Date
July 5, 2025, 5:09 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.712007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.499810] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 94.349449] Internal error: Oops: 0000000096000005 [#1] SMP [ 94.354241] Modules linked in: [ 94.354889] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 94.356137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 94.356630] Hardware name: linux,dummy-virt (DT) [ 94.357222] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.357749] pc : kunit_test_null_dereference+0x70/0x170 [ 94.358034] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.358284] sp : ffff800080f97d30 [ 94.358465] x29: ffff800080f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 94.359161] x26: 1ffe000018c0aa61 x25: 0000000000000000 x24: 0000000000000004 [ 94.360104] x23: fff00000c605530c x22: ffff9863424241b8 x21: fff00000c1213388 [ 94.361089] x20: 1ffff000101f2fa6 x19: ffff800080087990 x18: 0000000000308f2f [ 94.361842] x17: 0000000000000001 x16: fff00000da453d28 x15: 00000000c75ab387 [ 94.362655] x14: 000000006fcf4341 x13: fff00000c8c8bcc8 x12: fffd8000191918b4 [ 94.363409] x11: 1ffe0000191918b3 x10: fffd8000191918b3 x9 : ffff98634241b620 [ 94.364457] x8 : ffff800080f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 94.365316] x5 : ffff7000101f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 94.366176] x2 : dfff800000000000 x1 : fff00000c8c8bcc0 x0 : ffff800080087990 [ 94.367109] Call trace: [ 94.367489] kunit_test_null_dereference+0x70/0x170 (P) [ 94.367855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.368123] kthread+0x328/0x630 [ 94.368307] ret_from_fork+0x10/0x20 [ 94.368714] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 94.369351] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.821858] ================================================================== [ 50.821948] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.821948] [ 50.822033] Use-after-free read at 0x000000003be18ba6 (in kfence-#149): [ 50.822084] test_krealloc+0x51c/0x830 [ 50.822129] kunit_try_run_case+0x170/0x3f0 [ 50.822172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.822216] kthread+0x328/0x630 [ 50.822254] ret_from_fork+0x10/0x20 [ 50.822294] [ 50.822317] kfence-#149: 0x000000003be18ba6-0x00000000dfb1d0ce, size=32, cache=kmalloc-32 [ 50.822317] [ 50.822368] allocated by task 337 on cpu 0 at 50.821218s (0.001146s ago): [ 50.822436] test_alloc+0x29c/0x628 [ 50.822477] test_krealloc+0xc0/0x830 [ 50.822515] kunit_try_run_case+0x170/0x3f0 [ 50.822555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.822598] kthread+0x328/0x630 [ 50.822633] ret_from_fork+0x10/0x20 [ 50.822674] [ 50.822703] freed by task 337 on cpu 0 at 50.821468s (0.001231s ago): [ 50.822767] krealloc_noprof+0x148/0x360 [ 50.822806] test_krealloc+0x1dc/0x830 [ 50.822844] kunit_try_run_case+0x170/0x3f0 [ 50.822897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.822941] kthread+0x328/0x630 [ 50.822977] ret_from_fork+0x10/0x20 [ 50.823016] [ 50.823062] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.823138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.823168] Hardware name: linux,dummy-virt (DT) [ 50.823202] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.737175] ================================================================== [ 50.737269] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.737269] [ 50.737369] Use-after-free read at 0x00000000107b7c09 (in kfence-#148): [ 50.737424] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.737474] kunit_try_run_case+0x170/0x3f0 [ 50.737521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.737566] kthread+0x328/0x630 [ 50.737607] ret_from_fork+0x10/0x20 [ 50.737649] [ 50.737673] kfence-#148: 0x00000000107b7c09-0x00000000fd2c61e6, size=32, cache=test [ 50.737673] [ 50.737724] allocated by task 335 on cpu 1 at 50.719126s (0.018594s ago): [ 50.737795] test_alloc+0x230/0x628 [ 50.737836] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.737897] kunit_try_run_case+0x170/0x3f0 [ 50.737938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.737982] kthread+0x328/0x630 [ 50.738018] ret_from_fork+0x10/0x20 [ 50.738058] [ 50.738083] freed by task 335 on cpu 1 at 50.719235s (0.018844s ago): [ 50.738139] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.738181] kunit_try_run_case+0x170/0x3f0 [ 50.738220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.738263] kthread+0x328/0x630 [ 50.738298] ret_from_fork+0x10/0x20 [ 50.738339] [ 50.738384] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 50.738459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.738489] Hardware name: linux,dummy-virt (DT) [ 50.738525] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 28.375117] ================================================================== [ 28.375269] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 28.375269] [ 28.375397] Invalid read at 0x0000000013e803b7: [ 28.375498] test_invalid_access+0xdc/0x1f0 [ 28.375577] kunit_try_run_case+0x170/0x3f0 [ 28.375651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.375723] kthread+0x328/0x630 [ 28.375790] ret_from_fork+0x10/0x20 [ 28.375877] [ 28.375950] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.376058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.376114] Hardware name: linux,dummy-virt (DT) [ 28.376175] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 28.147489] ================================================================== [ 28.147583] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.147583] [ 28.147647] Corrupted memory at 0x000000000b02206f [ ! . . . . . . . . . . . . . . . ] (in kfence-#144): [ 28.147969] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.148019] kunit_try_run_case+0x170/0x3f0 [ 28.148062] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.148106] kthread+0x328/0x630 [ 28.148144] ret_from_fork+0x10/0x20 [ 28.148184] [ 28.148207] kfence-#144: 0x000000004791df80-0x0000000071ee3de3, size=73, cache=kmalloc-96 [ 28.148207] [ 28.148262] allocated by task 325 on cpu 0 at 28.147246s (0.001012s ago): [ 28.148324] test_alloc+0x29c/0x628 [ 28.148365] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 28.148408] kunit_try_run_case+0x170/0x3f0 [ 28.148447] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.148490] kthread+0x328/0x630 [ 28.148527] ret_from_fork+0x10/0x20 [ 28.148565] [ 28.148588] freed by task 325 on cpu 0 at 28.147389s (0.001195s ago): [ 28.148649] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 28.148692] kunit_try_run_case+0x170/0x3f0 [ 28.148731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 28.148774] kthread+0x328/0x630 [ 28.148811] ret_from_fork+0x10/0x20 [ 28.148849] [ 28.148902] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 28.148979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.149008] Hardware name: linux,dummy-virt (DT) [ 28.149040] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.835461] ================================================================== [ 27.835555] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.835555] [ 27.835655] Out-of-bounds read at 0x00000000778feb30 (105B right of kfence-#141): [ 27.835715] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.835764] kunit_try_run_case+0x170/0x3f0 [ 27.835809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.835853] kthread+0x328/0x630 [ 27.835906] ret_from_fork+0x10/0x20 [ 27.835946] [ 27.835971] kfence-#141: 0x00000000d2871e64-0x000000000ad212da, size=73, cache=kmalloc-96 [ 27.835971] [ 27.836023] allocated by task 323 on cpu 0 at 27.835209s (0.000810s ago): [ 27.836094] test_alloc+0x29c/0x628 [ 27.836136] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.836180] kunit_try_run_case+0x170/0x3f0 [ 27.836219] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.836264] kthread+0x328/0x630 [ 27.836298] ret_from_fork+0x10/0x20 [ 27.836338] [ 27.836386] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 27.836463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.836492] Hardware name: linux,dummy-virt (DT) [ 27.836527] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 23.779432] ================================================================== [ 23.779523] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.779523] [ 23.779586] Corrupted memory at 0x000000004061e534 [ ! . . . . . . . . . . . . . . . ] (in kfence-#102): [ 23.779902] test_corruption+0x120/0x378 [ 23.779951] kunit_try_run_case+0x170/0x3f0 [ 23.779995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.780042] kthread+0x328/0x630 [ 23.780084] ret_from_fork+0x10/0x20 [ 23.780127] [ 23.780153] kfence-#102: 0x00000000b16e8d0c-0x00000000eb15962f, size=32, cache=test [ 23.780153] [ 23.780206] allocated by task 313 on cpu 0 at 23.779275s (0.000927s ago): [ 23.780268] test_alloc+0x230/0x628 [ 23.780315] test_corruption+0xdc/0x378 [ 23.780357] kunit_try_run_case+0x170/0x3f0 [ 23.780397] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.780441] kthread+0x328/0x630 [ 23.780478] ret_from_fork+0x10/0x20 [ 23.780517] [ 23.780541] freed by task 313 on cpu 0 at 23.779329s (0.001208s ago): [ 23.780604] test_corruption+0x120/0x378 [ 23.780644] kunit_try_run_case+0x170/0x3f0 [ 23.780682] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.780726] kthread+0x328/0x630 [ 23.780762] ret_from_fork+0x10/0x20 [ 23.780802] [ 23.780843] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.780928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.780956] Hardware name: linux,dummy-virt (DT) [ 23.780990] ================================================================== [ 23.675525] ================================================================== [ 23.675607] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.675607] [ 23.675671] Corrupted memory at 0x000000006f112fa9 [ ! ] (in kfence-#101): [ 23.675794] test_corruption+0x284/0x378 [ 23.675842] kunit_try_run_case+0x170/0x3f0 [ 23.675899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.675944] kthread+0x328/0x630 [ 23.675981] ret_from_fork+0x10/0x20 [ 23.676022] [ 23.676045] kfence-#101: 0x000000009a96e01e-0x00000000950ea098, size=32, cache=kmalloc-32 [ 23.676045] [ 23.676100] allocated by task 311 on cpu 0 at 23.675251s (0.000845s ago): [ 23.676160] test_alloc+0x29c/0x628 [ 23.676199] test_corruption+0x198/0x378 [ 23.676240] kunit_try_run_case+0x170/0x3f0 [ 23.676278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.676322] kthread+0x328/0x630 [ 23.676358] ret_from_fork+0x10/0x20 [ 23.676396] [ 23.676418] freed by task 311 on cpu 0 at 23.675354s (0.001061s ago): [ 23.676477] test_corruption+0x284/0x378 [ 23.676517] kunit_try_run_case+0x170/0x3f0 [ 23.676555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.676598] kthread+0x328/0x630 [ 23.676634] ret_from_fork+0x10/0x20 [ 23.676672] [ 23.676713] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.676787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.676815] Hardware name: linux,dummy-virt (DT) [ 23.676848] ================================================================== [ 23.883285] ================================================================== [ 23.883369] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.883369] [ 23.883434] Corrupted memory at 0x000000001b1b19b7 [ ! ] (in kfence-#103): [ 23.883544] test_corruption+0x1d8/0x378 [ 23.883590] kunit_try_run_case+0x170/0x3f0 [ 23.883632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.883678] kthread+0x328/0x630 [ 23.883716] ret_from_fork+0x10/0x20 [ 23.883755] [ 23.883778] kfence-#103: 0x00000000bfc4228f-0x000000005b4baba2, size=32, cache=test [ 23.883778] [ 23.883830] allocated by task 313 on cpu 0 at 23.883157s (0.000669s ago): [ 23.883903] test_alloc+0x230/0x628 [ 23.883944] test_corruption+0x198/0x378 [ 23.883984] kunit_try_run_case+0x170/0x3f0 [ 23.884022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.884065] kthread+0x328/0x630 [ 23.884100] ret_from_fork+0x10/0x20 [ 23.884139] [ 23.884162] freed by task 313 on cpu 0 at 23.883203s (0.000955s ago): [ 23.884222] test_corruption+0x1d8/0x378 [ 23.884260] kunit_try_run_case+0x170/0x3f0 [ 23.884300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.884343] kthread+0x328/0x630 [ 23.884377] ret_from_fork+0x10/0x20 [ 23.884416] [ 23.884459] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.884532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.884561] Hardware name: linux,dummy-virt (DT) [ 23.884594] ================================================================== [ 23.572951] ================================================================== [ 23.573059] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 23.573059] [ 23.573126] Corrupted memory at 0x0000000015c387d2 [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 23.574251] test_corruption+0x278/0x378 [ 23.574305] kunit_try_run_case+0x170/0x3f0 [ 23.574349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.574395] kthread+0x328/0x630 [ 23.574434] ret_from_fork+0x10/0x20 [ 23.574474] [ 23.574499] kfence-#100: 0x00000000eebcb66c-0x00000000f63dddb2, size=32, cache=kmalloc-32 [ 23.574499] [ 23.574553] allocated by task 311 on cpu 0 at 23.572662s (0.001887s ago): [ 23.574616] test_alloc+0x29c/0x628 [ 23.574656] test_corruption+0xdc/0x378 [ 23.574697] kunit_try_run_case+0x170/0x3f0 [ 23.574736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.574781] kthread+0x328/0x630 [ 23.574816] ret_from_fork+0x10/0x20 [ 23.574855] [ 23.574892] freed by task 311 on cpu 0 at 