Date
July 3, 2025, 6:13 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.428811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 19.443480] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x47c/0x4858 [ 19.435960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x414/0x4858 [ 19.501318] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 19.492851] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x760/0x4858
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.787558] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.796876] Modules linked in: [ 94.797812] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 94.798924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.799508] Hardware name: linux,dummy-virt (DT) [ 94.800209] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.801274] pc : kunit_test_null_dereference+0x70/0x170 [ 94.802153] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.802411] sp : ffff800082027d30 [ 94.802594] x29: ffff800082027d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.803010] x26: 1ffe000018f04801 x25: 0000000000000000 x24: 0000000000000004 [ 94.804230] x23: fff00000c782400c x22: ffff9660bb424a78 x21: fff00000c1329b88 [ 94.805137] x20: 1ffff00010404fa6 x19: ffff800080087990 x18: 000000006065272e [ 94.806050] x17: 0000000000000001 x16: fff00000da453d28 x15: fff00000ff616b08 [ 94.806981] x14: 0000000000018fff x13: 1ffe00001b48a789 x12: fffd80001968e62c [ 94.807777] x11: 1ffe00001968e62b x10: fffd80001968e62b x9 : ffff9660bb41bee0 [ 94.808678] x8 : ffff800082027c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.809664] x5 : ffff700010404fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.810397] x2 : dfff800000000000 x1 : fff00000cb472880 x0 : ffff800080087990 [ 94.810785] Call trace: [ 94.810943] kunit_test_null_dereference+0x70/0x170 (P) [ 94.811237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.811609] kthread+0x328/0x630 [ 94.811882] ret_from_fork+0x10/0x20 [ 94.812396] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.813176] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.321623] ================================================================== [ 51.321693] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.321693] [ 51.321778] Use-after-free read at 0x00000000a8a3a906 (in kfence-#153): [ 51.321829] test_krealloc+0x51c/0x830 [ 51.321874] kunit_try_run_case+0x170/0x3f0 [ 51.321920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.321965] kthread+0x328/0x630 [ 51.322005] ret_from_fork+0x10/0x20 [ 51.322060] [ 51.322085] kfence-#153: 0x00000000a8a3a906-0x000000004a26ece6, size=32, cache=kmalloc-32 [ 51.322085] [ 51.322138] allocated by task 337 on cpu 0 at 51.320944s (0.001191s ago): [ 51.322205] test_alloc+0x29c/0x628 [ 51.322245] test_krealloc+0xc0/0x830 [ 51.322284] kunit_try_run_case+0x170/0x3f0 [ 51.322323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.322365] kthread+0x328/0x630 [ 51.322401] ret_from_fork+0x10/0x20 [ 51.322439] [ 51.322462] freed by task 337 on cpu 0 at 51.321226s (0.001232s ago): [ 51.322521] krealloc_noprof+0x148/0x360 [ 51.322561] test_krealloc+0x1dc/0x830 [ 51.322599] kunit_try_run_case+0x170/0x3f0 [ 51.322638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.322679] kthread+0x328/0x630 [ 51.322714] ret_from_fork+0x10/0x20 [ 51.322751] [ 51.322798] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.322875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.322903] Hardware name: linux,dummy-virt (DT) [ 51.322939] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.989120] ================================================================== [ 21.989211] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.989211] [ 21.989269] Invalid free of 0x00000000c1526fa0 (in kfence-#93): [ 21.989322] test_double_free+0x100/0x238 [ 21.989368] kunit_try_run_case+0x170/0x3f0 [ 21.989409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.989453] kthread+0x328/0x630 [ 21.989489] ret_from_fork+0x10/0x20 [ 21.989527] [ 21.989551] kfence-#93: 0x00000000c1526fa0-0x000000009e3eb753, size=32, cache=test [ 21.989551] [ 21.989603] allocated by task 305 on cpu 1 at 21.988895s (0.000705s ago): [ 21.989664] test_alloc+0x230/0x628 [ 21.989704] test_double_free+0xd4/0x238 [ 21.989743] kunit_try_run_case+0x170/0x3f0 [ 21.989783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.989825] kthread+0x328/0x630 [ 21.989859] ret_from_fork+0x10/0x20 [ 21.989897] [ 21.989920] freed by task 305 on cpu 1 at 21.988957s (0.000959s ago): [ 21.989980] test_double_free+0xf0/0x238 [ 21.990020] kunit_try_run_case+0x170/0x3f0 [ 21.990070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.990113] kthread+0x328/0x630 [ 21.990147] ret_from_fork+0x10/0x20 [ 21.990185] [ 21.990227] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.990305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.990337] Hardware name: linux,dummy-virt (DT) [ 21.990371] ================================================================== [ 21.885328] ================================================================== [ 21.885440] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.885440] [ 21.885505] Invalid free of 0x000000006175534f (in kfence-#92): [ 21.885568] test_double_free+0x1bc/0x238 [ 21.885613] kunit_try_run_case+0x170/0x3f0 [ 21.885657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.885701] kthread+0x328/0x630 [ 21.885738] ret_from_fork+0x10/0x20 [ 21.885778] [ 21.885802] kfence-#92: 0x000000006175534f-0x000000004f7ee95f, size=32, cache=kmalloc-32 [ 21.885802] [ 21.885855] allocated by task 303 on cpu 1 at 21.885048s (0.000804s ago): [ 21.885916] test_alloc+0x29c/0x628 [ 21.885955] test_double_free+0xd4/0x238 [ 21.885996] kunit_try_run_case+0x170/0x3f0 [ 21.886048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.886089] kthread+0x328/0x630 [ 21.886125] ret_from_fork+0x10/0x20 [ 21.886164] [ 21.886187] freed by task 303 on cpu 1 at 21.885120s (0.001063s ago): [ 21.886248] test_double_free+0x1ac/0x238 [ 21.886288] kunit_try_run_case+0x170/0x3f0 [ 21.886328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.886370] kthread+0x328/0x630 [ 21.886404] ret_from_fork+0x10/0x20 [ 21.886443] [ 21.886488] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.886565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.886594] Hardware name: linux,dummy-virt (DT) [ 21.886629] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.233023] ================================================================== [ 51.233139] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.233139] [ 51.233237] Use-after-free read at 0x00000000e046051c (in kfence-#152): [ 51.233288] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.233337] kunit_try_run_case+0x170/0x3f0 [ 51.233382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.233425] kthread+0x328/0x630 [ 51.233466] ret_from_fork+0x10/0x20 [ 51.233504] [ 51.233530] kfence-#152: 0x00000000e046051c-0x00000000c5609a03, size=32, cache=test [ 51.233530] [ 51.233581] allocated by task 335 on cpu 1 at 51.217116s (0.016460s ago): [ 51.233649] test_alloc+0x230/0x628 [ 51.233688] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.233729] kunit_try_run_case+0x170/0x3f0 [ 51.233769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.233810] kthread+0x328/0x630 [ 51.233845] ret_from_fork+0x10/0x20 [ 51.233883] [ 51.233907] freed by task 335 on cpu 1 at 51.217202s (0.016702s ago): [ 51.233963] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.234004] kunit_try_run_case+0x170/0x3f0 [ 51.234052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.234095] kthread+0x328/0x630 [ 51.234129] ret_from_fork+0x10/0x20 [ 51.234169] [ 51.234215] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 51.234292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.234320] Hardware name: linux,dummy-virt (DT) [ 51.234355] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.940502] ================================================================== [ 27.940651] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.940651] [ 27.940747] Invalid read at 0x0000000041a4247c: [ 27.940813] test_invalid_access+0xdc/0x1f0 [ 27.940866] kunit_try_run_case+0x170/0x3f0 [ 27.940917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.940967] kthread+0x328/0x630 [ 27.941012] ret_from_fork+0x10/0x20 [ 27.941079] [ 27.941128] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.941214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.941250] Hardware name: linux,dummy-virt (DT) [ 27.941290] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.709174] ================================================================== [ 27.709265] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.709265] [ 27.709326] Corrupted memory at 0x00000000bb7f5e49 [ ! . . . . . . . . . . . . . . . ] (in kfence-#148): [ 27.709628] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.709676] kunit_try_run_case+0x170/0x3f0 [ 27.709717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.709761] kthread+0x328/0x630 [ 27.709796] ret_from_fork+0x10/0x20 [ 27.709835] [ 27.709859] kfence-#148: 0x000000001f447f1c-0x00000000440ba8ba, size=73, cache=kmalloc-96 [ 27.709859] [ 27.709913] allocated by task 325 on cpu 0 at 27.708916s (0.000993s ago): [ 27.709972] test_alloc+0x29c/0x628 [ 27.710012] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.710067] kunit_try_run_case+0x170/0x3f0 [ 27.710104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.710147] kthread+0x328/0x630 [ 27.710182] ret_from_fork+0x10/0x20 [ 27.710219] [ 27.710243] freed by task 325 on cpu 0 at 27.709088s (0.001151s ago): [ 27.710302] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.710345] kunit_try_run_case+0x170/0x3f0 [ 27.710384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.710426] kthread+0x328/0x630 [ 27.710462] ret_from_fork+0x10/0x20 [ 27.710499] [ 27.710538] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.710615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.710643] Hardware name: linux,dummy-virt (DT) [ 27.710675] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.605251] ================================================================== [ 27.605350] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.605350] [ 27.605443] Out-of-bounds read at 0x000000009e5f25a2 (105B right of kfence-#147): [ 27.605502] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.605553] kunit_try_run_case+0x170/0x3f0 [ 27.605597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.605640] kthread+0x328/0x630 [ 27.605680] ret_from_fork+0x10/0x20 [ 27.605720] [ 27.605745] kfence-#147: 0x00000000c3f54212-0x0000000028a923d6, size=73, cache=kmalloc-96 [ 27.605745] [ 27.605797] allocated by task 323 on cpu 0 at 27.604969s (0.000824s ago): [ 27.605867] test_alloc+0x29c/0x628 [ 27.605908] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.605951] kunit_try_run_case+0x170/0x3f0 [ 27.605990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.606045] kthread+0x328/0x630 [ 27.606081] ret_from_fork+0x10/0x20 [ 27.606119] [ 27.606166] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.606244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.606273] Hardware name: linux,dummy-virt (DT) [ 27.606310] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.029108] ================================================================== [ 23.029198] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.029198] [ 23.029255] Corrupted memory at 0x000000008c7f7a54 [ ! ] (in kfence-#103): [ 23.029368] test_corruption+0x1d8/0x378 [ 23.029415] kunit_try_run_case+0x170/0x3f0 [ 23.029457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.029501] kthread+0x328/0x630 [ 23.029540] ret_from_fork+0x10/0x20 [ 23.029578] [ 23.029603] kfence-#103: 0x0000000019f767c4-0x000000007dee6e6f, size=32, cache=test [ 23.029603] [ 23.029655] allocated by task 313 on cpu 1 at 23.028950s (0.000702s ago): [ 23.029715] test_alloc+0x230/0x628 [ 23.029753] test_corruption+0x198/0x378 [ 23.029793] kunit_try_run_case+0x170/0x3f0 [ 23.029831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.029874] kthread+0x328/0x630 [ 23.029909] ret_from_fork+0x10/0x20 [ 23.029946] [ 23.029969] freed by task 313 on cpu 1 at 23.029009s (0.000956s ago): [ 23.030037] test_corruption+0x1d8/0x378 [ 23.030079] kunit_try_run_case+0x170/0x3f0 [ 23.030116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.030159] kthread+0x328/0x630 [ 23.030192] ret_from_fork+0x10/0x20 [ 23.030233] [ 23.030275] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.030350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.030379] Hardware name: linux,dummy-virt (DT) [ 23.030415] ================================================================== [ 22.509249] ================================================================== [ 22.509329] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 22.509329] [ 22.509391] Corrupted memory at 0x00000000a47ca061 [ ! ] (in kfence-#98): [ 22.509512] test_corruption+0x284/0x378 [ 22.509560] kunit_try_run_case+0x170/0x3f0 [ 22.509602] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.509644] kthread+0x328/0x630 [ 22.509682] ret_from_fork+0x10/0x20 [ 22.509720] [ 22.509743] kfence-#98: 0x000000003026ad61-0x00000000d54ae3d3, size=32, cache=kmalloc-32 [ 22.509743] [ 22.509797] allocated by task 311 on cpu 1 at 22.508969s (0.000825s ago): [ 22.509857] test_alloc+0x29c/0x628 [ 22.509895] test_corruption+0x198/0x378 [ 22.509934] kunit_try_run_case+0x170/0x3f0 [ 22.509972] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.510014] kthread+0x328/0x630 [ 22.510067] ret_from_fork+0x10/0x20 [ 22.510103] [ 22.510127] freed by task 311 on cpu 1 at 22.509086s (0.001037s ago): [ 22.510184] test_corruption+0x284/0x378 [ 22.510223] kunit_try_run_case+0x170/0x3f0 [ 22.510262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.510304] kthread+0x328/0x630 [ 22.510337] ret_from_fork+0x10/0x20 [ 22.510373] [ 22.510413] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.510487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.510516] Hardware name: linux,dummy-virt (DT) [ 22.510548] ================================================================== [ 22.405260] ================================================================== [ 22.405371] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.405371] [ 22.405440] Corrupted memory at 0x000000001f756a7e [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 22.406553] test_corruption+0x278/0x378 [ 22.406607] kunit_try_run_case+0x170/0x3f0 [ 22.406652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.406696] kthread+0x328/0x630 [ 22.406734] ret_from_fork+0x10/0x20 [ 22.406774] [ 22.406797] kfence-#97: 0x00000000b28bd14f-0x000000002f821d25, size=32, cache=kmalloc-32 [ 22.406797] [ 22.406854] allocated by task 311 on cpu 1 at 22.404960s (0.001891s ago): [ 22.406916] test_alloc+0x29c/0x628 [ 22.406956] test_corruption+0xdc/0x378 [ 22.406996] kunit_try_run_case+0x170/0x3f0 [ 22.407047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.407090] kthread+0x328/0x630 [ 22.407125] ret_from_fork+0x10/0x20 [ 22.407163] [ 22.407185] freed by task 311 on cpu 1 at 22.405080s (0.002101s ago): [ 22.407244] test_corruption+0x278/0x378 [ 22.407284] kunit_try_run_case+0x170/0x3f0 [ 22.407323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.407366] kthread+0x328/0x630 [ 22.407401] ret_from_fork+0x10/0x20 [ 22.407439] [ 22.407486] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.407564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.407593] Hardware name: linux,dummy-virt (DT) [ 22.407630] ================================================================== [ 22.717189] ================================================================== [ 22.717284] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 22.717284] [ 22.717345] Corrupted memory at 0x00000000b8b7fac5 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 22.717650] test_corruption+0x120/0x378 [ 22.717697] kunit_try_run_case+0x170/0x3f0 [ 22.717740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.717784] kthread+0x328/0x630 [ 22.717823] ret_from_fork+0x10/0x20 [ 22.717864] [ 22.717887] kfence-#100: 0x00000000098356a6-0x000000007adc77bc, size=32, cache=test [ 22.717887] [ 22.717939] allocated by task 313 on cpu 1 at 22.717045s (0.000890s ago): [ 22.717999] test_alloc+0x230/0x628 [ 22.718053] test_corruption+0xdc/0x378 [ 22.718093] kunit_try_run_case+0x170/0x3f0 [ 22.718132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.718175] kthread+0x328/0x630 [ 22.718211] ret_from_fork+0x10/0x20 [ 22.718249] [ 22.718272] freed by task 313 on cpu 1 at 22.717099s (0.001169s ago): [ 22.718333] test_corruption+0x120/0x378 [ 22.718372] kunit_try_run_case+0x170/0x3f0 [ 22.718411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.718453] kthread+0x328/0x630 [ 22.718489] ret_from_fork+0x10/0x20 [ 22.718526] [ 22.718567] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.718641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.718669] Hardware name: linux,dummy-virt (DT) [ 22.718706] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.093128] ================================================================== [ 22.093215] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.093215] [ 22.093275] Invalid free of 0x00000000dea2e740 (in kfence-#94): [ 22.093328] test_invalid_addr_free+0x1ac/0x238 [ 22.093377] kunit_try_run_case+0x170/0x3f0 [ 22.093420] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.093464] kthread+0x328/0x630 [ 22.093502] ret_from_fork+0x10/0x20 [ 22.093542] [ 22.093565] kfence-#94: 0x00000000d0adbf62-0x0000000032d1e917, size=32, cache=kmalloc-32 [ 22.093565] [ 22.093621] allocated by task 307 on cpu 0 at 22.092957s (0.000660s ago): [ 22.093682] test_alloc+0x29c/0x628 [ 22.093722] test_invalid_addr_free+0xd4/0x238 [ 22.093763] kunit_try_run_case+0x170/0x3f0 [ 22.093801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.093845] kthread+0x328/0x630 [ 22.093878] ret_from_fork+0x10/0x20 [ 22.093917] [ 22.093961] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.094054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.094084] Hardware name: linux,dummy-virt (DT) [ 22.094120] ================================================================== [ 22.197051] ================================================================== [ 22.197139] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.197139] [ 22.197194] Invalid free of 0x00000000f5f1d063 (in kfence-#95): [ 22.197245] test_invalid_addr_free+0xec/0x238 [ 22.197290] kunit_try_run_case+0x170/0x3f0 [ 22.197331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.197376] kthread+0x328/0x630 [ 22.197413] ret_from_fork+0x10/0x20 [ 22.197450] [ 22.197474] kfence-#95: 0x0000000002f766ef-0x0000000075c9abe6, size=32, cache=test [ 22.197474] [ 22.197525] allocated by task 309 on cpu 0 at 22.196923s (0.000599s ago): [ 22.197586] test_alloc+0x230/0x628 [ 22.197625] test_invalid_addr_free+0xd4/0x238 [ 22.197666] kunit_try_run_case+0x170/0x3f0 [ 22.197704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.197746] kthread+0x328/0x630 [ 22.197782] ret_from_fork+0x10/0x20 [ 22.197821] [ 22.197861] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.197938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.197965] Hardware name: linux,dummy-virt (DT) [ 22.197999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.752182] ================================================================== [ 19.752247] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.752297] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.752571] [ 19.752841] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.753059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.753124] Hardware name: linux,dummy-virt (DT) [ 19.753195] Call trace: [ 19.753294] show_stack+0x20/0x38 (C) [ 19.753392] dump_stack_lvl+0x8c/0xd0 [ 19.753455] print_report+0x118/0x608 [ 19.753504] kasan_report+0xdc/0x128 [ 19.753921] kasan_check_range+0x100/0x1a8 [ 19.754153] __kasan_check_write+0x20/0x30 [ 19.754382] kasan_atomics_helper+0x147c/0x4858 [ 19.754460] kasan_atomics+0x198/0x2e0 [ 19.754629] kunit_try_run_case+0x170/0x3f0 [ 19.754735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.755135] kthread+0x328/0x630 [ 19.755619] ret_from_fork+0x10/0x20 [ 19.755772] [ 19.755829] Allocated by task 265: [ 19.755992] kasan_save_stack+0x3c/0x68 [ 19.756126] kasan_save_track+0x20/0x40 [ 19.756733] kasan_save_alloc_info+0x40/0x58 [ 19.756956] __kasan_kmalloc+0xd4/0xd8 [ 19.757153] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.757228] kasan_atomics+0xb8/0x2e0 [ 19.757559] kunit_try_run_case+0x170/0x3f0 [ 19.757610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.757749] kthread+0x328/0x630 [ 19.758059] ret_from_fork+0x10/0x20 [ 19.758212] [ 19.758392] The buggy address belongs to the object at fff00000c65c5b80 [ 19.758392] which belongs to the cache kmalloc-64 of size 64 [ 19.758642] The buggy address is located 0 bytes to the right of [ 19.758642] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.758715] [ 19.758737] The buggy address belongs to the physical page: [ 19.758771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.759529] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.759642] page_type: f5(slab) [ 19.759687] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.760102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.760390] page dumped because: kasan: bad access detected [ 19.760547] [ 19.760569] Memory state around the buggy address: [ 19.760606] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.760664] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.760982] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.761057] ^ [ 19.761179] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.761281] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.761425] ================================================================== [ 19.778562] ================================================================== [ 19.778680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.778788] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.778840] [ 19.778890] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.779064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.779096] Hardware name: linux,dummy-virt (DT) [ 19.779149] Call trace: [ 19.779493] show_stack+0x20/0x38 (C) [ 19.779870] dump_stack_lvl+0x8c/0xd0 [ 19.779947] print_report+0x118/0x608 [ 19.780042] kasan_report+0xdc/0x128 [ 19.780095] kasan_check_range+0x100/0x1a8 [ 19.780391] __kasan_check_write+0x20/0x30 [ 19.780549] kasan_atomics_helper+0x15b4/0x4858 [ 19.780666] kasan_atomics+0x198/0x2e0 [ 19.780857] kunit_try_run_case+0x170/0x3f0 [ 19.781090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.781217] kthread+0x328/0x630 [ 19.781348] ret_from_fork+0x10/0x20 [ 19.781430] [ 19.781588] Allocated by task 265: [ 19.781660] kasan_save_stack+0x3c/0x68 [ 19.781827] kasan_save_track+0x20/0x40 [ 19.781945] kasan_save_alloc_info+0x40/0x58 [ 19.782069] __kasan_kmalloc+0xd4/0xd8 [ 19.782244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.782540] kasan_atomics+0xb8/0x2e0 [ 19.782587] kunit_try_run_case+0x170/0x3f0 [ 19.782629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.782695] kthread+0x328/0x630 [ 19.782729] ret_from_fork+0x10/0x20 [ 19.782767] [ 19.782788] The buggy address belongs to the object at fff00000c65c5b80 [ 19.782788] which belongs to the cache kmalloc-64 of size 64 [ 19.782850] The buggy address is located 0 bytes to the right of [ 19.782850] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.782922] [ 19.782943] The buggy address belongs to the physical page: [ 19.782988] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.783063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.783120] page_type: f5(slab) [ 19.783179] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.783239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.783283] page dumped because: kasan: bad access detected [ 19.783316] [ 19.783345] Memory state around the buggy address: [ 19.783379] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.783437] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.783493] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.783551] ^ [ 19.783588] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.783641] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.783686] ================================================================== [ 19.662373] ================================================================== [ 19.662509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.662735] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.663020] [ 19.663083] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.663465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.663644] Hardware name: linux,dummy-virt (DT) [ 19.663681] Call trace: [ 19.663963] show_stack+0x20/0x38 (C) [ 19.664126] dump_stack_lvl+0x8c/0xd0 [ 19.664219] print_report+0x118/0x608 [ 19.664298] kasan_report+0xdc/0x128 [ 19.664434] kasan_check_range+0x100/0x1a8 [ 19.664540] __kasan_check_write+0x20/0x30 [ 19.664591] kasan_atomics_helper+0xf88/0x4858 [ 19.664639] kasan_atomics+0x198/0x2e0 [ 19.664978] kunit_try_run_case+0x170/0x3f0 [ 19.665089] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.665545] kthread+0x328/0x630 [ 19.665688] ret_from_fork+0x10/0x20 [ 19.665902] [ 19.665999] Allocated by task 265: [ 19.666044] kasan_save_stack+0x3c/0x68 [ 19.666427] kasan_save_track+0x20/0x40 [ 19.666511] kasan_save_alloc_info+0x40/0x58 [ 19.666584] __kasan_kmalloc+0xd4/0xd8 [ 19.667107] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.667199] kasan_atomics+0xb8/0x2e0 [ 19.667322] kunit_try_run_case+0x170/0x3f0 [ 19.667364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667859] kthread+0x328/0x630 [ 19.668039] ret_from_fork+0x10/0x20 [ 19.668104] [ 19.668147] The buggy address belongs to the object at fff00000c65c5b80 [ 19.668147] which belongs to the cache kmalloc-64 of size 64 [ 19.668208] The buggy address is located 0 bytes to the right of [ 19.668208] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.668361] [ 19.668389] The buggy address belongs to the physical page: [ 19.668447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.668500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.668869] page_type: f5(slab) [ 19.668999] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.669276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.669330] page dumped because: kasan: bad access detected [ 19.669364] [ 19.669491] Memory state around the buggy address: [ 19.669541] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.669659] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.669779] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.669864] ^ [ 19.670294] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670473] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670546] ================================================================== [ 19.685818] ================================================================== [ 19.685870] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.685917] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.685968] [ 19.685997] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.686126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.687076] Hardware name: linux,dummy-virt (DT) [ 19.687119] Call trace: [ 19.687144] show_stack+0x20/0x38 (C) [ 19.687207] dump_stack_lvl+0x8c/0xd0 [ 19.687255] print_report+0x118/0x608 [ 19.687328] kasan_report+0xdc/0x128 [ 19.687651] kasan_check_range+0x100/0x1a8 [ 19.688131] __kasan_check_write+0x20/0x30 [ 19.688243] kasan_atomics_helper+0x10c0/0x4858 [ 19.688330] kasan_atomics+0x198/0x2e0 [ 19.688543] kunit_try_run_case+0x170/0x3f0 [ 19.688596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.688685] kthread+0x328/0x630 [ 19.688729] ret_from_fork+0x10/0x20 [ 19.689088] [ 19.689400] Allocated by task 265: [ 19.689473] kasan_save_stack+0x3c/0x68 [ 19.689610] kasan_save_track+0x20/0x40 [ 19.689739] kasan_save_alloc_info+0x40/0x58 [ 19.689820] __kasan_kmalloc+0xd4/0xd8 [ 19.689999] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.690510] kasan_atomics+0xb8/0x2e0 [ 19.690759] kunit_try_run_case+0x170/0x3f0 [ 19.690851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.691163] kthread+0x328/0x630 [ 19.691377] ret_from_fork+0x10/0x20 [ 19.691450] [ 19.691552] The buggy address belongs to the object at fff00000c65c5b80 [ 19.691552] which belongs to the cache kmalloc-64 of size 64 [ 19.691735] The buggy address is located 0 bytes to the right of [ 19.691735] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.691853] [ 19.692248] The buggy address belongs to the physical page: [ 19.692330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.692409] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.692837] page_type: f5(slab) [ 19.692893] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.692981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.693182] page dumped because: kasan: bad access detected [ 19.693281] [ 19.693311] Memory state around the buggy address: [ 19.693354] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.693400] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.693443] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.693787] ^ [ 19.694252] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.694656] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.694733] ================================================================== [ 19.625943] ================================================================== [ 19.626618] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.626691] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.626751] [ 19.627127] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.627519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.627588] Hardware name: linux,dummy-virt (DT) [ 19.627624] Call trace: [ 19.627650] show_stack+0x20/0x38 (C) [ 19.627705] dump_stack_lvl+0x8c/0xd0 [ 19.627839] print_report+0x118/0x608 [ 19.627894] kasan_report+0xdc/0x128 [ 19.627942] kasan_check_range+0x100/0x1a8 [ 19.628277] __kasan_check_write+0x20/0x30 [ 19.628365] kasan_atomics_helper+0xe44/0x4858 [ 19.628424] kasan_atomics+0x198/0x2e0 [ 19.628735] kunit_try_run_case+0x170/0x3f0 [ 19.628901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.629090] kthread+0x328/0x630 [ 19.629221] ret_from_fork+0x10/0x20 [ 19.629304] [ 19.629326] Allocated by task 265: [ 19.629363] kasan_save_stack+0x3c/0x68 [ 19.629404] kasan_save_track+0x20/0x40 [ 19.629762] kasan_save_alloc_info+0x40/0x58 [ 19.629835] __kasan_kmalloc+0xd4/0xd8 [ 19.630311] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.630374] kasan_atomics+0xb8/0x2e0 [ 19.630414] kunit_try_run_case+0x170/0x3f0 [ 19.630564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.630654] kthread+0x328/0x630 [ 19.631176] ret_from_fork+0x10/0x20 [ 19.631606] [ 19.631718] The buggy address belongs to the object at fff00000c65c5b80 [ 19.631718] which belongs to the cache kmalloc-64 of size 64 [ 19.632271] The buggy address is located 0 bytes to the right of [ 19.632271] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.632707] [ 19.632759] The buggy address belongs to the physical page: [ 19.633153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.633220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.633291] page_type: f5(slab) [ 19.633332] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.633658] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.633756] page dumped because: kasan: bad access detected [ 19.634088] [ 19.634150] Memory state around the buggy address: [ 19.634203] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.634408] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.634452] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.635098] ^ [ 19.635163] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635244] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635612] ================================================================== [ 19.783889] ================================================================== [ 19.783956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.784014] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.784755] [ 19.784863] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.785258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.785809] Hardware name: linux,dummy-virt (DT) [ 19.786118] Call trace: [ 19.786177] show_stack+0x20/0x38 (C) [ 19.786236] dump_stack_lvl+0x8c/0xd0 [ 19.786609] print_report+0x118/0x608 [ 19.787075] kasan_report+0xdc/0x128 [ 19.787242] __asan_report_load8_noabort+0x20/0x30 [ 19.787403] kasan_atomics_helper+0x3db0/0x4858 [ 19.787485] kasan_atomics+0x198/0x2e0 [ 19.787910] kunit_try_run_case+0x170/0x3f0 [ 19.788319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.788475] kthread+0x328/0x630 [ 19.788693] ret_from_fork+0x10/0x20 [ 19.788951] [ 19.789060] Allocated by task 265: [ 19.789137] kasan_save_stack+0x3c/0x68 [ 19.789320] kasan_save_track+0x20/0x40 [ 19.789520] kasan_save_alloc_info+0x40/0x58 [ 19.789605] __kasan_kmalloc+0xd4/0xd8 [ 19.789767] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.789865] kasan_atomics+0xb8/0x2e0 [ 19.790006] kunit_try_run_case+0x170/0x3f0 [ 19.790058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.790259] kthread+0x328/0x630 [ 19.790478] ret_from_fork+0x10/0x20 [ 19.790542] [ 19.790956] The buggy address belongs to the object at fff00000c65c5b80 [ 19.790956] which belongs to the cache kmalloc-64 of size 64 [ 19.791065] The buggy address is located 0 bytes to the right of [ 19.791065] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.791247] [ 19.791311] The buggy address belongs to the physical page: [ 19.791463] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.791574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.791629] page_type: f5(slab) [ 19.791669] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.792042] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.792136] page dumped because: kasan: bad access detected [ 19.792215] [ 19.792510] Memory state around the buggy address: [ 19.792556] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.792627] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.792674] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.793116] ^ [ 19.793340] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.793547] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.793721] ================================================================== [ 19.762710] ================================================================== [ 19.762908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.763006] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.763185] [ 19.763279] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.763366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.763395] Hardware name: linux,dummy-virt (DT) [ 19.763454] Call trace: [ 19.763479] show_stack+0x20/0x38 (C) [ 19.763550] dump_stack_lvl+0x8c/0xd0 [ 19.763599] print_report+0x118/0x608 [ 19.763656] kasan_report+0xdc/0x128 [ 19.763703] kasan_check_range+0x100/0x1a8 [ 19.763754] __kasan_check_write+0x20/0x30 [ 19.763805] kasan_atomics_helper+0x14e4/0x4858 [ 19.763863] kasan_atomics+0x198/0x2e0 [ 19.763910] kunit_try_run_case+0x170/0x3f0 [ 19.763967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.764019] kthread+0x328/0x630 [ 19.764073] ret_from_fork+0x10/0x20 [ 19.764119] [ 19.764150] Allocated by task 265: [ 19.764179] kasan_save_stack+0x3c/0x68 [ 19.764221] kasan_save_track+0x20/0x40 [ 19.764258] kasan_save_alloc_info+0x40/0x58 [ 19.764299] __kasan_kmalloc+0xd4/0xd8 [ 19.764336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.764385] kasan_atomics+0xb8/0x2e0 [ 19.764422] kunit_try_run_case+0x170/0x3f0 [ 19.764470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.764652] kthread+0x328/0x630 [ 19.764833] ret_from_fork+0x10/0x20 [ 19.765537] [ 19.765681] The buggy address belongs to the object at fff00000c65c5b80 [ 19.765681] which belongs to the cache kmalloc-64 of size 64 [ 19.765879] The buggy address is located 0 bytes to the right of [ 19.765879] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.766155] [ 19.766403] The buggy address belongs to the physical page: [ 19.766451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.766542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.766884] page_type: f5(slab) [ 19.766957] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.767302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.767506] page dumped because: kasan: bad access detected [ 19.767621] [ 19.767773] Memory state around the buggy address: [ 19.767959] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.768102] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.768198] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.768368] ^ [ 19.768439] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768628] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.768670] ================================================================== [ 19.729334] ================================================================== [ 19.729601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.729670] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.729721] [ 19.729940] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.730057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.730088] Hardware name: linux,dummy-virt (DT) [ 19.730119] Call trace: [ 19.730143] show_stack+0x20/0x38 (C) [ 19.730192] dump_stack_lvl+0x8c/0xd0 [ 19.730243] print_report+0x118/0x608 [ 19.730290] kasan_report+0xdc/0x128 [ 19.730348] kasan_check_range+0x100/0x1a8 [ 19.730398] __kasan_check_write+0x20/0x30 [ 19.730452] kasan_atomics_helper+0x1384/0x4858 [ 19.730510] kasan_atomics+0x198/0x2e0 [ 19.730564] kunit_try_run_case+0x170/0x3f0 [ 19.730630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.730686] kthread+0x328/0x630 [ 19.730729] ret_from_fork+0x10/0x20 [ 19.730793] [ 19.730814] Allocated by task 265: [ 19.730844] kasan_save_stack+0x3c/0x68 [ 19.730884] kasan_save_track+0x20/0x40 [ 19.730923] kasan_save_alloc_info+0x40/0x58 [ 19.730963] __kasan_kmalloc+0xd4/0xd8 [ 19.731001] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.731603] kasan_atomics+0xb8/0x2e0 [ 19.731664] kunit_try_run_case+0x170/0x3f0 [ 19.731714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.731771] kthread+0x328/0x630 [ 19.731805] ret_from_fork+0x10/0x20 [ 19.731841] [ 19.732012] The buggy address belongs to the object at fff00000c65c5b80 [ 19.732012] which belongs to the cache kmalloc-64 of size 64 [ 19.732239] The buggy address is located 0 bytes to the right of [ 19.732239] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.732320] [ 19.732545] The buggy address belongs to the physical page: [ 19.732691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.732768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.733055] page_type: f5(slab) [ 19.733162] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.733319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.733689] page dumped because: kasan: bad access detected [ 19.733740] [ 19.733760] Memory state around the buggy address: [ 19.733805] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.734115] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.734435] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.734661] ^ [ 19.734705] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.735373] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.735484] ================================================================== [ 19.746214] ================================================================== [ 19.746661] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.746731] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.746807] [ 19.746885] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.747057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.747170] Hardware name: linux,dummy-virt (DT) [ 19.747205] Call trace: [ 19.747245] show_stack+0x20/0x38 (C) [ 19.747490] dump_stack_lvl+0x8c/0xd0 [ 19.747696] print_report+0x118/0x608 [ 19.747772] kasan_report+0xdc/0x128 [ 19.747824] kasan_check_range+0x100/0x1a8 [ 19.748127] __kasan_check_write+0x20/0x30 [ 19.748191] kasan_atomics_helper+0x1414/0x4858 [ 19.748273] kasan_atomics+0x198/0x2e0 [ 19.748323] kunit_try_run_case+0x170/0x3f0 [ 19.748698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.748776] kthread+0x328/0x630 [ 19.748819] ret_from_fork+0x10/0x20 [ 19.748883] [ 19.748904] Allocated by task 265: [ 19.748935] kasan_save_stack+0x3c/0x68 [ 19.748984] kasan_save_track+0x20/0x40 [ 19.749025] kasan_save_alloc_info+0x40/0x58 [ 19.749078] __kasan_kmalloc+0xd4/0xd8 [ 19.749116] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.749165] kasan_atomics+0xb8/0x2e0 [ 19.749206] kunit_try_run_case+0x170/0x3f0 [ 19.749244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.749291] kthread+0x328/0x630 [ 19.749325] ret_from_fork+0x10/0x20 [ 19.749362] [ 19.749399] The buggy address belongs to the object at fff00000c65c5b80 [ 19.749399] which belongs to the cache kmalloc-64 of size 64 [ 19.749459] The buggy address is located 0 bytes to the right of [ 19.749459] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.749529] [ 19.749571] The buggy address belongs to the physical page: [ 19.749605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.749657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.749704] page_type: f5(slab) [ 19.749741] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.749794] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.749837] page dumped because: kasan: bad access detected [ 19.749870] [ 19.749898] Memory state around the buggy address: [ 19.749935] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.749980] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.750024] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.750088] ^ [ 19.750137] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.750208] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751011] ================================================================== [ 19.819226] ================================================================== [ 19.819285] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.819337] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.819388] [ 19.819420] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.819960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.820046] Hardware name: linux,dummy-virt (DT) [ 19.820216] Call trace: [ 19.820253] show_stack+0x20/0x38 (C) [ 19.820550] dump_stack_lvl+0x8c/0xd0 [ 19.820743] print_report+0x118/0x608 [ 19.820832] kasan_report+0xdc/0x128 [ 19.820967] __asan_report_load8_noabort+0x20/0x30 [ 19.821093] kasan_atomics_helper+0x3e10/0x4858 [ 19.821153] kasan_atomics+0x198/0x2e0 [ 19.821200] kunit_try_run_case+0x170/0x3f0 [ 19.821250] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.821305] kthread+0x328/0x630 [ 19.821348] ret_from_fork+0x10/0x20 [ 19.822142] [ 19.822242] Allocated by task 265: [ 19.822331] kasan_save_stack+0x3c/0x68 [ 19.822499] kasan_save_track+0x20/0x40 [ 19.822588] kasan_save_alloc_info+0x40/0x58 [ 19.823063] __kasan_kmalloc+0xd4/0xd8 [ 19.823116] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.823157] kasan_atomics+0xb8/0x2e0 [ 19.823205] kunit_try_run_case+0x170/0x3f0 [ 19.823243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.823289] kthread+0x328/0x630 [ 19.823332] ret_from_fork+0x10/0x20 [ 19.823372] [ 19.823402] The buggy address belongs to the object at fff00000c65c5b80 [ 19.823402] which belongs to the cache kmalloc-64 of size 64 [ 19.823462] The buggy address is located 0 bytes to the right of [ 19.823462] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.823530] [ 19.823562] The buggy address belongs to the physical page: [ 19.823604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.823660] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.823709] page_type: f5(slab) [ 19.823759] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.823812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.823856] page dumped because: kasan: bad access detected [ 19.823890] [ 19.823927] Memory state around the buggy address: [ 19.823962] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.824008] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.824072] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.824290] ^ [ 19.824638] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.825416] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.825471] ================================================================== [ 19.769770] ================================================================== [ 19.769866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.770215] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.770294] [ 19.770563] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.770727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.770759] Hardware name: linux,dummy-virt (DT) [ 19.770821] Call trace: [ 19.770851] show_stack+0x20/0x38 (C) [ 19.771199] dump_stack_lvl+0x8c/0xd0 [ 19.771277] print_report+0x118/0x608 [ 19.771508] kasan_report+0xdc/0x128 [ 19.771744] kasan_check_range+0x100/0x1a8 [ 19.771841] __kasan_check_write+0x20/0x30 [ 19.771892] kasan_atomics_helper+0x154c/0x4858 [ 19.771970] kasan_atomics+0x198/0x2e0 [ 19.772159] kunit_try_run_case+0x170/0x3f0 [ 19.772209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.772573] kthread+0x328/0x630 [ 19.772706] ret_from_fork+0x10/0x20 [ 19.772886] [ 19.772921] Allocated by task 265: [ 19.772952] kasan_save_stack+0x3c/0x68 [ 19.773044] kasan_save_track+0x20/0x40 [ 19.773084] kasan_save_alloc_info+0x40/0x58 [ 19.773495] __kasan_kmalloc+0xd4/0xd8 [ 19.773868] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.773984] kasan_atomics+0xb8/0x2e0 [ 19.774184] kunit_try_run_case+0x170/0x3f0 [ 19.774291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.774386] kthread+0x328/0x630 [ 19.774422] ret_from_fork+0x10/0x20 [ 19.774586] [ 19.774800] The buggy address belongs to the object at fff00000c65c5b80 [ 19.774800] which belongs to the cache kmalloc-64 of size 64 [ 19.774900] The buggy address is located 0 bytes to the right of [ 19.774900] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.775355] [ 19.775387] The buggy address belongs to the physical page: [ 19.775422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.775587] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.775659] page_type: f5(slab) [ 19.775708] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.775767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.775820] page dumped because: kasan: bad access detected [ 19.775860] [ 19.775881] Memory state around the buggy address: [ 19.775915] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.775960] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.776013] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.776458] ^ [ 19.776531] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.776779] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.776826] ================================================================== [ 19.593385] ================================================================== [ 19.593435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.593484] Read