 20.420766] show_stack+0x20/0x38 (C) [ 20.420821] dump_stack_lvl+0x8c/0xd0 [ 20.421047] print_report+0x118/0x608 [ 20.421279] kasan_report+0xdc/0x128 [ 20.421345] kasan_check_range+0x100/0x1a8 [ 20.421561] __kasan_check_write+0x20/0x30 [ 20.421827] kasan_atomics_helper+0x14e4/0x4858 [ 20.421899] kasan_atomics+0x198/0x2e0 [ 20.421945] kunit_try_run_case+0x170/0x3f0 [ 20.421995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.422048] kthread+0x328/0x630 [ 20.422588] ret_from_fork+0x10/0x20 [ 20.422817] [ 20.422845] Allocated by task 265: [ 20.422923] kasan_save_stack+0x3c/0x68 [ 20.423032] kasan_save_track+0x20/0x40 [ 20.423257] kasan_save_alloc_info+0x40/0x58 [ 20.423304] __kasan_kmalloc+0xd4/0xd8 [ 20.423534] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.424028] kasan_atomics+0xb8/0x2e0 [ 20.424239] kunit_try_run_case+0x170/0x3f0 [ 20.424383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.424569] kthread+0x328/0x630 [ 20.424609] ret_from_fork+0x10/0x20 [ 20.424957] [ 20.425316] The buggy address belongs to the object at fff00000c79f5980 [ 20.425316] which belongs to the cache kmalloc-64 of size 64 [ 20.425671] The buggy address is located 0 bytes to the right of [ 20.425671] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.426111] [ 20.426149] The buggy address belongs to the physical page: [ 20.426469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.426711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.426943] page_type: f5(slab) [ 20.427100] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.427399] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.427657] page dumped because: kasan: bad access detected [ 20.427917] [ 20.427967] Memory state around the buggy address: [ 20.428028] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.428324] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.428803] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.429021] ^ [ 20.429198] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.429290] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.429798] ================================================================== [ 20.226930] ================================================================== [ 20.226992] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.227046] Read of size 4 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.227101] [ 20.227138] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.227221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.227285] Hardware name: linux,dummy-virt (DT) [ 20.227324] Call trace: [ 20.227347] show_stack+0x20/0x38 (C) [ 20.227398] dump_stack_lvl+0x8c/0xd0 [ 20.227462] print_report+0x118/0x608 [ 20.227511] kasan_report+0xdc/0x128 [ 20.227557] __asan_report_load4_noabort+0x20/0x30 [ 20.227617] kasan_atomics_helper+0x3e04/0x4858 [ 20.227679] kasan_atomics+0x198/0x2e0 [ 20.227735] kunit_try_run_case+0x170/0x3f0 [ 20.227786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.227840] kthread+0x328/0x630 [ 20.227886] ret_from_fork+0x10/0x20 [ 20.227943] [ 20.227969] Allocated by task 265: [ 20.227999] kasan_save_stack+0x3c/0x68 [ 20.228042] kasan_save_track+0x20/0x40 [ 20.228081] kasan_save_alloc_info+0x40/0x58 [ 20.228123] __kasan_kmalloc+0xd4/0xd8 [ 20.228161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.228212] kasan_atomics+0xb8/0x2e0 [ 20.228256] kunit_try_run_case+0x170/0x3f0 [ 20.228296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.228341] kthread+0x328/0x630 [ 20.228384] ret_from_fork+0x10/0x20 [ 20.228421] [ 20.228802] The buggy address belongs to the object at fff00000c79f5980 [ 20.228802] which belongs to the cache kmalloc-64 of size 64 [ 20.229229] The buggy address is located 0 bytes to the right of [ 20.229229] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.229338] [ 20.229360] The buggy address belongs to the physical page: [ 20.229395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.229467] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.229519] page_type: f5(slab) [ 20.229944] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.230570] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.230866] page dumped because: kasan: bad access detected [ 20.230924] [ 20.231157] Memory state around the buggy address: [ 20.231226] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.231276] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.231747] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.232062] ^ [ 20.232422] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.232550] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.232617] ================================================================== [ 20.383726] ================================================================== [ 20.383829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 20.384021] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.384138] [ 20.384181] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.384266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.384296] Hardware name: linux,dummy-virt (DT) [ 20.384749] Call trace: [ 20.384810] show_stack+0x20/0x38 (C) [ 20.384912] dump_stack_lvl+0x8c/0xd0 [ 20.384966] print_report+0x118/0x608 [ 20.385028] kasan_report+0xdc/0x128 [ 20.385269] kasan_check_range+0x100/0x1a8 [ 20.385620] __kasan_check_write+0x20/0x30 [ 20.385980] kasan_atomics_helper+0x1384/0x4858 [ 20.386065] kasan_atomics+0x198/0x2e0 [ 20.386263] kunit_try_run_case+0x170/0x3f0 [ 20.386374] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.386612] kthread+0x328/0x630 [ 20.386693] ret_from_fork+0x10/0x20 [ 20.386747] [ 20.386806] Allocated by task 265: [ 20.387111] kasan_save_stack+0x3c/0x68 [ 20.387379] kasan_save_track+0x20/0x40 [ 20.387540] kasan_save_alloc_info+0x40/0x58 [ 20.387642] __kasan_kmalloc+0xd4/0xd8 [ 20.387686] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.387727] kasan_atomics+0xb8/0x2e0 [ 20.387879] kunit_try_run_case+0x170/0x3f0 [ 20.388151] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.388383] kthread+0x328/0x630 [ 20.388699] ret_from_fork+0x10/0x20 [ 20.388922] [ 20.389242] The buggy address belongs to the object at fff00000c79f5980 [ 20.389242] which belongs to the cache kmalloc-64 of size 64 [ 20.389469] The buggy address is located 0 bytes to the right of [ 20.389469] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.389567] [ 20.389600] The buggy address belongs to the physical page: [ 20.389643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.389722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.389777] page_type: f5(slab) [ 20.389819] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.389873] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.389918] page dumped because: kasan: bad access detected [ 20.389967] [ 20.389987] Memory state around the buggy address: [ 20.390023] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.390080] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.390141] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.390183] ^ [ 20.390217] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.390263] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.390313] ================================================================== [ 20.464056] ================================================================== [ 20.464364] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 20.464561] Write of size 8 at addr fff00000c79f59b0 by task kunit_try_catch/265 [ 20.464631] [ 20.464665] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.464811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.464909] Hardware name: linux,dummy-virt (DT) [ 20.464946] Call trace: [ 20.465315] show_stack+0x20/0x38 (C) [ 20.465396] dump_stack_lvl+0x8c/0xd0 [ 20.465468] print_report+0x118/0x608 [ 20.465689] kasan_report+0xdc/0x128 [ 20.466032] kasan_check_range+0x100/0x1a8 [ 20.466111] __kasan_check_write+0x20/0x30 [ 20.466157] kasan_atomics_helper+0x1644/0x4858 [ 20.466207] kasan_atomics+0x198/0x2e0 [ 20.466648] kunit_try_run_case+0x170/0x3f0 [ 20.466893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.467197] kthread+0x328/0x630 [ 20.467483] ret_from_fork+0x10/0x20 [ 20.467825] [ 20.468019] Allocated by task 265: [ 20.468056] kasan_save_stack+0x3c/0x68 [ 20.468103] kasan_save_track+0x20/0x40 [ 20.468143] kasan_save_alloc_info+0x40/0x58 [ 20.468536] __kasan_kmalloc+0xd4/0xd8 [ 20.468727] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.469039] kasan_atomics+0xb8/0x2e0 [ 20.469114] kunit_try_run_case+0x170/0x3f0 [ 20.469345] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.469397] kthread+0x328/0x630 [ 20.469644] ret_from_fork+0x10/0x20 [ 20.469817] [ 20.469869] The buggy address belongs to the object at fff00000c79f5980 [ 20.469869] which belongs to the cache kmalloc-64 of size 64 [ 20.470286] The buggy address is located 0 bytes to the right of [ 20.470286] allocated 48-byte region [fff00000c79f5980, fff00000c79f59b0) [ 20.470547] [ 20.470824] The buggy address belongs to the physical page: [ 20.470920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f5 [ 20.471110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.471168] page_type: f5(slab) [ 20.471209] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.471265] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.471311] page dumped because: kasan: bad access detected [ 20.471346] [ 20.471366] Memory state around the buggy address: [ 20.471403] fff00000c79f5880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.471713] fff00000c79f5900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.472064] >fff00000c79f5980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.472141] ^ [ 20.472353] fff00000c79f5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.472471] fff00000c79f5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.472575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.745225] ================================================================== [ 19.745355] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.745422] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.745510] [ 19.745550] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.745635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.745665] Hardware name: linux,dummy-virt (DT) [ 19.745703] Call trace: [ 19.745729] show_stack+0x20/0x38 (C) [ 19.745782] dump_stack_lvl+0x8c/0xd0 [ 19.745834] print_report+0x118/0x608 [ 19.745894] kasan_report+0xdc/0x128 [ 19.745943] kasan_check_range+0x100/0x1a8 [ 19.745993] __kasan_check_write+0x20/0x30 [ 19.746040] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.746094] kasan_bitops_generic+0x110/0x1c8 [ 19.746153] kunit_try_run_case+0x170/0x3f0 [ 19.746213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.746269] kthread+0x328/0x630 [ 19.746314] ret_from_fork+0x10/0x20 [ 19.746364] [ 19.746385] Allocated by task 261: [ 19.746427] kasan_save_stack+0x3c/0x68 [ 19.746832] kasan_save_track+0x20/0x40 [ 19.747340] kasan_save_alloc_info+0x40/0x58 [ 19.747524] __kasan_kmalloc+0xd4/0xd8 [ 19.747569] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.747613] kasan_bitops_generic+0xa0/0x1c8 [ 19.747791] kunit_try_run_case+0x170/0x3f0 [ 19.748199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.748284] kthread+0x328/0x630 [ 19.748492] ret_from_fork+0x10/0x20 [ 19.748550] [ 19.748984] The buggy address belongs to the object at fff00000c3f30b20 [ 19.748984] which belongs to the cache kmalloc-16 of size 16 [ 19.749063] The buggy address is located 8 bytes inside of [ 19.749063] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.749267] [ 19.749294] The buggy address belongs to the physical page: [ 19.749351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.749566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.749787] page_type: f5(slab) [ 19.749887] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.750081] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.750129] page dumped because: kasan: bad access detected [ 19.750519] [ 19.750560] Memory state around the buggy address: [ 19.750772] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.750905] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.751133] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.751182] ^ [ 19.751218] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751512] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751671] ================================================================== [ 19.753257] ================================================================== [ 19.753367] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.753703] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.753791] [ 19.753993] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.754223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.754346] Hardware name: linux,dummy-virt (DT) [ 19.754419] Call trace: [ 19.754459] show_stack+0x20/0x38 (C) [ 19.754836] dump_stack_lvl+0x8c/0xd0 [ 19.754914] print_report+0x118/0x608 [ 19.754964] kasan_report+0xdc/0x128 [ 19.755412] __asan_report_load8_noabort+0x20/0x30 [ 19.755997] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.756175] kasan_bitops_generic+0x110/0x1c8 [ 19.756293] kunit_try_run_case+0x170/0x3f0 [ 19.756406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756889] kthread+0x328/0x630 [ 19.757131] ret_from_fork+0x10/0x20 [ 19.757386] [ 19.757490] Allocated by task 261: [ 19.757607] kasan_save_stack+0x3c/0x68 [ 19.757724] kasan_save_track+0x20/0x40 [ 19.757921] kasan_save_alloc_info+0x40/0x58 [ 19.758170] __kasan_kmalloc+0xd4/0xd8 [ 19.758393] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.758783] kasan_bitops_generic+0xa0/0x1c8 [ 19.759061] kunit_try_run_case+0x170/0x3f0 [ 19.759215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.759270] kthread+0x328/0x630 [ 19.759687] ret_from_fork+0x10/0x20 [ 19.759761] [ 19.759787] The buggy address belongs to the object at fff00000c3f30b20 [ 19.759787] which belongs to the cache kmalloc-16 of size 16 [ 19.759859] The buggy address is located 8 bytes inside of [ 19.759859] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.759954] [ 19.759976] The buggy address belongs to the physical page: [ 19.760020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.760093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.760159] page_type: f5(slab) [ 19.760200] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.760256] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.760301] page dumped because: kasan: bad access detected [ 19.760337] [ 19.760363] Memory state around the buggy address: [ 19.760414] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.760475] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.760529] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.760571] ^ [ 19.760621] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760667] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760709] ================================================================== [ 19.772629] ================================================================== [ 19.772686] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.772742] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.772795] [ 19.772827] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.772927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.772961] Hardware name: linux,dummy-virt (DT) [ 19.772995] Call trace: [ 19.773018] show_stack+0x20/0x38 (C) [ 19.773069] dump_stack_lvl+0x8c/0xd0 [ 19.773119] print_report+0x118/0x608 [ 19.773169] kasan_report+0xdc/0x128 [ 19.773217] __asan_report_load8_noabort+0x20/0x30 [ 19.773268] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.773322] kasan_bitops_generic+0x110/0x1c8 [ 19.773371] kunit_try_run_case+0x170/0x3f0 [ 19.773421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.775225] kthread+0x328/0x630 [ 19.775389] ret_from_fork+0x10/0x20 [ 19.775462] [ 19.775516] Allocated by task 261: [ 19.775551] kasan_save_stack+0x3c/0x68 [ 19.775597] kasan_save_track+0x20/0x40 [ 19.775894] kasan_save_alloc_info+0x40/0x58 [ 19.776151] __kasan_kmalloc+0xd4/0xd8 [ 19.776482] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.776620] kasan_bitops_generic+0xa0/0x1c8 [ 19.776697] kunit_try_run_case+0x170/0x3f0 [ 19.776740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.776978] kthread+0x328/0x630 [ 19.777053] ret_from_fork+0x10/0x20 [ 19.777247] [ 19.777364] The buggy address belongs to the object at fff00000c3f30b20 [ 19.777364] which belongs to the cache kmalloc-16 of size 16 [ 19.777543] The buggy address is located 8 bytes inside of [ 19.777543] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.777690] [ 19.778031] The buggy address belongs to the physical page: [ 19.778143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.778213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.778272] page_type: f5(slab) [ 19.778311] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.778397] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.778457] page dumped because: kasan: bad access detected [ 19.778793] [ 19.778815] Memory state around the buggy address: [ 19.778987] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.779119] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.779332] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.779419] ^ [ 19.779526] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.779711] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.781408] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.782099] dump_stack_lvl+0x8c/0xd0 [ 19.782492] __kasan_check_write+0x20/0x30 [ 19.782705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.783342] __kasan_kmalloc+0xd4/0xd8 [ 19.784136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.785374] The buggy address is located 8 bytes inside of [ 19.785374] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.786380] Memory state around the buggy address: [ 19.786413] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.786563] ^ [ 19.786652] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.788248] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.789440] Hardware name: linux,dummy-virt (DT) [ 19.790084] kasan_report+0xdc/0x128 [ 19.790831] kunit_try_run_case+0x170/0x3f0 [ 19.791994] __kasan_kmalloc+0xd4/0xd8 [ 19.792042] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.792711] kthread+0x328/0x630 [ 19.793717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.793962] [ 19.793991] Memory state around the buggy address: [ 19.794036] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.794214] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795947] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.797122] print_report+0x118/0x608 [ 19.797476] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.797646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.798628] kunit_try_run_case+0x170/0x3f0 [ 19.799367] [ 19.799649] [ 19.800255] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.801020] [ 19.801206] Memory state around the buggy address: [ 19.801329] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.801740] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.802663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 19.803283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.803568] Call trace: [ 19.803990] dump_stack_lvl+0x8c/0xd0 [ 19.804639] __kasan_check_write+0x20/0x30 [ 19.805123] kunit_try_run_case+0x170/0x3f0 [ 19.806072] kasan_save_track+0x20/0x40 [ 19.807022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.807351] [ 19.807419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.807732] [ 19.807753] Memory state around the buggy address: [ 19.807807] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.807865] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.808105] ================================================================== [ 19.762719] ================================================================== [ 19.762797] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.762850] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.762902] [ 19.763156] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.763295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.763560] Hardware name: linux,dummy-virt (DT) [ 19.763613] Call trace: [ 19.763658] show_stack+0x20/0x38 (C) [ 19.763873] dump_stack_lvl+0x8c/0xd0 [ 19.764215] print_report+0x118/0x608 [ 19.764327] kasan_report+0xdc/0x128 [ 19.764520] kasan_check_range+0x100/0x1a8 [ 19.764636] __kasan_check_write+0x20/0x30 [ 19.764872] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.765140] kasan_bitops_generic+0x110/0x1c8 [ 19.765221] kunit_try_run_case+0x170/0x3f0 [ 19.765439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.765756] kthread+0x328/0x630 [ 19.766141] ret_from_fork+0x10/0x20 [ 19.766627] [ 19.766669] Allocated by task 261: [ 19.766870] kasan_save_stack+0x3c/0x68 [ 19.766923] kasan_save_track+0x20/0x40 [ 19.767317] kasan_save_alloc_info+0x40/0x58 [ 19.767384] __kasan_kmalloc+0xd4/0xd8 [ 19.767805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.767967] kasan_bitops_generic+0xa0/0x1c8 [ 19.768163] kunit_try_run_case+0x170/0x3f0 [ 19.768610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.768805] kthread+0x328/0x630 [ 19.769050] ret_from_fork+0x10/0x20 [ 19.769574] [ 19.769768] The buggy address belongs to the object at fff00000c3f30b20 [ 19.769768] which belongs to the cache kmalloc-16 of size 16 [ 19.770062] The buggy address is located 8 bytes inside of [ 19.770062] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.770435] [ 19.770571] The buggy address belongs to the physical page: [ 19.770613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.770820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.771023] page_type: f5(slab) [ 19.771094] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.771762] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.771816] page dumped because: kasan: bad access detected [ 19.771852] [ 19.771874] Memory state around the buggy address: [ 19.771913] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.771961] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.772008] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.772049] ^ [ 19.772085] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772130] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772171] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.721123] ================================================================== [ 19.721329] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.721518] Read of size 1 at addr fff00000c79f3950 by task kunit_try_catch/259 [ 19.721578] [ 19.721612] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.722057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.722181] Hardware name: linux,dummy-virt (DT) [ 19.722375] Call trace: [ 19.722411] show_stack+0x20/0x38 (C) [ 19.722482] dump_stack_lvl+0x8c/0xd0 [ 19.722696] print_report+0x118/0x608 [ 19.722889] kasan_report+0xdc/0x128 [ 19.723013] __asan_report_load1_noabort+0x20/0x30 [ 19.723071] strnlen+0x80/0x88 [ 19.723294] kasan_strings+0x478/0xb00 [ 19.723347] kunit_try_run_case+0x170/0x3f0 [ 19.723404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.723608] kthread+0x328/0x630 [ 19.723816] ret_from_fork+0x10/0x20 [ 19.724159] [ 19.724295] Allocated by task 259: [ 19.724352] kasan_save_stack+0x3c/0x68 [ 19.724581] kasan_save_track+0x20/0x40 [ 19.725051] kasan_save_alloc_info+0x40/0x58 [ 19.725125] __kasan_kmalloc+0xd4/0xd8 [ 19.725181] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.725225] kasan_strings+0xc8/0xb00 [ 19.725305] kunit_try_run_case+0x170/0x3f0 [ 19.725368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.725417] kthread+0x328/0x630 [ 19.725463] ret_from_fork+0x10/0x20 [ 19.725512] [ 19.725541] Freed by task 259: [ 19.725592] kasan_save_stack+0x3c/0x68 [ 19.725642] kasan_save_track+0x20/0x40 [ 19.725690] kasan_save_free_info+0x4c/0x78 [ 19.725733] __kasan_slab_free+0x6c/0x98 [ 19.725774] kfree+0x214/0x3c8 [ 19.725810] kasan_strings+0x24c/0xb00 [ 19.725848] kunit_try_run_case+0x170/0x3f0 [ 19.725897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.725953] kthread+0x328/0x630 [ 19.725996] ret_from_fork+0x10/0x20 [ 19.726046] [ 19.726077] The buggy address belongs to the object at fff00000c79f3940 [ 19.726077] which belongs to the cache kmalloc-32 of size 32 [ 19.726160] The buggy address is located 16 bytes inside of [ 19.726160] freed 32-byte region [fff00000c79f3940, fff00000c79f3960) [ 19.726225] [ 19.726253] The buggy address belongs to the physical page: [ 19.726303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f3 [ 19.726375] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.726440] page_type: f5(slab) [ 19.726488] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.726541] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.726594] page dumped because: kasan: bad access detected [ 19.726639] [ 19.726660] Memory state around the buggy address: [ 19.726701] fff00000c79f3800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.726762] fff00000c79f3880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.726814] >fff00000c79f3900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.726867] ^ [ 19.726907] fff00000c79f3980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.726953] fff00000c79f3a00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.727296] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.705981] ================================================================== [ 19.706036] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.706085] Read of size 1 at addr fff00000c79f3950 by task kunit_try_catch/259 [ 19.706137] [ 19.706168] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.706261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.706304] Hardware name: linux,dummy-virt (DT) [ 19.706337] Call trace: [ 19.706371] show_stack+0x20/0x38 (C) [ 19.706425] dump_stack_lvl+0x8c/0xd0 [ 19.706880] print_report+0x118/0x608 [ 19.707347] kasan_report+0xdc/0x128 [ 19.707441] __asan_report_load1_noabort+0x20/0x30 [ 19.707529] strlen+0xa8/0xb0 [ 19.707786] kasan_strings+0x418/0xb00 [ 