Date
July 1, 2025, 3:08 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.451333] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x24c/0x4858 [ 19.517983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 19.533449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x6ec/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.372796] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 19.357896] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.326878] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 97.290705] Internal error: Oops: 0000000096000005 [#1] SMP [ 97.299712] Modules linked in: [ 97.300750] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 97.301904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 97.302537] Hardware name: linux,dummy-virt (DT) [ 97.303341] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.303873] pc : kunit_test_null_dereference+0x70/0x170 [ 97.304155] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.304395] sp : ffff800080fd7d30 [ 97.304829] x29: ffff800080fd7d90 x28: 0000000000000000 x27: 0000000000000000 [ 97.305970] x26: 1ffe000018af59c1 x25: 0000000000000000 x24: 0000000000000004 [ 97.307067] x23: fff00000c57ace0c x22: ffffa1856b0245f8 x21: fff00000c13f0008 [ 97.308068] x20: 1ffff000101fafa6 x19: ffff800080087990 x18: 000000000edab1e3 [ 97.309002] x17: 0000000000000000 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 97.310057] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: fffd800018e23b3c [ 97.311151] x11: 1ffe000018e23b3b x10: fffd800018e23b3b x9 : ffffa1856b01ba60 [ 97.311685] x8 : ffff800080fd7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 97.312035] x5 : ffff7000101fafa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 97.312376] x2 : dfff800000000000 x1 : fff00000c711d100 x0 : ffff800080087990 [ 97.313434] Call trace: [ 97.313907] kunit_test_null_dereference+0x70/0x170 (P) [ 97.314705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.315392] kthread+0x328/0x630 [ 97.315899] ret_from_fork+0x10/0x20 [ 97.316712] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 97.318093] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.590290] ================================================================== [ 50.590361] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.590361] [ 50.590453] Use-after-free read at 0x0000000056d61aa5 (in kfence-#155): [ 50.590506] test_krealloc+0x51c/0x830 [ 50.590550] kunit_try_run_case+0x170/0x3f0 [ 50.590611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.590657] kthread+0x328/0x630 [ 50.590695] ret_from_fork+0x10/0x20 [ 50.590735] [ 50.590759] kfence-#155: 0x0000000056d61aa5-0x00000000a3b67ea5, size=32, cache=kmalloc-32 [ 50.590759] [ 50.590815] allocated by task 338 on cpu 0 at 50.589663s (0.001148s ago): [ 50.590882] test_alloc+0x29c/0x628 [ 50.590923] test_krealloc+0xc0/0x830 [ 50.590960] kunit_try_run_case+0x170/0x3f0 [ 50.591000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.591044] kthread+0x328/0x630 [ 50.591081] ret_from_fork+0x10/0x20 [ 50.591120] [ 50.591143] freed by task 338 on cpu 0 at 50.589909s (0.001230s ago): [ 50.591204] krealloc_noprof+0x148/0x360 [ 50.591243] test_krealloc+0x1dc/0x830 [ 50.591282] kunit_try_run_case+0x170/0x3f0 [ 50.591321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.591364] kthread+0x328/0x630 [ 50.591398] ret_from_fork+0x10/0x20 [ 50.591436] [ 50.591481] CPU: 0 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.591559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.591598] Hardware name: linux,dummy-virt (DT) [ 50.591633] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.501782] ================================================================== [ 50.501875] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.501875] [ 50.501971] Use-after-free read at 0x00000000a675755e (in kfence-#154): [ 50.502024] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.502073] kunit_try_run_case+0x170/0x3f0 [ 50.502118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.502163] kthread+0x328/0x630 [ 50.502203] ret_from_fork+0x10/0x20 [ 50.502245] [ 50.502268] kfence-#154: 0x00000000a675755e-0x000000008d999276, size=32, cache=test [ 50.502268] [ 50.502320] allocated by task 336 on cpu 1 at 50.490018s (0.012298s ago): [ 50.502390] test_alloc+0x230/0x628 [ 50.502429] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.502472] kunit_try_run_case+0x170/0x3f0 [ 50.502510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.502552] kthread+0x328/0x630 [ 50.502605] ret_from_fork+0x10/0x20 [ 50.502643] [ 50.502665] freed by task 336 on cpu 1 at 50.490129s (0.012532s ago): [ 50.502721] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.502764] kunit_try_run_case+0x170/0x3f0 [ 50.502804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.502847] kthread+0x328/0x630 [ 50.502882] ret_from_fork+0x10/0x20 [ 50.502921] [ 50.502965] CPU: 1 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.503042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.503073] Hardware name: linux,dummy-virt (DT) [ 50.503110] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.721668] ================================================================== [ 27.722946] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.722946] [ 27.723114] Invalid read at 0x0000000050628c59: [ 27.723217] test_invalid_access+0xdc/0x1f0 [ 27.723300] kunit_try_run_case+0x170/0x3f0 [ 27.723376] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.723427] kthread+0x328/0x630 [ 27.723602] ret_from_fork+0x10/0x20 [ 27.723688] [ 27.723741] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.723918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.723962] Hardware name: linux,dummy-virt (DT) [ 27.724019] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.494005] ================================================================== [ 27.494100] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.494100] [ 27.494161] Corrupted memory at 0x000000008db91314 [ ! . . . . . . . . . . . . . . . ] (in kfence-#150): [ 27.494469] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.494519] kunit_try_run_case+0x170/0x3f0 [ 27.494561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.494619] kthread+0x328/0x630 [ 27.494658] ret_from_fork+0x10/0x20 [ 27.494697] [ 27.494721] kfence-#150: 0x000000002868877b-0x0000000081bbfbf2, size=73, cache=kmalloc-96 [ 27.494721] [ 27.494776] allocated by task 326 on cpu 0 at 27.493772s (0.001000s ago): [ 27.494838] test_alloc+0x29c/0x628 [ 27.494879] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.494922] kunit_try_run_case+0x170/0x3f0 [ 27.494963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.495007] kthread+0x328/0x630 [ 27.495042] ret_from_fork+0x10/0x20 [ 27.495082] [ 27.495105] freed by task 326 on cpu 0 at 27.493915s (0.001187s ago): [ 27.495167] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.495210] kunit_try_run_case+0x170/0x3f0 [ 27.495249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.495292] kthread+0x328/0x630 [ 27.495327] ret_from_fork+0x10/0x20 [ 27.495366] [ 27.495408] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.495487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.495517] Hardware name: linux,dummy-virt (DT) [ 27.495550] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.389997] ================================================================== [ 27.390094] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.390094] [ 27.390201] Out-of-bounds read at 0x00000000b9497285 (105B right of kfence-#149): [ 27.390265] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.390315] kunit_try_run_case+0x170/0x3f0 [ 27.390361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.390406] kthread+0x328/0x630 [ 27.390444] ret_from_fork+0x10/0x20 [ 27.390484] [ 27.390510] kfence-#149: 0x00000000ab571937-0x0000000054c3c9b4, size=73, cache=kmalloc-96 [ 27.390510] [ 27.390562] allocated by task 324 on cpu 0 at 27.389758s (0.000801s ago): [ 27.390652] test_alloc+0x29c/0x628 [ 27.390694] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.390738] kunit_try_run_case+0x170/0x3f0 [ 27.390777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.390821] kthread+0x328/0x630 [ 27.390857] ret_from_fork+0x10/0x20 [ 27.390898] [ 27.390945] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.391025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.391054] Hardware name: linux,dummy-virt (DT) [ 27.391091] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.022056] ================================================================== [ 23.022170] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.022170] [ 23.022238] Corrupted memory at 0x00000000a28d8878 [ ! . . . . . . . . . . . . . . . ] (in kfence-#107): [ 23.023364] test_corruption+0x278/0x378 [ 23.023416] kunit_try_run_case+0x170/0x3f0 [ 23.023459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.023506] kthread+0x328/0x630 [ 23.023545] ret_from_fork+0x10/0x20 [ 23.023597] [ 23.023620] kfence-#107: 0x000000007fe25bd5-0x000000003edd4e82, size=32, cache=kmalloc-32 [ 23.023620] [ 23.023677] allocated by task 312 on cpu 1 at 23.021767s (0.001906s ago): [ 23.023740] test_alloc+0x29c/0x628 [ 23.023780] test_corruption+0xdc/0x378 [ 23.023821] kunit_try_run_case+0x170/0x3f0 [ 23.023862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.023906] kthread+0x328/0x630 [ 23.023940] ret_from_fork+0x10/0x20 [ 23.023979] [ 23.024003] freed by task 312 on cpu 1 at 23.021872s (0.002127s ago): [ 23.024062] test_corruption+0x278/0x378 [ 23.024103] kunit_try_run_case+0x170/0x3f0 [ 23.024142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.024186] kthread+0x328/0x630 [ 23.024221] ret_from_fork+0x10/0x20 [ 23.024260] [ 23.024302] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.024381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.024411] Hardware name: linux,dummy-virt (DT) [ 23.024447] ================================================================== [ 23.333993] ================================================================== [ 23.334087] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.334087] [ 23.334149] Corrupted memory at 0x0000000044bc53f1 [ ! ] (in kfence-#110): [ 23.334265] test_corruption+0x1d8/0x378 [ 23.334310] kunit_try_run_case+0x170/0x3f0 [ 23.334353] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.334400] kthread+0x328/0x630 [ 23.334439] ret_from_fork+0x10/0x20 [ 23.334478] [ 23.334501] kfence-#110: 0x000000008fab35e5-0x00000000786d54e2, size=32, cache=test [ 23.334501] [ 23.334556] allocated by task 314 on cpu 1 at 23.333844s (0.000708s ago): [ 23.334632] test_alloc+0x230/0x628 [ 23.334673] test_corruption+0x198/0x378 [ 23.334714] kunit_try_run_case+0x170/0x3f0 [ 23.334752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.334797] kthread+0x328/0x630 [ 23.334833] ret_from_fork+0x10/0x20 [ 23.334872] [ 23.334895] freed by task 314 on cpu 1 at 23.333905s (0.000986s ago): [ 23.334955] test_corruption+0x1d8/0x378 [ 23.334993] kunit_try_run_case+0x170/0x3f0 [ 23.335033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.335076] kthread+0x328/0x630 [ 23.335111] ret_from_fork+0x10/0x20 [ 23.335150] [ 23.335193] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.335269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.335299] Hardware name: linux,dummy-virt (DT) [ 23.335333] ================================================================== [ 23.229908] ================================================================== [ 23.229994] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.229994] [ 23.230055] Corrupted memory at 0x000000007a483344 [ ! . . . . . . . . . . . . . . . ] (in kfence-#109): [ 23.230364] test_corruption+0x120/0x378 [ 23.230415] kunit_try_run_case+0x170/0x3f0 [ 23.230461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.230507] kthread+0x328/0x630 [ 23.230546] ret_from_fork+0x10/0x20 [ 23.230599] [ 23.230623] kfence-#109: 0x0000000087f0ab42-0x000000005a282671, size=32, cache=test [ 23.230623] [ 23.230679] allocated by task 314 on cpu 1 at 23.229770s (0.000905s ago): [ 23.230742] test_alloc+0x230/0x628 [ 23.230782] test_corruption+0xdc/0x378 [ 23.230822] kunit_try_run_case+0x170/0x3f0 [ 23.230863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.230906] kthread+0x328/0x630 [ 23.230942] ret_from_fork+0x10/0x20 [ 23.230981] [ 23.231004] freed by task 314 on cpu 1 at 23.229826s (0.001174s ago): [ 23.231065] test_corruption+0x120/0x378 [ 23.231104] kunit_try_run_case+0x170/0x3f0 [ 23.231143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.231187] kthread+0x328/0x630 [ 23.231223] ret_from_fork+0x10/0x20 [ 23.231263] [ 23.231305] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.231381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.231410] Hardware name: linux,dummy-virt (DT) [ 23.231443] ================================================================== [ 23.126022] ================================================================== [ 23.126109] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.126109] [ 23.126170] Corrupted memory at 0x00000000a94b93dd [ ! ] (in kfence-#108): [ 23.126296] test_corruption+0x284/0x378 [ 23.126343] kunit_try_run_case+0x170/0x3f0 [ 23.126384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.126429] kthread+0x328/0x630 [ 23.126465] ret_from_fork+0x10/0x20 [ 23.126506] [ 23.126529] kfence-#108: 0x00000000488c1674-0x00000000ccd3c764, size=32, cache=kmalloc-32 [ 23.126529] [ 23.126598] allocated by task 312 on cpu 1 at 23.125746s (0.000848s ago): [ 23.126660] test_alloc+0x29c/0x628 [ 23.126699] test_corruption+0x198/0x378 [ 23.126739] kunit_try_run_case+0x170/0x3f0 [ 23.126777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.126822] kthread+0x328/0x630 [ 23.126858] ret_from_fork+0x10/0x20 [ 23.126895] [ 23.126919] freed by task 312 on cpu 1 at 23.125855s (0.001060s ago): [ 23.126980] test_corruption+0x284/0x378 [ 23.127020] kunit_try_run_case+0x170/0x3f0 [ 23.127058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.127101] kthread+0x328/0x630 [ 23.127137] ret_from_fork+0x10/0x20 [ 23.127174] [ 23.127214] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.127290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.127318] Hardware name: linux,dummy-virt (DT) [ 23.127352] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.709791] ================================================================== [ 22.709885] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.709885] [ 22.709943] Invalid free of 0x00000000daabb85f (in kfence-#104): [ 22.709999] test_invalid_addr_free+0xec/0x238 [ 22.710043] kunit_try_run_case+0x170/0x3f0 [ 22.710086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.710132] kthread+0x328/0x630 [ 22.710169] ret_from_fork+0x10/0x20 [ 22.710209] [ 22.710232] kfence-#104: 0x000000001b3fd34f-0x00000000400c9627, size=32, cache=test [ 22.710232] [ 22.710285] allocated by task 310 on cpu 0 at 22.709690s (0.000591s ago): [ 22.710348] test_alloc+0x230/0x628 [ 22.710387] test_invalid_addr_free+0xd4/0x238 [ 22.710430] kunit_try_run_case+0x170/0x3f0 [ 22.710469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.710512] kthread+0x328/0x630 [ 22.710547] ret_from_fork+0x10/0x20 [ 22.710600] [ 22.710642] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.710721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.710749] Hardware name: linux,dummy-virt (DT) [ 22.710784] ================================================================== [ 22.605901] ================================================================== [ 22.605987] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.605987] [ 22.606048] Invalid free of 0x0000000027803fb8 (in kfence-#103): [ 22.606104] test_invalid_addr_free+0x1ac/0x238 [ 22.606153] kunit_try_run_case+0x170/0x3f0 [ 22.606196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.606240] kthread+0x328/0x630 [ 22.606278] ret_from_fork+0x10/0x20 [ 22.606319] [ 22.606342] kfence-#103: 0x000000008808200e-0x000000008184fef1, size=32, cache=kmalloc-32 [ 22.606342] [ 22.606400] allocated by task 308 on cpu 0 at 22.605756s (0.000640s ago): [ 22.606462] test_alloc+0x29c/0x628 [ 22.606502] test_invalid_addr_free+0xd4/0x238 [ 22.606545] kunit_try_run_case+0x170/0x3f0 [ 22.606597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.606642] kthread+0x328/0x630 [ 22.606679] ret_from_fork+0x10/0x20 [ 22.606719] [ 22.606763] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.606843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.606874] Hardware name: linux,dummy-virt (DT) [ 22.606911] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.397881] ================================================================== [ 22.397968] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.397968] [ 22.398027] Invalid free of 0x00000000e93bdb42 (in kfence-#101): [ 22.398094] test_double_free+0x1bc/0x238 [ 22.398140] kunit_try_run_case+0x170/0x3f0 [ 22.398185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.398228] kthread+0x328/0x630 [ 22.398268] ret_from_fork+0x10/0x20 [ 22.398306] [ 22.398330] kfence-#101: 0x00000000e93bdb42-0x0000000076e54ea9, size=32, cache=kmalloc-32 [ 22.398330] [ 22.398386] allocated by task 304 on cpu 1 at 22.397654s (0.000728s ago): [ 22.398448] test_alloc+0x29c/0x628 [ 22.398488] test_double_free+0xd4/0x238 [ 22.398528] kunit_try_run_case+0x170/0x3f0 [ 22.398586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.398629] kthread+0x328/0x630 [ 22.398665] ret_from_fork+0x10/0x20 [ 22.398703] [ 22.398728] freed by task 304 on cpu 1 at 22.397729s (0.000995s ago): [ 22.398791] test_double_free+0x1ac/0x238 [ 22.398832] kunit_try_run_case+0x170/0x3f0 [ 22.398872] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.398916] kthread+0x328/0x630 [ 22.398953] ret_from_fork+0x10/0x20 [ 22.398993] [ 22.399038] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.399118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.399146] Hardware name: linux,dummy-virt (DT) [ 22.399182] ================================================================== [ 22.501898] ================================================================== [ 22.501990] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.501990] [ 22.502050] Invalid free of 0x000000008f715a2d (in kfence-#102): [ 22.502105] test_double_free+0x100/0x238 [ 22.502151] kunit_try_run_case+0x170/0x3f0 [ 22.502193] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.502235] kthread+0x328/0x630 [ 22.502273] ret_from_fork+0x10/0x20 [ 22.502311] [ 22.502334] kfence-#102: 0x000000008f715a2d-0x0000000005e2801a, size=32, cache=test [ 22.502334] [ 22.502387] allocated by task 306 on cpu 1 at 22.501691s (0.000692s ago): [ 22.502449] test_alloc+0x230/0x628 [ 22.502488] test_double_free+0xd4/0x238 [ 22.502529] kunit_try_run_case+0x170/0x3f0 [ 22.502581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.502627] kthread+0x328/0x630 [ 22.502661] ret_from_fork+0x10/0x20 [ 22.502700] [ 22.502723] freed by task 306 on cpu 1 at 22.501752s (0.000967s ago): [ 22.502784] test_double_free+0xf0/0x238 [ 22.502823] kunit_try_run_case+0x170/0x3f0 [ 22.502864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.502907] kthread+0x328/0x630 [ 22.502942] ret_from_fork+0x10/0x20 [ 22.502981] [ 22.503025] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.503102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.503132] Hardware name: linux,dummy-virt (DT) [ 22.503167] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.085953] ================================================================== [ 22.086047] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.086047] [ 22.086132] Use-after-free read at 0x00000000b37d2e22 (in kfence-#98): [ 22.086185] test_use_after_free_read+0x114/0x248 [ 22.086232] kunit_try_run_case+0x170/0x3f0 [ 22.086275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.086319] kthread+0x328/0x630 [ 22.086357] ret_from_fork+0x10/0x20 [ 22.086397] [ 22.086420] kfence-#98: 0x00000000b37d2e22-0x00000000675138bb, size=32, cache=test [ 22.086420] [ 22.086471] allocated by task 298 on cpu 1 at 22.085748s (0.000719s ago): [ 22.086540] test_alloc+0x230/0x628 [ 22.086593] test_use_after_free_read+0xd0/0x248 [ 22.086638] kunit_try_run_case+0x170/0x3f0 [ 22.086678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.086721] kthread+0x328/0x630 [ 22.086758] ret_from_fork+0x10/0x20 [ 22.086797] [ 22.086820] freed by task 298 on cpu 1 at 22.085809s (0.001007s ago): [ 22.086919] test_use_after_free_read+0xf0/0x248 [ 22.086962] kunit_try_run_case+0x170/0x3f0 [ 22.087002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.087047] kthread+0x328/0x630 [ 22.087084] ret_from_fork+0x10/0x20 [ 22.087123] [ 22.087164] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.087242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.087271] Hardware name: linux,dummy-virt (DT) [ 22.087306] ================================================================== [ 21.982072] ================================================================== [ 21.982166] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.982166] [ 21.982268] Use-after-free read at 0x00000000cd4da5f5 (in kfence-#97): [ 21.982321] test_use_after_free_read+0x114/0x248 [ 21.982367] kunit_try_run_case+0x170/0x3f0 [ 21.982414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.982458] kthread+0x328/0x630 [ 21.982496] ret_from_fork+0x10/0x20 [ 21.982536] [ 21.982560] kfence-#97: 0x00000000cd4da5f5-0x00000000e4520b9a, size=32, cache=kmalloc-32 [ 21.982560] [ 21.982632] allocated by task 296 on cpu 1 at 21.981773s (0.000855s ago): [ 21.982702] test_alloc+0x29c/0x628 [ 21.982742] test_use_after_free_read+0xd0/0x248 [ 21.982783] kunit_try_run_case+0x170/0x3f0 [ 21.982823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.982868] kthread+0x328/0x630 [ 21.982902] ret_from_fork+0x10/0x20 [ 21.982942] [ 21.982965] freed by task 296 on cpu 1 at 21.981863s (0.001098s ago): [ 21.983027] test_use_after_free_read+0x1c0/0x248 [ 21.983068] kunit_try_run_case+0x170/0x3f0 [ 21.983107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.983151] kthread+0x328/0x630 [ 21.983187] ret_from_fork+0x10/0x20 [ 21.983225] [ 21.983272] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.983351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.983379] Hardware name: linux,dummy-virt (DT) [ 21.983415] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.566326] ================================================================== [ 21.566425] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.566425] [ 21.566584] Out-of-bounds write at 0x0000000001f3264b (1B left of kfence-#93): [ 21.566645] test_out_of_bounds_write+0x100/0x240 [ 21.566708] kunit_try_run_case+0x170/0x3f0 [ 21.566920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.566970] kthread+0x328/0x630 [ 21.567110] ret_from_fork+0x10/0x20 [ 21.567156] [ 21.567255] kfence-#93: 0x00000000f6240d36-0x00000000f728a977, size=32, cache=kmalloc-32 [ 21.567255] [ 21.567332] allocated by task 292 on cpu 0 at 21.566162s (0.001166s ago): [ 21.567415] test_alloc+0x29c/0x628 [ 21.567455] test_out_of_bounds_write+0xc8/0x240 [ 21.567496] kunit_try_run_case+0x170/0x3f0 [ 21.567536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.567589] kthread+0x328/0x630 [ 21.567626] ret_from_fork+0x10/0x20 [ 21.567664] [ 21.567712] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.567791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.567821] Hardware name: linux,dummy-virt (DT) [ 21.567857] ================================================================== [ 21.877905] ================================================================== [ 21.878009] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.878009] [ 21.878103] Out-of-bounds write at 0x00000000fe47eebd (1B left of kfence-#96): [ 21.878163] test_out_of_bounds_write+0x100/0x240 [ 21.878211] kunit_try_run_case+0x170/0x3f0 [ 21.878256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.878301] kthread+0x328/0x630 [ 21.878340] ret_from_fork+0x10/0x20 [ 21.878380] [ 21.878404] kfence-#96: 0x000000006c0e3430-0x00000000f3ad1786, size=32, cache=test [ 21.878404] [ 21.878457] allocated by task 294 on cpu 0 at 21.877821s (0.000632s ago): [ 21.878526] test_alloc+0x230/0x628 [ 21.878578] test_out_of_bounds_write+0xc8/0x240 [ 21.878622] kunit_try_run_case+0x170/0x3f0 [ 21.878662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.878706] kthread+0x328/0x630 [ 21.878742] ret_from_fork+0x10/0x20 [ 21.878782] [ 21.878827] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.878907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.878937] Hardware name: linux,dummy-virt (DT) [ 21.878972] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.942881] ================================================================== [ 20.942961] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.942961] [ 20.943043] Out-of-bounds read at 0x000000001ef8a815 (1B left of kfence-#87): [ 20.943129] test_out_of_bounds_read+0x114/0x3e0 [ 20.943192] kunit_try_run_case+0x170/0x3f0 [ 20.943238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.943289] kthread+0x328/0x630 [ 20.943337] ret_from_fork+0x10/0x20 [ 20.943376] [ 20.943399] kfence-#87: 0x00000000ca01240f-0x00000000099a0fc6, size=32, cache=test [ 20.943399] [ 20.943465] allocated by task 290 on cpu 0 at 20.942796s (0.000650s ago): [ 20.943614] test_alloc+0x230/0x628 [ 20.943668] test_out_of_bounds_read+0xdc/0x3e0 [ 20.943720] kunit_try_run_case+0x170/0x3f0 [ 20.943759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.943801] kthread+0x328/0x630 [ 20.943841] ret_from_fork+0x10/0x20 [ 20.943880] [ 20.943923] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.944002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.944029] Hardware name: linux,dummy-virt (DT) [ 20.944069] ================================================================== [ 20.736756] ================================================================== [ 20.736875] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.736875] [ 20.737314] Out-of-bounds read at 0x000000002f41326d (32B right of kfence-#85): [ 20.737433] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.737831] kunit_try_run_case+0x170/0x3f0 [ 20.737880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.737924] kthread+0x328/0x630 [ 20.737963] ret_from_fork+0x10/0x20 [ 20.738557] [ 20.738693] kfence-#85: 0x000000003c056e05-0x000000004fdc3daa, size=32, cache=kmalloc-32 [ 20.738693] [ 20.738777] allocated by task 288 on cpu 0 at 20.736368s (0.002398s ago): [ 20.739294] test_alloc+0x29c/0x628 [ 20.739360] test_out_of_bounds_read+0x198/0x3e0 [ 20.739688] kunit_try_run_case+0x170/0x3f0 [ 20.739788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.740087] kthread+0x328/0x630 [ 20.740193] ret_from_fork+0x10/0x20 [ 20.740530] [ 20.740634] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.740864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.740971] Hardware name: linux,dummy-virt (DT) [ 20.741133] ================================================================== [ 20.630673] ================================================================== [ 20.631038] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.631038] [ 20.631431] Out-of-bounds read at 0x000000009e409f5f (1B left of kfence-#84): [ 20.631556] test_out_of_bounds_read+0x114/0x3e0 [ 20.631633] kunit_try_run_case+0x170/0x3f0 [ 20.631877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.632113] kthread+0x328/0x630 [ 20.632173] ret_from_fork+0x10/0x20 [ 20.632242] [ 20.632270] kfence-#84: 0x000000005ea56a8d-0x00000000ede62b4b, size=32, cache=kmalloc-32 [ 20.632270] [ 20.632495] allocated by task 288 on cpu 0 at 20.630333s (0.001989s ago): [ 20.632588] test_alloc+0x29c/0x628 [ 20.632671] test_out_of_bounds_read+0xdc/0x3e0 [ 20.632717] kunit_try_run_case+0x170/0x3f0 [ 20.632773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.632951] kthread+0x328/0x630 [ 20.633219] ret_from_fork+0x10/0x20 [ 20.633344] [ 20.633548] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.633707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.633737] Hardware name: linux,dummy-virt (DT) [ 20.634096] ================================================================== [ 21.046770] ================================================================== [ 21.046858] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.046858] [ 21.047264] Out-of-bounds read at 0x00000000598909d8 (32B right of kfence-#88): [ 21.047334] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.047658] kunit_try_run_case+0x170/0x3f0 [ 21.047730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047775] kthread+0x328/0x630 [ 21.047884] ret_from_fork+0x10/0x20 [ 21.047959] [ 21.047983] kfence-#88: 0x000000002a3f8b1f-0x00000000647d7bda, size=32, cache=test [ 21.047983] [ 21.048051] allocated by task 290 on cpu 0 at 21.046594s (0.001445s ago): [ 21.048120] test_alloc+0x230/0x628 [ 21.048211] test_out_of_bounds_read+0x198/0x3e0 [ 21.048255] kunit_try_run_case+0x170/0x3f0 [ 21.048294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.048627] kthread+0x328/0x630 [ 21.048689] ret_from_fork+0x10/0x20 [ 21.048783] [ 21.048848] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.048988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.049027] Hardware name: linux,dummy-virt (DT) [ 21.049082] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-krealloc_noprof
[ 16.946218] ================================================================== [ 16.946416] BUG: KFENCE: invalid free in krealloc_noprof+0x148/0x360 [ 16.946416] [ 16.946735] Invalid free of 0x00000000dcf6472e (in kfence-#55): [ 16.946791] krealloc_noprof+0x148/0x360 [ 16.946835] krealloc_uaf+0x180/0x520 [ 16.947142] kunit_try_run_case+0x170/0x3f0 [ 16.947276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.947319] kthread+0x328/0x630 [ 16.947368] ret_from_fork+0x10/0x20 [ 16.947410] [ 16.947504] kfence-#55: 0x00000000dcf6472e-0x00000000a7c9e69c, size=201, cache=kmalloc-256 [ 16.947504] [ 16.947655] allocated by task 165 on cpu 1 at 16.932817s (0.014834s ago): [ 16.947717] krealloc_uaf+0xc8/0x520 [ 16.947758] kunit_try_run_case+0x170/0x3f0 [ 16.947863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.947960] kthread+0x328/0x630 [ 16.948092] ret_from_fork+0x10/0x20 [ 16.948195] [ 16.948218] freed by task 165 on cpu 1 at 16.932882s (0.015327s ago): [ 16.948340] krealloc_uaf+0x12c/0x520 [ 16.948379] kunit_try_run_case+0x170/0x3f0 [ 16.948463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.948606] kthread+0x328/0x630 [ 16.948695] ret_from_fork+0x10/0x20 [ 16.948767] [ 16.948847] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.948927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.948958] Hardware name: linux,dummy-virt (DT) [ 16.949026] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-__memcpy
[ 16.936968] ================================================================== [ 16.937067] BUG: KFENCE: use-after-free read in __memcpy+0xc/0x30 [ 16.937067] [ 16.937154] Use-after-free read at 0x00000000dcf6472e (in kfence-#55): [ 16.938116] __memcpy+0xc/0x30 [ 16.938197] krealloc_uaf+0x180/0x520 [ 16.938238] kunit_try_run_case+0x170/0x3f0 [ 16.938435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.938483] kthread+0x328/0x630 [ 16.938555] ret_from_fork+0x10/0x20 [ 16.938701] [ 16.938910] kfence-#55: 0x00000000dcf6472e-0x00000000a7c9e69c, size=201, cache=kmalloc-256 [ 16.938910] [ 16.939390] allocated by task 165 on cpu 1 at 16.932817s (0.006225s ago): [ 16.940588] krealloc_uaf+0xc8/0x520 [ 16.940666] kunit_try_run_case+0x170/0x3f0 [ 16.940705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.941005] kthread+0x328/0x630 [ 16.941038] ret_from_fork+0x10/0x20 [ 16.941117] [ 16.941901] freed by task 165 on cpu 1 at 16.932882s (0.008618s ago): [ 16.942270] krealloc_uaf+0x12c/0x520 [ 16.942316] kunit_try_run_case+0x170/0x3f0 [ 16.942450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.942596] kthread+0x328/0x630 [ 16.942648] ret_from_fork+0x10/0x20 [ 16.942816] [ 16.943046] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.943131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.943157] Hardware name: linux,dummy-virt (DT) [ 16.943193] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.186580] ================================================================== [ 20.186638] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.187211] Write of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.187381] [ 20.187417] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.187535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.187645] Hardware name: linux,dummy-virt (DT) [ 20.187680] Call trace: [ 20.187706] show_stack+0x20/0x38 (C) [ 20.187757] dump_stack_lvl+0x8c/0xd0 [ 20.188045] print_report+0x118/0x608 [ 20.188115] kasan_report+0xdc/0x128 [ 20.188165] kasan_check_range+0x100/0x1a8 [ 20.188265] __kasan_check_write+0x20/0x30 [ 20.188319] strncpy_from_user+0x3c/0x2a0 [ 20.188707] copy_user_test_oob+0x5c0/0xec8 [ 20.188783] kunit_try_run_case+0x170/0x3f0 [ 20.188841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.189051] kthread+0x328/0x630 [ 20.189113] ret_from_fork+0x10/0x20 [ 20.189164] [ 20.189184] Allocated by task 286: [ 20.189376] kasan_save_stack+0x3c/0x68 [ 20.189478] kasan_save_track+0x20/0x40 [ 20.189860] kasan_save_alloc_info+0x40/0x58 [ 20.190004] __kasan_kmalloc+0xd4/0xd8 [ 20.190265] __kmalloc_noprof+0x198/0x4c8 [ 20.190491] kunit_kmalloc_array+0x34/0x88 [ 20.190756] copy_user_test_oob+0xac/0xec8 [ 20.190840] kunit_try_run_case+0x170/0x3f0 [ 20.191194] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.191348] kthread+0x328/0x630 [ 20.191537] ret_from_fork+0x10/0x20 [ 20.191741] [ 20.191789] The buggy address belongs to the object at fff00000c57ee700 [ 20.191789] which belongs to the cache kmalloc-128 of size 128 [ 20.191983] The buggy address is located 0 bytes inside of [ 20.191983] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.192208] [ 20.192391] The buggy address belongs to the physical page: [ 20.192440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.192714] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.192872] page_type: f5(slab) [ 20.193054] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.193498] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.194033] page dumped because: kasan: bad access detected [ 20.194089] [ 20.194146] Memory state around the buggy address: [ 20.194362] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.194589] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.194644] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.194959] ^ [ 20.195257] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.195514] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.195810] ================================================================== [ 20.197799] ================================================================== [ 20.198002] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.198058] Write of size 1 at addr fff00000c57ee778 by task kunit_try_catch/286 [ 20.198110] [ 20.198170] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.198256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.198294] Hardware name: linux,dummy-virt (DT) [ 20.198327] Call trace: [ 20.198350] show_stack+0x20/0x38 (C) [ 20.198405] dump_stack_lvl+0x8c/0xd0 [ 20.198477] print_report+0x118/0x608 [ 20.198527] kasan_report+0xdc/0x128 [ 20.198586] __asan_report_store1_noabort+0x20/0x30 [ 20.198636] strncpy_from_user+0x270/0x2a0 [ 20.198703] copy_user_test_oob+0x5c0/0xec8 [ 20.198757] kunit_try_run_case+0x170/0x3f0 [ 20.198820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.198876] kthread+0x328/0x630 [ 20.198917] ret_from_fork+0x10/0x20 [ 20.198990] [ 20.199019] Allocated by task 286: [ 20.199055] kasan_save_stack+0x3c/0x68 [ 20.199121] kasan_save_track+0x20/0x40 [ 20.199162] kasan_save_alloc_info+0x40/0x58 [ 20.199203] __kasan_kmalloc+0xd4/0xd8 [ 20.199245] __kmalloc_noprof+0x198/0x4c8 [ 20.199285] kunit_kmalloc_array+0x34/0x88 [ 20.199339] copy_user_test_oob+0xac/0xec8 [ 20.199388] kunit_try_run_case+0x170/0x3f0 [ 20.199436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.199483] kthread+0x328/0x630 [ 20.199516] ret_from_fork+0x10/0x20 [ 20.199554] [ 20.199801] The buggy address belongs to the object at fff00000c57ee700 [ 20.199801] which belongs to the cache kmalloc-128 of size 128 [ 20.200554] The buggy address is located 0 bytes to the right of [ 20.200554] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.200665] [ 20.200717] The buggy address belongs to the physical page: [ 20.200751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.201006] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.201098] page_type: f5(slab) [ 20.201374] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.201848] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.201914] page dumped because: kasan: bad access detected [ 20.201958] [ 20.201978] Memory state around the buggy address: [ 20.202014] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.202062] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.202110] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.202152] ^ [ 20.202196] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.202242] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.202284] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.119470] ================================================================== [ 20.119622] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.119716] Write of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.119774] [ 20.119823] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.121754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.121857] Hardware name: linux,dummy-virt (DT) [ 20.121903] Call trace: [ 20.121930] show_stack+0x20/0x38 (C) [ 20.122218] dump_stack_lvl+0x8c/0xd0 [ 20.122745] print_report+0x118/0x608 [ 20.122810] kasan_report+0xdc/0x128 [ 20.122915] kasan_check_range+0x100/0x1a8 [ 20.122965] __kasan_check_write+0x20/0x30 [ 20.123014] copy_user_test_oob+0x234/0xec8 [ 20.123072] kunit_try_run_case+0x170/0x3f0 [ 20.123138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.123194] kthread+0x328/0x630 [ 20.123239] ret_from_fork+0x10/0x20 [ 20.123478] [ 20.123503] Allocated by task 286: [ 20.123793] kasan_save_stack+0x3c/0x68 [ 20.123956] kasan_save_track+0x20/0x40 [ 20.123998] kasan_save_alloc_info+0x40/0x58 [ 20.124419] __kasan_kmalloc+0xd4/0xd8 [ 20.124504] __kmalloc_noprof+0x198/0x4c8 [ 20.124550] kunit_kmalloc_array+0x34/0x88 [ 20.124892] copy_user_test_oob+0xac/0xec8 [ 20.125267] kunit_try_run_case+0x170/0x3f0 [ 20.125461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.125515] kthread+0x328/0x630 [ 20.125606] ret_from_fork+0x10/0x20 [ 20.125652] [ 20.125824] The buggy address belongs to the object at fff00000c57ee700 [ 20.125824] which belongs to the cache kmalloc-128 of size 128 [ 20.126197] The buggy address is located 0 bytes inside of [ 20.126197] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.126629] [ 20.126685] The buggy address belongs to the physical page: [ 20.127024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.127494] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.127578] page_type: f5(slab) [ 20.127625] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.128100] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.128173] page dumped because: kasan: bad access detected [ 20.128236] [ 20.128257] Memory state around the buggy address: [ 20.128504] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.128580] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.128756] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.129179] ^ [ 20.129344] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.129454] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.129644] ================================================================== [ 20.168875] ================================================================== [ 20.168931] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.168982] Write of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.169171] [ 20.169230] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.169472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.169599] Hardware name: linux,dummy-virt (DT) [ 20.169680] Call trace: [ 20.169711] show_stack+0x20/0x38 (C) [ 20.169791] dump_stack_lvl+0x8c/0xd0 [ 20.169840] print_report+0x118/0x608 [ 20.170146] kasan_report+0xdc/0x128 [ 20.170402] kasan_check_range+0x100/0x1a8 [ 20.170552] __kasan_check_write+0x20/0x30 [ 20.170692] copy_user_test_oob+0x434/0xec8 [ 20.170835] kunit_try_run_case+0x170/0x3f0 [ 20.171002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.171059] kthread+0x328/0x630 [ 20.171132] ret_from_fork+0x10/0x20 [ 20.171493] [ 20.171639] Allocated by task 286: [ 20.171753] kasan_save_stack+0x3c/0x68 [ 20.171932] kasan_save_track+0x20/0x40 [ 20.172090] kasan_save_alloc_info+0x40/0x58 [ 20.172262] __kasan_kmalloc+0xd4/0xd8 [ 20.172428] __kmalloc_noprof+0x198/0x4c8 [ 20.172485] kunit_kmalloc_array+0x34/0x88 [ 20.172524] copy_user_test_oob+0xac/0xec8 [ 20.172762] kunit_try_run_case+0x170/0x3f0 [ 20.172923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.173154] kthread+0x328/0x630 [ 20.173330] ret_from_fork+0x10/0x20 [ 20.173393] [ 20.173447] The buggy address belongs to the object at fff00000c57ee700 [ 20.173447] which belongs to the cache kmalloc-128 of size 128 [ 20.173604] The buggy address is located 0 bytes inside of [ 20.173604] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.173686] [ 20.173812] The buggy address belongs to the physical page: [ 20.173891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.173977] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.174028] page_type: f5(slab) [ 20.174221] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.174309] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.174401] page dumped because: kasan: bad access detected [ 20.174588] [ 20.174747] Memory state around the buggy address: [ 20.174821] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.174889] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.175009] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.175071] ^ [ 20.175117] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.175421] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.175736] ================================================================== [ 20.177708] ================================================================== [ 20.177818] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.177983] Read of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.178167] [ 20.178206] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.178614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.178689] Hardware name: linux,dummy-virt (DT) [ 20.178779] Call trace: [ 20.178942] show_stack+0x20/0x38 (C) [ 20.179171] dump_stack_lvl+0x8c/0xd0 [ 20.179297] print_report+0x118/0x608 [ 20.179355] kasan_report+0xdc/0x128 [ 20.179401] kasan_check_range+0x100/0x1a8 [ 20.179459] __kasan_check_read+0x20/0x30 [ 20.179505] copy_user_test_oob+0x4a0/0xec8 [ 20.179585] kunit_try_run_case+0x170/0x3f0 [ 20.179632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.179696] kthread+0x328/0x630 [ 20.179737] ret_from_fork+0x10/0x20 [ 20.179788] [ 20.179817] Allocated by task 286: [ 20.179849] kasan_save_stack+0x3c/0x68 [ 20.179890] kasan_save_track+0x20/0x40 [ 20.179930] kasan_save_alloc_info+0x40/0x58 [ 20.179972] __kasan_kmalloc+0xd4/0xd8 [ 20.180020] __kmalloc_noprof+0x198/0x4c8 [ 20.180061] kunit_kmalloc_array+0x34/0x88 [ 20.180102] copy_user_test_oob+0xac/0xec8 [ 20.180147] kunit_try_run_case+0x170/0x3f0 [ 20.180187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.180233] kthread+0x328/0x630 [ 20.180266] ret_from_fork+0x10/0x20 [ 20.180312] [ 20.180333] The buggy address belongs to the object at fff00000c57ee700 [ 20.180333] which belongs to the cache kmalloc-128 of size 128 [ 20.180414] The buggy address is located 0 bytes inside of [ 20.180414] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.180480] [ 20.180526] The buggy address belongs to the physical page: [ 20.180576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.181272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.181374] page_type: f5(slab) [ 20.181436] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.181693] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.182074] page dumped because: kasan: bad access detected [ 20.182158] [ 20.182180] Memory state around the buggy address: [ 20.182217] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.182834] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.182924] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.183102] ^ [ 20.183153] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183529] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.183788] ================================================================== [ 20.163726] ================================================================== [ 20.163874] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.163952] Read of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.164007] [ 20.164040] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.164126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.164154] Hardware name: linux,dummy-virt (DT) [ 20.164188] Call trace: [ 20.164210] show_stack+0x20/0x38 (C) [ 20.164258] dump_stack_lvl+0x8c/0xd0 [ 20.164305] print_report+0x118/0x608 [ 20.164354] kasan_report+0xdc/0x128 [ 20.164400] kasan_check_range+0x100/0x1a8 [ 20.164449] __kasan_check_read+0x20/0x30 [ 20.164503] copy_user_test_oob+0x3c8/0xec8 [ 20.164552] kunit_try_run_case+0x170/0x3f0 [ 20.164612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.164665] kthread+0x328/0x630 [ 20.164707] ret_from_fork+0x10/0x20 [ 20.164756] [ 20.164776] Allocated by task 286: [ 20.164810] kasan_save_stack+0x3c/0x68 [ 20.164853] kasan_save_track+0x20/0x40 [ 20.164894] kasan_save_alloc_info+0x40/0x58 [ 20.164936] __kasan_kmalloc+0xd4/0xd8 [ 20.164983] __kmalloc_noprof+0x198/0x4c8 [ 20.165031] kunit_kmalloc_array+0x34/0x88 [ 20.165071] copy_user_test_oob+0xac/0xec8 [ 20.165109] kunit_try_run_case+0x170/0x3f0 [ 20.165149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.165195] kthread+0x328/0x630 [ 20.165227] ret_from_fork+0x10/0x20 [ 20.165269] [ 20.165296] The buggy address belongs to the object at fff00000c57ee700 [ 20.165296] which belongs to the cache kmalloc-128 of size 128 [ 20.165396] The buggy address is located 0 bytes inside of [ 20.165396] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.165460] [ 20.165482] The buggy address belongs to the physical page: [ 20.165518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.165589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.166328] page_type: f5(slab) [ 20.166460] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.166733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.166847] page dumped because: kasan: bad access detected [ 20.166958] [ 20.167023] Memory state around the buggy address: [ 20.167283] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.167451] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.167553] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.167672] ^ [ 20.167719] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.167989] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.168098] ================================================================== [ 20.157277] ================================================================== [ 20.157442] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.157777] Write of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.157925] [ 20.158055] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.158148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.158377] Hardware name: linux,dummy-virt (DT) [ 20.158528] Call trace: [ 20.158562] show_stack+0x20/0x38 (C) [ 20.158892] dump_stack_lvl+0x8c/0xd0 [ 20.159022] print_report+0x118/0x608 [ 20.159136] kasan_report+0xdc/0x128 [ 20.159254] kasan_check_range+0x100/0x1a8 [ 20.159324] __kasan_check_write+0x20/0x30 [ 20.159605] copy_user_test_oob+0x35c/0xec8 [ 20.159691] kunit_try_run_case+0x170/0x3f0 [ 20.159742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.159797] kthread+0x328/0x630 [ 20.159841] ret_from_fork+0x10/0x20 [ 20.159891] [ 20.159911] Allocated by task 286: [ 20.159942] kasan_save_stack+0x3c/0x68 [ 20.159984] kasan_save_track+0x20/0x40 [ 20.160024] kasan_save_alloc_info+0x40/0x58 [ 20.160065] __kasan_kmalloc+0xd4/0xd8 [ 20.160105] __kmalloc_noprof+0x198/0x4c8 [ 20.160146] kunit_kmalloc_array+0x34/0x88 [ 20.160184] copy_user_test_oob+0xac/0xec8 [ 20.160223] kunit_try_run_case+0x170/0x3f0 [ 20.160261] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.160308] kthread+0x328/0x630 [ 20.160341] ret_from_fork+0x10/0x20 [ 20.160379] [ 20.160400] The buggy address belongs to the object at fff00000c57ee700 [ 20.160400] which belongs to the cache kmalloc-128 of size 128 [ 20.160462] The buggy address is located 0 bytes inside of [ 20.160462] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.160526] [ 20.160550] The buggy address belongs to the physical page: [ 20.160629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.160711] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.160774] page_type: f5(slab) [ 20.160980] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.161103] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.161207] page dumped because: kasan: bad access detected [ 20.161393] [ 20.161421] Memory state around the buggy address: [ 20.161460] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.161518] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.161793] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.161971] ^ [ 20.162062] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162185] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162248] ================================================================== [ 20.140177] ================================================================== [ 20.140594] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.140710] Read of size 121 at addr fff00000c57ee700 by task kunit_try_catch/286 [ 20.140921] [ 20.140962] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.141485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.141538] Hardware name: linux,dummy-virt (DT) [ 20.141785] Call trace: [ 20.141812] show_stack+0x20/0x38 (C) [ 20.142071] dump_stack_lvl+0x8c/0xd0 [ 20.142169] print_report+0x118/0x608 [ 20.142339] kasan_report+0xdc/0x128 [ 20.142658] kasan_check_range+0x100/0x1a8 [ 20.142713] __kasan_check_read+0x20/0x30 [ 20.143172] copy_user_test_oob+0x728/0xec8 [ 20.143232] kunit_try_run_case+0x170/0x3f0 [ 20.143289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.143345] kthread+0x328/0x630 [ 20.143900] ret_from_fork+0x10/0x20 [ 20.143969] [ 20.144092] Allocated by task 286: [ 20.144316] kasan_save_stack+0x3c/0x68 [ 20.144364] kasan_save_track+0x20/0x40 [ 20.144403] kasan_save_alloc_info+0x40/0x58 [ 20.144446] __kasan_kmalloc+0xd4/0xd8 [ 20.145012] __kmalloc_noprof+0x198/0x4c8 [ 20.145093] kunit_kmalloc_array+0x34/0x88 [ 20.145134] copy_user_test_oob+0xac/0xec8 [ 20.145380] kunit_try_run_case+0x170/0x3f0 [ 20.145856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.145939] kthread+0x328/0x630 [ 20.145974] ret_from_fork+0x10/0x20 [ 20.146260] [ 20.146398] The buggy address belongs to the object at fff00000c57ee700 [ 20.146398] which belongs to the cache kmalloc-128 of size 128 [ 20.146640] The buggy address is located 0 bytes inside of [ 20.146640] allocated 120-byte region [fff00000c57ee700, fff00000c57ee778) [ 20.146715] [ 20.146738] The buggy address belongs to the physical page: [ 20.146972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.147044] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.147378] page_type: f5(slab) [ 20.147613] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.148154] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.148247] page dumped because: kasan: bad access detected [ 20.148485] [ 20.148531] Memory state around the buggy address: [ 20.148578] fff00000c57ee600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.149044] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.149106] >fff00000c57ee700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.149723] ^ [ 20.149861] fff00000c57ee780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.150117] fff00000c57ee800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.150167] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 20.046321] ================================================================== [ 20.046391] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 20.046577] Write of size 8 at addr fff00000c57ee678 by task kunit_try_catch/282 [ 20.046663] [ 20.046730] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.046848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.046898] Hardware name: linux,dummy-virt (DT) [ 20.046933] Call trace: [ 20.046957] show_stack+0x20/0x38 (C) [ 20.047009] dump_stack_lvl+0x8c/0xd0 [ 20.047061] print_report+0x118/0x608 [ 20.047299] kasan_report+0xdc/0x128 [ 20.047584] kasan_check_range+0x100/0x1a8 [ 20.047656] __kasan_check_write+0x20/0x30 [ 20.047723] copy_to_kernel_nofault+0x8c/0x250 [ 20.047775] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 20.047825] kunit_try_run_case+0x170/0x3f0 [ 20.047875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.047931] kthread+0x328/0x630 [ 20.047998] ret_from_fork+0x10/0x20 [ 20.048048] [ 20.048070] Allocated by task 282: [ 20.048099] kasan_save_stack+0x3c/0x68 [ 20.048144] kasan_save_track+0x20/0x40 [ 20.048183] kasan_save_alloc_info+0x40/0x58 [ 20.048224] __kasan_kmalloc+0xd4/0xd8 [ 20.048262] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.048302] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.048343] kunit_try_run_case+0x170/0x3f0 [ 20.048384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.048429] kthread+0x328/0x630 [ 20.048461] ret_from_fork+0x10/0x20 [ 20.048497] [ 20.048518] The buggy address belongs to the object at fff00000c57ee600 [ 20.048518] which belongs to the cache kmalloc-128 of size 128 [ 20.048599] The buggy address is located 0 bytes to the right of [ 20.048599] allocated 120-byte region [fff00000c57ee600, fff00000c57ee678) [ 20.048668] [ 20.048689] The buggy address belongs to the physical page: [ 20.048722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.048777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.048827] page_type: f5(slab) [ 20.048867] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.048920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.048965] page dumped because: kasan: bad access detected [ 20.048997] [ 20.049016] Memory state around the buggy address: [ 20.049050] fff00000c57ee500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.049097] fff00000c57ee580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049143] >fff00000c57ee600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.049535] ^ [ 20.049610] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049698] fff00000c57ee700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049741] ================================================================== [ 20.039205] ================================================================== [ 20.039276] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 20.039414] Read of size 8 at addr fff00000c57ee678 by task kunit_try_catch/282 [ 20.039473] [ 20.039530] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.039827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.039874] Hardware name: linux,dummy-virt (DT) [ 20.039910] Call trace: [ 20.039936] show_stack+0x20/0x38 (C) [ 20.040021] dump_stack_lvl+0x8c/0xd0 [ 20.040074] print_report+0x118/0x608 [ 20.040292] kasan_report+0xdc/0x128 [ 20.040352] __asan_report_load8_noabort+0x20/0x30 [ 20.040480] copy_to_kernel_nofault+0x204/0x250 [ 20.040554] copy_to_kernel_nofault_oob+0x158/0x418 [ 20.040851] kunit_try_run_case+0x170/0x3f0 [ 20.041001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.041070] kthread+0x328/0x630 [ 20.041114] ret_from_fork+0x10/0x20 [ 20.041166] [ 20.041271] Allocated by task 282: [ 20.041355] kasan_save_stack+0x3c/0x68 [ 20.041578] kasan_save_track+0x20/0x40 [ 20.041763] kasan_save_alloc_info+0x40/0x58 [ 20.041827] __kasan_kmalloc+0xd4/0xd8 [ 20.041929] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.041993] copy_to_kernel_nofault_oob+0xc8/0x418 [ 20.042033] kunit_try_run_case+0x170/0x3f0 [ 20.042208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.042268] kthread+0x328/0x630 [ 20.042345] ret_from_fork+0x10/0x20 [ 20.042430] [ 20.042499] The buggy address belongs to the object at fff00000c57ee600 [ 20.042499] which belongs to the cache kmalloc-128 of size 128 [ 20.042716] The buggy address is located 0 bytes to the right of [ 20.042716] allocated 120-byte region [fff00000c57ee600, fff00000c57ee678) [ 20.042893] [ 20.042928] The buggy address belongs to the physical page: [ 20.042974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 20.043097] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.043170] page_type: f5(slab) [ 20.043339] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.043420] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.043465] page dumped because: kasan: bad access detected [ 20.043601] [ 20.043640] Memory state around the buggy address: [ 20.043741] fff00000c57ee500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.043811] fff00000c57ee580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.043858] >fff00000c57ee600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.044099] ^ [ 20.044181] fff00000c57ee680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.044301] fff00000c57ee700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.044378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.999706] ================================================================== [ 19.999758] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.999826] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 19.999879] [ 19.999910] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.000049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.000084] Hardware name: linux,dummy-virt (DT) [ 20.000115] Call trace: [ 20.000138] show_stack+0x20/0x38 (C) [ 20.000187] dump_stack_lvl+0x8c/0xd0 [ 20.000277] print_report+0x310/0x608 [ 20.000354] kasan_report+0xdc/0x128 [ 20.000419] __asan_report_load1_noabort+0x20/0x30 [ 20.000490] vmalloc_oob+0x51c/0x5d0 [ 20.000667] kunit_try_run_case+0x170/0x3f0 [ 20.000719] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.000795] kthread+0x328/0x630 [ 20.000848] ret_from_fork+0x10/0x20 [ 20.000913] [ 20.000940] The buggy address belongs to the virtual mapping at [ 20.000940] [ffff8000800fe000, ffff800080100000) created by: [ 20.000940] vmalloc_oob+0x98/0x5d0 [ 20.001016] [ 20.001044] The buggy address belongs to the physical page: [ 20.001088] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105785 [ 20.001141] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.001202] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.001341] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.001393] page dumped because: kasan: bad access detected [ 20.001427] [ 20.001463] Memory state around the buggy address: [ 20.001543] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.001637] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.001691] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 20.001774] ^ [ 20.001873] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.001926] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 20.001998] ================================================================== [ 19.996246] ================================================================== [ 19.996332] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.996393] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 19.996445] [ 19.996484] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.996582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.996610] Hardware name: linux,dummy-virt (DT) [ 19.996646] Call trace: [ 19.996670] show_stack+0x20/0x38 (C) [ 19.996770] dump_stack_lvl+0x8c/0xd0 [ 19.996821] print_report+0x310/0x608 [ 19.996868] kasan_report+0xdc/0x128 [ 19.996915] __asan_report_load1_noabort+0x20/0x30 [ 19.996966] vmalloc_oob+0x578/0x5d0 [ 19.997011] kunit_try_run_case+0x170/0x3f0 [ 19.997060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.997115] kthread+0x328/0x630 [ 19.997480] ret_from_fork+0x10/0x20 [ 19.997624] [ 19.997661] The buggy address belongs to the virtual mapping at [ 19.997661] [ffff8000800fe000, ffff800080100000) created by: [ 19.997661] vmalloc_oob+0x98/0x5d0 [ 19.997776] [ 19.997826] The buggy address belongs to the physical page: [ 19.997896] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105785 [ 19.997955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.998043] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.998098] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.998143] page dumped because: kasan: bad access detected [ 19.998178] [ 19.998344] Memory state around the buggy address: [ 19.998381] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.998428] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.998554] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.998657] ^ [ 19.998754] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.998833] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.998930] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.731660] ================================================================== [ 19.731837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.731921] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.731978] [ 19.732164] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.732352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.732386] Hardware name: linux,dummy-virt (DT) [ 19.732420] Call trace: [ 19.732467] show_stack+0x20/0x38 (C) [ 19.732585] dump_stack_lvl+0x8c/0xd0 [ 19.732634] print_report+0x118/0x608 [ 19.732682] kasan_report+0xdc/0x128 [ 19.732727] kasan_check_range+0x100/0x1a8 [ 19.732782] __kasan_check_write+0x20/0x30 [ 19.732829] kasan_atomics_helper+0xeb8/0x4858 [ 19.732877] kasan_atomics+0x198/0x2e0 [ 19.732924] kunit_try_run_case+0x170/0x3f0 [ 19.732972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.733027] kthread+0x328/0x630 [ 19.733070] ret_from_fork+0x10/0x20 [ 19.733119] [ 19.733158] Allocated by task 266: [ 19.733193] kasan_save_stack+0x3c/0x68 [ 19.733239] kasan_save_track+0x20/0x40 [ 19.733285] kasan_save_alloc_info+0x40/0x58 [ 19.733337] __kasan_kmalloc+0xd4/0xd8 [ 19.733979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.734143] kasan_atomics+0xb8/0x2e0 [ 19.734240] kunit_try_run_case+0x170/0x3f0 [ 19.734304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.734351] kthread+0x328/0x630 [ 19.734392] ret_from_fork+0x10/0x20 [ 19.734430] [ 19.734452] The buggy address belongs to the object at fff00000c57aa700 [ 19.734452] which belongs to the cache kmalloc-64 of size 64 [ 19.734514] The buggy address is located 0 bytes to the right of [ 19.734514] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.735078] [ 19.735194] The buggy address belongs to the physical page: [ 19.735288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.735396] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.735457] page_type: f5(slab) [ 19.735497] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.735845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.735929] page dumped because: kasan: bad access detected [ 19.735977] [ 19.736028] Memory state around the buggy address: [ 19.736383] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.736581] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.736741] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.736843] ^ [ 19.736895] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.737195] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.737267] ================================================================== [ 19.754954] ================================================================== [ 19.755011] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.755063] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.755114] [ 19.755147] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.755232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.755261] Hardware name: linux,dummy-virt (DT) [ 19.755302] Call trace: [ 19.755327] show_stack+0x20/0x38 (C) [ 19.755388] dump_stack_lvl+0x8c/0xd0 [ 19.755439] print_report+0x118/0x608 [ 19.755485] kasan_report+0xdc/0x128 [ 19.755540] kasan_check_range+0x100/0x1a8 [ 19.755612] __kasan_check_write+0x20/0x30 [ 19.755659] kasan_atomics_helper+0xff0/0x4858 [ 19.755709] kasan_atomics+0x198/0x2e0 [ 19.755754] kunit_try_run_case+0x170/0x3f0 [ 19.755802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.755855] kthread+0x328/0x630 [ 19.755898] ret_from_fork+0x10/0x20 [ 19.755945] [ 19.755967] Allocated by task 266: [ 19.755995] kasan_save_stack+0x3c/0x68 [ 19.756037] kasan_save_track+0x20/0x40 [ 19.756077] kasan_save_alloc_info+0x40/0x58 [ 19.756117] __kasan_kmalloc+0xd4/0xd8 [ 19.756157] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.756209] kasan_atomics+0xb8/0x2e0 [ 19.756247] kunit_try_run_case+0x170/0x3f0 [ 19.756286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756332] kthread+0x328/0x630 [ 19.756382] ret_from_fork+0x10/0x20 [ 19.756426] [ 19.756448] The buggy address belongs to the object at fff00000c57aa700 [ 19.756448] which belongs to the cache kmalloc-64 of size 64 [ 19.756508] The buggy address is located 0 bytes to the right of [ 19.756508] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.757125] [ 19.757196] The buggy address belongs to the physical page: [ 19.757234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.757299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.758099] page_type: f5(slab) [ 19.758177] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.758422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.758534] page dumped because: kasan: bad access detected [ 19.758893] [ 19.758949] Memory state around the buggy address: [ 19.759009] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.759079] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.759359] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.759588] ^ [ 19.759901] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760072] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760196] ================================================================== [ 19.946740] ================================================================== [ 19.946941] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.947014] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.947136] [ 19.947263] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.947660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.947693] Hardware name: linux,dummy-virt (DT) [ 19.947924] Call trace: [ 19.947948] show_stack+0x20/0x38 (C) [ 19.947999] dump_stack_lvl+0x8c/0xd0 [ 19.948047] print_report+0x118/0x608 [ 19.948093] kasan_report+0xdc/0x128 [ 19.948141] kasan_check_range+0x100/0x1a8 [ 19.948190] __kasan_check_write+0x20/0x30 [ 19.948235] kasan_atomics_helper+0x175c/0x4858 [ 19.948284] kasan_atomics+0x198/0x2e0 [ 19.948329] kunit_try_run_case+0x170/0x3f0 [ 19.948378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.948431] kthread+0x328/0x630 [ 19.948473] ret_from_fork+0x10/0x20 [ 19.948521] [ 19.948541] Allocated by task 266: [ 19.948580] kasan_save_stack+0x3c/0x68 [ 19.949093] kasan_save_track+0x20/0x40 [ 19.949151] kasan_save_alloc_info+0x40/0x58 [ 19.949813] __kasan_kmalloc+0xd4/0xd8 [ 19.950238] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.950495] kasan_atomics+0xb8/0x2e0 [ 19.950823] kunit_try_run_case+0x170/0x3f0 [ 19.950882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.950929] kthread+0x328/0x630 [ 19.951081] ret_from_fork+0x10/0x20 [ 19.951311] [ 19.951442] The buggy address belongs to the object at fff00000c57aa700 [ 19.951442] which belongs to the cache kmalloc-64 of size 64 [ 19.951796] The buggy address is located 0 bytes to the right of [ 19.951796] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.951868] [ 19.951891] The buggy address belongs to the physical page: [ 19.951924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.951979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.952029] page_type: f5(slab) [ 19.952539] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.952630] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.953010] page dumped because: kasan: bad access detected [ 19.953162] [ 19.953364] Memory state around the buggy address: [ 19.953420] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.953470] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.953583] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.953645] ^ [ 19.953742] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.953946] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.954083] ================================================================== [ 19.602499] ================================================================== [ 19.602560] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.602628] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.602681] [ 19.602730] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.602852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.603359] Hardware name: linux,dummy-virt (DT) [ 19.603553] Call trace: [ 19.603727] show_stack+0x20/0x38 (C) [ 19.603937] dump_stack_lvl+0x8c/0xd0 [ 19.604212] print_report+0x118/0x608 [ 19.604263] kasan_report+0xdc/0x128 [ 19.604310] kasan_check_range+0x100/0x1a8 [ 19.604361] __kasan_check_write+0x20/0x30 [ 19.605006] kasan_atomics_helper+0xad4/0x4858 [ 19.605347] kasan_atomics+0x198/0x2e0 [ 19.605434] kunit_try_run_case+0x170/0x3f0 [ 19.605485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.605540] kthread+0x328/0x630 [ 19.605934] ret_from_fork+0x10/0x20 [ 19.605989] [ 19.606010] Allocated by task 266: [ 19.606298] kasan_save_stack+0x3c/0x68 [ 19.606435] kasan_save_track+0x20/0x40 [ 19.606590] kasan_save_alloc_info+0x40/0x58 [ 19.606634] __kasan_kmalloc+0xd4/0xd8 [ 19.606673] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.606726] kasan_atomics+0xb8/0x2e0 [ 19.606924] kunit_try_run_case+0x170/0x3f0 [ 19.606965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.607011] kthread+0x328/0x630 [ 19.607084] ret_from_fork+0x10/0x20 [ 19.608588] [ 19.609022] The buggy address belongs to the object at fff00000c57aa700 [ 19.609022] which belongs to the cache kmalloc-64 of size 64 [ 19.609351] The buggy address is located 0 bytes to the right of [ 19.609351] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.609423] [ 19.609556] The buggy address belongs to the physical page: [ 19.609642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.611573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.611645] page_type: f5(slab) [ 19.611689] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.611742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.611786] page dumped because: kasan: bad access detected [ 19.611821] [ 19.611842] Memory state around the buggy address: [ 19.611879] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611925] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611970] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.612012] ^ [ 19.612046] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.612091] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.612132] ================================================================== [ 19.667089] ================================================================== [ 19.667166] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.667220] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.667279] [ 19.667312] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.667397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.667425] Hardware name: linux,dummy-virt (DT) [ 19.667459] Call trace: [ 19.667482] show_stack+0x20/0x38 (C) [ 19.667532] dump_stack_lvl+0x8c/0xd0 [ 19.667591] print_report+0x118/0x608 [ 19.667639] kasan_report+0xdc/0x128 [ 19.667684] kasan_check_range+0x100/0x1a8 [ 19.667735] __kasan_check_write+0x20/0x30 [ 19.667780] kasan_atomics_helper+0xd3c/0x4858 [ 19.667828] kasan_atomics+0x198/0x2e0 [ 19.667874] kunit_try_run_case+0x170/0x3f0 [ 19.667922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667977] kthread+0x328/0x630 [ 19.668020] ret_from_fork+0x10/0x20 [ 19.668069] [ 19.668089] Allocated by task 266: [ 19.668119] kasan_save_stack+0x3c/0x68 [ 19.668162] kasan_save_track+0x20/0x40 [ 19.668202] kasan_save_alloc_info+0x40/0x58 [ 19.668244] __kasan_kmalloc+0xd4/0xd8 [ 19.668283] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.668325] kasan_atomics+0xb8/0x2e0 [ 19.668361] kunit_try_run_case+0x170/0x3f0 [ 19.668401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.668447] kthread+0x328/0x630 [ 19.669047] ret_from_fork+0x10/0x20 [ 19.669796] [ 19.669824] The buggy address belongs to the object at fff00000c57aa700 [ 19.669824] which belongs to the cache kmalloc-64 of size 64 [ 19.669889] The buggy address is located 0 bytes to the right of [ 19.669889] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.670512] [ 19.670552] The buggy address belongs to the physical page: [ 19.670687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.670979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.671260] page_type: f5(slab) [ 19.671305] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.671826] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.672176] page dumped because: kasan: bad access detected [ 19.672516] [ 19.672785] Memory state around the buggy address: [ 19.672980] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.673235] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.673532] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.673628] ^ [ 19.673849] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.673899] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.673943] ================================================================== [ 19.954383] ================================================================== [ 19.954600] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.954653] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.954705] [ 19.954736] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.954819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.954849] Hardware name: linux,dummy-virt (DT) [ 19.955441] Call trace: [ 19.955738] show_stack+0x20/0x38 (C) [ 19.955792] dump_stack_lvl+0x8c/0xd0 [ 19.956029] print_report+0x118/0x608 [ 19.956359] kasan_report+0xdc/0x128 [ 19.956716] __asan_report_load8_noabort+0x20/0x30 [ 19.956972] kasan_atomics_helper+0x3e20/0x4858 [ 19.957350] kasan_atomics+0x198/0x2e0 [ 19.957640] kunit_try_run_case+0x170/0x3f0 [ 19.957707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.957863] kthread+0x328/0x630 [ 19.957931] ret_from_fork+0x10/0x20 [ 19.958121] [ 19.958350] Allocated by task 266: [ 19.958545] kasan_save_stack+0x3c/0x68 [ 19.958606] kasan_save_track+0x20/0x40 [ 19.959057] kasan_save_alloc_info+0x40/0x58 [ 19.959355] __kasan_kmalloc+0xd4/0xd8 [ 19.959395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.959438] kasan_atomics+0xb8/0x2e0 [ 19.959474] kunit_try_run_case+0x170/0x3f0 [ 19.959515] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.959666] kthread+0x328/0x630 [ 19.959710] ret_from_fork+0x10/0x20 [ 19.959762] [ 19.959785] The buggy address belongs to the object at fff00000c57aa700 [ 19.959785] which belongs to the cache kmalloc-64 of size 64 [ 19.959941] The buggy address is located 0 bytes to the right of [ 19.959941] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.960059] [ 19.960266] The buggy address belongs to the physical page: [ 19.960317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.960387] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.960446] page_type: f5(slab) [ 19.960534] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.960942] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.961078] page dumped because: kasan: bad access detected [ 19.961118] [ 19.961293] Memory state around the buggy address: [ 19.961495] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.961788] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.961859] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.961927] ^ [ 19.962009] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.962611] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.962685] ================================================================== [ 19.924721] ================================================================== [ 19.924777] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.924828] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.924879] [ 19.924911] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.925497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.925540] Hardware name: linux,dummy-virt (DT) [ 19.925592] Call trace: [ 19.925616] show_stack+0x20/0x38 (C) [ 19.926020] dump_stack_lvl+0x8c/0xd0 [ 19.926486] print_report+0x118/0x608 [ 19.926636] kasan_report+0xdc/0x128 [ 19.926794] kasan_check_range+0x100/0x1a8 [ 19.926976] __kasan_check_write+0x20/0x30 [ 19.927264] kasan_atomics_helper+0x16d0/0x4858 [ 19.927536] kasan_atomics+0x198/0x2e0 [ 19.927597] kunit_try_run_case+0x170/0x3f0 [ 19.928043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.928102] kthread+0x328/0x630 [ 19.928145] ret_from_fork+0x10/0x20 [ 19.928844] [ 19.929014] Allocated by task 266: [ 19.929054] kasan_save_stack+0x3c/0x68 [ 19.929237] kasan_save_track+0x20/0x40 [ 19.929455] kasan_save_alloc_info+0x40/0x58 [ 19.929510] __kasan_kmalloc+0xd4/0xd8 [ 19.929819] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.930051] kasan_atomics+0xb8/0x2e0 [ 19.930244] kunit_try_run_case+0x170/0x3f0 [ 19.930286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.930596] kthread+0x328/0x630 [ 19.931026] ret_from_fork+0x10/0x20 [ 19.931141] [ 19.931323] The buggy address belongs to the object at fff00000c57aa700 [ 19.931323] which belongs to the cache kmalloc-64 of size 64 [ 19.931389] The buggy address is located 0 bytes to the right of [ 19.931389] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.931636] [ 19.931676] The buggy address belongs to the physical page: [ 19.931710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.933394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.933451] page_type: f5(slab) [ 19.933491] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.933545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.933732] page dumped because: kasan: bad access detected [ 19.934201] [ 19.934229] Memory state around the buggy address: [ 19.934266] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.934322] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.934370] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.934516] ^ [ 19.934560] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.934619] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.935018] ================================================================== [ 19.885550] ================================================================== [ 19.885615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.885787] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.886122] [ 19.886171] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.886292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.886370] Hardware name: linux,dummy-virt (DT) [ 19.886665] Call trace: [ 19.886695] show_stack+0x20/0x38 (C) [ 19.886953] dump_stack_lvl+0x8c/0xd0 [ 19.887003] print_report+0x118/0x608 [ 19.887049] kasan_report+0xdc/0x128 [ 19.887096] kasan_check_range+0x100/0x1a8 [ 19.887144] __kasan_check_write+0x20/0x30 [ 19.887192] kasan_atomics_helper+0x15b4/0x4858 [ 19.887732] kasan_atomics+0x198/0x2e0 [ 19.887970] kunit_try_run_case+0x170/0x3f0 [ 19.888095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.888154] kthread+0x328/0x630 [ 19.888366] ret_from_fork+0x10/0x20 [ 19.888502] [ 19.888524] Allocated by task 266: [ 19.888552] kasan_save_stack+0x3c/0x68 [ 19.888608] kasan_save_track+0x20/0x40 [ 19.888826] kasan_save_alloc_info+0x40/0x58 [ 19.888885] __kasan_kmalloc+0xd4/0xd8 [ 19.888938] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.889771] kasan_atomics+0xb8/0x2e0 [ 19.889854] kunit_try_run_case+0x170/0x3f0 [ 19.889897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.889941] kthread+0x328/0x630 [ 19.889975] ret_from_fork+0x10/0x20 [ 19.890013] [ 19.890037] The buggy address belongs to the object at fff00000c57aa700 [ 19.890037] which belongs to the cache kmalloc-64 of size 64 [ 19.890509] The buggy address is located 0 bytes to the right of [ 19.890509] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.890857] [ 19.890883] The buggy address belongs to the physical page: [ 19.890976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.891397] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.891676] page_type: f5(slab) [ 19.891795] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.891916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.892150] page dumped because: kasan: bad access detected [ 19.892191] [ 19.892375] Memory state around the buggy address: [ 19.892449] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.892710] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.892918] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.893116] ^ [ 19.893296] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.893370] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.893658] ================================================================== [ 19.704480] ================================================================== [ 19.704545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.704949] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.705003] [ 19.705041] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.705124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.706002] Hardware name: linux,dummy-virt (DT) [ 19.706049] Call trace: [ 19.706076] show_stack+0x20/0x38 (C) [ 19.707221] dump_stack_lvl+0x8c/0xd0 [ 19.707282] print_report+0x118/0x608 [ 19.707331] kasan_report+0xdc/0x128 [ 19.707380] __asan_report_load8_noabort+0x20/0x30 [ 19.707429] kasan_atomics_helper+0x3f58/0x4858 [ 19.707480] kasan_atomics+0x198/0x2e0 [ 19.707526] kunit_try_run_case+0x170/0x3f0 [ 19.707586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.707641] kthread+0x328/0x630 [ 19.707684] ret_from_fork+0x10/0x20 [ 19.707734] [ 19.707755] Allocated by task 266: [ 19.707786] kasan_save_stack+0x3c/0x68 [ 19.707829] kasan_save_track+0x20/0x40 [ 19.707869] kasan_save_alloc_info+0x40/0x58 [ 19.707912] __kasan_kmalloc+0xd4/0xd8 [ 19.707950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.707992] kasan_atomics+0xb8/0x2e0 [ 19.708046] kunit_try_run_case+0x170/0x3f0 [ 19.708087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.708149] kthread+0x328/0x630 [ 19.708193] ret_from_fork+0x10/0x20 [ 19.708240] [ 19.708295] The buggy address belongs to the object at fff00000c57aa700 [ 19.708295] which belongs to the cache kmalloc-64 of size 64 [ 19.708360] The buggy address is located 0 bytes to the right of [ 19.708360] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.708431] [ 19.708486] The buggy address belongs to the physical page: [ 19.708577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.708831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.708903] page_type: f5(slab) [ 19.709351] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.709661] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.709718] page dumped because: kasan: bad access detected [ 19.709751] [ 19.709770] Memory state around the buggy address: [ 19.709815] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.709863] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.709910] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.710105] ^ [ 19.710145] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.710322] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.710470] ================================================================== [ 19.815090] ================================================================== [ 19.815164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.815563] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.815629] [ 19.815663] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.815957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.816018] Hardware name: linux,dummy-virt (DT) [ 19.816346] Call trace: [ 19.816374] show_stack+0x20/0x38 (C) [ 19.816425] dump_stack_lvl+0x8c/0xd0 [ 19.816476] print_report+0x118/0x608 [ 19.816524] kasan_report+0xdc/0x128 [ 19.816579] kasan_check_range+0x100/0x1a8 [ 19.817052] __kasan_check_write+0x20/0x30 [ 19.817138] kasan_atomics_helper+0x12d8/0x4858 [ 19.817655] kasan_atomics+0x198/0x2e0 [ 19.817711] kunit_try_run_case+0x170/0x3f0 [ 19.817779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.817834] kthread+0x328/0x630 [ 19.817876] ret_from_fork+0x10/0x20 [ 19.818425] [ 19.818593] Allocated by task 266: [ 19.818824] kasan_save_stack+0x3c/0x68 [ 19.818887] kasan_save_track+0x20/0x40 [ 19.819023] kasan_save_alloc_info+0x40/0x58 [ 19.819071] __kasan_kmalloc+0xd4/0xd8 [ 19.819460] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.819652] kasan_atomics+0xb8/0x2e0 [ 19.820154] kunit_try_run_case+0x170/0x3f0 [ 19.820210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.820373] kthread+0x328/0x630 [ 19.820723] ret_from_fork+0x10/0x20 [ 19.821096] [ 19.821151] The buggy address belongs to the object at fff00000c57aa700 [ 19.821151] which belongs to the cache kmalloc-64 of size 64 [ 19.821378] The buggy address is located 0 bytes to the right of [ 19.821378] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.821448] [ 19.821471] The buggy address belongs to the physical page: [ 19.821505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.821923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.821982] page_type: f5(slab) [ 19.822155] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.822216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.822262] page dumped because: kasan: bad access detected [ 19.822296] [ 19.822317] Memory state around the buggy address: [ 19.822352] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.822398] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.822877] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.823137] ^ [ 19.823185] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.823267] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.823384] ================================================================== [ 19.789767] ================================================================== [ 19.789822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.789873] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.789924] [ 19.789955] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.790040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.790067] Hardware name: linux,dummy-virt (DT) [ 19.790112] Call trace: [ 19.790242] show_stack+0x20/0x38 (C) [ 19.790292] dump_stack_lvl+0x8c/0xd0 [ 19.790346] print_report+0x118/0x608 [ 19.790577] kasan_report+0xdc/0x128 [ 19.790695] kasan_check_range+0x100/0x1a8 [ 19.790837] __kasan_check_write+0x20/0x30 [ 19.790885] kasan_atomics_helper+0x1190/0x4858 [ 19.790997] kasan_atomics+0x198/0x2e0 [ 19.791045] kunit_try_run_case+0x170/0x3f0 [ 19.791094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.791156] kthread+0x328/0x630 [ 19.791343] ret_from_fork+0x10/0x20 [ 19.791551] [ 19.791591] Allocated by task 266: [ 19.791619] kasan_save_stack+0x3c/0x68 [ 19.791663] kasan_save_track+0x20/0x40 [ 19.791752] kasan_save_alloc_info+0x40/0x58 [ 19.791833] __kasan_kmalloc+0xd4/0xd8 [ 19.791926] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.792030] kasan_atomics+0xb8/0x2e0 [ 19.792078] kunit_try_run_case+0x170/0x3f0 [ 19.792119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.792164] kthread+0x328/0x630 [ 19.792199] ret_from_fork+0x10/0x20 [ 19.792235] [ 19.792255] The buggy address belongs to the object at fff00000c57aa700 [ 19.792255] which belongs to the cache kmalloc-64 of size 64 [ 19.792317] The buggy address is located 0 bytes to the right of [ 19.792317] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.792385] [ 19.792464] The buggy address belongs to the physical page: [ 19.792499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.792553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.792612] page_type: f5(slab) [ 19.792661] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.792715] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.792912] page dumped because: kasan: bad access detected [ 19.792960] [ 19.792981] Memory state around the buggy address: [ 19.793017] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.793128] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.793284] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.793326] ^ [ 19.793363] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.793512] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.793586] ================================================================== [ 19.778905] ================================================================== [ 19.778961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.779011] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.779065] [ 19.779095] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.779179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.779208] Hardware name: linux,dummy-virt (DT) [ 19.779241] Call trace: [ 19.779265] show_stack+0x20/0x38 (C) [ 19.779313] dump_stack_lvl+0x8c/0xd0 [ 19.779361] print_report+0x118/0x608 [ 19.779408] kasan_report+0xdc/0x128 [ 19.779455] kasan_check_range+0x100/0x1a8 [ 19.779504] __kasan_check_write+0x20/0x30 [ 19.779549] kasan_atomics_helper+0x1128/0x4858 [ 19.779616] kasan_atomics+0x198/0x2e0 [ 19.779662] kunit_try_run_case+0x170/0x3f0 [ 19.779710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.779765] kthread+0x328/0x630 [ 19.779841] ret_from_fork+0x10/0x20 [ 19.779893] [ 19.779913] Allocated by task 266: [ 19.781501] kasan_save_stack+0x3c/0x68 [ 19.782063] kasan_save_track+0x20/0x40 [ 19.782581] kasan_save_alloc_info+0x40/0x58 [ 19.782658] __kasan_kmalloc+0xd4/0xd8 [ 19.782700] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.782741] kasan_atomics+0xb8/0x2e0 [ 19.782780] kunit_try_run_case+0x170/0x3f0 [ 19.782822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.784353] kthread+0x328/0x630 [ 19.784414] ret_from_fork+0x10/0x20 [ 19.784454] [ 19.785107] The buggy address belongs to the object at fff00000c57aa700 [ 19.785107] which belongs to the cache kmalloc-64 of size 64 [ 19.785186] The buggy address is located 0 bytes to the right of [ 19.785186] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.785256] [ 19.785285] The buggy address belongs to the physical page: [ 19.785319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.785374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.785426] page_type: f5(slab) [ 19.785464] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.785519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.785574] page dumped because: kasan: bad access detected [ 19.787137] [ 19.787856] Memory state around the buggy address: [ 19.788617] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.788684] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.788776] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.788925] ^ [ 19.788964] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789011] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.789051] ================================================================== [ 19.692132] ================================================================== [ 19.692598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.692840] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.692979] [ 19.693017] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.693102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.693131] Hardware name: linux,dummy-virt (DT) [ 19.693165] Call trace: [ 19.693616] show_stack+0x20/0x38 (C) [ 19.693940] dump_stack_lvl+0x8c/0xd0 [ 19.694226] print_report+0x118/0x608 [ 19.694300] kasan_report+0xdc/0x128 [ 19.694349] kasan_check_range+0x100/0x1a8 [ 19.694990] __kasan_check_read+0x20/0x30 [ 19.695050] kasan_atomics_helper+0xdd4/0x4858 [ 19.695099] kasan_atomics+0x198/0x2e0 [ 19.695147] kunit_try_run_case+0x170/0x3f0 [ 19.695195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.695820] kthread+0x328/0x630 [ 19.696352] ret_from_fork+0x10/0x20 [ 19.696735] [ 19.696761] Allocated by task 266: [ 19.696973] kasan_save_stack+0x3c/0x68 [ 19.697177] kasan_save_track+0x20/0x40 [ 19.697292] kasan_save_alloc_info+0x40/0x58 [ 19.697693] __kasan_kmalloc+0xd4/0xd8 [ 19.697927] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.698021] kasan_atomics+0xb8/0x2e0 [ 19.698060] kunit_try_run_case+0x170/0x3f0 [ 19.698107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.698634] kthread+0x328/0x630 [ 19.698672] ret_from_fork+0x10/0x20 [ 19.698711] [ 19.698733] The buggy address belongs to the object at fff00000c57aa700 [ 19.698733] which belongs to the cache kmalloc-64 of size 64 [ 19.699241] The buggy address is located 0 bytes to the right of [ 19.699241] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.699533] [ 19.699665] The buggy address belongs to the physical page: [ 19.699985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.700242] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.700333] page_type: f5(slab) [ 19.700610] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.700868] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.701070] page dumped because: kasan: bad access detected [ 19.701368] [ 19.701528] Memory state around the buggy address: [ 19.701586] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.701711] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.701759] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.701851] ^ [ 