of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.593533] [ 19.593565] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.593644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.593673] Hardware name: linux,dummy-virt (DT) [ 19.593704] Call trace: [ 19.593728] show_stack+0x20/0x38 (C) [ 19.593775] dump_stack_lvl+0x8c/0xd0 [ 19.593824] print_report+0x118/0x608 [ 19.593870] kasan_report+0xdc/0x128 [ 19.593917] __asan_report_load4_noabort+0x20/0x30 [ 19.593966] kasan_atomics_helper+0x3dd8/0x4858 [ 19.594016] kasan_atomics+0x198/0x2e0 [ 19.594079] kunit_try_run_case+0x170/0x3f0 [ 19.594125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594179] kthread+0x328/0x630 [ 19.594222] ret_from_fork+0x10/0x20 [ 19.594271] [ 19.594292] Allocated by task 265: [ 19.594321] kasan_save_stack+0x3c/0x68 [ 19.594362] kasan_save_track+0x20/0x40 [ 19.594402] kasan_save_alloc_info+0x40/0x58 [ 19.594444] __kasan_kmalloc+0xd4/0xd8 [ 19.594480] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.594520] kasan_atomics+0xb8/0x2e0 [ 19.594556] kunit_try_run_case+0x170/0x3f0 [ 19.594595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594639] kthread+0x328/0x630 [ 19.594672] ret_from_fork+0x10/0x20 [ 19.594709] [ 19.594730] The buggy address belongs to the object at fff00000c65c5b80 [ 19.594730] which belongs to the cache kmalloc-64 of size 64 [ 19.594788] The buggy address is located 0 bytes to the right of [ 19.594788] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.594853] [ 19.594874] The buggy address belongs to the physical page: [ 19.594907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.594958] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.595007] page_type: f5(slab) [ 19.595082] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.595168] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.595212] page dumped because: kasan: bad access detected [ 19.595243] [ 19.595264] Memory state around the buggy address: [ 19.595296] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.595340] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.595385] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.595425] ^ [ 19.595489] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.595533] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.595611] ================================================================== [ 19.702599] ================================================================== [ 19.702647] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.702695] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.702745] [ 19.702774] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.702856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.702883] Hardware name: linux,dummy-virt (DT) [ 19.702915] Call trace: [ 19.702938] show_stack+0x20/0x38 (C) [ 19.702987] dump_stack_lvl+0x8c/0xd0 [ 19.703048] print_report+0x118/0x608 [ 19.703098] kasan_report+0xdc/0x128 [ 19.703143] kasan_check_range+0x100/0x1a8 [ 19.703310] __kasan_check_write+0x20/0x30 [ 19.703500] kasan_atomics_helper+0x1190/0x4858 [ 19.703598] kasan_atomics+0x198/0x2e0 [ 19.703646] kunit_try_run_case+0x170/0x3f0 [ 19.703730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703980] kthread+0x328/0x630 [ 19.704039] ret_from_fork+0x10/0x20 [ 19.704086] [ 19.704108] Allocated by task 265: [ 19.704136] kasan_save_stack+0x3c/0x68 [ 19.704178] kasan_save_track+0x20/0x40 [ 19.704316] kasan_save_alloc_info+0x40/0x58 [ 19.704378] __kasan_kmalloc+0xd4/0xd8 [ 19.704415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.704495] kasan_atomics+0xb8/0x2e0 [ 19.704558] kunit_try_run_case+0x170/0x3f0 [ 19.704605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.704650] kthread+0x328/0x630 [ 19.704719] ret_from_fork+0x10/0x20 [ 19.704806] [ 19.704946] The buggy address belongs to the object at fff00000c65c5b80 [ 19.704946] which belongs to the cache kmalloc-64 of size 64 [ 19.705023] The buggy address is located 0 bytes to the right of [ 19.705023] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.705098] [ 19.705168] The buggy address belongs to the physical page: [ 19.705201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.705253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.705301] page_type: f5(slab) [ 19.705338] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.705390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.705433] page dumped because: kasan: bad access detected [ 19.705465] [ 19.705486] Memory state around the buggy address: [ 19.705519] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.705564] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.705811] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.705996] ^ [ 19.706103] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.706191] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.706241] ================================================================== [ 19.810253] ================================================================== [ 19.810598] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.810851] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.810917] [ 19.811130] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.811220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.811257] Hardware name: linux,dummy-virt (DT) [ 19.811290] Call trace: [ 19.811316] show_stack+0x20/0x38 (C) [ 19.811749] dump_stack_lvl+0x8c/0xd0 [ 19.812143] print_report+0x118/0x608 [ 19.812223] kasan_report+0xdc/0x128 [ 19.812488] kasan_check_range+0x100/0x1a8 [ 19.812608] __kasan_check_write+0x20/0x30 [ 19.812803] kasan_atomics_helper+0x16d0/0x4858 [ 19.813103] kasan_atomics+0x198/0x2e0 [ 19.813269] kunit_try_run_case+0x170/0x3f0 [ 19.813409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.813744] kthread+0x328/0x630 [ 19.813806] ret_from_fork+0x10/0x20 [ 19.814062] [ 19.814114] Allocated by task 265: [ 19.814190] kasan_save_stack+0x3c/0x68 [ 19.814295] kasan_save_track+0x20/0x40 [ 19.814631] kasan_save_alloc_info+0x40/0x58 [ 19.814862] __kasan_kmalloc+0xd4/0xd8 [ 19.814928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.815116] kasan_atomics+0xb8/0x2e0 [ 19.815179] kunit_try_run_case+0x170/0x3f0 [ 19.815240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.815288] kthread+0x328/0x630 [ 19.815333] ret_from_fork+0x10/0x20 [ 19.815370] [ 19.815407] The buggy address belongs to the object at fff00000c65c5b80 [ 19.815407] which belongs to the cache kmalloc-64 of size 64 [ 19.815469] The buggy address is located 0 bytes to the right of [ 19.815469] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.815545] [ 19.815582] The buggy address belongs to the physical page: [ 19.815630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.815687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.815753] page_type: f5(slab) [ 19.815803] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.815857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.815902] page dumped because: kasan: bad access detected [ 19.815942] [ 19.815964] Memory state around the buggy address: [ 19.816003] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.816069] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.816503] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.816594] ^ [ 19.817012] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817265] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817383] ================================================================== [ 19.595751] ================================================================== [ 19.595794] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.596296] Write of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.596358] [ 19.596418] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.596592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.596673] Hardware name: linux,dummy-virt (DT) [ 19.596873] Call trace: [ 19.596998] show_stack+0x20/0x38 (C) [ 19.597125] dump_stack_lvl+0x8c/0xd0 [ 19.597173] print_report+0x118/0x608 [ 19.597241] kasan_report+0xdc/0x128 [ 19.597635] kasan_check_range+0x100/0x1a8 [ 19.597984] __kasan_check_write+0x20/0x30 [ 19.598149] kasan_atomics_helper+0xd3c/0x4858 [ 19.598224] kasan_atomics+0x198/0x2e0 [ 19.598348] kunit_try_run_case+0x170/0x3f0 [ 19.598445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.598594] kthread+0x328/0x630 [ 19.598721] ret_from_fork+0x10/0x20 [ 19.599220] [ 19.599517] Allocated by task 265: [ 19.599578] kasan_save_stack+0x3c/0x68 [ 19.599700] kasan_save_track+0x20/0x40 [ 19.599740] kasan_save_alloc_info+0x40/0x58 [ 19.600163] __kasan_kmalloc+0xd4/0xd8 [ 19.600289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.600580] kasan_atomics+0xb8/0x2e0 [ 19.600715] kunit_try_run_case+0x170/0x3f0 [ 19.600826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.600877] kthread+0x328/0x630 [ 19.600912] ret_from_fork+0x10/0x20 [ 19.601334] [ 19.601398] The buggy address belongs to the object at fff00000c65c5b80 [ 19.601398] which belongs to the cache kmalloc-64 of size 64 [ 19.601509] The buggy address is located 0 bytes to the right of [ 19.601509] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.601795] [ 19.601952] The buggy address belongs to the physical page: [ 19.601990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.602075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.602270] page_type: f5(slab) [ 19.602494] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.602731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.602991] page dumped because: kasan: bad access detected [ 19.603045] [ 19.603065] Memory state around the buggy address: [ 19.603218] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.603511] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.603758] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.603805] ^ [ 19.603841] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.603886] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.604065] ================================================================== [ 19.554522] ================================================================== [ 19.554576] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dcc/0x4858 [ 19.554628] Read of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.554762] [ 19.554799] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.554952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.555010] Hardware name: linux,dummy-virt (DT) [ 19.555275] Call trace: [ 19.555402] show_stack+0x20/0x38 (C) [ 19.555456] dump_stack_lvl+0x8c/0xd0 [ 19.555533] print_report+0x118/0x608 [ 19.555624] kasan_report+0xdc/0x128 [ 19.555672] __asan_report_load4_noabort+0x20/0x30 [ 19.555722] kasan_atomics_helper+0x3dcc/0x4858 [ 19.555900] kasan_atomics+0x198/0x2e0 [ 19.555976] kunit_try_run_case+0x170/0x3f0 [ 19.556121] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.556197] kthread+0x328/0x630 [ 19.556318] ret_from_fork+0x10/0x20 [ 19.556395] [ 19.556422] Allocated by task 265: [ 19.556587] kasan_save_stack+0x3c/0x68 [ 19.556678] kasan_save_track+0x20/0x40 [ 19.556746] kasan_save_alloc_info+0x40/0x58 [ 19.556870] __kasan_kmalloc+0xd4/0xd8 [ 19.556991] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.557126] kasan_atomics+0xb8/0x2e0 [ 19.557296] kunit_try_run_case+0x170/0x3f0 [ 19.557387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.557461] kthread+0x328/0x630 [ 19.557758] ret_from_fork+0x10/0x20 [ 19.557835] [ 19.558003] The buggy address belongs to the object at fff00000c65c5b80 [ 19.558003] which belongs to the cache kmalloc-64 of size 64 [ 19.558276] The buggy address is located 0 bytes to the right of [ 19.558276] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.558478] [ 19.558545] The buggy address belongs to the physical page: [ 19.558615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.558740] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.558789] page_type: f5(slab) [ 19.558848] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.558902] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.559253] page dumped because: kasan: bad access detected [ 19.559362] [ 19.559468] Memory state around the buggy address: [ 19.559576] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.559640] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.559984] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.560123] ^ [ 19.560276] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.560371] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.560560] ================================================================== [ 19.605360] ================================================================== [ 19.605564] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.605633] Read of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.605684] [ 19.605886] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.606068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.606158] Hardware name: linux,dummy-virt (DT) [ 19.606490] Call trace: [ 19.606535] show_stack+0x20/0x38 (C) [ 19.606680] dump_stack_lvl+0x8c/0xd0 [ 19.606934] print_report+0x118/0x608 [ 19.607008] kasan_report+0xdc/0x128 [ 19.607072] __asan_report_load4_noabort+0x20/0x30 [ 19.607120] kasan_atomics_helper+0x3e04/0x4858 [ 19.607499] kasan_atomics+0x198/0x2e0 [ 19.607610] kunit_try_run_case+0x170/0x3f0 [ 19.607693] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.607872] kthread+0x328/0x630 [ 19.607939] ret_from_fork+0x10/0x20 [ 19.608026] [ 19.608199] Allocated by task 265: [ 19.608298] kasan_save_stack+0x3c/0x68 [ 19.608473] kasan_save_track+0x20/0x40 [ 19.608612] kasan_save_alloc_info+0x40/0x58 [ 19.608658] __kasan_kmalloc+0xd4/0xd8 [ 19.608731] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.608795] kasan_atomics+0xb8/0x2e0 [ 19.609264] kunit_try_run_case+0x170/0x3f0 [ 19.609619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.609687] kthread+0x328/0x630 [ 19.609721] ret_from_fork+0x10/0x20 [ 19.609871] [ 19.609898] The buggy address belongs to the object at fff00000c65c5b80 [ 19.609898] which belongs to the cache kmalloc-64 of size 64 [ 19.609958] The buggy address is located 0 bytes to the right of [ 19.609958] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.610094] [ 19.610194] The buggy address belongs to the physical page: [ 19.610284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.610636] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.610712] page_type: f5(slab) [ 19.610901] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.611094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.611140] page dumped because: kasan: bad access detected [ 19.611172] [ 19.611193] Memory state around the buggy address: [ 19.611288] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611335] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.611400] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.611448] ^ [ 19.611501] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.611547] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.611599] ================================================================== [ 19.671903] ================================================================== [ 19.671956] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.672394] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.672601] [ 19.672983] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.673120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.673263] Hardware name: linux,dummy-virt (DT) [ 19.673432] Call trace: [ 19.673468] show_stack+0x20/0x38 (C) [ 19.673881] dump_stack_lvl+0x8c/0xd0 [ 19.674006] print_report+0x118/0x608 [ 19.674390] kasan_report+0xdc/0x128 [ 19.674595] kasan_check_range+0x100/0x1a8 [ 19.674714] __kasan_check_write+0x20/0x30 [ 19.674990] kasan_atomics_helper+0xff0/0x4858 [ 19.675190] kasan_atomics+0x198/0x2e0 [ 19.675266] kunit_try_run_case+0x170/0x3f0 [ 19.675396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.675463] kthread+0x328/0x630 [ 19.675516] ret_from_fork+0x10/0x20 [ 19.675575] [ 19.675605] Allocated by task 265: [ 19.675645] kasan_save_stack+0x3c/0x68 [ 19.675686] kasan_save_track+0x20/0x40 [ 19.675736] kasan_save_alloc_info+0x40/0x58 [ 19.675811] __kasan_kmalloc+0xd4/0xd8 [ 19.675848] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.675906] kasan_atomics+0xb8/0x2e0 [ 19.675943] kunit_try_run_case+0x170/0x3f0 [ 19.675993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.676081] kthread+0x328/0x630 [ 19.676569] ret_from_fork+0x10/0x20 [ 19.676651] [ 19.676823] The buggy address belongs to the object at fff00000c65c5b80 [ 19.676823] which belongs to the cache kmalloc-64 of size 64 [ 19.677049] The buggy address is located 0 bytes to the right of [ 19.677049] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.677134] [ 19.677366] The buggy address belongs to the physical page: [ 19.677720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.677825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.677878] page_type: f5(slab) [ 19.678220] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.678311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.678553] page dumped because: kasan: bad access detected [ 19.678797] [ 19.678855] Memory state around the buggy address: [ 19.678931] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.679291] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.679349] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.679697] ^ [ 19.679846] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.679968] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.680409] ================================================================== [ 19.681451] ================================================================== [ 19.681770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.681841] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.682217] [ 19.682288] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.682375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.682402] Hardware name: linux,dummy-virt (DT) [ 19.682513] Call trace: [ 19.682539] show_stack+0x20/0x38 (C) [ 19.682638] dump_stack_lvl+0x8c/0xd0 [ 19.682990] print_report+0x118/0x608 [ 19.683104] kasan_report+0xdc/0x128 [ 19.683433] kasan_check_range+0x100/0x1a8 [ 19.683616] __kasan_check_write+0x20/0x30 [ 19.683671] kasan_atomics_helper+0x1058/0x4858 [ 19.683750] kasan_atomics+0x198/0x2e0 [ 19.683846] kunit_try_run_case+0x170/0x3f0 [ 19.684015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.684087] kthread+0x328/0x630 [ 19.684147] ret_from_fork+0x10/0x20 [ 19.684205] [ 19.684363] Allocated by task 265: [ 19.684404] kasan_save_stack+0x3c/0x68 [ 19.684476] kasan_save_track+0x20/0x40 [ 19.684526] kasan_save_alloc_info+0x40/0x58 [ 19.684567] __kasan_kmalloc+0xd4/0xd8 [ 19.684607] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.684646] kasan_atomics+0xb8/0x2e0 [ 19.684693] kunit_try_run_case+0x170/0x3f0 [ 19.684740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.684784] kthread+0x328/0x630 [ 19.684819] ret_from_fork+0x10/0x20 [ 19.684856] [ 19.684877] The buggy address belongs to the object at fff00000c65c5b80 [ 19.684877] which belongs to the cache kmalloc-64 of size 64 [ 19.684937] The buggy address is located 0 bytes to the right of [ 19.684937] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.685002] [ 19.685044] The buggy address belongs to the physical page: [ 19.685077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.685143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.685195] page_type: f5(slab) [ 19.685235] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.685288] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.685330] page dumped because: kasan: bad access detected [ 19.685372] [ 19.685393] Memory state around the buggy address: [ 19.685426] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.685478] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.685523] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.685564] ^ [ 19.685606] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.685652] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.685700] ================================================================== [ 19.547311] ================================================================== [ 19.547533] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 19.547626] Write of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.547688] [ 19.547785] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.547899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.547991] Hardware name: linux,dummy-virt (DT) [ 19.548038] Call trace: [ 19.548099] show_stack+0x20/0x38 (C) [ 19.548266] dump_stack_lvl+0x8c/0xd0 [ 19.548534] print_report+0x118/0x608 [ 19.548921] kasan_report+0xdc/0x128 [ 19.549670] kasan_check_range+0x100/0x1a8 [ 19.549760] __kasan_check_write+0x20/0x30 [ 19.549920] kasan_atomics_helper+0xad4/0x4858 [ 19.550075] kasan_atomics+0x198/0x2e0 [ 19.550128] kunit_try_run_case+0x170/0x3f0 [ 19.550296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.550481] kthread+0x328/0x630 [ 19.550590] ret_from_fork+0x10/0x20 [ 19.550800] [ 19.550824] Allocated by task 265: [ 19.550883] kasan_save_stack+0x3c/0x68 [ 19.551124] kasan_save_track+0x20/0x40 [ 19.551182] kasan_save_alloc_info+0x40/0x58 [ 19.551317] __kasan_kmalloc+0xd4/0xd8 [ 19.551369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.551411] kasan_atomics+0xb8/0x2e0 [ 19.551456] kunit_try_run_case+0x170/0x3f0 [ 19.551497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.551543] kthread+0x328/0x630 [ 19.551602] ret_from_fork+0x10/0x20 [ 19.551651] [ 19.551673] The buggy address belongs to the object at fff00000c65c5b80 [ 19.551673] which belongs to the cache kmalloc-64 of size 64 [ 19.551734] The buggy address is located 0 bytes to the right of [ 19.551734] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.551812] [ 19.551842] The buggy address belongs to the physical page: [ 19.551894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.551956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.552005] page_type: f5(slab) [ 19.552393] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.552627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.552735] page dumped because: kasan: bad access detected [ 19.552821] [ 19.552847] Memory state around the buggy address: [ 19.552886] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.552933] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.553235] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.553303] ^ [ 19.553473] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.553558] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.553607] ================================================================== [ 19.712090] ================================================================== [ 19.712141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.712190] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.712467] [ 19.712513] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.713003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.713049] Hardware name: linux,dummy-virt (DT) [ 19.713109] Call trace: [ 19.713135] show_stack+0x20/0x38 (C) [ 19.713185] dump_stack_lvl+0x8c/0xd0 [ 19.713235] print_report+0x118/0x608 [ 19.713323] kasan_report+0xdc/0x128 [ 19.713485] kasan_check_range+0x100/0x1a8 [ 19.713705] __kasan_check_write+0x20/0x30 [ 19.713833] kasan_atomics_helper+0x126c/0x4858 [ 19.714191] kasan_atomics+0x198/0x2e0 [ 19.714344] kunit_try_run_case+0x170/0x3f0 [ 19.714534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.714676] kthread+0x328/0x630 [ 19.714860] ret_from_fork+0x10/0x20 [ 19.715022] [ 19.715055] Allocated by task 265: [ 19.715087] kasan_save_stack+0x3c/0x68 [ 19.715339] kasan_save_track+0x20/0x40 [ 19.715586] kasan_save_alloc_info+0x40/0x58 [ 19.715703] __kasan_kmalloc+0xd4/0xd8 [ 19.715800] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.716152] kasan_atomics+0xb8/0x2e0 [ 19.716329] kunit_try_run_case+0x170/0x3f0 [ 19.716428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.716654] kthread+0x328/0x630 [ 19.716735] ret_from_fork+0x10/0x20 [ 19.716794] [ 19.716918] The buggy address belongs to the object at fff00000c65c5b80 [ 19.716918] which belongs to the cache kmalloc-64 of size 64 [ 19.717007] The buggy address is located 0 bytes to the right of [ 19.717007] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.717081] [ 19.717129] The buggy address belongs to the physical page: [ 19.717162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.717215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.717264] page_type: f5(slab) [ 19.717303] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.717355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.717438] page dumped because: kasan: bad access detected [ 19.717472] [ 19.717493] Memory state around the buggy address: [ 19.717527] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.717677] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.717726] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.717795] ^ [ 19.717880] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.718150] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.718195] ================================================================== [ 19.827125] ================================================================== [ 19.827187] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.827242] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.827498] [ 19.827673] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.827793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.827854] Hardware name: linux,dummy-virt (DT) [ 19.827889] Call trace: [ 19.827915] show_stack+0x20/0x38 (C) [ 19.828122] dump_stack_lvl+0x8c/0xd0 [ 19.828237] print_report+0x118/0x608 [ 19.828379] kasan_report+0xdc/0x128 [ 19.828438] kasan_check_range+0x100/0x1a8 [ 19.828671] __kasan_check_write+0x20/0x30 [ 19.828976] kasan_atomics_helper+0x175c/0x4858 [ 19.829124] kasan_atomics+0x198/0x2e0 [ 19.829175] kunit_try_run_case+0x170/0x3f0 [ 19.829379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.829446] kthread+0x328/0x630 [ 19.829597] ret_from_fork+0x10/0x20 [ 19.829773] [ 19.829995] Allocated by task 265: [ 19.830381] kasan_save_stack+0x3c/0x68 [ 19.830448] kasan_save_track+0x20/0x40 [ 19.830558] kasan_save_alloc_info+0x40/0x58 [ 19.830750] __kasan_kmalloc+0xd4/0xd8 [ 19.830795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.831456] kasan_atomics+0xb8/0x2e0 [ 19.831534] kunit_try_run_case+0x170/0x3f0 [ 19.831641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831776] kthread+0x328/0x630 [ 19.832176] ret_from_fork+0x10/0x20 [ 19.832476] [ 19.832524] The buggy address belongs to the object at fff00000c65c5b80 [ 19.832524] which belongs to the cache kmalloc-64 of size 64 [ 19.832607] The buggy address is located 0 bytes to the right of [ 19.832607] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.832688] [ 19.832712] The buggy address belongs to the physical page: [ 19.832768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.832824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.833235] page_type: f5(slab) [ 19.833300] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.833701] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.833803] page dumped because: kasan: bad access detected [ 19.833839] [ 19.834148] Memory state around the buggy address: [ 19.834218] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.834481] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.834535] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.834577] ^ [ 19.834621] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.834669] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.834727] ================================================================== [ 19.513811] ================================================================== [ 19.514046] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.514274] Read of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.514330] [ 19.514418] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.514868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.514928] Hardware name: linux,dummy-virt (DT) [ 19.514963] Call trace: [ 19.515093] show_stack+0x20/0x38 (C) [ 19.515158] dump_stack_lvl+0x8c/0xd0 [ 19.515280] print_report+0x118/0x608 [ 19.515335] kasan_report+0xdc/0x128 [ 19.515431] __asan_report_load4_noabort+0x20/0x30 [ 19.515484] kasan_atomics_helper+0x42d8/0x4858 [ 19.515839] kasan_atomics+0x198/0x2e0 [ 19.516580] [ 19.517398] kasan_save_alloc_info+0x40/0x58 [ 19.517686] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.518851] The buggy address is located 0 bytes to the right of [ 19.518851] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.520469] Memory state around the buggy address: [ 19.521906] ================================================================== [ 19.839847] ================================================================== [ 19.839912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.839960] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.840011] [ 19.840087] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.840649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.841189] Hardware name: linux,dummy-virt (DT) [ 19.841233] Call trace: [ 19.841257] show_stack+0x20/0x38 (C) [ 19.841310] dump_stack_lvl+0x8c/0xd0 [ 19.841415] print_report+0x118/0x608 [ 19.841488] kasan_report+0xdc/0x128 [ 19.841569] kasan_check_range+0x100/0x1a8 [ 19.841827] __kasan_check_write+0x20/0x30 [ 19.842252] kasan_atomics_helper+0x17ec/0x4858 [ 19.842433] kasan_atomics+0x198/0x2e0 [ 19.842487] kunit_try_run_case+0x170/0x3f0 [ 19.842764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.843359] kthread+0x328/0x630 [ 19.843495] ret_from_fork+0x10/0x20 [ 19.843613] [ 19.843703] Allocated by task 265: [ 19.843821] kasan_save_stack+0x3c/0x68 [ 19.843866] kasan_save_track+0x20/0x40 [ 19.844083] kasan_save_alloc_info+0x40/0x58 [ 19.844246] __kasan_kmalloc+0xd4/0xd8 [ 19.844628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.844735] kasan_atomics+0xb8/0x2e0 [ 19.844985] kunit_try_run_case+0x170/0x3f0 [ 19.845135] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.845328] kthread+0x328/0x630 [ 19.845373] ret_from_fork+0x10/0x20 [ 19.845436] [ 19.845480] The buggy address belongs to the object at fff00000c65c5b80 [ 19.845480] which belongs to the cache kmalloc-64 of size 64 [ 19.846057] The buggy address is located 0 bytes to the right of [ 19.846057] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.846461] [ 19.846518] The buggy address belongs to the physical page: [ 19.846589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.846658] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.846742] page_type: f5(slab) [ 19.847005] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.847227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.847428] page dumped because: kasan: bad access detected [ 19.847613] [ 19.847796] Memory state around the buggy address: [ 19.848093] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.848186] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.848353] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.848712] ^ [ 19.848795] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.848844] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.848989] ================================================================== [ 19.529272] ================================================================== [ 19.529325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.529374] Write of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.529764] [ 19.529816] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.530048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.530085] Hardware name: linux,dummy-virt (DT) [ 19.530119] Call trace: [ 19.530143] show_stack+0x20/0x38 (C) [ 19.530255] dump_stack_lvl+0x8c/0xd0 [ 19.530319] print_report+0x118/0x608 [ 19.530366] kasan_report+0xdc/0x128 [ 19.530411] kasan_check_range+0x100/0x1a8 [ 19.530475] __kasan_check_write+0x20/0x30 [ 19.530521] kasan_atomics_helper+0x99c/0x4858 [ 19.530585] kasan_atomics+0x198/0x2e0 [ 19.530644] kunit_try_run_case+0x170/0x3f0 [ 19.530702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.530756] kthread+0x328/0x630 [ 19.530797] ret_from_fork+0x10/0x20 [ 19.530854] [ 19.530883] Allocated by task 265: [ 19.530921] kasan_save_stack+0x3c/0x68 [ 19.530963] kasan_save_track+0x20/0x40 [ 19.531002] kasan_save_alloc_info+0x40/0x58 [ 19.531051] __kasan_kmalloc+0xd4/0xd8 [ 19.531089] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.531135] kasan_atomics+0xb8/0x2e0 [ 19.531173] kunit_try_run_case+0x170/0x3f0 [ 19.531212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.531255] kthread+0x328/0x630 [ 19.531294] ret_from_fork+0x10/0x20 [ 19.531330] [ 19.531352] The buggy address belongs to the object at fff00000c65c5b80 [ 19.531352] which belongs to the cache kmalloc-64 of size 64 [ 19.531413] The buggy address is located 0 bytes to the right of [ 19.531413] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.531485] [ 19.531507] The buggy address belongs to the physical page: [ 19.531538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.531589] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.531638] page_type: f5(slab) [ 19.531675] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.531728] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.531913] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.534917] kasan_atomics_helper+0xa04/0x4858 [ 19.535419] ret_from_fork+0x10/0x20 [ 19.535533] [ 19.535558] Allocated by task 265: [ 19.535642] kasan_save_stack+0x3c/0x68 [ 19.535719] kasan_save_track+0x20/0x40 [ 19.535799] kasan_save_alloc_info+0x40/0x58 [ 19.535848] __kasan_kmalloc+0xd4/0xd8 [ 19.535904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.535992] kasan_atomics+0xb8/0x2e0 [ 19.536081] kunit_try_run_case+0x170/0x3f0 [ 19.536140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.536233] kthread+0x328/0x630 [ 19.536271] ret_from_fork+0x10/0x20 [ 19.536338] [ 19.536376] The buggy address belongs to the object at fff00000c65c5b80 [ 19.536376] which belongs to the cache kmalloc-64 of size 64 [ 19.536477] The buggy address is located 0 bytes to the right of [ 19.536477] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.536847] [ 19.536918] The buggy address belongs to the physical page: [ 19.537060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.537174] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.537231] page_type: f5(slab) [ 19.537405] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.537613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.537723] page dumped because: kasan: bad access detected [ 19.537835] [ 19.537891] Memory state around the buggy address: [ 19.538000] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.538058] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.538262] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.538449] ^ [ 19.538487] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.538813] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.538930] ================================================================== [ 19.613575] ================================================================== [ 19.613831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.614013] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.614081] [ 19.614113] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.614373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.614498] Hardware name: linux,dummy-virt (DT) [ 19.614534] Call trace: [ 19.614574] show_stack+0x20/0x38 (C) [ 19.614824] dump_stack_lvl+0x8c/0xd0 [ 19.615010] print_report+0x118/0x608 [ 19.615095] kasan_report+0xdc/0x128 [ 19.615147] kasan_check_range+0x100/0x1a8 [ 19.615234] __kasan_check_read+0x20/0x30 [ 19.615343] kasan_atomics_helper+0xdd4/0x4858 [ 19.615430] kasan_atomics+0x198/0x2e0 [ 19.615506] kunit_try_run_case+0x170/0x3f0 [ 19.615782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.615884] kthread+0x328/0x630 [ 19.616021] ret_from_fork+0x10/0x20 [ 19.616104] [ 19.616359] Allocated by task 265: [ 19.616400] kasan_save_stack+0x3c/0x68 [ 19.616565] kasan_save_track+0x20/0x40 [ 19.616797] kasan_save_alloc_info+0x40/0x58 [ 19.616894] __kasan_kmalloc+0xd4/0xd8 [ 19.617222] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.617324] kasan_atomics+0xb8/0x2e0 [ 19.617453] kunit_try_run_case+0x170/0x3f0 [ 19.617497] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.617541] kthread+0x328/0x630 [ 19.617575] ret_from_fork+0x10/0x20 [ 19.617613] [ 19.617636] The buggy address belongs to the object at fff00000c65c5b80 [ 19.617636] which belongs to the cache kmalloc-64 of size 64 [ 19.617695] The buggy address is located 0 bytes to the right of [ 19.617695] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.617761] [ 19.618285] The buggy address belongs to the physical page: [ 19.618666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.618746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.619081] page_type: f5(slab) [ 19.619159] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.619349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.619445] page dumped because: kasan: bad access detected [ 19.619754] [ 19.619817] Memory state around the buggy address: [ 19.619906] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.620334] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.620446] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.620590] ^ [ 19.620675] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.621086] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.621209] ================================================================== [ 19.561613] ================================================================== [ 19.561691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 19.561743] Write of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.561878] [ 19.561913] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.562050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.562323] Hardware name: linux,dummy-virt (DT) [ 19.562385] Call trace: [ 19.562410] show_stack+0x20/0x38 (C) [ 19.562547] dump_stack_lvl+0x8c/0xd0 [ 19.562642] print_report+0x118/0x608 [ 19.562768] kasan_report+0xdc/0x128 [ 19.562824] kasan_check_range+0x100/0x1a8 [ 19.562941] __kasan_check_write+0x20/0x30 [ 19.563000] kasan_atomics_helper+0xb70/0x4858 [ 19.563062] kasan_atomics+0x198/0x2e0 [ 19.563115] kunit_try_run_case+0x170/0x3f0 [ 19.563164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.563218] kthread+0x328/0x630 [ 19.563260] ret_from_fork+0x10/0x20 [ 19.563317] [ 19.563346] Allocated by task 265: [ 19.563377] kasan_save_stack+0x3c/0x68 [ 19.563421] kasan_save_track+0x20/0x40 [ 19.563461] kasan_save_alloc_info+0x40/0x58 [ 19.563501] __kasan_kmalloc+0xd4/0xd8 [ 19.563539] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.563581] kasan_atomics+0xb8/0x2e0 [ 19.563618] kunit_try_run_case+0x170/0x3f0 [ 19.563871] The buggy address is located 0 bytes to the right of [ 19.563871] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.565475] ^ [ 19.567040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.568599] kasan_save_track+0x20/0x40 [ 19.570415] [ 19.572250] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.575338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.576222] kthread+0x328/0x630 [ 19.577791] [ 19.579142] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.583531] kasan_save_stack+0x3c/0x68 [ 19.584712] ret_from_fork+0x10/0x20 [ 19.585942] page_type: f5(slab) [ 19.587244] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.589667] kasan_report+0xdc/0x128 [ 19.591175] kthread+0x328/0x630 [ 19.591218] ret_from_fork+0x10/0x20 [ 19.591255] [ 19.591285] The buggy address belongs to the object at fff00000c65c5b80 [ 19.591285] which belongs to the cache kmalloc-64 of size 64 [ 19.591343] The buggy address is located 0 bytes to the right of [ 19.591343] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.591418] [ 19.591440] The buggy address belongs to the physical page: [ 19.591471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.591532] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.591588] page_type: f5(slab) [ 19.591639] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.591691] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.591730] page dumped because: kasan: bad access detected [ 19.591764] [ 19.591783] Memory state around the buggy address: [ 19.591816] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.591867] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.591914] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.591953] ^ [ 19.592004] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.592684] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.592739] ================================================================== [ 19.835767] ================================================================== [ 19.835817] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.835873] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.835926] [ 19.836221] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.836385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.836494] Hardware name: linux,dummy-virt (DT) [ 19.836543] Call trace: [ 19.836569] show_stack+0x20/0x38 (C) [ 19.836621] dump_stack_lvl+0x8c/0xd0 [ 19.836891] print_report+0x118/0x608 [ 19.837134] kasan_report+0xdc/0x128 [ 19.837239] __asan_report_load8_noabort+0x20/0x30 [ 19.837588] kasan_atomics_helper+0x3e20/0x4858 [ 19.837676] kasan_atomics+0x198/0x2e0 [ 19.837807] kunit_try_run_case+0x170/0x3f0 [ 19.837859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.838054] kthread+0x328/0x630 [ 19.838137] ret_from_fork+0x10/0x20 [ 19.838192] [ 19.838237] Allocated by task 265: [ 19.838273] kasan_save_stack+0x3c/0x68 [ 19.838335] kasan_save_track+0x20/0x40 [ 19.838374] kasan_save_alloc_info+0x40/0x58 [ 19.838416] __kasan_kmalloc+0xd4/0xd8 [ 19.838453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.838499] kasan_atomics+0xb8/0x2e0 [ 19.838537] kunit_try_run_case+0x170/0x3f0 [ 19.838587] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.838633] kthread+0x328/0x630 [ 19.838665] ret_from_fork+0x10/0x20 [ 19.838724] [ 19.838756] The buggy address belongs to the object at fff00000c65c5b80 [ 19.838756] which belongs to the cache kmalloc-64 of size 64 [ 19.838822] The buggy address is located 0 bytes to the right of [ 19.838822] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.838888] [ 19.838917] The buggy address belongs to the physical page: [ 19.838958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.839013] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.839073] page_type: f5(slab) [ 19.839121] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.839174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.839219] page dumped because: kasan: bad access detected [ 19.839252] [ 19.839275] Memory state around the buggy address: [ 19.839313] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.839359] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.839414] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.839464] ^ [ 19.839500] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.839556] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.839598] ================================================================== [ 19.795064] ================================================================== [ 19.795133] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.795188] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.795508] [ 19.795812] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.795929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.796011] Hardware name: linux,dummy-virt (DT) [ 19.796104] Call trace: [ 19.796191] show_stack+0x20/0x38 (C) [ 19.796245] dump_stack_lvl+0x8c/0xd0 [ 19.796349] print_report+0x118/0x608 [ 19.796397] kasan_report+0xdc/0x128 [ 19.796463] kasan_check_range+0x100/0x1a8 [ 19.796513] __kasan_check_write+0x20/0x30 [ 19.797216] kasan_atomics_helper+0x1644/0x4858 [ 19.797335] kasan_atomics+0x198/0x2e0 [ 19.797460] kunit_try_run_case+0x170/0x3f0 [ 19.797664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.797738] kthread+0x328/0x630 [ 19.797790] ret_from_fork+0x10/0x20 [ 19.797841] [ 19.798145] Allocated by task 265: [ 19.798522] kasan_save_stack+0x3c/0x68 [ 19.798604] kasan_save_track+0x20/0x40 [ 19.798648] kasan_save_alloc_info+0x40/0x58 [ 19.798742] __kasan_kmalloc+0xd4/0xd8 [ 19.798795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.798853] kasan_atomics+0xb8/0x2e0 [ 19.798892] kunit_try_run_case+0x170/0x3f0 [ 19.798931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.798978] kthread+0x328/0x630 [ 19.799022] ret_from_fork+0x10/0x20 [ 19.799090] [ 19.799114] The buggy address belongs to the object at fff00000c65c5b80 [ 19.799114] which belongs to the cache kmalloc-64 of size 64 [ 19.799184] The buggy address is located 0 bytes to the right of [ 19.799184] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.799260] [ 19.799296] The buggy address belongs to the physical page: [ 19.799362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.799425] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.799476] page_type: f5(slab) [ 19.799524] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.799587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.799640] page dumped because: kasan: bad access detected [ 19.799674] [ 19.799696] Memory state around the buggy address: [ 19.799739] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.799785] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.799839] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.799897] ^ [ 19.799935] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.799988] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.800827] ================================================================== [ 19.706821] ================================================================== [ 19.706874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.706921] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.706971] [ 19.706999] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.707178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.707285] Hardware name: linux,dummy-virt (DT) [ 19.707373] Call trace: [ 19.707513] show_stack+0x20/0x38 (C) [ 19.707610] dump_stack_lvl+0x8c/0xd0 [ 19.707662] print_report+0x118/0x608 [ 19.707708] kasan_report+0xdc/0x128 [ 19.707783] kasan_check_range+0x100/0x1a8 [ 19.707859] __kasan_check_write+0x20/0x30 [ 19.707931] kasan_atomics_helper+0x11f8/0x4858 [ 19.707981] kasan_atomics+0x198/0x2e0 [ 19.708026] kunit_try_run_case+0x170/0x3f0 [ 19.708393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.708543] kthread+0x328/0x630 [ 19.708656] ret_from_fork+0x10/0x20 [ 19.708801] [ 19.708871] Allocated by task 265: [ 19.709227] kasan_save_stack+0x3c/0x68 [ 19.709285] kasan_save_track+0x20/0x40 [ 19.709326] kasan_save_alloc_info+0x40/0x58 [ 19.709366] __kasan_kmalloc+0xd4/0xd8 [ 19.709404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.709598] kasan_atomics+0xb8/0x2e0 [ 19.709638] kunit_try_run_case+0x170/0x3f0 [ 19.709676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.709721] kthread+0x328/0x630 [ 19.709755] ret_from_fork+0x10/0x20 [ 19.709792] [ 19.709815] The buggy address belongs to the