19.708062] kunit_try_run_case+0x170/0x3f0 [ 19.708300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.708693] kthread+0x328/0x630 [ 19.709063] ret_from_fork+0x10/0x20 [ 19.709526] [ 19.709591] Allocated by task 259: [ 19.709651] kasan_save_stack+0x3c/0x68 [ 19.709856] kasan_save_track+0x20/0x40 [ 19.710151] kasan_save_alloc_info+0x40/0x58 [ 19.710477] __kasan_kmalloc+0xd4/0xd8 [ 19.711244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.711502] kasan_strings+0xc8/0xb00 [ 19.711803] kunit_try_run_case+0x170/0x3f0 [ 19.712155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.712724] kthread+0x328/0x630 [ 19.712770] ret_from_fork+0x10/0x20 [ 19.712996] [ 19.713093] Freed by task 259: [ 19.713745] kasan_save_stack+0x3c/0x68 [ 19.714176] kasan_save_track+0x20/0x40 [ 19.714428] kasan_save_free_info+0x4c/0x78 [ 19.714508] __kasan_slab_free+0x6c/0x98 [ 19.714680] kfree+0x214/0x3c8 [ 19.714815] kasan_strings+0x24c/0xb00 [ 19.715093] kunit_try_run_case+0x170/0x3f0 [ 19.715150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.715197] kthread+0x328/0x630 [ 19.715238] ret_from_fork+0x10/0x20 [ 19.715487] [ 19.715624] The buggy address belongs to the object at fff00000c79f3940 [ 19.715624] which belongs to the cache kmalloc-32 of size 32 [ 19.716021] The buggy address is located 16 bytes inside of [ 19.716021] freed 32-byte region [fff00000c79f3940, fff00000c79f3960) [ 19.716302] [ 19.716431] The buggy address belongs to the physical page: [ 19.716797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f3 [ 19.717014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.717123] page_type: f5(slab) [ 19.717167] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.717438] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.717610] page dumped because: kasan: bad access detected [ 19.717712] [ 19.718180] Memory state around the buggy address: [ 19.718422] fff00000c79f3800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.718511] fff00000c79f3880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.718648] >fff00000c79f3900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.718759] ^ [ 19.718861] fff00000c79f3980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.719020] fff00000c79f3a00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.719086] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.696516] ================================================================== [ 19.696734] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.696833] Read of size 1 at addr fff00000c79f3950 by task kunit_try_catch/259 [ 19.696932] [ 19.696979] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.697069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.697099] Hardware name: linux,dummy-virt (DT) [ 19.697197] Call trace: [ 19.697223] show_stack+0x20/0x38 (C) [ 19.697273] dump_stack_lvl+0x8c/0xd0 [ 19.697363] print_report+0x118/0x608 [ 19.697412] kasan_report+0xdc/0x128 [ 19.697510] __asan_report_load1_noabort+0x20/0x30 [ 19.697917] kasan_strings+0x95c/0xb00 [ 19.697984] kunit_try_run_case+0x170/0x3f0 [ 19.698342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.698583] kthread+0x328/0x630 [ 19.698697] ret_from_fork+0x10/0x20 [ 19.698766] [ 19.698787] Allocated by task 259: [ 19.698821] kasan_save_stack+0x3c/0x68 [ 19.698864] kasan_save_track+0x20/0x40 [ 19.699339] kasan_save_alloc_info+0x40/0x58 [ 19.699726] __kasan_kmalloc+0xd4/0xd8 [ 19.699947] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.700574] kasan_strings+0xc8/0xb00 [ 19.700916] kunit_try_run_case+0x170/0x3f0 [ 19.701158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701493] kthread+0x328/0x630 [ 19.701676] ret_from_fork+0x10/0x20 [ 19.701917] [ 19.701998] Freed by task 259: [ 19.702075] kasan_save_stack+0x3c/0x68 [ 19.702469] kasan_save_track+0x20/0x40 [ 19.702635] kasan_save_free_info+0x4c/0x78 [ 19.702913] __kasan_slab_free+0x6c/0x98 [ 19.702982] kfree+0x214/0x3c8 [ 19.703153] kasan_strings+0x24c/0xb00 [ 19.703238] kunit_try_run_case+0x170/0x3f0 [ 19.703281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703337] kthread+0x328/0x630 [ 19.703374] ret_from_fork+0x10/0x20 [ 19.703932] [ 19.704072] The buggy address belongs to the object at fff00000c79f3940 [ 19.704072] which belongs to the cache kmalloc-32 of size 32 [ 19.704576] The buggy address is located 16 bytes inside of [ 19.704576] freed 32-byte region [fff00000c79f3940, fff00000c79f3960) [ 19.704655] [ 19.704746] The buggy address belongs to the physical page: [ 19.704808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f3 [ 19.704879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.704932] page_type: f5(slab) [ 19.704981] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.705035] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.705082] page dumped because: kasan: bad access detected [ 19.705125] [ 19.705155] Memory state around the buggy address: [ 19.705202] fff00000c79f3800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.705248] fff00000c79f3880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.705306] >fff00000c79f3900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.705369] ^ [ 19.705410] fff00000c79f3980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.705469] fff00000c79f3a00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.705510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.688609] ================================================================== [ 19.688710] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.688792] Read of size 1 at addr fff00000c79f3950 by task kunit_try_catch/259 [ 19.688846] [ 19.688881] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.689060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.689205] Hardware name: linux,dummy-virt (DT) [ 19.689311] Call trace: [ 19.689458] show_stack+0x20/0x38 (C) [ 19.689523] dump_stack_lvl+0x8c/0xd0 [ 19.689572] print_report+0x118/0x608 [ 19.689663] kasan_report+0xdc/0x128 [ 19.689785] __asan_report_load1_noabort+0x20/0x30 [ 19.689841] strcmp+0xc0/0xc8 [ 19.689894] kasan_strings+0x340/0xb00 [ 19.690008] kunit_try_run_case+0x170/0x3f0 [ 19.690059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.690112] kthread+0x328/0x630 [ 19.690339] ret_from_fork+0x10/0x20 [ 19.690496] [ 19.690559] Allocated by task 259: [ 19.690648] kasan_save_stack+0x3c/0x68 [ 19.690703] kasan_save_track+0x20/0x40 [ 19.690816] kasan_save_alloc_info+0x40/0x58 [ 19.690859] __kasan_kmalloc+0xd4/0xd8 [ 19.690941] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.691036] kasan_strings+0xc8/0xb00 [ 19.691169] kunit_try_run_case+0x170/0x3f0 [ 19.691288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.691477] kthread+0x328/0x630 [ 19.691513] ret_from_fork+0x10/0x20 [ 19.691550] [ 19.691572] Freed by task 259: [ 19.691599] kasan_save_stack+0x3c/0x68 [ 19.691641] kasan_save_track+0x20/0x40 [ 19.691953] kasan_save_free_info+0x4c/0x78 [ 19.692186] __kasan_slab_free+0x6c/0x98 [ 19.692283] kfree+0x214/0x3c8 [ 19.692366] kasan_strings+0x24c/0xb00 [ 19.692594] kunit_try_run_case+0x170/0x3f0 [ 19.692737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.692841] kthread+0x328/0x630 [ 19.692875] ret_from_fork+0x10/0x20 [ 19.693254] [ 19.693351] The buggy address belongs to the object at fff00000c79f3940 [ 19.693351] which belongs to the cache kmalloc-32 of size 32 [ 19.693481] The buggy address is located 16 bytes inside of [ 19.693481] freed 32-byte region [fff00000c79f3940, fff00000c79f3960) [ 19.693963] [ 19.694062] The buggy address belongs to the physical page: [ 19.694217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f3 [ 19.694335] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.694483] page_type: f5(slab) [ 19.694576] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.694640] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.694704] page dumped because: kasan: bad access detected [ 19.694973] [ 19.695057] Memory state around the buggy address: [ 19.695161] fff00000c79f3800: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.695256] fff00000c79f3880: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.695310] >fff00000c79f3900: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.695456] ^ [ 19.695532] fff00000c79f3980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.695651] fff00000c79f3a00: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.695777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.677510] ================================================================== [ 19.677586] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.677647] Read of size 1 at addr fff00000c79f3798 by task kunit_try_catch/257 [ 19.677699] [ 19.677741] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.677826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.677857] Hardware name: linux,dummy-virt (DT) [ 19.677902] Call trace: [ 19.677936] show_stack+0x20/0x38 (C) [ 19.677990] dump_stack_lvl+0x8c/0xd0 [ 19.678039] print_report+0x118/0x608 [ 19.678087] kasan_report+0xdc/0x128 [ 19.678135] __asan_report_load1_noabort+0x20/0x30 [ 19.678189] memcmp+0x198/0x1d8 [ 19.678231] kasan_memcmp+0x16c/0x300 [ 19.678276] kunit_try_run_case+0x170/0x3f0 [ 19.678328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.678384] kthread+0x328/0x630 [ 19.678434] ret_from_fork+0x10/0x20 [ 19.678793] [ 19.678868] Allocated by task 257: [ 19.678902] kasan_save_stack+0x3c/0x68 [ 19.679104] kasan_save_track+0x20/0x40 [ 19.679159] kasan_save_alloc_info+0x40/0x58 [ 19.679202] __kasan_kmalloc+0xd4/0xd8 [ 19.679241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.679284] kasan_memcmp+0xbc/0x300 [ 19.679321] kunit_try_run_case+0x170/0x3f0 [ 19.679359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.679406] kthread+0x328/0x630 [ 19.679438] ret_from_fork+0x10/0x20 [ 19.679486] [ 19.679509] The buggy address belongs to the object at fff00000c79f3780 [ 19.679509] which belongs to the cache kmalloc-32 of size 32 [ 19.679571] The buggy address is located 0 bytes to the right of [ 19.679571] allocated 24-byte region [fff00000c79f3780, fff00000c79f3798) [ 19.679640] [ 19.679663] The buggy address belongs to the physical page: [ 19.679695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f3 [ 19.679753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.679805] page_type: f5(slab) [ 19.679844] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.679899] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.679943] page dumped because: kasan: bad access detected [ 19.679978] [ 19.679997] Memory state around the buggy address: [ 19.680034] fff00000c79f3680: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.680089] fff00000c79f3700: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.680135] >fff00000c79f3780: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680180] ^ [ 19.680212] fff00000c79f3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680258] fff00000c79f3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680301] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.657139] ================================================================== [ 19.657206] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.657262] Read of size 1 at addr ffff800080a77b4a by task kunit_try_catch/253 [ 19.657605] [ 19.657637] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.657757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.657929] Hardware name: linux,dummy-virt (DT) [ 19.657964] Call trace: [ 19.657990] show_stack+0x20/0x38 (C) [ 19.658141] dump_stack_lvl+0x8c/0xd0 [ 19.658194] print_report+0x310/0x608 [ 19.658240] kasan_report+0xdc/0x128 [ 19.658288] __asan_report_load1_noabort+0x20/0x30 [ 19.658561] kasan_alloca_oob_right+0x2dc/0x340 [ 19.658614] kunit_try_run_case+0x170/0x3f0 [ 19.658665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658720] kthread+0x328/0x630 [ 19.658764] ret_from_fork+0x10/0x20 [ 19.658827] [ 19.658850] The buggy address belongs to stack of task kunit_try_catch/253 [ 19.658979] [ 19.659035] The buggy address belongs to the virtual mapping at [ 19.659035] [ffff800080a70000, ffff800080a79000) created by: [ 19.659035] kernel_clone+0x150/0x7a8 [ 19.659426] [ 19.659457] The buggy address belongs to the physical page: [ 19.659693] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799f [ 19.659940] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.660219] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.660277] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.660526] page dumped because: kasan: bad access detected [ 19.660669] [ 19.660865] Memory state around the buggy address: [ 19.661010] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.661095] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.661257] >ffff800080a77b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.661318] ^ [ 19.661514] ffff800080a77b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.661677] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.661853] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.646030] ================================================================== [ 19.646114] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.646173] Read of size 1 at addr ffff800080a77b5f by task kunit_try_catch/251 [ 19.646227] [ 19.646260] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.646345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.646383] Hardware name: linux,dummy-virt (DT) [ 19.646771] Call trace: [ 19.646797] show_stack+0x20/0x38 (C) [ 19.647866] dump_stack_lvl+0x8c/0xd0 [ 19.648012] print_report+0x310/0x608 [ 19.648079] kasan_report+0xdc/0x128 [ 19.648159] __asan_report_load1_noabort+0x20/0x30 [ 19.648214] kasan_alloca_oob_left+0x2b8/0x310 [ 19.648265] kunit_try_run_case+0x170/0x3f0 [ 19.648317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.648374] kthread+0x328/0x630 [ 19.648682] ret_from_fork+0x10/0x20 [ 19.648734] [ 19.648759] The buggy address belongs to stack of task kunit_try_catch/251 [ 19.648832] [ 19.648859] The buggy address belongs to the virtual mapping at [ 19.648859] [ffff800080a70000, ffff800080a79000) created by: [ 19.648859] kernel_clone+0x150/0x7a8 [ 19.648952] [ 19.649025] The buggy address belongs to the physical page: [ 19.649182] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799f [ 19.649243] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.650500] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.650562] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.650608] page dumped because: kasan: bad access detected [ 19.650643] [ 19.650662] Memory state around the buggy address: [ 19.650698] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.650742] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.650789] >ffff800080a77b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.650831] ^ [ 19.650871] ffff800080a77b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.650917] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.650959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.637022] ================================================================== [ 19.637141] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.637199] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/249 [ 19.637250] [ 19.637281] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.637364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.637391] Hardware name: linux,dummy-virt (DT) [ 19.637433] Call trace: [ 19.637471] show_stack+0x20/0x38 (C) [ 19.637520] dump_stack_lvl+0x8c/0xd0 [ 19.637581] print_report+0x310/0x608 [ 19.637638] kasan_report+0xdc/0x128 [ 19.637780] __asan_report_load1_noabort+0x20/0x30 [ 19.637861] kasan_stack_oob+0x238/0x270 [ 19.637908] kunit_try_run_case+0x170/0x3f0 [ 19.637962] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.638066] kthread+0x328/0x630 [ 19.638106] ret_from_fork+0x10/0x20 [ 19.638192] [ 19.638597] The buggy address belongs to stack of task kunit_try_catch/249 [ 19.638707] and is located at offset 138 in frame: [ 19.638749] kasan_stack_oob+0x0/0x270 [ 19.638994] [ 19.639035] This frame has 4 objects: [ 19.639124] [48, 49) '__assertion' [ 19.639159] [64, 72) 'array' [ 19.639189] [96, 112) '__assertion' [ 19.639338] [128, 138) 'stack_array' [ 19.639384] [ 19.639440] The buggy address belongs to the virtual mapping at [ 19.639440] [ffff800080a70000, ffff800080a79000) created by: [ 19.639440] kernel_clone+0x150/0x7a8 [ 19.639536] [ 19.639558] The buggy address belongs to the physical page: [ 19.639648] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10799f [ 19.639874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.639983] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.640072] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.640164] page dumped because: kasan: bad access detected [ 19.640217] [ 19.640485] Memory state around the buggy address: [ 19.640521] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.640585] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.640644] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.640697] ^ [ 19.640732] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.640778] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.640836] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.616835] ================================================================== [ 19.616911] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.617056] Read of size 1 at addr ffffa141db94f5cd by task kunit_try_catch/245 [ 19.617254] [ 19.617440] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.617911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.618004] Hardware name: linux,dummy-virt (DT) [ 19.618219] Call trace: [ 19.618242] show_stack+0x20/0x38 (C) [ 19.618294] dump_stack_lvl+0x8c/0xd0 [ 19.618342] print_report+0x310/0x608 [ 19.618389] kasan_report+0xdc/0x128 [ 19.618437] __asan_report_load1_noabort+0x20/0x30 [ 19.618498] kasan_global_oob_right+0x230/0x270 [ 19.618543] kunit_try_run_case+0x170/0x3f0 [ 19.619133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.619352] kthread+0x328/0x630 [ 19.619482] ret_from_fork+0x10/0x20 [ 19.619616] [ 19.619684] The buggy address belongs to the variable: [ 19.619716] global_array+0xd/0x40 [ 19.619780] [ 19.619856] The buggy address belongs to the virtual mapping at [ 19.619856] [ffffa141d9b00000, ffffa141dba01000) created by: [ 19.619856] paging_init+0x66c/0x7d0 [ 19.619945] [ 19.620003] The buggy address belongs to the physical page: [ 19.620037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 19.620093] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.620267] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 19.620391] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.620439] page dumped because: kasan: bad access detected [ 19.620525] [ 19.620564] Memory state around the buggy address: [ 19.620718] ffffa141db94f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.620765] ffffa141db94f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.620809] >ffffa141db94f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 19.620857] ^ [ 19.620894] ffffa141db94f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 19.620938] ffffa141db94f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 19.620989] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.596569] ================================================================== [ 19.596835] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.597075] Free of addr fff00000c79f0501 by task kunit_try_catch/241 [ 19.597118] [ 19.597155] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.597239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.597267] Hardware name: linux,dummy-virt (DT) [ 19.597309] Call trace: [ 19.597429] show_stack+0x20/0x38 (C) [ 19.597494] dump_stack_lvl+0x8c/0xd0 [ 19.597545] print_report+0x118/0x608 [ 19.597593] kasan_report_invalid_free+0xc0/0xe8 [ 19.597641] check_slab_allocation+0xfc/0x108 [ 19.597690] __kasan_mempool_poison_object+0x78/0x150 [ 19.597741] mempool_free+0x28c/0x328 [ 19.597785] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.597837] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.597885] kunit_try_run_case+0x170/0x3f0 [ 19.597935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.597986] kthread+0x328/0x630 [ 19.598028] ret_from_fork+0x10/0x20 [ 19.598074] [ 19.598092] Allocated by task 241: [ 19.598121] kasan_save_stack+0x3c/0x68 [ 19.598160] kasan_save_track+0x20/0x40 [ 19.598198] kasan_save_alloc_info+0x40/0x58 [ 19.598236] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.598279] remove_element+0x130/0x1f8 [ 19.598313] mempool_alloc_preallocated+0x58/0xc0 [ 19.598352] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.598395] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.598441] kunit_try_run_case+0x170/0x3f0 [ 19.598489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.598532] kthread+0x328/0x630 [ 19.598562] ret_from_fork+0x10/0x20 [ 19.598599] [ 19.598617] The buggy address belongs to the object at fff00000c79f0500 [ 19.598617] which belongs to the cache kmalloc-128 of size 128 [ 19.598697] The buggy address is located 1 bytes inside of [ 19.598697] 128-byte region [fff00000c79f0500, fff00000c79f0580) [ 19.598760] [ 19.598792] The buggy address belongs to the physical page: [ 19.598825] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 19.598889] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.598952] page_type: f5(slab) [ 19.598993] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.599053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.599109] page dumped because: kasan: bad access detected [ 19.599232] [ 19.599250] Memory state around the buggy address: [ 19.599285] fff00000c79f0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.599331] fff00000c79f0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.599376] >fff00000c79f0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.599417] ^ [ 19.599672] fff00000c79f0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.599723] fff00000c79f0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.599764] ================================================================== [ 19.606836] ================================================================== [ 19.606897] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.606960] Free of addr fff00000c79b8001 by task kunit_try_catch/243 [ 19.607021] [ 19.607053] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.607134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.607163] Hardware name: linux,dummy-virt (DT) [ 19.607206] Call trace: [ 19.607228] show_stack+0x20/0x38 (C) [ 19.607291] dump_stack_lvl+0x8c/0xd0 [ 19.607339] print_report+0x118/0x608 [ 19.607386] kasan_report_invalid_free+0xc0/0xe8 [ 19.607621] __kasan_mempool_poison_object+0xfc/0x150 [ 19.607675] mempool_free+0x28c/0x328 [ 19.607719] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.607771] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.607823] kunit_try_run_case+0x170/0x3f0 [ 19.607880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.608043] kthread+0x328/0x630 [ 19.608086] ret_from_fork+0x10/0x20 [ 19.608132] [ 19.608154] The buggy address belongs to the physical page: [ 19.608195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 19.608264] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.608314] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.608368] page_type: f8(unknown) [ 19.608407] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.608474] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.608524] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.608688] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.608792] head: 0bfffe0000000002 ffffc1ffc31e6e01 00000000ffffffff 00000000ffffffff [ 19.608922] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.609078] page dumped because: kasan: bad access detected [ 19.609110] [ 19.609127] Memory state around the buggy address: [ 19.609166] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.609217] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.609399] >fff00000c79b8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.609441] ^ [ 19.609477] fff00000c79b8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.609522] fff00000c79b8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.609589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.571162] ================================================================== [ 19.571438] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.571598] Free of addr fff00000c79b8000 by task kunit_try_catch/239 [ 19.571808] [ 19.571972] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.572059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.572489] Hardware name: linux,dummy-virt (DT) [ 19.572531] Call trace: [ 19.572555] show_stack+0x20/0x38 (C) [ 19.572610] dump_stack_lvl+0x8c/0xd0 [ 19.572670] print_report+0x118/0x608 [ 19.572982] kasan_report_invalid_free+0xc0/0xe8 [ 19.573035] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.573085] mempool_free+0x24c/0x328 [ 19.573492] mempool_double_free_helper+0x150/0x2e8 [ 19.573561] mempool_page_alloc_double_free+0xbc/0x118 [ 19.574094] kunit_try_run_case+0x170/0x3f0 [ 19.574467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.574823] kthread+0x328/0x630 [ 19.574967] ret_from_fork+0x10/0x20 [ 19.575046] [ 19.575084] The buggy address belongs to the physical page: [ 19.575125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b8 [ 19.575350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.575592] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.575738] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.575830] page dumped because: kasan: bad access detected [ 19.575871] [ 19.575889] Memory state around the buggy address: [ 19.576573] fff00000c79b7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.576626] fff00000c79b7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.576671] >fff00000c79b8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.576711] ^ [ 19.576954] fff00000c79b8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.577006] fff00000c79b8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.577071] ================================================================== [ 