19.701887] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702317] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702485] ================================================================== [ 19.794356] ================================================================== [ 19.794425] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.794494] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.794546] [ 19.794586] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.794671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.794701] Hardware name: linux,dummy-virt (DT) [ 19.794732] Call trace: [ 19.794756] show_stack+0x20/0x38 (C) [ 19.794803] dump_stack_lvl+0x8c/0xd0 [ 19.794852] print_report+0x118/0x608 [ 19.794901] kasan_report+0xdc/0x128 [ 19.794947] kasan_check_range+0x100/0x1a8 [ 19.794997] __kasan_check_write+0x20/0x30 [ 19.795041] kasan_atomics_helper+0x11f8/0x4858 [ 19.795091] kasan_atomics+0x198/0x2e0 [ 19.795136] kunit_try_run_case+0x170/0x3f0 [ 19.795184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.795239] kthread+0x328/0x630 [ 19.795292] ret_from_fork+0x10/0x20 [ 19.795342] [ 19.795361] Allocated by task 266: [ 19.795463] kasan_save_stack+0x3c/0x68 [ 19.795558] kasan_save_track+0x20/0x40 [ 19.795650] kasan_save_alloc_info+0x40/0x58 [ 19.795705] __kasan_kmalloc+0xd4/0xd8 [ 19.795748] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.795789] kasan_atomics+0xb8/0x2e0 [ 19.795827] kunit_try_run_case+0x170/0x3f0 [ 19.795876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.796032] kthread+0x328/0x630 [ 19.796120] ret_from_fork+0x10/0x20 [ 19.796157] [ 19.796179] The buggy address belongs to the object at fff00000c57aa700 [ 19.796179] which belongs to the cache kmalloc-64 of size 64 [ 19.796270] The buggy address is located 0 bytes to the right of [ 19.796270] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.796340] [ 19.796362] The buggy address belongs to the physical page: [ 19.796642] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.796915] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.796982] page_type: f5(slab) [ 19.797027] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.797099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.797184] page dumped because: kasan: bad access detected [ 19.797320] [ 19.797423] Memory state around the buggy address: [ 19.797496] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.797543] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.797596] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.797637] ^ [ 19.797679] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.797881] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.798066] ================================================================== [ 19.480424] ================================================================== [ 19.480710] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858 [ 19.480925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.481248] __kasan_check_write+0x20/0x30 [ 19.483874] [ 19.484165] kunit_try_run_case+0x170/0x3f0 [ 19.484205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.484476] [ 19.484498] The buggy address belongs to the physical page: [ 19.484531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.484797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.485091] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.485428] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.486314] ================================================================== [ 19.833547] ================================================================== [ 19.833616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.833668] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.833721] [ 19.833756] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.833838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.833865] Hardware name: linux,dummy-virt (DT) [ 19.834345] Call trace: [ 19.834382] show_stack+0x20/0x38 (C) [ 19.834732] dump_stack_lvl+0x8c/0xd0 [ 19.834806] print_report+0x118/0x608 [ 19.834869] kasan_report+0xdc/0x128 [ 19.834923] __asan_report_load8_noabort+0x20/0x30 [ 19.835456] kasan_atomics_helper+0x3f04/0x4858 [ 19.835577] kasan_atomics+0x198/0x2e0 [ 19.835685] kunit_try_run_case+0x170/0x3f0 [ 19.835920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.837015] kthread+0x328/0x630 [ 19.837201] ret_from_fork+0x10/0x20 [ 19.837639] [ 19.837696] Allocated by task 266: [ 19.837773] kasan_save_stack+0x3c/0x68 [ 19.837904] kasan_save_track+0x20/0x40 [ 19.838073] kasan_save_alloc_info+0x40/0x58 [ 19.838247] __kasan_kmalloc+0xd4/0xd8 [ 19.838295] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.838442] kasan_atomics+0xb8/0x2e0 [ 19.838870] kunit_try_run_case+0x170/0x3f0 [ 19.839108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.839156] kthread+0x328/0x630 [ 19.839189] ret_from_fork+0x10/0x20 [ 19.839225] [ 19.839250] The buggy address belongs to the object at fff00000c57aa700 [ 19.839250] which belongs to the cache kmalloc-64 of size 64 [ 19.839867] The buggy address is located 0 bytes to the right of [ 19.839867] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.839976] [ 19.840006] The buggy address belongs to the physical page: [ 19.840051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.840251] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.840306] page_type: f5(slab) [ 19.840351] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.840727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.840778] page dumped because: kasan: bad access detected [ 19.840813] [ 19.840836] Memory state around the buggy address: [ 19.841276] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.842308] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.842388] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.842458] ^ [ 19.842497] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.842651] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.842693] ================================================================== [ 19.894346] ================================================================== [ 19.894421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.894473] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.894525] [ 19.894902] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.895021] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.895097] Hardware name: linux,dummy-virt (DT) [ 19.895133] Call trace: [ 19.895156] show_stack+0x20/0x38 (C) [ 19.895373] dump_stack_lvl+0x8c/0xd0 [ 19.895615] print_report+0x118/0x608 [ 19.896422] kasan_report+0xdc/0x128 [ 19.896472] __asan_report_load8_noabort+0x20/0x30 [ 19.896521] kasan_atomics_helper+0x3db0/0x4858 [ 19.896584] kasan_atomics+0x198/0x2e0 [ 19.896630] kunit_try_run_case+0x170/0x3f0 [ 19.897383] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.897475] kthread+0x328/0x630 [ 19.897519] ret_from_fork+0x10/0x20 [ 19.897585] [ 19.897605] Allocated by task 266: [ 19.897635] kasan_save_stack+0x3c/0x68 [ 19.898056] kasan_save_track+0x20/0x40 [ 19.898133] kasan_save_alloc_info+0x40/0x58 [ 19.898174] __kasan_kmalloc+0xd4/0xd8 [ 19.898213] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.898853] kasan_atomics+0xb8/0x2e0 [ 19.899198] kunit_try_run_case+0x170/0x3f0 [ 19.899274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.899322] kthread+0x328/0x630 [ 19.899872] ret_from_fork+0x10/0x20 [ 19.900323] [ 19.900526] The buggy address belongs to the object at fff00000c57aa700 [ 19.900526] which belongs to the cache kmalloc-64 of size 64 [ 19.900603] The buggy address is located 0 bytes to the right of [ 19.900603] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.900674] [ 19.900697] The buggy address belongs to the physical page: [ 19.901127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.901214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.901756] page_type: f5(slab) [ 19.901870] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.901923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.901969] page dumped because: kasan: bad access detected [ 19.902003] [ 19.902024] Memory state around the buggy address: [ 19.902058] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.902106] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.902153] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.902194] ^ [ 19.902230] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.902275] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.902318] ================================================================== [ 19.619485] ================================================================== [ 19.619544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 19.619608] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.619660] [ 19.619695] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.619779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.619810] Hardware name: linux,dummy-virt (DT) [ 19.619841] Call trace: [ 19.619865] show_stack+0x20/0x38 (C) [ 19.619914] dump_stack_lvl+0x8c/0xd0 [ 19.619982] print_report+0x118/0x608 [ 19.620030] kasan_report+0xdc/0x128 [ 19.620078] kasan_check_range+0x100/0x1a8 [ 19.620127] __kasan_check_write+0x20/0x30 [ 19.620704] kasan_atomics_helper+0xb70/0x4858 [ 19.620764] kasan_atomics+0x198/0x2e0 [ 19.620953] kunit_try_run_case+0x170/0x3f0 [ 19.621003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.621058] kthread+0x328/0x630 [ 19.621103] ret_from_fork+0x10/0x20 [ 19.621153] [ 19.621173] Allocated by task 266: [ 19.621203] kasan_save_stack+0x3c/0x68 [ 19.621247] kasan_save_track+0x20/0x40 [ 19.621295] kasan_save_alloc_info+0x40/0x58 [ 19.621381] __kasan_kmalloc+0xd4/0xd8 [ 19.621420] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.621462] kasan_atomics+0xb8/0x2e0 [ 19.621502] kunit_try_run_case+0x170/0x3f0 [ 19.621542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.622357] The buggy address belongs to the physical page: [ 19.623214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.623787] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.625158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.626411] Allocated by task 266: [ 19.627205] kasan_atomics+0xb8/0x2e0 [ 19.627388] kunit_try_run_case+0x170/0x3f0 [ 19.627541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.627932] The buggy address is located 0 bytes to the right of [ 19.627932] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.628617] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.629389] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.631124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.632508] kasan_atomics_helper+0xc08/0x4858 [ 19.633917] kasan_save_stack+0x3c/0x68 [ 19.634393] kunit_try_run_case+0x170/0x3f0 [ 19.634696] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.634752] kthread+0x328/0x630 [ 19.634787] ret_from_fork+0x10/0x20 [ 19.634823] [ 19.634847] The buggy address belongs to the object at fff00000c57aa700 [ 19.634847] which belongs to the cache kmalloc-64 of size 64 [ 19.636663] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.637830] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.637953] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.640193] [ 19.640351] Hardware name: linux,dummy-virt (DT) [ 19.640557] kasan_report+0xdc/0x128 [ 19.641008] [ 19.642165] __kasan_kmalloc+0xd4/0xd8 [ 19.642776] kthread+0x328/0x630 [ 19.642826] ret_from_fork+0x10/0x20 [ 19.642864] [ 19.642887] The buggy address belongs to the object at fff00000c57aa700 [ 19.642887] which belongs to the cache kmalloc-64 of size 64 [ 19.644014] page_type: f5(slab) [ 19.644635] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.646103] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 19.646422] Call trace: [ 19.646917] __kasan_check_write+0x20/0x30 [ 19.648598] ret_from_fork+0x10/0x20 [ 19.648647] [ 19.648678] The buggy address belongs to the object at fff00000c57aa700 [ 19.648678] which belongs to the cache kmalloc-64 of size 64 [ 19.648742] The buggy address is located 0 bytes to the right of [ 19.648742] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.648860] [ 19.648891] The buggy address belongs to the physical page: [ 19.648926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.648990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.649971] page_type: f5(slab) [ 19.650022] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.650076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.650169] page dumped because: kasan: bad access detected [ 19.650443] [ 19.650466] Memory state around the buggy address: [ 19.650860] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.651392] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.651549] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.651627] ^ [ 19.651727] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.652364] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.652603] ================================================================== [ 19.865601] ================================================================== [ 19.865705] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.865810] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.866155] [ 19.866206] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.866396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.866424] Hardware name: linux,dummy-virt (DT) [ 19.866870] Call trace: [ 19.866920] show_stack+0x20/0x38 (C) [ 19.866982] dump_stack_lvl+0x8c/0xd0 [ 19.867031] print_report+0x118/0x608 [ 19.867078] kasan_report+0xdc/0x128 [ 19.867125] kasan_check_range+0x100/0x1a8 [ 19.867531] __kasan_check_write+0x20/0x30 [ 19.867614] kasan_atomics_helper+0x14e4/0x4858 [ 19.867663] kasan_atomics+0x198/0x2e0 [ 19.867996] kunit_try_run_case+0x170/0x3f0 [ 19.868366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.868450] kthread+0x328/0x630 [ 19.868614] ret_from_fork+0x10/0x20 [ 19.868993] [ 19.869020] Allocated by task 266: [ 19.869332] kasan_save_stack+0x3c/0x68 [ 19.869468] kasan_save_track+0x20/0x40 [ 19.869508] kasan_save_alloc_info+0x40/0x58 [ 19.869609] __kasan_kmalloc+0xd4/0xd8 [ 19.869669] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.870079] kasan_atomics+0xb8/0x2e0 [ 19.870159] kunit_try_run_case+0x170/0x3f0 [ 19.870470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.870524] kthread+0x328/0x630 [ 19.870599] ret_from_fork+0x10/0x20 [ 19.870639] [ 19.870841] The buggy address belongs to the object at fff00000c57aa700 [ 19.870841] which belongs to the cache kmalloc-64 of size 64 [ 19.870907] The buggy address is located 0 bytes to the right of [ 19.870907] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.871246] [ 19.871273] The buggy address belongs to the physical page: [ 19.871321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.871383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.871725] page_type: f5(slab) [ 19.871779] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.871834] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.871987] page dumped because: kasan: bad access detected [ 19.872027] [ 19.872078] Memory state around the buggy address: [ 19.872188] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.872772] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.872889] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.873046] ^ [ 19.873214] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.873647] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.873736] ================================================================== [ 19.595371] ================================================================== [ 19.595429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.595484] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.595539] [ 19.595584] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.595671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.595702] Hardware name: linux,dummy-virt (DT) [ 19.595736] Call trace: [ 19.595761] show_stack+0x20/0x38 (C) [ 19.595810] dump_stack_lvl+0x8c/0xd0 [ 19.595859] print_report+0x118/0x608 [ 19.595907] kasan_report+0xdc/0x128 [ 19.595955] kasan_check_range+0x100/0x1a8 [ 19.596006] __kasan_check_write+0x20/0x30 [ 19.596054] kasan_atomics_helper+0xa6c/0x4858 [ 19.596113] kasan_atomics+0x198/0x2e0 [ 19.596344] kunit_try_run_case+0x170/0x3f0 [ 19.596418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.596883] kthread+0x328/0x630 [ 19.597166] ret_from_fork+0x10/0x20 [ 19.597218] [ 19.597239] Allocated by task 266: [ 19.597275] kasan_save_stack+0x3c/0x68 [ 19.597812] kasan_save_track+0x20/0x40 [ 19.597893] kasan_save_alloc_info+0x40/0x58 [ 19.597936] __kasan_kmalloc+0xd4/0xd8 [ 19.598266] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.598323] kasan_atomics+0xb8/0x2e0 [ 19.598360] kunit_try_run_case+0x170/0x3f0 [ 19.598399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.598457] kthread+0x328/0x630 [ 19.598492] ret_from_fork+0x10/0x20 [ 19.598756] [ 19.598945] The buggy address belongs to the object at fff00000c57aa700 [ 19.598945] which belongs to the cache kmalloc-64 of size 64 [ 19.599165] The buggy address is located 0 bytes to the right of [ 19.599165] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.599533] [ 19.599597] The buggy address belongs to the physical page: [ 19.599632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.599699] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.599751] page_type: f5(slab) [ 19.599953] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.600099] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.600151] page dumped because: kasan: bad access detected [ 19.600188] [ 19.600384] Memory state around the buggy address: [ 19.600624] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.600677] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.600938] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.601114] ^ [ 19.601154] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.601201] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.601365] ================================================================== [ 19.612724] ================================================================== [ 19.612782] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 19.612836] Read of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.612888] [ 19.612922] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.613006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.613034] Hardware name: linux,dummy-virt (DT) [ 19.613068] Call trace: [ 19.613092] show_stack+0x20/0x38 (C) [ 19.613142] dump_stack_lvl+0x8c/0xd0 [ 19.613193] print_report+0x118/0x608 [ 19.613241] kasan_report+0xdc/0x128 [ 19.613297] __asan_report_load4_noabort+0x20/0x30 [ 19.614685] kasan_atomics_helper+0x3dcc/0x4858 [ 19.614737] kasan_atomics+0x198/0x2e0 [ 19.614785] kunit_try_run_case+0x170/0x3f0 [ 19.614836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.614891] kthread+0x328/0x630 [ 19.614935] ret_from_fork+0x10/0x20 [ 19.614986] [ 19.615006] Allocated by task 266: [ 19.615038] kasan_save_stack+0x3c/0x68 [ 19.615083] kasan_save_track+0x20/0x40 [ 19.615123] kasan_save_alloc_info+0x40/0x58 [ 19.615182] __kasan_kmalloc+0xd4/0xd8 [ 19.615221] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.615264] kasan_atomics+0xb8/0x2e0 [ 19.615323] kunit_try_run_case+0x170/0x3f0 [ 19.615543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.615716] kthread+0x328/0x630 [ 19.615750] ret_from_fork+0x10/0x20 [ 19.615803] [ 19.615826] The buggy address belongs to the object at fff00000c57aa700 [ 19.615826] which belongs to the cache kmalloc-64 of size 64 [ 19.616053] The buggy address is located 0 bytes to the right of [ 19.616053] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.616203] [ 19.616295] The buggy address belongs to the physical page: [ 19.616377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.616435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.616700] page_type: f5(slab) [ 19.616744] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.616977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.617021] page dumped because: kasan: bad access detected [ 19.617074] [ 19.617185] Memory state around the buggy address: [ 19.617721] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.617893] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.618166] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.618217] ^ [ 19.618254] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.618311] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.618493] ================================================================== [ 19.563753] ================================================================== [ 19.563913] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.564408] Read of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.564464] [ 19.564650] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.565009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.565040] Hardware name: linux,dummy-virt (DT) [ 19.565074] Call trace: [ 19.565097] show_stack+0x20/0x38 (C) [ 19.565528] dump_stack_lvl+0x8c/0xd0 [ 19.565614] print_report+0x118/0x608 [ 19.565669] kasan_report+0xdc/0x128 [ 19.565716] __asan_report_load4_noabort+0x20/0x30 [ 19.566007] kasan_atomics_helper+0x42d8/0x4858 [ 19.566062] kasan_atomics+0x198/0x2e0 [ 19.566122] kunit_try_run_case+0x170/0x3f0 [ 19.566215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566300] kthread+0x328/0x630 [ 19.566343] ret_from_fork+0x10/0x20 [ 19.566597] [ 19.566618] Allocated by task 266: [ 19.566647] kasan_save_stack+0x3c/0x68 [ 19.566991] kasan_save_track+0x20/0x40 [ 19.567187] kasan_save_alloc_info+0x40/0x58 [ 19.567981] kthread+0x328/0x630 [ 19.569873] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.571895] Call trace: [ 19.572019] show_stack+0x20/0x38 (C) [ 19.572074] dump_stack_lvl+0x8c/0xd0 [ 19.572311] print_report+0x118/0x608 [ 19.572535] kasan_report+0xdc/0x128 [ 19.572615] kasan_check_range+0x100/0x1a8 [ 19.572666] __kasan_check_write+0x20/0x30 [ 19.572771] kasan_atomics_helper+0x934/0x4858 [ 19.573404] kasan_atomics+0x198/0x2e0 [ 19.573750] kunit_try_run_case+0x170/0x3f0 [ 19.573804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.573859] kthread+0x328/0x630 [ 19.573902] ret_from_fork+0x10/0x20 [ 19.574357] [ 19.574479] Allocated by task 266: [ 19.574618] kasan_save_stack+0x3c/0x68 [ 19.575068] kasan_save_track+0x20/0x40 [ 19.575188] kasan_save_alloc_info+0x40/0x58 [ 19.575254] __kasan_kmalloc+0xd4/0xd8 [ 19.575342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.575383] kasan_atomics+0xb8/0x2e0 [ 19.575459] kunit_try_run_case+0x170/0x3f0 [ 19.575501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.575546] kthread+0x328/0x630 [ 19.575735] ret_from_fork+0x10/0x20 [ 19.575782] [ 19.575804] The buggy address belongs to the object at fff00000c57aa700 [ 19.575804] which belongs to the cache kmalloc-64 of size 64 [ 19.576224] The buggy address is located 0 bytes to the right of [ 19.576224] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.576328] [ 19.576352] The buggy address belongs to the physical page: [ 19.576386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.576445] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.576496] page_type: f5(slab) [ 19.576549] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.576823] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.577211] page dumped because: kasan: bad access detected [ 19.577271] [ 19.577293] Memory state around the buggy address: [ 19.577346] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.577394] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.577592] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.577887] ^ [ 19.577946] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.577994] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.578038] ================================================================== [ 19.854983] ================================================================== [ 19.855046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.855096] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.855149] [ 19.855182] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.855410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.855676] Hardware name: linux,dummy-virt (DT) [ 19.855738] Call trace: [ 19.856250] show_stack+0x20/0x38 (C) [ 19.856378] dump_stack_lvl+0x8c/0xd0 [ 19.856632] print_report+0x118/0x608 [ 19.856906] kasan_report+0xdc/0x128 [ 19.857104] kasan_check_range+0x100/0x1a8 [ 19.857153] __kasan_check_write+0x20/0x30 [ 19.857200] kasan_atomics_helper+0x147c/0x4858 [ 19.857249] kasan_atomics+0x198/0x2e0 [ 19.857301] kunit_try_run_case+0x170/0x3f0 [ 19.857357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.857411] kthread+0x328/0x630 [ 19.857452] ret_from_fork+0x10/0x20 [ 19.857499] [ 19.857521] Allocated by task 266: [ 19.857977] kasan_save_stack+0x3c/0x68 [ 19.858041] kasan_save_track+0x20/0x40 [ 19.858360] kasan_save_alloc_info+0x40/0x58 [ 19.858410] __kasan_kmalloc+0xd4/0xd8 [ 19.858647] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.859015] kasan_atomics+0xb8/0x2e0 [ 19.859270] kunit_try_run_case+0x170/0x3f0 [ 19.859435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.859560] kthread+0x328/0x630 [ 19.859620] ret_from_fork+0x10/0x20 [ 19.861080] [ 19.861273] The buggy address belongs to the object at fff00000c57aa700 [ 19.861273] which belongs to the cache kmalloc-64 of size 64 [ 19.861378] The buggy address is located 0 bytes to the right of [ 19.861378] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.861654] [ 19.861678] The buggy address belongs to the physical page: [ 19.861713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.861954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.862009] page_type: f5(slab) [ 19.862421] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.862550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.863080] page dumped because: kasan: bad access detected [ 19.863200] [ 19.863221] Memory state around the buggy address: [ 19.863257] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.863304] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.863957] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.864226] ^ [ 19.864271] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.864688] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.864825] ================================================================== [ 19.843599] ================================================================== [ 19.843853] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.843916] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.844182] [ 19.844317] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.844628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.844681] Hardware name: linux,dummy-virt (DT) [ 19.844724] Call trace: [ 19.844785] show_stack+0x20/0x38 (C) [ 19.845153] dump_stack_lvl+0x8c/0xd0 [ 19.845361] print_report+0x118/0x608 [ 19.845655] kasan_report+0xdc/0x128 [ 19.845705] kasan_check_range+0x100/0x1a8 [ 19.845755] __kasan_check_write+0x20/0x30 [ 19.846231] kasan_atomics_helper+0x1414/0x4858 [ 19.846315] kasan_atomics+0x198/0x2e0 [ 19.846448] kunit_try_run_case+0x170/0x3f0 [ 19.846504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.846559] kthread+0x328/0x630 [ 19.846825] ret_from_fork+0x10/0x20 [ 19.847034] [ 19.847317] Allocated by task 266: [ 19.847550] kasan_save_stack+0x3c/0x68 [ 19.847610] kasan_save_track+0x20/0x40 [ 19.847651] kasan_save_alloc_info+0x40/0x58 [ 19.847692] __kasan_kmalloc+0xd4/0xd8 [ 19.848418] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.849069] kasan_atomics+0xb8/0x2e0 [ 19.849171] kunit_try_run_case+0x170/0x3f0 [ 19.849777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.849903] kthread+0x328/0x630 [ 19.849939] ret_from_fork+0x10/0x20 [ 19.849998] [ 19.850022] The buggy address belongs to the object at fff00000c57aa700 [ 19.850022] which belongs to the cache kmalloc-64 of size 64 [ 19.850539] The buggy address is located 0 bytes to the right of [ 19.850539] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.850795] [ 19.850820] The buggy address belongs to the physical page: [ 19.850853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.850911] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.851356] page_type: f5(slab) [ 19.851405] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.851666] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.851782] page dumped because: kasan: bad access detected [ 19.852253] [ 19.852332] Memory state around the buggy address: [ 19.852370] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.852981] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.853065] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.853108] ^ [ 19.853542] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853603] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853897] ================================================================== [ 19.824235] ================================================================== [ 19.824291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.824341] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.825051] [ 19.825106] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.825194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.825224] Hardware name: linux,dummy-virt (DT) [ 19.825256] Call trace: [ 19.825620] show_stack+0x20/0x38 (C) [ 19.825741] dump_stack_lvl+0x8c/0xd0 [ 19.825844] print_report+0x118/0x608 [ 19.825901] kasan_report+0xdc/0x128 [ 19.825948] kasan_check_range+0x100/0x1a8 [ 19.826237] __kasan_check_write+0x20/0x30 [ 19.826310] kasan_atomics_helper+0x1384/0x4858 [ 19.826672] kasan_atomics+0x198/0x2e0 [ 19.826721] kunit_try_run_case+0x170/0x3f0 [ 19.827054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.827262] kthread+0x328/0x630 [ 19.827332] ret_from_fork+0x10/0x20 [ 19.827699] [ 19.827737] Allocated by task 266: [ 19.827775] kasan_save_stack+0x3c/0x68 [ 19.827992] kasan_save_track+0x20/0x40 [ 19.828034] kasan_save_alloc_info+0x40/0x58 [ 19.828076] __kasan_kmalloc+0xd4/0xd8 [ 19.828670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.828721] kasan_atomics+0xb8/0x2e0 [ 19.828761] kunit_try_run_case+0x170/0x3f0 [ 19.828800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.828847] kthread+0x328/0x630 [ 19.828880] ret_from_fork+0x10/0x20 [ 19.828916] [ 19.828939] The buggy address belongs to the object at fff00000c57aa700 [ 19.828939] which belongs to the cache kmalloc-64 of size 64 [ 19.829001] The buggy address is located 0 bytes to the right of [ 19.829001] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.829068] [ 19.829091] The buggy address belongs to the physical page: [ 19.829982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.830231] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.830310] page_type: f5(slab) [ 19.830363] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.830912] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.830961] page dumped because: kasan: bad access detected [ 19.831477] [ 19.831510] Memory state around the buggy address: [ 19.831549] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.831828] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.831877] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.831922] ^ [ 19.832362] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.832426] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.832498] ================================================================== [ 19.875893] ================================================================== [ 19.875951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.876002] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.876055] [ 19.876088] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.876815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.876864] Hardware name: linux,dummy-virt (DT) [ 19.876900] Call trace: [ 19.876923] show_stack+0x20/0x38 (C) [ 19.876976] dump_stack_lvl+0x8c/0xd0 [ 19.877025] print_report+0x118/0x608 [ 19.877403] kasan_report+0xdc/0x128 [ 19.877540] kasan_check_range+0x100/0x1a8 [ 19.878204] __kasan_check_write+0x20/0x30 [ 19.878266] kasan_atomics_helper+0x154c/0x4858 [ 19.878315] kasan_atomics+0x198/0x2e0 [ 19.878362] kunit_try_run_case+0x170/0x3f0 [ 19.878901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.879007] kthread+0x328/0x630 [ 19.879050] ret_from_fork+0x10/0x20 [ 19.879401] [ 19.879669] Allocated by task 266: [ 19.879990] kasan_save_stack+0x3c/0x68 [ 19.880224] kasan_save_track+0x20/0x40 [ 19.880277] kasan_save_alloc_info+0x40/0x58 [ 19.880322] __kasan_kmalloc+0xd4/0xd8 [ 19.880367] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.880653] kasan_atomics+0xb8/0x2e0 [ 19.880698] kunit_try_run_case+0x170/0x3f0 [ 19.880754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.880977] kthread+0x328/0x630 [ 19.881341] ret_from_fork+0x10/0x20 [ 19.881386] [ 19.881573] The buggy address belongs to the object at fff00000c57aa700 [ 19.881573] which belongs to the cache kmalloc-64 of size 64 [ 19.881844] The buggy address is located 0 bytes to the right of [ 19.881844] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.881922] [ 19.882131] The buggy address belongs to the physical page: [ 19.882178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.882234] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.882470] page_type: f5(slab) [ 19.882557] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.882908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.882958] page dumped because: kasan: bad access detected [ 19.883089] [ 19.883155] Memory state around the buggy address: [ 19.883248] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.883588] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.883650] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.883693] ^ [ 19.883730] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.883773] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.884551] ================================================================== [ 19.746347] ================================================================== [ 19.746415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.746467] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.746519] [ 19.746553] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.746970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.747073] Hardware name: linux,dummy-virt (DT) [ 19.747153] Call trace: [ 19.747201] show_stack+0x20/0x38 (C) [ 19.747264] dump_stack_lvl+0x8c/0xd0 [ 19.747546] print_report+0x118/0x608 [ 19.747635] kasan_report+0xdc/0x128 [ 19.747732] kasan_check_range+0x100/0x1a8 [ 19.747804] __kasan_check_write+0x20/0x30 [ 19.747859] kasan_atomics_helper+0xf88/0x4858 [ 19.747920] kasan_atomics+0x198/0x2e0 [ 19.748010] kunit_try_run_case+0x170/0x3f0 [ 19.748062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.748116] kthread+0x328/0x630 [ 19.748376] ret_from_fork+0x10/0x20 [ 19.748443] [ 19.748513] Allocated by task 266: [ 19.748546] kasan_save_stack+0x3c/0x68 [ 19.748825] kasan_save_track+0x20/0x40 [ 19.748903] kasan_save_alloc_info+0x40/0x58 [ 19.749012] __kasan_kmalloc+0xd4/0xd8 [ 19.749054] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.749109] kasan_atomics+0xb8/0x2e0 [ 19.749166] kunit_try_run_case+0x170/0x3f0 [ 19.749207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.749254] kthread+0x328/0x630 [ 19.749937] ret_from_fork+0x10/0x20 [ 19.750319] [ 19.750347] The buggy address belongs to the object at fff00000c57aa700 [ 19.750347] which belongs to the cache kmalloc-64 of size 64 [ 19.750442] The buggy address is located 0 bytes to the right of [ 19.750442] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.750554] [ 19.750619] The buggy address belongs to the physical page: [ 19.750672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.751133] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.751495] page_type: f5(slab) [ 19.751714] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.751846] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.752199] page dumped because: kasan: bad access detected [ 19.752301] [ 19.752360] Memory state around the buggy address: [ 19.752422] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.752478] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.752816] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.753153] ^ [ 19.753348] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.753785] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.753958] ================================================================== [ 19.798375] ================================================================== [ 19.798421] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.798467] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.798517] [ 19.798546] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.800046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.800194] Hardware name: linux,dummy-virt (DT) [ 19.800228] Call trace: [ 19.800993] show_stack+0x20/0x38 (C) [ 19.801316] dump_stack_lvl+0x8c/0xd0 [ 19.801511] print_report+0x118/0x608 [ 19.802502] kasan_report+0xdc/0x128 [ 19.802653] kasan_check_range+0x100/0x1a8 [ 19.802714] __kasan_check_write+0x20/0x30 [ 19.803000] kasan_atomics_helper+0x126c/0x4858 [ 19.803363] kasan_atomics+0x198/0x2e0 [ 19.803413] kunit_try_run_case+0x170/0x3f0 [ 19.803826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.803911] kthread+0x328/0x630 [ 19.804291] ret_from_fork+0x10/0x20 [ 19.804553] [ 19.804744] Allocated by task 266: [ 19.804782] kasan_save_stack+0x3c/0x68 [ 19.805297] kasan_save_track+0x20/0x40 [ 19.805588] kasan_save_alloc_info+0x40/0x58 [ 19.805792] __kasan_kmalloc+0xd4/0xd8 [ 19.806079] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.806468] kasan_atomics+0xb8/0x2e0 [ 19.807007] kunit_try_run_case+0x170/0x3f0 [ 19.807362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.807413] kthread+0x328/0x630 [ 19.807769] ret_from_fork+0x10/0x20 [ 19.808041] [ 19.808071] The buggy address belongs to the object at fff00000c57aa700 [ 19.808071] which belongs to the cache kmalloc-64 of size 64 [ 19.808454] The buggy address is located 0 bytes to the right of [ 19.808454] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.809187] [ 19.809221] The buggy address belongs to the physical page: [ 19.809268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.809782] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.809844] page_type: f5(slab) [ 19.810100] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.810601] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.810653] page dumped because: kasan: bad access detected [ 19.811937] [ 19.812176] Memory state around the buggy address: [ 19.812219] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.812398] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.812834] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.813053] ^ [ 19.813386] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813585] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813629] ================================================================== [ 19.738402] ================================================================== [ 19.738729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.738853] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.738912] [ 19.738945] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.739226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.740267] Hardware name: linux,dummy-virt (DT) [ 19.740451] Call trace: [ 19.740504] show_stack+0x20/0x38 (C) [ 19.740574] dump_stack_lvl+0x8c/0xd0 [ 19.740627] print_report+0x118/0x608 [ 19.740757] kasan_report+0xdc/0x128 [ 19.740809] kasan_check_range+0x100/0x1a8 [ 19.740861] __kasan_check_write+0x20/0x30 [ 19.741017] kasan_atomics_helper+0xf20/0x4858 [ 19.741079] kasan_atomics+0x198/0x2e0 [ 19.741125] kunit_try_run_case+0x170/0x3f0 [ 19.741175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.741268] kthread+0x328/0x630 [ 19.741312] ret_from_fork+0x10/0x20 [ 19.741370] [ 19.741741] Allocated by task 266: [ 19.741813] kasan_save_stack+0x3c/0x68 [ 19.741864] kasan_save_track+0x20/0x40 [ 19.741905] kasan_save_alloc_info+0x40/0x58 [ 19.741948] __kasan_kmalloc+0xd4/0xd8 [ 19.742244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.742512] kasan_atomics+0xb8/0x2e0 [ 19.742689] kunit_try_run_case+0x170/0x3f0 [ 19.742827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.742878] kthread+0x328/0x630 [ 19.742914] ret_from_fork+0x10/0x20 [ 19.743214] [ 19.743274] The buggy address belongs to the object at fff00000c57aa700 [ 19.743274] which belongs to the cache kmalloc-64 of size 64 [ 19.743607] The buggy address is located 0 bytes to the right of [ 19.743607] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.744111] [ 19.744158] The buggy address belongs to the physical page: [ 19.744203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.744294] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.744349] page_type: f5(slab) [ 19.744389] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.744449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.744495] page dumped because: kasan: bad access detected [ 19.744530] [ 19.744550] Memory state around the buggy address: [ 19.744625] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.744679] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.744737] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.744785] ^ [ 19.744825] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.744873] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.744917] ================================================================== [ 19.677016] ================================================================== [ 19.677275] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.677496] Read of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.677794] [ 19.678036] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.678361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.678522] Hardware name: linux,dummy-virt (DT) [ 19.678755] Call trace: [ 19.678959] show_stack+0x20/0x38 (C) [ 19.679065] dump_stack_lvl+0x8c/0xd0 [ 19.679119] print_report+0x118/0x608 [ 19.679683] kasan_report+0xdc/0x128 [ 19.679752] __asan_report_load4_noabort+0x20/0x30 [ 19.680109] kasan_atomics_helper+0x3e04/0x4858 [ 19.680342] kasan_atomics+0x198/0x2e0 [ 19.680862] kunit_try_run_case+0x170/0x3f0 [ 19.681268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.681460] kthread+0x328/0x630 [ 19.681662] ret_from_fork+0x10/0x20 [ 19.682232] [ 19.682298] Allocated by task 266: [ 19.682333] kasan_save_stack+0x3c/0x68 [ 19.682383] kasan_save_track+0x20/0x40 [ 19.682775] kasan_save_alloc_info+0x40/0x58 [ 19.683056] __kasan_kmalloc+0xd4/0xd8 [ 19.683475] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.683527] kasan_atomics+0xb8/0x2e0 [ 19.684004] kunit_try_run_case+0x170/0x3f0 [ 19.684249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.684551] kthread+0x328/0x630 [ 19.684925] ret_from_fork+0x10/0x20 [ 19.684972] [ 19.684995] The buggy address belongs to the object at fff00000c57aa700 [ 19.684995] which belongs to the cache kmalloc-64 of size 64 [ 19.685059] The buggy address is located 0 bytes to the right of [ 19.685059] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.685129] [ 19.685747] The buggy address belongs to the physical page: [ 19.685789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.685859] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.685914] page_type: f5(slab) [ 19.685957] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.686229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.686386] page dumped because: kasan: bad access detected [ 19.686513] [ 19.686534] Memory state around the buggy address: [ 19.686768] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.686825] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.687272] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.687548] ^ [ 19.687653] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.688276] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.688385] ================================================================== [ 19.964312] ================================================================== [ 19.964367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.964418] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.964470] [ 19.964877] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.965001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.965191] Hardware name: linux,dummy-virt (DT) [ 19.965232] Call trace: [ 19.965255] show_stack+0x20/0x38 (C) [ 19.965731] dump_stack_lvl+0x8c/0xd0 [ 19.965881] print_report+0x118/0x608 [ 19.965931] kasan_report+0xdc/0x128 [ 19.965977] kasan_check_range+0x100/0x1a8 [ 19.966455] __kasan_check_write+0x20/0x30 [ 19.966617] kasan_atomics_helper+0x17ec/0x4858 [ 19.967196] kasan_atomics+0x198/0x2e0 [ 19.967508] kunit_try_run_case+0x170/0x3f0 [ 19.967561] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.967924] kthread+0x328/0x630 [ 19.968030] ret_from_fork+0x10/0x20 [ 19.968354] [ 19.968493] Allocated by task 266: [ 19.968524] kasan_save_stack+0x3c/0x68 [ 19.968579] kasan_save_track+0x20/0x40 [ 19.968619] kasan_save_alloc_info+0x40/0x58 [ 19.969358] __kasan_kmalloc+0xd4/0xd8 [ 19.969967] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.970273] kasan_atomics+0xb8/0x2e0 [ 19.970453] kunit_try_run_case+0x170/0x3f0 [ 19.970499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.971062] kthread+0x328/0x630 [ 19.971527] ret_from_fork+0x10/0x20 [ 19.971581] [ 19.971604] The buggy address belongs to the object at fff00000c57aa700 [ 19.971604] which belongs to the cache kmalloc-64 of size 64 [ 19.971875] The buggy address is located 0 bytes to the right of [ 19.971875] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.972060] [ 19.972369] The buggy address belongs to the physical page: [ 19.972414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.972804] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.972882] page_type: f5(slab) [ 19.972974] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.973027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.973509] page dumped because: kasan: bad access detected [ 19.973578] [ 19.973600] Memory state around the buggy address: [ 19.973886] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.974149] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.974329] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.974381] ^ [ 19.974424] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974574] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.974834] ================================================================== [ 19.760797] ================================================================== [ 19.761045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.761125] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.761179] [ 19.761213] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.761707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.762113] Hardware name: linux,dummy-virt (DT) [ 19.762181] Call trace: [ 19.762243] show_stack+0x20/0x38 (C) [ 19.762328] dump_stack_lvl+0x8c/0xd0 [ 19.762402] print_report+0x118/0x608 [ 19.762730] kasan_report+0xdc/0x128 [ 19.762853] kasan_check_range+0x100/0x1a8 [ 19.763022] __kasan_check_write+0x20/0x30 [ 19.763118] kasan_atomics_helper+0x1058/0x4858 [ 19.763685] kasan_atomics+0x198/0x2e0 [ 19.764010] kunit_try_run_case+0x170/0x3f0 [ 19.764108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.764256] kthread+0x328/0x630 [ 19.764334] ret_from_fork+0x10/0x20 [ 19.764462] [ 19.764511] Allocated by task 266: [ 19.764540] kasan_save_stack+0x3c/0x68 [ 19.764880] kasan_save_track+0x20/0x40 [ 19.764959] kasan_save_alloc_info+0x40/0x58 [ 19.765221] __kasan_kmalloc+0xd4/0xd8 [ 19.765312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.765390] kasan_atomics+0xb8/0x2e0 [ 19.765604] kunit_try_run_case+0x170/0x3f0 [ 19.765769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.765909] kthread+0x328/0x630 [ 19.766148] ret_from_fork+0x10/0x20 [ 19.766349] [ 19.766610] The buggy address belongs to the object at fff00000c57aa700 [ 19.766610] which belongs to the cache kmalloc-64 of size 64 [ 19.766825] The buggy address is located 0 bytes to the right of [ 19.766825] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.767298] [ 19.767642] The buggy address belongs to the physical page: [ 19.767712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.768200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.768294] page_type: f5(slab) [ 19.768347] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.768410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.768463] page dumped because: kasan: bad access detected [ 19.768498] [ 19.768526] Memory state around the buggy address: [ 19.768561] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.769050] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.769117] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.769189] ^ [ 19.769247] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769523] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.769672] ================================================================== [ 19.711990] ================================================================== [ 19.712067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.712528] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.712603] [ 19.712638] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.712723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.712750] Hardware name: linux,dummy-virt (DT) [ 19.712784] Call trace: [ 19.712807] show_stack+0x20/0x38 (C) [ 19.712933] dump_stack_lvl+0x8c/0xd0 [ 19.713465] print_report+0x118/0x608 [ 19.714347] kasan_report+0xdc/0x128 [ 19.714590] kasan_check_range+0x100/0x1a8 [ 19.714647] __kasan_check_write+0x20/0x30 [ 19.714713] kasan_atomics_helper+0xe44/0x4858 [ 19.714818] kasan_atomics+0x198/0x2e0 [ 19.714889] kunit_try_run_case+0x170/0x3f0 [ 19.714939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714993] kthread+0x328/0x630 [ 19.715037] ret_from_fork+0x10/0x20 [ 19.715085] [ 19.715105] Allocated by task 266: [ 19.716638] kasan_save_stack+0x3c/0x68 [ 19.716701] kasan_save_track+0x20/0x40 [ 19.716744] kasan_save_alloc_info+0x40/0x58 [ 19.717070] __kasan_kmalloc+0xd4/0xd8 [ 19.717222] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.717425] kasan_atomics+0xb8/0x2e0 [ 19.717488] kunit_try_run_case+0x170/0x3f0 [ 19.717574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.717814] kthread+0x328/0x630 [ 19.717868] ret_from_fork+0x10/0x20 [ 19.717945] [ 19.717976] The buggy address belongs to the object at fff00000c57aa700 [ 19.717976] which belongs to the cache kmalloc-64 of size 64 [ 19.718230] The buggy address is located 0 bytes to the right of [ 19.718230] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.718754] [ 19.718901] The buggy address belongs to the physical page: [ 19.718938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.718999] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.719057] page_type: f5(slab) [ 19.719099] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.719152] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.719547] page dumped because: kasan: bad access detected [ 19.719611] [ 19.719632] Memory state around the buggy address: [ 19.720144] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.720206] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.720420] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.720655] ^ [ 19.720850] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.720903] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.721300] ================================================================== [ 19.914002] ================================================================== [ 19.914094] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.914251] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.914680] [ 19.914842] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.914981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.915010] Hardware name: linux,dummy-virt (DT) [ 19.915460] Call trace: [ 19.915841] show_stack+0x20/0x38 (C) [ 19.915958] dump_stack_lvl+0x8c/0xd0 [ 19.916012] print_report+0x118/0x608 [ 19.916069] kasan_report+0xdc/0x128 [ 19.916402] __asan_report_load8_noabort+0x20/0x30 [ 19.916783] kasan_atomics_helper+0x3df4/0x4858 [ 19.917084] kasan_atomics+0x198/0x2e0 [ 19.917143] kunit_try_run_case+0x170/0x3f0 [ 19.917238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.917415] kthread+0x328/0x630 [ 19.917800] ret_from_fork+0x10/0x20 [ 19.918141] [ 19.918166] Allocated by task 266: [ 19.918207] kasan_save_stack+0x3c/0x68 [ 19.918280] kasan_save_track+0x20/0x40 [ 19.918327] kasan_save_alloc_info+0x40/0x58 [ 19.918732] __kasan_kmalloc+0xd4/0xd8 [ 19.918801] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.919153] kasan_atomics+0xb8/0x2e0 [ 19.919195] kunit_try_run_case+0x170/0x3f0 [ 19.919486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.920092] kthread+0x328/0x630 [ 19.920294] ret_from_fork+0x10/0x20 [ 19.920378] [ 19.920399] The buggy address belongs to the object at fff00000c57aa700 [ 19.920399] which belongs to the cache kmalloc-64 of size 64 [ 19.920666] The buggy address is located 0 bytes to the right of [ 19.920666] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.921067] [ 19.921206] The buggy address belongs to the physical page: [ 19.921393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.921545] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.921623] page_type: f5(slab) [ 19.921794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.921908] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.922073] page dumped because: kasan: bad access detected [ 19.922121] [ 19.922149] Memory state around the buggy address: [ 19.922190] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.922482] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.922668] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.922723] ^ [ 19.922760] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.923321] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.923373] ================================================================== [ 19.935506] ================================================================== [ 19.935559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.935619] Read of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.936118] [ 19.936276] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.936638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.936838] Hardware name: linux,dummy-virt (DT) [ 19.937026] Call trace: [ 19.937105] show_stack+0x20/0x38 (C) [ 19.937418] dump_stack_lvl+0x8c/0xd0 [ 19.937586] print_report+0x118/0x608 [ 19.937643] kasan_report+0xdc/0x128 [ 19.937824] __asan_report_load8_noabort+0x20/0x30 [ 19.938143] kasan_atomics_helper+0x3e10/0x4858 [ 19.938439] kasan_atomics+0x198/0x2e0 [ 19.938730] kunit_try_run_case+0x170/0x3f0 [ 19.939058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.939122] kthread+0x328/0x630 [ 19.939166] ret_from_fork+0x10/0x20 [ 19.939216] [ 19.939236] Allocated by task 266: [ 19.939267] kasan_save_stack+0x3c/0x68 [ 19.940052] kasan_save_track+0x20/0x40 [ 19.940108] kasan_save_alloc_info+0x40/0x58 [ 19.940182] __kasan_kmalloc+0xd4/0xd8 [ 19.940241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.940683] kasan_atomics+0xb8/0x2e0 [ 19.940876] kunit_try_run_case+0x170/0x3f0 [ 19.941167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.941532] kthread+0x328/0x630 [ 19.941588] ret_from_fork+0x10/0x20 [ 19.941626] [ 19.941648] The buggy address belongs to the object at fff00000c57aa700 [ 19.941648] which belongs to the cache kmalloc-64 of size 64 [ 19.941710] The buggy address is located 0 bytes to the right of [ 19.941710] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.941780] [ 19.941802] The buggy address belongs to the physical page: [ 19.941835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.941891] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.942169] page_type: f5(slab) [ 19.942672] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.942761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.943722] page dumped because: kasan: bad access detected [ 19.943762] [ 19.943784] Memory state around the buggy address: [ 19.944386] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.944444] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.944499] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.945031] ^ [ 19.945122] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.945219] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.945337] ================================================================== [ 19.654641] ================================================================== [ 19.654700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.655826] Read of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.656155] [ 19.656213] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.656297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.656326] Hardware name: linux,dummy-virt (DT) [ 19.656361] Call trace: [ 19.656383] show_stack+0x20/0x38 (C) [ 19.656434] dump_stack_lvl+0x8c/0xd0 [ 19.656488] print_report+0x118/0x608 [ 19.656535] kasan_report+0xdc/0x128 [ 19.656596] __asan_report_load4_noabort+0x20/0x30 [ 19.656645] kasan_atomics_helper+0x3dd8/0x4858 [ 19.656693] kasan_atomics+0x198/0x2e0 [ 19.656741] kunit_try_run_case+0x170/0x3f0 [ 19.656790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658051] kthread+0x328/0x630 [ 19.658230] ret_from_fork+0x10/0x20 [ 19.658293] [ 19.658527] Allocated by task 266: [ 19.658674] kasan_save_stack+0x3c/0x68 [ 19.658897] kasan_save_track+0x20/0x40 [ 19.659120] kasan_save_alloc_info+0x40/0x58 [ 19.659202] __kasan_kmalloc+0xd4/0xd8 [ 19.659359] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.659637] kasan_atomics+0xb8/0x2e0 [ 19.659988] kunit_try_run_case+0x170/0x3f0 [ 19.660292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.660532] kthread+0x328/0x630 [ 19.660760] ret_from_fork+0x10/0x20 [ 19.661113] [ 19.661185] The buggy address belongs to the object at fff00000c57aa700 [ 19.661185] which belongs to the cache kmalloc-64 of size 64 [ 19.661615] The buggy address is located 0 bytes to the right of [ 19.661615] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.661692] [ 19.661947] The buggy address belongs to the physical page: [ 19.661988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.662056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.662108] page_type: f5(slab) [ 19.662485] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.662935] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.662990] page dumped because: kasan: bad access detected [ 19.663025] [ 19.663610] Memory state around the buggy address: [ 19.663809] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.664196] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.664259] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.664719] ^ [ 19.664767] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.664964] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.665059] ================================================================== [ 19.723192] ================================================================== [ 19.723252] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.723307] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.723359] [ 19.723393] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.723718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.723762] Hardware name: linux,dummy-virt (DT) [ 19.723824] Call trace: [ 19.723846] show_stack+0x20/0x38 (C) [ 19.724378] dump_stack_lvl+0x8c/0xd0 [ 19.725013] print_report+0x118/0x608 [ 19.725295] kasan_report+0xdc/0x128 [ 19.725348] __asan_report_store8_noabort+0x20/0x30 [ 19.725477] kasan_atomics_helper+0x3e5c/0x4858 [ 19.725703] kasan_atomics+0x198/0x2e0 [ 19.725838] kunit_try_run_case+0x170/0x3f0 [ 19.725916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726109] kthread+0x328/0x630 [ 19.726459] ret_from_fork+0x10/0x20 [ 19.726963] [ 19.726991] Allocated by task 266: [ 19.727193] kasan_save_stack+0x3c/0x68 [ 19.727497] kasan_save_track+0x20/0x40 [ 19.727642] kasan_save_alloc_info+0x40/0x58 [ 19.727750] __kasan_kmalloc+0xd4/0xd8 [ 19.727806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.728074] kasan_atomics+0xb8/0x2e0 [ 19.728163] kunit_try_run_case+0x170/0x3f0 [ 19.728235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.728369] kthread+0x328/0x630 [ 19.728424] ret_from_fork+0x10/0x20 [ 19.728710] [ 19.728771] The buggy address belongs to the object at fff00000c57aa700 [ 19.728771] which belongs to the cache kmalloc-64 of size 64 [ 19.728857] The buggy address is located 0 bytes to the right of [ 19.728857] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.728927] [ 19.728948] The buggy address belongs to the physical page: [ 19.729194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.729351] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.729440] page_type: f5(slab) [ 19.729692] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.729761] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.729914] page dumped because: kasan: bad access detected [ 19.729952] [ 19.729971] Memory state around the buggy address: [ 19.730051] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.730124] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.730254] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.730334] ^ [ 19.730436] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.730622] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.730683] ================================================================== [ 19.424171] ================================================================== [ 19.424237] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x40a8/0x4858 [ 19.424303] Read of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.424357] [ 19.424396] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.424482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.424512] Hardware name: linux,dummy-virt (DT) [ 19.424546] Call trace: [ 19.424585] show_stack+0x20/0x38 (C) [ 19.427612] kasan_save_stack+0x3c/0x68 [ 19.427668] kasan_save_track+0x20/0x40 [ 19.427709] kasan_save_alloc_info+0x40/0x58 [ 19.427753] __kasan_kmalloc+0xd4/0xd8 [ 19.427793] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.427836] kasan_atomics+0xb8/0x2e0 [ 19.427874] kunit_try_run_case+0x170/0x3f0 [ 19.427913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427960] kthread+0x328/0x630 [ 19.428031] [ 19.429802] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.432502] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.435969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437421] [ 19.437764] [ 19.437949] ^ [ 19.441653] kasan_check_range+0x100/0x1a8 [ 19.444636] [ 19.445721] kunit_try_run_case+0x170/0x3f0 [ 19.446887] [ 19.447424] page_type: f5(slab) [ 19.448015] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.448112] page dumped because: kasan: bad access detected [ 19.448263] [ 19.448499] Memory state around the buggy address: [ 19.448681] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.448932] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.448983] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.449027] ^ [ 19.449505] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450674] ================================================================== [ 19.503085] ================================================================== [ 19.504325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 19.504887] Call trace: [ 19.505202] __kasan_check_write+0x20/0x30 [ 19.506088] kasan_save_alloc_info+0x40/0x58 [ 19.506409] [ 19.506559] [ 19.506621] The buggy address belongs to the physical page: [ 19.506663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.507166] page dumped because: kasan: bad access detected [ 19.507681] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.507838] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.508641] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.508844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.509165] __kasan_check_write+0x20/0x30 [ 19.509359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.509935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.510137] The buggy address is located 0 bytes to the right of [ 19.510137] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.510990] [ 19.511154] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.511200] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.511242] ^ [ 19.511276] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511962] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.512414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512631] Hardware name: linux,dummy-virt (DT) [ 19.512770] dump_stack_lvl+0x8c/0xd0 [ 19.513622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.514685] kunit_try_run_case+0x170/0x3f0 [ 19.515466] [ 19.515523] The buggy address belongs to the physical page: [ 19.515716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.516019] page_type: f5(slab) [ 19.516156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.516605] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.516890] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.517862] ================================================================== [ 19.579387] ================================================================== [ 19.579449] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.579748] Write of size 4 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.579947] [ 19.579982] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.580212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.580329] Hardware name: linux,dummy-virt (DT) [ 19.580362] Call trace: [ 19.580392] show_stack+0x20/0x38 (C) [ 19.580445] dump_stack_lvl+0x8c/0xd0 [ 19.580494] print_report+0x118/0x608 [ 19.580790] kasan_report+0xdc/0x128 [ 19.581474] kthread+0x328/0x630 [ 19.581618] ret_from_fork+0x10/0x20 [ 19.581676] [ 19.582066] Allocated by task 266: [ 19.582861] ret_from_fork+0x10/0x20 [ 19.583820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.584595] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.587525] show_stack+0x20/0x38 (C) [ 19.590161] ret_from_fork+0x10/0x20 [ 19.590257] [ 19.590424] Allocated by task 266: [ 19.590508] kasan_save_stack+0x3c/0x68 [ 19.590555] kasan_save_track+0x20/0x40 [ 19.590605] kasan_save_alloc_info+0x40/0x58 [ 19.590648] __kasan_kmalloc+0xd4/0xd8 [ 19.591031] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.591077] kasan_atomics+0xb8/0x2e0 [ 19.591115] kunit_try_run_case+0x170/0x3f0 [ 19.591166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.591325] kthread+0x328/0x630 [ 19.591427] ret_from_fork+0x10/0x20 [ 19.591494] [ 19.591519] The buggy address belongs to the object at fff00000c57aa700 [ 19.591519] which belongs to the cache kmalloc-64 of size 64 [ 19.591641] The buggy address is located 0 bytes to the right of [ 19.591641] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.591709] [ 19.591731] The buggy address belongs to the physical page: [ 19.592111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.592172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.592324] page_type: f5(slab) [ 19.592604] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.592684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.592728] page dumped because: kasan: bad access detected [ 19.592967] [ 19.592993] Memory state around the buggy address: [ 19.593132] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.593310] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.593357] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.593477] ^ [ 19.593522] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.593585] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.593628] ================================================================== [ 19.904249] ================================================================== [ 19.904309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.904360] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.904421] [ 19.904452] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.905471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.905519] Hardware name: linux,dummy-virt (DT) [ 19.905553] Call trace: [ 19.905594] show_stack+0x20/0x38 (C) [ 19.905644] dump_stack_lvl+0x8c/0xd0 [ 19.905693] print_report+0x118/0x608 [ 19.906078] kasan_report+0xdc/0x128 [ 19.906137] kasan_check_range+0x100/0x1a8 [ 19.906415] __kasan_check_write+0x20/0x30 [ 19.906476] kasan_atomics_helper+0x1644/0x4858 [ 19.906595] kasan_atomics+0x198/0x2e0 [ 19.906836] kunit_try_run_case+0x170/0x3f0 [ 19.906885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.907151] kthread+0x328/0x630 [ 19.907220] ret_from_fork+0x10/0x20 [ 19.907934] [ 19.908120] Allocated by task 266: [ 19.908153] kasan_save_stack+0x3c/0x68 [ 19.908778] kasan_save_track+0x20/0x40 [ 19.908890] kasan_save_alloc_info+0x40/0x58 [ 19.909288] __kasan_kmalloc+0xd4/0xd8 [ 19.909377] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.909885] kasan_atomics+0xb8/0x2e0 [ 19.909934] kunit_try_run_case+0x170/0x3f0 [ 19.909998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.910047] kthread+0x328/0x630 [ 19.910080] ret_from_fork+0x10/0x20 [ 19.910117] [ 19.910140] The buggy address belongs to the object at fff00000c57aa700 [ 19.910140] which belongs to the cache kmalloc-64 of size 64 [ 19.910203] The buggy address is located 0 bytes to the right of [ 19.910203] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.910271] [ 19.910829] The buggy address belongs to the physical page: [ 19.910879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.911256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.911492] page_type: f5(slab) [ 19.911614] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.912003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.912098] page dumped because: kasan: bad access detected [ 19.912147] [ 19.912168] Memory state around the buggy address: [ 19.912361] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.912613] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.912860] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.912920] ^ [ 19.913020] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.913193] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.913432] ================================================================== [ 19.770758] ================================================================== [ 19.770957] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.771048] Write of size 8 at addr fff00000c57aa730 by task kunit_try_catch/266 [ 19.771102] [ 19.771686] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.771824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.771906] Hardware name: linux,dummy-virt (DT) [ 19.771983] Call trace: [ 19.772008] show_stack+0x20/0x38 (C) [ 19.772062] dump_stack_lvl+0x8c/0xd0 [ 19.772161] print_report+0x118/0x608 [ 19.772213] kasan_report+0xdc/0x128 [ 19.772288] kasan_check_range+0x100/0x1a8 [ 19.772341] __kasan_check_write+0x20/0x30 [ 19.772387] kasan_atomics_helper+0x10c0/0x4858 [ 19.772580] kasan_atomics+0x198/0x2e0 [ 19.772730] kunit_try_run_case+0x170/0x3f0 [ 19.772789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.772877] kthread+0x328/0x630 [ 19.772925] ret_from_fork+0x10/0x20 [ 19.772973] [ 19.772993] Allocated by task 266: [ 19.773023] kasan_save_stack+0x3c/0x68 [ 19.773067] kasan_save_track+0x20/0x40 [ 19.773107] kasan_save_alloc_info+0x40/0x58 [ 19.773148] __kasan_kmalloc+0xd4/0xd8 [ 19.773208] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.773249] kasan_atomics+0xb8/0x2e0 [ 19.773305] kunit_try_run_case+0x170/0x3f0 [ 19.773863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.773959] kthread+0x328/0x630 [ 19.774043] ret_from_fork+0x10/0x20 [ 19.774108] [ 19.774201] The buggy address belongs to the object at fff00000c57aa700 [ 19.774201] which belongs to the cache kmalloc-64 of size 64 [ 19.774302] The buggy address is located 0 bytes to the right of [ 19.774302] allocated 48-byte region [fff00000c57aa700, fff00000c57aa730) [ 19.774371] [ 19.774393] The buggy address belongs to the physical page: [ 19.774554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057aa [ 19.774740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.774866] page_type: f5(slab) [ 19.774942] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.775021] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.775380] page dumped because: kasan: bad access detected [ 19.775423] [ 19.775997] Memory state around the buggy address: [ 19.776282] fff00000c57aa600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.776552] fff00000c57aa680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.776916] >fff00000c57aa700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.777093] ^ [ 19.777177] fff00000c57aa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.777227] fff00000c57aa800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.777298] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.321545] ================================================================== [ 19.321646] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.321703] Write of size 8 at addr fff00000c659b2e8 by task kunit_try_catch/262 [ 19.321755] [ 19.321903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321933] Hardware name: linux,dummy-virt (DT) [ 19.322159] Call trace: [ 19.322239] dump_stack_lvl+0x8c/0xd0 [ 19.322413] kasan_check_range+0x100/0x1a8 [ 19.322604] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.322874] kunit_try_run_case+0x170/0x3f0 [ 19.323063] kthread+0x328/0x630 [ 19.323549] kasan_save_track+0x20/0x40 [ 19.324490] [ 19.324602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.325593] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.325724] fff00000c659b180: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 19.325770] fff00000c659b200: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.325815] >fff00000c659b280: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 19.325857] ^ [ 19.325899] fff00000c659b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.325943] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.325986] ================================================================== [ 19.277802] ================================================================== [ 19.277852] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.277918] Write of size 8 at addr fff00000c659b2e8 by task kunit_try_catch/262 [ 19.277981] [ 19.278012] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.278149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.278297] Hardware name: linux,dummy-virt (DT) [ 19.278330] Call trace: [ 19.278353] show_stack+0x20/0x38 (C) [ 19.278402] dump_stack_lvl+0x8c/0xd0 [ 19.278449] print_report+0x118/0x608 [ 19.278498] kasan_report+0xdc/0x128 [ 19.278701] kasan_bitops_generic+0x110/0x1c8 [ 19.279333] kunit_try_run_case+0x170/0x3f0 [ 19.279768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.281082] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.281305] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.282517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.283368] kasan_report+0xdc/0x128 [ 19.286914] [ 19.289166] kthread+0x328/0x630 [ 19.292718] The buggy address is located 8 bytes inside of [ 19.292718] allocated 9-byte region [fff00000c659b2e0, fff00000c659b2e9) [ 19.293896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.294795] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.294891] ================================================================== [ 19.273807] ================================================================== [ 19.273864] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.273916] Read of size 8 at addr fff00000c659b2e8 by task kunit_try_catch/262 [ 19.273969] [ 19.274002] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.274085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.274113] Hardware name: linux,dummy-virt (DT) [ 19.274147] Call trace: [ 19.274169] show_stack+0x20/0x38 (C) [ 19.274219] dump_stack_lvl+0x8c/0xd0 [ 19.274270] print_report+0x118/0x608 [ 19.274318] kasan_report+0xdc/0x128 [ 19.274364] __asan_report_load8_noabort+0x20/0x30 [ 19.274414] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.274468] kasan_bitops_generic+0x110/0x1c8 [ 19.274516] kunit_try_run_case+0x170/0x3f0 [ 19.274579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.275597] kthread+0x328/0x630 [ 19.275695] ret_from_fork+0x10/0x20 [ 19.275796] [ 19.275823] Allocated by task 262: [ 19.275852] kasan_save_stack+0x3c/0x68 [ 19.276007] kasan_save_track+0x20/0x40 [ 19.276051] kasan_save_alloc_info+0x40/0x58 [ 19.276093] __kasan_kmalloc+0xd4/0xd8 [ 19.276131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.276177] kasan_bitops_generic+0xa0/0x1c8 [ 19.276373] kunit_try_run_case+0x170/0x3f0 [ 19.276413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.276458] kthread+0x328/0x630 [ 19.276492] ret_from_fork+0x10/0x20 [ 19.276530] [ 19.276556] The buggy address belongs to the object at fff00000c659b2e0 [ 19.276556] which belongs to the cache kmalloc-16 of size 16 [ 19.276631] The buggy address is located 8 bytes inside of [ 19.276631] allocated 9-byte region [fff00000c659b2e0, fff00000c659b2e9) [ 19.276699] [ 19.276722] The buggy address belongs to the physical page: [ 19.276755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.276811] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.276863] page_type: f5(slab) [ 19.276903] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.276967] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.277023] page dumped because: kasan: bad access detected [ 19.277058] [ 19.277077] Memory state around the buggy address: [ 19.277111] fff00000c659b180: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 19.277157] fff00000c659b200: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.277204] >fff00000c659b280: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 19.277245] ^ [ 19.277291] fff00000c659b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.277347] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.277466] ================================================================== [ 19.268972] ================================================================== [ 19.269054] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.269124] Write of size 8 at addr fff00000c659b2e8 by task kunit_try_catch/262 [ 19.269177] [ 19.269218] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.269320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.269350] Hardware name: linux,dummy-virt (DT) [ 19.269386] Call trace: [ 19.269411] show_stack+0x20/0x38 (C) [ 19.269463] dump_stack_lvl+0x8c/0xd0 [ 19.269556] print_report+0x118/0x608 [ 19.269791] kasan_report+0xdc/0x128 [ 19.269837] kasan_check_range+0x100/0x1a8 [ 19.269887] __kasan_check_write+0x20/0x30 [ 19.269933] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.269986] kasan_bitops_generic+0x110/0x1c8 [ 19.270034] kunit_try_run_case+0x170/0x3f0 [ 19.270083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270138] kthread+0x328/0x630 [ 19.270181] ret_from_fork+0x10/0x20 [ 19.270233] [ 19.270253] Allocated by task 262: [ 19.270284] kasan_save_stack+0x3c/0x68 [ 19.270326] kasan_save_track+0x20/0x40 [ 19.270366] kasan_save_alloc_info+0x40/0x58 [ 19.270408] __kasan_kmalloc+0xd4/0xd8 [ 19.270446] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.270489] kasan_bitops_generic+0xa0/0x1c8 [ 19.270527] kunit_try_run_case+0x170/0x3f0 [ 19.270577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270622] kthread+0x328/0x630 [ 19.270657] ret_from_fork+0x10/0x20 [ 19.270694] [ 19.270715] The buggy address belongs to the object at fff00000c659b2e0 [ 19.270715] which belongs to the cache kmalloc-16 of size 16 [ 19.270777] The buggy address is located 8 bytes inside of [ 19.270777] allocated 9-byte region [fff00000c659b2e0, fff00000c659b2e9) [ 19.270843] [ 19.270867] The buggy address belongs to the physical page: [ 19.270904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.270965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.271019] page_type: f5(slab) [ 19.271062] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.271116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.271162] page dumped because: kasan: bad access detected [ 19.271196] [ 19.271218] Memory state around the buggy address: [ 19.271254] fff00000c659b180: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 19.271302] fff00000c659b200: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.271347] >fff00000c659b280: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 19.271390] ^ [ 19.271431] fff00000c659b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.271476] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.271518] ================================================================== [ 19.310490] ================================================================== [ 19.310656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.311844] dump_stack_lvl+0x8c/0xd0 [ 19.311963] print_report+0x118/0x608 [ 19.312072] kasan_report+0xdc/0x128 [ 19.312450] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.312684] kthread+0x328/0x630 [ 19.312728] ret_from_fork+0x10/0x20 [ 19.312798] Allocated by task 262: [ 19.312966] kasan_save_alloc_info+0x40/0x58 [ 19.313720] The buggy address is located 8 bytes inside of [ 19.313720] allocated 9-byte region [fff00000c659b2e0, fff00000c659b2e9) [ 19.313905] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.314087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.314615] >fff00000c659b280: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 19.314738] ^ [ 19.314815] fff00000c659b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.316999] [ 19.317020] Allocated by task 262: [ 19.317520] __kasan_kmalloc+0xd4/0xd8 [ 19.318013] kthread+0x328/0x630 [ 19.318256] The buggy address is located 8 bytes inside of [ 19.318256] allocated 9-byte region [fff00000c659b2e0, fff00000c659b2e9) [ 19.318376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10659b [ 19.319323] >fff00000c659b280: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 19.319472] ^ [ 19.319532] fff00000c659b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.319630] fff00000c659b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.319710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.236280] ================================================================== [ 19.236360] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.236413] Read of size 1 at addr fff00000c57eabd0 by task kunit_try_catch/260 [ 19.236466] [ 19.236887] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.237285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.237323] Hardware name: linux,dummy-virt (DT) [ 19.237359] Call trace: [ 19.237382] show_stack+0x20/0x38 (C) [ 19.237437] dump_stack_lvl+0x8c/0xd0 [ 19.237493] print_report+0x118/0x608 [ 19.237560] kasan_report+0xdc/0x128 [ 19.237623] __asan_report_load1_noabort+0x20/0x30 [ 19.237676] strnlen+0x80/0x88 [ 19.237719] kasan_strings+0x478/0xb00 [ 19.237763] kunit_try_run_case+0x170/0x3f0 [ 19.237812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.237865] kthread+0x328/0x630 [ 19.237908] ret_from_fork+0x10/0x20 [ 19.237959] [ 19.237981] Allocated by task 260: [ 19.238010] kasan_save_stack+0x3c/0x68 [ 19.238054] kasan_save_track+0x20/0x40 [ 19.238092] kasan_save_alloc_info+0x40/0x58 [ 19.238162] __kasan_kmalloc+0xd4/0xd8 [ 19.238206] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.238256] kasan_strings+0xc8/0xb00 [ 19.238294] kunit_try_run_case+0x170/0x3f0 [ 19.238340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.238387] kthread+0x328/0x630 [ 19.238419] ret_from_fork+0x10/0x20 [ 19.238481] [ 19.238501] Freed by task 260: [ 19.238528] kasan_save_stack+0x3c/0x68 [ 19.238577] kasan_save_track+0x20/0x40 [ 19.239155] kasan_save_free_info+0x4c/0x78 [ 19.239595] __kasan_slab_free+0x6c/0x98 [ 19.239742] kfree+0x214/0x3c8 [ 19.239916] kasan_strings+0x24c/0xb00 [ 19.239965] kunit_try_run_case+0x170/0x3f0 [ 19.240005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.240061] kthread+0x328/0x630 [ 19.240102] ret_from_fork+0x10/0x20 [ 19.240275] [ 19.240423] The buggy address belongs to the object at fff00000c57eabc0 [ 19.240423] which belongs to the cache kmalloc-32 of size 32 [ 19.240639] The buggy address is located 16 bytes inside of [ 19.240639] freed 32-byte region [fff00000c57eabc0, fff00000c57eabe0) [ 19.240721] [ 19.241019] The buggy address belongs to the physical page: [ 19.241137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ea [ 19.241243] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.241349] page_type: f5(slab) [ 19.241402] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.241735] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.241834] page dumped because: kasan: bad access detected [ 19.241889] [ 19.241911] Memory state around the buggy address: [ 19.241948] fff00000c57eaa80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.242014] fff00000c57eab00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.242331] >fff00000c57eab80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.242687] ^ [ 19.242837] fff00000c57eac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.242966] fff00000c57eac80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.243010] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.227438] ================================================================== [ 19.227631] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.227728] Read of size 1 at addr fff00000c57eabd0 by task kunit_try_catch/260 [ 19.227794] [ 19.227827] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.227917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.227947] Hardware name: linux,dummy-virt (DT) [ 19.227981] Call trace: [ 19.228004] show_stack+0x20/0x38 (C) [ 19.228055] dump_stack_lvl+0x8c/0xd0 [ 19.228105] print_report+0x118/0x608 [ 19.228161] kasan_report+0xdc/0x128 [ 19.228208] __asan_report_load1_noabort+0x20/0x30 [ 19.228262] strlen+0xa8/0xb0 [ 19.228304] kasan_strings+0x418/0xb00 [ 19.228349] kunit_try_run_case+0x170/0x3f0 [ 19.228399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.228460] kthread+0x328/0x630 [ 19.228503] ret_from_fork+0x10/0x20 [ 19.228553] [ 19.228904] Allocated by task 260: [ 19.228950] kasan_save_stack+0x3c/0x68 [ 19.229214] kasan_save_track+0x20/0x40 [ 19.229468] kasan_save_alloc_info+0x40/0x58 [ 19.229675] __kasan_kmalloc+0xd4/0xd8 [ 19.229783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.229930] kasan_strings+0xc8/0xb00 [ 19.230017] kunit_try_run_case+0x170/0x3f0 [ 19.230126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.230249] kthread+0x328/0x630 [ 19.230413] ret_from_fork+0x10/0x20 [ 19.230458] [ 19.230479] Freed by task 260: [ 19.230681] kasan_save_stack+0x3c/0x68 [ 19.230798] kasan_save_track+0x20/0x40 [ 19.230879] kasan_save_free_info+0x4c/0x78 [ 19.231033] __kasan_slab_free+0x6c/0x98 [ 19.231177] kfree+0x214/0x3c8 [ 19.231320] kasan_strings+0x24c/0xb00 [ 19.231386] kunit_try_run_case+0x170/0x3f0 [ 19.231661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.231864] kthread+0x328/0x630 [ 19.231984] ret_from_fork+0x10/0x20 [ 19.232145] [ 19.232216] The buggy address belongs to the object at fff00000c57eabc0 [ 19.232216] which belongs to the cache kmalloc-32 of size 32 [ 19.232612] The buggy address is located 16 bytes inside of [ 19.232612] freed 32-byte region [fff00000c57eabc0, fff00000c57eabe0) [ 19.232752] [ 19.232834] The buggy address belongs to the physical page: [ 19.232869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ea [ 19.233081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.233301] page_type: f5(slab) [ 19.233392] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.233558] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.233749] page dumped because: kasan: bad access detected [ 19.233827] [ 19.233849] Memory state around the buggy address: [ 19.233885] fff00000c57eaa80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.233933] fff00000c57eab00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.234334] >fff00000c57eab80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.234440] ^ [ 19.234530] fff00000c57eac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.234714] fff00000c57eac80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.234804] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.217511] ================================================================== [ 19.218021] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.218078] Read of size 1 at addr fff00000c57eabd0 by task kunit_try_catch/260 [ 19.218490] [ 19.218597] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.218776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.218837] Hardware name: linux,dummy-virt (DT) [ 19.219203] Call trace: [ 19.219272] show_stack+0x20/0x38 (C) [ 19.219368] dump_stack_lvl+0x8c/0xd0 [ 19.219496] print_report+0x118/0x608 [ 19.219585] kasan_report+0xdc/0x128 [ 19.219744] __asan_report_load1_noabort+0x20/0x30 [ 19.219968] kasan_strings+0x95c/0xb00 [ 19.220190] kunit_try_run_case+0x170/0x3f0 [ 19.220297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.220407] kthread+0x328/0x630 [ 19.220550] ret_from_fork+0x10/0x20 [ 19.220644] [ 19.220705] Allocated by task 260: [ 19.220806] kasan_save_stack+0x3c/0x68 [ 19.220865] kasan_save_track+0x20/0x40 [ 19.220942] kasan_save_alloc_info+0x40/0x58 [ 19.221124] __kasan_kmalloc+0xd4/0xd8 [ 19.221332] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.221419] kasan_strings+0xc8/0xb00 [ 19.221543] kunit_try_run_case+0x170/0x3f0 [ 19.221640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.221768] kthread+0x328/0x630 [ 19.221807] ret_from_fork+0x10/0x20 [ 19.221868] [ 19.221890] Freed by task 260: [ 19.222048] kasan_save_stack+0x3c/0x68 [ 19.222255] kasan_save_track+0x20/0x40 [ 19.222326] kasan_save_free_info+0x4c/0x78 [ 19.222682] __kasan_slab_free+0x6c/0x98 [ 19.222787] kfree+0x214/0x3c8 [ 19.222962] kasan_strings+0x24c/0xb00 [ 19.223070] kunit_try_run_case+0x170/0x3f0 [ 19.223199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.223248] kthread+0x328/0x630 [ 19.223300] ret_from_fork+0x10/0x20 [ 19.223341] [ 19.223372] The buggy address belongs to the object at fff00000c57eabc0 [ 19.223372] which belongs to the cache kmalloc-32 of size 32 [ 19.223443] The buggy address is located 16 bytes inside of [ 19.223443] freed 32-byte region [fff00000c57eabc0, fff00000c57eabe0) [ 19.223517] [ 19.223546] The buggy address belongs to the physical page: [ 19.223868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ea [ 19.223996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.224067] page_type: f5(slab) [ 19.224110] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.224308] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.224506] page dumped because: kasan: bad access detected [ 19.224689] [ 19.224748] Memory state around the buggy address: [ 19.224889] fff00000c57eaa80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.224972] fff00000c57eab00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.225062] >fff00000c57eab80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.225262] ^ [ 19.225456] fff00000c57eac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.225624] fff00000c57eac80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.225693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.208293] ================================================================== [ 19.208456] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.208559] Read of size 1 at addr fff00000c57eabd0 by task kunit_try_catch/260 [ 19.208629] [ 19.208684] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.208774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.208804] Hardware name: linux,dummy-virt (DT) [ 19.208839] Call trace: [ 19.208865] show_stack+0x20/0x38 (C) [ 19.208919] dump_stack_lvl+0x8c/0xd0 [ 19.208968] print_report+0x118/0x608 [ 19.209018] kasan_report+0xdc/0x128 [ 19.209065] __asan_report_load1_noabort+0x20/0x30 [ 19.209117] strcmp+0xc0/0xc8 [ 19.209159] kasan_strings+0x340/0xb00 [ 19.209206] kunit_try_run_case+0x170/0x3f0 [ 19.209271] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.210223] kthread+0x328/0x630 [ 19.210503] ret_from_fork+0x10/0x20 [ 19.210669] [ 19.210727] Allocated by task 260: [ 19.210811] kasan_save_stack+0x3c/0x68 [ 19.210861] kasan_save_track+0x20/0x40 [ 19.211162] kasan_save_alloc_info+0x40/0x58 [ 19.211298] __kasan_kmalloc+0xd4/0xd8 [ 19.211588] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.211715] kasan_strings+0xc8/0xb00 [ 19.211795] kunit_try_run_case+0x170/0x3f0 [ 19.212035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.212241] kthread+0x328/0x630 [ 19.212339] ret_from_fork+0x10/0x20 [ 19.212465] [ 19.212515] Freed by task 260: [ 19.212548] kasan_save_stack+0x3c/0x68 [ 19.212871] kasan_save_track+0x20/0x40 [ 19.212942] kasan_save_free_info+0x4c/0x78 [ 19.213014] __kasan_slab_free+0x6c/0x98 [ 19.213161] kfree+0x214/0x3c8 [ 19.213218] kasan_strings+0x24c/0xb00 [ 19.213393] kunit_try_run_case+0x170/0x3f0 [ 19.213596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.213693] kthread+0x328/0x630 [ 19.213885] ret_from_fork+0x10/0x20 [ 19.213936] [ 19.214063] The buggy address belongs to the object at fff00000c57eabc0 [ 19.214063] which belongs to the cache kmalloc-32 of size 32 [ 19.214238] The buggy address is located 16 bytes inside of [ 19.214238] freed 32-byte region [fff00000c57eabc0, fff00000c57eabe0) [ 19.214410] [ 19.214465] The buggy address belongs to the physical page: [ 19.214558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ea [ 19.214673] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.214875] page_type: f5(slab) [ 19.215064] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.215170] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.215310] page dumped because: kasan: bad access detected [ 19.215369] [ 19.215389] Memory state around the buggy address: [ 