object at fff00000c65c5b80 [ 19.709815] which belongs to the cache kmalloc-64 of size 64 [ 19.709973] The buggy address is located 0 bytes to the right of [ 19.709973] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.710137] [ 19.710217] The buggy address belongs to the physical page: [ 19.710282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.710361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.710449] page_type: f5(slab) [ 19.710737] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.710879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.711044] page dumped because: kasan: bad access detected [ 19.711130] [ 19.711155] Memory state around the buggy address: [ 19.711190] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.711237] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.711522] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.711579] ^ [ 19.711625] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.711676] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.711722] ================================================================== [ 19.622058] ================================================================== [ 19.622113] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.622164] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.622226] [ 19.622258] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.622355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.622394] Hardware name: linux,dummy-virt (DT) [ 19.622425] Call trace: [ 19.622454] show_stack+0x20/0x38 (C) [ 19.622503] dump_stack_lvl+0x8c/0xd0 [ 19.622552] print_report+0x118/0x608 [ 19.622598] kasan_report+0xdc/0x128 [ 19.622645] __asan_report_load8_noabort+0x20/0x30 [ 19.622692] kasan_atomics_helper+0x3f58/0x4858 [ 19.622743] kasan_atomics+0x198/0x2e0 [ 19.622788] kunit_try_run_case+0x170/0x3f0 [ 19.622837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.622890] kthread+0x328/0x630 [ 19.622934] ret_from_fork+0x10/0x20 [ 19.622980] [ 19.623000] Allocated by task 265: [ 19.623044] kasan_save_stack+0x3c/0x68 [ 19.623087] kasan_save_track+0x20/0x40 [ 19.623126] kasan_save_alloc_info+0x40/0x58 [ 19.623168] __kasan_kmalloc+0xd4/0xd8 [ 19.623206] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.623246] kasan_atomics+0xb8/0x2e0 [ 19.623283] kunit_try_run_case+0x170/0x3f0 [ 19.623321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.623371] kthread+0x328/0x630 [ 19.623407] ret_from_fork+0x10/0x20 [ 19.623443] [ 19.623465] The buggy address belongs to the object at fff00000c65c5b80 [ 19.623465] which belongs to the cache kmalloc-64 of size 64 [ 19.623522] The buggy address is located 0 bytes to the right of [ 19.623522] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.623588] [ 19.623608] The buggy address belongs to the physical page: [ 19.623641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.623693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.623741] page_type: f5(slab) [ 19.623780] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.623832] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.623885] page dumped because: kasan: bad access detected [ 19.623919] [ 19.623943] Memory state around the buggy address: [ 19.623974] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.624037] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.624656] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.625260] ^ [ 19.625314] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.625361] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.625402] ================================================================== [ 19.801241] ================================================================== [ 19.801689] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.801761] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.801814] [ 19.802183] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.802407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.802502] Hardware name: linux,dummy-virt (DT) [ 19.802537] Call trace: [ 19.802620] show_stack+0x20/0x38 (C) [ 19.802675] dump_stack_lvl+0x8c/0xd0 [ 19.802850] print_report+0x118/0x608 [ 19.802913] kasan_report+0xdc/0x128 [ 19.803138] __asan_report_load8_noabort+0x20/0x30 [ 19.803321] kasan_atomics_helper+0x3df4/0x4858 [ 19.803386] kasan_atomics+0x198/0x2e0 [ 19.803685] kunit_try_run_case+0x170/0x3f0 [ 19.803767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.803970] kthread+0x328/0x630 [ 19.804045] ret_from_fork+0x10/0x20 [ 19.804264] [ 19.804315] Allocated by task 265: [ 19.804349] kasan_save_stack+0x3c/0x68 [ 19.804396] kasan_save_track+0x20/0x40 [ 19.804543] kasan_save_alloc_info+0x40/0x58 [ 19.804595] __kasan_kmalloc+0xd4/0xd8 [ 19.804659] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.804709] kasan_atomics+0xb8/0x2e0 [ 19.805108] kunit_try_run_case+0x170/0x3f0 [ 19.805323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.805448] kthread+0x328/0x630 [ 19.805613] ret_from_fork+0x10/0x20 [ 19.805786] [ 19.805855] The buggy address belongs to the object at fff00000c65c5b80 [ 19.805855] which belongs to the cache kmalloc-64 of size 64 [ 19.805997] The buggy address is located 0 bytes to the right of [ 19.805997] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.806680] [ 19.806842] The buggy address belongs to the physical page: [ 19.806895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.806960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.807318] page_type: f5(slab) [ 19.807405] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.807749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.807824] page dumped because: kasan: bad access detected [ 19.807861] [ 19.807883] Memory state around the buggy address: [ 19.808231] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808461] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808649] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.808712] ^ [ 19.808874] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.808927] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.809198] ================================================================== [ 19.637622] ================================================================== [ 19.637680] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.637741] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.637793] [ 19.638104] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.638618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638667] Hardware name: linux,dummy-virt (DT) [ 19.638748] Call trace: [ 19.638773] show_stack+0x20/0x38 (C) [ 19.638828] dump_stack_lvl+0x8c/0xd0 [ 19.638902] print_report+0x118/0x608 [ 19.639070] kasan_report+0xdc/0x128 [ 19.639123] __asan_report_store8_noabort+0x20/0x30 [ 19.639214] kasan_atomics_helper+0x3e5c/0x4858 [ 19.639582] kasan_atomics+0x198/0x2e0 [ 19.639962] kunit_try_run_case+0x170/0x3f0 [ 19.640139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.640203] kthread+0x328/0x630 [ 19.640247] ret_from_fork+0x10/0x20 [ 19.640396] [ 19.640420] Allocated by task 265: [ 19.640457] kasan_save_stack+0x3c/0x68 [ 19.640509] kasan_save_track+0x20/0x40 [ 19.640727] kasan_save_alloc_info+0x40/0x58 [ 19.640965] __kasan_kmalloc+0xd4/0xd8 [ 19.641038] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.641495] kasan_atomics+0xb8/0x2e0 [ 19.641724] kunit_try_run_case+0x170/0x3f0 [ 19.641818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.641893] kthread+0x328/0x630 [ 19.642063] ret_from_fork+0x10/0x20 [ 19.642105] [ 19.642127] The buggy address belongs to the object at fff00000c65c5b80 [ 19.642127] which belongs to the cache kmalloc-64 of size 64 [ 19.642194] The buggy address is located 0 bytes to the right of [ 19.642194] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.642467] [ 19.642660] The buggy address belongs to the physical page: [ 19.642978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.643479] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.643624] page_type: f5(slab) [ 19.644300] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.644386] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.644452] page dumped because: kasan: bad access detected [ 19.644753] [ 19.644922] Memory state around the buggy address: [ 19.644961] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.645008] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.645070] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.645110] ^ [ 19.645146] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.645191] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.645232] ================================================================== [ 19.646902] ================================================================== [ 19.647129] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.647190] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.647355] [ 19.647394] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.647590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.647623] Hardware name: linux,dummy-virt (DT) [ 19.647654] Call trace: [ 19.647932] show_stack+0x20/0x38 (C) [ 19.648211] dump_stack_lvl+0x8c/0xd0 [ 19.648296] print_report+0x118/0x608 [ 19.648433] kasan_report+0xdc/0x128 [ 19.648581] kasan_check_range+0x100/0x1a8 [ 19.648677] __kasan_check_write+0x20/0x30 [ 19.648749] kasan_atomics_helper+0xeb8/0x4858 [ 19.648875] kasan_atomics+0x198/0x2e0 [ 19.648922] kunit_try_run_case+0x170/0x3f0 [ 19.648970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.649022] kthread+0x328/0x630 [ 19.649076] ret_from_fork+0x10/0x20 [ 19.649671] [ 19.649799] Allocated by task 265: [ 19.649865] kasan_save_stack+0x3c/0x68 [ 19.649955] kasan_save_track+0x20/0x40 [ 19.650101] kasan_save_alloc_info+0x40/0x58 [ 19.650196] __kasan_kmalloc+0xd4/0xd8 [ 19.650264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.650305] kasan_atomics+0xb8/0x2e0 [ 19.650342] kunit_try_run_case+0x170/0x3f0 [ 19.650382] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.650427] kthread+0x328/0x630 [ 19.650530] ret_from_fork+0x10/0x20 [ 19.650570] [ 19.650601] The buggy address belongs to the object at fff00000c65c5b80 [ 19.650601] which belongs to the cache kmalloc-64 of size 64 [ 19.650661] The buggy address is located 0 bytes to the right of [ 19.650661] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.650737] [ 19.650777] The buggy address belongs to the physical page: [ 19.650811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.650866] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.650931] page_type: f5(slab) [ 19.650970] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.651051] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.651095] page dumped because: kasan: bad access detected [ 19.651129] [ 19.651148] Memory state around the buggy address: [ 19.651182] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.651228] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.651269] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.651310] ^ [ 19.651343] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.651417] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.651468] ================================================================== [ 19.651692] ================================================================== [ 19.651751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.651799] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.651854] [ 19.651884] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.651967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.651994] Hardware name: linux,dummy-virt (DT) [ 19.652026] Call trace: [ 19.652642] show_stack+0x20/0x38 (C) [ 19.653226] dump_stack_lvl+0x8c/0xd0 [ 19.653303] print_report+0x118/0x608 [ 19.653354] kasan_report+0xdc/0x128 [ 19.653427] kasan_check_range+0x100/0x1a8 [ 19.653478] __kasan_check_write+0x20/0x30 [ 19.654134] kasan_atomics_helper+0xf20/0x4858 [ 19.654239] kasan_atomics+0x198/0x2e0 [ 19.654315] kunit_try_run_case+0x170/0x3f0 [ 19.654466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.654679] kthread+0x328/0x630 [ 19.654759] ret_from_fork+0x10/0x20 [ 19.654807] [ 19.654891] Allocated by task 265: [ 19.655162] kasan_save_stack+0x3c/0x68 [ 19.655365] kasan_save_track+0x20/0x40 [ 19.655447] kasan_save_alloc_info+0x40/0x58 [ 19.655870] __kasan_kmalloc+0xd4/0xd8 [ 19.655997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.656386] kasan_atomics+0xb8/0x2e0 [ 19.656590] kunit_try_run_case+0x170/0x3f0 [ 19.656714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.657055] kthread+0x328/0x630 [ 19.657133] ret_from_fork+0x10/0x20 [ 19.657197] [ 19.657218] The buggy address belongs to the object at fff00000c65c5b80 [ 19.657218] which belongs to the cache kmalloc-64 of size 64 [ 19.657278] The buggy address is located 0 bytes to the right of [ 19.657278] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.657777] [ 19.657897] The buggy address belongs to the physical page: [ 19.658102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.658208] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.658285] page_type: f5(slab) [ 19.658931] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.659012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.659361] page dumped because: kasan: bad access detected [ 19.659445] [ 19.659501] Memory state around the buggy address: [ 19.659616] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.659932] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.660154] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.660198] ^ [ 19.660243] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660590] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.660663] ================================================================== [ 19.737264] ================================================================== [ 19.737325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.737780] Read of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.737963] [ 19.737999] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.738093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.738132] Hardware name: linux,dummy-virt (DT) [ 19.738166] Call trace: [ 19.738226] show_stack+0x20/0x38 (C) [ 19.738805] dump_stack_lvl+0x8c/0xd0 [ 19.738886] print_report+0x118/0x608 [ 19.738938] kasan_report+0xdc/0x128 [ 19.738984] __asan_report_load8_noabort+0x20/0x30 [ 19.739419] kasan_atomics_helper+0x3f04/0x4858 [ 19.739539] kasan_atomics+0x198/0x2e0 [ 19.739606] kunit_try_run_case+0x170/0x3f0 [ 19.739658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.739713] kthread+0x328/0x630 [ 19.740047] ret_from_fork+0x10/0x20 [ 19.740230] [ 19.740255] Allocated by task 265: [ 19.740301] kasan_save_stack+0x3c/0x68 [ 19.740345] kasan_save_track+0x20/0x40 [ 19.740414] kasan_save_alloc_info+0x40/0x58 [ 19.741175] __kasan_kmalloc+0xd4/0xd8 [ 19.741253] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.741383] kasan_atomics+0xb8/0x2e0 [ 19.741493] kunit_try_run_case+0x170/0x3f0 [ 19.741755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.741822] kthread+0x328/0x630 [ 19.742078] ret_from_fork+0x10/0x20 [ 19.742199] [ 19.742461] The buggy address belongs to the object at fff00000c65c5b80 [ 19.742461] which belongs to the cache kmalloc-64 of size 64 [ 19.742592] The buggy address is located 0 bytes to the right of [ 19.742592] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.742681] [ 19.742736] The buggy address belongs to the physical page: [ 19.742786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.742842] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.742961] page_type: f5(slab) [ 19.743020] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.743233] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.743494] page dumped because: kasan: bad access detected [ 19.743802] [ 19.743836] Memory state around the buggy address: [ 19.744050] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.744142] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.744617] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.744687] ^ [ 19.744735] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.744778] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.744975] ================================================================== [ 19.540051] ================================================================== [ 19.540106] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 19.540233] Write of size 4 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.540289] [ 19.540320] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.540673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.540746] Hardware name: linux,dummy-virt (DT) [ 19.540817] Call trace: [ 19.540912] show_stack+0x20/0x38 (C) [ 19.540967] dump_stack_lvl+0x8c/0xd0 [ 19.541024] print_report+0x118/0x608 [ 19.541082] kasan_report+0xdc/0x128 [ 19.541130] kasan_check_range+0x100/0x1a8 [ 19.541348] __kasan_check_write+0x20/0x30 [ 19.541520] kasan_atomics_helper+0xa6c/0x4858 [ 19.541671] kasan_atomics+0x198/0x2e0 [ 19.541781] kunit_try_run_case+0x170/0x3f0 [ 19.541849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.542197] kthread+0x328/0x630 [ 19.542322] ret_from_fork+0x10/0x20 [ 19.542379] [ 19.542402] Allocated by task 265: [ 19.542766] kasan_save_stack+0x3c/0x68 [ 19.542859] kasan_save_track+0x20/0x40 [ 19.542944] kasan_save_alloc_info+0x40/0x58 [ 19.543079] __kasan_kmalloc+0xd4/0xd8 [ 19.543123] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.543189] kasan_atomics+0xb8/0x2e0 [ 19.543536] kunit_try_run_case+0x170/0x3f0 [ 19.543607] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.543711] kthread+0x328/0x630 [ 19.543745] ret_from_fork+0x10/0x20 [ 19.544077] [ 19.544122] The buggy address belongs to the object at fff00000c65c5b80 [ 19.544122] which belongs to the cache kmalloc-64 of size 64 [ 19.544262] The buggy address is located 0 bytes to the right of [ 19.544262] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.544333] [ 19.544354] The buggy address belongs to the physical page: [ 19.544573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.544671] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.544789] page_type: f5(slab) [ 19.544938] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.545100] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.545161] page dumped because: kasan: bad access detected [ 19.545195] [ 19.545215] Memory state around the buggy address: [ 19.545597] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.545652] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.545800] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.545872] ^ [ 19.545923] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546321] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.546463] ================================================================== [ 19.718952] ================================================================== [ 19.719303] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.719505] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.719560] [ 19.719709] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.719817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.719855] Hardware name: linux,dummy-virt (DT) [ 19.719887] Call trace: [ 19.719912] show_stack+0x20/0x38 (C) [ 19.719961] dump_stack_lvl+0x8c/0xd0 [ 19.720012] print_report+0x118/0x608 [ 19.720070] kasan_report+0xdc/0x128 [ 19.720117] kasan_check_range+0x100/0x1a8 [ 19.720178] __kasan_check_write+0x20/0x30 [ 19.720322] kasan_atomics_helper+0x12d8/0x4858 [ 19.720378] kasan_atomics+0x198/0x2e0 [ 19.720424] kunit_try_run_case+0x170/0x3f0 [ 19.720479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.720556] kthread+0x328/0x630 [ 19.720738] ret_from_fork+0x10/0x20 [ 19.721350] [ 19.721384] Allocated by task 265: [ 19.721427] kasan_save_stack+0x3c/0x68 [ 19.721825] kasan_save_track+0x20/0x40 [ 19.721903] kasan_save_alloc_info+0x40/0x58 [ 19.722270] __kasan_kmalloc+0xd4/0xd8 [ 19.722362] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.722630] kasan_atomics+0xb8/0x2e0 [ 19.723009] kunit_try_run_case+0x170/0x3f0 [ 19.723210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.723599] kthread+0x328/0x630 [ 19.723779] ret_from_fork+0x10/0x20 [ 19.723840] [ 19.724004] The buggy address belongs to the object at fff00000c65c5b80 [ 19.724004] which belongs to the cache kmalloc-64 of size 64 [ 19.724483] The buggy address is located 0 bytes to the right of [ 19.724483] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.724684] [ 19.724999] The buggy address belongs to the physical page: [ 19.725147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.725219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.725277] page_type: f5(slab) [ 19.725512] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.725696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.726178] page dumped because: kasan: bad access detected [ 19.726228] [ 19.726290] Memory state around the buggy address: [ 19.726633] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.727008] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.727169] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.727389] ^ [ 19.727529] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.727611] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.727658] ================================================================== [ 19.696615] ================================================================== [ 19.696877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.697369] Write of size 8 at addr fff00000c65c5bb0 by task kunit_try_catch/265 [ 19.697486] [ 19.697571] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.697782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.697813] Hardware name: linux,dummy-virt (DT) [ 19.697846] Call trace: [ 19.698250] show_stack+0x20/0x38 (C) [ 19.698336] dump_stack_lvl+0x8c/0xd0 [ 19.698856] print_report+0x118/0x608 [ 19.699178] kasan_report+0xdc/0x128 [ 19.699365] kasan_check_range+0x100/0x1a8 [ 19.699446] __kasan_check_write+0x20/0x30 [ 19.699784] kasan_atomics_helper+0x1128/0x4858 [ 19.700011] kasan_atomics+0x198/0x2e0 [ 19.700601] kunit_try_run_case+0x170/0x3f0 [ 19.700652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.700706] kthread+0x328/0x630 [ 19.700748] ret_from_fork+0x10/0x20 [ 19.700796] [ 19.700817] Allocated by task 265: [ 19.700845] kasan_save_stack+0x3c/0x68 [ 19.700888] kasan_save_track+0x20/0x40 [ 19.700930] kasan_save_alloc_info+0x40/0x58 [ 19.700971] __kasan_kmalloc+0xd4/0xd8 [ 19.701010] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.701062] kasan_atomics+0xb8/0x2e0 [ 19.701099] kunit_try_run_case+0x170/0x3f0 [ 19.701137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.701182] kthread+0x328/0x630 [ 19.701214] ret_from_fork+0x10/0x20 [ 19.701253] [ 19.701273] The buggy address belongs to the object at fff00000c65c5b80 [ 19.701273] which belongs to the cache kmalloc-64 of size 64 [ 19.701332] The buggy address is located 0 bytes to the right of [ 19.701332] allocated 48-byte region [fff00000c65c5b80, fff00000c65c5bb0) [ 19.701396] [ 19.701417] The buggy address belongs to the physical page: [ 19.701449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c5 [ 19.701504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.701553] page_type: f5(slab) [ 19.701636] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.701688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.701731] page dumped because: kasan: bad access detected [ 19.701764] [ 19.701785] Memory state around the buggy address: [ 19.701857] fff00000c65c5a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.702048] fff00000c65c5b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.702135] >fff00000c65c5b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.702272] ^ [ 19.702309] fff00000c65c5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702356] fff00000c65c5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.702394] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.191945] ================================================================== [ 19.192259] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.192429] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.192679] [ 19.192755] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.193073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.193257] Hardware name: linux,dummy-virt (DT) [ 19.193370] Call trace: [ 19.193422] show_stack+0x20/0x38 (C) [ 19.193564] dump_stack_lvl+0x8c/0xd0 [ 19.193733] print_report+0x118/0x608 [ 19.193843] kasan_report+0xdc/0x128 [ 19.193971] kasan_check_range+0x100/0x1a8 [ 19.194073] __kasan_check_write+0x20/0x30 [ 19.194125] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.194190] kasan_bitops_generic+0x110/0x1c8 [ 19.194240] kunit_try_run_case+0x170/0x3f0 [ 19.194289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194344] kthread+0x328/0x630 [ 19.194408] ret_from_fork+0x10/0x20 [ 19.194458] [ 19.194487] Allocated by task 261: [ 19.194528] kasan_save_stack+0x3c/0x68 [ 19.194572] kasan_save_track+0x20/0x40 [ 19.194612] kasan_save_alloc_info+0x40/0x58 [ 19.194664] __kasan_kmalloc+0xd4/0xd8 [ 19.194702] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.194755] kasan_bitops_generic+0xa0/0x1c8 [ 19.194795] kunit_try_run_case+0x170/0x3f0 [ 19.194834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194881] kthread+0x328/0x630 [ 19.194929] ret_from_fork+0x10/0x20 [ 19.194981] [ 19.195020] The buggy address belongs to the object at fff00000c57cf640 [ 19.195020] which belongs to the cache kmalloc-16 of size 16 [ 19.195384] The buggy address is located 8 bytes inside of [ 19.195384] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.195608] [ 19.195639] The buggy address belongs to the physical page: [ 19.196006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.196123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.196737] page_type: f5(slab) [ 19.196996] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.197211] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.197397] page dumped because: kasan: bad access detected [ 19.197643] [ 19.197761] Memory state around the buggy address: [ 19.197863] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.198023] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.198209] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.198355] ^ [ 19.198402] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198639] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198820] ================================================================== [ 19.238281] ================================================================== [ 19.238335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.238388] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.238440] [ 19.238472] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.238554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.238583] Hardware name: linux,dummy-virt (DT) [ 19.238616] Call trace: [ 19.238641] show_stack+0x20/0x38 (C) [ 19.238703] dump_stack_lvl+0x8c/0xd0 [ 19.238751] print_report+0x118/0x608 [ 19.238799] kasan_report+0xdc/0x128 [ 19.238846] kasan_check_range+0x100/0x1a8 [ 19.238895] __kasan_check_write+0x20/0x30 [ 19.238940] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.238991] kasan_bitops_generic+0x110/0x1c8 [ 19.239051] kunit_try_run_case+0x170/0x3f0 [ 19.239100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.239155] kthread+0x328/0x630 [ 19.239921] ret_from_fork+0x10/0x20 [ 19.239994] [ 19.240048] Allocated by task 261: [ 19.240081] kasan_save_stack+0x3c/0x68 [ 19.240132] kasan_save_track+0x20/0x40 [ 19.240181] kasan_save_alloc_info+0x40/0x58 [ 19.240224] __kasan_kmalloc+0xd4/0xd8 [ 19.240521] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.240638] kasan_bitops_generic+0xa0/0x1c8 [ 19.240856] kunit_try_run_case+0x170/0x3f0 [ 19.240907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241479] kthread+0x328/0x630 [ 19.242547] [ 19.253951] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.258053] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.258450] Call trace: [ 19.259149] kasan_check_range+0x100/0x1a8 [ 19.259850] kthread+0x328/0x630 [ 19.260368] kthread+0x328/0x630 [ 19.260911] [ 19.261650] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.263143] ^ [ 19.266055] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.266968] kasan_report+0xdc/0x128 [ 19.267674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270647] [ 19.270930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.271015] [ 19.271197] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.274493] [ 19.275186] Hardware name: linux,dummy-virt (DT) [ 19.277515] [ 19.278397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.280234] The buggy address is located 8 bytes inside of [ 19.280234] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.281584] [ 19.281606] Memory state around the buggy address: [ 19.282451] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.284194] [ 19.285112] print_report+0x118/0x608 [ 19.288289] kasan_save_alloc_info+0x40/0x58 [ 19.289012] The buggy address belongs to the physical page: [ 19.289871] [ 19.290019] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.291942] ================================================================== [ 19.210523] ================================================================== [ 19.210579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.211434] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.211528] [ 19.211563] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.211807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.211957] Hardware name: linux,dummy-virt (DT) [ 19.212049] Call trace: [ 19.212078] show_stack+0x20/0x38 (C) [ 19.212132] dump_stack_lvl+0x8c/0xd0 [ 19.212184] print_report+0x118/0x608 [ 19.212504] kasan_report+0xdc/0x128 [ 19.212837] kasan_check_range+0x100/0x1a8 [ 19.213248] __kasan_check_write+0x20/0x30 [ 19.213485] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.213675] kasan_bitops_generic+0x110/0x1c8 [ 19.213854] kunit_try_run_case+0x170/0x3f0 [ 19.213922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.214004] kthread+0x328/0x630 [ 19.214224] ret_from_fork+0x10/0x20 [ 19.214549] [ 19.214690] Allocated by task 261: [ 19.214800] kasan_save_stack+0x3c/0x68 [ 19.215063] kasan_save_track+0x20/0x40 [ 19.215479] kasan_save_alloc_info+0x40/0x58 [ 19.215660] __kasan_kmalloc+0xd4/0xd8 [ 19.215716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.215948] kasan_bitops_generic+0xa0/0x1c8 [ 19.216142] kunit_try_run_case+0x170/0x3f0 [ 19.216201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.216401] kthread+0x328/0x630 [ 19.216484] ret_from_fork+0x10/0x20 [ 19.216611] [ 19.216640] The buggy address belongs to the object at fff00000c57cf640 [ 19.216640] which belongs to the cache kmalloc-16 of size 16 [ 19.216934] The buggy address is located 8 bytes inside of [ 19.216934] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.217220] [ 19.217266] The buggy address belongs to the physical page: [ 19.217424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.217573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.217753] page_type: f5(slab) [ 19.217833] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.218277] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.218369] page dumped because: kasan: bad access detected [ 19.218501] [ 19.218555] Memory state around the buggy address: [ 19.218758] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.218956] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.219103] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.219241] ^ [ 19.219429] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.219516] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.219611] ================================================================== [ 19.222497] ================================================================== [ 19.222656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.222779] Read of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.222837] [ 19.222881] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.222966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.222994] Hardware name: linux,dummy-virt (DT) [ 19.223224] Call trace: [ 19.223261] show_stack+0x20/0x38 (C) [ 19.223314] dump_stack_lvl+0x8c/0xd0 [ 19.223377] print_report+0x118/0x608 [ 19.223868] kasan_report+0xdc/0x128 [ 19.223955] __asan_report_load8_noabort+0x20/0x30 [ 19.224009] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.224397] kasan_bitops_generic+0x110/0x1c8 [ 19.224910] kunit_try_run_case+0x170/0x3f0 [ 19.224991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.225096] kthread+0x328/0x630 [ 19.225223] ret_from_fork+0x10/0x20 [ 19.225385] [ 19.225406] Allocated by task 261: [ 19.225436] kasan_save_stack+0x3c/0x68 [ 19.225486] kasan_save_track+0x20/0x40 [ 19.225801] kasan_save_alloc_info+0x40/0x58 [ 19.225960] __kasan_kmalloc+0xd4/0xd8 [ 19.226097] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.226166] kasan_bitops_generic+0xa0/0x1c8 [ 19.226315] kunit_try_run_case+0x170/0x3f0 [ 19.226467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.226642] kthread+0x328/0x630 [ 19.226856] ret_from_fork+0x10/0x20 [ 19.227022] [ 19.227128] The buggy address belongs to the object at fff00000c57cf640 [ 19.227128] which belongs to the cache kmalloc-16 of size 16 [ 19.227260] The buggy address is located 8 bytes inside of [ 19.227260] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.227466] [ 19.227536] The buggy address belongs to the physical page: [ 19.227595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.227942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.228164] page_type: f5(slab) [ 19.228264] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.228427] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.228593] page dumped because: kasan: bad access detected [ 19.228833] [ 19.229018] Memory state around the buggy address: [ 19.229098] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.229157] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.229201] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.229243] ^ [ 19.229281] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.229326] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.229368] ================================================================== [ 19.230189] ================================================================== [ 19.230373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.230429] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.230510] [ 19.230672] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.230867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.231020] Hardware name: linux,dummy-virt (DT) [ 19.231071] Call trace: [ 19.231296] show_stack+0x20/0x38 (C) [ 19.231382] dump_stack_lvl+0x8c/0xd0 [ 19.231757] print_report+0x118/0x608 [ 19.232073] kasan_report+0xdc/0x128 [ 19.232270] kasan_check_range+0x100/0x1a8 [ 19.232550] __kasan_check_write+0x20/0x30 [ 19.232930] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.233072] kasan_bitops_generic+0x110/0x1c8 [ 19.233236] kunit_try_run_case+0x170/0x3f0 [ 19.233403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233499] kthread+0x328/0x630 [ 19.233700] ret_from_fork+0x10/0x20 [ 19.233933] [ 19.234025] Allocated by task 261: [ 19.234107] kasan_save_stack+0x3c/0x68 [ 19.234254] kasan_save_track+0x20/0x40 [ 19.234315] kasan_save_alloc_info+0x40/0x58 [ 19.234654] __kasan_kmalloc+0xd4/0xd8 [ 19.234732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.234878] kasan_bitops_generic+0xa0/0x1c8 [ 19.234951] kunit_try_run_case+0x170/0x3f0 [ 19.235162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235342] kthread+0x328/0x630 [ 19.235558] ret_from_fork+0x10/0x20 [ 19.235901] [ 19.235948] The buggy address belongs to the object at fff00000c57cf640 [ 19.235948] which belongs to the cache kmalloc-16 of size 16 [ 19.236134] The buggy address is located 8 bytes inside of [ 19.236134] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.236274] [ 19.236300] The buggy address belongs to the physical page: [ 19.236369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.236670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.236732] page_type: f5(slab) [ 19.236771] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.237188] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.237304] page dumped because: kasan: bad access detected [ 19.237341] [ 19.237465] Memory state around the buggy address: [ 19.237516] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.237564] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.237608] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.237678] ^ [ 19.237717] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237762] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237811] ================================================================== [ 19.200300] ================================================================== [ 19.200622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.200977] Read of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.201252] [ 19.201341] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.201723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.201794] Hardware name: linux,dummy-virt (DT) [ 19.201977] Call trace: [ 19.202545] show_stack+0x20/0x38 (C) [ 19.202870] dump_stack_lvl+0x8c/0xd0 [ 19.203103] print_report+0x118/0x608 [ 19.203471] kasan_report+0xdc/0x128 [ 19.203738] __asan_report_load8_noabort+0x20/0x30 [ 19.203979] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.204167] kasan_bitops_generic+0x110/0x1c8 [ 19.204410] kunit_try_run_case+0x170/0x3f0 [ 19.204537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.205040] kthread+0x328/0x630 [ 19.205243] ret_from_fork+0x10/0x20 [ 19.205482] [ 19.205723] Allocated by task 261: [ 19.205808] kasan_save_stack+0x3c/0x68 [ 19.206084] kasan_save_track+0x20/0x40 [ 19.206181] kasan_save_alloc_info+0x40/0x58 [ 19.206245] __kasan_kmalloc+0xd4/0xd8 [ 19.206483] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.206948] kasan_bitops_generic+0xa0/0x1c8 [ 19.207139] kunit_try_run_case+0x170/0x3f0 [ 19.207258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.207439] kthread+0x328/0x630 [ 19.207621] ret_from_fork+0x10/0x20 [ 19.207946] [ 19.208105] The buggy address belongs to the object at fff00000c57cf640 [ 19.208105] which belongs to the cache kmalloc-16 of size 16 [ 19.208304] The buggy address is located 8 bytes inside of [ 19.208304] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.208516] [ 19.208654] The buggy address belongs to the physical page: [ 19.208737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.208821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.208874] page_type: f5(slab) [ 19.209292] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.209421] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.209550] page dumped because: kasan: bad access detected [ 19.209590] [ 19.209638] Memory state around the buggy address: [ 19.209674] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.209759] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.209807] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.209858] ^ [ 19.209918] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209976] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.210050] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.458332] ================================================================== [ 21.458427] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.458427] [ 21.458520] Use-after-free read at 0x00000000c1b5c335 (in kfence-#88): [ 21.458568] test_use_after_free_read+0x114/0x248 [ 21.458617] kunit_try_run_case+0x170/0x3f0 [ 21.458660] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.458703] kthread+0x328/0x630 [ 21.458740] ret_from_fork+0x10/0x20 [ 21.458779] [ 21.458802] kfence-#88: 0x00000000c1b5c335-0x00000000adeb2697, size=32, cache=kmalloc-32 [ 21.458802] [ 21.458879] allocated by task 295 on cpu 1 at 21.458068s (0.000806s ago): [ 21.458947] test_alloc+0x29c/0x628 [ 21.458985] test_use_after_free_read+0xd0/0x248 [ 21.459026] kunit_try_run_case+0x170/0x3f0 [ 21.459506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.460236] kthread+0x328/0x630 [ 21.460296] ret_from_fork+0x10/0x20 [ 21.460431] [ 21.460823] freed by task 295 on cpu 1 at 21.458142s (0.002355s ago): [ 21.461456] test_use_after_free_read+0x1c0/0x248 [ 21.461619] kunit_try_run_case+0x170/0x3f0 [ 21.461731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461893] kthread+0x328/0x630 [ 21.462014] ret_from_fork+0x10/0x20 [ 21.462341] [ 21.462641] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.462857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.462914] Hardware name: linux,dummy-virt (DT) [ 21.462957] ================================================================== [ 21.566323] ================================================================== [ 21.566413] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.566413] [ 21.566684] Use-after-free read at 0x000000007a378c48 (in kfence-#89): [ 21.566796] test_use_after_free_read+0x114/0x248 [ 21.566935] kunit_try_run_case+0x170/0x3f0 [ 21.567172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.567287] kthread+0x328/0x630 [ 21.567375] ret_from_fork+0x10/0x20 [ 21.567431] [ 21.567482] kfence-#89: 0x000000007a378c48-0x00000000f4fff264, size=32, cache=test [ 21.567482] [ 21.567581] allocated by task 297 on cpu 1 at 21.565964s (0.001596s ago): [ 21.567653] test_alloc+0x230/0x628 [ 21.567694] test_use_after_free_read+0xd0/0x248 [ 21.567734] kunit_try_run_case+0x170/0x3f0 [ 21.567802] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.567846] kthread+0x328/0x630 [ 21.567880] ret_from_fork+0x10/0x20 [ 21.567918] [ 21.567988] freed by task 297 on cpu 1 at 21.566026s (0.001952s ago): [ 21.568107] test_use_after_free_read+0xf0/0x248 [ 21.568161] kunit_try_run_case+0x170/0x3f0 [ 21.568202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.568378] kthread+0x328/0x630 [ 21.568563] ret_from_fork+0x10/0x20 [ 21.568739] [ 21.568860] CPU: 1 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.568960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.569005] Hardware name: linux,dummy-virt (DT) [ 21.569077] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 21.141785] ================================================================== [ 21.141908] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.141908] [ 21.142046] Out-of-bounds write at 0x000000008335fc6c (1B left of kfence-#85): [ 21.142103] test_out_of_bounds_write+0x100/0x240 [ 21.142411] kunit_try_run_case+0x170/0x3f0 [ 21.142500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.142582] kthread+0x328/0x630 [ 21.142655] ret_from_fork+0x10/0x20 [ 21.142711] [ 21.142738] kfence-#85: 0x00000000f9f4cc5d-0x000000007e1c8190, size=32, cache=kmalloc-32 [ 21.142738] [ 21.142810] allocated by task 291 on cpu 1 at 21.141552s (0.001234s ago): [ 21.142906] test_alloc+0x29c/0x628 [ 21.142972] test_out_of_bounds_write+0xc8/0x240 [ 21.143041] kunit_try_run_case+0x170/0x3f0 [ 21.143084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.143157] kthread+0x328/0x630 [ 21.143207] ret_from_fork+0x10/0x20 [ 21.143247] [ 21.143309] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.143570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.143692] Hardware name: linux,dummy-virt (DT) [ 21.143735] ================================================================== [ 21.350415] ================================================================== [ 21.350495] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.350495] [ 21.350915] Out-of-bounds write at 0x000000004e25c4fd (1B left of kfence-#87): [ 21.351019] test_out_of_bounds_write+0x100/0x240 [ 21.351192] kunit_try_run_case+0x170/0x3f0 [ 21.351237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.351281] kthread+0x328/0x630 [ 21.351319] ret_from_fork+0x10/0x20 [ 21.351654] [ 21.351741] kfence-#87: 0x00000000f576fa69-0x00000000f5d4aa1b, size=32, cache=test [ 21.351741] [ 21.351843] allocated by task 293 on cpu 1 at 21.350158s (0.001635s ago): [ 21.351918] test_alloc+0x230/0x628 [ 21.351958] test_out_of_bounds_write+0xc8/0x240 [ 21.352000] kunit_try_run_case+0x170/0x3f0 [ 21.352051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.352095] kthread+0x328/0x630 [ 21.352129] ret_from_fork+0x10/0x20 [ 21.352168] [ 21.352211] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.352290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.352319] Hardware name: linux,dummy-virt (DT) [ 21.352375] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.501842] ================================================================== [ 20.501916] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.501916] [ 20.501992] Out-of-bounds read at 0x0000000090b35fe3 (1B left of kfence-#79): [ 20.502061] test_out_of_bounds_read+0x114/0x3e0 [ 20.502110] kunit_try_run_case+0x170/0x3f0 [ 20.502152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.502206] kthread+0x328/0x630 [ 20.502242] ret_from_fork+0x10/0x20 [ 20.502279] [ 20.502304] kfence-#79: 0x00000000e13ba38c-0x00000000e3f435a7, size=32, cache=test [ 20.502304] [ 20.502359] allocated by task 289 on cpu 1 at 20.501763s (0.000587s ago): [ 20.502515] test_alloc+0x230/0x628 [ 20.502559] test_out_of_bounds_read+0xdc/0x3e0 [ 20.502600] kunit_try_run_case+0x170/0x3f0 [ 20.502639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.502690] kthread+0x328/0x630 [ 20.502726] ret_from_fork+0x10/0x20 [ 20.502764] [ 20.502806] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.502884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.502913] Hardware name: linux,dummy-virt (DT) [ 20.502946] ================================================================== [ 20.710267] ================================================================== [ 20.710350] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.710350] [ 20.710719] Out-of-bounds read at 0x00000000d9599de2 (32B right of kfence-#81): [ 20.710852] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.710963] kunit_try_run_case+0x170/0x3f0 [ 20.711011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.711201] kthread+0x328/0x630 [ 20.711254] ret_from_fork+0x10/0x20 [ 20.711438] [ 20.711475] kfence-#81: 0x00000000ad624619-0x00000000e50b9128, size=32, cache=test [ 20.711475] [ 20.711783] allocated by task 289 on cpu 1 at 20.710124s (0.001400s ago): [ 20.711871] test_alloc+0x230/0x628 [ 20.711913] test_out_of_bounds_read+0x198/0x3e0 [ 20.711962] kunit_try_run_case+0x170/0x3f0 [ 20.712001] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.712053] kthread+0x328/0x630 [ 20.712089] ret_from_fork+0x10/0x20 [ 20.712157] [ 20.712213] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.712294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.712334] Hardware name: linux,dummy-virt (DT) [ 20.712370] ================================================================== [ 20.394646] ================================================================== [ 20.395046] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.395046] [ 20.395413] Out-of-bounds read at 0x000000007bc7d2af (32B right of kfence-#78): [ 20.395485] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.395621] kunit_try_run_case+0x170/0x3f0 [ 20.395676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.395787] kthread+0x328/0x630 [ 20.395846] ret_from_fork+0x10/0x20 [ 20.395889] [ 20.395915] kfence-#78: 0x000000007451f780-0x00000000fd025264, size=32, cache=kmalloc-32 [ 20.395915] [ 20.396246] allocated by task 287 on cpu 1 at 20.394291s (0.001945s ago): [ 20.396327] test_alloc+0x29c/0x628 [ 20.396390] test_out_of_bounds_read+0x198/0x3e0 [ 20.396454] kunit_try_run_case+0x170/0x3f0 [ 20.396496] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.396537] kthread+0x328/0x630 [ 20.396622] ret_from_fork+0x10/0x20 [ 20.396821] [ 20.396932] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.397020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.397287] Hardware name: linux,dummy-virt (DT) [ 20.397495] ================================================================== [ 20.285784] ================================================================== [ 20.285861] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.285861] [ 20.286222] Out-of-bounds read at 0x000000006980e48f (1B left of kfence-#77): [ 20.286824] test_out_of_bounds_read+0x114/0x3e0 [ 20.287079] kunit_try_run_case+0x170/0x3f0 [ 20.287286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.287505] kthread+0x328/0x630 [ 20.287602] ret_from_fork+0x10/0x20 [ 20.287785] [ 20.287823] kfence-#77: 0x000000000ac11979-0x00000000813f684c, size=32, cache=kmalloc-32 [ 20.287823] [ 20.288068] allocated by task 287 on cpu 1 at 20.285563s (0.002311s ago): [ 20.288159] test_alloc+0x29c/0x628 [ 20.288202] test_out_of_bounds_read+0xdc/0x3e0 [ 20.288259] kunit_try_run_case+0x170/0x3f0 [ 20.288300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.288342] kthread+0x328/0x630 [ 20.288376] ret_from_fork+0x10/0x20 [ 20.288697] [ 20.288875] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.288977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.289283] Hardware name: linux,dummy-virt (DT) [ 20.289368] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-kmalloc_oob_left