19.549349] ================================================================== [ 19.549747] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.549806] Free of addr fff00000c79b4000 by task kunit_try_catch/237 [ 19.549850] [ 19.549882] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.550357] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.550397] Hardware name: linux,dummy-virt (DT) [ 19.550664] Call trace: [ 19.550689] show_stack+0x20/0x38 (C) [ 19.550997] dump_stack_lvl+0x8c/0xd0 [ 19.551056] print_report+0x118/0x608 [ 19.551392] kasan_report_invalid_free+0xc0/0xe8 [ 19.551473] __kasan_mempool_poison_object+0x14c/0x150 [ 19.551525] mempool_free+0x28c/0x328 [ 19.551579] mempool_double_free_helper+0x150/0x2e8 [ 19.551627] mempool_kmalloc_large_double_free+0xc0/0x118 [ 19.552256] kunit_try_run_case+0x170/0x3f0 [ 19.552420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.552592] kthread+0x328/0x630 [ 19.552652] ret_from_fork+0x10/0x20 [ 19.552811] [ 19.553000] The buggy address belongs to the physical page: [ 19.553035] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 19.553547] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.553623] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.553815] page_type: f8(unknown) [ 19.553856] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.554037] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.554206] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.554483] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.554916] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 19.555066] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.555112] page dumped because: kasan: bad access detected [ 19.555239] [ 19.555258] Memory state around the buggy address: [ 19.555506] fff00000c79b3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.555568] fff00000c79b3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.555935] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.556178] ^ [ 19.556313] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.556363] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.556404] ================================================================== [ 19.524199] ================================================================== [ 19.524266] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.524326] Free of addr fff00000c79f0100 by task kunit_try_catch/235 [ 19.524370] [ 19.524794] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.524905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.525689] Hardware name: linux,dummy-virt (DT) [ 19.525727] Call trace: [ 19.525848] show_stack+0x20/0x38 (C) [ 19.525982] dump_stack_lvl+0x8c/0xd0 [ 19.526097] print_report+0x118/0x608 [ 19.526142] kasan_report_invalid_free+0xc0/0xe8 [ 19.526193] check_slab_allocation+0xd4/0x108 [ 19.526242] __kasan_mempool_poison_object+0x78/0x150 [ 19.526779] mempool_free+0x28c/0x328 [ 19.526872] mempool_double_free_helper+0x150/0x2e8 [ 19.527673] mempool_kmalloc_double_free+0xc0/0x118 [ 19.527749] kunit_try_run_case+0x170/0x3f0 [ 19.527808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.527863] kthread+0x328/0x630 [ 19.527904] ret_from_fork+0x10/0x20 [ 19.527953] [ 19.527974] Allocated by task 235: [ 19.528521] kasan_save_stack+0x3c/0x68 [ 19.528699] kasan_save_track+0x20/0x40 [ 19.528750] kasan_save_alloc_info+0x40/0x58 [ 19.528791] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.529826] remove_element+0x130/0x1f8 [ 19.530477] mempool_alloc_preallocated+0x58/0xc0 [ 19.530532] mempool_double_free_helper+0x94/0x2e8 [ 19.530572] mempool_kmalloc_double_free+0xc0/0x118 [ 19.530759] kunit_try_run_case+0x170/0x3f0 [ 19.530797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.530842] kthread+0x328/0x630 [ 19.530873] ret_from_fork+0x10/0x20 [ 19.530981] [ 19.531085] Freed by task 235: [ 19.531280] kasan_save_stack+0x3c/0x68 [ 19.531336] kasan_save_track+0x20/0x40 [ 19.531375] kasan_save_free_info+0x4c/0x78 [ 19.531413] __kasan_mempool_poison_object+0xc0/0x150 [ 19.531836] mempool_free+0x28c/0x328 [ 19.531934] mempool_double_free_helper+0x100/0x2e8 [ 19.531981] mempool_kmalloc_double_free+0xc0/0x118 [ 19.532246] kunit_try_run_case+0x170/0x3f0 [ 19.532661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.533007] kthread+0x328/0x630 [ 19.533098] ret_from_fork+0x10/0x20 [ 19.533235] [ 19.533383] The buggy address belongs to the object at fff00000c79f0100 [ 19.533383] which belongs to the cache kmalloc-128 of size 128 [ 19.533462] The buggy address is located 0 bytes inside of [ 19.533462] 128-byte region [fff00000c79f0100, fff00000c79f0180) [ 19.533985] [ 19.534014] The buggy address belongs to the physical page: [ 19.534184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079f0 [ 19.534350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.534677] page_type: f5(slab) [ 19.534724] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.534800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.535004] page dumped because: kasan: bad access detected [ 19.535037] [ 19.535055] Memory state around the buggy address: [ 19.535268] fff00000c79f0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.535332] fff00000c79f0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.535424] >fff00000c79f0100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.535584] ^ [ 19.535778] fff00000c79f0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536130] fff00000c79f0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.536337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.426717] ================================================================== [ 19.427028] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.427108] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/229 [ 19.427159] [ 19.427258] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.427471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.427502] Hardware name: linux,dummy-virt (DT) [ 19.427691] Call trace: [ 19.427734] show_stack+0x20/0x38 (C) [ 19.427849] dump_stack_lvl+0x8c/0xd0 [ 19.428030] print_report+0x118/0x608 [ 19.428142] kasan_report+0xdc/0x128 [ 19.428509] __asan_report_load1_noabort+0x20/0x30 [ 19.428577] mempool_uaf_helper+0x314/0x340 [ 19.428789] mempool_kmalloc_large_uaf+0xc4/0x120 [ 19.428844] kunit_try_run_case+0x170/0x3f0 [ 19.429223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.429334] kthread+0x328/0x630 [ 19.429381] ret_from_fork+0x10/0x20 [ 19.429893] [ 19.430031] The buggy address belongs to the physical page: [ 19.430125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 19.430361] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.430434] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.430503] page_type: f8(unknown) [ 19.431203] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.431262] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.431406] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.431475] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.431533] head: 0bfffe0000000002 ffffc1ffc31e6d01 00000000ffffffff 00000000ffffffff [ 19.431585] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.432374] page dumped because: kasan: bad access detected [ 19.432477] [ 19.432587] Memory state around the buggy address: [ 19.432631] fff00000c79b3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.432677] fff00000c79b3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.433396] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.433497] ^ [ 19.433528] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.433572] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.433637] ================================================================== [ 19.502606] ================================================================== [ 19.502679] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.502746] Read of size 1 at addr fff00000c79b4000 by task kunit_try_catch/233 [ 19.502799] [ 19.502837] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.502923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.502950] Hardware name: linux,dummy-virt (DT) [ 19.503788] Call trace: [ 19.503824] show_stack+0x20/0x38 (C) [ 19.504087] dump_stack_lvl+0x8c/0xd0 [ 19.504211] print_report+0x118/0x608 [ 19.504616] kasan_report+0xdc/0x128 [ 19.505186] __asan_report_load1_noabort+0x20/0x30 [ 19.505250] mempool_uaf_helper+0x314/0x340 [ 19.505298] mempool_page_alloc_uaf+0xc0/0x118 [ 19.505594] kunit_try_run_case+0x170/0x3f0 [ 19.506078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.506150] kthread+0x328/0x630 [ 19.506494] ret_from_fork+0x10/0x20 [ 19.506687] [ 19.506753] The buggy address belongs to the physical page: [ 19.507056] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079b4 [ 19.507278] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.507353] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.507429] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.507641] page dumped because: kasan: bad access detected [ 19.507839] [ 19.507858] Memory state around the buggy address: [ 19.507894] fff00000c79b3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.508412] fff00000c79b3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.508708] >fff00000c79b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.508755] ^ [ 19.508946] fff00000c79b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.509282] fff00000c79b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.509328] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.450669] ================================================================== [ 19.451048] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.451481] Read of size 1 at addr fff00000c79ef240 by task kunit_try_catch/231 [ 19.451540] [ 19.451579] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.451894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.451926] Hardware name: linux,dummy-virt (DT) [ 19.451969] Call trace: [ 19.452185] show_stack+0x20/0x38 (C) [ 19.452264] dump_stack_lvl+0x8c/0xd0 [ 19.452556] print_report+0x118/0x608 [ 19.452606] kasan_report+0xdc/0x128 [ 19.452651] __asan_report_load1_noabort+0x20/0x30 [ 19.453082] mempool_uaf_helper+0x314/0x340 [ 19.453152] mempool_slab_uaf+0xc0/0x118 [ 19.453197] kunit_try_run_case+0x170/0x3f0 [ 19.453321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.453375] kthread+0x328/0x630 [ 19.453417] ret_from_fork+0x10/0x20 [ 19.453475] [ 19.453494] Allocated by task 231: [ 19.453524] kasan_save_stack+0x3c/0x68 [ 19.453564] kasan_save_track+0x20/0x40 [ 19.454066] kasan_save_alloc_info+0x40/0x58 [ 19.454114] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.454395] remove_element+0x16c/0x1f8 [ 19.454453] mempool_alloc_preallocated+0x58/0xc0 [ 19.454870] mempool_uaf_helper+0xa4/0x340 [ 19.454936] mempool_slab_uaf+0xc0/0x118 [ 19.455203] kunit_try_run_case+0x170/0x3f0 [ 19.455255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.455332] kthread+0x328/0x630 [ 19.455376] ret_from_fork+0x10/0x20 [ 19.455425] [ 19.455569] Freed by task 231: [ 19.455677] kasan_save_stack+0x3c/0x68 [ 19.455851] kasan_save_track+0x20/0x40 [ 19.456097] kasan_save_free_info+0x4c/0x78 [ 19.456145] __kasan_mempool_poison_object+0xc0/0x150 [ 19.456517] mempool_free+0x28c/0x328 [ 19.456808] mempool_uaf_helper+0x104/0x340 [ 19.456856] mempool_slab_uaf+0xc0/0x118 [ 19.457098] kunit_try_run_case+0x170/0x3f0 [ 19.457141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.457647] kthread+0x328/0x630 [ 19.457716] ret_from_fork+0x10/0x20 [ 19.457751] [ 19.458111] The buggy address belongs to the object at fff00000c79ef240 [ 19.458111] which belongs to the cache test_cache of size 123 [ 19.458436] The buggy address is located 0 bytes inside of [ 19.458436] freed 123-byte region [fff00000c79ef240, fff00000c79ef2bb) [ 19.458784] [ 19.458887] The buggy address belongs to the physical page: [ 19.458982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ef [ 19.459248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.459308] page_type: f5(slab) [ 19.459347] raw: 0bfffe0000000000 fff00000c3e83b40 dead000000000122 0000000000000000 [ 19.459400] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.459579] page dumped because: kasan: bad access detected [ 19.459617] [ 19.459663] Memory state around the buggy address: [ 19.459906] fff00000c79ef100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.460233] fff00000c79ef180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.460437] >fff00000c79ef200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.460601] ^ [ 19.460645] fff00000c79ef280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.461227] fff00000c79ef300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.461271] ================================================================== [ 19.404795] ================================================================== [ 19.405536] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 19.405853] Read of size 1 at addr fff00000c656ad00 by task kunit_try_catch/227 [ 19.406435] [ 19.406487] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.406575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.406601] Hardware name: linux,dummy-virt (DT) [ 19.406635] Call trace: [ 19.406658] show_stack+0x20/0x38 (C) [ 19.406712] dump_stack_lvl+0x8c/0xd0 [ 19.406762] print_report+0x118/0x608 [ 19.406807] kasan_report+0xdc/0x128 [ 19.406852] __asan_report_load1_noabort+0x20/0x30 [ 19.406901] mempool_uaf_helper+0x314/0x340 [ 19.407222] mempool_kmalloc_uaf+0xc4/0x120 [ 19.407458] kunit_try_run_case+0x170/0x3f0 [ 19.407514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.407609] kthread+0x328/0x630 [ 19.408392] ret_from_fork+0x10/0x20 [ 19.409141] [ 19.409166] Allocated by task 227: [ 19.409363] kasan_save_stack+0x3c/0x68 [ 19.409810] kasan_save_track+0x20/0x40 [ 19.409861] kasan_save_alloc_info+0x40/0x58 [ 19.409910] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.410183] remove_element+0x130/0x1f8 [ 19.410231] mempool_alloc_preallocated+0x58/0xc0 [ 19.410525] mempool_uaf_helper+0xa4/0x340 [ 19.410584] mempool_kmalloc_uaf+0xc4/0x120 [ 19.410770] kunit_try_run_case+0x170/0x3f0 [ 19.410809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.410854] kthread+0x328/0x630 [ 19.410888] ret_from_fork+0x10/0x20 [ 19.410923] [ 19.410942] Freed by task 227: [ 19.411144] kasan_save_stack+0x3c/0x68 [ 19.411322] kasan_save_track+0x20/0x40 [ 19.411364] kasan_save_free_info+0x4c/0x78 [ 19.411404] __kasan_mempool_poison_object+0xc0/0x150 [ 19.411677] mempool_free+0x28c/0x328 [ 19.411729] mempool_uaf_helper+0x104/0x340 [ 19.411789] mempool_kmalloc_uaf+0xc4/0x120 [ 19.412129] kunit_try_run_case+0x170/0x3f0 [ 19.412311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.412373] kthread+0x328/0x630 [ 19.412405] ret_from_fork+0x10/0x20 [ 19.412441] [ 19.412899] The buggy address belongs to the object at fff00000c656ad00 [ 19.412899] which belongs to the cache kmalloc-128 of size 128 [ 19.413005] The buggy address is located 0 bytes inside of [ 19.413005] freed 128-byte region [fff00000c656ad00, fff00000c656ad80) [ 19.413816] [ 19.413844] The buggy address belongs to the physical page: [ 19.413881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a [ 19.414134] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.414190] page_type: f5(slab) [ 19.414230] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.414741] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.414794] page dumped because: kasan: bad access detected [ 19.415009] [ 19.415036] Memory state around the buggy address: [ 19.415073] fff00000c656ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.415118] fff00000c656ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.415350] >fff00000c656ad00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.415397] ^ [ 19.415438] fff00000c656ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.415541] fff00000c656ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.415580] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.341297] ================================================================== [ 19.341383] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.341475] Read of size 1 at addr fff00000c656a973 by task kunit_try_catch/221 [ 19.341527] [ 19.341572] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.341660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.341689] Hardware name: linux,dummy-virt (DT) [ 19.341722] Call trace: [ 19.341750] show_stack+0x20/0x38 (C) [ 19.341802] dump_stack_lvl+0x8c/0xd0 [ 19.341855] print_report+0x118/0x608 [ 19.341904] kasan_report+0xdc/0x128 [ 19.341949] __asan_report_load1_noabort+0x20/0x30 [ 19.342001] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.342050] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.342099] kunit_try_run_case+0x170/0x3f0 [ 19.342152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.342206] kthread+0x328/0x630 [ 19.342250] ret_from_fork+0x10/0x20 [ 19.342301] [ 19.342320] Allocated by task 221: [ 19.342350] kasan_save_stack+0x3c/0x68 [ 19.342394] kasan_save_track+0x20/0x40 [ 19.342438] kasan_save_alloc_info+0x40/0x58 [ 19.342489] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.342534] remove_element+0x130/0x1f8 [ 19.342574] mempool_alloc_preallocated+0x58/0xc0 [ 19.342616] mempool_oob_right_helper+0x98/0x2f0 [ 19.342657] mempool_kmalloc_oob_right+0xc4/0x120 [ 19.342700] kunit_try_run_case+0x170/0x3f0 [ 19.342740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.342784] kthread+0x328/0x630 [ 19.342817] ret_from_fork+0x10/0x20 [ 19.342855] [ 19.342875] The buggy address belongs to the object at fff00000c656a900 [ 19.342875] which belongs to the cache kmalloc-128 of size 128 [ 19.342938] The buggy address is located 0 bytes to the right of [ 19.342938] allocated 115-byte region [fff00000c656a900, fff00000c656a973) [ 19.343020] [ 19.343042] The buggy address belongs to the physical page: [ 19.343105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10656a [ 19.343167] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.343224] page_type: f5(slab) [ 19.343271] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.343325] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.343369] page dumped because: kasan: bad access detected [ 19.343402] [ 19.343439] Memory state around the buggy address: [ 19.343484] fff00000c656a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.343529] fff00000c656a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.343574] >fff00000c656a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.343614] ^ [ 19.343655] fff00000c656a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.343698] fff00000c656aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.343739] ================================================================== [ 19.349250] ================================================================== [ 19.349313] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.349368] Read of size 1 at addr fff00000c7846001 by task kunit_try_catch/223 [ 19.349420] [ 19.349465] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.349548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.349575] Hardware name: linux,dummy-virt (DT) [ 19.349606] Call trace: [ 19.349630] show_stack+0x20/0x38 (C) [ 19.350052] dump_stack_lvl+0x8c/0xd0 [ 19.350142] print_report+0x118/0x608 [ 19.350197] kasan_report+0xdc/0x128 [ 19.350356] __asan_report_load1_noabort+0x20/0x30 [ 19.350409] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.350477] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 19.351287] kunit_try_run_case+0x170/0x3f0 [ 19.351417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.351594] kthread+0x328/0x630 [ 19.351656] ret_from_fork+0x10/0x20 [ 19.351703] [ 19.351726] The buggy address belongs to the physical page: [ 19.351762] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 19.351821] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.351872] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.351928] page_type: f8(unknown) [ 19.351968] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.352022] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.352075] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.352127] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.352180] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 19.352529] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.352577] page dumped because: kasan: bad access detected [ 19.353411] [ 19.353887] Memory state around the buggy address: [ 19.354141] fff00000c7845f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.354327] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.354378] >fff00000c7846000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.354425] ^ [ 19.354777] fff00000c7846080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.354899] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.354939] ================================================================== [ 19.370875] ================================================================== [ 19.371040] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 19.371121] Read of size 1 at addr fff00000c79ad2bb by task kunit_try_catch/225 [ 19.371304] [ 19.371338] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.371420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.371455] Hardware name: linux,dummy-virt (DT) [ 19.371572] Call trace: [ 19.371664] show_stack+0x20/0x38 (C) [ 19.371872] dump_stack_lvl+0x8c/0xd0 [ 19.372176] print_report+0x118/0x608 [ 19.372275] kasan_report+0xdc/0x128 [ 19.372415] __asan_report_load1_noabort+0x20/0x30 [ 19.372575] mempool_oob_right_helper+0x2ac/0x2f0 [ 19.372797] mempool_slab_oob_right+0xc0/0x118 [ 19.372867] kunit_try_run_case+0x170/0x3f0 [ 19.373146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.373474] kthread+0x328/0x630 [ 19.373529] ret_from_fork+0x10/0x20 [ 19.373652] [ 19.373786] Allocated by task 225: [ 19.373817] kasan_save_stack+0x3c/0x68 [ 19.373871] kasan_save_track+0x20/0x40 [ 19.374211] kasan_save_alloc_info+0x40/0x58 [ 19.374496] __kasan_mempool_unpoison_object+0xbc/0x180 [ 19.374821] remove_element+0x16c/0x1f8 [ 19.374942] mempool_alloc_preallocated+0x58/0xc0 [ 19.375191] mempool_oob_right_helper+0x98/0x2f0 [ 19.375237] mempool_slab_oob_right+0xc0/0x118 [ 19.375276] kunit_try_run_case+0x170/0x3f0 [ 19.375315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.375361] kthread+0x328/0x630 [ 19.375600] ret_from_fork+0x10/0x20 [ 19.376032] [ 19.376055] The buggy address belongs to the object at fff00000c79ad240 [ 19.376055] which belongs to the cache test_cache of size 123 [ 19.376211] The buggy address is located 0 bytes to the right of [ 19.376211] allocated 123-byte region [fff00000c79ad240, fff00000c79ad2bb) [ 19.376592] [ 19.377010] The buggy address belongs to the physical page: [ 19.377147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ad [ 19.377600] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.377668] page_type: f5(slab) [ 19.377711] raw: 0bfffe0000000000 fff00000c3e83a00 dead000000000122 0000000000000000 [ 19.377765] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.378317] page dumped because: kasan: bad access detected [ 19.378489] [ 19.378509] Memory state around the buggy address: [ 19.378546] fff00000c79ad180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.378604] fff00000c79ad200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.378735] >fff00000c79ad280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.378780] ^ [ 19.378817] fff00000c79ad300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.378863] fff00000c79ad380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.378904] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.691511] ================================================================== [ 18.691623] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.691703] Read of size 1 at addr fff00000c7829000 by task kunit_try_catch/213 [ 18.691756] [ 18.691800] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.691887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.691913] Hardware name: linux,dummy-virt (DT) [ 18.691949] Call trace: [ 18.691974] show_stack+0x20/0x38 (C) [ 18.692027] dump_stack_lvl+0x8c/0xd0 [ 18.692080] print_report+0x118/0x608 [ 18.692127] kasan_report+0xdc/0x128 [ 18.692172] __asan_report_load1_noabort+0x20/0x30 [ 18.692224] kmem_cache_rcu_uaf+0x388/0x468 [ 18.692271] kunit_try_run_case+0x170/0x3f0 [ 18.692321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.692376] kthread+0x328/0x630 [ 18.692420] ret_from_fork+0x10/0x20 [ 18.692486] [ 18.692505] Allocated by task 213: [ 18.692535] kasan_save_stack+0x3c/0x68 [ 18.692577] kasan_save_track+0x20/0x40 [ 18.692615] kasan_save_alloc_info+0x40/0x58 [ 18.692656] __kasan_slab_alloc+0xa8/0xb0 [ 18.692695] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.692737] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.692776] kunit_try_run_case+0x170/0x3f0 [ 18.692814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.692857] kthread+0x328/0x630 [ 18.692889] ret_from_fork+0x10/0x20 [ 18.692924] [ 18.692944] Freed by task 0: [ 18.692970] kasan_save_stack+0x3c/0x68 [ 18.693007] kasan_save_track+0x20/0x40 [ 18.693044] kasan_save_free_info+0x4c/0x78 [ 18.693085] __kasan_slab_free+0x6c/0x98 [ 18.693120] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.693160] rcu_core+0x9f4/0x1e20 [ 18.693196] rcu_core_si+0x18/0x30 [ 18.693231] handle_softirqs+0x374/0xb28 [ 18.693268] __do_softirq+0x1c/0x28 [ 18.693302] [ 18.693322] Last potentially related work creation: [ 18.693348] kasan_save_stack+0x3c/0x68 [ 18.693387] kasan_record_aux_stack+0xb4/0xc8 [ 18.693426] kmem_cache_free+0x120/0x468 [ 18.693472] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.693510] kunit_try_run_case+0x170/0x3f0 [ 18.693548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.693592] kthread+0x328/0x630 [ 18.693623] ret_from_fork+0x10/0x20 [ 18.693659] [ 18.693677] The buggy address belongs to the object at fff00000c7829000 [ 18.693677] which belongs to the cache test_cache of size 200 [ 18.693739] The buggy address is located 0 bytes inside of [ 18.693739] freed 