19.215583] fff00000c57eaa80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.215823] fff00000c57eab00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.215920] >fff00000c57eab80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.215964] ^ [ 19.216209] fff00000c57eac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.216445] fff00000c57eac80: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.216532] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.184795] ================================================================== [ 19.184867] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.185338] Read of size 1 at addr fff00000c57eaa18 by task kunit_try_catch/258 [ 19.185424] [ 19.185606] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.185848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.186039] Hardware name: linux,dummy-virt (DT) [ 19.186185] Call trace: [ 19.186256] show_stack+0x20/0x38 (C) [ 19.186596] dump_stack_lvl+0x8c/0xd0 [ 19.186752] print_report+0x118/0x608 [ 19.186847] kasan_report+0xdc/0x128 [ 19.187037] __asan_report_load1_noabort+0x20/0x30 [ 19.187115] memcmp+0x198/0x1d8 [ 19.187441] kasan_memcmp+0x16c/0x300 [ 19.187509] kunit_try_run_case+0x170/0x3f0 [ 19.187562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187629] kthread+0x328/0x630 [ 19.187738] ret_from_fork+0x10/0x20 [ 19.187803] [ 19.187834] Allocated by task 258: [ 19.187866] kasan_save_stack+0x3c/0x68 [ 19.187911] kasan_save_track+0x20/0x40 [ 19.187951] kasan_save_alloc_info+0x40/0x58 [ 19.187993] __kasan_kmalloc+0xd4/0xd8 [ 19.188031] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.188083] kasan_memcmp+0xbc/0x300 [ 19.188120] kunit_try_run_case+0x170/0x3f0 [ 19.188159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.188212] kthread+0x328/0x630 [ 19.188256] ret_from_fork+0x10/0x20 [ 19.188300] [ 19.188329] The buggy address belongs to the object at fff00000c57eaa00 [ 19.188329] which belongs to the cache kmalloc-32 of size 32 [ 19.188392] The buggy address is located 0 bytes to the right of [ 19.188392] allocated 24-byte region [fff00000c57eaa00, fff00000c57eaa18) [ 19.188461] [ 19.188495] The buggy address belongs to the physical page: [ 19.188529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ea [ 19.188607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.188673] page_type: f5(slab) [ 19.188717] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.188779] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.188825] page dumped because: kasan: bad access detected [ 19.188875] [ 19.188910] Memory state around the buggy address: [ 19.188953] fff00000c57ea900: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.189008] fff00000c57ea980: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.189055] >fff00000c57eaa00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189097] ^ [ 19.189128] fff00000c57eaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189173] fff00000c57eab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.152841] ================================================================== [ 19.152957] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.153148] Read of size 1 at addr ffff800080a17b4a by task kunit_try_catch/254 [ 19.153403] [ 19.153646] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.153961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.153995] Hardware name: linux,dummy-virt (DT) [ 19.154192] Call trace: [ 19.154304] show_stack+0x20/0x38 (C) [ 19.154428] dump_stack_lvl+0x8c/0xd0 [ 19.154733] print_report+0x310/0x608 [ 19.154887] kasan_report+0xdc/0x128 [ 19.154966] __asan_report_load1_noabort+0x20/0x30 [ 19.155066] kasan_alloca_oob_right+0x2dc/0x340 [ 19.155551] kunit_try_run_case+0x170/0x3f0 [ 19.155704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.155851] kthread+0x328/0x630 [ 19.155973] ret_from_fork+0x10/0x20 [ 19.156028] [ 19.156060] The buggy address belongs to stack of task kunit_try_catch/254 [ 19.156384] [ 19.156437] The buggy address belongs to the virtual mapping at [ 19.156437] [ffff800080a10000, ffff800080a19000) created by: [ 19.156437] kernel_clone+0x150/0x7a8 [ 19.156640] [ 19.156718] The buggy address belongs to the physical page: [ 19.156867] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057b1 [ 19.156965] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.157341] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.157439] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.157610] page dumped because: kasan: bad access detected [ 19.157740] [ 19.157811] Memory state around the buggy address: [ 19.157871] ffff800080a17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.158211] ffff800080a17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.158274] >ffff800080a17b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.158496] ^ [ 19.158658] ffff800080a17b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.158765] ffff800080a17c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.158913] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.137044] ================================================================== [ 19.137131] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.137195] Read of size 1 at addr ffff800080907b5f by task kunit_try_catch/252 [ 19.137247] [ 19.137296] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.137393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.137421] Hardware name: linux,dummy-virt (DT) [ 19.137739] Call trace: [ 19.137943] show_stack+0x20/0x38 (C) [ 19.138002] dump_stack_lvl+0x8c/0xd0 [ 19.138505] print_report+0x310/0x608 [ 19.138725] kasan_report+0xdc/0x128 [ 19.138820] __asan_report_load1_noabort+0x20/0x30 [ 19.138973] kasan_alloca_oob_left+0x2b8/0x310 [ 19.139033] kunit_try_run_case+0x170/0x3f0 [ 19.139365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.139481] kthread+0x328/0x630 [ 19.139736] ret_from_fork+0x10/0x20 [ 19.139943] [ 19.139999] The buggy address belongs to stack of task kunit_try_catch/252 [ 19.140245] [ 19.140395] The buggy address belongs to the virtual mapping at [ 19.140395] [ffff800080900000, ffff800080909000) created by: [ 19.140395] kernel_clone+0x150/0x7a8 [ 19.140483] [ 19.140907] The buggy address belongs to the physical page: [ 19.140997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10572f [ 19.141185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.141632] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.141807] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.141892] page dumped because: kasan: bad access detected [ 19.142038] [ 19.142117] Memory state around the buggy address: [ 19.142190] ffff800080907a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.142381] ffff800080907a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.143011] >ffff800080907b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.143153] ^ [ 19.143385] ffff800080907b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.143553] ffff800080907c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.143741] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.119487] ================================================================== [ 19.119586] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.120042] Read of size 1 at addr ffff800080907c2a by task kunit_try_catch/250 [ 19.120188] [ 19.120310] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.120641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.120713] Hardware name: linux,dummy-virt (DT) [ 19.120750] Call trace: [ 19.120808] show_stack+0x20/0x38 (C) [ 19.120919] dump_stack_lvl+0x8c/0xd0 [ 19.121002] print_report+0x310/0x608 [ 19.121069] kasan_report+0xdc/0x128 [ 19.121114] __asan_report_load1_noabort+0x20/0x30 [ 19.121468] kasan_stack_oob+0x238/0x270 [ 19.121640] kunit_try_run_case+0x170/0x3f0 [ 19.121963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.122111] kthread+0x328/0x630 [ 19.122206] ret_from_fork+0x10/0x20 [ 19.122315] [ 19.122793] The buggy address belongs to stack of task kunit_try_catch/250 [ 19.123100] and is located at offset 138 in frame: [ 19.123166] kasan_stack_oob+0x0/0x270 [ 19.123794] [ 19.124171] This frame has 4 objects: [ 19.124471] [48, 49) '__assertion' [ 19.124880] [64, 72) 'array' [ 19.125034] [96, 112) '__assertion' [ 19.125088] [128, 138) 'stack_array' [ 19.125159] [ 19.125203] The buggy address belongs to the virtual mapping at [ 19.125203] [ffff800080900000, ffff800080909000) created by: [ 19.125203] kernel_clone+0x150/0x7a8 [ 19.125767] [ 19.125821] The buggy address belongs to the physical page: [ 19.125868] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10572f [ 19.125994] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.126153] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.126238] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.126281] page dumped because: kasan: bad access detected [ 19.126517] [ 19.126633] Memory state around the buggy address: [ 19.126773] ffff800080907b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.126919] ffff800080907b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.127013] >ffff800080907c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.127190] ^ [ 19.127532] ffff800080907c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.127624] ffff800080907d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.127721] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.095011] ================================================================== [ 19.095081] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.095540] Read of size 1 at addr ffffa1857194f5cd by task kunit_try_catch/246 [ 19.095640] [ 19.095763] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.095852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.095880] Hardware name: linux,dummy-virt (DT) [ 19.096265] Call trace: [ 19.096298] show_stack+0x20/0x38 (C) [ 19.096352] dump_stack_lvl+0x8c/0xd0 [ 19.096421] print_report+0x310/0x608 [ 19.096765] kasan_report+0xdc/0x128 [ 19.096864] __asan_report_load1_noabort+0x20/0x30 [ 19.096930] kasan_global_oob_right+0x230/0x270 [ 19.096988] kunit_try_run_case+0x170/0x3f0 [ 19.097040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.097095] kthread+0x328/0x630 [ 19.097374] ret_from_fork+0x10/0x20 [ 19.097829] [ 19.098244] The buggy address belongs to the variable: [ 19.098457] global_array+0xd/0x40 [ 19.098587] [ 19.098733] The buggy address belongs to the virtual mapping at [ 19.098733] [ffffa1856fb00000, ffffa18571a01000) created by: [ 19.098733] paging_init+0x66c/0x7d0 [ 19.098862] [ 19.098925] The buggy address belongs to the physical page: [ 19.099299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 19.099382] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.099553] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 19.100005] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.100154] page dumped because: kasan: bad access detected [ 19.100213] [ 19.100261] Memory state around the buggy address: [ 19.100389] ffffa1857194f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.100479] ffffa1857194f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.100660] >ffffa1857194f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 19.100815] ^ [ 19.101292] ffffa1857194f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 19.101452] ffffa1857194f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 19.101532] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.078637] ================================================================== [ 19.078716] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.078783] Free of addr fff00000c7bc8001 by task kunit_try_catch/244 [ 19.078826] [ 19.079057] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.079217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.079261] Hardware name: linux,dummy-virt (DT) [ 19.079330] Call trace: [ 19.079368] show_stack+0x20/0x38 (C) [ 19.079656] dump_stack_lvl+0x8c/0xd0 [ 19.079726] print_report+0x118/0x608 [ 19.079785] kasan_report_invalid_free+0xc0/0xe8 [ 19.079838] __kasan_mempool_poison_object+0xfc/0x150 [ 19.079930] mempool_free+0x28c/0x328 [ 19.079995] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.080050] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.080245] kunit_try_run_case+0x170/0x3f0 [ 19.080299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.080361] kthread+0x328/0x630 [ 19.080730] ret_from_fork+0x10/0x20 [ 19.080831] [ 19.080862] The buggy address belongs to the physical page: [ 19.080935] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc8 [ 19.081032] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.081133] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.081199] page_type: f8(unknown) [ 19.081242] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.081297] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.081716] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.081884] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.082041] head: 0bfffe0000000002 ffffc1ffc31ef201 00000000ffffffff 00000000ffffffff [ 19.082117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.082334] page dumped because: kasan: bad access detected [ 19.082401] [ 19.082419] Memory state around the buggy address: [ 19.082700] fff00000c7bc7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.082793] fff00000c7bc7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.082868] >fff00000c7bc8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.083040] ^ [ 19.083217] fff00000c7bc8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.083305] fff00000c7bc8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.083622] ================================================================== [ 19.059682] ================================================================== [ 19.059753] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.059902] Free of addr fff00000c57ee201 by task kunit_try_catch/242 [ 19.059958] [ 19.060022] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.060106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.060393] Hardware name: linux,dummy-virt (DT) [ 19.060498] Call trace: [ 19.060523] show_stack+0x20/0x38 (C) [ 19.060648] dump_stack_lvl+0x8c/0xd0 [ 19.060703] print_report+0x118/0x608 [ 19.060810] kasan_report_invalid_free+0xc0/0xe8 [ 19.060867] check_slab_allocation+0xfc/0x108 [ 19.061014] __kasan_mempool_poison_object+0x78/0x150 [ 19.061073] mempool_free+0x28c/0x328 [ 19.061117] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.061528] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.061622] kunit_try_run_case+0x170/0x3f0 [ 19.061772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.061860] kthread+0x328/0x630 [ 19.062043] ret_from_fork+0x10/0x20 [ 19.062358] [ 19.062430] Allocated by task 242: [ 19.062677] kasan_save_stack+0x3c/0x68 [ 19.062891] kasan_save_track+0x20/0x40 [ 19.062951] kasan_save_alloc_info+0x40/0x58 [ 19.063261] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.063343] remove_element+0x130/0x1f8 [ 19.063521] mempool_alloc_preallocated+0x58/0xc0 [ 19.063613] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.063717] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.063785] kunit_try_run_case+0x170/0x3f0 [ 19.064120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.064247] kthread+0x328/0x630 [ 19.064420] ret_from_fork+0x10/0x20 [ 19.064630] [ 19.064719] The buggy address belongs to the object at fff00000c57ee200 [ 19.064719] which belongs to the cache kmalloc-128 of size 128 [ 19.064785] The buggy address is located 1 bytes inside of [ 19.064785] 128-byte region [fff00000c57ee200, fff00000c57ee280) [ 19.065113] [ 19.065205] The buggy address belongs to the physical page: [ 19.065339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057ee [ 19.065537] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.065641] page_type: f5(slab) [ 19.065874] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.066076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.066229] page dumped because: kasan: bad access detected [ 19.066290] [ 19.066309] Memory state around the buggy address: [ 19.066509] fff00000c57ee100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.066718] fff00000c57ee180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.066783] >fff00000c57ee200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.066919] ^ [ 19.067030] fff00000c57ee280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.067255] fff00000c57ee300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.067315] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.015712] ================================================================== [ 19.015803] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.015873] Free of addr fff00000c7bc4000 by task kunit_try_catch/238 [ 19.016063] [ 19.016136] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.016233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.016260] Hardware name: linux,dummy-virt (DT) [ 19.016494] Call trace: [ 19.016670] show_stack+0x20/0x38 (C) [ 19.016813] dump_stack_lvl+0x8c/0xd0 [ 19.016868] print_report+0x118/0x608 [ 19.016915] kasan_report_invalid_free+0xc0/0xe8 [ 19.017339] __kasan_mempool_poison_object+0x14c/0x150 [ 19.017426] mempool_free+0x28c/0x328 [ 19.017489] mempool_double_free_helper+0x150/0x2e8 [ 19.017540] mempool_kmalloc_large_double_free+0xc0/0x118 [ 19.017799] kunit_try_run_case+0x170/0x3f0 [ 19.018010] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.018130] kthread+0x328/0x630 [ 19.018192] ret_from_fork+0x10/0x20 [ 19.018482] [ 19.018621] The buggy address belongs to the physical page: [ 19.018784] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc4 [ 19.019177] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.019266] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.019541] page_type: f8(unknown) [ 19.019734] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.019862] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.019965] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.020277] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.020385] head: 0bfffe0000000002 ffffc1ffc31ef101 00000000ffffffff 00000000ffffffff [ 19.020501] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.020675] page dumped because: kasan: bad access detected [ 19.020725] [ 19.021053] Memory state around the buggy address: [ 19.021108] fff00000c7bc3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.021398] fff00000c7bc3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.021558] >fff00000c7bc4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.021704] ^ [ 19.021740] fff00000c7bc4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022086] fff00000c7bc4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.022305] ================================================================== [ 18.996761] ================================================================== [ 18.996829] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.996900] Free of addr fff00000c669fe00 by task kunit_try_catch/236 [ 18.996955] [ 18.996994] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.997077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.997105] Hardware name: linux,dummy-virt (DT) [ 18.997137] Call trace: [ 18.997159] show_stack+0x20/0x38 (C) [ 18.997213] dump_stack_lvl+0x8c/0xd0 [ 18.997284] print_report+0x118/0x608 [ 18.997934] kasan_report_invalid_free+0xc0/0xe8 [ 18.998037] check_slab_allocation+0xd4/0x108 [ 18.998113] __kasan_mempool_poison_object+0x78/0x150 [ 18.998398] mempool_free+0x28c/0x328 [ 18.998587] mempool_double_free_helper+0x150/0x2e8 [ 18.998733] mempool_kmalloc_double_free+0xc0/0x118 [ 18.999002] kunit_try_run_case+0x170/0x3f0 [ 18.999185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.999320] kthread+0x328/0x630 [ 18.999375] ret_from_fork+0x10/0x20 [ 18.999606] [ 18.999749] Allocated by task 236: [ 18.999795] kasan_save_stack+0x3c/0x68 [ 18.999861] kasan_save_track+0x20/0x40 [ 18.999994] kasan_save_alloc_info+0x40/0x58 [ 19.000090] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.000272] remove_element+0x130/0x1f8 [ 19.000339] mempool_alloc_preallocated+0x58/0xc0 [ 19.000705] mempool_double_free_helper+0x94/0x2e8 [ 19.000784] mempool_kmalloc_double_free+0xc0/0x118 [ 19.000900] kunit_try_run_case+0x170/0x3f0 [ 19.001008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.001089] kthread+0x328/0x630 [ 19.001215] ret_from_fork+0x10/0x20 [ 19.001273] [ 19.001294] Freed by task 236: [ 19.001544] kasan_save_stack+0x3c/0x68 [ 19.001721] kasan_save_track+0x20/0x40 [ 19.001910] kasan_save_free_info+0x4c/0x78 [ 19.002098] __kasan_mempool_poison_object+0xc0/0x150 [ 19.002199] mempool_free+0x28c/0x328 [ 19.002243] mempool_double_free_helper+0x100/0x2e8 [ 19.002464] mempool_kmalloc_double_free+0xc0/0x118 [ 19.002657] kunit_try_run_case+0x170/0x3f0 [ 19.002720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.002850] kthread+0x328/0x630 [ 19.002928] ret_from_fork+0x10/0x20 [ 19.002963] [ 19.003314] The buggy address belongs to the object at fff00000c669fe00 [ 19.003314] which belongs to the cache kmalloc-128 of size 128 [ 19.003634] The buggy address is located 0 bytes inside of [ 19.003634] 128-byte region [fff00000c669fe00, fff00000c669fe80) [ 19.003888] [ 19.003913] The buggy address belongs to the physical page: [ 19.004126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10669f [ 19.004427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.004559] page_type: f5(slab) [ 19.005247] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.005368] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.005508] page dumped because: kasan: bad access detected [ 19.005633] [ 19.005773] Memory state around the buggy address: [ 19.005838] fff00000c669fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.005885] fff00000c669fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.005930] >fff00000c669fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.006246] ^ [ 19.006423] fff00000c669fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.006621] fff00000c669ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.006717] ================================================================== [ 19.040642] ================================================================== [ 19.040822] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.040893] Free of addr fff00000c7bc4000 by task kunit_try_catch/240 [ 19.041145] [ 19.041192] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.041502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.041652] Hardware name: linux,dummy-virt (DT) [ 19.041688] Call trace: [ 19.041719] show_stack+0x20/0x38 (C) [ 19.041935] dump_stack_lvl+0x8c/0xd0 [ 19.042128] print_report+0x118/0x608 [ 19.042199] kasan_report_invalid_free+0xc0/0xe8 [ 19.042346] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.042463] mempool_free+0x24c/0x328 [ 19.042658] mempool_double_free_helper+0x150/0x2e8 [ 19.042767] mempool_page_alloc_double_free+0xbc/0x118 [ 19.042855] kunit_try_run_case+0x170/0x3f0 [ 19.043181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.043349] kthread+0x328/0x630 [ 19.043634] ret_from_fork+0x10/0x20 [ 19.043759] [ 19.043806] The buggy address belongs to the physical page: [ 19.044008] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc4 [ 19.044210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.044355] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.044600] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.044670] page dumped because: kasan: bad access detected [ 19.045023] [ 19.045331] Memory state around the buggy address: [ 19.045382] fff00000c7bc3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.045429] fff00000c7bc3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.045474] >fff00000c7bc4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.045515] ^ [ 19.045543] fff00000c7bc4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.045598] fff00000c7bc4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.046031] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.918116] ================================================================== [ 18.918550] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.918677] Read of size 1 at addr fff00000c7bc0000 by task kunit_try_catch/230 [ 18.918890] [ 18.918940] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.919035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.919062] Hardware name: linux,dummy-virt (DT) [ 18.919768] Call trace: [ 18.919810] show_stack+0x20/0x38 (C) [ 18.919865] dump_stack_lvl+0x8c/0xd0 [ 18.919923] print_report+0x118/0x608 [ 18.919969] kasan_report+0xdc/0x128 [ 18.920014] __asan_report_load1_noabort+0x20/0x30 [ 18.920065] mempool_uaf_helper+0x314/0x340 [ 18.920110] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.920159] kunit_try_run_case+0x170/0x3f0 [ 18.920205] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.920260] kthread+0x328/0x630 [ 18.920300] ret_from_fork+0x10/0x20 [ 18.920347] [ 18.920369] The buggy address belongs to the physical page: [ 18.920405] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc0 [ 18.920464] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.920513] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.920578] page_type: f8(unknown) [ 18.920740] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.920795] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.920846] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.921505] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.921697] head: 0bfffe0000000002 ffffc1ffc31ef001 00000000ffffffff 00000000ffffffff [ 18.921759] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.921809] page dumped because: kasan: bad access detected [ 18.922152] [ 18.922217] Memory state around the buggy address: [ 18.922287] fff00000c7bbff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.922380] fff00000c7bbff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.922601] >fff00000c7bc0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.922824] ^ [ 18.922883] fff00000c7bc0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.923043] fff00000c7bc0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.923140] ================================================================== [ 18.983769] ================================================================== [ 18.983847] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.983916] Read of size 1 at addr fff00000c7bc4000 by task kunit_try_catch/234 [ 18.983965] [ 18.984006] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.984091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.984238] Hardware name: linux,dummy-virt (DT) [ 18.984284] Call trace: [ 18.984308] show_stack+0x20/0x38 (C) [ 18.984364] dump_stack_lvl+0x8c/0xd0 [ 18.984415] print_report+0x118/0x608 [ 18.984461] kasan_report+0xdc/0x128 [ 18.984534] __asan_report_load1_noabort+0x20/0x30 [ 18.985391] mempool_uaf_helper+0x314/0x340 [ 18.985801] mempool_page_alloc_uaf+0xc0/0x118 [ 18.985895] kunit_try_run_case+0x170/0x3f0 [ 18.985964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.986061] kthread+0x328/0x630 [ 18.986216] ret_from_fork+0x10/0x20 [ 18.986412] [ 18.986474] The buggy address belongs to the physical page: [ 18.986510] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc4 [ 18.986812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.986946] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.987189] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.987352] page dumped because: kasan: bad access detected [ 18.987406] [ 18.987440] Memory state around the buggy address: [ 18.987489] fff00000c7bc3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.987598] fff00000c7bc3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.987875] >fff00000c7bc4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.987947] ^ [ 18.987999] fff00000c7bc4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.988173] fff00000c7bc4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.988274] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.940746] ================================================================== [ 18.941046] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.941256] Read of size 1 at addr fff00000c57f0240 by task kunit_try_catch/232 [ 18.941648] [ 18.941791] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.942035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.942067] Hardware name: linux,dummy-virt (DT) [ 18.942102] Call trace: [ 18.942125] show_stack+0x20/0x38 (C) [ 18.942178] dump_stack_lvl+0x8c/0xd0 [ 18.942228] print_report+0x118/0x608 [ 18.942518] kasan_report+0xdc/0x128 [ 18.942659] __asan_report_load1_noabort+0x20/0x30 [ 18.942758] mempool_uaf_helper+0x314/0x340 [ 18.942930] mempool_slab_uaf+0xc0/0x118 [ 18.943136] kunit_try_run_case+0x170/0x3f0 [ 18.943418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.943859] kthread+0x328/0x630 [ 18.944223] ret_from_fork+0x10/0x20 [ 18.944339] [ 18.944376] Allocated by task 232: [ 18.944721] kasan_save_stack+0x3c/0x68 [ 18.945111] kasan_save_track+0x20/0x40 [ 18.945239] kasan_save_alloc_info+0x40/0x58 [ 18.945669] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.945764] remove_element+0x16c/0x1f8 [ 18.945927] mempool_alloc_preallocated+0x58/0xc0 [ 18.945970] mempool_uaf_helper+0xa4/0x340 [ 18.946030] mempool_slab_uaf+0xc0/0x118 [ 18.946075] kunit_try_run_case+0x170/0x3f0 [ 18.946114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.946409] kthread+0x328/0x630 [ 18.946478] ret_from_fork+0x10/0x20 [ 18.946544] [ 18.946637] Freed by task 232: [ 18.946696] kasan_save_stack+0x3c/0x68 [ 18.946735] kasan_save_track+0x20/0x40 [ 18.947095] kasan_save_free_info+0x4c/0x78 [ 18.947167] __kasan_mempool_poison_object+0xc0/0x150 [ 18.947252] mempool_free+0x28c/0x328 [ 18.947405] mempool_uaf_helper+0x104/0x340 [ 18.947492] mempool_slab_uaf+0xc0/0x118 [ 18.947669] kunit_try_run_case+0x170/0x3f0 [ 18.947862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.947958] kthread+0x328/0x630 [ 18.948034] ret_from_fork+0x10/0x20 [ 18.948073] [ 18.948130] The buggy address belongs to the object at fff00000c57f0240 [ 18.948130] which belongs to the cache test_cache of size 123 [ 18.948355] The buggy address is located 0 bytes inside of [ 18.948355] freed 123-byte region [fff00000c57f0240, fff00000c57f02bb) [ 18.948541] [ 18.948590] The buggy address belongs to the physical page: [ 18.948896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057f0 [ 18.948990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.949124] page_type: f5(slab) [ 18.949218] raw: 0bfffe0000000000 fff00000c5b9bdc0 dead000000000122 0000000000000000 [ 18.949377] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.949501] page dumped because: kasan: bad access detected [ 18.949706] [ 18.949837] Memory state around the buggy address: [ 18.949878] fff00000c57f0100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.950143] fff00000c57f0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.950377] >fff00000c57f0200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.950457] ^ [ 18.950533] fff00000c57f0280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.950589] fff00000c57f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.950629] ================================================================== [ 18.891615] ================================================================== [ 18.891686] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.891844] Read of size 1 at addr fff00000c669fa00 by task kunit_try_catch/228 [ 18.891900] [ 18.891940] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.892027] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.892055] Hardware name: linux,dummy-virt (DT) [ 18.892097] Call trace: [ 18.892231] show_stack+0x20/0x38 (C) [ 18.892513] dump_stack_lvl+0x8c/0xd0 [ 18.892869] print_report+0x118/0x608 [ 18.892923] kasan_report+0xdc/0x128 [ 18.892966] __asan_report_load1_noabort+0x20/0x30 [ 18.893016] mempool_uaf_helper+0x314/0x340 [ 18.893063] mempool_kmalloc_uaf+0xc4/0x120 [ 18.893606] kunit_try_run_case+0x170/0x3f0 [ 18.893703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.893803] kthread+0x328/0x630 [ 18.893892] ret_from_fork+0x10/0x20 [ 18.893939] [ 18.893980] Allocated by task 228: [ 18.894010] kasan_save_stack+0x3c/0x68 [ 18.894052] kasan_save_track+0x20/0x40 [ 18.894089] kasan_save_alloc_info+0x40/0x58 [ 18.894130] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.894189] remove_element+0x130/0x1f8 [ 18.894506] mempool_alloc_preallocated+0x58/0xc0 [ 18.894742] mempool_uaf_helper+0xa4/0x340 [ 18.894795] mempool_kmalloc_uaf+0xc4/0x120 [ 18.894833] kunit_try_run_case+0x170/0x3f0 [ 18.894911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.895088] kthread+0x328/0x630 [ 18.895121] ret_from_fork+0x10/0x20 [ 18.895158] [ 18.895177] Freed by task 228: [ 18.895249] kasan_save_stack+0x3c/0x68 [ 18.895410] kasan_save_track+0x20/0x40 [ 18.895611] kasan_save_free_info+0x4c/0x78 [ 18.895652] __kasan_mempool_poison_object+0xc0/0x150 [ 18.895696] mempool_free+0x28c/0x328 [ 18.895737] mempool_uaf_helper+0x104/0x340 [ 18.895792] mempool_kmalloc_uaf+0xc4/0x120 [ 18.895923] kunit_try_run_case+0x170/0x3f0 [ 18.896092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.896227] kthread+0x328/0x630 [ 18.896261] ret_from_fork+0x10/0x20 [ 18.896340] [ 18.896360] The buggy address belongs to the object at fff00000c669fa00 [ 18.896360] which belongs to the cache kmalloc-128 of size 128 [ 18.896430] The buggy address is located 0 bytes inside of [ 18.896430] freed 128-byte region [fff00000c669fa00, fff00000c669fa80) [ 18.897115] [ 18.897144] The buggy address belongs to the physical page: [ 18.897180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10669f [ 18.897237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.897331] page_type: f5(slab) [ 18.897372] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.897422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.897464] page dumped because: kasan: bad access detected [ 18.897496] [ 18.897513] Memory state around the buggy address: [ 18.897777] fff00000c669f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.898166] fff00000c669f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.898504] >fff00000c669fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.898547] ^ [ 18.898607] fff00000c669fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.898650] fff00000c669fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.898742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.832443] ================================================================== [ 18.832519] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.832607] Read of size 1 at addr fff00000c669f673 by task kunit_try_catch/222 [ 18.832659] [ 18.832700] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.832790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.832818] Hardware name: linux,dummy-virt (DT) [ 18.832853] Call trace: [ 18.832877] show_stack+0x20/0x38 (C) [ 18.832929] dump_stack_lvl+0x8c/0xd0 [ 18.832980] print_report+0x118/0x608 [ 18.833027] kasan_report+0xdc/0x128 [ 18.833073] __asan_report_load1_noabort+0x20/0x30 [ 18.833124] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.833172] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.833221] kunit_try_run_case+0x170/0x3f0 [ 18.833275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.833513] kthread+0x328/0x630 [ 18.833579] ret_from_fork+0x10/0x20 [ 18.833631] [ 18.833653] Allocated by task 222: [ 18.833686] kasan_save_stack+0x3c/0x68 [ 18.833729] kasan_save_track+0x20/0x40 [ 18.833769] kasan_save_alloc_info+0x40/0x58 [ 18.833808] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.833854] remove_element+0x130/0x1f8 [ 18.833895] mempool_alloc_preallocated+0x58/0xc0 [ 18.833933] mempool_oob_right_helper+0x98/0x2f0 [ 18.833972] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.834011] kunit_try_run_case+0x170/0x3f0 [ 18.834049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.834094] kthread+0x328/0x630 [ 18.834125] ret_from_fork+0x10/0x20 [ 18.834161] [ 18.834181] The buggy address belongs to the object at fff00000c669f600 [ 18.834181] which belongs to the cache kmalloc-128 of size 128 [ 18.834242] The buggy address is located 0 bytes to the right of [ 18.834242] allocated 115-byte region [fff00000c669f600, fff00000c669f673) [ 18.834307] [ 18.834328] The buggy address belongs to the physical page: [ 18.834362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10669f [ 18.834419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.834475] page_type: f5(slab) [ 18.834518] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.834578] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.834621] page dumped because: kasan: bad access detected [ 18.834653] [ 18.834671] Memory state around the buggy address: [ 18.834706] fff00000c669f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.834750] fff00000c669f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.834795] >fff00000c669f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.834834] ^ [ 18.834874] fff00000c669f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.834916] fff00000c669f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.834955] ================================================================== [ 18.844322] ================================================================== [ 18.844396] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.844637] Read of size 1 at addr fff00000c7bc2001 by task kunit_try_catch/224 [ 18.844789] [ 18.844828] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.845421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.845456] Hardware name: linux,dummy-virt (DT) [ 18.845489] Call trace: [ 18.845513] show_stack+0x20/0x38 (C) [ 18.845574] dump_stack_lvl+0x8c/0xd0 [ 18.845624] print_report+0x118/0x608 [ 18.845674] kasan_report+0xdc/0x128 [ 18.846153] __asan_report_load1_noabort+0x20/0x30 [ 18.846219] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.846509] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.846632] kunit_try_run_case+0x170/0x3f0 [ 18.846730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.846823] kthread+0x328/0x630 [ 18.846978] ret_from_fork+0x10/0x20 [ 18.847026] [ 18.847050] The buggy address belongs to the physical page: [ 18.847085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107bc0 [ 18.847143] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.847233] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.847348] page_type: f8(unknown) [ 18.847500] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.847911] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.848079] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.848132] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.848182] head: 0bfffe0000000002 ffffc1ffc31ef001 00000000ffffffff 00000000ffffffff [ 18.848578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.848633] page dumped because: kasan: bad access detected [ 18.848666] [ 18.848684] Memory state around the buggy address: [ 18.848995] fff00000c7bc1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.849092] fff00000c7bc1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.849430] >fff00000c7bc2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.849646] ^ [ 18.849680] fff00000c7bc2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.849747] fff00000c7bc2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.849791] ================================================================== [ 18.864199] ================================================================== [ 18.864320] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.864380] Read of size 1 at addr fff00000c57af2bb by task kunit_try_catch/226 [ 18.864431] [ 18.864467] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.864552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.864601] Hardware name: linux,dummy-virt (DT) [ 18.864635] Call trace: [ 18.864658] show_stack+0x20/0x38 (C) [ 18.865052] dump_stack_lvl+0x8c/0xd0 [ 18.865106] print_report+0x118/0x608 [ 18.865153] kasan_report+0xdc/0x128 [ 18.865196] __asan_report_load1_noabort+0x20/0x30 [ 18.865266] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.865597] mempool_slab_oob_right+0xc0/0x118 [ 18.865720] kunit_try_run_case+0x170/0x3f0 [ 18.865886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.865985] kthread+0x328/0x630 [ 18.866028] ret_from_fork+0x10/0x20 [ 18.866094] [ 18.866114] Allocated by task 226: [ 18.866164] kasan_save_stack+0x3c/0x68 [ 18.866208] kasan_save_track+0x20/0x40 [ 18.866360] kasan_save_alloc_info+0x40/0x58 [ 18.866410] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.866454] remove_element+0x16c/0x1f8 [ 18.866492] mempool_alloc_preallocated+0x58/0xc0 [ 18.866531] mempool_oob_right_helper+0x98/0x2f0 [ 18.866595] mempool_slab_oob_right+0xc0/0x118 [ 18.866720] kunit_try_run_case+0x170/0x3f0 [ 18.866787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.866838] kthread+0x328/0x630 [ 18.866978] ret_from_fork+0x10/0x20 [ 18.867015] [ 18.867069] The buggy address belongs to the object at fff00000c57af240 [ 18.867069] which belongs to the cache test_cache of size 123 [ 18.867171] The buggy address is located 0 bytes to the right of [ 18.867171] allocated 123-byte region [fff00000c57af240, fff00000c57af2bb) [ 18.867292] [ 18.867320] The buggy address belongs to the physical page: [ 18.867468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057af [ 18.867614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.867724] page_type: f5(slab) [ 18.867764] raw: 0bfffe0000000000 fff00000c5b9bc80 dead000000000122 0000000000000000 [ 18.867910] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.867953] page dumped because: kasan: bad access detected [ 18.868021] [ 18.868124] Memory state around the buggy address: [ 18.868158] fff00000c57af180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.868201] fff00000c57af200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.868246] >fff00000c57af280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.868288] ^ [ 18.868322] fff00000c57af300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.868365] fff00000c57af380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.868431] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.276429] ================================================================== [ 18.276524] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.276619] Read of size 1 at addr fff00000c5b9b8c0 by task kunit_try_catch/216 [ 18.276687] [ 18.276730] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.276819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.276845] Hardware name: linux,dummy-virt (DT) [ 18.276881] Call trace: [ 18.276914] show_stack+0x20/0x38 (C) [ 18.276970] dump_stack_lvl+0x8c/0xd0 [ 18.277020] print_report+0x118/0x608 [ 18.277068] kasan_report+0xdc/0x128 [ 18.277113] __kasan_check_byte+0x54/0x70 [ 18.277158] kmem_cache_destroy+0x34/0x218 [ 18.277207] kmem_cache_double_destroy+0x174/0x300 [ 18.277255] kunit_try_run_case+0x170/0x3f0 [ 18.277311] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.277374] kthread+0x328/0x630 [ 18.277418] ret_from_fork+0x10/0x20 [ 18.277466] [ 18.277485] Allocated by task 216: [ 18.277515] kasan_save_stack+0x3c/0x68 [ 18.277556] kasan_save_track+0x20/0x40 [ 18.277608] kasan_save_alloc_info+0x40/0x58 [ 18.277649] __kasan_slab_alloc+0xa8/0xb0 [ 18.277685] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.277728] __kmem_cache_create_args+0x178/0x280 [ 18.277768] kmem_cache_double_destroy+0xc0/0x300 [ 18.277806] kunit_try_run_case+0x170/0x3f0 [ 18.277845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.277889] kthread+0x328/0x630 [ 18.277922] ret_from_fork+0x10/0x20 [ 18.277959] [ 18.277979] Freed by task 216: [ 18.278006] kasan_save_stack+0x3c/0x68 [ 18.278044] kasan_save_track+0x20/0x40 [ 18.278081] kasan_save_free_info+0x4c/0x78 [ 18.278120] __kasan_slab_free+0x6c/0x98 [ 18.278157] kmem_cache_free+0x260/0x468 [ 18.278195] slab_kmem_cache_release+0x38/0x50 [ 18.278234] kmem_cache_release+0x1c/0x30 [ 18.278271] kobject_put+0x17c/0x420 [ 18.278307] sysfs_slab_release+0x1c/0x30 [ 18.278346] kmem_cache_destroy+0x118/0x218 [ 18.278383] kmem_cache_double_destroy+0x128/0x300 [ 18.278423] kunit_try_run_case+0x170/0x3f0 [ 18.278459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.278503] kthread+0x328/0x630 [ 18.278536] ret_from_fork+0x10/0x20 [ 18.278581] [ 18.278600] The buggy address belongs to the object at fff00000c5b9b8c0 [ 18.278600] which belongs to the cache kmem_cache of size 208 [ 18.278659] The buggy address is located 0 bytes inside of [ 18.278659] freed 208-byte region [fff00000c5b9b8c0, fff00000c5b9b990) [ 18.278723] [ 18.278745] The buggy address belongs to the physical page: [ 18.278780] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b9b [ 18.278837] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.278891] page_type: f5(slab) [ 18.278934] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.278986] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.279027] page dumped because: kasan: bad access detected [ 18.279060] [ 18.279077] Memory state around the buggy address: [ 18.279114] fff00000c5b9b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.279158] fff00000c5b9b800: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 18.279200] >fff00000c5b9b880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.279240] ^ [ 18.279276] fff00000c5b9b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.279319] fff00000c5b9b980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.279359] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.189917] ================================================================== [ 18.190034] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.190111] Read of size 1 at addr fff00000c57df000 by task kunit_try_catch/214 [ 18.190165] [ 18.190206] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.190295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.190323] Hardware name: linux,dummy-virt (DT) [ 18.190361] Call trace: [ 18.190386] show_stack+0x20/0x38 (C) [ 18.190441] dump_stack_lvl+0x8c/0xd0 [ 18.190494] print_report+0x118/0x608 [ 18.190542] kasan_report+0xdc/0x128 [ 18.190602] __asan_report_load1_noabort+0x20/0x30 [ 18.190655] kmem_cache_rcu_uaf+0x388/0x468 [ 18.190702] kunit_try_run_case+0x170/0x3f0 [ 18.190752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.190807] kthread+0x328/0x630 [ 18.190852] ret_from_fork+0x10/0x20 [ 18.190903] [ 18.190921] Allocated by task 214: [ 18.190952] kasan_save_stack+0x3c/0x68 [ 18.190994] kasan_save_track+0x20/0x40 [ 18.191032] kasan_save_alloc_info+0x40/0x58 [ 18.191071] __kasan_slab_alloc+0xa8/0xb0 [ 18.191110] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.191150] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.191193] kunit_try_run_case+0x170/0x3f0 [ 18.191232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.191276] kthread+0x328/0x630 [ 18.191311] ret_from_fork+0x10/0x20 [ 18.191346] [ 18.191366] Freed by task 0: [ 18.191393] kasan_save_stack+0x3c/0x68 [ 18.191430] kasan_save_track+0x20/0x40 [ 18.191468] kasan_save_free_info+0x4c/0x78 [ 18.191508] __kasan_slab_free+0x6c/0x98 [ 18.191544] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.191594] rcu_core+0x9f4/0x1e20 [ 18.191632] rcu_core_si+0x18/0x30 [ 18.191665] handle_softirqs+0x374/0xb28 [ 18.191703] __do_softirq+0x1c/0x28 [ 18.191735] [ 18.191754] Last potentially related work creation: [ 18.191781] kasan_save_stack+0x3c/0x68 [ 18.191819] kasan_record_aux_stack+0xb4/0xc8 [ 18.191861] kmem_cache_free+0x120/0x468 [ 18.191897] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.191935] kunit_try_run_case+0x170/0x3f0 [ 18.191972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.192016] kthread+0x328/0x630 [ 18.192048] ret_from_fork+0x10/0x20 [ 18.192084] [ 18.192103] The buggy address belongs to the object at fff00000c57df000 [ 18.192103] which belongs to the cache test_cache of size 200 [ 18.192164] The buggy address is located 0 bytes inside of [ 18.192164] freed 200-byte region [fff00000c57df000, fff00000c57df0c8) [ 18.192229] [ 18.192252] The buggy address belongs to the physical page: [ 18.192285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057df [ 18.192346] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.192402] page_type: f5(slab) [ 18.192446] raw: 0bfffe0000000000 fff00000c57d53c0 dead000000000122 0000000000000000 [ 18.192499] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.192542] page dumped because: kasan: bad access detected [ 18.192583] [ 18.192601] Memory state around the buggy address: [ 18.192637] fff00000c57def00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192681] fff00000c57def80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192725] >fff00000c57df000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.192765] ^ [ 18.192793] fff00000c57df080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.192837] fff00000c57df100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.192877] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.827797] ================================================================== [ 17.828468] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.828685] Free of addr fff00000c57dc001 by task kunit_try_catch/212 [ 17.828760] [ 17.828805] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.829050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.829084] Hardware name: linux,dummy-virt (DT) [ 17.829120] Call trace: [ 17.829144] show_stack+0x20/0x38 (C) [ 17.829405] dump_stack_lvl+0x8c/0xd0 [ 17.829475] print_report+0x118/0x608 [ 17.829525] kasan_report_invalid_free+0xc0/0xe8 [ 17.829722] check_slab_allocation+0xfc/0x108 [ 17.829905] __kasan_slab_pre_free+0x2c/0x48 [ 17.830072] kmem_cache_free+0xf0/0x468 [ 17.830169] kmem_cache_invalid_free+0x184/0x3c8 [ 17.830238] kunit_try_run_case+0x170/0x3f0 [ 17.830618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.830715] kthread+0x328/0x630 [ 17.830807] ret_from_fork+0x10/0x20 [ 17.830860] [ 17.830879] Allocated by task 212: [ 17.831162] kasan_save_stack+0x3c/0x68 [ 17.831328] kasan_save_track+0x20/0x40 [ 17.831413] kasan_save_alloc_info+0x40/0x58 [ 17.831674] __kasan_slab_alloc+0xa8/0xb0 [ 17.831833] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.831949] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.832008] kunit_try_run_case+0x170/0x3f0 [ 17.832048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.832384] kthread+0x328/0x630 [ 17.832462] ret_from_fork+0x10/0x20 [ 17.832593] [ 17.832654] The buggy address belongs to the object at fff00000c57dc000 [ 17.832654] which belongs to the cache test_cache of size 200 [ 17.832737] The buggy address is located 1 bytes inside of [ 17.832737] 200-byte region [fff00000c57dc000, fff00000c57dc0c8) [ 17.832950] [ 17.833114] The buggy address belongs to the physical page: [ 17.833214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057dc [ 17.833294] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.833505] page_type: f5(slab) [ 17.833830] raw: 0bfffe0000000000 fff00000c57d5280 dead000000000122 0000000000000000 [ 17.833990] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.834061] page dumped because: kasan: bad access detected [ 17.834289] [ 17.834482] Memory state around the buggy address: [ 17.834541] fff00000c57dbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.834905] fff00000c57dbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.835081] >fff00000c57dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.835128] ^ [ 17.835399] fff00000c57dc080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.835637] fff00000c57dc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.835737] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.790435] ================================================================== [ 17.790523] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.790759] Free of addr fff00000c57d9000 by task kunit_try_catch/210 [ 17.790830] [ 17.790874] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.790965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.790991] Hardware name: linux,dummy-virt (DT) [ 17.791037] Call trace: [ 17.791077] show_stack+0x20/0x38 (C) [ 17.791134] dump_stack_lvl+0x8c/0xd0 [ 17.791185] print_report+0x118/0x608 [ 17.791234] kasan_report_invalid_free+0xc0/0xe8 [ 17.791282] check_slab_allocation+0xd4/0x108 [ 17.791333] __kasan_slab_pre_free+0x2c/0x48 [ 17.791380] kmem_cache_free+0xf0/0x468 [ 17.791428] kmem_cache_double_free+0x190/0x3c8 [ 17.791477] kunit_try_run_case+0x170/0x3f0 [ 17.791529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.792197] kthread+0x328/0x630 [ 17.792513] ret_from_fork+0x10/0x20 [ 17.792603] [ 17.792862] Allocated by task 210: [ 17.793025] kasan_save_stack+0x3c/0x68 [ 17.793076] kasan_save_track+0x20/0x40 [ 17.793121] kasan_save_alloc_info+0x40/0x58 [ 17.793169] __kasan_slab_alloc+0xa8/0xb0 [ 17.793331] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.793613] kmem_cache_double_free+0x12c/0x3c8 [ 17.793696] kunit_try_run_case+0x170/0x3f0 [ 17.793739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.794009] kthread+0x328/0x630 [ 17.794144] ret_from_fork+0x10/0x20 [ 17.794288] [ 17.794329] Freed by task 210: [ 17.794517] kasan_save_stack+0x3c/0x68 [ 17.794862] kasan_save_track+0x20/0x40 [ 17.794986] kasan_save_free_info+0x4c/0x78 [ 17.795069] __kasan_slab_free+0x6c/0x98 [ 17.795148] kmem_cache_free+0x260/0x468 [ 17.795362] kmem_cache_double_free+0x140/0x3c8 [ 17.795701] kunit_try_run_case+0x170/0x3f0 [ 17.795861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.795957] kthread+0x328/0x630 [ 17.795993] ret_from_fork+0x10/0x20 [ 17.796060] [ 17.796264] The buggy address belongs to the object at fff00000c57d9000 [ 17.796264] which belongs to the cache test_cache of size 200 [ 17.796518] The buggy address is located 0 bytes inside of [ 17.796518] 200-byte region [fff00000c57d9000, fff00000c57d90c8) [ 17.796758] [ 17.796923] The buggy address belongs to the physical page: [ 17.797069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d9 [ 17.797155] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.797489] page_type: f5(slab) [ 17.797673] raw: 0bfffe0000000000 fff00000c57d5140 dead000000000122 0000000000000000 [ 17.797779] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.797882] page dumped because: kasan: bad access detected [ 17.797936] [ 17.797954] Memory state around the buggy address: [ 17.797989] fff00000c57d8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.798040] fff00000c57d8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.798309] >fff00000c57d9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.798471] ^ [ 17.798514] fff00000c57d9080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.798700] fff00000c57d9100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.798774] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.649498] ================================================================== [ 17.650425] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.651770] Read of size 1 at addr fff00000c57d80c8 by task kunit_try_catch/208 [ 17.652586] [ 17.652933] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.653352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.653381] Hardware name: linux,dummy-virt (DT) [ 17.653414] Call trace: [ 17.653941] show_stack+0x20/0x38 (C) [ 17.654017] dump_stack_lvl+0x8c/0xd0 [ 17.654373] print_report+0x118/0x608 [ 17.654731] kasan_report+0xdc/0x128 [ 17.654858] __asan_report_load1_noabort+0x20/0x30 [ 17.655969] kmem_cache_oob+0x344/0x430 [ 17.656639] kunit_try_run_case+0x170/0x3f0 [ 17.657046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.657136] kthread+0x328/0x630 [ 17.657180] ret_from_fork+0x10/0x20 [ 17.657973] [ 17.658113] Allocated by task 208: [ 17.658312] kasan_save_stack+0x3c/0x68 [ 17.659129] kasan_save_track+0x20/0x40 [ 17.660140] kasan_save_alloc_info+0x40/0x58 [ 17.660431] __kasan_slab_alloc+0xa8/0xb0 [ 17.660498] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.660810] kmem_cache_oob+0x12c/0x430 [ 17.660860] kunit_try_run_case+0x170/0x3f0 [ 17.661264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.661425] kthread+0x328/0x630 [ 17.661464] ret_from_fork+0x10/0x20 [ 17.662032] [ 17.662149] The buggy address belongs to the object at fff00000c57d8000 [ 17.662149] which belongs to the cache test_cache of size 200 [ 17.662811] The buggy address is located 0 bytes to the right of [ 17.662811] allocated 200-byte region [fff00000c57d8000, fff00000c57d80c8) [ 17.663262] [ 17.663793] The buggy address belongs to the physical page: [ 17.663929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d8 [ 17.664119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.664223] page_type: f5(slab) [ 17.664269] raw: 0bfffe0000000000 fff00000c57d5000 dead000000000122 0000000000000000 [ 17.664700] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.665909] page dumped because: kasan: bad access detected [ 17.665953] [ 17.665971] Memory state around the buggy address: [ 17.666032] fff00000c57d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.666798] fff00000c57d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.667389] >fff00000c57d8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.667733] ^ [ 17.667846] fff00000c57d8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.667902] fff00000c57d8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.667944] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.548233] ================================================================== [ 17.548328] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.549077] Read of size 8 at addr fff00000c57d1880 by task kunit_try_catch/201 [ 17.549730] [ 17.549889] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.550072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.550099] Hardware name: linux,dummy-virt (DT) [ 17.550676] Call trace: [ 17.550801] show_stack+0x20/0x38 (C) [ 17.551225] dump_stack_lvl+0x8c/0xd0 [ 17.551521] print_report+0x118/0x608 [ 17.551583] kasan_report+0xdc/0x128 [ 17.552660] __asan_report_load8_noabort+0x20/0x30 [ 17.552876] workqueue_uaf+0x480/0x4a8 [ 17.553388] kunit_try_run_case+0x170/0x3f0 [ 17.553486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.553712] kthread+0x328/0x630 [ 17.554020] ret_from_fork+0x10/0x20 [ 17.554397] [ 17.554620] Allocated by task 201: [ 17.554656] kasan_save_stack+0x3c/0x68 [ 17.555010] kasan_save_track+0x20/0x40 [ 17.555391] kasan_save_alloc_info+0x40/0x58 [ 17.555458] __kasan_kmalloc+0xd4/0xd8 [ 17.555691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.555772] workqueue_uaf+0x13c/0x4a8 [ 17.556478] kunit_try_run_case+0x170/0x3f0 [ 17.556953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.557001] kthread+0x328/0x630 [ 17.557034] ret_from_fork+0x10/0x20 [ 17.557071] [ 17.557091] Freed by task 54: [ 17.557117] kasan_save_stack+0x3c/0x68 [ 17.557157] kasan_save_track+0x20/0x40 [ 17.557558] kasan_save_free_info+0x4c/0x78 [ 17.557618] __kasan_slab_free+0x6c/0x98 [ 17.558602] kfree+0x214/0x3c8 [ 17.558813] workqueue_uaf_work+0x18/0x30 [ 17.559181] process_one_work+0x530/0xf98 [ 17.559387] worker_thread+0x618/0xf38 [ 17.559463] kthread+0x328/0x630 [ 17.559497] ret_from_fork+0x10/0x20 [ 17.559540] [ 17.559756] Last potentially related work creation: [ 17.560132] kasan_save_stack+0x3c/0x68 [ 17.560705] kasan_record_aux_stack+0xb4/0xc8 [ 17.560910] __queue_work+0x65c/0x1008 [ 17.560952] queue_work_on+0xbc/0xf8 [ 17.561279] workqueue_uaf+0x210/0x4a8 [ 17.561512] kunit_try_run_case+0x170/0x3f0 [ 17.561582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.562004] kthread+0x328/0x630 [ 17.562220] ret_from_fork+0x10/0x20 [ 17.562284] [ 17.562305] The buggy address belongs to the object at fff00000c57d1880 [ 17.562305] which belongs to the cache kmalloc-32 of size 32 [ 17.563284] The buggy address is located 0 bytes inside of [ 17.563284] freed 32-byte region [fff00000c57d1880, fff00000c57d18a0) [ 17.563507] [ 17.563548] The buggy address belongs to the physical page: [ 17.563767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d1 [ 17.564358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.564655] page_type: f5(slab) [ 17.564700] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.564751] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.564794] page dumped because: kasan: bad access detected [ 17.564829] [ 17.564847] Memory state around the buggy address: [ 17.564885] fff00000c57d1780: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.564930] fff00000c57d1800: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.565344] >fff00000c57d1880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.566212] ^ [ 17.566255] fff00000c57d1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.566823] fff00000c57d1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.567522] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.477584] ================================================================== [ 17.478551] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.479071] Read of size 4 at addr fff00000c57d1680 by task swapper/1/0 [ 17.479420] [ 17.479745] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.479905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.479934] Hardware name: linux,dummy-virt (DT) [ 17.480366] Call trace: [ 17.480574] show_stack+0x20/0x38 (C) [ 17.480694] dump_stack_lvl+0x8c/0xd0 [ 17.481607] print_report+0x118/0x608 [ 17.481759] kasan_report+0xdc/0x128 [ 17.481902] __asan_report_load4_noabort+0x20/0x30 [ 17.482636] rcu_uaf_reclaim+0x64/0x70 [ 17.482802] rcu_core+0x9f4/0x1e20 [ 17.482852] rcu_core_si+0x18/0x30 [ 17.482897] handle_softirqs+0x374/0xb28 [ 17.483502] __do_softirq+0x1c/0x28 [ 17.483933] ____do_softirq+0x18/0x30 [ 17.484270] call_on_irq_stack+0x24/0x30 [ 17.484327] do_softirq_own_stack+0x24/0x38 [ 17.484607] __irq_exit_rcu+0x1fc/0x318 [ 17.484909] irq_exit_rcu+0x1c/0x80 [ 17.485022] el1_interrupt+0x38/0x58 [ 17.485678] el1h_64_irq_handler+0x18/0x28 [ 17.485988] el1h_64_irq+0x6c/0x70 [ 17.486779] arch_local_irq_enable+0x4/0x8 (P) [ 17.487059] do_idle+0x384/0x4e8 [ 17.487369] cpu_startup_entry+0x64/0x80 [ 17.487513] secondary_start_kernel+0x288/0x340 [ 17.487947] __secondary_switched+0xc0/0xc8 [ 17.488474] [ 17.488892] Allocated by task 199: [ 17.488946] kasan_save_stack+0x3c/0x68 [ 17.489151] kasan_save_track+0x20/0x40 [ 17.489189] kasan_save_alloc_info+0x40/0x58 [ 17.489230] __kasan_kmalloc+0xd4/0xd8 [ 17.489274] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.490083] rcu_uaf+0xb0/0x2d8 [ 17.490396] kunit_try_run_case+0x170/0x3f0 [ 17.490629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.490707] kthread+0x328/0x630 [ 17.490987] ret_from_fork+0x10/0x20 [ 17.491231] [ 17.491252] Freed by task 0: [ 17.491433] kasan_save_stack+0x3c/0x68 [ 17.491543] kasan_save_track+0x20/0x40 [ 17.491590] kasan_save_free_info+0x4c/0x78 [ 17.491631] __kasan_slab_free+0x6c/0x98 [ 17.492646] kfree+0x214/0x3c8 [ 17.492927] rcu_uaf_reclaim+0x28/0x70 [ 17.492967] rcu_core+0x9f4/0x1e20 [ 17.493004] rcu_core_si+0x18/0x30 [ 17.493370] handle_softirqs+0x374/0xb28 [ 17.493735] __do_softirq+0x1c/0x28 [ 17.493781] [ 17.493821] Last potentially related work creation: [ 17.494213] kasan_save_stack+0x3c/0x68 [ 17.494263] kasan_record_aux_stack+0xb4/0xc8 [ 17.494305] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.494850] call_rcu+0x18/0x30 [ 17.494921] rcu_uaf+0x14c/0x2d8 [ 17.495412] kunit_try_run_case+0x170/0x3f0 [ 17.495529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.495899] kthread+0x328/0x630 [ 17.496134] ret_from_fork+0x10/0x20 [ 17.496457] [ 17.496983] The buggy address belongs to the object at fff00000c57d1680 [ 17.496983] which belongs to the cache kmalloc-32 of size 32 [ 17.497157] The buggy address is located 0 bytes inside of [ 17.497157] freed 32-byte region [fff00000c57d1680, fff00000c57d16a0) [ 17.497223] [ 17.497246] The buggy address belongs to the physical page: [ 17.498131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d1 [ 17.498279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.498986] page_type: f5(slab) [ 17.499643] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.499741] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.500358] page dumped because: kasan: bad access detected [ 17.500497] [ 17.500709] Memory state around the buggy address: [ 17.500943] fff00000c57d1580: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.501750] fff00000c57d1600: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.502414] >fff00000c57d1680: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.502738] ^ [ 17.502843] fff00000c57d1700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.502913] fff00000c57d1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.503298] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.257910] ================================================================== [ 17.257972] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.258022] Read of size 1 at addr fff00000c5733c00 by task kunit_try_catch/197 [ 17.258071] [ 17.258130] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.258214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.258242] Hardware name: linux,dummy-virt (DT) [ 17.258273] Call trace: [ 17.258295] show_stack+0x20/0x38 (C) [ 17.258357] dump_stack_lvl+0x8c/0xd0 [ 17.258405] print_report+0x118/0x608 [ 17.258450] kasan_report+0xdc/0x128 [ 17.258495] __kasan_check_byte+0x54/0x70 [ 17.258542] ksize+0x30/0x88 [ 17.258635] ksize_uaf+0x168/0x5f8 [ 17.259204] kunit_try_run_case+0x170/0x3f0 [ 17.259342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.259396] kthread+0x328/0x630 [ 17.259754] ret_from_fork+0x10/0x20 [ 17.259844] [ 17.260149] Allocated by task 197: [ 17.260196] kasan_save_stack+0x3c/0x68 [ 17.260319] kasan_save_track+0x20/0x40 [ 17.260389] kasan_save_alloc_info+0x40/0x58 [ 17.260517] __kasan_kmalloc+0xd4/0xd8 [ 17.260557] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.260652] ksize_uaf+0xb8/0x5f8 [ 17.261007] kunit_try_run_case+0x170/0x3f0 [ 17.261141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.261218] kthread+0x328/0x630 [ 17.261325] ret_from_fork+0x10/0x20 [ 17.261386] [ 17.261458] Freed by task 197: [ 17.261577] kasan_save_stack+0x3c/0x68 [ 17.261617] kasan_save_track+0x20/0x40 [ 17.261674] kasan_save_free_info+0x4c/0x78 [ 17.261721] __kasan_slab_free+0x6c/0x98 [ 17.261874] kfree+0x214/0x3c8 [ 17.262055] ksize_uaf+0x11c/0x5f8 [ 17.262182] kunit_try_run_case+0x170/0x3f0 [ 17.262296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.262421] kthread+0x328/0x630 [ 17.262480] ret_from_fork+0x10/0x20 [ 17.262596] [ 17.262645] The buggy address belongs to the object at fff00000c5733c00 [ 17.262645] which belongs to the cache kmalloc-128 of size 128 [ 17.262738] The buggy address is located 0 bytes inside of [ 17.262738] freed 128-byte region [fff00000c5733c00, fff00000c5733c80) [ 17.263074] [ 17.263355] The buggy address belongs to the physical page: [ 17.263436] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.263574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.263663] page_type: f5(slab) [ 17.263777] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.263875] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.264012] page dumped because: kasan: bad access detected [ 17.264082] [ 17.264130] Memory state around the buggy address: [ 17.264227] fff00000c5733b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.264300] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.264611] >fff00000c5733c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.264687] ^ [ 17.264740] fff00000c5733c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.264876] fff00000c5733d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.264979] ================================================================== [ 17.266027] ================================================================== [ 17.266132] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.266219] Read of size 1 at addr fff00000c5733c00 by task kunit_try_catch/197 [ 17.266271] [ 17.266428] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.266603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.266826] Hardware name: linux,dummy-virt (DT) [ 17.266869] Call trace: [ 17.266910] show_stack+0x20/0x38 (C) [ 17.266976] dump_stack_lvl+0x8c/0xd0 [ 17.267028] print_report+0x118/0x608 [ 17.267074] kasan_report+0xdc/0x128 [ 17.267119] __asan_report_load1_noabort+0x20/0x30 [ 17.267245] ksize_uaf+0x598/0x5f8 [ 17.267291] kunit_try_run_case+0x170/0x3f0 [ 17.267357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.267457] kthread+0x328/0x630 [ 17.267501] ret_from_fork+0x10/0x20 [ 17.267549] [ 17.267812] Allocated by task 197: [ 17.267870] kasan_save_stack+0x3c/0x68 [ 17.267970] kasan_save_track+0x20/0x40 [ 17.268039] kasan_save_alloc_info+0x40/0x58 [ 17.268082] __kasan_kmalloc+0xd4/0xd8 [ 17.268178] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.268232] ksize_uaf+0xb8/0x5f8 [ 17.268312] kunit_try_run_case+0x170/0x3f0 [ 17.268452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.268504] kthread+0x328/0x630 [ 17.268583] ret_from_fork+0x10/0x20 [ 17.268836] [ 17.268905] Freed by task 197: [ 17.268945] kasan_save_stack+0x3c/0x68 [ 17.268988] kasan_save_track+0x20/0x40 [ 17.269091] kasan_save_free_info+0x4c/0x78 [ 17.269134] __kasan_slab_free+0x6c/0x98 [ 17.269172] kfree+0x214/0x3c8 [ 17.269206] ksize_uaf+0x11c/0x5f8 [ 17.269304] kunit_try_run_case+0x170/0x3f0 [ 17.269406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.269594] kthread+0x328/0x630 [ 17.269635] ret_from_fork+0x10/0x20 [ 17.269671] [ 17.269694] The buggy address belongs to the object at fff00000c5733c00 [ 17.269694] which belongs to the cache kmalloc-128 of size 128 [ 17.269934] The buggy address is located 0 bytes inside of [ 17.269934] freed 128-byte region [fff00000c5733c00, fff00000c5733c80) [ 17.270050] [ 17.270109] The buggy address belongs to the physical page: [ 17.270249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.270337] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.270637] page_type: f5(slab) [ 17.270693] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.270967] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.271044] page dumped because: kasan: bad access detected [ 17.271099] [ 17.271146] Memory state around the buggy address: [ 17.271286] fff00000c5733b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.271370] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.271704] >fff00000c5733c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.271868] ^ [ 17.271939] fff00000c5733c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272104] fff00000c5733d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.272196] ================================================================== [ 17.273235] ================================================================== [ 17.273303] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.273353] Read of size 1 at addr fff00000c5733c78 by task kunit_try_catch/197 [ 17.273722] [ 17.273880] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.274051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.274112] Hardware name: linux,dummy-virt (DT) [ 17.274187] Call trace: [ 17.274289] show_stack+0x20/0x38 (C) [ 17.274378] dump_stack_lvl+0x8c/0xd0 [ 17.274448] print_report+0x118/0x608 [ 17.274808] kasan_report+0xdc/0x128 [ 17.274877] __asan_report_load1_noabort+0x20/0x30 [ 17.274989] ksize_uaf+0x544/0x5f8 [ 17.275041] kunit_try_run_case+0x170/0x3f0 [ 17.275086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.275137] kthread+0x328/0x630 [ 17.275179] ret_from_fork+0x10/0x20 [ 17.275233] [ 17.275252] Allocated by task 197: [ 17.275287] kasan_save_stack+0x3c/0x68 [ 17.275340] kasan_save_track+0x20/0x40 [ 17.275377] kasan_save_alloc_info+0x40/0x58 [ 17.275431] __kasan_kmalloc+0xd4/0xd8 [ 17.275473] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.275512] ksize_uaf+0xb8/0x5f8 [ 17.275561] kunit_try_run_case+0x170/0x3f0 [ 17.275958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.276049] kthread+0x328/0x630 [ 17.276137] ret_from_fork+0x10/0x20 [ 17.276228] [ 17.276298] Freed by task 197: [ 17.276435] kasan_save_stack+0x3c/0x68 [ 17.276492] kasan_save_track+0x20/0x40 [ 17.276555] kasan_save_free_info+0x4c/0x78 [ 17.276890] __kasan_slab_free+0x6c/0x98 [ 17.276968] kfree+0x214/0x3c8 [ 17.277086] ksize_uaf+0x11c/0x5f8 [ 17.277164] kunit_try_run_case+0x170/0x3f0 [ 17.277312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.277396] kthread+0x328/0x630 [ 17.277457] ret_from_fork+0x10/0x20 [ 17.277495] [ 17.277514] The buggy address belongs to the object at fff00000c5733c00 [ 17.277514] which belongs to the cache kmalloc-128 of size 128 [ 17.277585] The buggy address is located 120 bytes inside of [ 17.277585] freed 128-byte region [fff00000c5733c00, fff00000c5733c80) [ 17.278521] [ 17.278596] The buggy address belongs to the physical page: [ 17.278919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.278996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.279134] page_type: f5(slab) [ 17.279215] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.279679] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.279953] page dumped because: kasan: bad access detected [ 17.280041] [ 17.280076] Memory state around the buggy address: [ 17.280188] fff00000c5733b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.280302] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.280368] >fff00000c5733c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.280458] ^ [ 17.280555] fff00000c5733c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.280654] fff00000c5733d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.281356] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.244146] ================================================================== [ 17.244405] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.244491] Read of size 1 at addr fff00000c5733b7f by task kunit_try_catch/195 [ 17.244544] [ 17.244652] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.244766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.244879] Hardware name: linux,dummy-virt (DT) [ 17.244926] Call trace: [ 17.244967] show_stack+0x20/0x38 (C) [ 17.245033] dump_stack_lvl+0x8c/0xd0 [ 17.245089] print_report+0x118/0x608 [ 17.245136] kasan_report+0xdc/0x128 [ 17.245180] __asan_report_load1_noabort+0x20/0x30 [ 17.245614] ksize_unpoisons_memory+0x690/0x740 [ 17.245718] kunit_try_run_case+0x170/0x3f0 [ 17.245790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.245986] kthread+0x328/0x630 [ 17.246203] ret_from_fork+0x10/0x20 [ 17.246415] [ 17.246463] Allocated by task 195: [ 17.246552] kasan_save_stack+0x3c/0x68 [ 17.246674] kasan_save_track+0x20/0x40 [ 17.246750] kasan_save_alloc_info+0x40/0x58 [ 17.246904] __kasan_kmalloc+0xd4/0xd8 [ 17.247093] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.247169] ksize_unpoisons_memory+0xc0/0x740 [ 17.247209] kunit_try_run_case+0x170/0x3f0 [ 17.247584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.248155] kthread+0x328/0x630 [ 17.248419] ret_from_fork+0x10/0x20 [ 17.248500] [ 17.248537] The buggy address belongs to the object at fff00000c5733b00 [ 17.248537] which belongs to the cache kmalloc-128 of size 128 [ 17.248727] The buggy address is located 12 bytes to the right of [ 17.248727] allocated 115-byte region [fff00000c5733b00, fff00000c5733b73) [ 17.248811] [ 17.248839] The buggy address belongs to the physical page: [ 17.248891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.248950] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.249002] page_type: f5(slab) [ 17.249040] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.249102] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.249153] page dumped because: kasan: bad access detected [ 17.249185] [ 17.249210] Memory state around the buggy address: [ 17.249251] fff00000c5733a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.249304] fff00000c5733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.249710] >fff00000c5733b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.249945] ^ [ 17.250162] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250218] fff00000c5733c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.250335] ================================================================== [ 17.229912] ================================================================== [ 17.229995] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.230082] Read of size 1 at addr fff00000c5733b73 by task kunit_try_catch/195 [ 17.230134] [ 17.230217] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.230304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.230330] Hardware name: linux,dummy-virt (DT) [ 17.230501] Call trace: [ 17.230525] show_stack+0x20/0x38 (C) [ 17.230676] dump_stack_lvl+0x8c/0xd0 [ 17.230841] print_report+0x118/0x608 [ 17.231000] kasan_report+0xdc/0x128 [ 17.231087] __asan_report_load1_noabort+0x20/0x30 [ 17.231224] ksize_unpoisons_memory+0x628/0x740 [ 17.231300] kunit_try_run_case+0x170/0x3f0 [ 17.231447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.231536] kthread+0x328/0x630 [ 17.231593] ret_from_fork+0x10/0x20 [ 17.231797] [ 17.231960] Allocated by task 195: [ 17.232025] kasan_save_stack+0x3c/0x68 [ 17.232190] kasan_save_track+0x20/0x40 [ 17.232281] kasan_save_alloc_info+0x40/0x58 [ 17.232431] __kasan_kmalloc+0xd4/0xd8 [ 17.232501] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.232550] ksize_unpoisons_memory+0xc0/0x740 [ 17.232926] kunit_try_run_case+0x170/0x3f0 [ 17.233218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.233345] kthread+0x328/0x630 [ 17.233507] ret_from_fork+0x10/0x20 [ 17.233579] [ 17.233648] The buggy address belongs to the object at fff00000c5733b00 [ 17.233648] which belongs to the cache kmalloc-128 of size 128 [ 17.233757] The buggy address is located 0 bytes to the right of [ 17.233757] allocated 115-byte region [fff00000c5733b00, fff00000c5733b73) [ 17.233911] [ 17.233970] The buggy address belongs to the physical page: [ 17.234157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.234224] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.234277] page_type: f5(slab) [ 17.234447] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.234611] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.234699] page dumped because: kasan: bad access detected [ 17.234826] [ 17.234888] Memory state around the buggy address: [ 17.234947] fff00000c5733a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.235067] fff00000c5733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235121] >fff00000c5733b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.235184] ^ [ 17.235227] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235548] fff00000c5733c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.235673] ================================================================== [ 17.236862] ================================================================== [ 17.236949] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.237004] Read of size 1 at addr fff00000c5733b78 by task kunit_try_catch/195 [ 17.237216] [ 17.237255] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.237694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.237795] Hardware name: linux,dummy-virt (DT) [ 17.237853] Call trace: [ 17.237960] show_stack+0x20/0x38 (C) [ 17.238088] dump_stack_lvl+0x8c/0xd0 [ 17.238191] print_report+0x118/0x608 [ 17.238242] kasan_report+0xdc/0x128 [ 17.238289] __asan_report_load1_noabort+0x20/0x30 [ 17.238341] ksize_unpoisons_memory+0x618/0x740 [ 17.238389] kunit_try_run_case+0x170/0x3f0 [ 17.238765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.238917] kthread+0x328/0x630 [ 17.239057] ret_from_fork+0x10/0x20 [ 17.239159] [ 17.239265] Allocated by task 195: [ 17.239363] kasan_save_stack+0x3c/0x68 [ 17.239408] kasan_save_track+0x20/0x40 [ 17.239453] kasan_save_alloc_info+0x40/0x58 [ 17.239671] __kasan_kmalloc+0xd4/0xd8 [ 17.239718] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.239760] ksize_unpoisons_memory+0xc0/0x740 [ 17.239852] kunit_try_run_case+0x170/0x3f0 [ 17.239894] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.239949] kthread+0x328/0x630 [ 17.239992] ret_from_fork+0x10/0x20 [ 17.240038] [ 17.240058] The buggy address belongs to the object at fff00000c5733b00 [ 17.240058] which belongs to the cache kmalloc-128 of size 128 [ 17.240134] The buggy address is located 5 bytes to the right of [ 17.240134] allocated 115-byte region [fff00000c5733b00, fff00000c5733b73) [ 17.240210] [ 17.240244] The buggy address belongs to the physical page: [ 17.240284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.240359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.240409] page_type: f5(slab) [ 17.240471] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.240524] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.240577] page dumped because: kasan: bad access detected [ 17.241091] [ 17.241138] Memory state around the buggy address: [ 17.241225] fff00000c5733a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.241276] fff00000c5733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.241693] >fff00000c5733b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.241779] ^ [ 17.241870] fff00000c5733b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.242031] fff00000c5733c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.242118] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.211267] ================================================================== [ 17.211344] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.211396] Free of addr fff00000c56b6140 by task kunit_try_catch/193 [ 17.211465] [ 17.211504] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.211861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.211902] Hardware name: linux,dummy-virt (DT) [ 17.212193] Call trace: [ 17.212233] show_stack+0x20/0x38 (C) [ 17.212287] dump_stack_lvl+0x8c/0xd0 [ 17.212345] print_report+0x118/0x608 [ 17.212390] kasan_report_invalid_free+0xc0/0xe8 [ 17.212703] check_slab_allocation+0xd4/0x108 [ 17.212784] __kasan_slab_pre_free+0x2c/0x48 [ 17.212837] kfree+0xe8/0x3c8 [ 17.212999] kfree_sensitive+0x3c/0xb0 [ 17.213186] kmalloc_double_kzfree+0x168/0x308 [ 17.213359] kunit_try_run_case+0x170/0x3f0 [ 17.213504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.213561] kthread+0x328/0x630 [ 17.213866] ret_from_fork+0x10/0x20 [ 17.213934] [ 17.214006] Allocated by task 193: [ 17.214084] kasan_save_stack+0x3c/0x68 [ 17.214162] kasan_save_track+0x20/0x40 [ 17.214251] kasan_save_alloc_info+0x40/0x58 [ 17.214330] __kasan_kmalloc+0xd4/0xd8 [ 17.214622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.214711] kmalloc_double_kzfree+0xb8/0x308 [ 17.214839] kunit_try_run_case+0x170/0x3f0 [ 17.214906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.215003] kthread+0x328/0x630 [ 17.215037] ret_from_fork+0x10/0x20 [ 17.215113] [ 17.215410] Freed by task 193: [ 17.215582] kasan_save_stack+0x3c/0x68 [ 17.215644] kasan_save_track+0x20/0x40 [ 17.216047] kasan_save_free_info+0x4c/0x78 [ 17.216130] __kasan_slab_free+0x6c/0x98 [ 17.216229] kfree+0x214/0x3c8 [ 17.216264] kfree_sensitive+0x80/0xb0 [ 17.216655] kmalloc_double_kzfree+0x11c/0x308 [ 17.216735] kunit_try_run_case+0x170/0x3f0 [ 17.216855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.216944] kthread+0x328/0x630 [ 17.216999] ret_from_fork+0x10/0x20 [ 17.217036] [ 17.217383] The buggy address belongs to the object at fff00000c56b6140 [ 17.217383] which belongs to the cache kmalloc-16 of size 16 [ 17.217469] The buggy address is located 0 bytes inside of [ 17.217469] 16-byte region [fff00000c56b6140, fff00000c56b6150) [ 17.217548] [ 17.217578] The buggy address belongs to the physical page: [ 17.217776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 17.218028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.218126] page_type: f5(slab) [ 17.218444] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.218521] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.218827] page dumped because: kasan: bad access detected [ 17.218946] [ 17.219017] Memory state around the buggy address: [ 17.219053] fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 17.219420] fff00000c56b6080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.219500] >fff00000c56b6100: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.219589] ^ [ 17.219626] fff00000c56b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.219999] fff00000c56b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.220099] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.203416] ================================================================== [ 17.203500] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.203582] Read of size 1 at addr fff00000c56b6140 by task kunit_try_catch/193 [ 17.203633] [ 17.203671] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.203758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.203786] Hardware name: linux,dummy-virt (DT) [ 17.203819] Call trace: [ 17.203842] show_stack+0x20/0x38 (C) [ 17.203893] dump_stack_lvl+0x8c/0xd0 [ 17.204344] print_report+0x118/0x608 [ 17.204398] kasan_report+0xdc/0x128 [ 17.204443] __kasan_check_byte+0x54/0x70 [ 17.204583] kfree_sensitive+0x30/0xb0 [ 17.204669] kmalloc_double_kzfree+0x168/0x308 [ 17.204788] kunit_try_run_case+0x170/0x3f0 [ 17.204843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.204897] kthread+0x328/0x630 [ 17.205157] ret_from_fork+0x10/0x20 [ 17.205231] [ 17.205304] Allocated by task 193: [ 17.205341] kasan_save_stack+0x3c/0x68 [ 17.205514] kasan_save_track+0x20/0x40 [ 17.205669] kasan_save_alloc_info+0x40/0x58 [ 17.205741] __kasan_kmalloc+0xd4/0xd8 [ 17.205879] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.205940] kmalloc_double_kzfree+0xb8/0x308 [ 17.205979] kunit_try_run_case+0x170/0x3f0 [ 17.206023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.206067] kthread+0x328/0x630 [ 17.206100] ret_from_fork+0x10/0x20 [ 17.206403] [ 17.207018] Freed by task 193: [ 17.207064] kasan_save_stack+0x3c/0x68 [ 17.207152] kasan_save_track+0x20/0x40 [ 17.207194] kasan_save_free_info+0x4c/0x78 [ 17.207234] __kasan_slab_free+0x6c/0x98 [ 17.207302] kfree+0x214/0x3c8 [ 17.207354] kfree_sensitive+0x80/0xb0 [ 17.207642] kmalloc_double_kzfree+0x11c/0x308 [ 17.207819] kunit_try_run_case+0x170/0x3f0 [ 17.207903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.208248] kthread+0x328/0x630 [ 17.208307] ret_from_fork+0x10/0x20 [ 17.208346] [ 17.208624] The buggy address belongs to the object at fff00000c56b6140 [ 17.208624] which belongs to the cache kmalloc-16 of size 16 [ 17.208743] The buggy address is located 0 bytes inside of [ 17.208743] freed 16-byte region [fff00000c56b6140, fff00000c56b6150) [ 17.208849] [ 17.208996] The buggy address belongs to the physical page: [ 17.209052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 17.209183] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.209270] page_type: f5(slab) [ 17.209320] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.209758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.209935] page dumped because: kasan: bad access detected [ 17.209990] [ 17.210112] Memory state around the buggy address: [ 17.210170] fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 17.210260] fff00000c56b6080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.210309] >fff00000c56b6100: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.210357] ^ [ 17.210401] fff00000c56b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.210446] fff00000c56b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.210488] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.173166] ================================================================== [ 17.173251] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.173792] Read of size 1 at addr fff00000c57c9f28 by task kunit_try_catch/189 [ 17.174767] [ 17.175124] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.175605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.175701] Hardware name: linux,dummy-virt (DT) [ 17.175997] Call trace: [ 17.176083] show_stack+0x20/0x38 (C) [ 17.176168] dump_stack_lvl+0x8c/0xd0 [ 17.176528] print_report+0x118/0x608 [ 17.176710] kasan_report+0xdc/0x128 [ 17.176838] __asan_report_load1_noabort+0x20/0x30 [ 17.177149] kmalloc_uaf2+0x3f4/0x468 [ 17.177290] kunit_try_run_case+0x170/0x3f0 [ 17.177522] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.177744] kthread+0x328/0x630 [ 17.177913] ret_from_fork+0x10/0x20 [ 17.178007] [ 17.178150] Allocated by task 189: [ 17.178183] kasan_save_stack+0x3c/0x68 [ 17.178280] kasan_save_track+0x20/0x40 [ 17.178634] kasan_save_alloc_info+0x40/0x58 [ 17.178716] __kasan_kmalloc+0xd4/0xd8 [ 17.178754] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.179077] kmalloc_uaf2+0xc4/0x468 [ 17.179247] kunit_try_run_case+0x170/0x3f0 [ 17.179300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.179614] kthread+0x328/0x630 [ 17.179767] ret_from_fork+0x10/0x20 [ 17.179860] [ 17.179995] Freed by task 189: [ 17.180025] kasan_save_stack+0x3c/0x68 [ 17.180092] kasan_save_track+0x20/0x40 [ 17.180460] kasan_save_free_info+0x4c/0x78 [ 17.180530] __kasan_slab_free+0x6c/0x98 [ 17.180692] kfree+0x214/0x3c8 [ 17.180906] kmalloc_uaf2+0x134/0x468 [ 17.180966] kunit_try_run_case+0x170/0x3f0 [ 17.181006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.181445] kthread+0x328/0x630 [ 17.181501] ret_from_fork+0x10/0x20 [ 17.181539] [ 17.181559] The buggy address belongs to the object at fff00000c57c9f00 [ 17.181559] which belongs to the cache kmalloc-64 of size 64 [ 17.181635] The buggy address is located 40 bytes inside of [ 17.181635] freed 64-byte region [fff00000c57c9f00, fff00000c57c9f40) [ 17.181698] [ 17.181721] The buggy address belongs to the physical page: [ 17.181753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c9 [ 17.181815] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.181867] page_type: f5(slab) [ 17.181910] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.181963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.182005] page dumped because: kasan: bad access detected [ 17.182037] [ 17.182055] Memory state around the buggy address: [ 17.182090] fff00000c57c9e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.182135] fff00000c57c9e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.182180] >fff00000c57c9f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.182221] ^ [ 17.182253] fff00000c57c9f80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.182296] fff00000c57ca000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.182337] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.113934] ================================================================== [ 17.114018] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.114085] Write of size 33 at addr fff00000c57c9e00 by task kunit_try_catch/187 [ 17.114138] [ 17.114179] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.114268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.114295] Hardware name: linux,dummy-virt (DT) [ 17.114329] Call trace: [ 17.114353] show_stack+0x20/0x38 (C) [ 17.114405] dump_stack_lvl+0x8c/0xd0 [ 17.114455] print_report+0x118/0x608 [ 17.114502] kasan_report+0xdc/0x128 [ 17.114548] kasan_check_range+0x100/0x1a8 [ 17.121355] __asan_memset+0x34/0x78 [ 17.121417] kmalloc_uaf_memset+0x170/0x310 [ 17.122578] kunit_try_run_case+0x170/0x3f0 [ 17.123099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.123171] kthread+0x328/0x630 [ 17.123215] ret_from_fork+0x10/0x20 [ 17.124160] [ 17.124260] Allocated by task 187: [ 17.125163] kasan_save_stack+0x3c/0x68 [ 17.125362] kasan_save_track+0x20/0x40 [ 17.125400] kasan_save_alloc_info+0x40/0x58 [ 17.126025] __kasan_kmalloc+0xd4/0xd8 [ 17.126326] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.126425] kmalloc_uaf_memset+0xb8/0x310 [ 17.126463] kunit_try_run_case+0x170/0x3f0 [ 17.127054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.127374] kthread+0x328/0x630 [ 17.127480] ret_from_fork+0x10/0x20 [ 17.127518] [ 17.127538] Freed by task 187: [ 17.128476] kasan_save_stack+0x3c/0x68 [ 17.128770] kasan_save_track+0x20/0x40 [ 17.129056] kasan_save_free_info+0x4c/0x78 [ 17.129530] __kasan_slab_free+0x6c/0x98 [ 17.129633] kfree+0x214/0x3c8 [ 17.130227] kmalloc_uaf_memset+0x11c/0x310 [ 17.131189] kunit_try_run_case+0x170/0x3f0 [ 17.131380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.131428] kthread+0x328/0x630 [ 17.131459] ret_from_fork+0x10/0x20 [ 17.132142] [ 17.132212] The buggy address belongs to the object at fff00000c57c9e00 [ 17.132212] which belongs to the cache kmalloc-64 of size 64 [ 17.132497] The buggy address is located 0 bytes inside of [ 17.132497] freed 64-byte region [fff00000c57c9e00, fff00000c57c9e40) [ 17.133416] [ 17.133446] The buggy address belongs to the physical page: [ 17.133480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c9 [ 17.133937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.134561] page_type: f5(slab) [ 17.134627] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.135968] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.136095] page dumped because: kasan: bad access detected [ 17.136129] [ 17.136147] Memory state around the buggy address: [ 17.136187] fff00000c57c9d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.137085] fff00000c57c9d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.137993] >fff00000c57c9e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.138169] ^ [ 17.138450] fff00000c57c9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.138531] fff00000c57c9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.139541] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.068335] ================================================================== [ 17.068533] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.069002] Read of size 1 at addr fff00000c56b6128 by task kunit_try_catch/185 [ 17.069106] [ 17.069144] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.069239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.069273] Hardware name: linux,dummy-virt (DT) [ 17.069422] Call trace: [ 17.069622] show_stack+0x20/0x38 (C) [ 17.069676] dump_stack_lvl+0x8c/0xd0 [ 17.069724] print_report+0x118/0x608 [ 17.070031] kasan_report+0xdc/0x128 [ 17.070085] __asan_report_load1_noabort+0x20/0x30 [ 