[ 16.467662] ================================================================== [ 16.468097] BUG: KFENCE: out-of-bounds read in kmalloc_oob_left+0x160/0x320 [ 16.468097] [ 16.468301] Out-of-bounds read at 0x000000007d74479f (1B left of kfence-#50): [ 16.468529] kmalloc_oob_left+0x160/0x320 [ 16.469000] kunit_try_run_case+0x170/0x3f0 [ 16.469146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.469190] kthread+0x328/0x630 [ 16.469223] ret_from_fork+0x10/0x20 [ 16.469281] [ 16.469822] kfence-#50: 0x00000000057e9ca4-0x00000000f53e5de2, size=15, cache=kmalloc-16 [ 16.469822] [ 16.470416] allocated by task 138 on cpu 0 at 16.466020s (0.004171s ago): [ 16.471740] kmalloc_oob_left+0xb8/0x320 [ 16.471929] kunit_try_run_case+0x170/0x3f0 [ 16.471988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.472088] kthread+0x328/0x630 [ 16.472642] ret_from_fork+0x10/0x20 [ 16.472966] [ 16.473044] CPU: 0 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.473238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.473264] Hardware name: linux,dummy-virt (DT) [ 16.473301] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.070842] ================================================================== [ 20.070936] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.071008] Write of size 1 at addr fff00000c7834578 by task kunit_try_catch/285 [ 20.071141] [ 20.071173] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.071256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.071411] Hardware name: linux,dummy-virt (DT) [ 20.071458] Call trace: [ 20.071481] show_stack+0x20/0x38 (C) [ 20.071532] dump_stack_lvl+0x8c/0xd0 [ 20.071792] print_report+0x118/0x608 [ 20.071852] kasan_report+0xdc/0x128 [ 20.071936] __asan_report_store1_noabort+0x20/0x30 [ 20.071988] strncpy_from_user+0x270/0x2a0 [ 20.072111] copy_user_test_oob+0x5c0/0xec8 [ 20.072252] kunit_try_run_case+0x170/0x3f0 [ 20.072431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.072512] kthread+0x328/0x630 [ 20.072565] ret_from_fork+0x10/0x20 [ 20.072674] [ 20.072695] Allocated by task 285: [ 20.072725] kasan_save_stack+0x3c/0x68 [ 20.072767] kasan_save_track+0x20/0x40 [ 20.072806] kasan_save_alloc_info+0x40/0x58 [ 20.072848] __kasan_kmalloc+0xd4/0xd8 [ 20.072885] __kmalloc_noprof+0x198/0x4c8 [ 20.073009] kunit_kmalloc_array+0x34/0x88 [ 20.073067] copy_user_test_oob+0xac/0xec8 [ 20.073153] kunit_try_run_case+0x170/0x3f0 [ 20.073268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.073471] kthread+0x328/0x630 [ 20.073672] ret_from_fork+0x10/0x20 [ 20.073848] [ 20.073938] The buggy address belongs to the object at fff00000c7834500 [ 20.073938] which belongs to the cache kmalloc-128 of size 128 [ 20.074109] The buggy address is located 0 bytes to the right of [ 20.074109] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.074189] [ 20.074210] The buggy address belongs to the physical page: [ 20.074243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.074305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.074354] page_type: f5(slab) [ 20.074393] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.074445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.074488] page dumped because: kasan: bad access detected [ 20.074530] [ 20.074565] Memory state around the buggy address: [ 20.074600] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.074645] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074699] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.074739] ^ [ 20.074781] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074826] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074867] ================================================================== [ 20.065514] ================================================================== [ 20.065582] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.065685] Write of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.065739] [ 20.065768] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.066001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.066051] Hardware name: linux,dummy-virt (DT) [ 20.066086] Call trace: [ 20.066108] show_stack+0x20/0x38 (C) [ 20.066161] dump_stack_lvl+0x8c/0xd0 [ 20.066208] print_report+0x118/0x608 [ 20.066282] kasan_report+0xdc/0x128 [ 20.066350] kasan_check_range+0x100/0x1a8 [ 20.066401] __kasan_check_write+0x20/0x30 [ 20.066477] strncpy_from_user+0x3c/0x2a0 [ 20.066530] copy_user_test_oob+0x5c0/0xec8 [ 20.066596] kunit_try_run_case+0x170/0x3f0 [ 20.066780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.066839] kthread+0x328/0x630 [ 20.066884] ret_from_fork+0x10/0x20 [ 20.067148] [ 20.067202] Allocated by task 285: [ 20.067249] kasan_save_stack+0x3c/0x68 [ 20.067331] kasan_save_track+0x20/0x40 [ 20.067390] kasan_save_alloc_info+0x40/0x58 [ 20.067433] __kasan_kmalloc+0xd4/0xd8 [ 20.067469] __kmalloc_noprof+0x198/0x4c8 [ 20.067524] kunit_kmalloc_array+0x34/0x88 [ 20.067646] copy_user_test_oob+0xac/0xec8 [ 20.067820] kunit_try_run_case+0x170/0x3f0 [ 20.067871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.067957] kthread+0x328/0x630 [ 20.068023] ret_from_fork+0x10/0x20 [ 20.068108] [ 20.068147] The buggy address belongs to the object at fff00000c7834500 [ 20.068147] which belongs to the cache kmalloc-128 of size 128 [ 20.068207] The buggy address is located 0 bytes inside of [ 20.068207] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.068269] [ 20.068317] The buggy address belongs to the physical page: [ 20.068366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.068428] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.068527] page_type: f5(slab) [ 20.068591] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.068647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.068859] page dumped because: kasan: bad access detected [ 20.068896] [ 20.068915] Memory state around the buggy address: [ 20.068948] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.068993] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.069051] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.069195] ^ [ 20.069252] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.069353] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.069451] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 20.054979] ================================================================== [ 20.055043] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 20.055206] Write of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.055323] [ 20.055355] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.055437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.055465] Hardware name: linux,dummy-virt (DT) [ 20.055508] Call trace: [ 20.055546] show_stack+0x20/0x38 (C) [ 20.055604] dump_stack_lvl+0x8c/0xd0 [ 20.055651] print_report+0x118/0x608 [ 20.055702] kasan_report+0xdc/0x128 [ 20.055747] kasan_check_range+0x100/0x1a8 [ 20.055803] __kasan_check_write+0x20/0x30 [ 20.055850] copy_user_test_oob+0x434/0xec8 [ 20.055896] kunit_try_run_case+0x170/0x3f0 [ 20.055944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.055997] kthread+0x328/0x630 [ 20.056053] ret_from_fork+0x10/0x20 [ 20.056111] [ 20.056132] Allocated by task 285: [ 20.056162] kasan_save_stack+0x3c/0x68 [ 20.056203] kasan_save_track+0x20/0x40 [ 20.056243] kasan_save_alloc_info+0x40/0x58 [ 20.056284] __kasan_kmalloc+0xd4/0xd8 [ 20.056321] __kmalloc_noprof+0x198/0x4c8 [ 20.056360] kunit_kmalloc_array+0x34/0x88 [ 20.056397] copy_user_test_oob+0xac/0xec8 [ 20.056436] kunit_try_run_case+0x170/0x3f0 [ 20.056488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.056544] kthread+0x328/0x630 [ 20.056579] ret_from_fork+0x10/0x20 [ 20.056614] [ 20.056643] The buggy address belongs to the object at fff00000c7834500 [ 20.056643] which belongs to the cache kmalloc-128 of size 128 [ 20.056702] The buggy address is located 0 bytes inside of [ 20.056702] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.056763] [ 20.056785] The buggy address belongs to the physical page: [ 20.056822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.056874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.056921] page_type: f5(slab) [ 20.056966] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.057757] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.057861] page dumped because: kasan: bad access detected [ 20.058022] [ 20.058258] Memory state around the buggy address: [ 20.058344] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.058390] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058436] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.058475] ^ [ 20.058619] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058671] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.058713] ================================================================== [ 20.059661] ================================================================== [ 20.059776] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.059827] Read of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.059882] [ 20.059912] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.060240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.060317] Hardware name: linux,dummy-virt (DT) [ 20.060382] Call trace: [ 20.060410] show_stack+0x20/0x38 (C) [ 20.060482] dump_stack_lvl+0x8c/0xd0 [ 20.060563] print_report+0x118/0x608 [ 20.060659] kasan_report+0xdc/0x128 [ 20.060729] kasan_check_range+0x100/0x1a8 [ 20.060777] __kasan_check_read+0x20/0x30 [ 20.060972] copy_user_test_oob+0x4a0/0xec8 [ 20.061046] kunit_try_run_case+0x170/0x3f0 [ 20.061117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.061170] kthread+0x328/0x630 [ 20.061213] ret_from_fork+0x10/0x20 [ 20.061352] [ 20.061375] Allocated by task 285: [ 20.061407] kasan_save_stack+0x3c/0x68 [ 20.061449] kasan_save_track+0x20/0x40 [ 20.061554] kasan_save_alloc_info+0x40/0x58 [ 20.061691] __kasan_kmalloc+0xd4/0xd8 [ 20.061788] __kmalloc_noprof+0x198/0x4c8 [ 20.061903] kunit_kmalloc_array+0x34/0x88 [ 20.062294] copy_user_test_oob+0xac/0xec8 [ 20.062465] kunit_try_run_case+0x170/0x3f0 [ 20.062594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.062674] kthread+0x328/0x630 [ 20.062720] ret_from_fork+0x10/0x20 [ 20.062820] [ 20.062869] The buggy address belongs to the object at fff00000c7834500 [ 20.062869] which belongs to the cache kmalloc-128 of size 128 [ 20.062991] The buggy address is located 0 bytes inside of [ 20.062991] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.063077] [ 20.063098] The buggy address belongs to the physical page: [ 20.063130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.063360] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.063502] page_type: f5(slab) [ 20.063659] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.063790] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.064054] page dumped because: kasan: bad access detected [ 20.064132] [ 20.064262] Memory state around the buggy address: [ 20.064407] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.064458] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064504] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.064545] ^ [ 20.064588] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064633] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.064762] ================================================================== [ 20.043936] ================================================================== [ 20.043994] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 20.044089] Write of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.044162] [ 20.044200] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.044338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.044369] Hardware name: linux,dummy-virt (DT) [ 20.044399] Call trace: [ 20.044423] show_stack+0x20/0x38 (C) [ 20.044482] dump_stack_lvl+0x8c/0xd0 [ 20.044537] print_report+0x118/0x608 [ 20.044898] kasan_report+0xdc/0x128 [ 20.045009] kasan_check_range+0x100/0x1a8 [ 20.045132] __kasan_check_write+0x20/0x30 [ 20.045261] copy_user_test_oob+0x35c/0xec8 [ 20.045310] kunit_try_run_case+0x170/0x3f0 [ 20.045387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.045696] kthread+0x328/0x630 [ 20.045783] ret_from_fork+0x10/0x20 [ 20.045948] [ 20.046008] Allocated by task 285: [ 20.046128] kasan_save_stack+0x3c/0x68 [ 20.046172] kasan_save_track+0x20/0x40 [ 20.046256] kasan_save_alloc_info+0x40/0x58 [ 20.046548] __kasan_kmalloc+0xd4/0xd8 [ 20.046629] __kmalloc_noprof+0x198/0x4c8 [ 20.046688] kunit_kmalloc_array+0x34/0x88 [ 20.046772] copy_user_test_oob+0xac/0xec8 [ 20.046880] kunit_try_run_case+0x170/0x3f0 [ 20.046922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.047195] kthread+0x328/0x630 [ 20.047324] ret_from_fork+0x10/0x20 [ 20.047466] [ 20.047545] The buggy address belongs to the object at fff00000c7834500 [ 20.047545] which belongs to the cache kmalloc-128 of size 128 [ 20.047662] The buggy address is located 0 bytes inside of [ 20.047662] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.047756] [ 20.047824] The buggy address belongs to the physical page: [ 20.047870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.047922] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.048276] page_type: f5(slab) [ 20.048410] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.048526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.048605] page dumped because: kasan: bad access detected [ 20.048640] [ 20.048660] Memory state around the buggy address: [ 20.048815] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.048862] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.048987] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.049146] ^ [ 20.049212] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049282] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049370] ================================================================== [ 20.049946] ================================================================== [ 20.049999] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 20.050084] Read of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.050136] [ 20.050167] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.050251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.050383] Hardware name: linux,dummy-virt (DT) [ 20.050475] Call trace: [ 20.050621] show_stack+0x20/0x38 (C) [ 20.050828] dump_stack_lvl+0x8c/0xd0 [ 20.050887] print_report+0x118/0x608 [ 20.050975] kasan_report+0xdc/0x128 [ 20.051025] kasan_check_range+0x100/0x1a8 [ 20.051194] __kasan_check_read+0x20/0x30 [ 20.051310] copy_user_test_oob+0x3c8/0xec8 [ 20.051365] kunit_try_run_case+0x170/0x3f0 [ 20.051453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.051535] kthread+0x328/0x630 [ 20.051601] ret_from_fork+0x10/0x20 [ 20.051652] [ 20.051691] Allocated by task 285: [ 20.051734] kasan_save_stack+0x3c/0x68 [ 20.051777] kasan_save_track+0x20/0x40 [ 20.051822] kasan_save_alloc_info+0x40/0x58 [ 20.051865] __kasan_kmalloc+0xd4/0xd8 [ 20.052023] __kmalloc_noprof+0x198/0x4c8 [ 20.052193] kunit_kmalloc_array+0x34/0x88 [ 20.052246] copy_user_test_oob+0xac/0xec8 [ 20.052295] kunit_try_run_case+0x170/0x3f0 [ 20.052336] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.052381] kthread+0x328/0x630 [ 20.052414] ret_from_fork+0x10/0x20 [ 20.052457] [ 20.052488] The buggy address belongs to the object at fff00000c7834500 [ 20.052488] which belongs to the cache kmalloc-128 of size 128 [ 20.052719] The buggy address is located 0 bytes inside of [ 20.052719] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.052844] [ 20.052953] The buggy address belongs to the physical page: [ 20.053012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.053075] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.053311] page_type: f5(slab) [ 20.053368] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.053476] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.053582] page dumped because: kasan: bad access detected [ 20.053672] [ 20.053751] Memory state around the buggy address: [ 20.053847] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.053946] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.054004] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.054182] ^ [ 20.054373] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.054493] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.054592] ================================================================== [ 20.026370] ================================================================== [ 20.026514] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 20.026652] Write of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.026708] [ 20.026753] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.027138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.027170] Hardware name: linux,dummy-virt (DT) [ 20.027255] Call trace: [ 20.027283] show_stack+0x20/0x38 (C) [ 20.027337] dump_stack_lvl+0x8c/0xd0 [ 20.027388] print_report+0x118/0x608 [ 20.027443] kasan_report+0xdc/0x128 [ 20.027489] kasan_check_range+0x100/0x1a8 [ 20.027575] __kasan_check_write+0x20/0x30 [ 20.027669] copy_user_test_oob+0x234/0xec8 [ 20.027721] kunit_try_run_case+0x170/0x3f0 [ 20.027772] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.027825] kthread+0x328/0x630 [ 20.027868] ret_from_fork+0x10/0x20 [ 20.027920] [ 20.027941] Allocated by task 285: [ 20.027971] kasan_save_stack+0x3c/0x68 [ 20.028016] kasan_save_track+0x20/0x40 [ 20.028064] kasan_save_alloc_info+0x40/0x58 [ 20.028134] __kasan_kmalloc+0xd4/0xd8 [ 20.028172] __kmalloc_noprof+0x198/0x4c8 [ 20.028214] kunit_kmalloc_array+0x34/0x88 [ 20.028252] copy_user_test_oob+0xac/0xec8 [ 20.028291] kunit_try_run_case+0x170/0x3f0 [ 20.028328] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.028378] kthread+0x328/0x630 [ 20.028413] ret_from_fork+0x10/0x20 [ 20.028453] [ 20.028573] The buggy address belongs to the object at fff00000c7834500 [ 20.028573] which belongs to the cache kmalloc-128 of size 128 [ 20.028693] The buggy address is located 0 bytes inside of [ 20.028693] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.028783] [ 20.028838] The buggy address belongs to the physical page: [ 20.028882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.028968] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.029045] page_type: f5(slab) [ 20.029120] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.029174] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.029216] page dumped because: kasan: bad access detected [ 20.029250] [ 20.029271] Memory state around the buggy address: [ 20.029306] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.029351] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.029396] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.029438] ^ [ 20.029480] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.029531] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.029573] ================================================================== [ 20.035760] ================================================================== [ 20.035852] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 20.035904] Read of size 121 at addr fff00000c7834500 by task kunit_try_catch/285 [ 20.036009] [ 20.036061] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.036151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.036247] Hardware name: linux,dummy-virt (DT) [ 20.036315] Call trace: [ 20.036365] show_stack+0x20/0x38 (C) [ 20.036451] dump_stack_lvl+0x8c/0xd0 [ 20.036504] print_report+0x118/0x608 [ 20.036571] kasan_report+0xdc/0x128 [ 20.036904] kasan_check_range+0x100/0x1a8 [ 20.037133] __kasan_check_read+0x20/0x30 [ 20.037183] copy_user_test_oob+0x728/0xec8 [ 20.037410] kunit_try_run_case+0x170/0x3f0 [ 20.037457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.037565] kthread+0x328/0x630 [ 20.037634] ret_from_fork+0x10/0x20 [ 20.037757] [ 20.037875] Allocated by task 285: [ 20.038017] kasan_save_stack+0x3c/0x68 [ 20.038134] kasan_save_track+0x20/0x40 [ 20.038251] kasan_save_alloc_info+0x40/0x58 [ 20.038366] __kasan_kmalloc+0xd4/0xd8 [ 20.038414] __kmalloc_noprof+0x198/0x4c8 [ 20.038487] kunit_kmalloc_array+0x34/0x88 [ 20.038533] copy_user_test_oob+0xac/0xec8 [ 20.038582] kunit_try_run_case+0x170/0x3f0 [ 20.038622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.038665] kthread+0x328/0x630 [ 20.038708] ret_from_fork+0x10/0x20 [ 20.038753] [ 20.038783] The buggy address belongs to the object at fff00000c7834500 [ 20.038783] which belongs to the cache kmalloc-128 of size 128 [ 20.038841] The buggy address is located 0 bytes inside of [ 20.038841] allocated 120-byte region [fff00000c7834500, fff00000c7834578) [ 20.038903] [ 20.038925] The buggy address belongs to the physical page: [ 20.038972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 20.039042] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.039104] page_type: f5(slab) [ 20.039152] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.039205] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.039247] page dumped because: kasan: bad access detected [ 20.039297] [ 20.039329] Memory state around the buggy address: [ 20.039364] fff00000c7834400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.039410] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.039456] >fff00000c7834500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.039504] ^ [ 20.039552] fff00000c7834580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.039604] fff00000c7834600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.039660] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.923595] ================================================================== [ 19.923678] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.923953] Read of size 8 at addr fff00000c7834478 by task kunit_try_catch/281 [ 19.924045] [ 19.924105] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.924194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.924587] Hardware name: linux,dummy-virt (DT) [ 19.924669] Call trace: [ 19.924713] show_stack+0x20/0x38 (C) [ 19.924776] dump_stack_lvl+0x8c/0xd0 [ 19.924828] print_report+0x118/0x608 [ 19.925245] kasan_report+0xdc/0x128 [ 19.925414] __asan_report_load8_noabort+0x20/0x30 [ 19.925759] copy_to_kernel_nofault+0x204/0x250 [ 19.925834] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.926460] kunit_try_run_case+0x170/0x3f0 [ 19.926604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.926773] kthread+0x328/0x630 [ 19.926955] ret_from_fork+0x10/0x20 [ 19.927448] [ 19.927514] Allocated by task 281: [ 19.927563] kasan_save_stack+0x3c/0x68 [ 19.927718] kasan_save_track+0x20/0x40 [ 19.927836] kasan_save_alloc_info+0x40/0x58 [ 19.928176] __kasan_kmalloc+0xd4/0xd8 [ 19.928264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.928389] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.928472] kunit_try_run_case+0x170/0x3f0 [ 19.928659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.928860] kthread+0x328/0x630 [ 19.928935] ret_from_fork+0x10/0x20 [ 19.929607] [ 19.929710] The buggy address belongs to the object at fff00000c7834400 [ 19.929710] which belongs to the cache kmalloc-128 of size 128 [ 19.929807] The buggy address is located 0 bytes to the right of [ 19.929807] allocated 120-byte region [fff00000c7834400, fff00000c7834478) [ 19.929872] [ 19.929946] The buggy address belongs to the physical page: [ 19.930245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 19.930645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.930716] page_type: f5(slab) [ 19.930817] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.930906] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.930947] page dumped because: kasan: bad access detected [ 19.930981] [ 19.931050] Memory state around the buggy address: [ 19.931183] fff00000c7834300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.931318] fff00000c7834380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.931449] >fff00000c7834400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.931490] ^ [ 19.931533] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.931577] fff00000c7834500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.931618] ================================================================== [ 19.932398] ================================================================== [ 19.932537] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.932592] Write of size 8 at addr fff00000c7834478 by task kunit_try_catch/281 [ 19.932644] [ 19.932703] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.932807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.932842] Hardware name: linux,dummy-virt (DT) [ 19.932875] Call trace: [ 19.932899] show_stack+0x20/0x38 (C) [ 19.932971] dump_stack_lvl+0x8c/0xd0 [ 19.933021] print_report+0x118/0x608 [ 19.933123] kasan_report+0xdc/0x128 [ 19.933180] kasan_check_range+0x100/0x1a8 [ 19.933330] __kasan_check_write+0x20/0x30 [ 19.933658] copy_to_kernel_nofault+0x8c/0x250 [ 19.933744] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.933919] kunit_try_run_case+0x170/0x3f0 [ 19.934005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.934229] kthread+0x328/0x630 [ 19.934374] ret_from_fork+0x10/0x20 [ 19.934472] [ 19.934494] Allocated by task 281: [ 19.934555] kasan_save_stack+0x3c/0x68 [ 19.934911] kasan_save_track+0x20/0x40 [ 19.935077] kasan_save_alloc_info+0x40/0x58 [ 19.935216] __kasan_kmalloc+0xd4/0xd8 [ 19.935352] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.935460] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.935545] kunit_try_run_case+0x170/0x3f0 [ 19.935638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.935722] kthread+0x328/0x630 [ 19.935757] ret_from_fork+0x10/0x20 [ 19.935792] [ 19.935965] The buggy address belongs to the object at fff00000c7834400 [ 19.935965] which belongs to the cache kmalloc-128 of size 128 [ 19.936173] The buggy address is located 0 bytes to the right of [ 19.936173] allocated 120-byte region [fff00000c7834400, fff00000c7834478) [ 19.936380] [ 19.936428] The buggy address belongs to the physical page: [ 19.936482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 19.936565] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.936616] page_type: f5(slab) [ 19.936668] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.936890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.937086] page dumped because: kasan: bad access detected [ 19.937191] [ 19.937283] Memory state around the buggy address: [ 19.937375] fff00000c7834300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.937447] fff00000c7834380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.937493] >fff00000c7834400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.937552] ^ [ 19.937595] fff00000c7834480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.937870] fff00000c7834500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.937957] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.874773] ================================================================== [ 19.874827] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.875292] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.875490] [ 19.875552] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.875717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.875763] Hardware name: linux,dummy-virt (DT) [ 19.875795] Call trace: [ 19.875818] show_stack+0x20/0x38 (C) [ 19.876094] dump_stack_lvl+0x8c/0xd0 [ 19.876495] print_report+0x310/0x608 [ 19.876588] kasan_report+0xdc/0x128 [ 19.876710] __asan_report_load1_noabort+0x20/0x30 [ 19.876835] vmalloc_oob+0x51c/0x5d0 [ 19.876966] kunit_try_run_case+0x170/0x3f0 [ 19.877098] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.877281] kthread+0x328/0x630 [ 19.877490] ret_from_fork+0x10/0x20 [ 19.877663] [ 19.877779] The buggy address belongs to the virtual mapping at [ 19.877779] [ffff8000800fe000, ffff800080100000) created by: [ 19.877779] vmalloc_oob+0x98/0x5d0 [ 19.877856] [ 19.877879] The buggy address belongs to the physical page: [ 19.878188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107819 [ 19.878338] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.878441] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.878853] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.878968] page dumped because: kasan: bad access detected [ 19.879015] [ 19.879051] Memory state around the buggy address: [ 19.879087] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.879455] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.879727] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.879806] ^ [ 19.880095] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.880253] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.880355] ================================================================== [ 19.867726] ================================================================== [ 19.868082] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.868448] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.868569] [ 19.868816] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.869224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.869362] Hardware name: linux,dummy-virt (DT) [ 19.869881] Call trace: [ 19.869917] show_stack+0x20/0x38 (C) [ 19.870342] dump_stack_lvl+0x8c/0xd0 [ 19.870470] print_report+0x310/0x608 [ 19.870913] kasan_report+0xdc/0x128 [ 19.871021] __asan_report_load1_noabort+0x20/0x30 [ 19.871196] vmalloc_oob+0x578/0x5d0 [ 19.871444] kunit_try_run_case+0x170/0x3f0 [ 19.871593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.871658] kthread+0x328/0x630 [ 19.871704] ret_from_fork+0x10/0x20 [ 19.871898] [ 19.871953] The buggy address belongs to the virtual mapping at [ 19.871953] [ffff8000800fe000, ffff800080100000) created by: [ 19.871953] vmalloc_oob+0x98/0x5d0 [ 19.872053] [ 19.872086] The buggy address belongs to the physical page: [ 19.872120] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107819 [ 19.872175] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.872249] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.872312] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.872354] page dumped because: kasan: bad access detected [ 19.872399] [ 19.872419] Memory state around the buggy address: [ 19.872465] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.872517] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.872561] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.873084] ^ [ 19.873161] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.873209] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.873405] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.167006] ================================================================== [ 19.168105] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.168192] Read of size 1 at addr fff00000c7832b50 by task kunit_try_catch/259 [ 19.168259] [ 19.168293] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.168375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.168415] Hardware name: linux,dummy-virt (DT) [ 19.168456] Call trace: [ 19.168480] show_stack+0x20/0x38 (C) [ 19.168748] dump_stack_lvl+0x8c/0xd0 [ 19.168871] print_report+0x118/0x608 [ 19.168955] kasan_report+0xdc/0x128 [ 19.169110] __asan_report_load1_noabort+0x20/0x30 [ 19.169319] strnlen+0x80/0x88 [ 19.169741] kasan_strings+0x478/0xb00 [ 19.169836] kunit_try_run_case+0x170/0x3f0 [ 19.169908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.170260] kthread+0x328/0x630 [ 19.170462] ret_from_fork+0x10/0x20 [ 19.170831] [ 19.170954] Allocated by task 259: [ 19.171332] kasan_save_stack+0x3c/0x68 [ 19.171936] kasan_save_track+0x20/0x40 [ 19.172096] kasan_save_alloc_info+0x40/0x58 [ 19.172342] __kasan_kmalloc+0xd4/0xd8 [ 19.172479] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.172771] kasan_strings+0xc8/0xb00 [ 19.172964] kunit_try_run_case+0x170/0x3f0 [ 19.173072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.173308] kthread+0x328/0x630 [ 19.173354] ret_from_fork+0x10/0x20 [ 19.173566] [ 19.173677] Freed by task 259: [ 19.173713] kasan_save_stack+0x3c/0x68 [ 19.174089] kasan_save_track+0x20/0x40 [ 19.174272] kasan_save_free_info+0x4c/0x78 [ 19.174426] __kasan_slab_free+0x6c/0x98 [ 19.174469] kfree+0x214/0x3c8 [ 19.174549] kasan_strings+0x24c/0xb00 [ 19.174749] kunit_try_run_case+0x170/0x3f0 [ 19.174918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.175110] kthread+0x328/0x630 [ 19.175242] ret_from_fork+0x10/0x20 [ 19.175359] [ 19.175429] The buggy address belongs to the object at fff00000c7832b40 [ 19.175429] which belongs to the cache kmalloc-32 of size 32 [ 19.175639] The buggy address is located 16 bytes inside of [ 19.175639] freed 32-byte region [fff00000c7832b40, fff00000c7832b60) [ 19.175843] [ 19.175934] The buggy address belongs to the physical page: [ 19.176067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107832 [ 19.176196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.176273] page_type: f5(slab) [ 19.176489] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.176778] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.176975] page dumped because: kasan: bad access detected [ 19.177130] [ 19.177211] Memory state around the buggy address: [ 19.177275] fff00000c7832a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.177501] fff00000c7832a80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.177707] >fff00000c7832b00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.177868] ^ [ 19.177965] fff00000c7832b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.178098] fff00000c7832c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.178192] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.161619] ================================================================== [ 19.161689] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.161895] Read of size 1 at addr fff00000c7832b50 by task kunit_try_catch/259 [ 19.162187] [ 19.162239] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.162618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.162665] Hardware name: linux,dummy-virt (DT) [ 19.163060] Call trace: [ 19.163274] show_stack+0x20/0x38 (C) [ 19.163345] dump_stack_lvl+0x8c/0xd0 [ 19.163427] print_report+0x118/0x608 [ 19.163516] kasan_report+0xdc/0x128 [ 19.163579] __asan_report_load1_noabort+0x20/0x30 [ 19.163634] strlen+0xa8/0xb0 [ 19.163827] kasan_strings+0x418/0xb00 [ 19.163889] kunit_try_run_case+0x170/0x3f0 [ 19.164286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.164354] kthread+0x328/0x630 [ 19.164399] ret_from_fork+0x10/0x20 [ 19.164564] [ 19.164609] Allocated by task 259: [ 19.164641] kasan_save_stack+0x3c/0x68 [ 19.164687] kasan_save_track+0x20/0x40 [ 19.164727] kasan_save_alloc_info+0x40/0x58 [ 19.164786] __kasan_kmalloc+0xd4/0xd8 [ 19.164841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.164889] kasan_strings+0xc8/0xb00 [ 19.164932] kunit_try_run_case+0x170/0x3f0 [ 19.164995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.165053] kthread+0x328/0x630 [ 19.165089] ret_from_fork+0x10/0x20 [ 19.165127] [ 19.165149] Freed by task 259: [ 19.165178] kasan_save_stack+0x3c/0x68 [ 19.165217] kasan_save_track+0x20/0x40 [ 19.165266] kasan_save_free_info+0x4c/0x78 [ 19.165308] __kasan_slab_free+0x6c/0x98 [ 19.165354] kfree+0x214/0x3c8 [ 19.165390] kasan_strings+0x24c/0xb00 [ 19.165459] kunit_try_run_case+0x170/0x3f0 [ 19.165500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.165543] kthread+0x328/0x630 [ 19.165588] ret_from_fork+0x10/0x20 [ 19.165624] [ 19.165660] The buggy address belongs to the object at fff00000c7832b40 [ 19.165660] which belongs to the cache kmalloc-32 of size 32 [ 19.165726] The buggy address is located 16 bytes inside of [ 19.165726] freed 32-byte region [fff00000c7832b40, fff00000c7832b60) [ 19.165800] [ 19.165821] The buggy address belongs to the physical page: [ 19.165870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107832 [ 19.165942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.165993] page_type: f5(slab) [ 19.166041] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.166094] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.166139] page dumped because: kasan: bad access detected [ 19.166183] [ 19.166211] Memory state around the buggy address: [ 19.166244] fff00000c7832a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.166299] fff00000c7832a80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.166346] >fff00000c7832b00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.166396] ^ [ 19.166456] fff00000c7832b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.166501] fff00000c7832c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.166544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.149863] ================================================================== [ 19.149922] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.149973] Read of size 1 at addr fff00000c7832b50 by task kunit_try_catch/259 [ 19.150192] [ 19.150228] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.150543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.150651] Hardware name: linux,dummy-virt (DT) [ 19.150686] Call trace: [ 19.150791] show_stack+0x20/0x38 (C) [ 19.150843] dump_stack_lvl+0x8c/0xd0 [ 19.151088] print_report+0x118/0x608 [ 19.151172] kasan_report+0xdc/0x128 [ 19.151307] __asan_report_load1_noabort+0x20/0x30 [ 19.151466] kasan_strings+0x95c/0xb00 [ 19.151533] kunit_try_run_case+0x170/0x3f0 [ 19.151584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.151639] kthread+0x328/0x630 [ 19.151744] ret_from_fork+0x10/0x20 [ 19.151794] [ 19.151816] Allocated by task 259: [ 19.151873] kasan_save_stack+0x3c/0x68 [ 19.152176] kasan_save_track+0x20/0x40 [ 19.152221] kasan_save_alloc_info+0x40/0x58 [ 19.152460] __kasan_kmalloc+0xd4/0xd8 [ 19.152800] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.153166] kasan_strings+0xc8/0xb00 [ 19.153319] kunit_try_run_case+0x170/0x3f0 [ 19.153457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.153790] kthread+0x328/0x630 [ 19.153956] ret_from_fork+0x10/0x20 [ 19.154108] [ 19.154214] Freed by task 259: [ 19.154381] kasan_save_stack+0x3c/0x68 [ 19.154450] kasan_save_track+0x20/0x40 [ 19.154514] kasan_save_free_info+0x4c/0x78 [ 19.154815] __kasan_slab_free+0x6c/0x98 [ 19.155115] kfree+0x214/0x3c8 [ 19.155242] kasan_strings+0x24c/0xb00 [ 19.155319] kunit_try_run_case+0x170/0x3f0 [ 19.155387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.155597] kthread+0x328/0x630 [ 19.155892] ret_from_fork+0x10/0x20 [ 19.156069] [ 19.156190] The buggy address belongs to the object at fff00000c7832b40 [ 19.156190] which belongs to the cache kmalloc-32 of size 32 [ 19.156297] The buggy address is located 16 bytes inside of [ 19.156297] freed 32-byte region [fff00000c7832b40, fff00000c7832b60) [ 19.156552] [ 19.156881] The buggy address belongs to the physical page: [ 19.157071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107832 [ 19.157163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.157415] page_type: f5(slab) [ 19.157689] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.157806] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.157941] page dumped because: kasan: bad access detected [ 19.158095] [ 19.158179] Memory state around the buggy address: [ 19.158220] fff00000c7832a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.158275] fff00000c7832a80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.158644] >fff00000c7832b00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.158761] ^ [ 19.158863] fff00000c7832b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.158950] fff00000c7832c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.159095] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.141640] ================================================================== [ 19.141699] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.142231] Read of size 1 at addr fff00000c7832b50 by task kunit_try_catch/259 [ 19.142338] [ 19.142376] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.142463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.142493] Hardware name: linux,dummy-virt (DT) [ 19.142528] Call trace: [ 19.142551] show_stack+0x20/0x38 (C) [ 19.142604] dump_stack_lvl+0x8c/0xd0 [ 19.142653] print_report+0x118/0x608 [ 19.142712] kasan_report+0xdc/0x128 [ 19.142760] __asan_report_load1_noabort+0x20/0x30 [ 19.142812] strcmp+0xc0/0xc8 [ 19.142855] kasan_strings+0x340/0xb00 [ 19.142901] kunit_try_run_case+0x170/0x3f0 [ 19.142952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.143013] kthread+0x328/0x630 [ 19.143069] ret_from_fork+0x10/0x20 [ 19.143119] [ 19.143139] Allocated by task 259: [ 19.143171] kasan_save_stack+0x3c/0x68 [ 19.143222] kasan_save_track+0x20/0x40 [ 19.143272] kasan_save_alloc_info+0x40/0x58 [ 19.143317] __kasan_kmalloc+0xd4/0xd8 [ 19.143356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.143399] kasan_strings+0xc8/0xb00 [ 19.143436] kunit_try_run_case+0x170/0x3f0 [ 19.143482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.143528] kthread+0x328/0x630 [ 19.143560] ret_from_fork+0x10/0x20 [ 19.143597] [ 19.143625] Freed by task 259: [ 19.143654] kasan_save_stack+0x3c/0x68 [ 19.143693] kasan_save_track+0x20/0x40 [ 19.143739] kasan_save_free_info+0x4c/0x78 [ 19.143779] __kasan_slab_free+0x6c/0x98 [ 19.143818] kfree+0x214/0x3c8 [ 19.143860] kasan_strings+0x24c/0xb00 [ 19.143897] kunit_try_run_case+0x170/0x3f0 [ 19.143936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.143979] kthread+0x328/0x630 [ 19.144021] ret_from_fork+0x10/0x20 [ 19.144323] [ 19.144560] The buggy address belongs to the object at fff00000c7832b40 [ 19.144560] which belongs to the cache kmalloc-32 of size 32 [ 19.144719] The buggy address is located 16 bytes inside of [ 19.144719] freed 32-byte region [fff00000c7832b40, fff00000c7832b60) [ 19.145617] [ 19.145667] The buggy address belongs to the physical page: [ 19.145721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107832 [ 19.145796] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.145881] page_type: f5(slab) [ 19.146149] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.146227] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.146393] page dumped because: kasan: bad access detected [ 19.146594] [ 19.146699] Memory state around the buggy address: [ 19.146989] fff00000c7832a00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.147138] fff00000c7832a80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.147602] >fff00000c7832b00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.147668] ^ [ 19.147865] fff00000c7832b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.148224] fff00000c7832c00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.148411] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.431535] ================================================================== [ 16.431863] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.432758] Write of size 1 at addr fff00000c652da73 by task kunit_try_catch/136 [ 16.432864] [ 16.433662] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 16.433804] Tainted: [N]=TEST [ 16.433837] Hardware name: linux,dummy-virt (DT) [ 16.434077] Call trace: [ 16.434248] show_stack+0x20/0x38 (C) [ 16.434379] dump_stack_lvl+0x8c/0xd0 [ 16.434441] print_report+0x118/0x608 [ 16.434489] kasan_report+0xdc/0x128 [ 16.434535] __asan_report_store1_noabort+0x20/0x30 [ 16.434583] kmalloc_oob_right+0x5a4/0x660 [ 16.434628] kunit_try_run_case+0x170/0x3f0 [ 16.434678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.434729] kthread+0x328/0x630 [ 16.434772] ret_from_fork+0x10/0x20 [ 16.434923] [ 16.434962] Allocated by task 136: [ 16.435109] kasan_save_stack+0x3c/0x68 [ 16.435177] kasan_save_track+0x20/0x40 [ 16.435214] kasan_save_alloc_info+0x40/0x58 [ 16.435253] __kasan_kmalloc+0xd4/0xd8 [ 16.435288] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.435327] kmalloc_oob_right+0xb0/0x660 [ 16.435362] kunit_try_run_case+0x170/0x3f0 [ 16.435398] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.435440] kthread+0x328/0x630 [ 16.435471] ret_from_fork+0x10/0x20 [ 16.435523] [ 16.435586] The buggy address belongs to the object at fff00000c652da00 [ 16.435586] which belongs to the cache kmalloc-128 of size 128 [ 16.435677] The buggy address is located 0 bytes to the right of [ 16.435677] allocated 115-byte region [fff00000c652da00, fff00000c652da73) [ 16.435741] [ 16.435820] The buggy address belongs to the physical page: [ 16.436015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.436298] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.436597] page_type: f5(slab) [ 16.436945] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.437020] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.437166] page dumped because: kasan: bad access detected [ 16.437208] [ 16.437234] Memory state around the buggy address: [ 16.437449] fff00000c652d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.437513] fff00000c652d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.437566] >fff00000c652da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.437619] ^ [ 16.437699] fff00000c652da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.437740] fff00000c652db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.437800] ================================================================== [ 16.443024] ================================================================== [ 16.443133] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.443212] Read of size 1 at addr