200-byte region [fff00000c7829000, fff00000c78290c8) [ 18.693802] [ 18.693824] The buggy address belongs to the physical page: [ 18.693858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107829 [ 18.693917] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.693971] page_type: f5(slab) [ 18.694015] raw: 0bfffe0000000000 fff00000c3e4f500 dead000000000122 0000000000000000 [ 18.694066] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.694110] page dumped because: kasan: bad access detected [ 18.694140] [ 18.694158] Memory state around the buggy address: [ 18.694194] fff00000c7828f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.694239] fff00000c7828f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.694285] >fff00000c7829000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.694326] ^ [ 18.694354] fff00000c7829080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.694397] fff00000c7829100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.694455] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.380695] ================================================================== [ 18.380777] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.381890] Free of addr fff00000c7808001 by task kunit_try_catch/211 [ 18.381951] [ 18.381994] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.382575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382611] Hardware name: linux,dummy-virt (DT) [ 18.382745] Call trace: [ 18.382874] show_stack+0x20/0x38 (C) [ 18.383195] dump_stack_lvl+0x8c/0xd0 [ 18.383324] print_report+0x118/0x608 [ 18.383559] kasan_report_invalid_free+0xc0/0xe8 [ 18.383829] check_slab_allocation+0xfc/0x108 [ 18.383931] __kasan_slab_pre_free+0x2c/0x48 [ 18.384263] kmem_cache_free+0xf0/0x468 [ 18.384415] kmem_cache_invalid_free+0x184/0x3c8 [ 18.384933] kunit_try_run_case+0x170/0x3f0 [ 18.385280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.385486] kthread+0x328/0x630 [ 18.385534] ret_from_fork+0x10/0x20 [ 18.386131] [ 18.386314] Allocated by task 211: [ 18.386351] kasan_save_stack+0x3c/0x68 [ 18.386763] kasan_save_track+0x20/0x40 [ 18.386804] kasan_save_alloc_info+0x40/0x58 [ 18.386842] __kasan_slab_alloc+0xa8/0xb0 [ 18.387110] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.387177] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.387221] kunit_try_run_case+0x170/0x3f0 [ 18.387262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.387310] kthread+0x328/0x630 [ 18.387344] ret_from_fork+0x10/0x20 [ 18.387860] [ 18.388018] The buggy address belongs to the object at fff00000c7808000 [ 18.388018] which belongs to the cache test_cache of size 200 [ 18.388335] The buggy address is located 1 bytes inside of [ 18.388335] 200-byte region [fff00000c7808000, fff00000c78080c8) [ 18.388550] [ 18.388615] The buggy address belongs to the physical page: [ 18.388651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 18.389081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.389175] page_type: f5(slab) [ 18.389228] raw: 0bfffe0000000000 fff00000c3e4f3c0 dead000000000122 0000000000000000 [ 18.389280] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.389718] page dumped because: kasan: bad access detected [ 18.390186] [ 18.390268] Memory state around the buggy address: [ 18.390309] fff00000c7807f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.390357] fff00000c7807f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.390803] >fff00000c7808000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.391132] ^ [ 18.391170] fff00000c7808080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.391217] fff00000c7808100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.391600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.314247] ================================================================== [ 18.315397] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.315542] Free of addr fff00000c5901000 by task kunit_try_catch/209 [ 18.315637] [ 18.315701] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.316191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.316466] Hardware name: linux,dummy-virt (DT) [ 18.316615] Call trace: [ 18.316645] show_stack+0x20/0x38 (C) [ 18.316977] dump_stack_lvl+0x8c/0xd0 [ 18.317035] print_report+0x118/0x608 [ 18.317084] kasan_report_invalid_free+0xc0/0xe8 [ 18.317684] check_slab_allocation+0xd4/0x108 [ 18.317804] __kasan_slab_pre_free+0x2c/0x48 [ 18.317958] kmem_cache_free+0xf0/0x468 [ 18.318123] kmem_cache_double_free+0x190/0x3c8 [ 18.318669] kunit_try_run_case+0x170/0x3f0 [ 18.319144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.319211] kthread+0x328/0x630 [ 18.319258] ret_from_fork+0x10/0x20 [ 18.319700] [ 18.319722] Allocated by task 209: [ 18.319914] kasan_save_stack+0x3c/0x68 [ 18.320075] kasan_save_track+0x20/0x40 [ 18.320303] kasan_save_alloc_info+0x40/0x58 [ 18.320346] __kasan_slab_alloc+0xa8/0xb0 [ 18.320495] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.320552] kmem_cache_double_free+0x12c/0x3c8 [ 18.320913] kunit_try_run_case+0x170/0x3f0 [ 18.320953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.320995] kthread+0x328/0x630 [ 18.321028] ret_from_fork+0x10/0x20 [ 18.321779] [ 18.321809] Freed by task 209: [ 18.321839] kasan_save_stack+0x3c/0x68 [ 18.322095] kasan_save_track+0x20/0x40 [ 18.322406] kasan_save_free_info+0x4c/0x78 [ 18.322866] __kasan_slab_free+0x6c/0x98 [ 18.323055] kmem_cache_free+0x260/0x468 [ 18.323098] kmem_cache_double_free+0x140/0x3c8 [ 18.323136] kunit_try_run_case+0x170/0x3f0 [ 18.323339] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.323390] kthread+0x328/0x630 [ 18.323424] ret_from_fork+0x10/0x20 [ 18.323468] [ 18.323719] The buggy address belongs to the object at fff00000c5901000 [ 18.323719] which belongs to the cache test_cache of size 200 [ 18.323803] The buggy address is located 0 bytes inside of [ 18.323803] 200-byte region [fff00000c5901000, fff00000c59010c8) [ 18.324333] [ 18.324582] The buggy address belongs to the physical page: [ 18.324620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105901 [ 18.325005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.325148] page_type: f5(slab) [ 18.325472] raw: 0bfffe0000000000 fff00000c3e4f280 dead000000000122 0000000000000000 [ 18.325528] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.325714] page dumped because: kasan: bad access detected [ 18.325977] [ 18.326216] Memory state around the buggy address: [ 18.326255] fff00000c5900f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.326535] fff00000c5900f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.326787] >fff00000c5901000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.327107] ^ [ 18.327215] fff00000c5901080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.327479] fff00000c5901100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.327777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.038054] ================================================================== [ 18.038149] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.038219] Read of size 1 at addr fff00000c59020c8 by task kunit_try_catch/207 [ 18.038274] [ 18.038322] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.038690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.038739] Hardware name: linux,dummy-virt (DT) [ 18.038776] Call trace: [ 18.039211] show_stack+0x20/0x38 (C) [ 18.039298] dump_stack_lvl+0x8c/0xd0 [ 18.039351] print_report+0x118/0x608 [ 18.039980] kasan_report+0xdc/0x128 [ 18.040603] __asan_report_load1_noabort+0x20/0x30 [ 18.040709] kmem_cache_oob+0x344/0x430 [ 18.041063] kunit_try_run_case+0x170/0x3f0 [ 18.041123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.041179] kthread+0x328/0x630 [ 18.041221] ret_from_fork+0x10/0x20 [ 18.041294] [ 18.041314] Allocated by task 207: [ 18.041345] kasan_save_stack+0x3c/0x68 [ 18.041385] kasan_save_track+0x20/0x40 [ 18.041437] kasan_save_alloc_info+0x40/0x58 [ 18.041488] __kasan_slab_alloc+0xa8/0xb0 [ 18.041535] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.041591] kmem_cache_oob+0x12c/0x430 [ 18.041627] kunit_try_run_case+0x170/0x3f0 [ 18.041679] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.041722] kthread+0x328/0x630 [ 18.041753] ret_from_fork+0x10/0x20 [ 18.041789] [ 18.041819] The buggy address belongs to the object at fff00000c5902000 [ 18.041819] which belongs to the cache test_cache of size 200 [ 18.041880] The buggy address is located 0 bytes to the right of [ 18.041880] allocated 200-byte region [fff00000c5902000, fff00000c59020c8) [ 18.041946] [ 18.041974] The buggy address belongs to the physical page: [ 18.042015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105902 [ 18.042099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.042163] page_type: f5(slab) [ 18.042221] raw: 0bfffe0000000000 fff00000c3e4f140 dead000000000122 0000000000000000 [ 18.042282] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.042324] page dumped because: kasan: bad access detected [ 18.042356] [ 18.042381] Memory state around the buggy address: [ 18.042421] fff00000c5901f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.042690] fff00000c5902000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.043640] >fff00000c5902080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.043897] ^ [ 18.044350] fff00000c5902100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.044410] fff00000c5902180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.044802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.977830] ================================================================== [ 17.978573] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.978651] Read of size 8 at addr fff00000c781c8c0 by task kunit_try_catch/200 [ 17.978703] [ 17.978739] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.978826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.978853] Hardware name: linux,dummy-virt (DT) [ 17.979462] Call trace: [ 17.979505] show_stack+0x20/0x38 (C) [ 17.979561] dump_stack_lvl+0x8c/0xd0 [ 17.979989] print_report+0x118/0x608 [ 17.980256] kasan_report+0xdc/0x128 [ 17.980482] __asan_report_load8_noabort+0x20/0x30 [ 17.980698] workqueue_uaf+0x480/0x4a8 [ 17.981145] kunit_try_run_case+0x170/0x3f0 [ 17.981394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.981733] kthread+0x328/0x630 [ 17.982017] ret_from_fork+0x10/0x20 [ 17.982304] [ 17.982332] Allocated by task 200: [ 17.982584] kasan_save_stack+0x3c/0x68 [ 17.982744] kasan_save_track+0x20/0x40 [ 17.982918] kasan_save_alloc_info+0x40/0x58 [ 17.983142] __kasan_kmalloc+0xd4/0xd8 [ 17.983357] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.983558] workqueue_uaf+0x13c/0x4a8 [ 17.983793] kunit_try_run_case+0x170/0x3f0 [ 17.983936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.984159] kthread+0x328/0x630 [ 17.984397] ret_from_fork+0x10/0x20 [ 17.984472] [ 17.984762] Freed by task 47: [ 17.984928] kasan_save_stack+0x3c/0x68 [ 17.985039] kasan_save_track+0x20/0x40 [ 17.985080] kasan_save_free_info+0x4c/0x78 [ 17.985383] __kasan_slab_free+0x6c/0x98 [ 17.985596] kfree+0x214/0x3c8 [ 17.985889] workqueue_uaf_work+0x18/0x30 [ 17.986151] process_one_work+0x530/0xf98 [ 17.986675] worker_thread+0x618/0xf38 [ 17.986765] kthread+0x328/0x630 [ 17.987004] ret_from_fork+0x10/0x20 [ 17.987255] [ 17.987284] Last potentially related work creation: [ 17.987320] kasan_save_stack+0x3c/0x68 [ 17.987715] kasan_record_aux_stack+0xb4/0xc8 [ 17.988021] __queue_work+0x65c/0x1008 [ 17.988392] queue_work_on+0xbc/0xf8 [ 17.988477] workqueue_uaf+0x210/0x4a8 [ 17.988651] kunit_try_run_case+0x170/0x3f0 [ 17.988998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.989386] kthread+0x328/0x630 [ 17.989499] ret_from_fork+0x10/0x20 [ 17.989542] [ 17.989562] The buggy address belongs to the object at fff00000c781c8c0 [ 17.989562] which belongs to the cache kmalloc-32 of size 32 [ 17.990038] The buggy address is located 0 bytes inside of [ 17.990038] freed 32-byte region [fff00000c781c8c0, fff00000c781c8e0) [ 17.990265] [ 17.990321] The buggy address belongs to the physical page: [ 17.990838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10781c [ 17.991078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.991515] page_type: f5(slab) [ 17.991578] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.991974] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.992125] page dumped because: kasan: bad access detected [ 17.992439] [ 17.992499] Memory state around the buggy address: [ 17.992667] fff00000c781c780: 00 00 00 fc fc fc fc fc 00 00 03 fc fc fc fc fc [ 17.992992] fff00000c781c800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.993378] >fff00000c781c880: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.993423] ^ [ 17.993865] fff00000c781c900: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.994175] fff00000c781c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.994486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.936108] ================================================================== [ 17.936803] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.937099] Read of size 4 at addr fff00000c781c6c0 by task swapper/1/0 [ 17.937153] [ 17.937196] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.937532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.937689] Hardware name: linux,dummy-virt (DT) [ 17.937733] Call trace: [ 17.937759] show_stack+0x20/0x38 (C) [ 17.938082] dump_stack_lvl+0x8c/0xd0 [ 17.938154] print_report+0x118/0x608 [ 17.938279] kasan_report+0xdc/0x128 [ 17.938333] __asan_report_load4_noabort+0x20/0x30 [ 17.938391] rcu_uaf_reclaim+0x64/0x70 [ 17.938454] rcu_core+0x9f4/0x1e20 [ 17.938746] rcu_core_si+0x18/0x30 [ 17.938815] handle_softirqs+0x374/0xb28 [ 17.938975] __do_softirq+0x1c/0x28 [ 17.939217] ____do_softirq+0x18/0x30 [ 17.939639] call_on_irq_stack+0x24/0x30 [ 17.939792] do_softirq_own_stack+0x24/0x38 [ 17.940099] __irq_exit_rcu+0x1fc/0x318 [ 17.940151] irq_exit_rcu+0x1c/0x80 [ 17.940426] el1_interrupt+0x38/0x58 [ 17.940619] el1h_64_irq_handler+0x18/0x28 [ 17.941671] el1h_64_irq+0x6c/0x70 [ 17.941871] arch_local_irq_enable+0x4/0x8 (P) [ 17.942080] do_idle+0x384/0x4e8 [ 17.942145] cpu_startup_entry+0x68/0x80 [ 17.942190] secondary_start_kernel+0x288/0x340 [ 17.942351] __secondary_switched+0xc0/0xc8 [ 17.942430] [ 17.942470] Allocated by task 198: [ 17.942515] kasan_save_stack+0x3c/0x68 [ 17.942559] kasan_save_track+0x20/0x40 [ 17.942597] kasan_save_alloc_info+0x40/0x58 [ 17.942639] __kasan_kmalloc+0xd4/0xd8 [ 17.942675] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.942723] rcu_uaf+0xb0/0x2d8 [ 17.942767] kunit_try_run_case+0x170/0x3f0 [ 17.942808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.942853] kthread+0x328/0x630 [ 17.942897] ret_from_fork+0x10/0x20 [ 17.942941] [ 17.943708] Freed by task 0: [ 17.943931] kasan_save_stack+0x3c/0x68 [ 17.944202] kasan_save_track+0x20/0x40 [ 17.944313] kasan_save_free_info+0x4c/0x78 [ 17.944383] __kasan_slab_free+0x6c/0x98 [ 17.944670] kfree+0x214/0x3c8 [ 17.944827] rcu_uaf_reclaim+0x28/0x70 [ 17.945157] rcu_core+0x9f4/0x1e20 [ 17.945471] rcu_core_si+0x18/0x30 [ 17.945653] handle_softirqs+0x374/0xb28 [ 17.945744] __do_softirq+0x1c/0x28 [ 17.945929] [ 17.946374] Last potentially related work creation: [ 17.946615] kasan_save_stack+0x3c/0x68 [ 17.946829] kasan_record_aux_stack+0xb4/0xc8 [ 17.947035] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.947128] call_rcu+0x18/0x30 [ 17.947344] rcu_uaf+0x14c/0x2d8 [ 17.947566] kunit_try_run_case+0x170/0x3f0 [ 17.947802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.948077] kthread+0x328/0x630 [ 17.948299] ret_from_fork+0x10/0x20 [ 17.948911] [ 17.949071] The buggy address belongs to the object at fff00000c781c6c0 [ 17.949071] which belongs to the cache kmalloc-32 of size 32 [ 17.949937] The buggy address is located 0 bytes inside of [ 17.949937] freed 32-byte region [fff00000c781c6c0, fff00000c781c6e0) [ 17.950112] [ 17.950313] The buggy address belongs to the physical page: [ 17.950425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10781c [ 17.950783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.951162] page_type: f5(slab) [ 17.951321] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.951812] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.952081] page dumped because: kasan: bad access detected [ 17.952234] [ 17.952286] Memory state around the buggy address: [ 17.952701] fff00000c781c580: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.952903] fff00000c781c600: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.953131] >fff00000c781c680: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.953405] ^ [ 17.953632] fff00000c781c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.953885] fff00000c781c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.953980] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.615672] ================================================================== [ 17.615755] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.615959] Free of addr fff00000c45518c0 by task kunit_try_catch/192 [ 17.616041] [ 17.616164] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.616251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.616285] Hardware name: linux,dummy-virt (DT) [ 17.616314] Call trace: [ 17.616485] show_stack+0x20/0x38 (C) [ 17.616698] dump_stack_lvl+0x8c/0xd0 [ 17.616758] print_report+0x118/0x608 [ 17.616816] kasan_report_invalid_free+0xc0/0xe8 [ 17.616919] check_slab_allocation+0xd4/0x108 [ 17.616971] __kasan_slab_pre_free+0x2c/0x48 [ 17.617019] kfree+0xe8/0x3c8 [ 17.617060] kfree_sensitive+0x3c/0xb0 [ 17.617103] kmalloc_double_kzfree+0x168/0x308 [ 17.617154] kunit_try_run_case+0x170/0x3f0 [ 17.617199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.617252] kthread+0x328/0x630 [ 17.617308] ret_from_fork+0x10/0x20 [ 17.617357] [ 17.617378] Allocated by task 192: [ 17.617405] kasan_save_stack+0x3c/0x68 [ 17.617456] kasan_save_track+0x20/0x40 [ 17.617494] kasan_save_alloc_info+0x40/0x58 [ 17.617544] __kasan_kmalloc+0xd4/0xd8 [ 17.617582] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.617620] kmalloc_double_kzfree+0xb8/0x308 [ 17.617663] kunit_try_run_case+0x170/0x3f0 [ 17.617702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.617751] kthread+0x328/0x630 [ 17.617794] ret_from_fork+0x10/0x20 [ 17.617829] [ 17.617848] Freed by task 192: [ 17.617873] kasan_save_stack+0x3c/0x68 [ 17.617910] kasan_save_track+0x20/0x40 [ 17.617946] kasan_save_free_info+0x4c/0x78 [ 17.617990] __kasan_slab_free+0x6c/0x98 [ 17.618037] kfree+0x214/0x3c8 [ 17.618070] kfree_sensitive+0x80/0xb0 [ 17.618107] kmalloc_double_kzfree+0x11c/0x308 [ 17.618147] kunit_try_run_case+0x170/0x3f0 [ 17.618184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.618230] kthread+0x328/0x630 [ 17.618261] ret_from_fork+0x10/0x20 [ 17.618296] [ 17.618314] The buggy address belongs to the object at fff00000c45518c0 [ 17.618314] which belongs to the cache kmalloc-16 of size 16 [ 17.618373] The buggy address is located 0 bytes inside of [ 17.618373] 16-byte region [fff00000c45518c0, fff00000c45518d0) [ 17.618436] [ 17.618692] The buggy address belongs to the physical page: [ 17.618735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.618789] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.618850] page_type: f5(slab) [ 17.618948] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.619025] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.619330] page dumped because: kasan: bad access detected [ 17.619362] [ 17.619381] Memory state around the buggy address: [ 17.619442] fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.619682] fff00000c4551800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.619944] >fff00000c4551880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.620044] ^ [ 17.620218] fff00000c4551900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.620282] fff00000c4551980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.620531] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.605868] ================================================================== [ 17.605938] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.606196] Read of size 1 at addr fff00000c45518c0 by task kunit_try_catch/192 [ 17.606247] [ 17.606284] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.606386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.606425] Hardware name: linux,dummy-virt (DT) [ 17.606468] Call trace: [ 17.606490] show_stack+0x20/0x38 (C) [ 17.606541] dump_stack_lvl+0x8c/0xd0 [ 17.606588] print_report+0x118/0x608 [ 17.606634] kasan_report+0xdc/0x128 [ 17.606679] __kasan_check_byte+0x54/0x70 [ 17.606726] kfree_sensitive+0x30/0xb0 [ 17.606780] kmalloc_double_kzfree+0x168/0x308 [ 17.606834] kunit_try_run_case+0x170/0x3f0 [ 17.606883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.606949] kthread+0x328/0x630 [ 17.607387] ret_from_fork+0x10/0x20 [ 17.607617] [ 17.607639] Allocated by task 192: [ 17.607672] kasan_save_stack+0x3c/0x68 [ 17.607723] kasan_save_track+0x20/0x40 [ 17.608122] kasan_save_alloc_info+0x40/0x58 [ 17.608316] __kasan_kmalloc+0xd4/0xd8 [ 17.608413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.608582] kmalloc_double_kzfree+0xb8/0x308 [ 17.608745] kunit_try_run_case+0x170/0x3f0 [ 17.609004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.609194] kthread+0x328/0x630 [ 17.609243] ret_from_fork+0x10/0x20 [ 17.609492] [ 17.609665] Freed by task 192: [ 17.609829] kasan_save_stack+0x3c/0x68 [ 17.609948] kasan_save_track+0x20/0x40 [ 17.609987] kasan_save_free_info+0x4c/0x78 [ 17.610301] __kasan_slab_free+0x6c/0x98 [ 17.610610] kfree+0x214/0x3c8 [ 17.610774] kfree_sensitive+0x80/0xb0 [ 17.610930] kmalloc_double_kzfree+0x11c/0x308 [ 17.611149] kunit_try_run_case+0x170/0x3f0 [ 17.611196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.611424] kthread+0x328/0x630 [ 17.611580] ret_from_fork+0x10/0x20 [ 17.611831] [ 17.611909] The buggy address belongs to the object at fff00000c45518c0 [ 17.611909] which belongs to the cache kmalloc-16 of size 16 [ 17.612080] The buggy address is located 0 bytes inside of [ 17.612080] freed 16-byte region [fff00000c45518c0, fff00000c45518d0) [ 17.612168] [ 17.612287] The buggy address belongs to the physical page: [ 17.612321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.612549] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.612741] page_type: f5(slab) [ 17.612956] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.613161] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.613299] page dumped because: kasan: bad access detected [ 17.613367] [ 17.613387] Memory state around the buggy address: [ 17.613422] fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.613493] fff00000c4551800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.613804] >fff00000c4551880: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.613917] ^ [ 17.613964] fff00000c4551900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.614020] fff00000c4551980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.614060] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.577063] ================================================================== [ 17.577570] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.577820] Read of size 1 at addr fff00000c58f4f28 by task kunit_try_catch/188 [ 17.577966] [ 17.578024] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.578134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.578257] Hardware name: linux,dummy-virt (DT) [ 17.578323] Call trace: [ 17.578594] show_stack+0x20/0x38 (C) [ 17.578665] dump_stack_lvl+0x8c/0xd0 [ 17.578814] print_report+0x118/0x608 [ 17.578866] kasan_report+0xdc/0x128 [ 17.578940] __asan_report_load1_noabort+0x20/0x30 [ 17.578999] kmalloc_uaf2+0x3f4/0x468 [ 17.579043] kunit_try_run_case+0x170/0x3f0 [ 17.579098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.579152] kthread+0x328/0x630 [ 17.579195] ret_from_fork+0x10/0x20 [ 17.579425] [ 17.579619] Allocated by task 188: [ 17.579812] kasan_save_stack+0x3c/0x68 [ 17.579904] kasan_save_track+0x20/0x40 [ 17.579945] kasan_save_alloc_info+0x40/0x58 [ 17.579986] __kasan_kmalloc+0xd4/0xd8 [ 17.580309] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.580423] kmalloc_uaf2+0xc4/0x468 [ 17.580474] kunit_try_run_case+0x170/0x3f0 [ 17.580615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.580780] kthread+0x328/0x630 [ 17.580867] ret_from_fork+0x10/0x20 [ 17.580965] [ 17.581063] Freed by task 188: [ 17.581171] kasan_save_stack+0x3c/0x68 [ 17.581336] kasan_save_track+0x20/0x40 [ 17.581518] kasan_save_free_info+0x4c/0x78 [ 17.581688] __kasan_slab_free+0x6c/0x98 [ 17.581765] kfree+0x214/0x3c8 [ 17.581800] kmalloc_uaf2+0x134/0x468 [ 17.582075] kunit_try_run_case+0x170/0x3f0 [ 17.582238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.582309] kthread+0x328/0x630 [ 17.582377] ret_from_fork+0x10/0x20 [ 17.582437] [ 17.582481] The buggy address belongs to the object at fff00000c58f4f00 [ 17.582481] which belongs to the cache kmalloc-64 of size 64 [ 17.582553] The buggy address is located 40 bytes inside of [ 17.582553] freed 64-byte region [fff00000c58f4f00, fff00000c58f4f40) [ 17.582639] [ 17.582659] The buggy address belongs to the physical page: [ 17.582702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f4 [ 17.582773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.582828] page_type: f5(slab) [ 17.582869] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.582920] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.583213] page dumped because: kasan: bad access detected [ 17.583286] [ 17.583305] Memory state around the buggy address: [ 17.583340] fff00000c58f4e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.583519] fff00000c58f4e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.583646] >fff00000c58f4f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.583692] ^ [ 17.583725] fff00000c58f4f80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.583955] fff00000c58f5000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.584320] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.560822] ================================================================== [ 