17.070263] kmalloc_uaf+0x300/0x338 [ 17.070496] kunit_try_run_case+0x170/0x3f0 [ 17.070770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.070826] kthread+0x328/0x630 [ 17.070868] ret_from_fork+0x10/0x20 [ 17.070927] [ 17.070945] Allocated by task 185: [ 17.070975] kasan_save_stack+0x3c/0x68 [ 17.071388] kasan_save_track+0x20/0x40 [ 17.071434] kasan_save_alloc_info+0x40/0x58 [ 17.071831] __kasan_kmalloc+0xd4/0xd8 [ 17.072004] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.072109] kmalloc_uaf+0xb8/0x338 [ 17.072483] kunit_try_run_case+0x170/0x3f0 [ 17.072666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.072850] kthread+0x328/0x630 [ 17.073175] ret_from_fork+0x10/0x20 [ 17.073215] [ 17.073801] Freed by task 185: [ 17.073849] kasan_save_stack+0x3c/0x68 [ 17.074555] kasan_save_track+0x20/0x40 [ 17.075009] kasan_save_free_info+0x4c/0x78 [ 17.075058] __kasan_slab_free+0x6c/0x98 [ 17.075492] kfree+0x214/0x3c8 [ 17.075740] kmalloc_uaf+0x11c/0x338 [ 17.075822] kunit_try_run_case+0x170/0x3f0 [ 17.076518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.076989] kthread+0x328/0x630 [ 17.077299] ret_from_fork+0x10/0x20 [ 17.077662] [ 17.078085] The buggy address belongs to the object at fff00000c56b6120 [ 17.078085] which belongs to the cache kmalloc-16 of size 16 [ 17.078680] The buggy address is located 8 bytes inside of [ 17.078680] freed 16-byte region [fff00000c56b6120, fff00000c56b6130) [ 17.078879] [ 17.078904] The buggy address belongs to the physical page: [ 17.079027] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 17.079092] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.079144] page_type: f5(slab) [ 17.079188] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.079240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.079282] page dumped because: kasan: bad access detected [ 17.079314] [ 17.079332] Memory state around the buggy address: [ 17.081355] fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 17.081412] fff00000c56b6080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.081458] >fff00000c56b6100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.081499] ^ [ 17.082604] fff00000c56b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.082899] fff00000c56b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.083356] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.054420] ================================================================== [ 17.054482] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.054535] Read of size 64 at addr fff00000c57c9b04 by task kunit_try_catch/183 [ 17.054599] [ 17.054631] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.054712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.054738] Hardware name: linux,dummy-virt (DT) [ 17.054769] Call trace: [ 17.054791] show_stack+0x20/0x38 (C) [ 17.054839] dump_stack_lvl+0x8c/0xd0 [ 17.054939] print_report+0x118/0x608 [ 17.054990] kasan_report+0xdc/0x128 [ 17.055035] kasan_check_range+0x100/0x1a8 [ 17.055084] __asan_memmove+0x3c/0x98 [ 17.055127] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 17.055177] kunit_try_run_case+0x170/0x3f0 [ 17.055224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.055275] kthread+0x328/0x630 [ 17.055316] ret_from_fork+0x10/0x20 [ 17.055363] [ 17.055381] Allocated by task 183: [ 17.055408] kasan_save_stack+0x3c/0x68 [ 17.055448] kasan_save_track+0x20/0x40 [ 17.055484] kasan_save_alloc_info+0x40/0x58 [ 17.055523] __kasan_kmalloc+0xd4/0xd8 [ 17.055559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.055608] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 17.055647] kunit_try_run_case+0x170/0x3f0 [ 17.055683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.055726] kthread+0x328/0x630 [ 17.055757] ret_from_fork+0x10/0x20 [ 17.055792] [ 17.055810] The buggy address belongs to the object at fff00000c57c9b00 [ 17.055810] which belongs to the cache kmalloc-64 of size 64 [ 17.055925] The buggy address is located 4 bytes inside of [ 17.055925] allocated 64-byte region [fff00000c57c9b00, fff00000c57c9b40) [ 17.055994] [ 17.056086] The buggy address belongs to the physical page: [ 17.056117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c9 [ 17.056171] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.056219] page_type: f5(slab) [ 17.056257] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.056500] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.056541] page dumped because: kasan: bad access detected [ 17.056584] [ 17.056604] Memory state around the buggy address: [ 17.056638] fff00000c57c9a00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.056683] fff00000c57c9a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.056727] >fff00000c57c9b00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.056767] ^ [ 17.056820] fff00000c57c9b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.056864] fff00000c57c9c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.057082] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.044745] ================================================================== [ 17.044813] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.044870] Read of size 18446744073709551614 at addr fff00000c57c9904 by task kunit_try_catch/181 [ 17.044950] [ 17.044986] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.045069] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.045095] Hardware name: linux,dummy-virt (DT) [ 17.045125] Call trace: [ 17.045148] show_stack+0x20/0x38 (C) [ 17.045197] dump_stack_lvl+0x8c/0xd0 [ 17.045245] print_report+0x118/0x608 [ 17.045298] kasan_report+0xdc/0x128 [ 17.045503] kasan_check_range+0x100/0x1a8 [ 17.045617] __asan_memmove+0x3c/0x98 [ 17.045677] kmalloc_memmove_negative_size+0x154/0x2e0 [ 17.045727] kunit_try_run_case+0x170/0x3f0 [ 17.045796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.045847] kthread+0x328/0x630 [ 17.045888] ret_from_fork+0x10/0x20 [ 17.045935] [ 17.045954] Allocated by task 181: [ 17.045981] kasan_save_stack+0x3c/0x68 [ 17.046021] kasan_save_track+0x20/0x40 [ 17.046058] kasan_save_alloc_info+0x40/0x58 [ 17.046097] __kasan_kmalloc+0xd4/0xd8 [ 17.046133] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.046172] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 17.046212] kunit_try_run_case+0x170/0x3f0 [ 17.046248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.046291] kthread+0x328/0x630 [ 17.046322] ret_from_fork+0x10/0x20 [ 17.046357] [ 17.046376] The buggy address belongs to the object at fff00000c57c9900 [ 17.046376] which belongs to the cache kmalloc-64 of size 64 [ 17.046434] The buggy address is located 4 bytes inside of [ 17.046434] 64-byte region [fff00000c57c9900, fff00000c57c9940) [ 17.046492] [ 17.046511] The buggy address belongs to the physical page: [ 17.046542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057c9 [ 17.046606] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.046653] page_type: f5(slab) [ 17.046692] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.046741] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.046780] page dumped because: kasan: bad access detected [ 17.046811] [ 17.046828] Memory state around the buggy address: [ 17.046860] fff00000c57c9800: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.046904] fff00000c57c9880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.046947] >fff00000c57c9900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.046985] ^ [ 17.047011] fff00000c57c9980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.047054] fff00000c57c9a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.047092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.033433] ================================================================== [ 17.033576] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 17.033684] Write of size 16 at addr fff00000c5733a69 by task kunit_try_catch/179 [ 17.033768] [ 17.033804] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.033932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.034009] Hardware name: linux,dummy-virt (DT) [ 17.034040] Call trace: [ 17.034062] show_stack+0x20/0x38 (C) [ 17.034111] dump_stack_lvl+0x8c/0xd0 [ 17.034161] print_report+0x118/0x608 [ 17.034208] kasan_report+0xdc/0x128 [ 17.034253] kasan_check_range+0x100/0x1a8 [ 17.034299] __asan_memset+0x34/0x78 [ 17.034341] kmalloc_oob_memset_16+0x150/0x2f8 [ 17.034387] kunit_try_run_case+0x170/0x3f0 [ 17.034436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.034487] kthread+0x328/0x630 [ 17.034527] ret_from_fork+0x10/0x20 [ 17.034609] [ 17.034683] Allocated by task 179: [ 17.034765] kasan_save_stack+0x3c/0x68 [ 17.034806] kasan_save_track+0x20/0x40 [ 17.034842] kasan_save_alloc_info+0x40/0x58 [ 17.034881] __kasan_kmalloc+0xd4/0xd8 [ 17.034917] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.034956] kmalloc_oob_memset_16+0xb0/0x2f8 [ 17.034993] kunit_try_run_case+0x170/0x3f0 [ 17.035030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.035073] kthread+0x328/0x630 [ 17.035176] ret_from_fork+0x10/0x20 [ 17.035257] [ 17.035319] The buggy address belongs to the object at fff00000c5733a00 [ 17.035319] which belongs to the cache kmalloc-128 of size 128 [ 17.035377] The buggy address is located 105 bytes inside of [ 17.035377] allocated 120-byte region [fff00000c5733a00, fff00000c5733a78) [ 17.035439] [ 17.035465] The buggy address belongs to the physical page: [ 17.035514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.035662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.035810] page_type: f5(slab) [ 17.035934] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.036061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.036100] page dumped because: kasan: bad access detected [ 17.036132] [ 17.036149] Memory state around the buggy address: [ 17.036181] fff00000c5733900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.036225] fff00000c5733980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.036309] >fff00000c5733a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.036500] ^ [ 17.037061] fff00000c5733a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.037159] fff00000c5733b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.037204] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.024111] ================================================================== [ 17.024176] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 17.024354] Write of size 8 at addr fff00000c5733971 by task kunit_try_catch/177 [ 17.024543] [ 17.024590] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.024674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.024700] Hardware name: linux,dummy-virt (DT) [ 17.024731] Call trace: [ 17.024753] show_stack+0x20/0x38 (C) [ 17.024804] dump_stack_lvl+0x8c/0xd0 [ 17.024854] print_report+0x118/0x608 [ 17.024933] kasan_report+0xdc/0x128 [ 17.024978] kasan_check_range+0x100/0x1a8 [ 17.025026] __asan_memset+0x34/0x78 [ 17.025067] kmalloc_oob_memset_8+0x150/0x2f8 [ 17.025112] kunit_try_run_case+0x170/0x3f0 [ 17.025160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.025211] kthread+0x328/0x630 [ 17.025251] ret_from_fork+0x10/0x20 [ 17.025553] [ 17.025621] Allocated by task 177: [ 17.025650] kasan_save_stack+0x3c/0x68 [ 17.025732] kasan_save_track+0x20/0x40 [ 17.025829] kasan_save_alloc_info+0x40/0x58 [ 17.025869] __kasan_kmalloc+0xd4/0xd8 [ 17.025905] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.025944] kmalloc_oob_memset_8+0xb0/0x2f8 [ 17.025980] kunit_try_run_case+0x170/0x3f0 [ 17.026056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.026099] kthread+0x328/0x630 [ 17.026131] ret_from_fork+0x10/0x20 [ 17.026165] [ 17.026184] The buggy address belongs to the object at fff00000c5733900 [ 17.026184] which belongs to the cache kmalloc-128 of size 128 [ 17.026244] The buggy address is located 113 bytes inside of [ 17.026244] allocated 120-byte region [fff00000c5733900, fff00000c5733978) [ 17.026316] [ 17.026418] The buggy address belongs to the physical page: [ 17.026451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.026508] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.026625] page_type: f5(slab) [ 17.026683] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.026732] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.026772] page dumped because: kasan: bad access detected [ 17.026802] [ 17.026820] Memory state around the buggy address: [ 17.026854] fff00000c5733800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.026897] fff00000c5733880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.026940] >fff00000c5733900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.027009] ^ [ 17.027050] fff00000c5733980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.027092] fff00000c5733a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.027131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.012359] ================================================================== [ 17.012430] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 17.012482] Write of size 4 at addr fff00000c5733875 by task kunit_try_catch/175 [ 17.012530] [ 17.012574] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.012656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.012682] Hardware name: linux,dummy-virt (DT) [ 17.012783] Call trace: [ 17.012805] show_stack+0x20/0x38 (C) [ 17.012885] dump_stack_lvl+0x8c/0xd0 [ 17.012970] print_report+0x118/0x608 [ 17.013015] kasan_report+0xdc/0x128 [ 17.013060] kasan_check_range+0x100/0x1a8 [ 17.013106] __asan_memset+0x34/0x78 [ 17.013147] kmalloc_oob_memset_4+0x150/0x300 [ 17.013191] kunit_try_run_case+0x170/0x3f0 [ 17.013238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.013404] kthread+0x328/0x630 [ 17.013457] ret_from_fork+0x10/0x20 [ 17.013622] [ 17.013641] Allocated by task 175: [ 17.013668] kasan_save_stack+0x3c/0x68 [ 17.013709] kasan_save_track+0x20/0x40 [ 17.013765] kasan_save_alloc_info+0x40/0x58 [ 17.013960] __kasan_kmalloc+0xd4/0xd8 [ 17.013997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.014036] kmalloc_oob_memset_4+0xb0/0x300 [ 17.014073] kunit_try_run_case+0x170/0x3f0 [ 17.014110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.014172] kthread+0x328/0x630 [ 17.014203] ret_from_fork+0x10/0x20 [ 17.014357] [ 17.014455] The buggy address belongs to the object at fff00000c5733800 [ 17.014455] which belongs to the cache kmalloc-128 of size 128 [ 17.014620] The buggy address is located 117 bytes inside of [ 17.014620] allocated 120-byte region [fff00000c5733800, fff00000c5733878) [ 17.014820] [ 17.014840] The buggy address belongs to the physical page: [ 17.014870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.014923] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.014969] page_type: f5(slab) [ 17.015013] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.015219] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.015286] page dumped because: kasan: bad access detected [ 17.015446] [ 17.015465] Memory state around the buggy address: [ 17.016231] fff00000c5733700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.016278] fff00000c5733780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016331] >fff00000c5733800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.016417] ^ [ 17.016459] fff00000c5733880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016501] fff00000c5733900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.016548] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.001953] ================================================================== [ 17.002014] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 17.002069] Write of size 2 at addr fff00000c5733777 by task kunit_try_catch/173 [ 17.002117] [ 17.002151] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.002232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.002288] Hardware name: linux,dummy-virt (DT) [ 17.002323] Call trace: [ 17.002345] show_stack+0x20/0x38 (C) [ 17.002394] dump_stack_lvl+0x8c/0xd0 [ 17.002441] print_report+0x118/0x608 [ 17.002487] kasan_report+0xdc/0x128 [ 17.002639] kasan_check_range+0x100/0x1a8 [ 17.002699] __asan_memset+0x34/0x78 [ 17.002781] kmalloc_oob_memset_2+0x150/0x2f8 [ 17.002827] kunit_try_run_case+0x170/0x3f0 [ 17.002873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.002925] kthread+0x328/0x630 [ 17.002965] ret_from_fork+0x10/0x20 [ 17.003029] [ 17.003047] Allocated by task 173: [ 17.003074] kasan_save_stack+0x3c/0x68 [ 17.003114] kasan_save_track+0x20/0x40 [ 17.003175] kasan_save_alloc_info+0x40/0x58 [ 17.003215] __kasan_kmalloc+0xd4/0xd8 [ 17.003251] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.003289] kmalloc_oob_memset_2+0xb0/0x2f8 [ 17.003325] kunit_try_run_case+0x170/0x3f0 [ 17.003465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.003660] kthread+0x328/0x630 [ 17.003693] ret_from_fork+0x10/0x20 [ 17.003773] [ 17.003842] The buggy address belongs to the object at fff00000c5733700 [ 17.003842] which belongs to the cache kmalloc-128 of size 128 [ 17.003933] The buggy address is located 119 bytes inside of [ 17.003933] allocated 120-byte region [fff00000c5733700, fff00000c5733778) [ 17.003995] [ 17.004071] The buggy address belongs to the physical page: [ 17.004103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 17.004214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.004442] page_type: f5(slab) [ 17.004486] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.004547] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.004733] page dumped because: kasan: bad access detected [ 17.004764] [ 17.004818] Memory state around the buggy address: [ 17.004851] fff00000c5733600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.004956] fff00000c5733680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.005041] >fff00000c5733700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.005237] ^ [ 17.005281] fff00000c5733780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.005364] fff00000c5733800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.005402] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.994246] ================================================================== [ 16.994312] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.994371] Write of size 128 at addr fff00000c5733600 by task kunit_try_catch/171 [ 16.994421] [ 16.994456] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.994557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.994678] Hardware name: linux,dummy-virt (DT) [ 16.994761] Call trace: [ 16.994784] show_stack+0x20/0x38 (C) [ 16.994834] dump_stack_lvl+0x8c/0xd0 [ 16.994882] print_report+0x118/0x608 [ 16.994927] kasan_report+0xdc/0x128 [ 16.994971] kasan_check_range+0x100/0x1a8 [ 16.995017] __asan_memset+0x34/0x78 [ 16.995058] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.995103] kunit_try_run_case+0x170/0x3f0 [ 16.995149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.995210] kthread+0x328/0x630 [ 16.995252] ret_from_fork+0x10/0x20 [ 16.995299] [ 16.995317] Allocated by task 171: [ 16.995344] kasan_save_stack+0x3c/0x68 [ 16.995384] kasan_save_track+0x20/0x40 [ 16.995420] kasan_save_alloc_info+0x40/0x58 [ 16.995459] __kasan_kmalloc+0xd4/0xd8 [ 16.995495] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.995533] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.995579] kunit_try_run_case+0x170/0x3f0 [ 16.995638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.995781] kthread+0x328/0x630 [ 16.995841] ret_from_fork+0x10/0x20 [ 16.995942] [ 16.995960] The buggy address belongs to the object at fff00000c5733600 [ 16.995960] which belongs to the cache kmalloc-128 of size 128 [ 16.996018] The buggy address is located 0 bytes inside of [ 16.996018] allocated 120-byte region [fff00000c5733600, fff00000c5733678) [ 16.996080] [ 16.996100] The buggy address belongs to the physical page: [ 16.996132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.996186] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.996236] page_type: f5(slab) [ 16.996337] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.996392] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.996438] page dumped because: kasan: bad access detected [ 16.996495] [ 16.996524] Memory state around the buggy address: [ 16.996701] fff00000c5733500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.996769] fff00000c5733580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996812] >fff00000c5733600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.996850] ^ [ 16.996898] fff00000c5733680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996993] fff00000c5733700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997031] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.979276] ================================================================== [ 16.979355] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.979418] Read of size 16 at addr fff00000c56b6100 by task kunit_try_catch/169 [ 16.979470] [ 16.979508] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.979608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.979635] Hardware name: linux,dummy-virt (DT) [ 16.979668] Call trace: [ 16.979690] show_stack+0x20/0x38 (C) [ 16.979741] dump_stack_lvl+0x8c/0xd0 [ 16.980005] print_report+0x118/0x608 [ 16.980208] kasan_report+0xdc/0x128 [ 16.980321] __asan_report_load16_noabort+0x20/0x30 [ 16.980369] kmalloc_uaf_16+0x3bc/0x438 [ 16.980412] kunit_try_run_case+0x170/0x3f0 [ 16.980873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.981049] kthread+0x328/0x630 [ 16.981110] ret_from_fork+0x10/0x20 [ 16.981232] [ 16.981251] Allocated by task 169: [ 16.981284] kasan_save_stack+0x3c/0x68 [ 16.981376] kasan_save_track+0x20/0x40 [ 16.981414] kasan_save_alloc_info+0x40/0x58 [ 16.981644] __kasan_kmalloc+0xd4/0xd8 [ 16.981736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.981807] kmalloc_uaf_16+0x140/0x438 [ 16.981863] kunit_try_run_case+0x170/0x3f0 [ 16.981901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.981943] kthread+0x328/0x630 [ 16.981977] ret_from_fork+0x10/0x20 [ 16.982013] [ 16.982031] Freed by task 169: [ 16.982058] kasan_save_stack+0x3c/0x68 [ 16.982121] kasan_save_track+0x20/0x40 [ 16.982157] kasan_save_free_info+0x4c/0x78 [ 16.982221] __kasan_slab_free+0x6c/0x98 [ 16.982257] kfree+0x214/0x3c8 [ 16.982451] kmalloc_uaf_16+0x190/0x438 [ 16.982493] kunit_try_run_case+0x170/0x3f0 [ 16.982549] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.982614] kthread+0x328/0x630 [ 16.982733] ret_from_fork+0x10/0x20 [ 16.982795] [ 16.982814] The buggy address belongs to the object at fff00000c56b6100 [ 16.982814] which belongs to the cache kmalloc-16 of size 16 [ 16.983039] The buggy address is located 0 bytes inside of [ 16.983039] freed 16-byte region [fff00000c56b6100, fff00000c56b6110) [ 16.983163] [ 16.983185] The buggy address belongs to the physical page: [ 16.983218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 16.983275] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.983327] page_type: f5(slab) [ 16.983370] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.983421] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.983462] page dumped because: kasan: bad access detected [ 16.983492] [ 16.983509] Memory state around the buggy address: [ 16.983543] fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.983982] fff00000c56b6080: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 16.984164] >fff00000c56b6100: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.984203] ^ [ 16.984231] fff00000c56b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.984273] fff00000c56b6200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.984459] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.964580] ================================================================== [ 16.964662] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.965051] Write of size 16 at addr fff00000c56b60a0 by task kunit_try_catch/167 [ 16.965111] [ 16.965523] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.965674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.965706] Hardware name: linux,dummy-virt (DT) [ 16.965739] Call trace: [ 16.965787] show_stack+0x20/0x38 (C) [ 16.965954] dump_stack_lvl+0x8c/0xd0 [ 16.966004] print_report+0x118/0x608 [ 16.966051] kasan_report+0xdc/0x128 [ 16.966096] __asan_report_store16_noabort+0x20/0x30 [ 16.966143] kmalloc_oob_16+0x3a0/0x3f8 [ 16.966187] kunit_try_run_case+0x170/0x3f0 [ 16.966235] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.966290] kthread+0x328/0x630 [ 16.966651] ret_from_fork+0x10/0x20 [ 16.966791] [ 16.966827] Allocated by task 167: [ 16.966855] kasan_save_stack+0x3c/0x68 [ 16.966899] kasan_save_track+0x20/0x40 [ 16.966935] kasan_save_alloc_info+0x40/0x58 [ 16.966974] __kasan_kmalloc+0xd4/0xd8 [ 16.967019] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.967058] kmalloc_oob_16+0xb4/0x3f8 [ 16.967092] kunit_try_run_case+0x170/0x3f0 [ 16.967422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.967510] kthread+0x328/0x630 [ 16.967695] ret_from_fork+0x10/0x20 [ 16.967731] [ 16.967756] The buggy address belongs to the object at fff00000c56b60a0 [ 16.967756] which belongs to the cache kmalloc-16 of size 16 [ 16.967892] The buggy address is located 0 bytes inside of [ 16.967892] allocated 13-byte region [fff00000c56b60a0, fff00000c56b60ad) [ 16.968040] [ 16.968098] The buggy address belongs to the physical page: [ 16.968171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 16.968260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.968431] page_type: f5(slab) [ 16.968476] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.968526] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.968577] page dumped because: kasan: bad access detected [ 16.968607] [ 16.968625] Memory state around the buggy address: [ 16.968658] fff00000c56b5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.969037] fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.969188] >fff00000c56b6080: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 16.969390] ^ [ 16.969461] fff00000c56b6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.969513] fff00000c56b6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.969551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.919255] ================================================================== [ 16.919448] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.919499] Write of size 1 at addr fff00000c69320eb by task kunit_try_catch/163 [ 16.919656] [ 16.919685] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.919763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.919790] Hardware name: linux,dummy-virt (DT) [ 16.919819] Call trace: [ 16.919839] show_stack+0x20/0x38 (C) [ 16.919894] dump_stack_lvl+0x8c/0xd0 [ 16.919940] print_report+0x118/0x608 [ 16.920207] kasan_report+0xdc/0x128 [ 16.920530] __asan_report_store1_noabort+0x20/0x30 [ 16.920590] krealloc_less_oob_helper+0xa58/0xc50 [ 16.920638] krealloc_large_less_oob+0x20/0x38 [ 16.920684] kunit_try_run_case+0x170/0x3f0 [ 16.920730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.920782] kthread+0x328/0x630 [ 16.920822] ret_from_fork+0x10/0x20 [ 16.920868] [ 16.920888] The buggy address belongs to the physical page: [ 16.920928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.920980] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.921372] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.921486] page_type: f8(unknown) [ 16.921523] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.921597] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.921740] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.921953] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.922166] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.922298] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.922390] page dumped because: kasan: bad access detected [ 16.922509] [ 16.922527] Memory state around the buggy address: [ 16.922557] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.922670] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.922855] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.922909] ^ [ 16.922947] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.923023] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.923187] ================================================================== [ 16.831983] ================================================================== [ 16.832053] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.832334] Write of size 1 at addr fff00000c0b9bec9 by task kunit_try_catch/159 [ 16.832448] [ 16.832558] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.832650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.832676] Hardware name: linux,dummy-virt (DT) [ 16.833080] Call trace: [ 16.833127] show_stack+0x20/0x38 (C) [ 16.833178] dump_stack_lvl+0x8c/0xd0 [ 16.833227] print_report+0x118/0x608 [ 16.833278] kasan_report+0xdc/0x128 [ 16.833925] __asan_report_store1_noabort+0x20/0x30 [ 16.834012] krealloc_less_oob_helper+0xa48/0xc50 [ 16.834449] krealloc_less_oob+0x20/0x38 [ 16.834637] kunit_try_run_case+0x170/0x3f0 [ 16.834713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.834781] kthread+0x328/0x630 [ 16.834929] ret_from_fork+0x10/0x20 [ 16.835036] [ 16.835056] Allocated by task 159: [ 16.835084] kasan_save_stack+0x3c/0x68 [ 16.835125] kasan_save_track+0x20/0x40 [ 16.835161] kasan_save_alloc_info+0x40/0x58 [ 16.835199] __kasan_krealloc+0x118/0x178 [ 16.835241] krealloc_noprof+0x128/0x360 [ 16.835368] krealloc_less_oob_helper+0x168/0xc50 [ 16.835428] krealloc_less_oob+0x20/0x38 [ 16.835900] kunit_try_run_case+0x170/0x3f0 [ 16.835950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.835993] kthread+0x328/0x630 [ 16.836023] ret_from_fork+0x10/0x20 [ 16.836057] [ 16.836549] The buggy address belongs to the object at fff00000c0b9be00 [ 16.836549] which belongs to the cache kmalloc-256 of size 256 [ 16.836623] The buggy address is located 0 bytes to the right of [ 16.836623] allocated 201-byte region [fff00000c0b9be00, fff00000c0b9bec9) [ 16.836687] [ 16.836717] The buggy address belongs to the physical page: [ 16.836749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.837126] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.837270] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.837349] page_type: f5(slab) [ 16.837655] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.837762] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.837817] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.837866] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.837918] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.838078] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.838122] page dumped because: kasan: bad access detected [ 16.838307] [ 16.838360] Memory state around the buggy address: [ 16.838406] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838457] fff00000c0b9be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.838521] >fff00000c0b9be80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.838559] ^ [ 16.838815] fff00000c0b9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838883] fff00000c0b9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838922] ================================================================== [ 16.909941] ================================================================== [ 16.909990] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.910063] Write of size 1 at addr fff00000c69320da by task kunit_try_catch/163 [ 16.910112] [ 16.910339] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.910434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.910500] Hardware name: linux,dummy-virt (DT) [ 16.910547] Call trace: [ 16.910579] show_stack+0x20/0x38 (C) [ 16.910629] dump_stack_lvl+0x8c/0xd0 [ 16.910676] print_report+0x118/0x608 [ 16.910721] kasan_report+0xdc/0x128 [ 16.911097] __asan_report_store1_noabort+0x20/0x30 [ 16.911146] krealloc_less_oob_helper+0xa80/0xc50 [ 16.911194] krealloc_large_less_oob+0x20/0x38 [ 16.911240] kunit_try_run_case+0x170/0x3f0 [ 16.911286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.911344] kthread+0x328/0x630 [ 16.911403] ret_from_fork+0x10/0x20 [ 16.911648] [ 16.911674] The buggy address belongs to the physical page: [ 16.911705] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.911759] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.911805] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.911856] page_type: f8(unknown) [ 16.911893] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.911948] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.912030] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.912077] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.912126] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.912174] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.912214] page dumped because: kasan: bad access detected [ 16.912245] [ 16.912269] Memory state around the buggy address: [ 16.912407] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.912481] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.912910] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.913211] ^ [ 16.913643] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.913738] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.913776] ================================================================== [ 16.863006] ================================================================== [ 16.863057] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.863106] Write of size 1 at addr fff00000c0b9beeb by task kunit_try_catch/159 [ 16.863155] [ 16.863195] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.863593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.863620] Hardware name: linux,dummy-virt (DT) [ 16.863650] Call trace: [ 16.863670] show_stack+0x20/0x38 (C) [ 16.863723] dump_stack_lvl+0x8c/0xd0 [ 16.863929] print_report+0x118/0x608 [ 16.864096] kasan_report+0xdc/0x128 [ 16.864162] __asan_report_store1_noabort+0x20/0x30 [ 16.864262] krealloc_less_oob_helper+0xa58/0xc50 [ 16.864347] krealloc_less_oob+0x20/0x38 [ 16.864391] kunit_try_run_case+0x170/0x3f0 [ 16.864437] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.864489] kthread+0x328/0x630 [ 16.864529] ret_from_fork+0x10/0x20 [ 16.864586] [ 16.864604] Allocated by task 159: [ 16.864630] kasan_save_stack+0x3c/0x68 [ 16.864670] kasan_save_track+0x20/0x40 [ 16.864749] kasan_save_alloc_info+0x40/0x58 [ 16.864994] __kasan_krealloc+0x118/0x178 [ 16.865077] krealloc_noprof+0x128/0x360 [ 16.865240] krealloc_less_oob_helper+0x168/0xc50 [ 16.865433] krealloc_less_oob+0x20/0x38 [ 16.865469] kunit_try_run_case+0x170/0x3f0 [ 16.865505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.865547] kthread+0x328/0x630 [ 16.865587] ret_from_fork+0x10/0x20 [ 16.865621] [ 16.865639] The buggy address belongs to the object at fff00000c0b9be00 [ 16.865639] which belongs to the cache kmalloc-256 of size 256 [ 16.865698] The buggy address is located 34 bytes to the right of [ 16.865698] allocated 201-byte region [fff00000c0b9be00, fff00000c0b9bec9) [ 16.866309] [ 16.866328] The buggy address belongs to the physical page: [ 16.866359] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.866636] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.866686] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.866736] page_type: f5(slab) [ 16.866875] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.867034] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.867084] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.867133] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.867183] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.867240] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.867279] page dumped because: kasan: bad access detected [ 16.867586] [ 16.867607] Memory state around the buggy address: [ 16.867878] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868090] fff00000c0b9be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.868145] >fff00000c0b9be80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.868316] ^ [ 16.868356] fff00000c0b9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868647] fff00000c0b9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.868736] ================================================================== [ 16.856764] ================================================================== [ 16.856865] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.856914] Write of size 1 at addr fff00000c0b9beea by task kunit_try_catch/159 [ 16.856963] [ 16.856995] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.857073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.857105] Hardware name: linux,dummy-virt (DT) [ 16.857239] Call trace: [ 16.857359] show_stack+0x20/0x38 (C) [ 16.857406] dump_stack_lvl+0x8c/0xd0 [ 16.857731] print_report+0x118/0x608 [ 16.857784] kasan_report+0xdc/0x128 [ 16.857829] __asan_report_store1_noabort+0x20/0x30 [ 16.857948] krealloc_less_oob_helper+0xae4/0xc50 [ 16.858128] krealloc_less_oob+0x20/0x38 [ 16.858308] kunit_try_run_case+0x170/0x3f0 [ 16.858355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.858406] kthread+0x328/0x630 [ 16.858447] ret_from_fork+0x10/0x20 [ 16.858495] [ 16.858523] Allocated by task 159: [ 16.858551] kasan_save_stack+0x3c/0x68 [ 16.858711] kasan_save_track+0x20/0x40 [ 16.858865] kasan_save_alloc_info+0x40/0x58 [ 16.858905] __kasan_krealloc+0x118/0x178 [ 16.858941] krealloc_noprof+0x128/0x360 [ 16.859096] krealloc_less_oob_helper+0x168/0xc50 [ 16.859378] krealloc_less_oob+0x20/0x38 [ 16.859459] kunit_try_run_case+0x170/0x3f0 [ 16.859495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.859580] kthread+0x328/0x630 [ 16.859611] ret_from_fork+0x10/0x20 [ 16.859645] [ 16.859669] The buggy address belongs to the object at fff00000c0b9be00 [ 16.859669] which belongs to the cache kmalloc-256 of size 256 [ 16.859962] The buggy address is located 33 bytes to the right of [ 16.859962] allocated 201-byte region [fff00000c0b9be00, fff00000c0b9bec9) [ 16.860099] [ 16.860170] The buggy address belongs to the physical page: [ 16.860261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.860332] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.860379] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.860592] page_type: f5(slab) [ 16.860670] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.860853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.860982] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.861117] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.861166] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.861214] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.861254] page dumped because: kasan: bad access detected [ 16.861289] [ 16.861338] Memory state around the buggy address: [ 16.861370] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861573] fff00000c0b9be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.861859] >fff00000c0b9be80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.862045] ^ [ 16.862198] fff00000c0b9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.862241] fff00000c0b9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.862303] ================================================================== [ 16.903196] ================================================================== [ 16.903243] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.903543] Write of size 1 at addr fff00000c69320d0 by task kunit_try_catch/163 [ 16.903603] [ 16.903640] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.903972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.903997] Hardware name: linux,dummy-virt (DT) [ 16.904027] Call trace: [ 16.904047] show_stack+0x20/0x38 (C) [ 16.904094] dump_stack_lvl+0x8c/0xd0 [ 16.904141] print_report+0x118/0x608 [ 16.904192] kasan_report+0xdc/0x128 [ 16.904413] __asan_report_store1_noabort+0x20/0x30 [ 16.904586] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.904634] krealloc_large_less_oob+0x20/0x38 [ 16.904679] kunit_try_run_case+0x170/0x3f0 [ 16.904725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.904777] kthread+0x328/0x630 [ 16.904818] ret_from_fork+0x10/0x20 [ 16.905702] [ 16.905786] The buggy address belongs to the physical page: [ 16.905820] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.905876] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.905922] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.906072] page_type: f8(unknown) [ 16.906223] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.906371] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.906457] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.906625] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.906732] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.907066] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.907196] page dumped because: kasan: bad access detected [ 16.907309] [ 16.907364] Memory state around the buggy address: [ 16.907407] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.907508] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.907557] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.907606] ^ [ 16.907644] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.907686] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.907973] ================================================================== [ 16.849994] ================================================================== [ 16.850043] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.850091] Write of size 1 at addr fff00000c0b9beda by task kunit_try_catch/159 [ 16.850141] [ 16.850169] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.850249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850275] Hardware name: linux,dummy-virt (DT) [ 16.850305] Call trace: [ 16.850325] show_stack+0x20/0x38 (C) [ 16.850372] dump_stack_lvl+0x8c/0xd0 [ 16.850420] print_report+0x118/0x608 [ 16.850464] kasan_report+0xdc/0x128 [ 16.850508] __asan_report_store1_noabort+0x20/0x30 [ 16.850554] krealloc_less_oob_helper+0xa80/0xc50 [ 16.850614] krealloc_less_oob+0x20/0x38 [ 16.850670] kunit_try_run_case+0x170/0x3f0 [ 16.850716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.851034] kthread+0x328/0x630 [ 16.851580] ret_from_fork+0x10/0x20 [ 16.851630] [ 16.851648] Allocated by task 159: [ 16.851675] kasan_save_stack+0x3c/0x68 [ 16.852054] kasan_save_track+0x20/0x40 [ 16.852220] kasan_save_alloc_info+0x40/0x58 [ 16.852507] __kasan_krealloc+0x118/0x178 [ 16.852546] krealloc_noprof+0x128/0x360 [ 16.852593] krealloc_less_oob_helper+0x168/0xc50 [ 16.852631] krealloc_less_oob+0x20/0x38 [ 16.852681] kunit_try_run_case+0x170/0x3f0 [ 16.852717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.853009] kthread+0x328/0x630 [ 16.853120] ret_from_fork+0x10/0x20 [ 16.853171] [ 16.853190] The buggy address belongs to the object at fff00000c0b9be00 [ 16.853190] which belongs to the cache kmalloc-256 of size 256 [ 16.853248] The buggy address is located 17 bytes to the right of [ 16.853248] allocated 201-byte region [fff00000c0b9be00, fff00000c0b9bec9) [ 16.853350] [ 16.853369] The buggy address belongs to the physical page: [ 16.853539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.853686] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.853778] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.853974] page_type: f5(slab) [ 16.854151] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.854202] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854252] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.854352] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854594] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.854644] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.854702] page dumped because: kasan: bad access detected [ 16.854811] [ 16.854828] Memory state around the buggy address: [ 16.854859] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.854902] fff00000c0b9be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.854998] >fff00000c0b9be80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.855191] ^ [ 16.855229] fff00000c0b9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855271] fff00000c0b9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.855308] ================================================================== [ 16.842952] ================================================================== [ 16.843006] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.843057] Write of size 1 at addr fff00000c0b9bed0 by task kunit_try_catch/159 [ 16.843268] [ 16.843452] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.843743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.843985] Hardware name: linux,dummy-virt (DT) [ 16.844020] Call trace: [ 16.844040] show_stack+0x20/0x38 (C) [ 16.844193] dump_stack_lvl+0x8c/0xd0 [ 16.844247] print_report+0x118/0x608 [ 16.844454] kasan_report+0xdc/0x128 [ 16.844525] __asan_report_store1_noabort+0x20/0x30 [ 16.844772] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.844873] krealloc_less_oob+0x20/0x38 [ 16.845120] kunit_try_run_case+0x170/0x3f0 [ 16.845213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.845610] kthread+0x328/0x630 [ 16.845706] ret_from_fork+0x10/0x20 [ 16.845753] [ 16.845771] Allocated by task 159: [ 16.845824] kasan_save_stack+0x3c/0x68 [ 16.845866] kasan_save_track+0x20/0x40 [ 16.845901] kasan_save_alloc_info+0x40/0x58 [ 16.845940] __kasan_krealloc+0x118/0x178 [ 16.845976] krealloc_noprof+0x128/0x360 [ 16.846206] krealloc_less_oob_helper+0x168/0xc50 [ 16.846248] krealloc_less_oob+0x20/0x38 [ 16.846283] kunit_try_run_case+0x170/0x3f0 [ 16.846319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.846424] kthread+0x328/0x630 [ 16.846530] ret_from_fork+0x10/0x20 [ 16.846574] [ 16.846593] The buggy address belongs to the object at fff00000c0b9be00 [ 16.846593] which belongs to the cache kmalloc-256 of size 256 [ 16.846937] The buggy address is located 7 bytes to the right of [ 16.846937] allocated 201-byte region [fff00000c0b9be00, fff00000c0b9bec9) [ 16.847144] [ 16.847221] The buggy address belongs to the physical page: [ 16.847254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.847316] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.847390] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.847443] page_type: f5(slab) [ 16.847481] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.847531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.847591] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.847639] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.847697] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.847745] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.847912] page dumped because: kasan: bad access detected [ 16.848086] [ 16.848105] Memory state around the buggy address: [ 16.848260] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848528] fff00000c0b9be00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.848752] >fff00000c0b9be80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.848808] ^ [ 16.848866] fff00000c0b9bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848908] fff00000c0b9bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.848948] ================================================================== [ 