fff00000c652da80 by task kunit_try_catch/136 [ 16.443297] [ 16.443344] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.443460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.443487] Hardware name: linux,dummy-virt (DT) [ 16.443517] Call trace: [ 16.443568] show_stack+0x20/0x38 (C) [ 16.443640] dump_stack_lvl+0x8c/0xd0 [ 16.443687] print_report+0x118/0x608 [ 16.443731] kasan_report+0xdc/0x128 [ 16.443946] __asan_report_load1_noabort+0x20/0x30 [ 16.444007] kmalloc_oob_right+0x5d0/0x660 [ 16.444064] kunit_try_run_case+0x170/0x3f0 [ 16.444174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.444226] kthread+0x328/0x630 [ 16.444275] ret_from_fork+0x10/0x20 [ 16.444321] [ 16.444339] Allocated by task 136: [ 16.444570] kasan_save_stack+0x3c/0x68 [ 16.444666] kasan_save_track+0x20/0x40 [ 16.444808] kasan_save_alloc_info+0x40/0x58 [ 16.444878] __kasan_kmalloc+0xd4/0xd8 [ 16.444987] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.445054] kmalloc_oob_right+0xb0/0x660 [ 16.445089] kunit_try_run_case+0x170/0x3f0 [ 16.445247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.445294] kthread+0x328/0x630 [ 16.445325] ret_from_fork+0x10/0x20 [ 16.445359] [ 16.445378] The buggy address belongs to the object at fff00000c652da00 [ 16.445378] which belongs to the cache kmalloc-128 of size 128 [ 16.445434] The buggy address is located 13 bytes to the right of [ 16.445434] allocated 115-byte region [fff00000c652da00, fff00000c652da73) [ 16.445496] [ 16.445516] The buggy address belongs to the physical page: [ 16.445545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.445595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.445642] page_type: f5(slab) [ 16.445678] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.445726] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.445764] page dumped because: kasan: bad access detected [ 16.445793] [ 16.445810] Memory state around the buggy address: [ 16.445839] fff00000c652d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.445959] fff00000c652da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.446085] >fff00000c652da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.446196] ^ [ 16.446243] fff00000c652db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.446492] fff00000c652db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.446695] ================================================================== [ 16.438358] ================================================================== [ 16.438436] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.438501] Write of size 1 at addr fff00000c652da78 by task kunit_try_catch/136 [ 16.438549] [ 16.438613] CPU: 0 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.438692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.438792] Hardware name: linux,dummy-virt (DT) [ 16.438829] Call trace: [ 16.438856] show_stack+0x20/0x38 (C) [ 16.439007] dump_stack_lvl+0x8c/0xd0 [ 16.439122] print_report+0x118/0x608 [ 16.439228] kasan_report+0xdc/0x128 [ 16.439273] __asan_report_store1_noabort+0x20/0x30 [ 16.439320] kmalloc_oob_right+0x538/0x660 [ 16.439381] kunit_try_run_case+0x170/0x3f0 [ 16.439427] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.439477] kthread+0x328/0x630 [ 16.439517] ret_from_fork+0x10/0x20 [ 16.439728] [ 16.439754] Allocated by task 136: [ 16.439871] kasan_save_stack+0x3c/0x68 [ 16.439913] kasan_save_track+0x20/0x40 [ 16.439980] kasan_save_alloc_info+0x40/0x58 [ 16.440046] __kasan_kmalloc+0xd4/0xd8 [ 16.440083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.440513] kmalloc_oob_right+0xb0/0x660 [ 16.440600] kunit_try_run_case+0x170/0x3f0 [ 16.440671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.440723] kthread+0x328/0x630 [ 16.440755] ret_from_fork+0x10/0x20 [ 16.440812] [ 16.440911] The buggy address belongs to the object at fff00000c652da00 [ 16.440911] which belongs to the cache kmalloc-128 of size 128 [ 16.441216] The buggy address is located 5 bytes to the right of [ 16.441216] allocated 115-byte region [fff00000c652da00, fff00000c652da73) [ 16.441331] [ 16.441350] The buggy address belongs to the physical page: [ 16.441507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.441762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.441822] page_type: f5(slab) [ 16.441868] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.441926] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.441964] page dumped because: kasan: bad access detected [ 16.442003] [ 16.442021] Memory state around the buggy address: [ 16.442060] fff00000c652d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.442102] fff00000c652d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.442142] >fff00000c652da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.442187] ^ [ 16.442231] fff00000c652da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.442272] fff00000c652db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.442309] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.117597] ================================================================== [ 19.118108] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.118247] Read of size 1 at addr fff00000c78329d8 by task kunit_try_catch/257 [ 19.118306] [ 19.118359] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.118687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.118760] Hardware name: linux,dummy-virt (DT) [ 19.118965] Call trace: [ 19.119004] show_stack+0x20/0x38 (C) [ 19.119192] dump_stack_lvl+0x8c/0xd0 [ 19.119329] print_report+0x118/0x608 [ 19.119638] kasan_report+0xdc/0x128 [ 19.119959] __asan_report_load1_noabort+0x20/0x30 [ 19.120098] memcmp+0x198/0x1d8 [ 19.120166] kasan_memcmp+0x16c/0x300 [ 19.120242] kunit_try_run_case+0x170/0x3f0 [ 19.120341] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.120426] kthread+0x328/0x630 [ 19.120554] ret_from_fork+0x10/0x20 [ 19.120904] [ 19.120936] Allocated by task 257: [ 19.120973] kasan_save_stack+0x3c/0x68 [ 19.121037] kasan_save_track+0x20/0x40 [ 19.121708] kasan_save_alloc_info+0x40/0x58 [ 19.121836] __kasan_kmalloc+0xd4/0xd8 [ 19.121995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.122187] kasan_memcmp+0xbc/0x300 [ 19.122444] kunit_try_run_case+0x170/0x3f0 [ 19.122639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.122742] kthread+0x328/0x630 [ 19.122903] ret_from_fork+0x10/0x20 [ 19.123047] [ 19.123075] The buggy address belongs to the object at fff00000c78329c0 [ 19.123075] which belongs to the cache kmalloc-32 of size 32 [ 19.123191] The buggy address is located 0 bytes to the right of [ 19.123191] allocated 24-byte region [fff00000c78329c0, fff00000c78329d8) [ 19.123679] [ 19.123749] The buggy address belongs to the physical page: [ 19.123838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107832 [ 19.124061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.124327] page_type: f5(slab) [ 19.124499] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.124644] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.124795] page dumped because: kasan: bad access detected [ 19.124846] [ 19.124900] Memory state around the buggy address: [ 19.124960] fff00000c7832880: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.125043] fff00000c7832900: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.125089] >fff00000c7832980: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.125129] ^ [ 19.125333] fff00000c7832a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.125562] fff00000c7832a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.125663] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.091817] ================================================================== [ 19.091882] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.092071] Read of size 1 at addr ffff800080ae7b4a by task kunit_try_catch/253 [ 19.092148] [ 19.092188] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.092276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.092314] Hardware name: linux,dummy-virt (DT) [ 19.092359] Call trace: [ 19.092391] show_stack+0x20/0x38 (C) [ 19.092452] dump_stack_lvl+0x8c/0xd0 [ 19.092502] print_report+0x310/0x608 [ 19.093223] kasan_report+0xdc/0x128 [ 19.093373] __asan_report_load1_noabort+0x20/0x30 [ 19.093516] kasan_alloca_oob_right+0x2dc/0x340 [ 19.093569] kunit_try_run_case+0x170/0x3f0 [ 19.093903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.094120] kthread+0x328/0x630 [ 19.094242] ret_from_fork+0x10/0x20 [ 19.094438] [ 19.094505] The buggy address belongs to stack of task kunit_try_catch/253 [ 19.094641] [ 19.094708] The buggy address belongs to the virtual mapping at [ 19.094708] [ffff800080ae0000, ffff800080ae9000) created by: [ 19.094708] kernel_clone+0x150/0x7a8 [ 19.095152] [ 19.095247] The buggy address belongs to the physical page: [ 19.095307] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c7 [ 19.095430] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.095787] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.096204] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.096333] page dumped because: kasan: bad access detected [ 19.096403] [ 19.096522] Memory state around the buggy address: [ 19.096747] ffff800080ae7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.096827] ffff800080ae7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.097118] >ffff800080ae7b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.097194] ^ [ 19.097302] ffff800080ae7b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.097348] ffff800080ae7c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.097553] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.075869] ================================================================== [ 19.075991] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.076058] Read of size 1 at addr ffff800080967b5f by task kunit_try_catch/251 [ 19.076180] [ 19.076226] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.076310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.076904] Hardware name: linux,dummy-virt (DT) [ 19.076985] Call trace: [ 19.077047] show_stack+0x20/0x38 (C) [ 19.077189] dump_stack_lvl+0x8c/0xd0 [ 19.077352] print_report+0x310/0x608 [ 19.077446] kasan_report+0xdc/0x128 [ 19.077647] __asan_report_load1_noabort+0x20/0x30 [ 19.077728] kasan_alloca_oob_left+0x2b8/0x310 [ 19.077816] kunit_try_run_case+0x170/0x3f0 [ 19.077871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.078025] kthread+0x328/0x630 [ 19.078104] ret_from_fork+0x10/0x20 [ 19.078188] [ 19.078220] The buggy address belongs to stack of task kunit_try_catch/251 [ 19.078311] [ 19.078350] The buggy address belongs to the virtual mapping at [ 19.078350] [ffff800080960000, ffff800080969000) created by: [ 19.078350] kernel_clone+0x150/0x7a8 [ 19.078428] [ 19.078462] The buggy address belongs to the physical page: [ 19.078513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10583f [ 19.078578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.078649] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.078711] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.078756] page dumped because: kasan: bad access detected [ 19.078789] [ 19.078826] Memory state around the buggy address: [ 19.078873] ffff800080967a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.078919] ffff800080967a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.078964] >ffff800080967b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.079005] ^ [ 19.079058] ffff800080967b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.079104] ffff800080967c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.079144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.060041] ================================================================== [ 19.060114] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.060406] Read of size 1 at addr ffff800080967c2a by task kunit_try_catch/249 [ 19.060477] [ 19.060729] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.060819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.060845] Hardware name: linux,dummy-virt (DT) [ 19.061171] Call trace: [ 19.061212] show_stack+0x20/0x38 (C) [ 19.061404] dump_stack_lvl+0x8c/0xd0 [ 19.061567] print_report+0x310/0x608 [ 19.061665] kasan_report+0xdc/0x128 [ 19.061808] __asan_report_load1_noabort+0x20/0x30 [ 19.061934] kasan_stack_oob+0x238/0x270 [ 19.062101] kunit_try_run_case+0x170/0x3f0 [ 19.062434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.062552] kthread+0x328/0x630 [ 19.062643] ret_from_fork+0x10/0x20 [ 19.062742] [ 19.063037] The buggy address belongs to stack of task kunit_try_catch/249 [ 19.063312] and is located at offset 138 in frame: [ 19.063386] kasan_stack_oob+0x0/0x270 [ 19.064159] [ 19.064312] This frame has 4 objects: [ 19.064980] [48, 49) '__assertion' [ 19.065193] [64, 72) 'array' [ 19.065423] [96, 112) '__assertion' [ 19.065494] [128, 138) 'stack_array' [ 19.065548] [ 19.065676] The buggy address belongs to the virtual mapping at [ 19.065676] [ffff800080960000, ffff800080969000) created by: [ 19.065676] kernel_clone+0x150/0x7a8 [ 19.066015] [ 19.066069] The buggy address belongs to the physical page: [ 19.066122] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10583f [ 19.066262] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.066345] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.066503] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.066547] page dumped because: kasan: bad access detected [ 19.066580] [ 19.066984] Memory state around the buggy address: [ 19.067055] ffff800080967b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.067247] ffff800080967b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.067373] >ffff800080967c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.067532] ^ [ 19.068009] ffff800080967c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.068208] ffff800080967d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.068428] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.038828] ================================================================== [ 19.038934] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.039109] Read of size 1 at addr ffff9660c1d4f5cd by task kunit_try_catch/245 [ 19.039164] [ 19.039205] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.039434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.039511] Hardware name: linux,dummy-virt (DT) [ 19.039547] Call trace: [ 19.039658] show_stack+0x20/0x38 (C) [ 19.039743] dump_stack_lvl+0x8c/0xd0 [ 19.040270] print_report+0x310/0x608 [ 19.040557] kasan_report+0xdc/0x128 [ 19.040696] __asan_report_load1_noabort+0x20/0x30 [ 19.040800] kasan_global_oob_right+0x230/0x270 [ 19.040907] kunit_try_run_case+0x170/0x3f0 [ 19.040992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.041054] kthread+0x328/0x630 [ 19.041095] ret_from_fork+0x10/0x20 [ 19.041154] [ 19.041403] The buggy address belongs to the variable: [ 19.041556] global_array+0xd/0x40 [ 19.042070] [ 19.042376] The buggy address belongs to the virtual mapping at [ 19.042376] [ffff9660bff00000, ffff9660c1e01000) created by: [ 19.042376] paging_init+0x66c/0x7d0 [ 19.042680] [ 19.043044] The buggy address belongs to the physical page: [ 19.043102] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 19.043256] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.043505] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 19.043798] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.043905] page dumped because: kasan: bad access detected [ 19.044013] [ 19.044158] Memory state around the buggy address: [ 19.044250] ffff9660c1d4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.044344] ffff9660c1d4f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.044506] >ffff9660c1d4f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 19.044653] ^ [ 19.044803] ffff9660c1d4f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 19.044875] ffff9660c1d4f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 19.044921] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.023431] ================================================================== [ 19.024045] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.024353] Free of addr fff00000c79a0001 by task kunit_try_catch/243 [ 19.024430] [ 19.024496] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.024665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.024694] Hardware name: linux,dummy-virt (DT) [ 19.024726] Call trace: [ 19.025276] show_stack+0x20/0x38 (C) [ 19.025566] dump_stack_lvl+0x8c/0xd0 [ 19.025624] print_report+0x118/0x608 [ 19.026229] kasan_report_invalid_free+0xc0/0xe8 [ 19.026648] __kasan_mempool_poison_object+0xfc/0x150 [ 19.027109] mempool_free+0x28c/0x328 [ 19.027167] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.027220] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.027272] kunit_try_run_case+0x170/0x3f0 [ 19.028055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.028128] kthread+0x328/0x630 [ 19.028450] ret_from_fork+0x10/0x20 [ 19.028581] [ 19.028603] The buggy address belongs to the physical page: [ 19.028841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079a0 [ 19.028902] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.028949] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.029218] page_type: f8(unknown) [ 19.029259] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.029514] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.029736] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.029807] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.029860] head: 0bfffe0000000002 ffffc1ffc31e6801 00000000ffffffff 00000000ffffffff [ 19.029908] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.030434] page dumped because: kasan: bad access detected [ 19.030536] [ 19.030638] Memory state around the buggy address: [ 19.030885] fff00000c799ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.031045] fff00000c799ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.031514] >fff00000c79a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.031596] ^ [ 19.031628] fff00000c79a0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.032021] fff00000c79a0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.032071] ================================================================== [ 18.988630] ================================================================== [ 18.989201] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.989970] Free of addr fff00000c7834001 by task kunit_try_catch/241 [ 18.990180] [ 18.990478] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.991444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.991503] Hardware name: linux,dummy-virt (DT) [ 18.991846] Call trace: [ 18.992052] show_stack+0x20/0x38 (C) [ 18.992112] dump_stack_lvl+0x8c/0xd0 [ 18.992161] print_report+0x118/0x608 [ 18.992206] kasan_report_invalid_free+0xc0/0xe8 [ 18.992255] check_slab_allocation+0xfc/0x108 [ 18.992369] __kasan_mempool_poison_object+0x78/0x150 [ 18.992557] mempool_free+0x28c/0x328 [ 18.992611] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.992680] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.993390] kunit_try_run_case+0x170/0x3f0 [ 18.993459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.993875] kthread+0x328/0x630 [ 18.993967] ret_from_fork+0x10/0x20 [ 18.994334] [ 18.994366] Allocated by task 241: [ 18.994577] kasan_save_stack+0x3c/0x68 [ 18.994680] kasan_save_track+0x20/0x40 [ 18.994787] kasan_save_alloc_info+0x40/0x58 [ 18.994828] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.994870] remove_element+0x130/0x1f8 [ 18.994904] mempool_alloc_preallocated+0x58/0xc0 [ 18.995546] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.995752] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.996385] kunit_try_run_case+0x170/0x3f0 [ 18.996518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.996629] kthread+0x328/0x630 [ 18.996661] ret_from_fork+0x10/0x20 [ 18.996697] [ 18.996718] The buggy address belongs to the object at fff00000c7834000 [ 18.996718] which belongs to the cache kmalloc-128 of size 128 [ 18.997194] The buggy address is located 1 bytes inside of [ 18.997194] 128-byte region [fff00000c7834000, fff00000c7834080) [ 18.997374] [ 18.997498] The buggy address belongs to the physical page: [ 18.997717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107834 [ 18.998070] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.998134] page_type: f5(slab) [ 18.998563] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.998800] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.998846] page dumped because: kasan: bad access detected [ 18.998877] [ 18.998896] Memory state around the buggy address: [ 18.999426] fff00000c7833f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.999668] fff00000c7833f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.999970] >fff00000c7834000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.000135] ^ [ 19.000167] fff00000c7834080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.000211] fff00000c7834100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.000249] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.966322] ================================================================== [ 18.967112] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.967184] Free of addr fff00000c79a0000 by task kunit_try_catch/239 [ 18.967382] [ 18.967617] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.968147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.968423] Hardware name: linux,dummy-virt (DT) [ 18.968476] Call trace: [ 18.968499] show_stack+0x20/0x38 (C) [ 18.968553] dump_stack_lvl+0x8c/0xd0 [ 18.968604] print_report+0x118/0x608 [ 18.968650] kasan_report_invalid_free+0xc0/0xe8 [ 18.968861] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.969453] mempool_free+0x24c/0x328 [ 18.969788] mempool_double_free_helper+0x150/0x2e8 [ 18.970025] mempool_page_alloc_double_free+0xbc/0x118 [ 18.970254] kunit_try_run_case+0x170/0x3f0 [ 18.970425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.970482] kthread+0x328/0x630 [ 18.971004] ret_from_fork+0x10/0x20 [ 18.971073] [ 18.971153] The buggy address belongs to the physical page: [ 18.971190] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079a0 [ 18.971613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.971797] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.972134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.972292] page dumped because: kasan: bad access detected [ 18.972478] [ 18.972590] Memory state around the buggy address: [ 18.972625] fff00000c799ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.973159] fff00000c799ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.973215] >fff00000c79a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.973359] ^ [ 18.973392] fff00000c79a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.973522] fff00000c79a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.973599] ================================================================== [ 18.943194] ================================================================== [ 18.943253] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.943306] Free of addr fff00000c79a0000 by task kunit_try_catch/237 [ 18.943348] [ 18.943379] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.943461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.943489] Hardware name: linux,dummy-virt (DT) [ 18.944570] Call trace: [ 18.944607] show_stack+0x20/0x38 (C) [ 18.944722] dump_stack_lvl+0x8c/0xd0 [ 18.944773] print_report+0x118/0x608 [ 18.944823] kasan_report_invalid_free+0xc0/0xe8 [ 18.944930] __kasan_mempool_poison_object+0x14c/0x150 [ 18.944983] mempool_free+0x28c/0x328 [ 18.945199] mempool_double_free_helper+0x150/0x2e8 [ 18.945363] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.945422] kunit_try_run_case+0x170/0x3f0 [ 18.945748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.946009] kthread+0x328/0x630 [ 18.946083] ret_from_fork+0x10/0x20 [ 18.946153] [ 18.946335] The buggy address belongs to the physical page: [ 18.946373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079a0 [ 18.946430] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.946681] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.946945] page_type: f8(unknown) [ 18.947016] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.947077] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.947628] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.947683] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.947732] head: 0bfffe0000000002 ffffc1ffc31e6801 00000000ffffffff 00000000ffffffff [ 18.948313] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.948551] page dumped because: kasan: bad access detected [ 18.948607] [ 18.948625] Memory state around the buggy address: [ 18.948781] fff00000c799ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.948867] fff00000c799ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.948932] >fff00000c79a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.949146] ^ [ 18.949259] fff00000c79a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.949420] fff00000c79a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.949848] ================================================================== [ 18.914903] ================================================================== [ 18.914965] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.916796] Free of addr fff00000c57d5c00 by task kunit_try_catch/235 [ 18.916973] [ 18.917016] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.917264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.917293] Hardware name: linux,dummy-virt (DT) [ 18.917356] Call trace: [ 18.917377] show_stack+0x20/0x38 (C) [ 18.917432] dump_stack_lvl+0x8c/0xd0 [ 18.917520] print_report+0x118/0x608 [ 18.917568] kasan_report_invalid_free+0xc0/0xe8 [ 18.917618] check_slab_allocation+0xd4/0x108 [ 18.917664] __kasan_mempool_poison_object+0x78/0x150 [ 18.917726] mempool_free+0x28c/0x328 [ 18.917814] mempool_double_free_helper+0x150/0x2e8 [ 18.917934] mempool_kmalloc_double_free+0xc0/0x118 [ 18.918172] kunit_try_run_case+0x170/0x3f0 [ 18.918298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.918608] kthread+0x328/0x630 [ 18.918987] ret_from_fork+0x10/0x20 [ 18.919442] [ 18.919487] Allocated by task 235: [ 18.919524] kasan_save_stack+0x3c/0x68 [ 18.919703] kasan_save_track+0x20/0x40 [ 18.919744] kasan_save_alloc_info+0x40/0x58 [ 18.920072] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.920293] remove_element+0x130/0x1f8 [ 18.920329] mempool_alloc_preallocated+0x58/0xc0 [ 18.920367] mempool_double_free_helper+0x94/0x2e8 [ 18.920772] mempool_kmalloc_double_free+0xc0/0x118 [ 18.920899] kunit_try_run_case+0x170/0x3f0 [ 18.921130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.921198] kthread+0x328/0x630 [ 18.921231] ret_from_fork+0x10/0x20 [ 18.921267] [ 18.921711] Freed by task 235: [ 18.921743] kasan_save_stack+0x3c/0x68 [ 18.922200] kasan_save_track+0x20/0x40 [ 18.922316] kasan_save_free_info+0x4c/0x78 [ 18.922357] __kasan_mempool_poison_object+0xc0/0x150 [ 18.922864] mempool_free+0x28c/0x328 [ 18.923111] mempool_double_free_helper+0x100/0x2e8 [ 18.923383] mempool_kmalloc_double_free+0xc0/0x118 [ 18.923433] kunit_try_run_case+0x170/0x3f0 [ 18.923782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.923838] kthread+0x328/0x630 [ 18.924110] ret_from_fork+0x10/0x20 [ 18.924199] [ 18.924331] The buggy address belongs to the object at fff00000c57d5c00 [ 18.924331] which belongs to the cache kmalloc-128 of size 128 [ 18.924679] The buggy address is located 0 bytes inside of [ 18.924679] 128-byte region [fff00000c57d5c00, fff00000c57d5c80) [ 18.924805] [ 18.924827] The buggy address belongs to the physical page: [ 18.925153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d5 [ 18.925228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.925276] page_type: f5(slab) [ 18.925316] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.925365] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.925404] page dumped because: kasan: bad access detected [ 18.925434] [ 18.925451] Memory state around the buggy address: [ 18.925752] fff00000c57d5b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.926248] fff00000c57d5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.926320] >fff00000c57d5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.926558] ^ [ 18.926707] fff00000c57d5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.926906] fff00000c57d5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.927009] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.902163] ================================================================== [ 18.902239] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.902306] Read of size 1 at addr fff00000c5fbc000 by task kunit_try_catch/233 [ 18.902355] [ 18.902392] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.902476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.902502] Hardware name: linux,dummy-virt (DT) [ 18.902535] Call trace: [ 18.902557] show_stack+0x20/0x38 (C) [ 18.902608] dump_stack_lvl+0x8c/0xd0 [ 18.902657] print_report+0x118/0x608 [ 18.902703] kasan_report+0xdc/0x128 [ 18.902748] __asan_report_load1_noabort+0x20/0x30 [ 18.902798] mempool_uaf_helper+0x314/0x340 [ 18.902842] mempool_page_alloc_uaf+0xc0/0x118 [ 18.902888] kunit_try_run_case+0x170/0x3f0 [ 18.902935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.902987] kthread+0x328/0x630 [ 18.903043] ret_from_fork+0x10/0x20 [ 18.903091] [ 18.903114] The buggy address belongs to the physical page: [ 18.903146] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105fbc [ 18.903200] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.903266] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.903316] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.903357] page dumped because: kasan: bad access detected [ 18.903389] [ 18.903407] Memory state around the buggy address: [ 18.903439] fff00000c5fbbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.903482] fff00000c5fbbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.903525] >fff00000c5fbc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.903564] ^ [ 18.903591] fff00000c5fbc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.903634] fff00000c5fbc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.903671] ================================================================== [ 18.832047] ================================================================== [ 18.832109] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.832803] Read of size 1 at addr fff00000c7938000 by task kunit_try_catch/229 [ 18.832872] [ 18.832906] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.833469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.833755] Hardware name: linux,dummy-virt (DT) [ 18.833789] Call trace: [ 18.833870] show_stack+0x20/0x38 (C) [ 18.833944] dump_stack_lvl+0x8c/0xd0 [ 18.833990] print_report+0x118/0x608 [ 18.834044] kasan_report+0xdc/0x128 [ 18.834088] __asan_report_load1_noabort+0x20/0x30 [ 18.834138] mempool_uaf_helper+0x314/0x340 [ 18.834184] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.834231] kunit_try_run_case+0x170/0x3f0 [ 18.834281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.835235] kthread+0x328/0x630 [ 18.835302] ret_from_fork+0x10/0x20 [ 18.835385] [ 18.835521] The buggy address belongs to the physical page: [ 18.835781] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107938 [ 18.835970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.836019] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.836489] page_type: f8(unknown) [ 18.836697] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.836837] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.836930] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.837079] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.837314] head: 0bfffe0000000002 ffffc1ffc31e4e01 00000000ffffffff 00000000ffffffff [ 18.837573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.837742] page dumped because: kasan: bad access detected [ 18.837776] [ 18.837923] Memory state around the buggy address: [ 18.837958] fff00000c7937f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.838249] fff00000c7937f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.838313] >fff00000c7938000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.838351] ^ [ 18.838749] fff00000c7938080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.838903] fff00000c7938100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.839143] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.856535] ================================================================== [ 18.857118] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.857174] Read of size 1 at addr fff00000c78d5240 by task kunit_try_catch/231 [ 18.857379] [ 18.857743] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.857835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.857862] Hardware name: linux,dummy-virt (DT) [ 18.858174] Call trace: [ 18.858369] show_stack+0x20/0x38 (C) [ 18.858710] dump_stack_lvl+0x8c/0xd0 [ 18.858761] print_report+0x118/0x608 [ 18.859078] kasan_report+0xdc/0x128 [ 18.859162] __asan_report_load1_noabort+0x20/0x30 [ 18.859219] mempool_uaf_helper+0x314/0x340 [ 18.859266] mempool_slab_uaf+0xc0/0x118 [ 18.859312] kunit_try_run_case+0x170/0x3f0 [ 18.859358] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.859410] kthread+0x328/0x630 [ 18.859449] ret_from_fork+0x10/0x20 [ 18.860374] [ 18.860489] Allocated by task 231: [ 18.860628] kasan_save_stack+0x3c/0x68 [ 18.860881] kasan_save_track+0x20/0x40 [ 18.861255] kasan_save_alloc_info+0x40/0x58 [ 18.861502] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.861550] remove_element+0x16c/0x1f8 [ 18.861590] mempool_alloc_preallocated+0x58/0xc0 [ 18.861630] mempool_uaf_helper+0xa4/0x340 [ 18.862126] mempool_slab_uaf+0xc0/0x118 [ 18.862506] kunit_try_run_case+0x170/0x3f0 [ 18.862858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.862967] kthread+0x328/0x630 [ 18.863074] ret_from_fork+0x10/0x20 [ 18.863110] [ 18.863286] Freed by task 231: [ 18.863403] kasan_save_stack+0x3c/0x68 [ 18.863641] kasan_save_track+0x20/0x40 [ 18.864045] kasan_save_free_info+0x4c/0x78 [ 18.864090] __kasan_mempool_poison_object+0xc0/0x150 [ 18.864131] mempool_free+0x28c/0x328 [ 18.864372] mempool_uaf_helper+0x104/0x340 [ 18.864800] mempool_slab_uaf+0xc0/0x118 [ 18.864876] kunit_try_run_case+0x170/0x3f0 [ 18.865039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.865091] kthread+0x328/0x630 [ 18.865860] ret_from_fork+0x10/0x20 [ 18.865907] [ 18.865929] The buggy address belongs to the object at fff00000c78d5240 [ 18.865929] which belongs to the cache test_cache of size 123 [ 18.865988] The buggy address is located 0 bytes inside of [ 18.865988] freed 123-byte region [fff00000c78d5240, fff00000c78d52bb) [ 18.866316] [ 18.866342] The buggy address belongs to the physical page: [ 18.866371] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d5 [ 18.867046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.867388] page_type: f5(slab) [ 18.867562] raw: 0bfffe0000000000 fff00000c3eaedc0 dead000000000122 0000000000000000 [ 18.867612] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.867652] page dumped because: kasan: bad access detected [ 18.867787] [ 18.867859] Memory state around the buggy address: [ 18.867890] fff00000c78d5100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.868433] fff00000c78d5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.868537] >fff00000c78d5200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.868712] ^ [ 18.868923] fff00000c78d5280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.868970] fff00000c78d5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.869007] ================================================================== [ 18.800218] ================================================================== [ 18.800354] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.800967] Read of size 1 at addr fff00000c78c1b00 by task kunit_try_catch/227 [ 18.801021] [ 18.801917] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.802496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.802527] Hardware name: linux,dummy-virt (DT) [ 18.802876] Call trace: [ 18.802911] show_stack+0x20/0x38 (C) [ 18.803084] dump_stack_lvl+0x8c/0xd0 [ 18.803250] print_report+0x118/0x608 [ 18.803601] kasan_report+0xdc/0x128 [ 18.803880] __asan_report_load1_noabort+0x20/0x30 [ 18.804287] mempool_uaf_helper+0x314/0x340 [ 18.804737] mempool_kmalloc_uaf+0xc4/0x120 [ 18.804923] kunit_try_run_case+0x170/0x3f0 [ 18.805253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.805313] kthread+0x328/0x630 [ 18.805356] ret_from_fork+0x10/0x20 [ 18.805669] [ 18.806151] Allocated by task 227: [ 18.806188] kasan_save_stack+0x3c/0x68 [ 18.806232] kasan_save_track+0x20/0x40 [ 18.806269] kasan_save_alloc_info+0x40/0x58 [ 18.806308] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.806570] remove_element+0x130/0x1f8 [ 18.806763] mempool_alloc_preallocated+0x58/0xc0 [ 18.807248] mempool_uaf_helper+0xa4/0x340 [ 18.807298] mempool_kmalloc_uaf+0xc4/0x120 [ 18.807517] kunit_try_run_case+0x170/0x3f0 [ 18.807557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.808044] kthread+0x328/0x630 [ 18.808088] ret_from_fork+0x10/0x20 [ 18.808124] [ 18.808578] Freed by task 227: [ 18.808617] kasan_save_stack+0x3c/0x68 [ 18.808978] kasan_save_track+0x20/0x40 [ 18.809023] kasan_save_free_info+0x4c/0x78 [ 18.809236] __kasan_mempool_poison_object+0xc0/0x150 [ 18.809743] mempool_free+0x28c/0x328 [ 18.809829] mempool_uaf_helper+0x104/0x340 [ 18.809876] mempool_kmalloc_uaf+0xc4/0x120 [ 18.809914] kunit_try_run_case+0x170/0x3f0 [ 18.810169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.810280] kthread+0x328/0x630 [ 18.810459] ret_from_fork+0x10/0x20 [ 18.810796] [ 18.810946] The buggy address belongs to the object at fff00000c78c1b00 [ 18.810946] which belongs to the cache kmalloc-128 of size 128 [ 18.811211] The buggy address is located 0 bytes inside of [ 18.811211] freed 128-byte region [fff00000c78c1b00, fff00000c78c1b80) [ 18.811438] [ 18.811623] The buggy address belongs to the physical page: [ 18.811661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 18.812005] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.812246] page_type: f5(slab) [ 18.812723] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.812780] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.812822] page dumped because: kasan: bad access detected [ 18.813087] [ 18.813109] Memory state around the buggy address: [ 18.813359] fff00000c78c1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.813406] fff00000c78c1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.813751] >fff00000c78c1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.813809] ^ [ 18.813838] fff00000c78c1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.814154] fff00000c78c1c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.814261] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.732757] ================================================================== [ 18.732862] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.733096] Read of size 1 at addr fff00000c7936001 by task kunit_try_catch/223 [ 18.733263] [ 18.733362] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.733855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.733942] Hardware name: linux,dummy-virt (DT) [ 18.734453] Call trace: [ 18.734553] show_stack+0x20/0x38 (C) [ 18.734608] dump_stack_lvl+0x8c/0xd0 [ 18.734652] print_report+0x118/0x608 [ 18.735153] kasan_report+0xdc/0x128 [ 18.735306] __asan_report_load1_noabort+0x20/0x30 [ 18.735356] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.735709] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.736049] kunit_try_run_case+0x170/0x3f0 [ 18.736869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.737482] kthread+0x328/0x630 [ 18.737760] ret_from_fork+0x10/0x20 [ 18.737839] [ 18.738162] The buggy address belongs to the physical page: [ 18.738196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107934 [ 18.738510] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.738820] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.739139] page_type: f8(unknown) [ 18.739199] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.739433] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.739485] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.740224] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.741045] head: 0bfffe0000000002 ffffc1ffc31e4d01 00000000ffffffff 00000000ffffffff [ 18.741235] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.742390] page dumped because: kasan: bad access detected [ 18.742665] [ 18.742844] Memory state around the buggy address: [ 18.743045] fff00000c7935f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.743396] fff00000c7935f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.743475] >fff00000c7936000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.743581] ^ [ 18.743672] fff00000c7936080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.743733] fff00000c7936100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.743771] ================================================================== [ 18.759272] ================================================================== [ 18.759332] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.759382] Read of size 1 at addr fff00000c78d12bb by task kunit_try_catch/225 [ 18.760493] [ 18.760542] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.760679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.760704] Hardware name: linux,dummy-virt (DT) [ 18.760735] Call trace: [ 18.760796] show_stack+0x20/0x38 (C) [ 18.760847] dump_stack_lvl+0x8c/0xd0 [ 18.761262] print_report+0x118/0x608 [ 18.761342] kasan_report+0xdc/0x128 [ 18.761877] __asan_report_load1_noabort+0x20/0x30 [ 18.762527] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.762940] mempool_slab_oob_right+0xc0/0x118 [ 18.763064] kunit_try_run_case+0x170/0x3f0 [ 18.763112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.763169] kthread+0x328/0x630 [ 18.763442] ret_from_fork+0x10/0x20 [ 18.763509] [ 18.763527] Allocated by task 225: [ 18.763556] kasan_save_stack+0x3c/0x68 [ 18.763597] kasan_save_track+0x20/0x40 [ 18.763634] kasan_save_alloc_info+0x40/0x58 [ 18.763818] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.764314] remove_element+0x16c/0x1f8 [ 18.764544] mempool_alloc_preallocated+0x58/0xc0 [ 18.764588] mempool_oob_right_helper+0x98/0x2f0 [ 18.764889] mempool_slab_oob_right+0xc0/0x118 [ 18.764948] kunit_try_run_case+0x170/0x3f0 [ 18.764985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.765051] kthread+0x328/0x630 [ 18.765278] ret_from_fork+0x10/0x20 [ 18.765328] [ 18.765514] The buggy address belongs to the object at fff00000c78d1240 [ 18.765514] which belongs to the cache test_cache of size 123 [ 18.765710] The buggy address is located 0 bytes to the right of [ 18.765710] allocated 123-byte region [fff00000c78d1240, fff00000c78d12bb) [ 18.765830] [ 18.765982] The buggy address belongs to the physical page: [ 18.766013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d1 [ 18.766076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.766126] page_type: f5(slab) [ 18.766166] raw: 0bfffe0000000000 fff00000c3eaec80 dead000000000122 0000000000000000 [ 18.766215] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.766255] page dumped because: kasan: bad access detected [ 18.766756] [ 18.766778] Memory state around the buggy address: [ 18.766826] fff00000c78d1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.767487] fff00000c78d1200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.767748] >fff00000c78d1280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.768110] ^ [ 18.768232] fff00000c78d1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.768577] fff00000c78d1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.768832] ================================================================== [ 18.719356] ================================================================== [ 18.719431] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.719500] Read of size 1 at addr fff00000c78c1773 by task kunit_try_catch/221 [ 18.719549] [ 18.719589] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.719674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.719704] Hardware name: linux,dummy-virt (DT) [ 18.719737] Call trace: [ 18.719763] show_stack+0x20/0x38 (C) [ 18.719814] dump_stack_lvl+0x8c/0xd0 [ 18.719864] print_report+0x118/0x608 [ 18.719910] kasan_report+0xdc/0x128 [ 18.719954] __asan_report_load1_noabort+0x20/0x30 [ 18.720005] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.720066] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.720114] kunit_try_run_case+0x170/0x3f0 [ 18.720163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.720214] kthread+0x328/0x630 [ 18.720259] ret_from_fork+0x10/0x20 [ 18.720309] [ 18.720327] Allocated by task 221: [ 18.720357] kasan_save_stack+0x3c/0x68 [ 18.720396] kasan_save_track+0x20/0x40 [ 18.720434] kasan_save_alloc_info+0x40/0x58 [ 18.720478] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.720521] remove_element+0x130/0x1f8 [ 18.721106] mempool_alloc_preallocated+0x58/0xc0 [ 18.721164] mempool_oob_right_helper+0x98/0x2f0 [ 18.721206] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.721260] kunit_try_run_case+0x170/0x3f0 [ 18.721300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.721343] kthread+0x328/0x630 [ 18.721374] ret_from_fork+0x10/0x20 [ 18.721410] [ 18.721432] The buggy address belongs to the object at fff00000c78c1700 [ 18.721432] which belongs to the cache kmalloc-128 of size 128 [ 18.721491] The buggy address is located 0 bytes to the right of [ 18.721491] allocated 115-byte region [fff00000c78c1700, fff00000c78c1773) [ 18.721553] [ 18.721574] The buggy address belongs to the physical page: [ 18.721607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 18.721661] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.721715] page_type: f5(slab) [ 18.721755] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.721804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.721845] page dumped because: kasan: bad access detected [ 18.721875] [ 18.721892] Memory state around the buggy address: [ 18.721926] fff00000c78c1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.721969] fff00000c78c1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.722013] >fff00000c78c1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.722063] ^ [ 18.722103] fff00000c78c1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.722145] fff00000c78c1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.722184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.155181] ================================================================== [ 18.155267] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.155343] Read of size 1 at addr fff00000c57be3c0 by task kunit_try_catch/215 [ 18.155394] [ 18.155437] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.155522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.155550] Hardware name: linux,dummy-virt (DT) [ 18.155585] Call trace: [ 18.155610] show_stack+0x20/0x38 (C) [ 18.155663] dump_stack_lvl+0x8c/0xd0 [ 18.155713] print_report+0x118/0x608 [ 18.155758] kasan_report+0xdc/0x128 [ 18.155803] __kasan_check_byte+0x54/0x70 [ 18.155848] kmem_cache_destroy+0x34/0x218 [ 18.155894] kmem_cache_double_destroy+0x174/0x300 [ 18.155943] kunit_try_run_case+0x170/0x3f0 [ 18.155991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.156056] kthread+0x328/0x630 [ 18.156100] ret_from_fork+0x10/0x20 [ 18.156148] [ 18.156166] Allocated by task 215: [ 18.156197] kasan_save_stack+0x3c/0x68 [ 18.156239] kasan_save_track+0x20/0x40 [ 18.156279] kasan_save_alloc_info+0x40/0x58 [ 18.156319] __kasan_slab_alloc+0xa8/0xb0 [ 18.156356] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.156397] __kmem_cache_create_args+0x178/0x280 [ 18.156435] kmem_cache_double_destroy+0xc0/0x300 [ 18.156482] kunit_try_run_case+0x170/0x3f0 [ 18.156518] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.156565] kthread+0x328/0x630 [ 18.156596] ret_from_fork+0x10/0x20 [ 18.156632] [ 18.156651] Freed by task 215: [ 18.156677] kasan_save_stack+0x3c/0x68 [ 18.156714] kasan_save_track+0x20/0x40 [ 18.156750] kasan_save_free_info+0x4c/0x78 [ 18.156790] __kasan_slab_free+0x6c/0x98 [ 18.156827] kmem_cache_free+0x260/0x468 [ 18.156864] slab_kmem_cache_release+0x38/0x50 [ 18.156903] kmem_cache_release+0x1c/0x30 [ 18.156938] kobject_put+0x17c/0x420 [ 18.156974] sysfs_slab_release+0x1c/0x30 [ 18.157010] kmem_cache_destroy+0x118/0x218 [ 18.157056] kmem_cache_double_destroy+0x128/0x300 [ 18.157097] kunit_try_run_case+0x170/0x3f0 [ 18.157133] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.157176] kthread+0x328/0x630 [ 18.157207] ret_from_fork+0x10/0x20 [ 18.157242] [ 18.157262] The buggy address belongs to the object at fff00000c57be3c0 [ 18.157262] which belongs to the cache kmem_cache of size 208 [ 18.157318] The buggy address is located 0 bytes inside of [ 18.157318] freed 208-byte region [fff00000c57be3c0, fff00000c57be490) [ 18.157377] [ 18.157399] The buggy address belongs to the physical page: [ 18.157432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057be [ 18.157487] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.157538] page_type: f5(slab) [ 18.157581] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.157630] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.157674] page dumped because: kasan: bad access detected [ 18.157705] [ 18.157724] Memory state around the buggy address: [ 18.157757] fff00000c57be280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.157799] fff00000c57be300: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 18.157843] >fff00000c57be380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.157881] ^ [ 18.157916] fff00000c57be400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.157959] fff00000c57be480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.157998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.028440] ================================================================== [ 18.028565] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.028674] Read of size 1 at addr fff00000c78cb000 by task kunit_try_catch/213 [ 18.028866] [ 18.028973] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.029109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.029137] Hardware name: linux,dummy-virt (DT) [ 18.029173] Call trace: [ 18.029196] show_stack+0x20/0x38 (C) [ 18.029251] dump_stack_lvl+0x8c/0xd0 [ 18.029301] print_report+0x118/0x608 [ 18.029437] kasan_report+0xdc/0x128 [ 18.029542] __asan_report_load1_noabort+0x20/0x30 [ 18.029593] kmem_cache_rcu_uaf+0x388/0x468 [ 18.029665] kunit_try_run_case+0x170/0x3f0 [ 18.029716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.029771] kthread+0x328/0x630 [ 18.029842] ret_from_fork+0x10/0x20 [ 18.029892] [ 18.029910] Allocated by task 213: [ 18.029943] kasan_save_stack+0x3c/0x68 [ 18.030142] kasan_save_track+0x20/0x40 [ 18.030293] kasan_save_alloc_info+0x40/0x58 [ 18.030361] __kasan_slab_alloc+0xa8/0xb0 [ 18.030531] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.030663] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.030742] kunit_try_run_case+0x170/0x3f0 [ 18.030851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.030950] kthread+0x328/0x630 [ 18.031053] ret_from_fork+0x10/0x20 [ 18.031094] [ 18.031146] Freed by task 0: [ 18.031174] kasan_save_stack+0x3c/0x68 [ 18.031259] kasan_save_track+0x20/0x40 [ 18.031295] kasan_save_free_info+0x4c/0x78 [ 18.031354] __kasan_slab_free+0x6c/0x98 [ 18.031491] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.031537] rcu_core+0x9f4/0x1e20 [ 18.031715] rcu_core_si+0x18/0x30 [ 18.031838] handle_softirqs+0x374/0xb28 [ 18.031893] __do_softirq+0x1c/0x28 [ 18.032299] [ 18.032399] Last potentially related work creation: [ 18.032642] kasan_save_stack+0x3c/0x68 [ 18.032721] kasan_record_aux_stack+0xb4/0xc8 [ 18.033153] kmem_cache_free+0x120/0x468 [ 18.033327] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.033368] kunit_try_run_case+0x170/0x3f0 [ 18.033702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.034080] kthread+0x328/0x630 [ 18.034157] ret_from_fork+0x10/0x20 [ 18.034194] [ 18.034729] The buggy address belongs to the object at fff00000c78cb000 [ 18.034729] which belongs to the cache test_cache of size 200 [ 18.035171] The buggy address is located 0 bytes inside of [ 18.035171] freed 200-byte region [fff00000c78cb000, fff00000c78cb0c8) [ 18.035239] [ 18.035261] The buggy address belongs to the physical page: [ 18.035553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078cb [ 18.035971] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.036312] page_type: f5(slab) [ 18.036590] raw: 0bfffe0000000000 fff00000c3eaea00 dead000000000122 0000000000000000 [ 18.036737] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.037109] page dumped because: kasan: bad access detected [ 18.037145] [ 18.037162] Memory state around the buggy address: [ 18.037197] fff00000c78caf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037574] fff00000c78caf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037639] >fff00000c78cb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.037678] ^ [ 18.037715] fff00000c78cb080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.037976] fff00000c78cb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.038333] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.596979] ================================================================== [ 17.597274] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.597486] Free of addr fff00000c78ca001 by task kunit_try_catch/211 [ 17.597563] [ 17.597681] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.597769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.597997] Hardware name: linux,dummy-virt (DT) [ 17.598162] Call trace: [ 17.598207] show_stack+0x20/0x38 (C) [ 17.598292] dump_stack_lvl+0x8c/0xd0 [ 17.598411] print_report+0x118/0x608 [ 17.598488] kasan_report_invalid_free+0xc0/0xe8 [ 17.598540] check_slab_allocation+0xfc/0x108 [ 17.598593] __kasan_slab_pre_free+0x2c/0x48 [ 17.598902] kmem_cache_free+0xf0/0x468 [ 17.599022] kmem_cache_invalid_free+0x184/0x3c8 [ 17.599092] kunit_try_run_case+0x170/0x3f0 [ 17.599218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.599304] kthread+0x328/0x630 [ 17.599377] ret_from_fork+0x10/0x20 [ 17.599426] [ 17.599444] Allocated by task 211: [ 17.599476] kasan_save_stack+0x3c/0x68 [ 17.599794] kasan_save_track+0x20/0x40 [ 17.599854] kasan_save_alloc_info+0x40/0x58 [ 17.599895] __kasan_slab_alloc+0xa8/0xb0 [ 17.600310] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.600382] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.600565] kunit_try_run_case+0x170/0x3f0 [ 17.600637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.600700] kthread+0x328/0x630 [ 17.600764] ret_from_fork+0x10/0x20 [ 17.600802] [ 17.600821] The buggy address belongs to the object at fff00000c78ca000 [ 17.600821] which belongs to the cache test_cache of size 200 [ 17.600897] The buggy address is located 1 bytes inside of [ 17.600897] 200-byte region [fff00000c78ca000, fff00000c78ca0c8) [ 17.601270] [ 17.601831] The buggy address belongs to the physical page: [ 17.601886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ca [ 17.601966] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.602326] page_type: f5(slab) [ 17.602799] raw: 0bfffe0000000000 fff00000c3eae8c0 dead000000000122 0000000000000000 [ 17.602901] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.603145] page dumped because: kasan: bad access detected [ 17.603333] [ 17.603534] Memory state around the buggy address: [ 17.603596] fff00000c78c9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.603673] fff00000c78c9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.603799] >fff00000c78ca000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.603944] ^ [ 17.604080] fff00000c78ca080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.604125] fff00000c78ca100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.604219] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.559743] ================================================================== [ 17.559813] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.559883] Free of addr fff00000c78c8000 by task kunit_try_catch/209 [ 17.559937] [ 17.559992] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.560277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.560347] Hardware name: linux,dummy-virt (DT) [ 17.560387] Call trace: [ 17.560528] show_stack+0x20/0x38 (C) [ 17.560669] dump_stack_lvl+0x8c/0xd0 [ 17.560838] print_report+0x118/0x608 [ 17.560900] kasan_report_invalid_free+0xc0/0xe8 [ 17.560948] check_slab_allocation+0xd4/0x108 [ 17.560997] __kasan_slab_pre_free+0x2c/0x48 [ 17.561057] kmem_cache_free+0xf0/0x468 [ 17.561759] kmem_cache_double_free+0x190/0x3c8 [ 17.561833] kunit_try_run_case+0x170/0x3f0 [ 17.561955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.562091] kthread+0x328/0x630 [ 17.562156] ret_from_fork+0x10/0x20 [ 17.562425] [ 17.562600] Allocated by task 209: [ 17.562711] kasan_save_stack+0x3c/0x68 [ 17.562833] kasan_save_track+0x20/0x40 [ 17.562945] kasan_save_alloc_info+0x40/0x58 [ 17.563065] __kasan_slab_alloc+0xa8/0xb0 [ 17.563164] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.563237] kmem_cache_double_free+0x12c/0x3c8 [ 17.563275] kunit_try_run_case+0x170/0x3f0 [ 17.563615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.563717] kthread+0x328/0x630 [ 17.563796] ret_from_fork+0x10/0x20 [ 17.564089] [ 17.564267] Freed by task 209: [ 17.564360] kasan_save_stack+0x3c/0x68 [ 17.564401] kasan_save_track+0x20/0x40 [ 17.564467] kasan_save_free_info+0x4c/0x78 [ 17.564631] __kasan_slab_free+0x6c/0x98 [ 17.564736] kmem_cache_free+0x260/0x468 [ 17.564945] kmem_cache_double_free+0x140/0x3c8 [ 17.565124] kunit_try_run_case+0x170/0x3f0 [ 17.565222] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.565330] kthread+0x328/0x630 [ 17.565472] ret_from_fork+0x10/0x20 [ 17.565529] [ 17.565558] The buggy address belongs to the object at fff00000c78c8000 [ 17.565558] which belongs to the cache test_cache of size 200 [ 17.565640] The buggy address is located 0 bytes inside of [ 17.565640] 200-byte region [fff00000c78c8000, fff00000c78c80c8) [ 17.565700] [ 17.565721] The buggy address belongs to the physical page: [ 17.565751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c8 [ 17.566025] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.566152] page_type: f5(slab) [ 17.566464] raw: 0bfffe0000000000 fff00000c3eae780 dead000000000122 0000000000000000 [ 17.566614] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.566775] page dumped because: kasan: bad access detected [ 17.566887] [ 17.566945] Memory state around the buggy address: [ 17.567002] fff00000c78c7f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.567067] fff00000c78c7f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.567111] >fff00000c78c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.567164] ^ [ 17.567196] fff00000c78c8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.567241] fff00000c78c8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.567299] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.282048] ================================================================== [ 17.282126] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.282327] Read of size 1 at addr fff00000c786e0c8 by task kunit_try_catch/207 [ 17.282400] [ 17.282438] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.282529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.282557] Hardware name: linux,dummy-virt (DT) [ 17.282911] Call trace: [ 17.283108] show_stack+0x20/0x38 (C) [ 17.283302] dump_stack_lvl+0x8c/0xd0 [ 17.283362] print_report+0x118/0x608 [ 17.283685] kasan_report+0xdc/0x128 [ 17.283880] __asan_report_load1_noabort+0x20/0x30 [ 17.283991] kmem_cache_oob+0x344/0x430 [ 17.284054] kunit_try_run_case+0x170/0x3f0 [ 17.284104] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.284156] kthread+0x328/0x630 [ 17.284339] ret_from_fork+0x10/0x20 [ 17.284441] [ 17.284722] Allocated by task 207: [ 17.284885] kasan_save_stack+0x3c/0x68 [ 17.284936] kasan_save_track+0x20/0x40 [ 17.284974] kasan_save_alloc_info+0x40/0x58 [ 17.285012] __kasan_slab_alloc+0xa8/0xb0 [ 17.285058] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.285599] kmem_cache_oob+0x12c/0x430 [ 17.285697] kunit_try_run_case+0x170/0x3f0 [ 17.286150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.286205] kthread+0x328/0x630 [ 17.286273] ret_from_fork+0x10/0x20 [ 17.286489] [ 17.286646] The buggy address belongs to the object at fff00000c786e000 [ 17.286646] which belongs to the cache test_cache of size 200 [ 17.286735] The buggy address is located 0 bytes to the right of [ 17.286735] allocated 200-byte region [fff00000c786e000, fff00000c786e0c8) [ 17.287012] [ 17.287512] The buggy address belongs to the physical page: [ 17.287556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786e [ 17.287742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.287991] page_type: f5(slab) [ 17.288106] raw: 0bfffe0000000000 fff00000c3eae640 dead000000000122 0000000000000000 [ 17.288321] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.288497] page dumped because: kasan: bad access detected [ 17.288714] [ 17.288739] Memory state around the buggy address: [ 17.288771] fff00000c786df80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 17.289008] fff00000c786e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.289251] >fff00000c786e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.289305] ^ [ 17.289531] fff00000c786e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.289842] fff00000c786e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.289959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.240384] ================================================================== [ 17.240529] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.240597] Read of size 8 at addr fff00000c78c4d80 by task kunit_try_catch/200 [ 17.240801] [ 17.240969] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.241078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.241105] Hardware name: linux,dummy-virt (DT) [ 17.241468] Call trace: [ 17.241619] show_stack+0x20/0x38 (C) [ 17.241752] dump_stack_lvl+0x8c/0xd0 [ 17.241962] print_report+0x118/0x608 [ 17.242225] kasan_report+0xdc/0x128 [ 17.242620] __asan_report_load8_noabort+0x20/0x30 [ 17.242906] workqueue_uaf+0x480/0x4a8 [ 17.243001] kunit_try_run_case+0x170/0x3f0 [ 17.243168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.243336] kthread+0x328/0x630 [ 17.243439] ret_from_fork+0x10/0x20 [ 17.243704] [ 17.243863] Allocated by task 200: [ 17.244051] kasan_save_stack+0x3c/0x68 [ 17.244253] kasan_save_track+0x20/0x40 [ 17.244546] kasan_save_alloc_info+0x40/0x58 [ 17.244626] __kasan_kmalloc+0xd4/0xd8 [ 17.244662] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.244827] workqueue_uaf+0x13c/0x4a8 [ 17.244868] kunit_try_run_case+0x170/0x3f0 [ 17.244909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.244959] kthread+0x328/0x630 [ 17.244992] ret_from_fork+0x10/0x20 [ 17.245026] [ 17.245057] Freed by task 75: [ 17.245084] kasan_save_stack+0x3c/0x68 [ 17.245122] kasan_save_track+0x20/0x40 [ 17.245667] kasan_save_free_info+0x4c/0x78 [ 17.245742] __kasan_slab_free+0x6c/0x98 [ 17.245878] kfree+0x214/0x3c8 [ 17.245937] workqueue_uaf_work+0x18/0x30 [ 17.246259] process_one_work+0x530/0xf98 [ 17.246346] worker_thread+0x618/0xf38 [ 17.246404] kthread+0x328/0x630 [ 17.246435] ret_from_fork+0x10/0x20 [ 17.246760] [ 17.246812] Last potentially related work creation: [ 17.246838] kasan_save_stack+0x3c/0x68 [ 17.247057] kasan_record_aux_stack+0xb4/0xc8 [ 17.247254] __queue_work+0x65c/0x1008 [ 17.247300] queue_work_on+0xbc/0xf8 [ 17.247506] workqueue_uaf+0x210/0x4a8 [ 17.247688] kunit_try_run_case+0x170/0x3f0 [ 17.247816] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.247872] kthread+0x328/0x630 [ 17.247933] ret_from_fork+0x10/0x20 [ 17.247990] [ 17.248019] The buggy address belongs to the object at fff00000c78c4d80 [ 17.248019] which belongs to the cache kmalloc-32 of size 32 [ 17.248087] The buggy address is located 0 bytes inside of [ 17.248087] freed 32-byte region [fff00000c78c4d80, fff00000c78c4da0) [ 17.248146] [ 17.248167] The buggy address belongs to the physical page: [ 17.248196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c4 [ 17.248259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.248316] page_type: f5(slab) [ 17.248366] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.248414] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.248466] page dumped because: kasan: bad access detected [ 17.248497] [ 17.248515] Memory state around the buggy address: [ 17.248547] fff00000c78c4c80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.248592] fff00000c78c4d00: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.248642] >fff00000c78c4d80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.248700] ^ [ 17.248734] fff00000c78c4e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.248777] fff00000c78c4e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.248830] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.209894] ================================================================== [ 17.210553] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.210705] Read of size 4 at addr fff00000c78c4b80 by task swapper/0/0 [ 17.210843] [ 17.210886] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.211038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.211097] Hardware name: linux,dummy-virt (DT) [ 17.211131] Call trace: [ 17.211317] show_stack+0x20/0x38 (C) [ 17.211506] dump_stack_lvl+0x8c/0xd0 [ 17.211595] print_report+0x118/0x608 [ 17.211647] kasan_report+0xdc/0x128 [ 17.211938] __asan_report_load4_noabort+0x20/0x30 [ 17.212013] rcu_uaf_reclaim+0x64/0x70 [ 17.212627] rcu_core+0x9f4/0x1e20 [ 17.212705] rcu_core_si+0x18/0x30 [ 17.212752] handle_softirqs+0x374/0xb28 [ 17.212798] __do_softirq+0x1c/0x28 [ 17.212841] ____do_softirq+0x18/0x30 [ 17.212885] call_on_irq_stack+0x24/0x30 [ 17.213484] do_softirq_own_stack+0x24/0x38 [ 17.213598] __irq_exit_rcu+0x1fc/0x318 [ 17.213923] irq_exit_rcu+0x1c/0x80 [ 17.214392] el1_interrupt+0x38/0x58 [ 17.214471] el1h_64_irq_handler+0x18/0x28 [ 17.214524] el1h_64_irq+0x6c/0x70 [ 17.214690] arch_local_irq_enable+0x4/0x8 (P) [ 17.214760] do_idle+0x384/0x4e8 [ 17.214804] cpu_startup_entry+0x64/0x80 [ 17.214861] rest_init+0x160/0x188 [ 17.214913] start_kernel+0x30c/0x3d0 [ 17.214963] __primary_switched+0x8c/0xa0 [ 17.215020] [ 17.215058] Allocated by task 198: [ 17.215095] kasan_save_stack+0x3c/0x68 [ 17.215151] kasan_save_track+0x20/0x40 [ 17.215199] kasan_save_alloc_info+0x40/0x58 [ 17.215259] __kasan_kmalloc+0xd4/0xd8 [ 17.215303] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.215349] rcu_uaf+0xb0/0x2d8 [ 17.215409] kunit_try_run_case+0x170/0x3f0 [ 17.215456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.215510] kthread+0x328/0x630 [ 17.215550] ret_from_fork+0x10/0x20 [ 17.215586] [ 17.215603] Freed by task 0: [ 17.215629] kasan_save_stack+0x3c/0x68 [ 17.215666] kasan_save_track+0x20/0x40 [ 17.215703] kasan_save_free_info+0x4c/0x78 [ 17.215751] __kasan_slab_free+0x6c/0x98 [ 17.215787] kfree+0x214/0x3c8 [ 17.215820] rcu_uaf_reclaim+0x28/0x70 [ 17.215855] rcu_core+0x9f4/0x1e20 [ 17.215891] rcu_core_si+0x18/0x30 [ 17.215924] handle_softirqs+0x374/0xb28 [ 17.215961] __do_softirq+0x1c/0x28 [ 17.216004] [ 17.216176] Last potentially related work creation: [ 17.216656] kasan_save_stack+0x3c/0x68 [ 17.216721] kasan_record_aux_stack+0xb4/0xc8 [ 17.216777] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.217099] call_rcu+0x18/0x30 [ 17.217420] rcu_uaf+0x14c/0x2d8 [ 17.217777] kunit_try_run_case+0x170/0x3f0 [ 17.218108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.218330] kthread+0x328/0x630 [ 17.218457] ret_from_fork+0x10/0x20 [ 17.218525] [ 17.218966] The buggy address belongs to the object at fff00000c78c4b80 [ 17.218966] which belongs to the cache kmalloc-32 of size 32 [ 17.219093] The buggy address is located 0 bytes inside of [ 17.219093] freed 32-byte region [fff00000c78c4b80, fff00000c78c4ba0) [ 17.219221] [ 17.219429] The buggy address belongs to the physical page: [ 17.219659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c4 [ 17.220040] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.220290] page_type: f5(slab) [ 17.220379] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.220613] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.220699] page dumped because: kasan: bad access detected [ 17.220828] [ 17.220850] Memory state around the buggy address: [ 17.220885] fff00000c78c4a80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.221169] fff00000c78c4b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.221395] >fff00000c78c4b80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.221472] ^ [ 17.221640] fff00000c78c4c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.221694] fff00000c78c4c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.221866] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.051753] ================================================================== [ 17.051853] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.052141] Read of size 1 at addr fff00000c78c1400 by task kunit_try_catch/196 [ 17.052203] [ 17.052340] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.052430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.052461] Hardware name: linux,dummy-virt (DT) [ 17.052724] Call trace: [ 17.052911] show_stack+0x20/0x38 (C) [ 17.053105] dump_stack_lvl+0x8c/0xd0 [ 17.053404] print_report+0x118/0x608 [ 17.053577] kasan_report+0xdc/0x128 [ 17.053686] __kasan_check_byte+0x54/0x70 [ 17.054113] ksize+0x30/0x88 [ 17.054275] ksize_uaf+0x168/0x5f8 [ 17.054485] kunit_try_run_case+0x170/0x3f0 [ 17.054599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.054683] kthread+0x328/0x630 [ 17.055159] ret_from_fork+0x10/0x20 [ 17.055647] [ 17.055747] Allocated by task 196: [ 17.055814] kasan_save_stack+0x3c/0x68 [ 17.055979] kasan_save_track+0x20/0x40 [ 17.056130] kasan_save_alloc_info+0x40/0x58 [ 17.056309] __kasan_kmalloc+0xd4/0xd8 [ 17.056452] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.056627] ksize_uaf+0xb8/0x5f8 [ 17.056811] kunit_try_run_case+0x170/0x3f0 [ 17.056996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.057061] kthread+0x328/0x630 [ 17.057462] ret_from_fork+0x10/0x20 [ 17.057563] [ 17.057629] Freed by task 196: [ 17.057659] kasan_save_stack+0x3c/0x68 [ 17.057699] kasan_save_track+0x20/0x40 [ 17.057765] kasan_save_free_info+0x4c/0x78 [ 17.057811] __kasan_slab_free+0x6c/0x98 [ 17.057870] kfree+0x214/0x3c8 [ 17.057920] ksize_uaf+0x11c/0x5f8 [ 17.057955] kunit_try_run_case+0x170/0x3f0 [ 17.058003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.058057] kthread+0x328/0x630 [ 17.058090] ret_from_fork+0x10/0x20 [ 17.058127] [ 17.058146] The buggy address belongs to the object at fff00000c78c1400 [ 17.058146] which belongs to the cache kmalloc-128 of size 128 [ 17.058217] The buggy address is located 0 bytes inside of [ 17.058217] freed 128-byte region [fff00000c78c1400, fff00000c78c1480) [ 17.058295] [ 17.058314] The buggy address belongs to the physical page: [ 17.058352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.058415] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.058463] page_type: f5(slab) [ 17.058498] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.058549] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.058603] page dumped because: kasan: bad access detected [ 17.058642] [ 17.058659] Memory state around the buggy address: [ 17.058691] fff00000c78c1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.058732] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.058773] >fff00000c78c1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.058821] ^ [ 17.058848] fff00000c78c1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.058890] fff00000c78c1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.058927] ================================================================== [ 17.072433] ================================================================== [ 17.072502] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.072779] Read of size 1 at addr fff00000c78c1478 by task kunit_try_catch/196 [ 17.072991] [ 17.073022] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.073487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.073713] Hardware name: linux,dummy-virt (DT) [ 17.073869] Call trace: [ 17.073900] show_stack+0x20/0x38 (C) [ 17.073998] dump_stack_lvl+0x8c/0xd0 [ 17.074060] print_report+0x118/0x608 [ 17.074107] kasan_report+0xdc/0x128 [ 17.074152] __asan_report_load1_noabort+0x20/0x30 [ 17.074203] ksize_uaf+0x544/0x5f8 [ 17.074272] kunit_try_run_case+0x170/0x3f0 [ 17.074319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.074374] kthread+0x328/0x630 [ 17.074423] ret_from_fork+0x10/0x20 [ 17.074477] [ 17.074496] Allocated by task 196: [ 17.074524] kasan_save_stack+0x3c/0x68 [ 17.074565] kasan_save_track+0x20/0x40 [ 17.074608] kasan_save_alloc_info+0x40/0x58 [ 17.074656] __kasan_kmalloc+0xd4/0xd8 [ 17.074693] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.074729] ksize_uaf+0xb8/0x5f8 [ 17.074761] kunit_try_run_case+0x170/0x3f0 [ 17.074804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.074848] kthread+0x328/0x630 [ 17.074881] ret_from_fork+0x10/0x20 [ 17.074914] [ 17.074939] Freed by task 196: [ 17.074973] kasan_save_stack+0x3c/0x68 [ 17.075009] kasan_save_track+0x20/0x40 [ 17.075055] kasan_save_free_info+0x4c/0x78 [ 17.075094] __kasan_slab_free+0x6c/0x98 [ 17.075140] kfree+0x214/0x3c8 [ 17.075172] ksize_uaf+0x11c/0x5f8 [ 17.075204] kunit_try_run_case+0x170/0x3f0 [ 17.075256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.075310] kthread+0x328/0x630 [ 17.075343] ret_from_fork+0x10/0x20 [ 17.075379] [ 17.075400] The buggy address belongs to the object at fff00000c78c1400 [ 17.075400] which belongs to the cache kmalloc-128 of size 128 [ 17.075477] The buggy address is located 120 bytes inside of [ 17.075477] freed 128-byte region [fff00000c78c1400, fff00000c78c1480) [ 17.075549] [ 17.075584] The buggy address belongs to the physical page: [ 17.075613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.075670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.075727] page_type: f5(slab) [ 17.075777] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.075838] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.075878] page dumped because: kasan: bad access detected [ 17.075918] [ 17.075936] Memory state around the buggy address: [ 17.075975] fff00000c78c1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.076639] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.076741] >fff00000c78c1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.076829] ^ [ 17.076913] fff00000c78c1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.077106] fff00000c78c1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.077315] ================================================================== [ 17.061989] ================================================================== [ 17.062063] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.062109] Read of size 1 at addr fff00000c78c1400 by task kunit_try_catch/196 [ 17.062250] [ 17.062336] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.062709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.062805] Hardware name: linux,dummy-virt (DT) [ 17.062858] Call trace: [ 17.062916] show_stack+0x20/0x38 (C) [ 17.062968] dump_stack_lvl+0x8c/0xd0 [ 17.063148] print_report+0x118/0x608 [ 17.063240] kasan_report+0xdc/0x128 [ 17.063303] __asan_report_load1_noabort+0x20/0x30 [ 17.063438] ksize_uaf+0x598/0x5f8 [ 17.063490] kunit_try_run_case+0x170/0x3f0 [ 17.063538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.063591] kthread+0x328/0x630 [ 17.063853] ret_from_fork+0x10/0x20 [ 17.063931] [ 17.064076] Allocated by task 196: [ 17.064113] kasan_save_stack+0x3c/0x68 [ 17.064156] kasan_save_track+0x20/0x40 [ 17.064192] kasan_save_alloc_info+0x40/0x58 [ 17.064370] __kasan_kmalloc+0xd4/0xd8 [ 17.064415] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.064597] ksize_uaf+0xb8/0x5f8 [ 17.064646] kunit_try_run_case+0x170/0x3f0 [ 17.064702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.064746] kthread+0x328/0x630 [ 17.064778] ret_from_fork+0x10/0x20 [ 17.065082] [ 17.065187] Freed by task 196: [ 17.065268] kasan_save_stack+0x3c/0x68 [ 17.065512] kasan_save_track+0x20/0x40 [ 17.065684] kasan_save_free_info+0x4c/0x78 [ 17.066121] __kasan_slab_free+0x6c/0x98 [ 17.066293] kfree+0x214/0x3c8 [ 17.066727] ksize_uaf+0x11c/0x5f8 [ 17.066933] kunit_try_run_case+0x170/0x3f0 [ 17.067092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.067191] kthread+0x328/0x630 [ 17.067225] ret_from_fork+0x10/0x20 [ 17.067410] [ 17.067640] The buggy address belongs to the object at fff00000c78c1400 [ 17.067640] which belongs to the cache kmalloc-128 of size 128 [ 17.067827] The buggy address is located 0 bytes inside of [ 17.067827] freed 128-byte region [fff00000c78c1400, fff00000c78c1480) [ 17.068017] [ 17.068269] The buggy address belongs to the physical page: [ 17.068423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.068612] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.068816] page_type: f5(slab) [ 17.069146] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.069524] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.069696] page dumped because: kasan: bad access detected [ 17.069833] [ 17.070009] Memory state around the buggy address: [ 17.070072] fff00000c78c1300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.070447] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.070585] >fff00000c78c1400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.070817] ^ [ 17.070864] fff00000c78c1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.071037] fff00000c78c1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.071078] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.026288] ================================================================== [ 17.026692] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.026995] Read of size 1 at addr fff00000c78c1378 by task kunit_try_catch/194 [ 17.027078] [ 17.027299] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.027396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.027541] Hardware name: linux,dummy-virt (DT) [ 17.027652] Call trace: [ 17.027702] show_stack+0x20/0x38 (C) [ 17.027807] dump_stack_lvl+0x8c/0xd0 [ 17.028001] print_report+0x118/0x608 [ 17.028081] kasan_report+0xdc/0x128 [ 17.028136] __asan_report_load1_noabort+0x20/0x30 [ 17.028372] ksize_unpoisons_memory+0x618/0x740 [ 17.028434] kunit_try_run_case+0x170/0x3f0 [ 17.028485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.028604] kthread+0x328/0x630 [ 17.028646] ret_from_fork+0x10/0x20 [ 17.028695] [ 17.028712] Allocated by task 194: [ 17.028739] kasan_save_stack+0x3c/0x68 [ 17.029080] kasan_save_track+0x20/0x40 [ 17.029244] kasan_save_alloc_info+0x40/0x58 [ 17.029447] __kasan_kmalloc+0xd4/0xd8 [ 17.029553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.029960] ksize_unpoisons_memory+0xc0/0x740 [ 17.030139] kunit_try_run_case+0x170/0x3f0 [ 17.030236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.030361] kthread+0x328/0x630 [ 17.030426] ret_from_fork+0x10/0x20 [ 17.030777] [ 17.030822] The buggy address belongs to the object at fff00000c78c1300 [ 17.030822] which belongs to the cache kmalloc-128 of size 128 [ 17.031019] The buggy address is located 5 bytes to the right of [ 17.031019] allocated 115-byte region [fff00000c78c1300, fff00000c78c1373) [ 17.031217] [ 17.031255] The buggy address belongs to the physical page: [ 17.031451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.031767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.031918] page_type: f5(slab) [ 17.032051] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.032240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.032350] page dumped because: kasan: bad access detected [ 17.032526] [ 17.032747] Memory state around the buggy address: [ 17.032851] fff00000c78c1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.032920] fff00000c78c1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032973] >fff00000c78c1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.033038] ^ [ 17.033080] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.033278] fff00000c78c1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.033510] ================================================================== [ 17.017758] ================================================================== [ 17.017835] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.017898] Read of size 1 at addr fff00000c78c1373 by task kunit_try_catch/194 [ 17.017959] [ 17.017992] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.018086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.018114] Hardware name: linux,dummy-virt (DT) [ 17.018145] Call trace: [ 17.018167] show_stack+0x20/0x38 (C) [ 17.018215] dump_stack_lvl+0x8c/0xd0 [ 17.018261] print_report+0x118/0x608 [ 17.018305] kasan_report+0xdc/0x128 [ 17.018351] __asan_report_load1_noabort+0x20/0x30 [ 17.018402] ksize_unpoisons_memory+0x628/0x740 [ 17.018451] kunit_try_run_case+0x170/0x3f0 [ 17.018499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.018552] kthread+0x328/0x630 [ 17.018592] ret_from_fork+0x10/0x20 [ 17.018651] [ 17.018669] Allocated by task 194: [ 17.018697] kasan_save_stack+0x3c/0x68 [ 17.018736] kasan_save_track+0x20/0x40 [ 17.018771] kasan_save_alloc_info+0x40/0x58 [ 17.018810] __kasan_kmalloc+0xd4/0xd8 [ 17.018854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.018894] ksize_unpoisons_memory+0xc0/0x740 [ 17.018931] kunit_try_run_case+0x170/0x3f0 [ 17.018968] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.019019] kthread+0x328/0x630 [ 17.019734] ret_from_fork+0x10/0x20 [ 17.019780] [ 17.020044] The buggy address belongs to the object at fff00000c78c1300 [ 17.020044] which belongs to the cache kmalloc-128 of size 128 [ 17.020174] The buggy address is located 0 bytes to the right of [ 17.020174] allocated 115-byte region [fff00000c78c1300, fff00000c78c1373) [ 17.020244] [ 17.020263] The buggy address belongs to the physical page: [ 17.020535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.020791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.020850] page_type: f5(slab) [ 17.020889] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.020941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.020984] page dumped because: kasan: bad access detected [ 17.021397] [ 17.021444] Memory state around the buggy address: [ 17.021768] fff00000c78c1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.021895] fff00000c78c1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022086] >fff00000c78c1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.022163] ^ [ 17.022378] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022564] fff00000c78c1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.022635] ================================================================== [ 17.038334] ================================================================== [ 17.038405] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.038458] Read of size 1 at addr fff00000c78c137f by task kunit_try_catch/194 [ 17.038518] [ 17.038548] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.038628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.038661] Hardware name: linux,dummy-virt (DT) [ 17.038692] Call trace: [ 17.038713] show_stack+0x20/0x38 (C) [ 17.038760] dump_stack_lvl+0x8c/0xd0 [ 17.038807] print_report+0x118/0x608 [ 17.038859] kasan_report+0xdc/0x128 [ 17.038905] __asan_report_load1_noabort+0x20/0x30 [ 17.038957] ksize_unpoisons_memory+0x690/0x740 [ 17.039004] kunit_try_run_case+0x170/0x3f0 [ 17.039065] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.039117] kthread+0x328/0x630 [ 17.039157] ret_from_fork+0x10/0x20 [ 17.039203] [ 17.039222] Allocated by task 194: [ 17.039256] kasan_save_stack+0x3c/0x68 [ 17.039305] kasan_save_track+0x20/0x40 [ 17.039344] kasan_save_alloc_info+0x40/0x58 [ 17.039390] __kasan_kmalloc+0xd4/0xd8 [ 17.039426] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.039465] ksize_unpoisons_memory+0xc0/0x740 [ 17.039508] kunit_try_run_case+0x170/0x3f0 [ 17.039545] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.039589] kthread+0x328/0x630 [ 17.039620] ret_from_fork+0x10/0x20 [ 17.039655] [ 17.039673] The buggy address belongs to the object at fff00000c78c1300 [ 17.039673] which belongs to the cache kmalloc-128 of size 128 [ 17.039739] The buggy address is located 12 bytes to the right of [ 17.039739] allocated 115-byte region [fff00000c78c1300, fff00000c78c1373) [ 17.039804] [ 17.039823] The buggy address belongs to the physical page: [ 17.039867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 17.039919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.039980] page_type: f5(slab) [ 17.040018] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.040393] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.040440] page dumped because: kasan: bad access detected [ 17.040850] [ 17.040902] Memory state around the buggy address: [ 17.040996] fff00000c78c1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.041083] fff00000c78c1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041361] >fff00000c78c1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.041444] ^ [ 17.041512] fff00000c78c1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041612] fff00000c78c1400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.998877] ================================================================== [ 16.999147] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.999206] Free of addr fff00000c3fbdda0 by task kunit_try_catch/192 [ 16.999249] [ 16.999301] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.999384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.999415] Hardware name: linux,dummy-virt (DT) [ 16.999445] Call trace: [ 16.999465] show_stack+0x20/0x38 (C) [ 16.999511] dump_stack_lvl+0x8c/0xd0 [ 16.999556] print_report+0x118/0x608 [ 16.999602] kasan_report_invalid_free+0xc0/0xe8 [ 16.999658] check_slab_allocation+0xd4/0x108 [ 16.999706] __kasan_slab_pre_free+0x2c/0x48 [ 16.999753] kfree+0xe8/0x3c8 [ 16.999802] kfree_sensitive+0x3c/0xb0 [ 16.999849] kmalloc_double_kzfree+0x168/0x308 [ 16.999894] kunit_try_run_case+0x170/0x3f0 [ 16.999941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.999992] kthread+0x328/0x630 [ 17.000045] ret_from_fork+0x10/0x20 [ 17.000101] [ 17.000120] Allocated by task 192: [ 17.000147] kasan_save_stack+0x3c/0x68 [ 17.000185] kasan_save_track+0x20/0x40 [ 17.000235] kasan_save_alloc_info+0x40/0x58 [ 17.000278] __kasan_kmalloc+0xd4/0xd8 [ 17.000315] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.000363] kmalloc_double_kzfree+0xb8/0x308 [ 17.000407] kunit_try_run_case+0x170/0x3f0 [ 17.000457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.000506] kthread+0x328/0x630 [ 17.000697] ret_from_fork+0x10/0x20 [ 17.000867] [ 17.001140] Freed by task 192: [ 17.001490] kasan_save_stack+0x3c/0x68 [ 17.001560] kasan_save_track+0x20/0x40 [ 17.001620] kasan_save_free_info+0x4c/0x78 [ 17.001830] __kasan_slab_free+0x6c/0x98 [ 17.002280] kfree+0x214/0x3c8 [ 17.002356] kfree_sensitive+0x80/0xb0 [ 17.002493] kmalloc_double_kzfree+0x11c/0x308 [ 17.002881] kunit_try_run_case+0x170/0x3f0 [ 17.002971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.003225] kthread+0x328/0x630 [ 17.003436] ret_from_fork+0x10/0x20 [ 17.003519] [ 17.003539] The buggy address belongs to the object at fff00000c3fbdda0 [ 17.003539] which belongs to the cache kmalloc-16 of size 16 [ 17.003850] The buggy address is located 0 bytes inside of [ 17.003850] 16-byte region [fff00000c3fbdda0, fff00000c3fbddb0) [ 17.003930] [ 17.004043] The buggy address belongs to the physical page: [ 17.004096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fbd [ 17.004332] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.004544] page_type: f5(slab) [ 17.004948] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.005153] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.005286] page dumped because: kasan: bad access detected [ 17.005326] [ 17.005343] Memory state around the buggy address: [ 17.005681] fff00000c3fbdc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.005734] fff00000c3fbdd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.005977] >fff00000c3fbdd80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.006188] ^ [ 17.006399] fff00000c3fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.006445] fff00000c3fbde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.006652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.988202] ================================================================== [ 16.988312] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.988783] Read of size 1 at addr fff00000c3fbdda0 by task kunit_try_catch/192 [ 16.988857] [ 16.988918] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.989079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.989168] Hardware name: linux,dummy-virt (DT) [ 16.989308] Call trace: [ 16.989362] show_stack+0x20/0x38 (C) [ 16.989601] dump_stack_lvl+0x8c/0xd0 [ 16.989796] print_report+0x118/0x608 [ 16.989996] kasan_report+0xdc/0x128 [ 16.990069] __kasan_check_byte+0x54/0x70 [ 16.990332] kfree_sensitive+0x30/0xb0 [ 16.990392] kmalloc_double_kzfree+0x168/0x308 [ 16.990449] kunit_try_run_case+0x170/0x3f0 [ 16.990659] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.990727] kthread+0x328/0x630 [ 16.990769] ret_from_fork+0x10/0x20 [ 16.990839] [ 16.990857] Allocated by task 192: [ 16.990886] kasan_save_stack+0x3c/0x68 [ 16.990926] kasan_save_track+0x20/0x40 [ 16.990964] kasan_save_alloc_info+0x40/0x58 [ 16.991009] __kasan_kmalloc+0xd4/0xd8 [ 16.991448] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.991543] kmalloc_double_kzfree+0xb8/0x308 [ 16.991854] kunit_try_run_case+0x170/0x3f0 [ 16.992145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.992392] kthread+0x328/0x630 [ 16.992507] ret_from_fork+0x10/0x20 [ 16.992578] [ 16.992650] Freed by task 192: [ 16.992803] kasan_save_stack+0x3c/0x68 [ 16.992965] kasan_save_track+0x20/0x40 [ 16.993084] kasan_save_free_info+0x4c/0x78 [ 16.993150] __kasan_slab_free+0x6c/0x98 [ 16.993439] kfree+0x214/0x3c8 [ 16.993665] kfree_sensitive+0x80/0xb0 [ 16.993833] kmalloc_double_kzfree+0x11c/0x308 [ 16.993960] kunit_try_run_case+0x170/0x3f0 [ 16.994154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.994236] kthread+0x328/0x630 [ 16.994451] ret_from_fork+0x10/0x20 [ 16.994623] [ 16.994772] The buggy address belongs to the object at fff00000c3fbdda0 [ 16.994772] which belongs to the cache kmalloc-16 of size 16 [ 16.994874] The buggy address is located 0 bytes inside of [ 16.994874] freed 16-byte region [fff00000c3fbdda0, fff00000c3fbddb0) [ 16.995062] [ 16.995091] The buggy address belongs to the physical page: [ 16.995134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fbd [ 16.995343] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.995421] page_type: f5(slab) [ 16.995553] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.995940] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.996063] page dumped because: kasan: bad access detected [ 16.996229] [ 16.996285] Memory state around the buggy address: [ 16.996419] fff00000c3fbdc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.996675] fff00000c3fbdd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.996740] >fff00000c3fbdd80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.996894] ^ [ 16.996955] fff00000c3fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997222] fff00000c3fbde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.997304] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.962932] ================================================================== [ 16.963001] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.963062] Read of size 1 at addr fff00000c78c38a8 by task kunit_try_catch/188 [ 16.963110] [ 16.963498] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.963651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.963690] Hardware name: linux,dummy-virt (DT) [ 16.963723] Call trace: [ 16.963744] show_stack+0x20/0x38 (C) [ 16.963794] dump_stack_lvl+0x8c/0xd0 [ 16.963839] print_report+0x118/0x608 [ 16.963883] kasan_report+0xdc/0x128 [ 16.963938] __asan_report_load1_noabort+0x20/0x30 [ 16.963989] kmalloc_uaf2+0x3f4/0x468 [ 16.964043] kunit_try_run_case+0x170/0x3f0 [ 16.964090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.964141] kthread+0x328/0x630 [ 16.964183] ret_from_fork+0x10/0x20 [ 16.964228] [ 16.964254] Allocated by task 188: [ 16.964282] kasan_save_stack+0x3c/0x68 [ 16.964319] kasan_save_track+0x20/0x40 [ 16.964356] kasan_save_alloc_info+0x40/0x58 [ 16.964393] __kasan_kmalloc+0xd4/0xd8 [ 16.964438] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.964487] kmalloc_uaf2+0xc4/0x468 [ 16.964771] kunit_try_run_case+0x170/0x3f0 [ 16.965052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.965236] kthread+0x328/0x630 [ 16.965382] ret_from_fork+0x10/0x20 [ 16.965454] [ 16.965599] Freed by task 188: [ 16.965747] kasan_save_stack+0x3c/0x68 [ 16.965919] kasan_save_track+0x20/0x40 [ 16.965964] kasan_save_free_info+0x4c/0x78 [ 16.966048] __kasan_slab_free+0x6c/0x98 [ 16.966279] kfree+0x214/0x3c8 [ 16.966502] kmalloc_uaf2+0x134/0x468 [ 16.966628] kunit_try_run_case+0x170/0x3f0 [ 16.966736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.966866] kthread+0x328/0x630 [ 16.966901] ret_from_fork+0x10/0x20 [ 16.967094] [ 16.967178] The buggy address belongs to the object at fff00000c78c3880 [ 16.967178] which belongs to the cache kmalloc-64 of size 64 [ 16.967462] The buggy address is located 40 bytes inside of [ 16.967462] freed 64-byte region [fff00000c78c3880, fff00000c78c38c0) [ 16.967741] [ 16.967953] The buggy address belongs to the physical page: [ 16.968074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 16.968179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.968255] page_type: f5(slab) [ 16.968433] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.968665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.968725] page dumped because: kasan: bad access detected [ 16.968903] [ 16.968965] Memory state around the buggy address: [ 16.969180] fff00000c78c3780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.969297] fff00000c78c3800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.969471] >fff00000c78c3880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.969548] ^ [ 16.969677] fff00000c78c3900: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.969912] fff00000c78c3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.970089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.946770] ================================================================== [ 16.946924] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.946981] Write of size 33 at addr fff00000c78c3700 by task kunit_try_catch/186 [ 16.947043] [ 16.947397] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.947540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.947571] Hardware name: linux,dummy-virt (DT) [ 16.947606] Call trace: [ 16.947666] show_stack+0x20/0x38 (C) [ 16.947865] dump_stack_lvl+0x8c/0xd0 [ 16.947930] print_report+0x118/0x608 [ 16.947976] kasan_report+0xdc/0x128 [ 16.948039] kasan_check_range+0x100/0x1a8 [ 16.948087] __asan_memset+0x34/0x78 [ 16.948129] kmalloc_uaf_memset+0x170/0x310 [ 16.948548] kunit_try_run_case+0x170/0x3f0 [ 16.948637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.949125] kthread+0x328/0x630 [ 16.949260] ret_from_fork+0x10/0x20 [ 16.949369] [ 16.949432] Allocated by task 186: [ 16.949474] kasan_save_stack+0x3c/0x68 [ 16.949670] kasan_save_track+0x20/0x40 [ 16.949906] kasan_save_alloc_info+0x40/0x58 [ 16.949962] __kasan_kmalloc+0xd4/0xd8 [ 16.950062] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.950122] kmalloc_uaf_memset+0xb8/0x310 [ 16.950171] kunit_try_run_case+0x170/0x3f0 [ 16.950208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.950250] kthread+0x328/0x630 [ 16.950282] ret_from_fork+0x10/0x20 [ 16.950319] [ 16.950337] Freed by task 186: [ 16.950379] kasan_save_stack+0x3c/0x68 [ 16.950423] kasan_save_track+0x20/0x40 [ 16.950466] kasan_save_free_info+0x4c/0x78 [ 16.950503] __kasan_slab_free+0x6c/0x98 [ 16.950540] kfree+0x214/0x3c8 [ 16.950570] kmalloc_uaf_memset+0x11c/0x310 [ 16.950608] kunit_try_run_case+0x170/0x3f0 [ 16.950645] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.950686] kthread+0x328/0x630 [ 16.950740] ret_from_fork+0x10/0x20 [ 16.950784] [ 16.950802] The buggy address belongs to the object at fff00000c78c3700 [ 16.950802] which belongs to the cache kmalloc-64 of size 64 [ 16.950868] The buggy address is located 0 bytes inside of [ 16.950868] freed 64-byte region [fff00000c78c3700, fff00000c78c3740) [ 16.950928] [ 16.950969] The buggy address belongs to the physical page: [ 16.950999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 16.951370] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.951754] page_type: f5(slab) [ 16.951839] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.951907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.951973] page dumped because: kasan: bad access detected [ 16.952078] [ 16.952275] Memory state around the buggy address: [ 16.952545] fff00000c78c3600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.952722] fff00000c78c3680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.952790] >fff00000c78c3700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.952828] ^ [ 16.953180] fff00000c78c3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.953253] fff00000c78c3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.953798] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.929740] ================================================================== [ 16.930093] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.930178] Read of size 1 at addr fff00000c3fbdd88 by task kunit_try_catch/184 [ 16.930232] [ 16.930266] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.930348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.930376] Hardware name: linux,dummy-virt (DT) [ 16.930477] Call trace: [ 16.930503] show_stack+0x20/0x38 (C) [ 16.930591] dump_stack_lvl+0x8c/0xd0 [ 16.931049] print_report+0x118/0x608 [ 16.931118] kasan_report+0xdc/0x128 [ 16.931215] __asan_report_load1_noabort+0x20/0x30 [ 16.931300] kmalloc_uaf+0x300/0x338 [ 16.931343] kunit_try_run_case+0x170/0x3f0 [ 16.931449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.931501] kthread+0x328/0x630 [ 16.931553] ret_from_fork+0x10/0x20 [ 16.931603] [ 16.931621] Allocated by task 184: [ 16.931648] kasan_save_stack+0x3c/0x68 [ 16.931689] kasan_save_track+0x20/0x40 [ 16.931726] kasan_save_alloc_info+0x40/0x58 [ 16.931766] __kasan_kmalloc+0xd4/0xd8 [ 16.931810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.931856] kmalloc_uaf+0xb8/0x338 [ 16.931898] kunit_try_run_case+0x170/0x3f0 [ 16.931937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.931978] kthread+0x328/0x630 [ 16.932010] ret_from_fork+0x10/0x20 [ 16.932057] [ 16.932077] Freed by task 184: [ 16.932104] kasan_save_stack+0x3c/0x68 [ 16.932148] kasan_save_track+0x20/0x40 [ 16.932188] kasan_save_free_info+0x4c/0x78 [ 16.932227] __kasan_slab_free+0x6c/0x98 [ 16.932264] kfree+0x214/0x3c8 [ 16.932297] kmalloc_uaf+0x11c/0x338 [ 16.932334] kunit_try_run_case+0x170/0x3f0 [ 16.932371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.932423] kthread+0x328/0x630 [ 16.932461] ret_from_fork+0x10/0x20 [ 16.932496] [ 16.932514] The buggy address belongs to the object at fff00000c3fbdd80 [ 16.932514] which belongs to the cache kmalloc-16 of size 16 [ 16.932577] The buggy address is located 8 bytes inside of [ 16.932577] freed 16-byte region [fff00000c3fbdd80, fff00000c3fbdd90) [ 16.932637] [ 16.932661] The buggy address belongs to the physical page: [ 16.932699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fbd [ 16.932750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.932798] page_type: f5(slab) [ 16.932837] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.932885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.932935] page dumped because: kasan: bad access detected [ 16.932966] [ 16.932983] Memory state around the buggy address: [ 16.933016] fff00000c3fbdc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.933662] fff00000c3fbdd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.933711] >fff00000c3fbdd80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.933751] ^ [ 16.933781] fff00000c3fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.933825] fff00000c3fbde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.933864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.912070] ================================================================== [ 16.912175] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.912238] Read of size 64 at addr fff00000c78c3404 by task kunit_try_catch/182 [ 16.912289] [ 16.912514] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.912634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.912825] Hardware name: linux,dummy-virt (DT) [ 16.912992] Call trace: [ 16.913061] show_stack+0x20/0x38 (C) [ 16.913118] dump_stack_lvl+0x8c/0xd0 [ 16.913164] print_report+0x118/0x608 [ 16.913209] kasan_report+0xdc/0x128 [ 16.913653] kasan_check_range+0x100/0x1a8 [ 16.913869] __asan_memmove+0x3c/0x98 [ 16.914287] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.914421] kunit_try_run_case+0x170/0x3f0 [ 16.914519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.914668] kthread+0x328/0x630 [ 16.914768] ret_from_fork+0x10/0x20 [ 16.914845] [ 16.914863] Allocated by task 182: [ 16.915250] kasan_save_stack+0x3c/0x68 [ 16.915584] kasan_save_track+0x20/0x40 [ 16.915808] kasan_save_alloc_info+0x40/0x58 [ 16.915874] __kasan_kmalloc+0xd4/0xd8 [ 16.915913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.916213] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.916379] kunit_try_run_case+0x170/0x3f0 [ 16.916463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.916511] kthread+0x328/0x630 [ 16.916606] ret_from_fork+0x10/0x20 [ 16.916846] [ 16.916882] The buggy address belongs to the object at fff00000c78c3400 [ 16.916882] which belongs to the cache kmalloc-64 of size 64 [ 16.917040] The buggy address is located 4 bytes inside of [ 16.917040] allocated 64-byte region [fff00000c78c3400, fff00000c78c3440) [ 16.917227] [ 16.917280] The buggy address belongs to the physical page: [ 16.917349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 16.917507] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.917617] page_type: f5(slab) [ 16.917684] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.917814] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.917856] page dumped because: kasan: bad access detected [ 16.918099] [ 16.918256] Memory state around the buggy address: [ 16.918371] fff00000c78c3300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.918438] fff00000c78c3380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.918494] >fff00000c78c3400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.918542] ^ [ 16.918577] fff00000c78c3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.918628] fff00000c78c3500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.918666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.892071] ================================================================== [ 16.892367] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.892439] Read of size 18446744073709551614 at addr fff00000c78c3204 by task kunit_try_catch/180 [ 16.892668] [ 16.892730] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.893067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.893192] Hardware name: linux,dummy-virt (DT) [ 16.893245] Call trace: [ 16.893267] show_stack+0x20/0x38 (C) [ 16.893319] dump_stack_lvl+0x8c/0xd0 [ 16.893363] print_report+0x118/0x608 [ 16.893713] kasan_report+0xdc/0x128 [ 16.893766] kasan_check_range+0x100/0x1a8 [ 16.893814] __asan_memmove+0x3c/0x98 [ 16.893855] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.893903] kunit_try_run_case+0x170/0x3f0 [ 16.893948] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.893998] kthread+0x328/0x630 [ 16.894055] ret_from_fork+0x10/0x20 [ 16.894652] [ 16.894718] Allocated by task 180: [ 16.894791] kasan_save_stack+0x3c/0x68 [ 16.894949] kasan_save_track+0x20/0x40 [ 16.895228] kasan_save_alloc_info+0x40/0x58 [ 16.895365] __kasan_kmalloc+0xd4/0xd8 [ 16.895447] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.895689] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.895912] kunit_try_run_case+0x170/0x3f0 [ 16.896208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.896313] kthread+0x328/0x630 [ 16.896470] ret_from_fork+0x10/0x20 [ 16.896525] [ 16.896590] The buggy address belongs to the object at fff00000c78c3200 [ 16.896590] which belongs to the cache kmalloc-64 of size 64 [ 16.896735] The buggy address is located 4 bytes inside of [ 16.896735] 64-byte region [fff00000c78c3200, fff00000c78c3240) [ 16.896888] [ 16.896939] The buggy address belongs to the physical page: [ 16.896968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 16.897193] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.897386] page_type: f5(slab) [ 16.897662] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.897927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.898039] page dumped because: kasan: bad access detected [ 16.898092] [ 16.898259] Memory state around the buggy address: [ 16.898585] fff00000c78c3100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.898805] fff00000c78c3180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.898994] >fff00000c78c3200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.899148] ^ [ 16.899182] fff00000c78c3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.899223] fff00000c78c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.899410] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.875502] ================================================================== [ 16.875690] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.875807] Write of size 16 at addr fff00000c78c1269 by task kunit_try_catch/178 [ 16.876053] [ 16.876098] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.876308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.876343] Hardware name: linux,dummy-virt (DT) [ 16.876412] Call trace: [ 16.876617] show_stack+0x20/0x38 (C) [ 16.876835] dump_stack_lvl+0x8c/0xd0 [ 16.877069] print_report+0x118/0x608 [ 16.877136] kasan_report+0xdc/0x128 [ 16.877314] kasan_check_range+0x100/0x1a8 [ 16.877466] __asan_memset+0x34/0x78 [ 16.877708] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.877825] kunit_try_run_case+0x170/0x3f0 [ 16.878012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.878226] kthread+0x328/0x630 [ 16.878294] ret_from_fork+0x10/0x20 [ 16.878546] [ 16.878635] Allocated by task 178: [ 16.878714] kasan_save_stack+0x3c/0x68 [ 16.878983] kasan_save_track+0x20/0x40 [ 16.879126] kasan_save_alloc_info+0x40/0x58 [ 16.879165] __kasan_kmalloc+0xd4/0xd8 [ 16.879200] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.879246] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.879324] kunit_try_run_case+0x170/0x3f0 [ 16.879363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.879405] kthread+0x328/0x630 [ 16.879436] ret_from_fork+0x10/0x20 [ 16.879472] [ 16.879492] The buggy address belongs to the object at fff00000c78c1200 [ 16.879492] which belongs to the cache kmalloc-128 of size 128 [ 16.879568] The buggy address is located 105 bytes inside of [ 16.879568] allocated 120-byte region [fff00000c78c1200, fff00000c78c1278) [ 16.879648] [ 16.879668] The buggy address belongs to the physical page: [ 16.879704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 16.879762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.879828] page_type: f5(slab) [ 16.879865] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.879922] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.879968] page dumped because: kasan: bad access detected [ 16.880007] [ 16.880025] Memory state around the buggy address: [ 16.880065] fff00000c78c1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.880106] fff00000c78c1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.880146] >fff00000c78c1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.880182] ^ [ 16.880222] fff00000c78c1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.880263] fff00000c78c1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.880299] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.856162] ================================================================== [ 16.856227] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.856276] Write of size 8 at addr fff00000c78c1171 by task kunit_try_catch/176 [ 16.856489] [ 16.856527] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.856919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.857096] Hardware name: linux,dummy-virt (DT) [ 16.857224] Call trace: [ 16.857296] show_stack+0x20/0x38 (C) [ 16.857472] dump_stack_lvl+0x8c/0xd0 [ 16.857569] print_report+0x118/0x608 [ 16.857675] kasan_report+0xdc/0x128 [ 16.857731] kasan_check_range+0x100/0x1a8 [ 16.857783] __asan_memset+0x34/0x78 [ 16.857987] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.858328] kunit_try_run_case+0x170/0x3f0 [ 16.858433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.858877] kthread+0x328/0x630 [ 16.859046] ret_from_fork+0x10/0x20 [ 16.859107] [ 16.859125] Allocated by task 176: [ 16.859304] kasan_save_stack+0x3c/0x68 [ 16.859529] kasan_save_track+0x20/0x40 [ 16.859890] kasan_save_alloc_info+0x40/0x58 [ 16.860125] __kasan_kmalloc+0xd4/0xd8 [ 16.860262] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.860573] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.860648] kunit_try_run_case+0x170/0x3f0 [ 16.860686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.860735] kthread+0x328/0x630 [ 16.860766] ret_from_fork+0x10/0x20 [ 16.860800] [ 16.860947] The buggy address belongs to the object at fff00000c78c1100 [ 16.860947] which belongs to the cache kmalloc-128 of size 128 [ 16.861041] The buggy address is located 113 bytes inside of [ 16.861041] allocated 120-byte region [fff00000c78c1100, fff00000c78c1178) [ 16.861103] [ 16.861123] The buggy address belongs to the physical page: [ 16.861172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 16.861225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.861271] page_type: f5(slab) [ 16.861318] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.861375] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.861422] page dumped because: kasan: bad access detected [ 16.861461] [ 16.861495] Memory state around the buggy address: [ 16.861525] fff00000c78c1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.861568] fff00000c78c1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861610] >fff00000c78c1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.861652] ^ [ 16.861699] fff00000c78c1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861740] fff00000c78c1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.861784] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.839642] ================================================================== [ 16.839699] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.839805] Write of size 4 at addr fff00000c78c1075 by task kunit_try_catch/174 [ 16.839857] [ 16.839888] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.839967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.839992] Hardware name: linux,dummy-virt (DT) [ 16.840022] Call trace: [ 16.840764] show_stack+0x20/0x38 (C) [ 16.840819] dump_stack_lvl+0x8c/0xd0 [ 16.840864] print_report+0x118/0x608 [ 16.841221] kasan_report+0xdc/0x128 [ 16.841423] kasan_check_range+0x100/0x1a8 [ 16.841542] __asan_memset+0x34/0x78 [ 16.841716] kmalloc_oob_memset_4+0x150/0x300 [ 16.841801] kunit_try_run_case+0x170/0x3f0 [ 16.841863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.842116] kthread+0x328/0x630 [ 16.842412] ret_from_fork+0x10/0x20 [ 16.842651] [ 16.842731] Allocated by task 174: [ 16.842945] kasan_save_stack+0x3c/0x68 [ 16.843016] kasan_save_track+0x20/0x40 [ 16.843340] kasan_save_alloc_info+0x40/0x58 [ 16.843532] __kasan_kmalloc+0xd4/0xd8 [ 16.843681] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.843760] kmalloc_oob_memset_4+0xb0/0x300 [ 16.843835] kunit_try_run_case+0x170/0x3f0 [ 16.843890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.844126] kthread+0x328/0x630 [ 16.844252] ret_from_fork+0x10/0x20 [ 16.844550] [ 16.844594] The buggy address belongs to the object at fff00000c78c1000 [ 16.844594] which belongs to the cache kmalloc-128 of size 128 [ 16.844795] The buggy address is located 117 bytes inside of [ 16.844795] allocated 120-byte region [fff00000c78c1000, fff00000c78c1078) [ 16.844868] [ 16.844894] The buggy address belongs to the physical page: [ 16.844923] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1 [ 16.845325] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.845689] page_type: f5(slab) [ 16.845772] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.845905] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.845984] page dumped because: kasan: bad access detected [ 16.846021] [ 16.846225] Memory state around the buggy address: [ 16.846466] fff00000c78c0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.846584] fff00000c78c0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.846641] >fff00000c78c1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.846733] ^ [ 16.846773] fff00000c78c1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.847006] fff00000c78c1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.847347] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.823714] ================================================================== [ 16.824090] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.824202] Write of size 2 at addr fff00000c652df77 by task kunit_try_catch/172 [ 16.824304] [ 16.824380] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.824671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.824735] Hardware name: linux,dummy-virt (DT) [ 16.824814] Call trace: [ 16.824933] show_stack+0x20/0x38 (C) [ 16.825332] dump_stack_lvl+0x8c/0xd0 [ 16.825542] print_report+0x118/0x608 [ 16.825603] kasan_report+0xdc/0x128 [ 16.825810] kasan_check_range+0x100/0x1a8 [ 16.825867] __asan_memset+0x34/0x78 [ 16.825977] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.826392] kunit_try_run_case+0x170/0x3f0 [ 16.826579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.826776] kthread+0x328/0x630 [ 16.827067] ret_from_fork+0x10/0x20 [ 16.827330] [ 16.827515] Allocated by task 172: [ 16.827712] kasan_save_stack+0x3c/0x68 [ 16.827863] kasan_save_track+0x20/0x40 [ 16.827953] kasan_save_alloc_info+0x40/0x58 [ 16.828181] __kasan_kmalloc+0xd4/0xd8 [ 16.828357] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.828560] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.828600] kunit_try_run_case+0x170/0x3f0 [ 16.828636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.828971] kthread+0x328/0x630 [ 16.829140] ret_from_fork+0x10/0x20 [ 16.829225] [ 16.829246] The buggy address belongs to the object at fff00000c652df00 [ 16.829246] which belongs to the cache kmalloc-128 of size 128 [ 16.829471] The buggy address is located 119 bytes inside of [ 16.829471] allocated 120-byte region [fff00000c652df00, fff00000c652df78) [ 16.829698] [ 16.829786] The buggy address belongs to the physical page: [ 16.829855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.829963] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.830210] page_type: f5(slab) [ 16.830308] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.830434] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.830582] page dumped because: kasan: bad access detected [ 16.830935] [ 16.831314] Memory state around the buggy address: [ 16.831382] fff00000c652de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.831856] fff00000c652de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.831946] >fff00000c652df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.832105] ^ [ 16.832163] fff00000c652df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.832219] fff00000c652e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.832256] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.806751] ================================================================== [ 16.806815] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.806960] Write of size 128 at addr fff00000c652de00 by task kunit_try_catch/170 [ 16.807014] [ 16.807210] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.807304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.807330] Hardware name: linux,dummy-virt (DT) [ 16.807727] Call trace: [ 16.807767] show_stack+0x20/0x38 (C) [ 16.807820] dump_stack_lvl+0x8c/0xd0 [ 16.807991] print_report+0x118/0x608 [ 16.808064] kasan_report+0xdc/0x128 [ 16.808109] kasan_check_range+0x100/0x1a8 [ 16.808352] __asan_memset+0x34/0x78 [ 16.808415] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.808468] kunit_try_run_case+0x170/0x3f0 [ 16.808597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.808706] kthread+0x328/0x630 [ 16.808825] ret_from_fork+0x10/0x20 [ 16.808874] [ 16.808892] Allocated by task 170: [ 16.808945] kasan_save_stack+0x3c/0x68 [ 16.809256] kasan_save_track+0x20/0x40 [ 16.809443] kasan_save_alloc_info+0x40/0x58 [ 16.809593] __kasan_kmalloc+0xd4/0xd8 [ 16.809672] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.809756] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.809866] kunit_try_run_case+0x170/0x3f0 [ 16.810087] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.810340] kthread+0x328/0x630 [ 16.810408] ret_from_fork+0x10/0x20 [ 16.810585] [ 16.810704] The buggy address belongs to the object at fff00000c652de00 [ 16.810704] which belongs to the cache kmalloc-128 of size 128 [ 16.810800] The buggy address is located 0 bytes inside of [ 16.810800] allocated 120-byte region [fff00000c652de00, fff00000c652de78) [ 16.811224] [ 16.811429] The buggy address belongs to the physical page: [ 16.811466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.811692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.811974] page_type: f5(slab) [ 16.812081] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.812277] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.812369] page dumped because: kasan: bad access detected [ 16.812662] [ 16.812719] Memory state around the buggy address: [ 16.812903] fff00000c652dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.812988] fff00000c652dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.813123] >fff00000c652de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.813221] ^ [ 16.813355] fff00000c652de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.813397] fff00000c652df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.813440] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.789319] ================================================================== [ 16.789727] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.790172] Read of size 16 at addr fff00000c3fbdd60 by task kunit_try_catch/168 [ 16.790246] [ 16.790280] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.790401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.790528] Hardware name: linux,dummy-virt (DT) [ 16.790565] Call trace: [ 16.790686] show_stack+0x20/0x38 (C) [ 16.790749] dump_stack_lvl+0x8c/0xd0 [ 16.790794] print_report+0x118/0x608 [ 16.790838] kasan_report+0xdc/0x128 [ 16.790882] __asan_report_load16_noabort+0x20/0x30 [ 16.790927] kmalloc_uaf_16+0x3bc/0x438 [ 16.790970] kunit_try_run_case+0x170/0x3f0 [ 16.791015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.791407] kthread+0x328/0x630 [ 16.791470] ret_from_fork+0x10/0x20 [ 16.791816] [ 16.791884] Allocated by task 168: [ 16.791926] kasan_save_stack+0x3c/0x68 [ 16.791969] kasan_save_track+0x20/0x40 [ 16.792074] kasan_save_alloc_info+0x40/0x58 [ 16.792153] __kasan_kmalloc+0xd4/0xd8 [ 16.792189] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.792491] kmalloc_uaf_16+0x140/0x438 [ 16.792744] kunit_try_run_case+0x170/0x3f0 [ 16.792960] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.793070] kthread+0x328/0x630 [ 16.793157] ret_from_fork+0x10/0x20 [ 16.793226] [ 16.793355] Freed by task 168: [ 16.793392] kasan_save_stack+0x3c/0x68 [ 16.793595] kasan_save_track+0x20/0x40 [ 16.793655] kasan_save_free_info+0x4c/0x78 [ 16.793832] __kasan_slab_free+0x6c/0x98 [ 16.793985] kfree+0x214/0x3c8 [ 16.794193] kmalloc_uaf_16+0x190/0x438 [ 16.794282] kunit_try_run_case+0x170/0x3f0 [ 16.794424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.794579] kthread+0x328/0x630 [ 16.794658] ret_from_fork+0x10/0x20 [ 16.794816] [ 16.794908] The buggy address belongs to the object at fff00000c3fbdd60 [ 16.794908] which belongs to the cache kmalloc-16 of size 16 [ 16.795354] The buggy address is located 0 bytes inside of [ 16.795354] freed 16-byte region [fff00000c3fbdd60, fff00000c3fbdd70) [ 16.795470] [ 16.795503] The buggy address belongs to the physical page: [ 16.795532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fbd [ 16.795769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.795864] page_type: f5(slab) [ 16.796060] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.796116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.796352] page dumped because: kasan: bad access detected [ 16.796401] [ 16.796491] Memory state around the buggy address: [ 16.796523] fff00000c3fbdc00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.796909] fff00000c3fbdc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.797062] >fff00000c3fbdd00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.797104] ^ [ 16.797148] fff00000c3fbdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797396] fff00000c3fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797686] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.774015] ================================================================== [ 16.774131] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.774572] Write of size 16 at addr fff00000c3fbdd00 by task kunit_try_catch/166 [ 16.774626] [ 16.774685] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.774804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.774832] Hardware name: linux,dummy-virt (DT) [ 16.774891] Call trace: [ 16.774940] show_stack+0x20/0x38 (C) [ 16.775023] dump_stack_lvl+0x8c/0xd0 [ 16.775128] print_report+0x118/0x608 [ 16.775183] kasan_report+0xdc/0x128 [ 16.775229] __asan_report_store16_noabort+0x20/0x30 [ 16.775565] kmalloc_oob_16+0x3a0/0x3f8 [ 16.775619] kunit_try_run_case+0x170/0x3f0 [ 16.775665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.775820] kthread+0x328/0x630 [ 16.775896] ret_from_fork+0x10/0x20 [ 16.776108] [ 16.776147] Allocated by task 166: [ 16.776195] kasan_save_stack+0x3c/0x68 [ 16.776341] kasan_save_track+0x20/0x40 [ 16.776387] kasan_save_alloc_info+0x40/0x58 [ 16.776703] __kasan_kmalloc+0xd4/0xd8 [ 16.776872] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.776970] kmalloc_oob_16+0xb4/0x3f8 [ 16.777079] kunit_try_run_case+0x170/0x3f0 [ 16.777198] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.777352] kthread+0x328/0x630 [ 16.777462] ret_from_fork+0x10/0x20 [ 16.777695] [ 16.777869] The buggy address belongs to the object at fff00000c3fbdd00 [ 16.777869] which belongs to the cache kmalloc-16 of size 16 [ 16.778012] The buggy address is located 0 bytes inside of [ 16.778012] allocated 13-byte region [fff00000c3fbdd00, fff00000c3fbdd0d) [ 16.778129] [ 16.778237] The buggy address belongs to the physical page: [ 16.778305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fbd [ 16.778461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.778695] page_type: f5(slab) [ 16.778931] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.779085] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.779220] page dumped because: kasan: bad access detected [ 16.779378] [ 16.779458] Memory state around the buggy address: [ 16.779543] fff00000c3fbdc00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 16.779911] fff00000c3fbdc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.780119] >fff00000c3fbdd00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.780217] ^ [ 16.780392] fff00000c3fbdd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780583] fff00000c3fbde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780676] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.755218] ================================================================== [ 16.755277] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.755325] Read of size 1 at addr fff00000c59ab600 by task kunit_try_catch/164 [ 16.755380] [ 16.755592] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.755944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.755995] Hardware name: linux,dummy-virt (DT) [ 16.756040] Call trace: [ 16.756099] show_stack+0x20/0x38 (C) [ 16.756151] dump_stack_lvl+0x8c/0xd0 [ 16.756196] print_report+0x118/0x608 [ 16.756251] kasan_report+0xdc/0x128 [ 16.756295] __asan_report_load1_noabort+0x20/0x30 [ 16.756354] krealloc_uaf+0x4c8/0x520 [ 16.756404] kunit_try_run_case+0x170/0x3f0 [ 16.756454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.756505] kthread+0x328/0x630 [ 16.756705] ret_from_fork+0x10/0x20 [ 16.756758] [ 16.756984] Allocated by task 164: [ 16.757075] kasan_save_stack+0x3c/0x68 [ 16.757175] kasan_save_track+0x20/0x40 [ 16.757282] kasan_save_alloc_info+0x40/0x58 [ 16.757522] __kasan_kmalloc+0xd4/0xd8 [ 16.757573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.757758] krealloc_uaf+0xc8/0x520 [ 16.757932] kunit_try_run_case+0x170/0x3f0 [ 16.758000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.758391] kthread+0x328/0x630 [ 16.758531] ret_from_fork+0x10/0x20 [ 16.758615] [ 16.758756] Freed by task 164: [ 16.758835] kasan_save_stack+0x3c/0x68 [ 16.759003] kasan_save_track+0x20/0x40 [ 16.759089] kasan_save_free_info+0x4c/0x78 [ 16.759295] __kasan_slab_free+0x6c/0x98 [ 16.759510] kfree+0x214/0x3c8 [ 16.759579] krealloc_uaf+0x12c/0x520 [ 16.759670] kunit_try_run_case+0x170/0x3f0 [ 16.759768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.759876] kthread+0x328/0x630 [ 16.760003] ret_from_fork+0x10/0x20 [ 16.760070] [ 16.760295] The buggy address belongs to the object at fff00000c59ab600 [ 16.760295] which belongs to the cache kmalloc-256 of size 256 [ 16.760529] The buggy address is located 0 bytes inside of [ 16.760529] freed 256-byte region [fff00000c59ab600, fff00000c59ab700) [ 16.760725] [ 16.760812] The buggy address belongs to the physical page: [ 16.760936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.760989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.761049] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.761444] page_type: f5(slab) [ 16.761582] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.761635] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.761857] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.761964] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.762071] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.762303] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.762368] page dumped because: kasan: bad access detected [ 16.762399] [ 16.762416] Memory state around the buggy address: [ 16.762446] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762541] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762582] >fff00000c59ab600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.762620] ^ [ 16.762654] fff00000c59ab680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.762697] fff00000c59ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762734] ================================================================== [ 16.743999] ================================================================== [ 16.744607] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.744710] Read of size 1 at addr fff00000c59ab600 by task kunit_try_catch/164 [ 16.745006] [ 16.745055] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.745271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.745350] Hardware name: linux,dummy-virt (DT) [ 16.745453] Call trace: [ 16.745505] show_stack+0x20/0x38 (C) [ 16.745702] dump_stack_lvl+0x8c/0xd0 [ 16.745902] print_report+0x118/0x608 [ 16.745982] kasan_report+0xdc/0x128 [ 16.746107] __kasan_check_byte+0x54/0x70 [ 16.746203] krealloc_noprof+0x44/0x360 [ 16.746404] krealloc_uaf+0x180/0x520 [ 16.746619] kunit_try_run_case+0x170/0x3f0 [ 16.746897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.747149] kthread+0x328/0x630 [ 16.747278] ret_from_fork+0x10/0x20 [ 16.747336] [ 16.747533] Allocated by task 164: [ 16.747807] kasan_save_stack+0x3c/0x68 [ 16.747904] kasan_save_track+0x20/0x40 [ 16.747942] kasan_save_alloc_info+0x40/0x58 [ 16.748016] __kasan_kmalloc+0xd4/0xd8 [ 16.748076] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.748122] krealloc_uaf+0xc8/0x520 [ 16.748165] kunit_try_run_case+0x170/0x3f0 [ 16.748201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.748249] kthread+0x328/0x630 [ 16.748288] ret_from_fork+0x10/0x20 [ 16.748322] [ 16.748363] Freed by task 164: [ 16.748420] kasan_save_stack+0x3c/0x68 [ 16.748468] kasan_save_track+0x20/0x40 [ 16.748505] kasan_save_free_info+0x4c/0x78 [ 16.748793] __kasan_slab_free+0x6c/0x98 [ 16.748841] kfree+0x214/0x3c8 [ 16.749154] krealloc_uaf+0x12c/0x520 [ 16.749231] kunit_try_run_case+0x170/0x3f0 [ 16.749298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.749385] kthread+0x328/0x630 [ 16.749489] ret_from_fork+0x10/0x20 [ 16.749550] [ 16.749740] The buggy address belongs to the object at fff00000c59ab600 [ 16.749740] which belongs to the cache kmalloc-256 of size 256 [ 16.750001] The buggy address is located 0 bytes inside of [ 16.750001] freed 256-byte region [fff00000c59ab600, fff00000c59ab700) [ 16.750286] [ 16.750380] The buggy address belongs to the physical page: [ 16.750459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.750557] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.750627] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.750973] page_type: f5(slab) [ 16.751338] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.751442] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.751663] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.751888] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.752074] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.752160] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.752274] page dumped because: kasan: bad access detected [ 16.752355] [ 16.752464] Memory state around the buggy address: [ 16.752497] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.752546] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.752769] >fff00000c59ab600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.753240] ^ [ 16.753393] fff00000c59ab680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.753478] fff00000c59ab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753532] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.635077] ================================================================== [ 16.635132] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.635177] Write of size 1 at addr fff00000c59ab4d0 by task kunit_try_catch/158 [ 16.635232] [ 16.635272] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.635500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.635631] Hardware name: linux,dummy-virt (DT) [ 16.635667] Call trace: [ 16.635896] show_stack+0x20/0x38 (C) [ 16.636085] dump_stack_lvl+0x8c/0xd0 [ 16.636136] print_report+0x118/0x608 [ 16.636302] kasan_report+0xdc/0x128 [ 16.636448] __asan_report_store1_noabort+0x20/0x30 [ 16.636915] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.637205] krealloc_less_oob+0x20/0x38 [ 16.637311] kunit_try_run_case+0x170/0x3f0 [ 16.637609] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.637773] kthread+0x328/0x630 [ 16.637849] ret_from_fork+0x10/0x20 [ 16.638313] [ 16.638339] Allocated by task 158: [ 16.638405] kasan_save_stack+0x3c/0x68 [ 16.638476] kasan_save_track+0x20/0x40 [ 16.638623] kasan_save_alloc_info+0x40/0x58 [ 16.638941] __kasan_krealloc+0x118/0x178 [ 16.639040] krealloc_noprof+0x128/0x360 [ 16.639152] krealloc_less_oob_helper+0x168/0xc50 [ 16.639240] krealloc_less_oob+0x20/0x38 [ 16.639470] kunit_try_run_case+0x170/0x3f0 [ 16.639567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.640121] kthread+0x328/0x630 [ 16.640221] ret_from_fork+0x10/0x20 [ 16.640345] [ 16.640398] The buggy address belongs to the object at fff00000c59ab400 [ 16.640398] which belongs to the cache kmalloc-256 of size 256 [ 16.640498] The buggy address is located 7 bytes to the right of [ 16.640498] allocated 201-byte region [fff00000c59ab400, fff00000c59ab4c9) [ 16.640652] [ 16.640712] The buggy address belongs to the physical page: [ 16.640929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.641122] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.641300] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.641443] page_type: f5(slab) [ 16.641490] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.641548] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.641601] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.641667] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.641714] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.641765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.641804] page dumped because: kasan: bad access detected [ 16.641833] [ 16.641850] Memory state around the buggy address: [ 16.641896] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641945] fff00000c59ab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.641985] >fff00000c59ab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.642053] ^ [ 16.642468] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.642570] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643122] ================================================================== [ 16.623949] ================================================================== [ 16.624084] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.624137] Write of size 1 at addr fff00000c59ab4c9 by task kunit_try_catch/158 [ 16.624184] [ 16.624216] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.624551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.624858] Hardware name: linux,dummy-virt (DT) [ 16.624928] Call trace: [ 16.625011] show_stack+0x20/0x38 (C) [ 16.625257] dump_stack_lvl+0x8c/0xd0 [ 16.625502] print_report+0x118/0x608 [ 16.625630] kasan_report+0xdc/0x128 [ 16.625880] __asan_report_store1_noabort+0x20/0x30 [ 16.626114] krealloc_less_oob_helper+0xa48/0xc50 [ 16.626286] krealloc_less_oob+0x20/0x38 [ 16.626470] kunit_try_run_case+0x170/0x3f0 [ 16.626569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.626974] kthread+0x328/0x630 [ 16.627139] ret_from_fork+0x10/0x20 [ 16.627349] [ 16.627505] Allocated by task 158: [ 16.627604] kasan_save_stack+0x3c/0x68 [ 16.627994] kasan_save_track+0x20/0x40 [ 16.628109] kasan_save_alloc_info+0x40/0x58 [ 16.628530] __kasan_krealloc+0x118/0x178 [ 16.628712] krealloc_noprof+0x128/0x360 [ 16.628753] krealloc_less_oob_helper+0x168/0xc50 [ 16.628790] krealloc_less_oob+0x20/0x38 [ 16.628825] kunit_try_run_case+0x170/0x3f0 [ 16.629110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.629288] kthread+0x328/0x630 [ 16.629591] ret_from_fork+0x10/0x20 [ 16.629652] [ 16.629799] The buggy address belongs to the object at fff00000c59ab400 [ 16.629799] which belongs to the cache kmalloc-256 of size 256 [ 16.629887] The buggy address is located 0 bytes to the right of [ 16.629887] allocated 201-byte region [fff00000c59ab400, fff00000c59ab4c9) [ 16.630158] [ 16.630229] The buggy address belongs to the physical page: [ 16.630298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.630675] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.631002] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.631193] page_type: f5(slab) [ 16.631306] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.631394] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.631723] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.631933] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.632024] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.632185] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.632281] page dumped because: kasan: bad access detected [ 16.632317] [ 16.632503] Memory state around the buggy address: [ 16.632545] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.632605] fff00000c59ab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.632865] >fff00000c59ab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.632944] ^ [ 16.633148] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633211] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633247] ================================================================== [ 16.651247] ================================================================== [ 16.651609] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.651719] Write of size 1 at addr fff00000c59ab4ea by task kunit_try_catch/158 [ 16.652050] [ 16.652099] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.652181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.652206] Hardware name: linux,dummy-virt (DT) [ 16.652235] Call trace: [ 16.652416] show_stack+0x20/0x38 (C) [ 16.652483] dump_stack_lvl+0x8c/0xd0 [ 16.652682] print_report+0x118/0x608 [ 16.652810] kasan_report+0xdc/0x128 [ 16.653170] __asan_report_store1_noabort+0x20/0x30 [ 16.653377] krealloc_less_oob_helper+0xae4/0xc50 [ 16.653524] krealloc_less_oob+0x20/0x38 [ 16.653572] kunit_try_run_case+0x170/0x3f0 [ 16.653640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.653910] kthread+0x328/0x630 [ 16.654202] ret_from_fork+0x10/0x20 [ 16.654285] [ 16.654333] Allocated by task 158: [ 16.654425] kasan_save_stack+0x3c/0x68 [ 16.654525] kasan_save_track+0x20/0x40 [ 16.654758] kasan_save_alloc_info+0x40/0x58 [ 16.655047] __kasan_krealloc+0x118/0x178 [ 16.655205] krealloc_noprof+0x128/0x360 [ 16.655325] krealloc_less_oob_helper+0x168/0xc50 [ 16.655400] krealloc_less_oob+0x20/0x38 [ 16.655445] kunit_try_run_case+0x170/0x3f0 [ 16.655639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.655830] kthread+0x328/0x630 [ 16.655993] ret_from_fork+0x10/0x20 [ 16.656157] [ 16.656229] The buggy address belongs to the object at fff00000c59ab400 [ 16.656229] which belongs to the cache kmalloc-256 of size 256 [ 16.656627] The buggy address is located 33 bytes to the right of [ 16.656627] allocated 201-byte region [fff00000c59ab400, fff00000c59ab4c9) [ 16.656802] [ 16.656893] The buggy address belongs to the physical page: [ 16.656962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.657182] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.657232] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.657292] page_type: f5(slab) [ 16.657328] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.657703] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.657847] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.658018] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.658203] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.658521] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.658700] page dumped because: kasan: bad access detected [ 16.658827] [ 16.658897] Memory state around the buggy address: [ 16.659042] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.659173] fff00000c59ab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.659242] >fff00000c59ab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.659305] ^ [ 16.659598] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.659844] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.659917] ================================================================== [ 16.645145] ================================================================== [ 16.645197] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.645243] Write of size 1 at addr fff00000c59ab4da by task kunit_try_catch/158 [ 16.645315] [ 16.645439] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.645541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.645567] Hardware name: linux,dummy-virt (DT) [ 16.645603] Call trace: [ 16.645623] show_stack+0x20/0x38 (C) [ 16.645917] dump_stack_lvl+0x8c/0xd0 [ 16.646070] print_report+0x118/0x608 [ 16.646143] kasan_report+0xdc/0x128 [ 16.646190] __asan_report_store1_noabort+0x20/0x30 [ 16.646236] krealloc_less_oob_helper+0xa80/0xc50 [ 16.646520] krealloc_less_oob+0x20/0x38 [ 16.646656] kunit_try_run_case+0x170/0x3f0 [ 16.646834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.646891] kthread+0x328/0x630 [ 16.646932] ret_from_fork+0x10/0x20 [ 16.647124] [ 16.647296] Allocated by task 158: [ 16.647331] kasan_save_stack+0x3c/0x68 [ 16.647373] kasan_save_track+0x20/0x40 [ 16.647681] kasan_save_alloc_info+0x40/0x58 [ 16.647749] __kasan_krealloc+0x118/0x178 [ 16.647786] krealloc_noprof+0x128/0x360 [ 16.647820] krealloc_less_oob_helper+0x168/0xc50 [ 16.647857] krealloc_less_oob+0x20/0x38 [ 16.647892] kunit_try_run_case+0x170/0x3f0 [ 16.647928] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.648421] kthread+0x328/0x630 [ 16.648481] ret_from_fork+0x10/0x20 [ 16.648517] [ 16.648572] The buggy address belongs to the object at fff00000c59ab400 [ 16.648572] which belongs to the cache