17.560898] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.561011] Write of size 33 at addr fff00000c58f4d80 by task kunit_try_catch/186 [ 17.561065] [ 17.561186] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.561323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.561353] Hardware name: linux,dummy-virt (DT) [ 17.561385] Call trace: [ 17.561648] show_stack+0x20/0x38 (C) [ 17.561743] dump_stack_lvl+0x8c/0xd0 [ 17.561804] print_report+0x118/0x608 [ 17.561849] kasan_report+0xdc/0x128 [ 17.561895] kasan_check_range+0x100/0x1a8 [ 17.562151] __asan_memset+0x34/0x78 [ 17.562212] kmalloc_uaf_memset+0x170/0x310 [ 17.562310] kunit_try_run_case+0x170/0x3f0 [ 17.562361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.562414] kthread+0x328/0x630 [ 17.562470] ret_from_fork+0x10/0x20 [ 17.562527] [ 17.562546] Allocated by task 186: [ 17.562575] kasan_save_stack+0x3c/0x68 [ 17.562614] kasan_save_track+0x20/0x40 [ 17.562652] kasan_save_alloc_info+0x40/0x58 [ 17.562693] __kasan_kmalloc+0xd4/0xd8 [ 17.562735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.562784] kmalloc_uaf_memset+0xb8/0x310 [ 17.562820] kunit_try_run_case+0x170/0x3f0 [ 17.562857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.562909] kthread+0x328/0x630 [ 17.562941] ret_from_fork+0x10/0x20 [ 17.563240] [ 17.563262] Freed by task 186: [ 17.563293] kasan_save_stack+0x3c/0x68 [ 17.563333] kasan_save_track+0x20/0x40 [ 17.563371] kasan_save_free_info+0x4c/0x78 [ 17.563522] __kasan_slab_free+0x6c/0x98 [ 17.563962] kfree+0x214/0x3c8 [ 17.564171] kmalloc_uaf_memset+0x11c/0x310 [ 17.564302] kunit_try_run_case+0x170/0x3f0 [ 17.564609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.564852] kthread+0x328/0x630 [ 17.565076] ret_from_fork+0x10/0x20 [ 17.565304] [ 17.565461] The buggy address belongs to the object at fff00000c58f4d80 [ 17.565461] which belongs to the cache kmalloc-64 of size 64 [ 17.565726] The buggy address is located 0 bytes inside of [ 17.565726] freed 64-byte region [fff00000c58f4d80, fff00000c58f4dc0) [ 17.566087] [ 17.566114] The buggy address belongs to the physical page: [ 17.566182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f4 [ 17.566388] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.566535] page_type: f5(slab) [ 17.566579] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.566848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.567024] page dumped because: kasan: bad access detected [ 17.567158] [ 17.567350] Memory state around the buggy address: [ 17.567482] fff00000c58f4c80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.567629] fff00000c58f4d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.567675] >fff00000c58f4d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.567730] ^ [ 17.568006] fff00000c58f4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.568235] fff00000c58f4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.568551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.544277] ================================================================== [ 17.544340] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.544393] Read of size 1 at addr fff00000c45518a8 by task kunit_try_catch/184 [ 17.544460] [ 17.544494] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.544580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.544607] Hardware name: linux,dummy-virt (DT) [ 17.544639] Call trace: [ 17.544660] show_stack+0x20/0x38 (C) [ 17.544709] dump_stack_lvl+0x8c/0xd0 [ 17.544756] print_report+0x118/0x608 [ 17.544803] kasan_report+0xdc/0x128 [ 17.544848] __asan_report_load1_noabort+0x20/0x30 [ 17.544900] kmalloc_uaf+0x300/0x338 [ 17.544941] kunit_try_run_case+0x170/0x3f0 [ 17.544990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.545042] kthread+0x328/0x630 [ 17.545081] ret_from_fork+0x10/0x20 [ 17.545129] [ 17.545147] Allocated by task 184: [ 17.545175] kasan_save_stack+0x3c/0x68 [ 17.545214] kasan_save_track+0x20/0x40 [ 17.545251] kasan_save_alloc_info+0x40/0x58 [ 17.545291] __kasan_kmalloc+0xd4/0xd8 [ 17.545328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.545369] kmalloc_uaf+0xb8/0x338 [ 17.545401] kunit_try_run_case+0x170/0x3f0 [ 17.545440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.546896] kthread+0x328/0x630 [ 17.546975] ret_from_fork+0x10/0x20 [ 17.547016] [ 17.547035] Freed by task 184: [ 17.547064] kasan_save_stack+0x3c/0x68 [ 17.547306] kasan_save_track+0x20/0x40 [ 17.547539] kasan_save_free_info+0x4c/0x78 [ 17.547759] __kasan_slab_free+0x6c/0x98 [ 17.547808] kfree+0x214/0x3c8 [ 17.547842] kmalloc_uaf+0x11c/0x338 [ 17.548154] kunit_try_run_case+0x170/0x3f0 [ 17.548333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.548652] kthread+0x328/0x630 [ 17.548740] ret_from_fork+0x10/0x20 [ 17.548900] [ 17.548970] The buggy address belongs to the object at fff00000c45518a0 [ 17.548970] which belongs to the cache kmalloc-16 of size 16 [ 17.549261] The buggy address is located 8 bytes inside of [ 17.549261] freed 16-byte region [fff00000c45518a0, fff00000c45518b0) [ 17.549420] [ 17.549541] The buggy address belongs to the physical page: [ 17.549615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.549740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.549964] page_type: f5(slab) [ 17.550398] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.550632] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.551010] page dumped because: kasan: bad access detected [ 17.551045] [ 17.551088] Memory state around the buggy address: [ 17.551362] fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.551649] fff00000c4551800: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.551703] >fff00000c4551880: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.551898] ^ [ 17.552160] fff00000c4551900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.552321] fff00000c4551980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.552364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.534263] ================================================================== [ 17.534379] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.534496] Read of size 64 at addr fff00000c58f4a84 by task kunit_try_catch/182 [ 17.534549] [ 17.534588] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.534693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.534731] Hardware name: linux,dummy-virt (DT) [ 17.534764] Call trace: [ 17.534786] show_stack+0x20/0x38 (C) [ 17.534833] dump_stack_lvl+0x8c/0xd0 [ 17.534879] print_report+0x118/0x608 [ 17.534925] kasan_report+0xdc/0x128 [ 17.534969] kasan_check_range+0x100/0x1a8 [ 17.535028] __asan_memmove+0x3c/0x98 [ 17.535144] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.535355] kunit_try_run_case+0x170/0x3f0 [ 17.535490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.535585] kthread+0x328/0x630 [ 17.535684] ret_from_fork+0x10/0x20 [ 17.535831] [ 17.535944] Allocated by task 182: [ 17.536029] kasan_save_stack+0x3c/0x68 [ 17.536151] kasan_save_track+0x20/0x40 [ 17.536305] kasan_save_alloc_info+0x40/0x58 [ 17.536382] __kasan_kmalloc+0xd4/0xd8 [ 17.536480] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.536522] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 17.536586] kunit_try_run_case+0x170/0x3f0 [ 17.536627] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.536672] kthread+0x328/0x630 [ 17.536741] ret_from_fork+0x10/0x20 [ 17.536904] [ 17.537060] The buggy address belongs to the object at fff00000c58f4a80 [ 17.537060] which belongs to the cache kmalloc-64 of size 64 [ 17.537184] The buggy address is located 4 bytes inside of [ 17.537184] allocated 64-byte region [fff00000c58f4a80, fff00000c58f4ac0) [ 17.537273] [ 17.537302] The buggy address belongs to the physical page: [ 17.537335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f4 [ 17.537389] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.537440] page_type: f5(slab) [ 17.537501] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.537553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.537605] page dumped because: kasan: bad access detected [ 17.537635] [ 17.537653] Memory state around the buggy address: [ 17.537686] fff00000c58f4980: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.537731] fff00000c58f4a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.537785] >fff00000c58f4a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.537825] ^ [ 17.537860] fff00000c58f4b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.537904] fff00000c58f4b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.537959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.518327] ================================================================== [ 17.518524] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.518770] Read of size 18446744073709551614 at addr fff00000c58f4884 by task kunit_try_catch/180 [ 17.518854] [ 17.518884] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.519137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.519527] Hardware name: linux,dummy-virt (DT) [ 17.519658] Call trace: [ 17.519772] show_stack+0x20/0x38 (C) [ 17.519891] dump_stack_lvl+0x8c/0xd0 [ 17.520085] print_report+0x118/0x608 [ 17.520160] kasan_report+0xdc/0x128 [ 17.520204] kasan_check_range+0x100/0x1a8 [ 17.520385] __asan_memmove+0x3c/0x98 [ 17.520431] kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.520685] kunit_try_run_case+0x170/0x3f0 [ 17.520733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.520905] kthread+0x328/0x630 [ 17.520979] ret_from_fork+0x10/0x20 [ 17.522021] [ 17.522057] Allocated by task 180: [ 17.522394] kasan_save_stack+0x3c/0x68 [ 17.522603] kasan_save_track+0x20/0x40 [ 17.522774] kasan_save_alloc_info+0x40/0x58 [ 17.522835] __kasan_kmalloc+0xd4/0xd8 [ 17.522981] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.523356] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 17.523604] kunit_try_run_case+0x170/0x3f0 [ 17.523819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.523928] kthread+0x328/0x630 [ 17.524023] ret_from_fork+0x10/0x20 [ 17.524060] [ 17.524081] The buggy address belongs to the object at fff00000c58f4880 [ 17.524081] which belongs to the cache kmalloc-64 of size 64 [ 17.524269] The buggy address is located 4 bytes inside of [ 17.524269] 64-byte region [fff00000c58f4880, fff00000c58f48c0) [ 17.524524] [ 17.524676] The buggy address belongs to the physical page: [ 17.524842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058f4 [ 17.524931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.524993] page_type: f5(slab) [ 17.525042] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.525101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.525142] page dumped because: kasan: bad access detected [ 17.525174] [ 17.525201] Memory state around the buggy address: [ 17.525235] fff00000c58f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.525288] fff00000c58f4800: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.525333] >fff00000c58f4880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.525382] ^ [ 17.525419] fff00000c58f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.525474] fff00000c58f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.525516] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.506645] ================================================================== [ 17.506712] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 17.506765] Write of size 16 at addr fff00000c7800669 by task kunit_try_catch/178 [ 17.506882] [ 17.507010] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.507118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.507278] Hardware name: linux,dummy-virt (DT) [ 17.507479] Call trace: [ 17.507612] show_stack+0x20/0x38 (C) [ 17.507748] dump_stack_lvl+0x8c/0xd0 [ 17.507959] print_report+0x118/0x608 [ 17.508044] kasan_report+0xdc/0x128 [ 17.508146] kasan_check_range+0x100/0x1a8 [ 17.508237] __asan_memset+0x34/0x78 [ 17.508309] kmalloc_oob_memset_16+0x150/0x2f8 [ 17.508355] kunit_try_run_case+0x170/0x3f0 [ 17.508670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.508767] kthread+0x328/0x630 [ 17.508810] ret_from_fork+0x10/0x20 [ 17.508859] [ 17.508879] Allocated by task 178: [ 17.508906] kasan_save_stack+0x3c/0x68 [ 17.508946] kasan_save_track+0x20/0x40 [ 17.508982] kasan_save_alloc_info+0x40/0x58 [ 17.509032] __kasan_kmalloc+0xd4/0xd8 [ 17.509068] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.509116] kmalloc_oob_memset_16+0xb0/0x2f8 [ 17.509153] kunit_try_run_case+0x170/0x3f0 [ 17.509197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.509240] kthread+0x328/0x630 [ 17.509271] ret_from_fork+0x10/0x20 [ 17.509320] [ 17.509339] The buggy address belongs to the object at fff00000c7800600 [ 17.509339] which belongs to the cache kmalloc-128 of size 128 [ 17.509405] The buggy address is located 105 bytes inside of [ 17.509405] allocated 120-byte region [fff00000c7800600, fff00000c7800678) [ 17.509478] [ 17.509498] The buggy address belongs to the physical page: [ 17.509541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.509604] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.509652] page_type: f5(slab) [ 17.509691] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.509756] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.509811] page dumped because: kasan: bad access detected [ 17.509842] [ 17.509860] Memory state around the buggy address: [ 17.509893] fff00000c7800500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.509945] fff00000c7800580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510003] >fff00000c7800600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.510040] ^ [ 17.510080] fff00000c7800680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510121] fff00000c7800700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.510158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.497598] ================================================================== [ 17.497689] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 17.498081] Write of size 8 at addr fff00000c7800571 by task kunit_try_catch/176 [ 17.498166] [ 17.498208] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.498599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.498651] Hardware name: linux,dummy-virt (DT) [ 17.498687] Call trace: [ 17.499088] show_stack+0x20/0x38 (C) [ 17.499162] dump_stack_lvl+0x8c/0xd0 [ 17.499211] print_report+0x118/0x608 [ 17.499256] kasan_report+0xdc/0x128 [ 17.499299] kasan_check_range+0x100/0x1a8 [ 17.499345] __asan_memset+0x34/0x78 [ 17.499386] kmalloc_oob_memset_8+0x150/0x2f8 [ 17.499431] kunit_try_run_case+0x170/0x3f0 [ 17.499491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.499542] kthread+0x328/0x630 [ 17.499582] ret_from_fork+0x10/0x20 [ 17.499630] [ 17.499648] Allocated by task 176: [ 17.499675] kasan_save_stack+0x3c/0x68 [ 17.499715] kasan_save_track+0x20/0x40 [ 17.499751] kasan_save_alloc_info+0x40/0x58 [ 17.499789] __kasan_kmalloc+0xd4/0xd8 [ 17.499824] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.499863] kmalloc_oob_memset_8+0xb0/0x2f8 [ 17.499899] kunit_try_run_case+0x170/0x3f0 [ 17.499937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.499980] kthread+0x328/0x630 [ 17.500011] ret_from_fork+0x10/0x20 [ 17.500046] [ 17.500065] The buggy address belongs to the object at fff00000c7800500 [ 17.500065] which belongs to the cache kmalloc-128 of size 128 [ 17.500123] The buggy address is located 113 bytes inside of [ 17.500123] allocated 120-byte region [fff00000c7800500, fff00000c7800578) [ 17.500185] [ 17.500205] The buggy address belongs to the physical page: [ 17.500236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.500290] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.500339] page_type: f5(slab) [ 17.500380] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.500429] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.500480] page dumped because: kasan: bad access detected [ 17.500510] [ 17.500528] Memory state around the buggy address: [ 17.500561] fff00000c7800400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.500604] fff00000c7800480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500646] >fff00000c7800500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.500684] ^ [ 17.500722] fff00000c7800580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500764] fff00000c7800600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500801] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.472577] ================================================================== [ 17.472637] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 17.472690] Write of size 4 at addr fff00000c7800475 by task kunit_try_catch/174 [ 17.472739] [ 17.472773] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.472854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.472879] Hardware name: linux,dummy-virt (DT) [ 17.472911] Call trace: [ 17.472932] show_stack+0x20/0x38 (C) [ 17.472978] dump_stack_lvl+0x8c/0xd0 [ 17.473026] print_report+0x118/0x608 [ 17.473070] kasan_report+0xdc/0x128 [ 17.473113] kasan_check_range+0x100/0x1a8 [ 17.473160] __asan_memset+0x34/0x78 [ 17.473200] kmalloc_oob_memset_4+0x150/0x300 [ 17.473245] kunit_try_run_case+0x170/0x3f0 [ 17.473291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.473342] kthread+0x328/0x630 [ 17.473384] ret_from_fork+0x10/0x20 [ 17.473431] [ 17.473493] Allocated by task 174: [ 17.473522] kasan_save_stack+0x3c/0x68 [ 17.473561] kasan_save_track+0x20/0x40 [ 17.473682] kasan_save_alloc_info+0x40/0x58 [ 17.473868] __kasan_kmalloc+0xd4/0xd8 [ 17.473976] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.474023] kmalloc_oob_memset_4+0xb0/0x300 [ 17.474078] kunit_try_run_case+0x170/0x3f0 [ 17.474141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.474228] kthread+0x328/0x630 [ 17.474277] ret_from_fork+0x10/0x20 [ 17.474333] [ 17.474371] The buggy address belongs to the object at fff00000c7800400 [ 17.474371] which belongs to the cache kmalloc-128 of size 128 [ 17.474493] The buggy address is located 117 bytes inside of [ 17.474493] allocated 120-byte region [fff00000c7800400, fff00000c7800478) [ 17.474576] [ 17.474615] The buggy address belongs to the physical page: [ 17.474647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.474699] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.475166] page_type: f5(slab) [ 17.475297] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.475439] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.475552] page dumped because: kasan: bad access detected [ 17.475713] [ 17.476002] Memory state around the buggy address: [ 17.476042] fff00000c7800300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.476086] fff00000c7800380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.476128] >fff00000c7800400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.476659] ^ [ 17.476779] fff00000c7800480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.476864] fff00000c7800500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.477157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.453603] ================================================================== [ 17.454011] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 17.454087] Write of size 2 at addr fff00000c7800377 by task kunit_try_catch/172 [ 17.454418] [ 17.454640] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.454738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.455081] Hardware name: linux,dummy-virt (DT) [ 17.455184] Call trace: [ 17.455215] show_stack+0x20/0x38 (C) [ 17.455270] dump_stack_lvl+0x8c/0xd0 [ 17.455319] print_report+0x118/0x608 [ 17.455656] kasan_report+0xdc/0x128 [ 17.455726] kasan_check_range+0x100/0x1a8 [ 17.455938] __asan_memset+0x34/0x78 [ 17.456188] kmalloc_oob_memset_2+0x150/0x2f8 [ 17.456477] kunit_try_run_case+0x170/0x3f0 [ 17.456714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.457001] kthread+0x328/0x630 [ 17.457406] ret_from_fork+0x10/0x20 [ 17.457571] [ 17.457591] Allocated by task 172: [ 17.457628] kasan_save_stack+0x3c/0x68 [ 17.457963] kasan_save_track+0x20/0x40 [ 17.458126] kasan_save_alloc_info+0x40/0x58 [ 17.458347] __kasan_kmalloc+0xd4/0xd8 [ 17.458533] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.458609] kmalloc_oob_memset_2+0xb0/0x2f8 [ 17.459140] kunit_try_run_case+0x170/0x3f0 [ 17.459260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.459306] kthread+0x328/0x630 [ 17.459458] ret_from_fork+0x10/0x20 [ 17.459502] [ 17.459662] The buggy address belongs to the object at fff00000c7800300 [ 17.459662] which belongs to the cache kmalloc-128 of size 128 [ 17.459886] The buggy address is located 119 bytes inside of [ 17.459886] allocated 120-byte region [fff00000c7800300, fff00000c7800378) [ 17.460602] [ 17.460637] The buggy address belongs to the physical page: [ 17.460939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.461133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.461401] page_type: f5(slab) [ 17.461602] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.461878] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.462004] page dumped because: kasan: bad access detected [ 17.462737] [ 17.462814] Memory state around the buggy address: [ 17.462853] fff00000c7800200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.463122] fff00000c7800280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.464031] >fff00000c7800300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.464297] ^ [ 17.464369] fff00000c7800380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.464498] fff00000c7800400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.464656] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.424944] ================================================================== [ 17.425151] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 17.425278] Write of size 128 at addr fff00000c7800200 by task kunit_try_catch/170 [ 17.425331] [ 17.425578] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.425677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.425704] Hardware name: linux,dummy-virt (DT) [ 17.426068] Call trace: [ 17.426210] show_stack+0x20/0x38 (C) [ 17.426549] dump_stack_lvl+0x8c/0xd0 [ 17.426773] print_report+0x118/0x608 [ 17.427151] kasan_report+0xdc/0x128 [ 17.427385] kasan_check_range+0x100/0x1a8 [ 17.427517] __asan_memset+0x34/0x78 [ 17.427703] kmalloc_oob_in_memset+0x144/0x2d0 [ 17.428124] kunit_try_run_case+0x170/0x3f0 [ 17.428385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.428623] kthread+0x328/0x630 [ 17.428880] ret_from_fork+0x10/0x20 [ 17.429261] [ 17.429499] Allocated by task 170: [ 17.429673] kasan_save_stack+0x3c/0x68 [ 17.429997] kasan_save_track+0x20/0x40 [ 17.430258] kasan_save_alloc_info+0x40/0x58 [ 17.430536] __kasan_kmalloc+0xd4/0xd8 [ 17.431038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.431241] kmalloc_oob_in_memset+0xb0/0x2d0 [ 17.431283] kunit_try_run_case+0x170/0x3f0 [ 17.431476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.431587] kthread+0x328/0x630 [ 17.431762] ret_from_fork+0x10/0x20 [ 17.432080] [ 17.432198] The buggy address belongs to the object at fff00000c7800200 [ 17.432198] which belongs to the cache kmalloc-128 of size 128 [ 17.432266] The buggy address is located 0 bytes inside of [ 17.432266] allocated 120-byte region [fff00000c7800200, fff00000c7800278) [ 17.432510] [ 17.432606] The buggy address belongs to the physical page: [ 17.432754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.432825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.432879] page_type: f5(slab) [ 17.432932] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.432982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.433041] page dumped because: kasan: bad access detected [ 17.433081] [ 17.433099] Memory state around the buggy address: [ 17.433150] fff00000c7800100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.433202] fff00000c7800180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.433261] >fff00000c7800200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.433309] ^ [ 17.433351] fff00000c7800280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.433394] fff00000c7800300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.433809] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.405671] ================================================================== [ 17.405766] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 17.405840] Read of size 16 at addr fff00000c4551880 by task kunit_try_catch/168 [ 17.405891] [ 17.405922] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.406067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.406101] Hardware name: linux,dummy-virt (DT) [ 17.406133] Call trace: [ 17.406193] show_stack+0x20/0x38 (C) [ 17.406242] dump_stack_lvl+0x8c/0xd0 [ 17.406289] print_report+0x118/0x608 [ 17.406470] kasan_report+0xdc/0x128 [ 17.406523] __asan_report_load16_noabort+0x20/0x30 [ 17.406803] kmalloc_uaf_16+0x3bc/0x438 [ 17.406912] kunit_try_run_case+0x170/0x3f0 [ 17.407197] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.407288] kthread+0x328/0x630 [ 17.407329] ret_from_fork+0x10/0x20 [ 17.407376] [ 17.407394] Allocated by task 168: [ 17.407421] kasan_save_stack+0x3c/0x68 [ 17.407472] kasan_save_track+0x20/0x40 [ 17.407857] kasan_save_alloc_info+0x40/0x58 [ 17.407963] __kasan_kmalloc+0xd4/0xd8 [ 17.408091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.408129] kmalloc_uaf_16+0x140/0x438 [ 17.408223] kunit_try_run_case+0x170/0x3f0 [ 17.408410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.408576] kthread+0x328/0x630 [ 17.408631] ret_from_fork+0x10/0x20 [ 17.408667] [ 17.408686] Freed by task 168: [ 17.408733] kasan_save_stack+0x3c/0x68 [ 17.408780] kasan_save_track+0x20/0x40 [ 17.408815] kasan_save_free_info+0x4c/0x78 [ 17.408853] __kasan_slab_free+0x6c/0x98 [ 17.408889] kfree+0x214/0x3c8 [ 17.408921] kmalloc_uaf_16+0x190/0x438 [ 17.408967] kunit_try_run_case+0x170/0x3f0 [ 17.409003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.409050] kthread+0x328/0x630 [ 17.409082] ret_from_fork+0x10/0x20 [ 17.409116] [ 17.409135] The