16.898622] ================================================================== [ 16.898693] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.898954] Write of size 1 at addr fff00000c69320c9 by task kunit_try_catch/163 [ 16.899031] [ 16.899157] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.899238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.899270] Hardware name: linux,dummy-virt (DT) [ 16.899429] Call trace: [ 16.899450] show_stack+0x20/0x38 (C) [ 16.899500] dump_stack_lvl+0x8c/0xd0 [ 16.899547] print_report+0x118/0x608 [ 16.899604] kasan_report+0xdc/0x128 [ 16.899648] __asan_report_store1_noabort+0x20/0x30 [ 16.900262] krealloc_less_oob_helper+0xa48/0xc50 [ 16.900411] krealloc_large_less_oob+0x20/0x38 [ 16.900461] kunit_try_run_case+0x170/0x3f0 [ 16.900509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.900561] kthread+0x328/0x630 [ 16.900615] ret_from_fork+0x10/0x20 [ 16.900662] [ 16.900692] The buggy address belongs to the physical page: [ 16.900726] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.901065] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.901122] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.901366] page_type: f8(unknown) [ 16.901417] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.901553] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.901611] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.901669] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.901716] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.901764] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.901936] page dumped because: kasan: bad access detected [ 16.901971] [ 16.901988] Memory state around the buggy address: [ 16.902022] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.902076] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.902118] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.902156] ^ [ 16.902192] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.902233] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.902271] ================================================================== [ 16.914390] ================================================================== [ 16.914438] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.914483] Write of size 1 at addr fff00000c69320ea by task kunit_try_catch/163 [ 16.914674] [ 16.914717] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.915160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.915376] Hardware name: linux,dummy-virt (DT) [ 16.915551] Call trace: [ 16.915583] show_stack+0x20/0x38 (C) [ 16.915633] dump_stack_lvl+0x8c/0xd0 [ 16.915679] print_report+0x118/0x608 [ 16.915723] kasan_report+0xdc/0x128 [ 16.915776] __asan_report_store1_noabort+0x20/0x30 [ 16.915823] krealloc_less_oob_helper+0xae4/0xc50 [ 16.916237] krealloc_large_less_oob+0x20/0x38 [ 16.916378] kunit_try_run_case+0x170/0x3f0 [ 16.916525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.916588] kthread+0x328/0x630 [ 16.916629] ret_from_fork+0x10/0x20 [ 16.916675] [ 16.916947] The buggy address belongs to the physical page: [ 16.917055] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.917110] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.917160] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.917231] page_type: f8(unknown) [ 16.917312] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.917601] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.917900] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.917951] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.917999] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.918047] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.918087] page dumped because: kasan: bad access detected [ 16.918355] [ 16.918435] Memory state around the buggy address: [ 16.918494] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.918537] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.918590] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.918637] ^ [ 16.918833] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.918877] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.918914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.807351] ================================================================== [ 16.807507] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.807925] Write of size 1 at addr fff00000c0b9bceb by task kunit_try_catch/157 [ 16.808254] [ 16.808607] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.808832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.808860] Hardware name: linux,dummy-virt (DT) [ 16.809224] Call trace: [ 16.809363] show_stack+0x20/0x38 (C) [ 16.809419] dump_stack_lvl+0x8c/0xd0 [ 16.809618] print_report+0x118/0x608 [ 16.809709] kasan_report+0xdc/0x128 [ 16.809754] __asan_report_store1_noabort+0x20/0x30 [ 16.809801] krealloc_more_oob_helper+0x60c/0x678 [ 16.810000] krealloc_more_oob+0x20/0x38 [ 16.810049] kunit_try_run_case+0x170/0x3f0 [ 16.810099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.810152] kthread+0x328/0x630 [ 16.810194] ret_from_fork+0x10/0x20 [ 16.810243] [ 16.810563] Allocated by task 157: [ 16.810695] kasan_save_stack+0x3c/0x68 [ 16.810789] kasan_save_track+0x20/0x40 [ 16.810826] kasan_save_alloc_info+0x40/0x58 [ 16.810886] __kasan_krealloc+0x118/0x178 [ 16.810922] krealloc_noprof+0x128/0x360 [ 16.811296] krealloc_more_oob_helper+0x168/0x678 [ 16.811341] krealloc_more_oob+0x20/0x38 [ 16.811376] kunit_try_run_case+0x170/0x3f0 [ 16.811423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.811476] kthread+0x328/0x630 [ 16.811507] ret_from_fork+0x10/0x20 [ 16.811928] [ 16.811953] The buggy address belongs to the object at fff00000c0b9bc00 [ 16.811953] which belongs to the cache kmalloc-256 of size 256 [ 16.812175] The buggy address is located 0 bytes to the right of [ 16.812175] allocated 235-byte region [fff00000c0b9bc00, fff00000c0b9bceb) [ 16.812249] [ 16.812269] The buggy address belongs to the physical page: [ 16.812306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.812825] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.813063] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.813177] page_type: f5(slab) [ 16.813219] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.813274] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.813352] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.813401] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.813692] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.813834] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.813877] page dumped because: kasan: bad access detected [ 16.813908] [ 16.814063] Memory state around the buggy address: [ 16.814099] fff00000c0b9bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.814183] fff00000c0b9bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.814327] >fff00000c0b9bc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.814365] ^ [ 16.814466] fff00000c0b9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.814514] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.814626] ================================================================== [ 16.886885] ================================================================== [ 16.886972] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.887187] Write of size 1 at addr fff00000c69320f0 by task kunit_try_catch/161 [ 16.887419] [ 16.887451] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.887532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.887560] Hardware name: linux,dummy-virt (DT) [ 16.887602] Call trace: [ 16.887622] show_stack+0x20/0x38 (C) [ 16.887668] dump_stack_lvl+0x8c/0xd0 [ 16.887981] print_report+0x118/0x608 [ 16.888303] kasan_report+0xdc/0x128 [ 16.888641] __asan_report_store1_noabort+0x20/0x30 [ 16.888794] krealloc_more_oob_helper+0x5c0/0x678 [ 16.888916] krealloc_large_more_oob+0x20/0x38 [ 16.888983] kunit_try_run_case+0x170/0x3f0 [ 16.889029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.889340] kthread+0x328/0x630 [ 16.889424] ret_from_fork+0x10/0x20 [ 16.889472] [ 16.889492] The buggy address belongs to the physical page: [ 16.889523] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.889614] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.889868] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.889929] page_type: f8(unknown) [ 16.890000] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.890149] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.890243] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.890292] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.890628] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.890698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.890787] page dumped because: kasan: bad access detected [ 16.890894] [ 16.890912] Memory state around the buggy address: [ 16.890944] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.890987] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.891029] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.891269] ^ [ 16.891361] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.891447] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.891485] ================================================================== [ 16.879884] ================================================================== [ 16.879957] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.880020] Write of size 1 at addr fff00000c69320eb by task kunit_try_catch/161 [ 16.880518] [ 16.880620] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.880933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.880970] Hardware name: linux,dummy-virt (DT) [ 16.881070] Call trace: [ 16.881094] show_stack+0x20/0x38 (C) [ 16.881148] dump_stack_lvl+0x8c/0xd0 [ 16.881638] print_report+0x118/0x608 [ 16.881741] kasan_report+0xdc/0x128 [ 16.881792] __asan_report_store1_noabort+0x20/0x30 [ 16.881839] krealloc_more_oob_helper+0x60c/0x678 [ 16.881887] krealloc_large_more_oob+0x20/0x38 [ 16.881933] kunit_try_run_case+0x170/0x3f0 [ 16.882038] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.882092] kthread+0x328/0x630 [ 16.882133] ret_from_fork+0x10/0x20 [ 16.882397] [ 16.882480] The buggy address belongs to the physical page: [ 16.882514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106930 [ 16.882613] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.882662] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.882717] page_type: f8(unknown) [ 16.882760] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.882810] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.882869] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.882917] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.883159] head: 0bfffe0000000002 ffffc1ffc31a4c01 00000000ffffffff 00000000ffffffff [ 16.883289] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.883452] page dumped because: kasan: bad access detected [ 16.883488] [ 16.883757] Memory state around the buggy address: [ 16.883904] fff00000c6931f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.884020] fff00000c6932000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.884273] >fff00000c6932080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.884505] ^ [ 16.884575] fff00000c6932100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.884619] fff00000c6932180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.884658] ================================================================== [ 16.815917] ================================================================== [ 16.816347] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.816451] Write of size 1 at addr fff00000c0b9bcf0 by task kunit_try_catch/157 [ 16.816507] [ 16.816540] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.816839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.816870] Hardware name: linux,dummy-virt (DT) [ 16.816900] Call trace: [ 16.816920] show_stack+0x20/0x38 (C) [ 16.816968] dump_stack_lvl+0x8c/0xd0 [ 16.817015] print_report+0x118/0x608 [ 16.817060] kasan_report+0xdc/0x128 [ 16.817130] __asan_report_store1_noabort+0x20/0x30 [ 16.817435] krealloc_more_oob_helper+0x5c0/0x678 [ 16.817746] krealloc_more_oob+0x20/0x38 [ 16.817912] kunit_try_run_case+0x170/0x3f0 [ 16.818073] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.818225] kthread+0x328/0x630 [ 16.818266] ret_from_fork+0x10/0x20 [ 16.818315] [ 16.818333] Allocated by task 157: [ 16.818466] kasan_save_stack+0x3c/0x68 [ 16.818512] kasan_save_track+0x20/0x40 [ 16.818549] kasan_save_alloc_info+0x40/0x58 [ 16.818598] __kasan_krealloc+0x118/0x178 [ 16.818911] krealloc_noprof+0x128/0x360 [ 16.819034] krealloc_more_oob_helper+0x168/0x678 [ 16.819175] krealloc_more_oob+0x20/0x38 [ 16.819214] kunit_try_run_case+0x170/0x3f0 [ 16.819252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.819605] kthread+0x328/0x630 [ 16.819665] ret_from_fork+0x10/0x20 [ 16.819798] [ 16.819817] The buggy address belongs to the object at fff00000c0b9bc00 [ 16.819817] which belongs to the cache kmalloc-256 of size 256 [ 16.819888] The buggy address is located 5 bytes to the right of [ 16.819888] allocated 235-byte region [fff00000c0b9bc00, fff00000c0b9bceb) [ 16.819973] [ 16.820057] The buggy address belongs to the physical page: [ 16.820118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100b9a [ 16.820265] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.820313] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.820409] page_type: f5(slab) [ 16.820771] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.821043] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.821272] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.821421] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.821471] head: 0bfffe0000000001 ffffc1ffc302e681 00000000ffffffff 00000000ffffffff [ 16.821557] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.821681] page dumped because: kasan: bad access detected [ 16.821723] [ 16.821745] Memory state around the buggy address: [ 16.821800] fff00000c0b9bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.821842] fff00000c0b9bc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.821883] >fff00000c0b9bc80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.821921] ^ [ 16.821993] fff00000c0b9bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.822145] fff00000c0b9bd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.822265] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.788413] ================================================================== [ 16.788477] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.788595] Read of size 1 at addr fff00000c7b10000 by task kunit_try_catch/155 [ 16.788646] [ 16.788681] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.788787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.788813] Hardware name: linux,dummy-virt (DT) [ 16.788863] Call trace: [ 16.788890] show_stack+0x20/0x38 (C) [ 16.788968] dump_stack_lvl+0x8c/0xd0 [ 16.789033] print_report+0x118/0x608 [ 16.789097] kasan_report+0xdc/0x128 [ 16.789161] __asan_report_load1_noabort+0x20/0x30 [ 16.789212] page_alloc_uaf+0x328/0x350 [ 16.789302] kunit_try_run_case+0x170/0x3f0 [ 16.789389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.789458] kthread+0x328/0x630 [ 16.789500] ret_from_fork+0x10/0x20 [ 16.789865] [ 16.789942] The buggy address belongs to the physical page: [ 16.790058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107b10 [ 16.790168] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.790250] page_type: f0(buddy) [ 16.790421] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 16.790604] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.790675] page dumped because: kasan: bad access detected [ 16.790791] [ 16.790809] Memory state around the buggy address: [ 16.790842] fff00000c7b0ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.790892] fff00000c7b0ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.791195] >fff00000c7b10000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.791307] ^ [ 16.791385] fff00000c7b10080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.791601] fff00000c7b10100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.791695] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.772678] ================================================================== [ 16.772772] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.772912] Free of addr fff00000c692c001 by task kunit_try_catch/151 [ 16.772965] [ 16.773000] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.773123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.773188] Hardware name: linux,dummy-virt (DT) [ 16.773220] Call trace: [ 16.773242] show_stack+0x20/0x38 (C) [ 16.773520] dump_stack_lvl+0x8c/0xd0 [ 16.773739] print_report+0x118/0x608 [ 16.773798] kasan_report_invalid_free+0xc0/0xe8 [ 16.773846] __kasan_kfree_large+0x5c/0xa8 [ 16.773893] free_large_kmalloc+0x64/0x190 [ 16.773947] kfree+0x270/0x3c8 [ 16.773988] kmalloc_large_invalid_free+0x108/0x270 [ 16.774044] kunit_try_run_case+0x170/0x3f0 [ 16.774090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.774404] kthread+0x328/0x630 [ 16.774444] ret_from_fork+0x10/0x20 [ 16.774490] [ 16.774510] The buggy address belongs to the physical page: [ 16.774543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10692c [ 16.774608] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.774711] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.774877] page_type: f8(unknown) [ 16.775012] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.775134] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.775209] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.775559] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.775738] head: 0bfffe0000000002 ffffc1ffc31a4b01 00000000ffffffff 00000000ffffffff [ 16.775828] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.775933] page dumped because: kasan: bad access detected [ 16.775964] [ 16.775983] Memory state around the buggy address: [ 16.776043] fff00000c692bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776263] fff00000c692bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.776610] >fff00000c692c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.776674] ^ [ 16.776744] fff00000c692c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.776820] fff00000c692c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.776911] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.764951] ================================================================== [ 16.765452] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.765643] Read of size 1 at addr fff00000c692c000 by task kunit_try_catch/149 [ 16.765712] [ 16.765755] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.765872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.765902] Hardware name: linux,dummy-virt (DT) [ 16.765934] Call trace: [ 16.765956] show_stack+0x20/0x38 (C) [ 16.766008] dump_stack_lvl+0x8c/0xd0 [ 16.766057] print_report+0x118/0x608 [ 16.766102] kasan_report+0xdc/0x128 [ 16.766145] __asan_report_load1_noabort+0x20/0x30 [ 16.766195] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.766240] kunit_try_run_case+0x170/0x3f0 [ 16.766288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.766340] kthread+0x328/0x630 [ 16.766382] ret_from_fork+0x10/0x20 [ 16.766429] [ 16.766450] The buggy address belongs to the physical page: [ 16.766482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10692c [ 16.766536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.766618] raw: 0bfffe0000000000 ffffc1ffc31a4c08 fff00000da478c40 0000000000000000 [ 16.766695] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.766736] page dumped because: kasan: bad access detected [ 16.766767] [ 16.766785] Memory state around the buggy address: [ 16.766818] fff00000c692bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.766929] fff00000c692bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.767108] >fff00000c692c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.767159] ^ [ 16.767290] fff00000c692c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.767447] fff00000c692c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.767485] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.744992] ================================================================== [ 16.745071] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.745130] Write of size 1 at addr fff00000c692e00a by task kunit_try_catch/147 [ 16.745179] [ 16.745217] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.745985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.746021] Hardware name: linux,dummy-virt (DT) [ 16.746054] Call trace: [ 16.746077] show_stack+0x20/0x38 (C) [ 16.746193] dump_stack_lvl+0x8c/0xd0 [ 16.746268] print_report+0x118/0x608 [ 16.746314] kasan_report+0xdc/0x128 [ 16.746359] __asan_report_store1_noabort+0x20/0x30 [ 16.746408] kmalloc_large_oob_right+0x278/0x2b8 [ 16.746454] kunit_try_run_case+0x170/0x3f0 [ 16.747346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.747611] kthread+0x328/0x630 [ 16.747677] ret_from_fork+0x10/0x20 [ 16.747726] [ 16.748112] The buggy address belongs to the physical page: [ 16.748155] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10692c [ 16.748736] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.748805] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.749291] page_type: f8(unknown) [ 16.749384] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.749436] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.749668] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.749718] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.749945] head: 0bfffe0000000002 ffffc1ffc31a4b01 00000000ffffffff 00000000ffffffff [ 16.749995] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.750448] page dumped because: kasan: bad access detected [ 16.750484] [ 16.750502] Memory state around the buggy address: [ 16.750778] fff00000c692df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.750833] fff00000c692df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.751077] >fff00000c692e000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.751412] ^ [ 16.751629] fff00000c692e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.751950] fff00000c692e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.751991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.719378] ================================================================== [ 16.720461] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.720650] Write of size 1 at addr fff00000c7ad9f00 by task kunit_try_catch/145 [ 16.720701] [ 16.720739] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.720894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.721248] Hardware name: linux,dummy-virt (DT) [ 16.721924] Call trace: [ 16.721953] show_stack+0x20/0x38 (C) [ 16.722007] dump_stack_lvl+0x8c/0xd0 [ 16.722156] print_report+0x118/0x608 [ 16.722257] kasan_report+0xdc/0x128 [ 16.722401] __asan_report_store1_noabort+0x20/0x30 [ 16.722630] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.722875] kunit_try_run_case+0x170/0x3f0 [ 16.722989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.723536] kthread+0x328/0x630 [ 16.723806] ret_from_fork+0x10/0x20 [ 16.724036] [ 16.724057] Allocated by task 145: [ 16.724626] kasan_save_stack+0x3c/0x68 [ 16.724680] kasan_save_track+0x20/0x40 [ 16.724718] kasan_save_alloc_info+0x40/0x58 [ 16.724756] __kasan_kmalloc+0xd4/0xd8 [ 16.724888] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.725045] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.725082] kunit_try_run_case+0x170/0x3f0 [ 16.725664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.725716] kthread+0x328/0x630 [ 16.725750] ret_from_fork+0x10/0x20 [ 16.725948] [ 16.725971] The buggy address belongs to the object at fff00000c7ad8000 [ 16.725971] which belongs to the cache kmalloc-8k of size 8192 [ 16.726071] The buggy address is located 0 bytes to the right of [ 16.726071] allocated 7936-byte region [fff00000c7ad8000, fff00000c7ad9f00) [ 16.726522] [ 16.726620] The buggy address belongs to the physical page: [ 16.726704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107ad8 [ 16.727086] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.727177] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.727663] page_type: f5(slab) [ 16.727719] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.727777] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.727826] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.727874] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.727925] head: 0bfffe0000000003 ffffc1ffc31eb601 00000000ffffffff 00000000ffffffff [ 16.727975] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.728734] page dumped because: kasan: bad access detected [ 16.729033] [ 16.729071] Memory state around the buggy address: [ 16.729207] fff00000c7ad9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.729252] fff00000c7ad9e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.729298] >fff00000c7ad9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729752] ^ [ 16.729784] fff00000c7ad9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729834] fff00000c7ada000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.729917] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.699307] ================================================================== [ 16.699366] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.699679] Write of size 1 at addr fff00000c5733578 by task kunit_try_catch/143 [ 16.699743] [ 16.699778] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.699868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.699894] Hardware name: linux,dummy-virt (DT) [ 16.699925] Call trace: [ 16.699946] show_stack+0x20/0x38 (C) [ 16.699994] dump_stack_lvl+0x8c/0xd0 [ 16.700428] print_report+0x118/0x608 [ 16.700575] kasan_report+0xdc/0x128 [ 16.700630] __asan_report_store1_noabort+0x20/0x30 [ 16.700925] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.700983] kunit_try_run_case+0x170/0x3f0 [ 16.701039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.701157] kthread+0x328/0x630 [ 16.701198] ret_from_fork+0x10/0x20 [ 16.701245] [ 16.701267] Allocated by task 143: [ 16.701293] kasan_save_stack+0x3c/0x68 [ 16.701341] kasan_save_track+0x20/0x40 [ 16.701377] kasan_save_alloc_info+0x40/0x58 [ 16.701417] __kasan_kmalloc+0xd4/0xd8 [ 16.701452] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.702015] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.702078] kunit_try_run_case+0x170/0x3f0 [ 16.702115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.702202] kthread+0x328/0x630 [ 16.702236] ret_from_fork+0x10/0x20 [ 16.702271] [ 16.702291] The buggy address belongs to the object at fff00000c5733500 [ 16.702291] which belongs to the cache kmalloc-128 of size 128 [ 16.702367] The buggy address is located 0 bytes to the right of [ 16.702367] allocated 120-byte region [fff00000c5733500, fff00000c5733578) [ 16.702634] [ 16.702681] The buggy address belongs to the physical page: [ 16.702842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.703199] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.703265] page_type: f5(slab) [ 16.703304] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.703356] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.703397] page dumped because: kasan: bad access detected [ 16.703428] [ 16.703446] Memory state around the buggy address: [ 16.703478] fff00000c5733400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.704162] fff00000c5733480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.704236] >fff00000c5733500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.704665] ^ [ 16.704713] fff00000c5733580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.704757] fff00000c5733600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.704802] ================================================================== [ 16.689270] ================================================================== [ 16.689497] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.689631] Write of size 1 at addr fff00000c5733478 by task kunit_try_catch/143 [ 16.689723] [ 16.689923] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.690040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.690069] Hardware name: linux,dummy-virt (DT) [ 16.690101] Call trace: [ 16.690679] show_stack+0x20/0x38 (C) [ 16.690865] dump_stack_lvl+0x8c/0xd0 [ 16.690915] print_report+0x118/0x608 [ 16.690971] kasan_report+0xdc/0x128 [ 16.691127] __asan_report_store1_noabort+0x20/0x30 [ 16.691475] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.691527] kunit_try_run_case+0x170/0x3f0 [ 16.691586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.691988] kthread+0x328/0x630 [ 16.692041] ret_from_fork+0x10/0x20 [ 16.692358] [ 16.692379] Allocated by task 143: [ 16.692408] kasan_save_stack+0x3c/0x68 [ 16.692467] kasan_save_track+0x20/0x40 [ 16.692532] kasan_save_alloc_info+0x40/0x58 [ 16.692747] __kasan_kmalloc+0xd4/0xd8 [ 16.692960] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.693006] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.693047] kunit_try_run_case+0x170/0x3f0 [ 16.693462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.693515] kthread+0x328/0x630 [ 16.693547] ret_from_fork+0x10/0x20 [ 16.693764] [ 16.693785] The buggy address belongs to the object at fff00000c5733400 [ 16.693785] which belongs to the cache kmalloc-128 of size 128 [ 16.693845] The buggy address is located 0 bytes to the right of [ 16.693845] allocated 120-byte region [fff00000c5733400, fff00000c5733478) [ 16.694353] [ 16.694469] The buggy address belongs to the physical page: [ 16.694502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.694560] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.694621] page_type: f5(slab) [ 16.694663] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.694714] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.694754] page dumped because: kasan: bad access detected [ 16.694785] [ 16.695148] Memory state around the buggy address: [ 16.695192] fff00000c5733300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.695236] fff00000c5733380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.695897] >fff00000c5733400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.696014] ^ [ 16.696593] fff00000c5733480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697072] fff00000c5733500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.697117] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.663604] ================================================================== [ 16.663671] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.663724] Read of size 1 at addr fff00000c5ff3000 by task kunit_try_catch/141 [ 16.663774] [ 16.663806] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.663888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.663916] Hardware name: linux,dummy-virt (DT) [ 16.664055] Call trace: [ 16.664087] show_stack+0x20/0x38 (C) [ 16.664136] dump_stack_lvl+0x8c/0xd0 [ 16.664183] print_report+0x118/0x608 [ 16.664685] kasan_report+0xdc/0x128 [ 16.664843] __asan_report_load1_noabort+0x20/0x30 [ 16.665364] kmalloc_node_oob_right+0x2f4/0x330 [ 16.665897] kunit_try_run_case+0x170/0x3f0 [ 16.665948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.666002] kthread+0x328/0x630 [ 16.666044] ret_from_fork+0x10/0x20 [ 16.666930] [ 16.666985] Allocated by task 141: [ 16.667015] kasan_save_stack+0x3c/0x68 [ 16.667059] kasan_save_track+0x20/0x40 [ 16.667097] kasan_save_alloc_info+0x40/0x58 [ 16.668009] __kasan_kmalloc+0xd4/0xd8 [ 16.668270] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.668488] kmalloc_node_oob_right+0xbc/0x330 [ 16.668729] kunit_try_run_case+0x170/0x3f0 [ 16.668805] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.669462] kthread+0x328/0x630 [ 16.669531] ret_from_fork+0x10/0x20 [ 16.669577] [ 16.670431] The buggy address belongs to the object at fff00000c5ff2000 [ 16.670431] which belongs to the cache kmalloc-4k of size 4096 [ 16.670655] The buggy address is located 0 bytes to the right of [ 16.670655] allocated 4096-byte region [fff00000c5ff2000, fff00000c5ff3000) [ 16.671020] [ 16.671080] The buggy address belongs to the physical page: [ 16.671731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff0 [ 16.673230] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.673298] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.674072] page_type: f5(slab) [ 16.674123] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.674174] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.674234] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.674284] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.674336] head: 0bfffe0000000003 ffffc1ffc317fc01 00000000ffffffff 00000000ffffffff [ 16.674385] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.674429] page dumped because: kasan: bad access detected [ 16.674460] [ 16.674478] Memory state around the buggy address: [ 16.674512] fff00000c5ff2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.674555] fff00000c5ff2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.674691] >fff00000c5ff3000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.674858] ^ [ 16.674975] fff00000c5ff3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.675018] fff00000c5ff3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.675055] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.652380] ================================================================== [ 16.652505] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.652601] Read of size 1 at addr fff00000c56b607f by task kunit_try_catch/139 [ 16.652658] [ 16.652751] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.652863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.652890] Hardware name: linux,dummy-virt (DT) [ 16.652947] Call trace: [ 16.652986] show_stack+0x20/0x38 (C) [ 16.653053] dump_stack_lvl+0x8c/0xd0 [ 16.653129] print_report+0x118/0x608 [ 16.653193] kasan_report+0xdc/0x128 [ 16.653238] __asan_report_load1_noabort+0x20/0x30 [ 16.653293] kmalloc_oob_left+0x2ec/0x320 [ 16.653386] kunit_try_run_case+0x170/0x3f0 [ 16.653493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.653559] kthread+0x328/0x630 [ 16.653645] ret_from_fork+0x10/0x20 [ 16.653694] [ 16.653712] Allocated by task 26: [ 16.653741] kasan_save_stack+0x3c/0x68 [ 16.653909] kasan_save_track+0x20/0x40 [ 16.653947] kasan_save_alloc_info+0x40/0x58 [ 16.653986] __kasan_kmalloc+0xd4/0xd8 [ 16.654021] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.654064] kstrdup+0x54/0xc8 [ 16.654097] devtmpfs_work_loop+0x6f8/0xa58 [ 16.654138] devtmpfsd+0x50/0x58 [ 16.654171] kthread+0x328/0x630 [ 16.654202] ret_from_fork+0x10/0x20 [ 16.654444] [ 16.654522] Freed by task 26: [ 16.654657] kasan_save_stack+0x3c/0x68 [ 16.654733] kasan_save_track+0x20/0x40 [ 16.654829] kasan_save_free_info+0x4c/0x78 [ 16.654924] __kasan_slab_free+0x6c/0x98 [ 16.654971] kfree+0x214/0x3c8 [ 16.655039] devtmpfs_work_loop+0x804/0xa58 [ 16.655124] devtmpfsd+0x50/0x58 [ 16.655240] kthread+0x328/0x630 [ 16.655304] ret_from_fork+0x10/0x20 [ 16.655347] [ 16.655368] The buggy address belongs to the object at fff00000c56b6060 [ 16.655368] which belongs to the cache kmalloc-16 of size 16 [ 16.655426] The buggy address is located 15 bytes to the right of [ 16.655426] allocated 16-byte region [fff00000c56b6060, fff00000c56b6070) [ 16.655490] [ 16.655826] The buggy address belongs to the physical page: [ 16.655914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b6 [ 16.656015] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.656111] page_type: f5(slab) [ 16.656190] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.656251] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.656291] page dumped because: kasan: bad access detected [ 16.656322] [ 16.656339] Memory state around the buggy address: [ 16.656371] fff00000c56b5f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 16.656454] fff00000c56b5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.656663] >fff00000c56b6000: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.656743] ^ [ 16.656844] fff00000c56b6080: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.656929] fff00000c56b6100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.656979] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.633236] ================================================================== [ 16.633288] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.633333] Read of size 1 at addr fff00000c5733380 by task kunit_try_catch/137 [ 16.633436] [ 16.633467] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.633548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.633585] Hardware name: linux,dummy-virt (DT) [ 16.633614] Call trace: [ 16.633634] show_stack+0x20/0x38 (C) [ 16.633680] dump_stack_lvl+0x8c/0xd0 [ 16.634202] print_report+0x118/0x608 [ 16.634321] kasan_report+0xdc/0x128 [ 16.634369] __asan_report_load1_noabort+0x20/0x30 [ 16.634419] kmalloc_oob_right+0x5d0/0x660 [ 16.634465] kunit_try_run_case+0x170/0x3f0 [ 16.634512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.634576] kthread+0x328/0x630 [ 16.634616] ret_from_fork+0x10/0x20 [ 16.634700] [ 16.634842] Allocated by task 137: [ 16.634879] kasan_save_stack+0x3c/0x68 [ 16.635142] kasan_save_track+0x20/0x40 [ 16.635258] kasan_save_alloc_info+0x40/0x58 [ 16.635304] __kasan_kmalloc+0xd4/0xd8 [ 16.635339] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.635379] kmalloc_oob_right+0xb0/0x660 [ 16.635914] kunit_try_run_case+0x170/0x3f0 [ 16.636147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.636194] kthread+0x328/0x630 [ 16.636225] ret_from_fork+0x10/0x20 [ 16.636631] [ 16.636883] The buggy address belongs to the object at fff00000c5733300 [ 16.636883] which belongs to the cache kmalloc-128 of size 128 [ 16.637113] The buggy address is located 13 bytes to the right of [ 16.637113] allocated 115-byte region [fff00000c5733300, fff00000c5733373) [ 16.637409] [ 16.637488] The buggy address belongs to the physical page: [ 16.637584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.638078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.638742] page_type: f5(slab) [ 16.639114] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.639278] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.639383] page dumped because: kasan: bad access detected [ 16.639414] [ 16.639682] Memory state around the buggy address: [ 16.639785] fff00000c5733280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.639916] fff00000c5733300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.640460] >fff00000c5733380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.640872] ^ [ 16.640907] fff00000c5733400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641164] fff00000c5733480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641240] ================================================================== [ 16.630100] ================================================================== [ 16.630144] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.630219] Write of size 1 at addr fff00000c5733378 by task kunit_try_catch/137 [ 16.630269] [ 16.630297] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.630376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.630401] Hardware name: linux,dummy-virt (DT) [ 16.630430] Call trace: [ 16.630450] show_stack+0x20/0x38 (C) [ 16.630497] dump_stack_lvl+0x8c/0xd0 [ 16.630543] print_report+0x118/0x608 [ 16.630602] kasan_report+0xdc/0x128 [ 16.630646] __asan_report_store1_noabort+0x20/0x30 [ 16.630694] kmalloc_oob_right+0x538/0x660 [ 16.630747] kunit_try_run_case+0x170/0x3f0 [ 16.630794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.630845] kthread+0x328/0x630 [ 16.630885] ret_from_fork+0x10/0x20 [ 16.630933] [ 16.631129] Allocated by task 137: [ 16.631163] kasan_save_stack+0x3c/0x68 [ 16.631207] kasan_save_track+0x20/0x40 [ 16.631243] kasan_save_alloc_info+0x40/0x58 [ 16.631281] __kasan_kmalloc+0xd4/0xd8 [ 16.631316] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.631354] kmalloc_oob_right+0xb0/0x660 [ 16.631388] kunit_try_run_case+0x170/0x3f0 [ 16.631424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.631466] kthread+0x328/0x630 [ 16.631497] ret_from_fork+0x10/0x20 [ 16.631530] [ 16.631548] The buggy address belongs to the object at fff00000c5733300 [ 16.631548] which belongs to the cache kmalloc-128 of size 128 [ 16.631617] The buggy address is located 5 bytes to the right of [ 16.631617] allocated 115-byte region [fff00000c5733300, fff00000c5733373) [ 16.631680] [ 16.631699] The buggy address belongs to the physical page: [ 16.631762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.631851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.631986] page_type: f5(slab) [ 16.632053] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.632129] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.632169] page dumped because: kasan: bad access detected [ 16.632199] [ 16.632233] Memory state around the buggy address: [ 16.632282] fff00000c5733200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.632325] fff00000c5733280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.632838] >fff00000c5733300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.632973] ^ [ 16.633022] fff00000c5733380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633064] fff00000c5733400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633101] ================================================================== [ 16.622561] ================================================================== [ 16.623046] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.623891] Write of size 1 at addr fff00000c5733373 by task kunit_try_catch/137 [ 16.623998] [ 16.624814] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 16.624957] Tainted: [N]=TEST [ 16.624989] Hardware name: linux,dummy-virt (DT) [ 16.625209] Call trace: [ 16.625396] show_stack+0x20/0x38 (C) [ 16.625549] dump_stack_lvl+0x8c/0xd0 [ 16.625624] print_report+0x118/0x608 [ 16.625674] kasan_report+0xdc/0x128 [ 16.625719] __asan_report_store1_noabort+0x20/0x30 [ 16.625767] kmalloc_oob_right+0x5a4/0x660 [ 16.625812] kunit_try_run_case+0x170/0x3f0 [ 16.625863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.625915] kthread+0x328/0x630 [ 16.625958] ret_from_fork+0x10/0x20 [ 16.626117] [ 16.626155] Allocated by task 137: [ 16.626269] kasan_save_stack+0x3c/0x68 [ 16.626332] kasan_save_track+0x20/0x40 [ 16.626370] kasan_save_alloc_info+0x40/0x58 [ 16.626409] __kasan_kmalloc+0xd4/0xd8 [ 16.626444] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.626484] kmalloc_oob_right+0xb0/0x660 [ 16.626519] kunit_try_run_case+0x170/0x3f0 [ 16.626556] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.626609] kthread+0x328/0x630 [ 16.626641] ret_from_fork+0x10/0x20 [ 16.626694] [ 16.626753] The buggy address belongs to the object at fff00000c5733300 [ 16.626753] which belongs to the cache kmalloc-128 of size 128 [ 16.626847] The buggy address is located 0 bytes to the right of [ 16.626847] allocated 115-byte region [fff00000c5733300, fff00000c5733373) [ 16.626915] [ 16.626994] The buggy address belongs to the physical page: [ 16.627192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105733 [ 16.627460] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.627761] page_type: f5(slab) [ 16.628057] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.628118] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.628228] page dumped because: kasan: bad access detected [ 16.628267] [ 16.628292] Memory state around the buggy address: [ 16.628511] fff00000c5733200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.628590] fff00000c5733280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628645] >fff00000c5733300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.628700] ^ [ 16.628784] fff00000c5733380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628828] fff00000c5733400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628890] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 98.249630] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 98.250490] Modules linked in: [ 98.250751] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 98.251978] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 98.252806] Hardware name: linux,dummy-virt (DT) [ 98.253437] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 98.254357] pc : intlog10+0x38/0x48 [ 98.254922] lr : intlog10_test+0xe4/0x200 [ 98.255495] sp : ffff800082327c10 [ 98.255974] x29: ffff800082327c90 x28: 0000000000000000 x27: 0000000000000000 [ 98.257015] x26: 1ffe000018b3cb61 x25: 0000000000000000 x24: ffff800082327ce0 [ 98.257976] x23: ffff800082327d00 x22: 0000000000000000 x21: 1ffff00010464f82 [ 98.259127] x20: ffffa1856da89840 x19: ffff800080087990 x18: 000000009b46f090 [ 98.260060] x17: 00000000503bb0fe x16: fff00000c0975c3c x15: fff00000ff616b08 [ 98.261023] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff7430ae323381 [ 98.262064] x11: 1ffff430ae323380 x10: ffff7430ae323380 x9 : ffffa1856b03701c [ 98.263090] x8 : ffffa18571919c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 98.263873] x5 : ffff700010464f82 x4 : 1ffff00010010f3a x3 : 1ffff430adb51308 [ 98.264232] x2 : 1ffff430adb51308 x1 : 0000000000000003 x0 : 0000000000000000 [ 98.264781] Call trace: [ 98.265215] intlog10+0x38/0x48 (P) [ 98.265775] kunit_try_run_case+0x170/0x3f0 [ 98.266455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.267228] kthread+0x328/0x630 [ 98.267721] ret_from_fork+0x10/0x20 [ 98.268268] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 98.199896] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 98.203996] Modules linked in: [ 98.204630] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 98.205970] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 98.206683] Hardware name: linux,dummy-virt (DT) [ 98.207378] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 98.208201] pc : intlog2+0xd8/0xf8 [ 98.208711] lr : intlog2_test+0xe4/0x200 [ 98.209087] sp : ffff800082237c10 [ 98.209258] x29: ffff800082237c90 x28: 0000000000000000 x27: 0000000000000000 [ 98.210352] x26: 1ffe000018e26b21 x25: 0000000000000000 x24: ffff800082237ce0 [ 98.211343] x23: ffff800082237d00 x22: 0000000000000000 x21: 1ffff00010446f82 [ 98.211888] x20: ffffa1856da89740 x19: ffff800080087990 x18: 0000000099fb0138 [ 98.212240] x17: 00000000eea7fe0e x16: fff00000c0975c3c x15: fff00000ff616b08 [ 98.212746] x14: 0000000000018fff x13: 1ffe00001b48a5cd x12: ffff7430ae323381 [ 98.213357] x11: 1ffff430ae323380 x10: ffff7430ae323380 x9 : ffffa1856b03721c [ 98.214014] x8 : ffffa18571919c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 98.214399] x5 : ffff700010446f82 x4 : 1ffff00010010f3a x3 : 1ffff430adb512e8 [ 98.214957] x2 : 1ffff430adb512e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 98.215495] Call trace: [ 98.215804] intlog2+0xd8/0xf8 (P) [ 98.216034] kunit_try_run_case+0x170/0x3f0 [ 98.216267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 98.216616] kthread+0x328/0x630 [ 98.216870] ret_from_fork+0x10/0x20 [ 98.217130] ---[ end trace 0000000000000000 ]---