kmalloc-256 of size 256 [ 16.648628] The buggy address is located 17 bytes to the right of [ 16.648628] allocated 201-byte region [fff00000c59ab400, fff00000c59ab4c9) [ 16.648826] [ 16.649008] The buggy address belongs to the physical page: [ 16.649050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.649115] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.649159] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.649207] page_type: f5(slab) [ 16.649268] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.649327] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.649394] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.649452] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.649512] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.649564] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.649603] page dumped because: kasan: bad access detected [ 16.649641] [ 16.649658] Memory state around the buggy address: [ 16.649687] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649728] fff00000c59ab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.649768] >fff00000c59ab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.649805] ^ [ 16.649849] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649898] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649942] ================================================================== [ 16.661769] ================================================================== [ 16.661840] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.661913] Write of size 1 at addr fff00000c59ab4eb by task kunit_try_catch/158 [ 16.662145] [ 16.662193] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.662282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.662307] Hardware name: linux,dummy-virt (DT) [ 16.662336] Call trace: [ 16.662544] show_stack+0x20/0x38 (C) [ 16.662607] dump_stack_lvl+0x8c/0xd0 [ 16.662652] print_report+0x118/0x608 [ 16.662705] kasan_report+0xdc/0x128 [ 16.662898] __asan_report_store1_noabort+0x20/0x30 [ 16.662958] krealloc_less_oob_helper+0xa58/0xc50 [ 16.663005] krealloc_less_oob+0x20/0x38 [ 16.663265] kunit_try_run_case+0x170/0x3f0 [ 16.663329] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663381] kthread+0x328/0x630 [ 16.663421] ret_from_fork+0x10/0x20 [ 16.663476] [ 16.663494] Allocated by task 158: [ 16.663521] kasan_save_stack+0x3c/0x68 [ 16.663560] kasan_save_track+0x20/0x40 [ 16.663595] kasan_save_alloc_info+0x40/0x58 [ 16.663634] __kasan_krealloc+0x118/0x178 [ 16.663670] krealloc_noprof+0x128/0x360 [ 16.663705] krealloc_less_oob_helper+0x168/0xc50 [ 16.663743] krealloc_less_oob+0x20/0x38 [ 16.663776] kunit_try_run_case+0x170/0x3f0 [ 16.663812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.663864] kthread+0x328/0x630 [ 16.663895] ret_from_fork+0x10/0x20 [ 16.663928] [ 16.663947] The buggy address belongs to the object at fff00000c59ab400 [ 16.663947] which belongs to the cache kmalloc-256 of size 256 [ 16.664000] The buggy address is located 34 bytes to the right of [ 16.664000] allocated 201-byte region [fff00000c59ab400, fff00000c59ab4c9) [ 16.664426] [ 16.664658] The buggy address belongs to the physical page: [ 16.664700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.664779] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.664840] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.665002] page_type: f5(slab) [ 16.665111] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.665160] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.665633] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.665738] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.665941] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.666134] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.666199] page dumped because: kasan: bad access detected [ 16.666229] [ 16.666246] Memory state around the buggy address: [ 16.666586] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666648] fff00000c59ab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.666806] >fff00000c59ab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.666929] ^ [ 16.666976] fff00000c59ab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667137] fff00000c59ab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667177] ================================================================== [ 16.725970] ================================================================== [ 16.726021] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.726078] Write of size 1 at addr fff00000c780a0ea by task kunit_try_catch/162 [ 16.726182] [ 16.726213] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.726289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.726314] Hardware name: linux,dummy-virt (DT) [ 16.726343] Call trace: [ 16.726363] show_stack+0x20/0x38 (C) [ 16.726409] dump_stack_lvl+0x8c/0xd0 [ 16.726452] print_report+0x118/0x608 [ 16.726507] kasan_report+0xdc/0x128 [ 16.726551] __asan_report_store1_noabort+0x20/0x30 [ 16.726597] krealloc_less_oob_helper+0xae4/0xc50 [ 16.726643] krealloc_large_less_oob+0x20/0x38 [ 16.726688] kunit_try_run_case+0x170/0x3f0 [ 16.726733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.726784] kthread+0x328/0x630 [ 16.726833] ret_from_fork+0x10/0x20 [ 16.726878] [ 16.726897] The buggy address belongs to the physical page: [ 16.726926] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 16.726974] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.727049] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.727098] page_type: f8(unknown) [ 16.727142] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.727200] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.727257] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.727305] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.727352] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 16.727409] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.727447] page dumped because: kasan: bad access detected [ 16.727481] [ 16.727499] Memory state around the buggy address: [ 16.727536] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.727577] fff00000c780a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.727622] >fff00000c780a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.727657] ^ [ 16.727693] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.727740] fff00000c780a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.727777] ================================================================== [ 16.720865] ================================================================== [ 16.720929] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.720977] Write of size 1 at addr fff00000c780a0da by task kunit_try_catch/162 [ 16.721023] [ 16.721063] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.721139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.721348] Hardware name: linux,dummy-virt (DT) [ 16.721514] Call trace: [ 16.721600] show_stack+0x20/0x38 (C) [ 16.721654] dump_stack_lvl+0x8c/0xd0 [ 16.721698] print_report+0x118/0x608 [ 16.721743] kasan_report+0xdc/0x128 [ 16.721827] __asan_report_store1_noabort+0x20/0x30 [ 16.721905] krealloc_less_oob_helper+0xa80/0xc50 [ 16.721971] krealloc_large_less_oob+0x20/0x38 [ 16.722062] kunit_try_run_case+0x170/0x3f0 [ 16.722108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.722158] kthread+0x328/0x630 [ 16.722318] ret_from_fork+0x10/0x20 [ 16.722630] [ 16.722732] The buggy address belongs to the physical page: [ 16.722770] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 16.722822] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.722899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.722978] page_type: f8(unknown) [ 16.723019] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.723266] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.723329] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.723481] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.723632] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 16.723727] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.723840] page dumped because: kasan: bad access detected [ 16.723873] [ 16.723890] Memory state around the buggy address: [ 16.724072] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.724127] fff00000c780a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.724338] >fff00000c780a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.724428] ^ [ 16.724477] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.724875] fff00000c780a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.724941] ================================================================== [ 16.714585] ================================================================== [ 16.714654] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.714828] Write of size 1 at addr fff00000c780a0d0 by task kunit_try_catch/162 [ 16.714911] [ 16.714942] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.715241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.715390] Hardware name: linux,dummy-virt (DT) [ 16.715432] Call trace: [ 16.715452] show_stack+0x20/0x38 (C) [ 16.715782] dump_stack_lvl+0x8c/0xd0 [ 16.715892] print_report+0x118/0x608 [ 16.715953] kasan_report+0xdc/0x128 [ 16.715999] __asan_report_store1_noabort+0x20/0x30 [ 16.716056] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.716111] krealloc_large_less_oob+0x20/0x38 [ 16.716157] kunit_try_run_case+0x170/0x3f0 [ 16.716202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.716252] kthread+0x328/0x630 [ 16.716299] ret_from_fork+0x10/0x20 [ 16.716356] [ 16.716385] The buggy address belongs to the physical page: [ 16.716417] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 16.716473] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.716518] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.716831] page_type: f8(unknown) [ 16.716977] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.717139] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.717580] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.717810] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.717886] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 16.718075] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.718419] page dumped because: kasan: bad access detected [ 16.718574] [ 16.718665] Memory state around the buggy address: [ 16.718780] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.718854] fff00000c780a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.718901] >fff00000c780a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.719087] ^ [ 16.719147] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.719448] fff00000c780a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.719516] ================================================================== [ 16.727826] ================================================================== [ 16.727860] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.727907] Write of size 1 at addr fff00000c780a0eb by task kunit_try_catch/162 [ 16.727953] [ 16.727986] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.728321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.728349] Hardware name: linux,dummy-virt (DT) [ 16.728483] Call trace: [ 16.728516] show_stack+0x20/0x38 (C) [ 16.729126] dump_stack_lvl+0x8c/0xd0 [ 16.729208] print_report+0x118/0x608 [ 16.729268] kasan_report+0xdc/0x128 [ 16.729312] __asan_report_store1_noabort+0x20/0x30 [ 16.729358] krealloc_less_oob_helper+0xa58/0xc50 [ 16.729715] krealloc_large_less_oob+0x20/0x38 [ 16.729814] kunit_try_run_case+0x170/0x3f0 [ 16.730058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.730497] kthread+0x328/0x630 [ 16.730666] ret_from_fork+0x10/0x20 [ 16.730850] [ 16.730985] The buggy address belongs to the physical page: [ 16.731063] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 16.731137] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.731358] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.731775] page_type: f8(unknown) [ 16.731898] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.731997] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.732080] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.732127] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.732502] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 16.732731] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.732831] page dumped because: kasan: bad access detected [ 16.732997] [ 16.733069] Memory state around the buggy address: [ 16.733101] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.733142] fff00000c780a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.733186] >fff00000c780a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.733383] ^ [ 16.733671] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.734086] fff00000c780a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.734185] ================================================================== [ 16.704575] ================================================================== [ 16.704671] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.704884] Write of size 1 at addr fff00000c780a0c9 by task kunit_try_catch/162 [ 16.704937] [ 16.704970] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.705231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.705377] Hardware name: linux,dummy-virt (DT) [ 16.705466] Call trace: [ 16.705503] show_stack+0x20/0x38 (C) [ 16.705743] dump_stack_lvl+0x8c/0xd0 [ 16.705850] print_report+0x118/0x608 [ 16.706123] kasan_report+0xdc/0x128 [ 16.706259] __asan_report_store1_noabort+0x20/0x30 [ 16.706466] krealloc_less_oob_helper+0xa48/0xc50 [ 16.706793] krealloc_large_less_oob+0x20/0x38 [ 16.706956] kunit_try_run_case+0x170/0x3f0 [ 16.707091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707249] kthread+0x328/0x630 [ 16.707338] ret_from_fork+0x10/0x20 [ 16.707773] [ 16.707876] The buggy address belongs to the physical page: [ 16.707947] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 16.708099] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.708175] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.708383] page_type: f8(unknown) [ 16.708648] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.709085] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.709491] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.709589] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.709737] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 16.709867] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.709947] page dumped because: kasan: bad access detected [ 16.709996] [ 16.710347] Memory state around the buggy address: [ 16.710463] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.710524] fff00000c780a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.710857] >fff00000c780a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.711087] ^ [ 16.711347] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.711419] fff00000c780a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.711499] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.679500] ================================================================== [ 16.679928] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.680142] Write of size 1 at addr fff00000c78060eb by task kunit_try_catch/160 [ 16.680207] [ 16.680242] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.680322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.680347] Hardware name: linux,dummy-virt (DT) [ 16.680377] Call trace: [ 16.680708] show_stack+0x20/0x38 (C) [ 16.680931] dump_stack_lvl+0x8c/0xd0 [ 16.680986] print_report+0x118/0x608 [ 16.681382] kasan_report+0xdc/0x128 [ 16.681479] __asan_report_store1_noabort+0x20/0x30 [ 16.681567] krealloc_more_oob_helper+0x60c/0x678 [ 16.681764] krealloc_large_more_oob+0x20/0x38 [ 16.681963] kunit_try_run_case+0x170/0x3f0 [ 16.682202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.682390] kthread+0x328/0x630 [ 16.682767] ret_from_fork+0x10/0x20 [ 16.683146] [ 16.683203] The buggy address belongs to the physical page: [ 16.683243] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 16.683655] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.683769] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.683893] page_type: f8(unknown) [ 16.684363] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.684462] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.684528] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.684738] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.684998] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff [ 16.685087] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.685132] page dumped because: kasan: bad access detected [ 16.685162] [ 16.685360] Memory state around the buggy address: [ 16.685455] fff00000c7805f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.685664] fff00000c7806000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.685759] >fff00000c7806080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.685811] ^ [ 16.685978] fff00000c7806100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.686191] fff00000c7806180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.686348] ================================================================== [ 16.600282] ================================================================== [ 16.600423] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.600523] Write of size 1 at addr fff00000c59ab2eb by task kunit_try_catch/156 [ 16.600583] [ 16.600678] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.600758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.600784] Hardware name: linux,dummy-virt (DT) [ 16.601039] Call trace: [ 16.601198] show_stack+0x20/0x38 (C) [ 16.601291] dump_stack_lvl+0x8c/0xd0 [ 16.601349] print_report+0x118/0x608 [ 16.601396] kasan_report+0xdc/0x128 [ 16.601498] __asan_report_store1_noabort+0x20/0x30 [ 16.601552] krealloc_more_oob_helper+0x60c/0x678 [ 16.601599] krealloc_more_oob+0x20/0x38 [ 16.601658] kunit_try_run_case+0x170/0x3f0 [ 16.601704] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.601755] kthread+0x328/0x630 [ 16.601807] ret_from_fork+0x10/0x20 [ 16.601863] [ 16.601896] Allocated by task 156: [ 16.601939] kasan_save_stack+0x3c/0x68 [ 16.601993] kasan_save_track+0x20/0x40 [ 16.602037] kasan_save_alloc_info+0x40/0x58 [ 16.602076] __kasan_krealloc+0x118/0x178 [ 16.602120] krealloc_noprof+0x128/0x360 [ 16.602161] krealloc_more_oob_helper+0x168/0x678 [ 16.602214] krealloc_more_oob+0x20/0x38 [ 16.602257] kunit_try_run_case+0x170/0x3f0 [ 16.602293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.602334] kthread+0x328/0x630 [ 16.602380] ret_from_fork+0x10/0x20 [ 16.602431] [ 16.602451] The buggy address belongs to the object at fff00000c59ab200 [ 16.602451] which belongs to the cache kmalloc-256 of size 256 [ 16.602514] The buggy address is located 0 bytes to the right of [ 16.602514] allocated 235-byte region [fff00000c59ab200, fff00000c59ab2eb) [ 16.602574] [ 16.602593] The buggy address belongs to the physical page: [ 16.602624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.602693] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.602752] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.602803] page_type: f5(slab) [ 16.602863] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.602921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.602968] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.603025] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.603282] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.603898] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.603960] page dumped because: kasan: bad access detected [ 16.604214] [ 16.604264] Memory state around the buggy address: [ 16.604543] fff00000c59ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.604648] fff00000c59ab200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.604694] >fff00000c59ab280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.605668] ^ [ 16.605741] fff00000c59ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605876] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.605945] ================================================================== [ 16.691532] ================================================================== [ 16.691584] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.691633] Write of size 1 at addr fff00000c78060f0 by task kunit_try_catch/160 [ 16.691681] [ 16.691711] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.691787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.691832] Hardware name: linux,dummy-virt (DT) [ 16.691867] Call trace: [ 16.691889] show_stack+0x20/0x38 (C) [ 16.691936] dump_stack_lvl+0x8c/0xd0 [ 16.691980] print_report+0x118/0x608 [ 16.692049] kasan_report+0xdc/0x128 [ 16.692096] __asan_report_store1_noabort+0x20/0x30 [ 16.692143] krealloc_more_oob_helper+0x5c0/0x678 [ 16.692201] krealloc_large_more_oob+0x20/0x38 [ 16.692247] kunit_try_run_case+0x170/0x3f0 [ 16.692292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.692342] kthread+0x328/0x630 [ 16.692382] ret_from_fork+0x10/0x20 [ 16.692428] [ 16.692453] The buggy address belongs to the physical page: [ 16.692482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 16.693152] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.693250] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.693615] page_type: f8(unknown) [ 16.693934] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.694100] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.694244] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.694367] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.694471] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff [ 16.694526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.694731] page dumped because: kasan: bad access detected [ 16.694938] [ 16.694959] Memory state around the buggy address: [ 16.695023] fff00000c7805f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.695456] fff00000c7806000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.695543] >fff00000c7806080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.695701] ^ [ 16.695810] fff00000c7806100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.695926] fff00000c7806180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.696128] ================================================================== [ 16.606911] ================================================================== [ 16.607362] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.607430] Write of size 1 at addr fff00000c59ab2f0 by task kunit_try_catch/156 [ 16.607717] [ 16.607811] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.608151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.608272] Hardware name: linux,dummy-virt (DT) [ 16.608456] Call trace: [ 16.608483] show_stack+0x20/0x38 (C) [ 16.608770] dump_stack_lvl+0x8c/0xd0 [ 16.608830] print_report+0x118/0x608 [ 16.608875] kasan_report+0xdc/0x128 [ 16.608919] __asan_report_store1_noabort+0x20/0x30 [ 16.608964] krealloc_more_oob_helper+0x5c0/0x678 [ 16.609340] krealloc_more_oob+0x20/0x38 [ 16.609440] kunit_try_run_case+0x170/0x3f0 [ 16.609691] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.609948] kthread+0x328/0x630 [ 16.610327] ret_from_fork+0x10/0x20 [ 16.610558] [ 16.610625] Allocated by task 156: [ 16.610799] kasan_save_stack+0x3c/0x68 [ 16.610915] kasan_save_track+0x20/0x40 [ 16.611243] kasan_save_alloc_info+0x40/0x58 [ 16.611336] __kasan_krealloc+0x118/0x178 [ 16.611381] krealloc_noprof+0x128/0x360 [ 16.611562] krealloc_more_oob_helper+0x168/0x678 [ 16.611655] krealloc_more_oob+0x20/0x38 [ 16.611863] kunit_try_run_case+0x170/0x3f0 [ 16.611908] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.611995] kthread+0x328/0x630 [ 16.612181] ret_from_fork+0x10/0x20 [ 16.612363] [ 16.612503] The buggy address belongs to the object at fff00000c59ab200 [ 16.612503] which belongs to the cache kmalloc-256 of size 256 [ 16.612587] The buggy address is located 5 bytes to the right of [ 16.612587] allocated 235-byte region [fff00000c59ab200, fff00000c59ab2eb) [ 16.612676] [ 16.612705] The buggy address belongs to the physical page: [ 16.613060] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1059aa [ 16.613143] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.613272] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.613348] page_type: f5(slab) [ 16.613539] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.613653] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.613933] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.614071] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.614655] head: 0bfffe0000000001 ffffc1ffc3166a81 00000000ffffffff 00000000ffffffff [ 16.614801] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.615010] page dumped because: kasan: bad access detected [ 16.615074] [ 16.615092] Memory state around the buggy address: [ 16.615268] fff00000c59ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.615472] fff00000c59ab200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.615578] >fff00000c59ab280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.615618] ^ [ 16.615686] fff00000c59ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.615877] fff00000c59ab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.616056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.586355] ================================================================== [ 16.586439] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.586570] Read of size 1 at addr fff00000c78b0000 by task kunit_try_catch/154 [ 16.586621] [ 16.586669] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.586750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.586776] Hardware name: linux,dummy-virt (DT) [ 16.586971] Call trace: [ 16.587055] show_stack+0x20/0x38 (C) [ 16.587201] dump_stack_lvl+0x8c/0xd0 [ 16.587384] print_report+0x118/0x608 [ 16.587507] kasan_report+0xdc/0x128 [ 16.587639] __asan_report_load1_noabort+0x20/0x30 [ 16.587691] page_alloc_uaf+0x328/0x350 [ 16.587898] kunit_try_run_case+0x170/0x3f0 [ 16.587959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.588259] kthread+0x328/0x630 [ 16.588393] ret_from_fork+0x10/0x20 [ 16.588511] [ 16.588700] The buggy address belongs to the physical page: [ 16.588737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078b0 [ 16.588888] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.589006] page_type: f0(buddy) [ 16.589112] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 16.589166] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.589524] page dumped because: kasan: bad access detected [ 16.589663] [ 16.589772] Memory state around the buggy address: [ 16.589910] fff00000c78aff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.589994] fff00000c78aff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.590133] >fff00000c78b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.590171] ^ [ 16.590217] fff00000c78b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.590469] fff00000c78b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.590755] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.563786] ================================================================== [ 16.564209] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.564572] Free of addr fff00000c7804001 by task kunit_try_catch/150 [ 16.564675] [ 16.564735] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.564961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.565261] Hardware name: linux,dummy-virt (DT) [ 16.565303] Call trace: [ 16.565325] show_stack+0x20/0x38 (C) [ 16.565607] dump_stack_lvl+0x8c/0xd0 [ 16.565669] print_report+0x118/0x608 [ 16.565797] kasan_report_invalid_free+0xc0/0xe8 [ 16.565851] __kasan_kfree_large+0x5c/0xa8 [ 16.565919] free_large_kmalloc+0x64/0x190 [ 16.566156] kfree+0x270/0x3c8 [ 16.566352] kmalloc_large_invalid_free+0x108/0x270 [ 16.566570] kunit_try_run_case+0x170/0x3f0 [ 16.566705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.566777] kthread+0x328/0x630 [ 16.566981] ret_from_fork+0x10/0x20 [ 16.567208] [ 16.567244] The buggy address belongs to the physical page: [ 16.567275] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804 [ 16.567329] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.567401] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.567453] page_type: f8(unknown) [ 16.567490] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.567537] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.567584] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.567651] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.567698] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff [ 16.567743] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.567780] page dumped because: kasan: bad access detected [ 16.567810] [ 16.567827] Memory state around the buggy address: [ 16.567857] fff00000c7803f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567897] fff00000c7803f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.567937] >fff00000c7804000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.567972] ^ [ 16.567999] fff00000c7804080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.568059] fff00000c7804100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.568129] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.547522] ================================================================== [ 16.547586] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.547630] Read of size 1 at addr fff00000c7800000 by task kunit_try_catch/148 [ 16.547676] [ 16.548816] CPU: 0 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.548956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.549055] Hardware name: linux,dummy-virt (DT) [ 16.549104] Call trace: [ 16.549128] show_stack+0x20/0x38 (C) [ 16.549334] dump_stack_lvl+0x8c/0xd0 [ 16.549477] print_report+0x118/0x608 [ 16.549704] kasan_report+0xdc/0x128 [ 16.549781] __asan_report_load1_noabort+0x20/0x30 [ 16.550225] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.550297] kunit_try_run_case+0x170/0x3f0 [ 16.550377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.551120] kthread+0x328/0x630 [ 16.551270] ret_from_fork+0x10/0x20 [ 16.551320] [ 16.551341] The buggy address belongs to the physical page: [ 16.551398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 16.551755] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.552121] raw: 0bfffe0000000000 ffffc1ffc31e0108 fff00000da457c40 0000000000000000 [ 16.552213] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.552409] page dumped because: kasan: bad access detected [ 16.552587] [ 16.552611] Memory state around the buggy address: [ 16.552849] fff00000c77fff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552971] fff00000c77fff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553124] >fff00000c7800000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.553242] ^ [ 16.553271] fff00000c7800080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.553323] fff00000c7800100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.553361] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.535680] ================================================================== [ 16.536000] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.536129] Write of size 1 at addr fff00000c780200a by task kunit_try_catch/146 [ 16.536176] [ 16.536207] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.536285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.536332] Hardware name: linux,dummy-virt (DT) [ 16.536362] Call trace: [ 16.536398] show_stack+0x20/0x38 (C) [ 16.536452] dump_stack_lvl+0x8c/0xd0 [ 16.536497] print_report+0x118/0x608 [ 16.536864] kasan_report+0xdc/0x128 [ 16.536915] __asan_report_store1_noabort+0x20/0x30 [ 16.536962] kmalloc_large_oob_right+0x278/0x2b8 [ 16.537403] kunit_try_run_case+0x170/0x3f0 [ 16.537484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.537621] kthread+0x328/0x630 [ 16.537696] ret_from_fork+0x10/0x20 [ 16.538060] [ 16.538270] The buggy address belongs to the physical page: [ 16.538345] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 16.538479] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.538643] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.538716] page_type: f8(unknown) [ 16.538781] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.539074] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.539283] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.539375] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.539531] head: 0bfffe0000000002 ffffc1ffc31e0001 00000000ffffffff 00000000ffffffff [ 16.539579] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.540006] page dumped because: kasan: bad access detected [ 16.540191] [ 16.540381] Memory state around the buggy address: [ 16.540464] fff00000c7801f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.540620] fff00000c7801f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.540759] >fff00000c7802000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.540859] ^ [ 16.540937] fff00000c7802080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.541041] fff00000c7802100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.541079] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.517862] ================================================================== [ 16.518480] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.518798] Write of size 1 at addr fff00000c6625f00 by task kunit_try_catch/144 [ 16.518862] [ 16.519052] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.519143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.519169] Hardware name: linux,dummy-virt (DT) [ 16.519199] Call trace: [ 16.519245] show_stack+0x20/0x38 (C) [ 16.519322] dump_stack_lvl+0x8c/0xd0 [ 16.519366] print_report+0x118/0x608 [ 16.519542] kasan_report+0xdc/0x128 [ 16.519609] __asan_report_store1_noabort+0x20/0x30 [ 16.519781] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.519864] kunit_try_run_case+0x170/0x3f0 [ 16.519925] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.520118] kthread+0x328/0x630 [ 16.520174] ret_from_fork+0x10/0x20 [ 16.520557] [ 16.520726] Allocated by task 144: [ 16.520820] kasan_save_stack+0x3c/0x68 [ 16.520869] kasan_save_track+0x20/0x40 [ 16.520905] kasan_save_alloc_info+0x40/0x58 [ 16.520943] __kasan_kmalloc+0xd4/0xd8 [ 16.520997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.521643] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.521717] kunit_try_run_case+0x170/0x3f0 [ 16.521846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.521901] kthread+0x328/0x630 [ 16.522110] ret_from_fork+0x10/0x20 [ 16.522308] [ 16.522407] The buggy address belongs to the object at fff00000c6624000 [ 16.522407] which belongs to the cache kmalloc-8k of size 8192 [ 16.522506] The buggy address is located 0 bytes to the right of [ 16.522506] allocated 7936-byte region [fff00000c6624000, fff00000c6625f00) [ 16.522728] [ 16.522807] The buggy address belongs to the physical page: [ 16.522886] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106620 [ 16.522941] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.523292] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.523404] page_type: f5(slab) [ 16.523448] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.523517] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.523991] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.524085] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.524393] head: 0bfffe0000000003 ffffc1ffc3198801 00000000ffffffff 00000000ffffffff [ 16.524576] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.524662] page dumped because: kasan: bad access detected [ 16.524701] [ 16.524719] Memory state around the buggy address: [ 16.524749] fff00000c6625e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.524791] fff00000c6625e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.524831] >fff00000c6625f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.524867] ^ [ 16.525026] fff00000c6625f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525286] fff00000c6626000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.525385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.505392] ================================================================== [ 16.505446] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.505494] Write of size 1 at addr fff00000c652dd78 by task kunit_try_catch/142 [ 16.505798] [ 16.505951] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.506078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.506147] Hardware name: linux,dummy-virt (DT) [ 16.506195] Call trace: [ 16.506280] show_stack+0x20/0x38 (C) [ 16.506333] dump_stack_lvl+0x8c/0xd0 [ 16.506388] print_report+0x118/0x608 [ 16.506575] kasan_report+0xdc/0x128 [ 16.506774] __asan_report_store1_noabort+0x20/0x30 [ 16.506836] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.506886] kunit_try_run_case+0x170/0x3f0 [ 16.506931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.507232] kthread+0x328/0x630 [ 16.507458] ret_from_fork+0x10/0x20 [ 16.507533] [ 16.507583] Allocated by task 142: [ 16.507630] kasan_save_stack+0x3c/0x68 [ 16.507741] kasan_save_track+0x20/0x40 [ 16.507792] kasan_save_alloc_info+0x40/0x58 [ 16.507831] __kasan_kmalloc+0xd4/0xd8 [ 16.507884] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.507944] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.508138] kunit_try_run_case+0x170/0x3f0 [ 16.508192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.508372] kthread+0x328/0x630 [ 16.508415] ret_from_fork+0x10/0x20 [ 16.508507] [ 16.508579] The buggy address belongs to the object at fff00000c652dd00 [ 16.508579] which belongs to the cache kmalloc-128 of size 128 [ 16.508713] The buggy address is located 0 bytes to the right of [ 16.508713] allocated 120-byte region [fff00000c652dd00, fff00000c652dd78) [ 16.508778] [ 16.508797] The buggy address belongs to the physical page: [ 16.508824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.508879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.509072] page_type: f5(slab) [ 16.509148] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.509322] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.509537] page dumped because: kasan: bad access detected [ 16.509604] [ 16.509622] Memory state around the buggy address: [ 16.509899] fff00000c652dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.510201] fff00000c652dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.510379] >fff00000c652dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.510456] ^ [ 16.510511] fff00000c652dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.510800] fff00000c652de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.510895] ================================================================== [ 16.498438] ================================================================== [ 16.498736] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.498800] Write of size 1 at addr fff00000c652dc78 by task kunit_try_catch/142 [ 16.499117] [ 16.499246] CPU: 0 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.499335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.499521] Hardware name: linux,dummy-virt (DT) [ 16.499717] Call trace: [ 16.499770] show_stack+0x20/0x38 (C) [ 16.499823] dump_stack_lvl+0x8c/0xd0 [ 16.499956] print_report+0x118/0x608 [ 16.500076] kasan_report+0xdc/0x128 [ 16.500262] __asan_report_store1_noabort+0x20/0x30 [ 16.500310] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.500623] kunit_try_run_case+0x170/0x3f0 [ 16.500847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.500907] kthread+0x328/0x630 [ 16.500948] ret_from_fork+0x10/0x20 [ 16.500996] [ 16.501015] Allocated by task 142: [ 16.501297] kasan_save_stack+0x3c/0x68 [ 16.501544] kasan_save_track+0x20/0x40 [ 16.501656] kasan_save_alloc_info+0x40/0x58 [ 16.501838] __kasan_kmalloc+0xd4/0xd8 [ 16.501955] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.502129] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.502469] kunit_try_run_case+0x170/0x3f0 [ 16.502597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.502646] kthread+0x328/0x630 [ 16.502677] ret_from_fork+0x10/0x20 [ 16.502711] [ 16.502730] The buggy address belongs to the object at fff00000c652dc00 [ 16.502730] which belongs to the cache kmalloc-128 of size 128 [ 16.502786] The buggy address is located 0 bytes to the right of [ 16.502786] allocated 120-byte region [fff00000c652dc00, fff00000c652dc78) [ 16.502918] [ 16.502945] The buggy address belongs to the physical page: [ 16.502990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10652d [ 16.503071] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.503119] page_type: f5(slab) [ 16.503156] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.503209] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.503273] page dumped because: kasan: bad access detected [ 16.503313] [ 16.503330] Memory state around the buggy address: [ 16.503359] fff00000c652db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.503400] fff00000c652db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503440] >fff00000c652dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.503476] ^ [ 16.503514] fff00000c652dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503555] fff00000c652dd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.503591] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.480074] ================================================================== [ 16.480133] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.480394] Read of size 1 at addr fff00000c7881000 by task kunit_try_catch/140 [ 16.480524] [ 16.480605] CPU: 0 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 16.480697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.480773] Hardware name: linux,dummy-virt (DT) [ 16.480962] Call trace: [ 16.481056] show_stack+0x20/0x38 (C) [ 16.481186] dump_stack_lvl+0x8c/0xd0 [ 16.481261] print_report+0x118/0x608 [ 16.481306] kasan_report+0xdc/0x128 [ 16.481608] __asan_report_load1_noabort+0x20/0x30 [ 16.481827] kmalloc_node_oob_right+0x2f4/0x330 [ 16.481964] kunit_try_run_case+0x170/0x3f0 [ 16.482179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.482312] kthread+0x328/0x630 [ 16.482431] ret_from_fork+0x10/0x20 [ 16.482515] [ 16.482721] Allocated by task 140: [ 16.482859] kasan_save_stack+0x3c/0x68 [ 16.483134] kasan_save_track+0x20/0x40 [ 16.483222] kasan_save_alloc_info+0x40/0x58 [ 16.483407] __kasan_kmalloc+0xd4/0xd8 [ 16.483524] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.483791] kmalloc_node_oob_right+0xbc/0x330 [ 16.483923] kunit_try_run_case+0x170/0x3f0 [ 16.484141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.484260] kthread+0x328/0x630 [ 16.484347] ret_from_fork+0x10/0x20 [ 16.484619] [ 16.484944] The buggy address belongs to the object at fff00000c7880000 [ 16.484944] which belongs to the cache kmalloc-4k of size 4096 [ 16.485019] The buggy address is located 0 bytes to the right of [ 16.485019] allocated 4096-byte region [fff00000c7880000, fff00000c7881000) [ 16.485091] [ 16.485239] The buggy address belongs to the physical page: [ 16.485842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107880 [ 16.486409] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.486511] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.486905] page_type: f5(slab) [ 16.486957] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.487220] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.487563] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.487653] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.487802] head: 0bfffe0000000003 ffffc1ffc31e2001 00000000ffffffff 00000000ffffffff [ 16.487932] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.488141] page dumped because: kasan: bad access detected [ 16.488235] [ 16.488324] Memory state around the buggy address: [ 16.488417] fff00000c7880f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.488465] fff00000c7880f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.488654] >fff00000c7881000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.488866] ^ [ 16.488984] fff00000c7881080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.489136] fff00000c7881100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.489200] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.709942] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.710829] Modules linked in: [ 95.711142] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 95.711784] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.712146] Hardware name: linux,dummy-virt (DT) [ 95.712444] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.712916] pc : intlog10+0x38/0x48 [ 95.713173] lr : intlog10_test+0xe4/0x200 [ 95.713449] sp : ffff8000821f7c10 [ 95.713712] x29: ffff8000821f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.714104] x26: 1ffe0000190f6121 x25: 0000000000000000 x24: ffff8000821f7ce0 [ 95.714587] x23: ffff8000821f7d00 x22: 0000000000000000 x21: 1ffff0001043ef82 [ 95.715042] x20: ffff9660bde89840 x19: ffff800080087990 x18: 00000000075b37a9 [ 95.715481] x17: 0000000033d220ee x16: fff00000c097583c x15: 00000000ddba9fb8 [ 95.715985] x14: 00000000f1f1f1f1 x13: 0000000000000005 x12: ffff72cc183a3381 [ 95.716474] x11: 1ffff2cc183a3380 x10: ffff72cc183a3380 x9 : ffff9660bb43749c [ 95.716945] x8 : ffff9660c1d19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.717910] x5 : ffff70001043ef82 x4 : 1ffff00010010f3a x3 : 1ffff2cc17bd1308 [ 95.718375] x2 : 1ffff2cc17bd1308 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.718821] Call trace: [ 95.719008] intlog10+0x38/0x48 (P) [ 95.719257] kunit_try_run_case+0x170/0x3f0 [ 95.719505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.719829] kthread+0x328/0x630 [ 95.720078] ret_from_fork+0x10/0x20 [ 95.720329] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.657372] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.661611] Modules linked in: [ 95.662273] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 95.663349] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.663885] Hardware name: linux,dummy-virt (DT) [ 95.664299] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.664606] pc : intlog2+0xd8/0xf8 [ 95.665108] lr : intlog2_test+0xe4/0x200 [ 95.665555] sp : ffff800082237c10 [ 95.665982] x29: ffff800082237c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.666768] x26: 1ffe00001909d5a1 x25: 0000000000000000 x24: ffff800082237ce0 [ 95.667319] x23: ffff800082237d00 x22: 0000000000000000 x21: 1ffff00010446f82 [ 95.667674] x20: ffff9660bde89740 x19: ffff800080087990 x18: 00000000767d5e13 [ 95.668047] x17: 000000000ab74e78 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 95.668887] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a7cd x12: ffff72cc183a3381 [ 95.669960] x11: 1ffff2cc183a3380 x10: ffff72cc183a3380 x9 : ffff9660bb43769c [ 95.670834] x8 : ffff9660c1d19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.671617] x5 : ffff700010446f82 x4 : 1ffff00010010f3a x3 : 1ffff2cc17bd12e8 [ 95.672378] x2 : 1ffff2cc17bd12e8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.673277] Call trace: [ 95.673661] intlog2+0xd8/0xf8 (P) [ 95.674312] kunit_try_run_case+0x170/0x3f0 [ 95.674782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.675245] kthread+0x328/0x630 [ 95.675535] ret_from_fork+0x10/0x20 [ 95.675915] ---[ end trace 0000000000000000 ]---