buggy address belongs to the object at fff00000c4551880 [ 17.409135] which belongs to the cache kmalloc-16 of size 16 [ 17.409193] The buggy address is located 0 bytes inside of [ 17.409193] freed 16-byte region [fff00000c4551880, fff00000c4551890) [ 17.409273] [ 17.409293] The buggy address belongs to the physical page: [ 17.409346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.409400] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.409537] page_type: f5(slab) [ 17.409580] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.409629] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.409678] page dumped because: kasan: bad access detected [ 17.409709] [ 17.409727] Memory state around the buggy address: [ 17.409766] fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.409811] fff00000c4551800: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 17.409864] >fff00000c4551880: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.409913] ^ [ 17.409940] fff00000c4551900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.409982] fff00000c4551980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.410020] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.389877] ================================================================== [ 17.389949] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 17.390003] Write of size 16 at addr fff00000c4551820 by task kunit_try_catch/166 [ 17.390737] [ 17.390820] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.391193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.391306] Hardware name: linux,dummy-virt (DT) [ 17.391339] Call trace: [ 17.391929] show_stack+0x20/0x38 (C) [ 17.392214] dump_stack_lvl+0x8c/0xd0 [ 17.392285] print_report+0x118/0x608 [ 17.392724] kasan_report+0xdc/0x128 [ 17.393144] __asan_report_store16_noabort+0x20/0x30 [ 17.393485] kmalloc_oob_16+0x3a0/0x3f8 [ 17.394054] kunit_try_run_case+0x170/0x3f0 [ 17.394114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.394166] kthread+0x328/0x630 [ 17.394219] ret_from_fork+0x10/0x20 [ 17.394300] [ 17.394319] Allocated by task 166: [ 17.394348] kasan_save_stack+0x3c/0x68 [ 17.394387] kasan_save_track+0x20/0x40 [ 17.394429] kasan_save_alloc_info+0x40/0x58 [ 17.394478] __kasan_kmalloc+0xd4/0xd8 [ 17.394512] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.394561] kmalloc_oob_16+0xb4/0x3f8 [ 17.394604] kunit_try_run_case+0x170/0x3f0 [ 17.394640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.394682] kthread+0x328/0x630 [ 17.394713] ret_from_fork+0x10/0x20 [ 17.394765] [ 17.394785] The buggy address belongs to the object at fff00000c4551820 [ 17.394785] which belongs to the cache kmalloc-16 of size 16 [ 17.394852] The buggy address is located 0 bytes inside of [ 17.394852] allocated 13-byte region [fff00000c4551820, fff00000c455182d) [ 17.394915] [ 17.394934] The buggy address belongs to the physical page: [ 17.395468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.395920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.396201] page_type: f5(slab) [ 17.396525] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.396881] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.396983] page dumped because: kasan: bad access detected [ 17.397108] [ 17.397469] Memory state around the buggy address: [ 17.397526] fff00000c4551700: 00 07 fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.397691] fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.397743] >fff00000c4551800: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 17.397942] ^ [ 17.398269] fff00000c4551880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398625] fff00000c4551900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.365492] ================================================================== [ 17.365552] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 17.365601] Read of size 1 at addr fff00000c46ffe00 by task kunit_try_catch/164 [ 17.365650] [ 17.365679] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.365760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.365793] Hardware name: linux,dummy-virt (DT) [ 17.365824] Call trace: [ 17.365856] show_stack+0x20/0x38 (C) [ 17.365906] dump_stack_lvl+0x8c/0xd0 [ 17.365963] print_report+0x118/0x608 [ 17.366009] kasan_report+0xdc/0x128 [ 17.366062] __asan_report_load1_noabort+0x20/0x30 [ 17.366113] krealloc_uaf+0x4c8/0x520 [ 17.366170] kunit_try_run_case+0x170/0x3f0 [ 17.366217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.366268] kthread+0x328/0x630 [ 17.366308] ret_from_fork+0x10/0x20 [ 17.366354] [ 17.366372] Allocated by task 164: [ 17.366406] kasan_save_stack+0x3c/0x68 [ 17.366921] kasan_save_track+0x20/0x40 [ 17.367223] kasan_save_alloc_info+0x40/0x58 [ 17.367319] __kasan_kmalloc+0xd4/0xd8 [ 17.367721] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.368003] krealloc_uaf+0xc8/0x520 [ 17.368133] kunit_try_run_case+0x170/0x3f0 [ 17.368433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.368892] kthread+0x328/0x630 [ 17.368958] ret_from_fork+0x10/0x20 [ 17.369407] [ 17.369871] Freed by task 164: [ 17.369907] kasan_save_stack+0x3c/0x68 [ 17.370410] kasan_save_track+0x20/0x40 [ 17.370745] kasan_save_free_info+0x4c/0x78 [ 17.371105] __kasan_slab_free+0x6c/0x98 [ 17.371360] kfree+0x214/0x3c8 [ 17.371402] krealloc_uaf+0x12c/0x520 [ 17.371437] kunit_try_run_case+0x170/0x3f0 [ 17.371646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.371799] kthread+0x328/0x630 [ 17.372085] ret_from_fork+0x10/0x20 [ 17.372281] [ 17.372508] The buggy address belongs to the object at fff00000c46ffe00 [ 17.372508] which belongs to the cache kmalloc-256 of size 256 [ 17.372591] The buggy address is located 0 bytes inside of [ 17.372591] freed 256-byte region [fff00000c46ffe00, fff00000c46fff00) [ 17.372931] [ 17.372971] The buggy address belongs to the physical page: [ 17.373471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.373937] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.374044] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.374465] page_type: f5(slab) [ 17.374513] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.374987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.375328] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.375399] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.375597] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.375793] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.376013] page dumped because: kasan: bad access detected [ 17.376499] [ 17.376865] Memory state around the buggy address: [ 17.377100] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.377170] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.377252] >fff00000c46ffe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.377549] ^ [ 17.377807] fff00000c46ffe80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.377927] fff00000c46fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.378000] ================================================================== [ 17.346430] ================================================================== [ 17.347920] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 17.348030] Read of size 1 at addr fff00000c46ffe00 by task kunit_try_catch/164 [ 17.348529] [ 17.348965] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.349243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.349438] Hardware name: linux,dummy-virt (DT) [ 17.349702] Call trace: [ 17.349864] show_stack+0x20/0x38 (C) [ 17.349945] dump_stack_lvl+0x8c/0xd0 [ 17.350363] print_report+0x118/0x608 [ 17.350996] kasan_report+0xdc/0x128 [ 17.351144] __kasan_check_byte+0x54/0x70 [ 17.351391] krealloc_noprof+0x44/0x360 [ 17.351560] krealloc_uaf+0x180/0x520 [ 17.351745] kunit_try_run_case+0x170/0x3f0 [ 17.351902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.352259] kthread+0x328/0x630 [ 17.352382] ret_from_fork+0x10/0x20 [ 17.353124] [ 17.353224] Allocated by task 164: [ 17.353363] kasan_save_stack+0x3c/0x68 [ 17.353823] kasan_save_track+0x20/0x40 [ 17.354059] kasan_save_alloc_info+0x40/0x58 [ 17.354266] __kasan_kmalloc+0xd4/0xd8 [ 17.354306] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.354614] krealloc_uaf+0xc8/0x520 [ 17.354710] kunit_try_run_case+0x170/0x3f0 [ 17.354753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.354988] kthread+0x328/0x630 [ 17.355278] ret_from_fork+0x10/0x20 [ 17.355506] [ 17.355585] Freed by task 164: [ 17.355748] kasan_save_stack+0x3c/0x68 [ 17.356040] kasan_save_track+0x20/0x40 [ 17.356237] kasan_save_free_info+0x4c/0x78 [ 17.356697] __kasan_slab_free+0x6c/0x98 [ 17.356758] kfree+0x214/0x3c8 [ 17.356929] krealloc_uaf+0x12c/0x520 [ 17.357194] kunit_try_run_case+0x170/0x3f0 [ 17.357314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.357658] kthread+0x328/0x630 [ 17.357714] ret_from_fork+0x10/0x20 [ 17.357750] [ 17.358139] The buggy address belongs to the object at fff00000c46ffe00 [ 17.358139] which belongs to the cache kmalloc-256 of size 256 [ 17.358705] The buggy address is located 0 bytes inside of [ 17.358705] freed 256-byte region [fff00000c46ffe00, fff00000c46fff00) [ 17.359058] [ 17.359094] The buggy address belongs to the physical page: [ 17.359336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.359571] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.359676] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.359763] page_type: f5(slab) [ 17.360124] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.360195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.360972] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.361104] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.361215] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.361366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.361432] page dumped because: kasan: bad access detected [ 17.361474] [ 17.361748] Memory state around the buggy address: [ 17.361836] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.362071] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.362164] >fff00000c46ffe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.362271] ^ [ 17.362300] fff00000c46ffe80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.362511] fff00000c46fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.362706] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.315894] ================================================================== [ 17.315946] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.316185] Write of size 1 at addr fff00000c663a0ea by task kunit_try_catch/162 [ 17.316540] [ 17.316590] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.317118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.317163] Hardware name: linux,dummy-virt (DT) [ 17.317261] Call trace: [ 17.317291] show_stack+0x20/0x38 (C) [ 17.317467] dump_stack_lvl+0x8c/0xd0 [ 17.317530] print_report+0x118/0x608 [ 17.317576] kasan_report+0xdc/0x128 [ 17.317629] __asan_report_store1_noabort+0x20/0x30 [ 17.317852] krealloc_less_oob_helper+0xae4/0xc50 [ 17.318263] krealloc_large_less_oob+0x20/0x38 [ 17.318417] kunit_try_run_case+0x170/0x3f0 [ 17.318481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.318535] kthread+0x328/0x630 [ 17.318916] ret_from_fork+0x10/0x20 [ 17.319275] [ 17.319421] The buggy address belongs to the physical page: [ 17.319469] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.319668] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.319899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.320216] page_type: f8(unknown) [ 17.320453] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.320520] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.320782] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.321250] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.321380] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.321647] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.321901] page dumped because: kasan: bad access detected [ 17.322042] [ 17.322194] Memory state around the buggy address: [ 17.322426] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.322761] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.322860] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.323056] ^ [ 17.323110] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.323154] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.323195] ================================================================== [ 17.205477] ================================================================== [ 17.205728] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.205788] Write of size 1 at addr fff00000c46ffcc9 by task kunit_try_catch/158 [ 17.205930] [ 17.205965] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.206049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.206076] Hardware name: linux,dummy-virt (DT) [ 17.206148] Call trace: [ 17.206170] show_stack+0x20/0x38 (C) [ 17.206237] dump_stack_lvl+0x8c/0xd0 [ 17.206426] print_report+0x118/0x608 [ 17.206598] kasan_report+0xdc/0x128 [ 17.206701] __asan_report_store1_noabort+0x20/0x30 [ 17.206750] krealloc_less_oob_helper+0xa48/0xc50 [ 17.206816] krealloc_less_oob+0x20/0x38 [ 17.206920] kunit_try_run_case+0x170/0x3f0 [ 17.207059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.207113] kthread+0x328/0x630 [ 17.207155] ret_from_fork+0x10/0x20 [ 17.207202] [ 17.207276] Allocated by task 158: [ 17.207488] kasan_save_stack+0x3c/0x68 [ 17.207666] kasan_save_track+0x20/0x40 [ 17.207759] kasan_save_alloc_info+0x40/0x58 [ 17.207799] __kasan_krealloc+0x118/0x178 [ 17.208208] krealloc_noprof+0x128/0x360 [ 17.208315] krealloc_less_oob_helper+0x168/0xc50 [ 17.208431] krealloc_less_oob+0x20/0x38 [ 17.208477] kunit_try_run_case+0x170/0x3f0 [ 17.208857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.209283] kthread+0x328/0x630 [ 17.209426] ret_from_fork+0x10/0x20 [ 17.209472] [ 17.209492] The buggy address belongs to the object at fff00000c46ffc00 [ 17.209492] which belongs to the cache kmalloc-256 of size 256 [ 17.209739] The buggy address is located 0 bytes to the right of [ 17.209739] allocated 201-byte region [fff00000c46ffc00, fff00000c46ffcc9) [ 17.209897] [ 17.210031] The buggy address belongs to the physical page: [ 17.210117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.210171] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.210396] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.210688] page_type: f5(slab) [ 17.210791] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.210843] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.211056] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.211261] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.211405] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.211519] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.211599] page dumped because: kasan: bad access detected [ 17.211630] [ 17.211678] Memory state around the buggy address: [ 17.211710] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.211753] fff00000c46ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.211825] >fff00000c46ffc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.212135] ^ [ 17.212306] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212388] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.212433] ================================================================== [ 17.220259] ================================================================== [ 17.220307] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.220607] Write of size 1 at addr fff00000c46ffcda by task kunit_try_catch/158 [ 17.220743] [ 17.220774] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.220852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.220920] Hardware name: linux,dummy-virt (DT) [ 17.221196] Call trace: [ 17.221395] show_stack+0x20/0x38 (C) [ 17.221552] dump_stack_lvl+0x8c/0xd0 [ 17.221645] print_report+0x118/0x608 [ 17.221692] kasan_report+0xdc/0x128 [ 17.221758] __asan_report_store1_noabort+0x20/0x30 [ 17.222069] krealloc_less_oob_helper+0xa80/0xc50 [ 17.222155] krealloc_less_oob+0x20/0x38 [ 17.222312] kunit_try_run_case+0x170/0x3f0 [ 17.222489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.222544] kthread+0x328/0x630 [ 17.222640] ret_from_fork+0x10/0x20 [ 17.222750] [ 17.222798] Allocated by task 158: [ 17.222825] kasan_save_stack+0x3c/0x68 [ 17.222888] kasan_save_track+0x20/0x40 [ 17.222925] kasan_save_alloc_info+0x40/0x58 [ 17.223378] __kasan_krealloc+0x118/0x178 [ 17.223628] krealloc_noprof+0x128/0x360 [ 17.223919] krealloc_less_oob_helper+0x168/0xc50 [ 17.224020] krealloc_less_oob+0x20/0x38 [ 17.224057] kunit_try_run_case+0x170/0x3f0 [ 17.224115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.224373] kthread+0x328/0x630 [ 17.224558] ret_from_fork+0x10/0x20 [ 17.224684] [ 17.224798] The buggy address belongs to the object at fff00000c46ffc00 [ 17.224798] which belongs to the cache kmalloc-256 of size 256 [ 17.224989] The buggy address is located 17 bytes to the right of [ 17.224989] allocated 201-byte region [fff00000c46ffc00, fff00000c46ffcc9) [ 17.225294] [ 17.225429] The buggy address belongs to the physical page: [ 17.225881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.226167] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.226217] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.226277] page_type: f5(slab) [ 17.226317] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.226438] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.227045] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.227120] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.227169] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.227609] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.227869] page dumped because: kasan: bad access detected [ 17.228281] [ 17.228534] Memory state around the buggy address: [ 17.228650] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.228716] fff00000c46ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.228779] >fff00000c46ffc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.228841] ^ [ 17.229040] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.229430] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.229601] ================================================================== [ 17.312302] ================================================================== [ 17.312356] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 17.312404] Write of size 1 at addr fff00000c663a0da by task kunit_try_catch/162 [ 17.312465] [ 17.312494] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.312573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.312599] Hardware name: linux,dummy-virt (DT) [ 17.312640] Call trace: [ 17.312662] show_stack+0x20/0x38 (C) [ 17.312709] dump_stack_lvl+0x8c/0xd0 [ 17.312755] print_report+0x118/0x608 [ 17.312808] kasan_report+0xdc/0x128 [ 17.312853] __asan_report_store1_noabort+0x20/0x30 [ 17.312900] krealloc_less_oob_helper+0xa80/0xc50 [ 17.312947] krealloc_large_less_oob+0x20/0x38 [ 17.313003] kunit_try_run_case+0x170/0x3f0 [ 17.313050] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.313101] kthread+0x328/0x630 [ 17.313142] ret_from_fork+0x10/0x20 [ 17.313187] [ 17.313206] The buggy address belongs to the physical page: [ 17.313237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.313300] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.313347] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.313397] page_type: f8(unknown) [ 17.313441] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.313816] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.313868] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.313916] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.314320] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.314387] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.314727] page dumped because: kasan: bad access detected [ 17.314778] [ 17.314796] Memory state around the buggy address: [ 17.314842] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.314888] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.314930] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.315256] ^ [ 17.315467] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.315536] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.315576] ================================================================== [ 17.325033] ================================================================== [ 17.325531] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.325758] Write of size 1 at addr fff00000c663a0eb by task kunit_try_catch/162 [ 17.325913] [ 17.325949] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.326031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.326156] Hardware name: linux,dummy-virt (DT) [ 17.326190] Call trace: [ 17.326211] show_stack+0x20/0x38 (C) [ 17.326515] dump_stack_lvl+0x8c/0xd0 [ 17.326601] print_report+0x118/0x608 [ 17.326897] kasan_report+0xdc/0x128 [ 17.327073] __asan_report_store1_noabort+0x20/0x30 [ 17.327129] krealloc_less_oob_helper+0xa58/0xc50 [ 17.327198] krealloc_large_less_oob+0x20/0x38 [ 17.327438] kunit_try_run_case+0x170/0x3f0 [ 17.327662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.327977] kthread+0x328/0x630 [ 17.328174] ret_from_fork+0x10/0x20 [ 17.328589] [ 17.328633] The buggy address belongs to the physical page: [ 17.328668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.328890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.329060] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.329212] page_type: f8(unknown) [ 17.329258] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.329311] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.329362] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.329412] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.329656] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.329727] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.330055] page dumped because: kasan: bad access detected [ 17.330265] [ 17.330643] Memory state around the buggy address: [ 17.330852] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.331054] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.331100] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.331154] ^ [ 17.331574] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.331628] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.331760] ================================================================== [ 17.240574] ================================================================== [ 17.240625] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 17.241227] Write of size 1 at addr fff00000c46ffceb by task kunit_try_catch/158 [ 17.241372] [ 17.241408] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.241500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.241561] Hardware name: linux,dummy-virt (DT) [ 17.241674] Call trace: [ 17.241696] show_stack+0x20/0x38 (C) [ 17.241911] dump_stack_lvl+0x8c/0xd0 [ 17.242021] print_report+0x118/0x608 [ 17.242075] kasan_report+0xdc/0x128 [ 17.242119] __asan_report_store1_noabort+0x20/0x30 [ 17.242591] krealloc_less_oob_helper+0xa58/0xc50 [ 17.242707] krealloc_less_oob+0x20/0x38 [ 17.242778] kunit_try_run_case+0x170/0x3f0 [ 17.242846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.243225] kthread+0x328/0x630 [ 17.243381] ret_from_fork+0x10/0x20 [ 17.243713] [ 17.243738] Allocated by task 158: [ 17.243917] kasan_save_stack+0x3c/0x68 [ 17.244181] kasan_save_track+0x20/0x40 [ 17.244401] kasan_save_alloc_info+0x40/0x58 [ 17.244507] __kasan_krealloc+0x118/0x178 [ 17.244692] krealloc_noprof+0x128/0x360 [ 17.244875] krealloc_less_oob_helper+0x168/0xc50 [ 17.244984] krealloc_less_oob+0x20/0x38 [ 17.245125] kunit_try_run_case+0x170/0x3f0 [ 17.245201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.245574] kthread+0x328/0x630 [ 17.245926] ret_from_fork+0x10/0x20 [ 17.246104] [ 17.246428] The buggy address belongs to the object at fff00000c46ffc00 [ 17.246428] which belongs to the cache kmalloc-256 of size 256 [ 17.246860] The buggy address is located 34 bytes to the right of [ 17.246860] allocated 201-byte region [fff00000c46ffc00, fff00000c46ffcc9) [ 17.247009] [ 17.247129] The buggy address belongs to the physical page: [ 17.247317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.247652] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.247703] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.247784] page_type: f5(slab) [ 17.248097] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.248164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.248214] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.248666] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.249048] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.249119] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.249350] page dumped because: kasan: bad access detected [ 17.249524] [ 17.249753] Memory state around the buggy address: [ 17.249943] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250304] fff00000c46ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.250601] >fff00000c46ffc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.250796] ^ [ 17.250944] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.251199] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.251518] ================================================================== [ 17.301525] ================================================================== [ 17.301589] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.302106] Write of size 1 at addr fff00000c663a0d0 by task kunit_try_catch/162 [ 17.302217] [ 17.302558] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.302814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.302851] Hardware name: linux,dummy-virt (DT) [ 17.302984] Call trace: [ 17.303183] show_stack+0x20/0x38 (C) [ 17.303235] dump_stack_lvl+0x8c/0xd0 [ 17.303765] print_report+0x118/0x608 [ 17.303867] kasan_report+0xdc/0x128 [ 17.304222] __asan_report_store1_noabort+0x20/0x30 [ 17.304306] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.304389] krealloc_large_less_oob+0x20/0x38 [ 17.304474] kunit_try_run_case+0x170/0x3f0 [ 17.304660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.305458] kthread+0x328/0x630 [ 17.305532] ret_from_fork+0x10/0x20 [ 17.305954] [ 17.305980] The buggy address belongs to the physical page: [ 17.306192] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.306261] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.306849] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.307263] page_type: f8(unknown) [ 17.307432] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.307580] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.307928] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.308310] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.308646] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.308711] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.308882] page dumped because: kasan: bad access detected [ 17.309029] [ 17.309054] Memory state around the buggy address: [ 17.309419] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.309485] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.309529] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.310012] ^ [ 17.310291] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.310520] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.310872] ================================================================== [ 17.213970] ================================================================== [ 17.214023] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 17.214072] Write of size 1 at addr fff00000c46ffcd0 by task kunit_try_catch/158 [ 17.214262] [ 17.214394] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.214513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.214637] Hardware name: linux,dummy-virt (DT) [ 17.214670] Call trace: [ 17.214690] show_stack+0x20/0x38 (C) [ 17.215010] dump_stack_lvl+0x8c/0xd0 [ 17.215184] print_report+0x118/0x608 [ 17.215356] kasan_report+0xdc/0x128 [ 17.215412] __asan_report_store1_noabort+0x20/0x30 [ 17.215471] krealloc_less_oob_helper+0xb9c/0xc50 [ 17.215534] krealloc_less_oob+0x20/0x38 [ 17.215579] kunit_try_run_case+0x170/0x3f0 [ 17.215626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.215688] kthread+0x328/0x630 [ 17.215728] ret_from_fork+0x10/0x20 [ 17.215774] [ 17.215802] Allocated by task 158: [ 17.215830] kasan_save_stack+0x3c/0x68 [ 17.215877] kasan_save_track+0x20/0x40 [ 17.215914] kasan_save_alloc_info+0x40/0x58 [ 17.215959] __kasan_krealloc+0x118/0x178 [ 17.215996] krealloc_noprof+0x128/0x360 [ 17.216032] krealloc_less_oob_helper+0x168/0xc50 [ 17.216071] krealloc_less_oob+0x20/0x38 [ 17.216106] kunit_try_run_case+0x170/0x3f0 [ 17.216142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.216197] kthread+0x328/0x630 [ 17.216238] ret_from_fork+0x10/0x20 [ 17.216272] [ 17.216290] The buggy address belongs to the object at fff00000c46ffc00 [ 17.216290] which belongs to the cache kmalloc-256 of size 256 [ 17.216355] The buggy address is located 7 bytes to the right of [ 17.216355] allocated 201-byte region [fff00000c46ffc00, fff00000c46ffcc9) [ 17.216419] [ 17.216437] The buggy address belongs to the physical page: [ 17.216477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.216529] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.216602] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.216653] page_type: f5(slab) [ 17.216690] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.217064] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.217359] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.217497] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.217645] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.217828] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.217888] page dumped because: kasan: bad access detected [ 17.217929] [ 17.217946] Memory state around the buggy address: [ 17.217977] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.218293] fff00000c46ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.218369] >fff00000c46ffc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.218612] ^ [ 17.218763] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.218950] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.219213] ================================================================== [ 17.231893] ================================================================== [ 17.232158] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 17.232223] Write of size 1 at addr fff00000c46ffcea by task kunit_try_catch/158 [ 17.232471] [ 17.232546] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.232828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.233043] Hardware name: linux,dummy-virt (DT) [ 17.233110] Call trace: [ 17.233332] show_stack+0x20/0x38 (C) [ 17.233394] dump_stack_lvl+0x8c/0xd0 [ 17.233687] print_report+0x118/0x608 [ 17.233987] kasan_report+0xdc/0x128 [ 17.234118] __asan_report_store1_noabort+0x20/0x30 [ 17.234311] krealloc_less_oob_helper+0xae4/0xc50 [ 17.234363] krealloc_less_oob+0x20/0x38 [ 17.234743] kunit_try_run_case+0x170/0x3f0 [ 17.235161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.235285] kthread+0x328/0x630 [ 17.235337] ret_from_fork+0x10/0x20 [ 17.235384] [ 17.235402] Allocated by task 158: [ 17.235736] kasan_save_stack+0x3c/0x68 [ 17.236168] kasan_save_track+0x20/0x40 [ 17.236283] kasan_save_alloc_info+0x40/0x58 [ 17.236539] __kasan_krealloc+0x118/0x178 [ 17.236982] krealloc_noprof+0x128/0x360 [ 17.237051] krealloc_less_oob_helper+0x168/0xc50 [ 17.237091] krealloc_less_oob+0x20/0x38 [ 17.237126] kunit_try_run_case+0x170/0x3f0 [ 17.237163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.237205] kthread+0x328/0x630 [ 17.237256] ret_from_fork+0x10/0x20 [ 17.237312] [ 17.237346] The buggy address belongs to the object at fff00000c46ffc00 [ 17.237346] which belongs to the cache kmalloc-256 of size 256 [ 17.237414] The buggy address is located 33 bytes to the right of [ 17.237414] allocated 201-byte region [fff00000c46ffc00, fff00000c46ffcc9) [ 17.237495] [ 17.237516] The buggy address belongs to the physical page: [ 17.237549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.237612] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.237659] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.237718] page_type: f5(slab) [ 17.237772] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.237833] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.237897] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.237951] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.237999] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.238053] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.238094] page dumped because: kasan: bad access detected [ 17.238134] [ 17.238151] Memory state around the buggy address: [ 17.238188] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238252] fff00000c46ffc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.238304] >fff00000c46ffc80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.238342] ^ [ 17.238389] fff00000c46ffd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.238440] fff00000c46ffd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.239051] ================================================================== [ 17.293793] ================================================================== [ 17.293855] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 17.293919] Write of size 1 at addr fff00000c663a0c9 by task kunit_try_catch/162 [ 17.293995] [ 17.294038] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.294150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.294178] Hardware name: linux,dummy-virt (DT) [ 17.294220] Call trace: [ 17.294245] show_stack+0x20/0x38 (C) [ 17.294295] dump_stack_lvl+0x8c/0xd0 [ 17.294345] print_report+0x118/0x608 [ 17.294390] kasan_report+0xdc/0x128 [ 17.294438] __asan_report_store1_noabort+0x20/0x30 [ 17.294497] krealloc_less_oob_helper+0xa48/0xc50 [ 17.294545] krealloc_large_less_oob+0x20/0x38 [ 17.294600] kunit_try_run_case+0x170/0x3f0 [ 17.294650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.294701] kthread+0x328/0x630 [ 17.294743] ret_from_fork+0x10/0x20 [ 17.294800] [ 17.294822] The buggy address belongs to the physical page: [ 17.294865] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.294928] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.295871] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.296224] page_type: f8(unknown) [ 17.296617] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.296756] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.296888] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.297260] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.297896] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.298003] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.298419] page dumped because: kasan: bad access detected [ 17.298794] [ 17.298812] Memory state around the buggy address: [ 17.299023] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.299105] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.299172] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.299574] ^ [ 17.299723] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.299770] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.299829] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.273717] ================================================================== [ 17.273830] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.274016] Write of size 1 at addr fff00000c663a0f0 by task kunit_try_catch/160 [ 17.274070] [ 17.274156] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.274246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.274340] Hardware name: linux,dummy-virt (DT) [ 17.274375] Call trace: [ 17.274396] show_stack+0x20/0x38 (C) [ 17.274473] dump_stack_lvl+0x8c/0xd0 [ 17.274735] print_report+0x118/0x608 [ 17.274913] kasan_report+0xdc/0x128 [ 17.275143] __asan_report_store1_noabort+0x20/0x30 [ 17.275525] krealloc_more_oob_helper+0x5c0/0x678 [ 17.275584] krealloc_large_more_oob+0x20/0x38 [ 17.276117] kunit_try_run_case+0x170/0x3f0 [ 17.276236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.276473] kthread+0x328/0x630 [ 17.276525] ret_from_fork+0x10/0x20 [ 17.276808] [ 17.276994] The buggy address belongs to the physical page: [ 17.277156] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.277403] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.277471] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.277821] page_type: f8(unknown) [ 17.277978] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.278234] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.278549] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.278813] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.279234] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.279313] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.279356] page dumped because: kasan: bad access detected [ 17.279552] [ 17.279602] Memory state around the buggy address: [ 17.279656] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.279870] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.279922] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.280122] ^ [ 17.280269] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.280476] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.280674] ================================================================== [ 17.261294] ================================================================== [ 17.261354] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.261409] Write of size 1 at addr fff00000c663a0eb by task kunit_try_catch/160 [ 17.261475] [ 17.261509] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.261588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.261614] Hardware name: linux,dummy-virt (DT) [ 17.261646] Call trace: [ 17.261668] show_stack+0x20/0x38 (C) [ 17.261785] dump_stack_lvl+0x8c/0xd0 [ 17.261847] print_report+0x118/0x608 [ 17.261894] kasan_report+0xdc/0x128 [ 17.261948] __asan_report_store1_noabort+0x20/0x30 [ 17.262005] krealloc_more_oob_helper+0x60c/0x678 [ 17.262053] krealloc_large_more_oob+0x20/0x38 [ 17.262100] kunit_try_run_case+0x170/0x3f0 [ 17.262148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.262200] kthread+0x328/0x630 [ 17.262249] ret_from_fork+0x10/0x20 [ 17.262302] [ 17.262322] The buggy address belongs to the physical page: [ 17.262355] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106638 [ 17.262409] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.263910] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.264037] page_type: f8(unknown) [ 17.264281] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.264345] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.264436] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.264993] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.265062] head: 0bfffe0000000002 ffffc1ffc3198e01 00000000ffffffff 00000000ffffffff [ 17.265187] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.265595] page dumped because: kasan: bad access detected [ 17.265789] [ 17.265928] Memory state around the buggy address: [ 17.266066] fff00000c6639f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.266130] fff00000c663a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.266532] >fff00000c663a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.266692] ^ [ 17.266751] fff00000c663a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.267137] fff00000c663a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.267259] ================================================================== [ 17.192532] ================================================================== [ 17.192689] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 17.192809] Write of size 1 at addr fff00000c46ffaf0 by task kunit_try_catch/156 [ 17.192905] [ 17.193043] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.193122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.193147] Hardware name: linux,dummy-virt (DT) [ 17.193186] Call trace: [ 17.193207] show_stack+0x20/0x38 (C) [ 17.193299] dump_stack_lvl+0x8c/0xd0 [ 17.193364] print_report+0x118/0x608 [ 17.193462] kasan_report+0xdc/0x128 [ 17.193509] __asan_report_store1_noabort+0x20/0x30 [ 17.193672] krealloc_more_oob_helper+0x5c0/0x678 [ 17.193877] krealloc_more_oob+0x20/0x38 [ 17.193971] kunit_try_run_case+0x170/0x3f0 [ 17.194056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.194108] kthread+0x328/0x630 [ 17.194239] ret_from_fork+0x10/0x20 [ 17.194315] [ 17.194334] Allocated by task 156: [ 17.194360] kasan_save_stack+0x3c/0x68 [ 17.194437] kasan_save_track+0x20/0x40 [ 17.194514] kasan_save_alloc_info+0x40/0x58 [ 17.194561] __kasan_krealloc+0x118/0x178 [ 17.194616] krealloc_noprof+0x128/0x360 [ 17.194653] krealloc_more_oob_helper+0x168/0x678 [ 17.194691] krealloc_more_oob+0x20/0x38 [ 17.194998] kunit_try_run_case+0x170/0x3f0 [ 17.195059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.195636] kthread+0x328/0x630 [ 17.195690] ret_from_fork+0x10/0x20 [ 17.195753] [ 17.195772] The buggy address belongs to the object at fff00000c46ffa00 [ 17.195772] which belongs to the cache kmalloc-256 of size 256 [ 17.196181] The buggy address is located 5 bytes to the right of [ 17.196181] allocated 235-byte region [fff00000c46ffa00, fff00000c46ffaeb) [ 17.196253] [ 17.196272] The buggy address belongs to the physical page: [ 17.196389] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.196467] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.196515] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.196626] page_type: f5(slab) [ 17.196665] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.196714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.196923] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.197021] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.197102] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.197547] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.197687] page dumped because: kasan: bad access detected [ 17.197838] [ 17.197856] Memory state around the buggy address: [ 17.197887] fff00000c46ff980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.198300] fff00000c46ffa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.198854] >fff00000c46ffa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.198961] ^ [ 17.199085] fff00000c46ffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.199156] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.199194] ================================================================== [ 17.185322] ================================================================== [ 17.185382] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 17.185434] Write of size 1 at addr fff00000c46ffaeb by task kunit_try_catch/156 [ 17.185496] [ 17.185527] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.185607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.185759] Hardware name: linux,dummy-virt (DT) [ 17.185801] Call trace: [ 17.185823] show_stack+0x20/0x38 (C) [ 17.185873] dump_stack_lvl+0x8c/0xd0 [ 17.186120] print_report+0x118/0x608 [ 17.186216] kasan_report+0xdc/0x128 [ 17.186294] __asan_report_store1_noabort+0x20/0x30 [ 17.186378] krealloc_more_oob_helper+0x60c/0x678 [ 17.186494] krealloc_more_oob+0x20/0x38 [ 17.186569] kunit_try_run_case+0x170/0x3f0 [ 17.186761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.187190] kthread+0x328/0x630 [ 17.187334] ret_from_fork+0x10/0x20 [ 17.187434] [ 17.187594] Allocated by task 156: [ 17.187685] kasan_save_stack+0x3c/0x68 [ 17.187846] kasan_save_track+0x20/0x40 [ 17.187884] kasan_save_alloc_info+0x40/0x58 [ 17.187933] __kasan_krealloc+0x118/0x178 [ 17.187971] krealloc_noprof+0x128/0x360 [ 17.188834] krealloc_more_oob_helper+0x168/0x678 [ 17.188948] krealloc_more_oob+0x20/0x38 [ 17.189066] kunit_try_run_case+0x170/0x3f0 [ 17.189160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.189204] kthread+0x328/0x630 [ 17.189597] ret_from_fork+0x10/0x20 [ 17.189724] [ 17.189840] The buggy address belongs to the object at fff00000c46ffa00 [ 17.189840] which belongs to the cache kmalloc-256 of size 256 [ 17.189988] The buggy address is located 0 bytes to the right of [ 17.189988] allocated 235-byte region [fff00000c46ffa00, fff00000c46ffaeb) [ 17.190129] [ 17.190266] The buggy address belongs to the physical page: [ 17.190353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046fe [ 17.190409] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.190474] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.190527] page_type: f5(slab) [ 17.190565] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.190629] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.190681] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 17.190737] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.190796] head: 0bfffe0000000001 ffffc1ffc311bf81 00000000ffffffff 00000000ffffffff [ 17.190854] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.190924] page dumped because: kasan: bad access detected [ 17.190991] [ 17.191009] Memory state around the buggy address: [ 17.191040] fff00000c46ff980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.191323] fff00000c46ffa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.191457] >fff00000c46ffa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 17.191498] ^ [ 17.191575] fff00000c46ffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.191654] fff00000c46ffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.191693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 17.174234] ================================================================== [ 17.174298] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 17.174360] Read of size 1 at addr fff00000c78e0000 by task kunit_try_catch/154 [ 17.174410] [ 17.174469] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.174624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.174798] Hardware name: linux,dummy-virt (DT) [ 17.174953] Call trace: [ 17.175013] show_stack+0x20/0x38 (C) [ 17.175125] dump_stack_lvl+0x8c/0xd0 [ 17.175290] print_report+0x118/0x608 [ 17.175366] kasan_report+0xdc/0x128 [ 17.175501] __asan_report_load1_noabort+0x20/0x30 [ 17.175692] page_alloc_uaf+0x328/0x350 [ 17.175964] kunit_try_run_case+0x170/0x3f0 [ 17.176139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.176275] kthread+0x328/0x630 [ 17.176414] ret_from_fork+0x10/0x20 [ 17.176526] [ 17.176556] The buggy address belongs to the physical page: [ 17.176590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078e0 [ 17.176648] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.177172] page_type: f0(buddy) [ 17.177252] raw: 0bfffe0000000000 fff00000ff616108 fff00000ff616108 0000000000000000 [ 17.177387] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 17.177533] page dumped because: kasan: bad access detected [ 17.177651] [ 17.177731] Memory state around the buggy address: [ 17.178080] fff00000c78dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.178289] fff00000c78dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.178378] >fff00000c78e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178430] ^ [ 17.178469] fff00000c78e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178521] fff00000c78e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.178560] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 17.152332] ================================================================== [ 17.152726] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 17.152936] Free of addr fff00000c6634001 by task kunit_try_catch/150 [ 17.152985] [ 17.153233] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.153368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.153421] Hardware name: linux,dummy-virt (DT) [ 17.153472] Call trace: [ 17.153496] show_stack+0x20/0x38 (C) [ 17.153563] dump_stack_lvl+0x8c/0xd0 [ 17.153614] print_report+0x118/0x608 [ 17.153659] kasan_report_invalid_free+0xc0/0xe8 [ 17.153708] __kasan_kfree_large+0x5c/0xa8 [ 17.153754] free_large_kmalloc+0x64/0x190 [ 17.153807] kfree+0x270/0x3c8 [ 17.153848] kmalloc_large_invalid_free+0x108/0x270 [ 17.153895] kunit_try_run_case+0x170/0x3f0 [ 17.153942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.154003] kthread+0x328/0x630 [ 17.154044] ret_from_fork+0x10/0x20 [ 17.154100] [ 17.154121] The buggy address belongs to the physical page: [ 17.154165] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106634 [ 17.154219] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.154265] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.154326] page_type: f8(unknown) [ 17.154375] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.154713] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.155058] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.155326] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.155399] head: 0bfffe0000000002 ffffc1ffc3198d01 00000000ffffffff 00000000ffffffff [ 17.155462] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.155502] page dumped because: kasan: bad access detected [ 17.155534] [ 17.155552] Memory state around the buggy address: [ 17.155585] fff00000c6633f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.155804] fff00000c6633f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.155926] >fff00000c6634000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.156003] ^ [ 17.156041] fff00000c6634080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.156168] fff00000c6634100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.156291] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 17.140327] ================================================================== [ 17.140397] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 17.140511] Read of size 1 at addr fff00000c6634000 by task kunit_try_catch/148 [ 17.140562] [ 17.140598] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.140684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.140711] Hardware name: linux,dummy-virt (DT) [ 17.140787] Call trace: [ 17.140815] show_stack+0x20/0x38 (C) [ 17.140869] dump_stack_lvl+0x8c/0xd0 [ 17.141064] print_report+0x118/0x608 [ 17.141137] kasan_report+0xdc/0x128 [ 17.141256] __asan_report_load1_noabort+0x20/0x30 [ 17.141309] kmalloc_large_uaf+0x2cc/0x2f8 [ 17.141353] kunit_try_run_case+0x170/0x3f0 [ 17.141481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.141537] kthread+0x328/0x630 [ 17.141754] ret_from_fork+0x10/0x20 [ 17.141806] [ 17.141961] The buggy address belongs to the physical page: [ 17.142110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106634 [ 17.142166] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.142255] raw: 0bfffe0000000000 ffffc1ffc3198e08 fff00000da478c40 0000000000000000 [ 17.142306] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 17.142346] page dumped because: kasan: bad access detected [ 17.142633] [ 17.142702] Memory state around the buggy address: [ 17.142834] fff00000c6633f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142878] fff00000c6633f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.142921] >fff00000c6634000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.142958] ^ [ 17.143049] fff00000c6634080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.143239] fff00000c6634100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 17.143420] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 17.130013] ================================================================== [ 17.130094] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 17.130246] Write of size 1 at addr fff00000c663600a by task kunit_try_catch/146 [ 17.130303] [ 17.130390] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.130496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.130522] Hardware name: linux,dummy-virt (DT) [ 17.130571] Call trace: [ 17.130594] show_stack+0x20/0x38 (C) [ 17.130642] dump_stack_lvl+0x8c/0xd0 [ 17.130809] print_report+0x118/0x608 [ 17.130869] kasan_report+0xdc/0x128 [ 17.131099] __asan_report_store1_noabort+0x20/0x30 [ 17.131290] kmalloc_large_oob_right+0x278/0x2b8 [ 17.131630] kunit_try_run_case+0x170/0x3f0 [ 17.131759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.131887] kthread+0x328/0x630 [ 17.131929] ret_from_fork+0x10/0x20 [ 17.131987] [ 17.132026] The buggy address belongs to the physical page: [ 17.132233] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106634 [ 17.132393] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.132569] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.132771] page_type: f8(unknown) [ 17.132849] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.133004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.133128] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.133307] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 17.133359] head: 0bfffe0000000002 ffffc1ffc3198d01 00000000ffffffff 00000000ffffffff [ 17.133672] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 17.133796] page dumped because: kasan: bad access detected [ 17.133902] [ 17.133973] Memory state around the buggy address: [ 17.134092] fff00000c6635f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.134175] fff00000c6635f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.134317] >fff00000c6636000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.134392] ^ [ 17.134429] fff00000c6636080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.134731] fff00000c6636100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.134927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.115892] ================================================================== [ 17.116169] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.116314] Write of size 1 at addr fff00000c78c9f00 by task kunit_try_catch/144 [ 17.116367] [ 17.116497] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.116582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.116607] Hardware name: linux,dummy-virt (DT) [ 17.116657] Call trace: [ 17.116886] show_stack+0x20/0x38 (C) [ 17.116980] dump_stack_lvl+0x8c/0xd0 [ 17.117103] print_report+0x118/0x608 [ 17.117226] kasan_report+0xdc/0x128 [ 17.117271] __asan_report_store1_noabort+0x20/0x30 [ 17.117554] kmalloc_big_oob_right+0x2a4/0x2f0 [ 17.117740] kunit_try_run_case+0x170/0x3f0 [ 17.117833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.117887] kthread+0x328/0x630 [ 17.117944] ret_from_fork+0x10/0x20 [ 17.117992] [ 17.118036] Allocated by task 144: [ 17.118083] kasan_save_stack+0x3c/0x68 [ 17.118138] kasan_save_track+0x20/0x40 [ 17.118175] kasan_save_alloc_info+0x40/0x58 [ 17.118492] __kasan_kmalloc+0xd4/0xd8 [ 17.118545] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.118611] kmalloc_big_oob_right+0xb8/0x2f0 [ 17.118666] kunit_try_run_case+0x170/0x3f0 [ 17.118737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.118780] kthread+0x328/0x630 [ 17.118994] ret_from_fork+0x10/0x20 [ 17.119170] [ 17.119337] The buggy address belongs to the object at fff00000c78c8000 [ 17.119337] which belongs to the cache kmalloc-8k of size 8192 [ 17.119419] The buggy address is located 0 bytes to the right of [ 17.119419] allocated 7936-byte region [fff00000c78c8000, fff00000c78c9f00) [ 17.119602] [ 17.119630] The buggy address belongs to the physical page: [ 17.119663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c8 [ 17.119938] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.120010] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.120438] page_type: f5(slab) [ 17.120551] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.120602] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.120913] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 17.121088] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.121210] head: 0bfffe0000000003 ffffc1ffc31e3201 00000000ffffffff 00000000ffffffff [ 17.121260] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.121469] page dumped because: kasan: bad access detected [ 17.121647] [ 17.121680] Memory state around the buggy address: [ 17.121735] fff00000c78c9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.121778] fff00000c78c9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.121820] >fff00000c78c9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121857] ^ [ 17.121884] fff00000c78c9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121925] fff00000c78ca000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.093471] ================================================================== [ 17.093586] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.093672] Write of size 1 at addr fff00000c7800078 by task kunit_try_catch/142 [ 17.093723] [ 17.093762] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.093843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.093886] Hardware name: linux,dummy-virt (DT) [ 17.093919] Call trace: [ 17.093942] show_stack+0x20/0x38 (C) [ 17.094017] dump_stack_lvl+0x8c/0xd0 [ 17.094153] print_report+0x118/0x608 [ 17.094203] kasan_report+0xdc/0x128 [ 17.094247] __asan_report_store1_noabort+0x20/0x30 [ 17.094324] kmalloc_track_caller_oob_right+0x40c/0x488 [ 17.094453] kunit_try_run_case+0x170/0x3f0 [ 17.094506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.094623] kthread+0x328/0x630 [ 17.094694] ret_from_fork+0x10/0x20 [ 17.094767] [ 17.094785] Allocated by task 142: [ 17.094933] kasan_save_stack+0x3c/0x68 [ 17.094985] kasan_save_track+0x20/0x40 [ 17.095055] kasan_save_alloc_info+0x40/0x58 [ 17.095141] __kasan_kmalloc+0xd4/0xd8 [ 17.095300] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.095384] kmalloc_track_caller_oob_right+0xa8/0x488 [ 17.095425] kunit_try_run_case+0x170/0x3f0 [ 17.095486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.095528] kthread+0x328/0x630 [ 17.095879] ret_from_fork+0x10/0x20 [ 17.096365] [ 17.096423] The buggy address belongs to the object at fff00000c7800000 [ 17.096423] which belongs to the cache kmalloc-128 of size 128 [ 17.096728] The buggy address is located 0 bytes to the right of [ 17.096728] allocated 120-byte region [fff00000c7800000, fff00000c7800078) [ 17.096819] [ 17.096839] The buggy address belongs to the physical page: [ 17.096873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.097117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.097349] page_type: f5(slab) [ 17.097496] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.097779] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.097820] page dumped because: kasan: bad access detected [ 17.097879] [ 17.098249] Memory state around the buggy address: [ 17.098455] fff00000c77fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.098570] fff00000c77fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.098763] >fff00000c7800000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.098966] ^ [ 17.099006] fff00000c7800080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.099049] fff00000c7800100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.099089] ================================================================== [ 17.100064] ================================================================== [ 17.100117] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 17.100166] Write of size 1 at addr fff00000c7800178 by task kunit_try_catch/142 [ 17.100387] [ 17.100421] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.100620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.100793] Hardware name: linux,dummy-virt (DT) [ 17.100904] Call trace: [ 17.100972] show_stack+0x20/0x38 (C) [ 17.101023] dump_stack_lvl+0x8c/0xd0 [ 17.101234] print_report+0x118/0x608 [ 17.101337] kasan_report+0xdc/0x128 [ 17.101496] __asan_report_store1_noabort+0x20/0x30 [ 17.101601] kmalloc_track_caller_oob_right+0x418/0x488 [ 17.101964] kunit_try_run_case+0x170/0x3f0 [ 17.102034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.102088] kthread+0x328/0x630 [ 17.102130] ret_from_fork+0x10/0x20 [ 17.102254] [ 17.102331] Allocated by task 142: [ 17.102397] kasan_save_stack+0x3c/0x68 [ 17.102542] kasan_save_track+0x20/0x40 [ 17.102637] kasan_save_alloc_info+0x40/0x58 [ 17.102678] __kasan_kmalloc+0xd4/0xd8 [ 17.102754] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.102800] kmalloc_track_caller_oob_right+0x184/0x488 [ 17.102845] kunit_try_run_case+0x170/0x3f0 [ 17.102882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.102996] kthread+0x328/0x630 [ 17.103136] ret_from_fork+0x10/0x20 [ 17.103470] [ 17.103600] The buggy address belongs to the object at fff00000c7800100 [ 17.103600] which belongs to the cache kmalloc-128 of size 128 [ 17.103893] The buggy address is located 0 bytes to the right of [ 17.103893] allocated 120-byte region [fff00000c7800100, fff00000c7800178) [ 17.104048] [ 17.104075] The buggy address belongs to the physical page: [ 17.104105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 17.104159] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.104206] page_type: f5(slab) [ 17.104245] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.104465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.104956] page dumped because: kasan: bad access detected [ 17.105055] [ 17.105242] Memory state around the buggy address: [ 17.105375] fff00000c7800000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.105420] fff00000c7800080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.105483] >fff00000c7800100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.105536] ^ [ 17.105577] fff00000c7800180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.105628] fff00000c7800200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.105666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.080490] ================================================================== [ 17.080582] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 17.080803] Read of size 1 at addr fff00000c5f8f000 by task kunit_try_catch/140 [ 17.080977] [ 17.081018] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.081103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.081130] Hardware name: linux,dummy-virt (DT) [ 17.081164] Call trace: [ 17.081187] show_stack+0x20/0x38 (C) [ 17.081238] dump_stack_lvl+0x8c/0xd0 [ 17.081289] print_report+0x118/0x608 [ 17.081335] kasan_report+0xdc/0x128 [ 17.081387] __asan_report_load1_noabort+0x20/0x30 [ 17.081794] kmalloc_node_oob_right+0x2f4/0x330 [ 17.082231] kunit_try_run_case+0x170/0x3f0 [ 17.082292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.082812] kthread+0x328/0x630 [ 17.082870] ret_from_fork+0x10/0x20 [ 17.083325] [ 17.083357] Allocated by task 140: [ 17.083440] kasan_save_stack+0x3c/0x68 [ 17.083569] kasan_save_track+0x20/0x40 [ 17.083605] kasan_save_alloc_info+0x40/0x58 [ 17.083644] __kasan_kmalloc+0xd4/0xd8 [ 17.083680] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 17.083889] kmalloc_node_oob_right+0xbc/0x330 [ 17.083996] kunit_try_run_case+0x170/0x3f0 [ 17.084035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.084078] kthread+0x328/0x630 [ 17.084109] ret_from_fork+0x10/0x20 [ 17.084154] [ 17.084190] The buggy address belongs to the object at fff00000c5f8e000 [ 17.084190] which belongs to the cache kmalloc-4k of size 4096 [ 17.084512] The buggy address is located 0 bytes to the right of [ 17.084512] allocated 4096-byte region [fff00000c5f8e000, fff00000c5f8f000) [ 17.084821] [ 17.084843] The buggy address belongs to the physical page: [ 17.084989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f88 [ 17.085313] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.085612] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 17.085751] page_type: f5(slab) [ 17.085824] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.085884] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.085964] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 17.086158] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.086209] head: 0bfffe0000000003 ffffc1ffc317e201 00000000ffffffff 00000000ffffffff [ 17.086324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.086420] page dumped because: kasan: bad access detected [ 17.086467] [ 17.086486] Memory state around the buggy address: [ 17.086520] fff00000c5f8ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.086594] fff00000c5f8ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.086660] >fff00000c5f8f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.086796] ^ [ 17.086909] fff00000c5f8f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.087112] fff00000c5f8f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.087209] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.056455] ================================================================== [ 17.056716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.056792] Read of size 1 at addr fff00000c45517ff by task kunit_try_catch/138 [ 17.056848] [ 17.056901] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.057143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.057172] Hardware name: linux,dummy-virt (DT) [ 17.057207] Call trace: [ 17.057232] show_stack+0x20/0x38 (C) [ 17.057404] dump_stack_lvl+0x8c/0xd0 [ 17.057494] print_report+0x118/0x608 [ 17.057544] kasan_report+0xdc/0x128 [ 17.057592] __asan_report_load1_noabort+0x20/0x30 [ 17.057672] kmalloc_oob_left+0x2ec/0x320 [ 17.057720] kunit_try_run_case+0x170/0x3f0 [ 17.057774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.057830] kthread+0x328/0x630 [ 17.057875] ret_from_fork+0x10/0x20 [ 17.057936] [ 17.057969] Allocated by task 26: [ 17.058002] kasan_save_stack+0x3c/0x68 [ 17.058079] kasan_save_track+0x20/0x40 [ 17.058131] kasan_save_alloc_info+0x40/0x58 [ 17.058172] __kasan_kmalloc+0xd4/0xd8 [ 17.058210] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.058466] kstrdup+0x54/0xc8 [ 17.058558] devtmpfs_work_loop+0x6f8/0xa58 [ 17.058602] devtmpfsd+0x50/0x58 [ 17.058639] kthread+0x328/0x630 [ 17.058673] ret_from_fork+0x10/0x20 [ 17.058730] [ 17.058765] Freed by task 26: [ 17.058805] kasan_save_stack+0x3c/0x68 [ 17.058846] kasan_save_track+0x20/0x40 [ 17.058903] kasan_save_free_info+0x4c/0x78 [ 17.058995] __kasan_slab_free+0x6c/0x98 [ 17.059215] kfree+0x214/0x3c8 [ 17.059273] devtmpfs_work_loop+0x804/0xa58 [ 17.059313] devtmpfsd+0x50/0x58 [ 17.059432] kthread+0x328/0x630 [ 17.059488] ret_from_fork+0x10/0x20 [ 17.059536] [ 17.059560] The buggy address belongs to the object at fff00000c45517e0 [ 17.059560] which belongs to the cache kmalloc-16 of size 16 [ 17.059759] The buggy address is located 15 bytes to the right of [ 17.059759] allocated 16-byte region [fff00000c45517e0, fff00000c45517f0) [ 17.059991] [ 17.060015] The buggy address belongs to the physical page: [ 17.060059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104551 [ 17.060313] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.060401] page_type: f5(slab) [ 17.060540] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.060608] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.060655] page dumped because: kasan: bad access detected [ 17.060689] [ 17.060761] Memory state around the buggy address: [ 17.060850] fff00000c4551680: fa fb fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 17.060944] fff00000c4551700: 00 07 fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.061116] >fff00000c4551780: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 17.061157] ^ [ 17.061201] fff00000c4551800: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.061247] fff00000c4551880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.061290] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.028169] ================================================================== [ 17.028210] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.028262] Write of size 1 at addr fff00000c4687f78 by task kunit_try_catch/136 [ 17.028795] [ 17.028846] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.028980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.029115] Hardware name: linux,dummy-virt (DT) [ 17.029573] Call trace: [ 17.029631] show_stack+0x20/0x38 (C) [ 17.029734] dump_stack_lvl+0x8c/0xd0 [ 17.029791] print_report+0x118/0x608 [ 17.029839] kasan_report+0xdc/0x128 [ 17.030122] __asan_report_store1_noabort+0x20/0x30 [ 17.030248] kmalloc_oob_right+0x538/0x660 [ 17.030301] kunit_try_run_case+0x170/0x3f0 [ 17.030415] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.030544] kthread+0x328/0x630 [ 17.030595] ret_from_fork+0x10/0x20 [ 17.030671] [ 17.030779] Allocated by task 136: [ 17.030924] kasan_save_stack+0x3c/0x68 [ 17.030979] kasan_save_track+0x20/0x40 [ 17.031077] kasan_save_alloc_info+0x40/0x58 [ 17.031145] __kasan_kmalloc+0xd4/0xd8 [ 17.031182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.031510] kmalloc_oob_right+0xb0/0x660 [ 17.031603] kunit_try_run_case+0x170/0x3f0 [ 17.031761] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.031853] kthread+0x328/0x630 [ 17.031892] ret_from_fork+0x10/0x20 [ 17.032189] [ 17.032293] The buggy address belongs to the object at fff00000c4687f00 [ 17.032293] which belongs to the cache kmalloc-128 of size 128 [ 17.032437] The buggy address is located 5 bytes to the right of [ 17.032437] allocated 115-byte region [fff00000c4687f00, fff00000c4687f73) [ 17.032618] [ 17.032641] The buggy address belongs to the physical page: [ 17.032672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104687 [ 17.033086] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.033150] page_type: f5(slab) [ 17.033198] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.033486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.033642] page dumped because: kasan: bad access detected [ 17.033784] [ 17.033803] Memory state around the buggy address: [ 17.034029] fff00000c4687e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.034121] fff00000c4687e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.034168] >fff00000c4687f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.034217] ^ [ 17.034266] fff00000c4687f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.034311] fff00000c4688000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.034360] ================================================================== [ 17.019331] ================================================================== [ 17.019770] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.020636] Write of size 1 at addr fff00000c4687f73 by task kunit_try_catch/136 [ 17.020748] [ 17.021558] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.021704] Tainted: [N]=TEST [ 17.021737] Hardware name: linux,dummy-virt (DT) [ 17.021961] Call trace: [ 17.022134] show_stack+0x20/0x38 (C) [ 17.022270] dump_stack_lvl+0x8c/0xd0 [ 17.022332] print_report+0x118/0x608 [ 17.022382] kasan_report+0xdc/0x128 [ 17.022433] __asan_report_store1_noabort+0x20/0x30 [ 17.022492] kmalloc_oob_right+0x5a4/0x660 [ 17.022538] kunit_try_run_case+0x170/0x3f0 [ 17.022589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.022642] kthread+0x328/0x630 [ 17.022685] ret_from_fork+0x10/0x20 [ 17.022850] [ 17.022889] Allocated by task 136: [ 17.023005] kasan_save_stack+0x3c/0x68 [ 17.023071] kasan_save_track+0x20/0x40 [ 17.023112] kasan_save_alloc_info+0x40/0x58 [ 17.023152] __kasan_kmalloc+0xd4/0xd8 [ 17.023188] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.023232] kmalloc_oob_right+0xb0/0x660 [ 17.023267] kunit_try_run_case+0x170/0x3f0 [ 17.023304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.023347] kthread+0x328/0x630 [ 17.023378] ret_from_fork+0x10/0x20 [ 17.023432] [ 17.023504] The buggy address belongs to the object at fff00000c4687f00 [ 17.023504] which belongs to the cache kmalloc-128 of size 128 [ 17.023600] The buggy address is located 0 bytes to the right of [ 17.023600] allocated 115-byte region [fff00000c4687f00, fff00000c4687f73) [ 17.023667] [ 17.023750] The buggy address belongs to the physical page: [ 17.023961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104687 [ 17.024244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.024554] page_type: f5(slab) [ 17.024856] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.024918] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.025024] page dumped because: kasan: bad access detected [ 17.025064] [ 17.025089] Memory state around the buggy address: [ 17.025313] fff00000c4687e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.025379] fff00000c4687e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.025435] >fff00000c4687f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.025503] ^ [ 17.025588] fff00000c4687f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.025633] fff00000c4688000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.025695] ================================================================== [ 17.036157] ================================================================== [ 17.036209] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.036258] Read of size 1 at addr fff00000c4687f80 by task kunit_try_catch/136 [ 17.036557] [ 17.036693] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.036781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.036808] Hardware name: linux,dummy-virt (DT) [ 17.036846] Call trace: [ 17.036977] show_stack+0x20/0x38 (C) [ 17.037033] dump_stack_lvl+0x8c/0xd0 [ 17.037201] print_report+0x118/0x608 [ 17.037268] kasan_report+0xdc/0x128 [ 17.037314] __asan_report_load1_noabort+0x20/0x30 [ 17.037366] kmalloc_oob_right+0x5d0/0x660 [ 17.037411] kunit_try_run_case+0x170/0x3f0 [ 17.037470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.037522] kthread+0x328/0x630 [ 17.037569] ret_from_fork+0x10/0x20 [ 17.037625] [ 17.037643] Allocated by task 136: [ 17.037671] kasan_save_stack+0x3c/0x68 [ 17.037712] kasan_save_track+0x20/0x40 [ 17.037757] kasan_save_alloc_info+0x40/0x58 [ 17.037805] __kasan_kmalloc+0xd4/0xd8 [ 17.037847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.037886] kmalloc_oob_right+0xb0/0x660 [ 17.037921] kunit_try_run_case+0x170/0x3f0 [ 17.037957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.037999] kthread+0x328/0x630 [ 17.038029] ret_from_fork+0x10/0x20 [ 17.038063] [ 17.038080] The buggy address belongs to the object at fff00000c4687f00 [ 17.038080] which belongs to the cache kmalloc-128 of size 128 [ 17.038142] The buggy address is located 13 bytes to the right of [ 17.038142] allocated 115-byte region [fff00000c4687f00, fff00000c4687f73) [ 17.038207] [ 17.038235] The buggy address belongs to the physical page: [ 17.038273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104687 [ 17.038326] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.038374] page_type: f5(slab) [ 17.038411] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.038952] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.039021] page dumped because: kasan: bad access detected [ 17.039164] [ 17.039262] Memory state around the buggy address: [ 17.039295] fff00000c4687e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.039431] fff00000c4687f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.039491] >fff00000c4687f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.039533] ^ [ 17.039609] fff00000c4688000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.039760] fff00000c4688080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 17.040043] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 99.773182] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 99.774654] Modules linked in: [ 99.774860] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 99.775460] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 99.775798] Hardware name: linux,dummy-virt (DT) [ 99.776044] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.776423] pc : intlog10+0x38/0x48 [ 99.776666] lr : intlog10_test+0xe4/0x200 [ 99.776931] sp : ffff8000822e7c10 [ 99.777123] x29: ffff8000822e7c90 x28: 0000000000000000 x27: 0000000000000000 [ 99.777619] x26: 1ffe000018bd1901 x25: 0000000000000000 x24: ffff8000822e7ce0 [ 99.778086] x23: ffff8000822e7d00 x22: 0000000000000000 x21: 1ffff0001045cf82 [ 99.778592] x20: ffffa141d7a89840 x19: ffff800080087990 x18: 0000000096a867fd [ 99.779034] x17: 000000009552d173 x16: fff00000c097583c x15: fff00000ff616b08 [ 99.779482] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff74283b723381 [ 99.779932] x11: 1ffff4283b723380 x10: ffff74283b723380 x9 : ffffa141d503701c [ 99.780327] x8 : ffffa141db919c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 99.780717] x5 : ffff70001045cf82 x4 : 1ffff00010010f3a x3 : 1ffff4283af51308 [ 99.781202] x2 : 1ffff4283af51308 x1 : 0000000000000003 x0 : 0000000000000000 [ 99.781673] Call trace: [ 99.781864] intlog10+0x38/0x48 (P) [ 99.782116] kunit_try_run_case+0x170/0x3f0 [ 99.782326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.782630] kthread+0x328/0x630 [ 99.782856] ret_from_fork+0x10/0x20 [ 99.783604] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 99.725688] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 99.729838] Modules linked in: [ 99.730266] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 99.731319] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 99.731951] Hardware name: linux,dummy-virt (DT) [ 99.732708] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.733164] pc : intlog2+0xd8/0xf8 [ 99.733534] lr : intlog2_test+0xe4/0x200 [ 99.733935] sp : ffff8000821f7c10 [ 99.734156] x29: ffff8000821f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 99.734526] x26: 1ffe000018bbc6c1 x25: 0000000000000000 x24: ffff8000821f7ce0 [ 99.734920] x23: ffff8000821f7d00 x22: 0000000000000000 x21: 1ffff0001043ef82 [ 99.735406] x20: ffffa141d7a89740 x19: ffff800080087990 x18: 00000000577bd245 [ 99.735976] x17: 000000009705f798 x16: fff00000c097583c x15: fff00000ff616b08 [ 99.736420] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e9cd x12: ffff74283b723381 [ 99.736862] x11: 1ffff4283b723380 x10: ffff74283b723380 x9 : ffffa141d503721c [ 99.737207] x8 : ffffa141db919c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 99.737612] x5 : ffff70001043ef82 x4 : 1ffff00010010f3a x3 : 1ffff4283af512e8 [ 99.738057] x2 : 1ffff4283af512e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 99.738517] Call trace: [ 99.738687] intlog2+0xd8/0xf8 (P) [ 99.738905] kunit_try_run_case+0x170/0x3f0 [ 99.739119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.739535] kthread+0x328/0x630 [ 99.739749] ret_from_fork+0x10/0x20 [ 99.740024] ---[ end trace 0000000000000000 ]---