23.572762s (0.002126s ago): [ 23.574952] test_corruption+0x278/0x378 [ 23.574993] kunit_try_run_case+0x170/0x3f0 [ 23.575032] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.575077] kthread+0x328/0x630 [ 23.575114] ret_from_fork+0x10/0x20 [ 23.575153] [ 23.575196] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.575272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.575302] Hardware name: linux,dummy-virt (DT) [ 23.575337] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.363275] ================================================================== [ 23.363364] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 23.363364] [ 23.363429] Invalid free of 0x0000000045ba59e7 (in kfence-#98): [ 23.363482] test_invalid_addr_free+0xec/0x238 [ 23.363527] kunit_try_run_case+0x170/0x3f0 [ 23.363569] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.363614] kthread+0x328/0x630 [ 23.363651] ret_from_fork+0x10/0x20 [ 23.363691] [ 23.363716] kfence-#98: 0x00000000331b1fe3-0x000000007724903e, size=32, cache=test [ 23.363716] [ 23.363767] allocated by task 309 on cpu 0 at 23.363156s (0.000608s ago): [ 23.363830] test_alloc+0x230/0x628 [ 23.363883] test_invalid_addr_free+0xd4/0x238 [ 23.363926] kunit_try_run_case+0x170/0x3f0 [ 23.363964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.364007] kthread+0x328/0x630 [ 23.364042] ret_from_fork+0x10/0x20 [ 23.364083] [ 23.364123] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.364200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.364227] Hardware name: linux,dummy-virt (DT) [ 23.364261] ================================================================== [ 23.259329] ================================================================== [ 23.259410] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.259410] [ 23.259475] Invalid free of 0x00000000fa30401e (in kfence-#97): [ 23.259524] test_invalid_addr_free+0x1ac/0x238 [ 23.259573] kunit_try_run_case+0x170/0x3f0 [ 23.259616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.259661] kthread+0x328/0x630 [ 23.259699] ret_from_fork+0x10/0x20 [ 23.259739] [ 23.259764] kfence-#97: 0x00000000d21bbeee-0x000000007a7c686c, size=32, cache=kmalloc-32 [ 23.259764] [ 23.259817] allocated by task 307 on cpu 0 at 23.259190s (0.000624s ago): [ 23.259894] test_alloc+0x29c/0x628 [ 23.259934] test_invalid_addr_free+0xd4/0x238 [ 23.259976] kunit_try_run_case+0x170/0x3f0 [ 23.260016] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.260060] kthread+0x328/0x630 [ 23.260095] ret_from_fork+0x10/0x20 [ 23.260135] [ 23.260177] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.260256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.260284] Hardware name: linux,dummy-virt (DT) [ 23.260319] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.048549] ================================================================== [ 23.048668] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.048668] [ 23.048734] Invalid free of 0x00000000d0e19250 (in kfence-#95): [ 23.048823] test_double_free+0x1bc/0x238 [ 23.048883] kunit_try_run_case+0x170/0x3f0 [ 23.048929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.048971] kthread+0x328/0x630 [ 23.049010] ret_from_fork+0x10/0x20 [ 23.049077] [ 23.049105] kfence-#95: 0x00000000d0e19250-0x000000005dec63b7, size=32, cache=kmalloc-32 [ 23.049105] [ 23.049158] allocated by task 303 on cpu 0 at 23.047969s (0.001185s ago): [ 23.049224] test_alloc+0x29c/0x628 [ 23.049265] test_double_free+0xd4/0x238 [ 23.049323] kunit_try_run_case+0x170/0x3f0 [ 23.049369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.049431] kthread+0x328/0x630 [ 23.049487] ret_from_fork+0x10/0x20 [ 23.049544] [ 23.049603] freed by task 303 on cpu 0 at 23.048191s (0.001378s ago): [ 23.049667] test_double_free+0x1ac/0x238 [ 23.049707] kunit_try_run_case+0x170/0x3f0 [ 23.049746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.049790] kthread+0x328/0x630 [ 23.049824] ret_from_fork+0x10/0x20 [ 23.050248] [ 23.050779] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.050907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.050937] Hardware name: linux,dummy-virt (DT) [ 23.050975] ================================================================== [ 23.157574] ================================================================== [ 23.157693] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.157693] [ 23.157754] Invalid free of 0x00000000ddd58e32 (in kfence-#96): [ 23.157832] test_double_free+0x100/0x238 [ 23.158176] kunit_try_run_case+0x170/0x3f0 [ 23.158227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.158571] kthread+0x328/0x630 [ 23.158674] ret_from_fork+0x10/0x20 [ 23.158794] [ 23.158942] kfence-#96: 0x00000000ddd58e32-0x00000000698c3d6d, size=32, cache=test [ 23.158942] [ 23.159062] allocated by task 305 on cpu 0 at 23.157307s (0.001751s ago): [ 23.159125] test_alloc+0x230/0x628 [ 23.159167] test_double_free+0xd4/0x238 [ 23.159208] kunit_try_run_case+0x170/0x3f0 [ 23.159538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.159918] kthread+0x328/0x630 [ 23.160022] ret_from_fork+0x10/0x20 [ 23.160121] [ 23.160444] freed by task 305 on cpu 0 at 23.157375s (0.003055s ago): [ 23.160887] test_double_free+0xf0/0x238 [ 23.161035] kunit_try_run_case+0x170/0x3f0 [ 23.161106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.161173] kthread+0x328/0x630 [ 23.161320] ret_from_fork+0x10/0x20 [ 23.161408] [ 23.161547] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 23.161628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.162046] Hardware name: linux,dummy-virt (DT) [ 23.162137] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.727928] ================================================================== [ 22.728044] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.728044] [ 22.728216] Use-after-free read at 0x0000000023756843 (in kfence-#92): [ 22.728270] test_use_after_free_read+0x114/0x248 [ 22.728346] kunit_try_run_case+0x170/0x3f0 [ 22.728614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.728694] kthread+0x328/0x630 [ 22.728743] ret_from_fork+0x10/0x20 [ 22.728845] [ 22.728936] kfence-#92: 0x0000000023756843-0x000000004382e9bf, size=32, cache=test [ 22.728936] [ 22.729024] allocated by task 297 on cpu 0 at 22.727439s (0.001574s ago): [ 22.729148] test_alloc+0x230/0x628 [ 22.729381] test_use_after_free_read+0xd0/0x248 [ 22.729500] kunit_try_run_case+0x170/0x3f0 [ 22.729544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.729588] kthread+0x328/0x630 [ 22.729624] ret_from_fork+0x10/0x20 [ 22.729682] [ 22.729811] freed by task 297 on cpu 0 at 22.727513s (0.002246s ago): [ 22.730170] test_use_after_free_read+0xf0/0x248 [ 22.730266] kunit_try_run_case+0x170/0x3f0 [ 22.730309] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.730353] kthread+0x328/0x630 [ 22.730390] ret_from_fork+0x10/0x20 [ 22.730471] [ 22.730557] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.731015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.731049] Hardware name: linux,dummy-virt (DT) [ 22.731108] ================================================================== [ 22.620049] ================================================================== [ 22.620147] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.620147] [ 22.620342] Use-after-free read at 0x000000004458ae5c (in kfence-#91): [ 22.620398] test_use_after_free_read+0x114/0x248 [ 22.620447] kunit_try_run_case+0x170/0x3f0 [ 22.620738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.620893] kthread+0x328/0x630 [ 22.620937] ret_from_fork+0x10/0x20 [ 22.621023] [ 22.621048] kfence-#91: 0x000000004458ae5c-0x0000000020e3dcf9, size=32, cache=kmalloc-32 [ 22.621048] [ 22.621165] allocated by task 295 on cpu 0 at 22.619458s (0.001685s ago): [ 22.621237] test_alloc+0x29c/0x628 [ 22.621367] test_use_after_free_read+0xd0/0x248 [ 22.621413] kunit_try_run_case+0x170/0x3f0 [ 22.621467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.621512] kthread+0x328/0x630 [ 22.621683] ret_from_fork+0x10/0x20 [ 22.621735] [ 22.621947] freed by task 295 on cpu 0 at 22.619743s (0.002085s ago): [ 22.622095] test_use_after_free_read+0x1c0/0x248 [ 22.622171] kunit_try_run_case+0x170/0x3f0 [ 22.622239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.622358] kthread+0x328/0x630 [ 22.622395] ret_from_fork+0x10/0x20 [ 22.622673] [ 22.622767] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.622988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.623039] Hardware name: linux,dummy-virt (DT) [ 22.623101] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.507489] ================================================================== [ 22.508176] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.508176] [ 22.508267] Out-of-bounds write at 0x00000000e2281e01 (1B left of kfence-#90): [ 22.508592] test_out_of_bounds_write+0x100/0x240 [ 22.508739] kunit_try_run_case+0x170/0x3f0 [ 22.508795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.508839] kthread+0x328/0x630 [ 22.509019] ret_from_fork+0x10/0x20 [ 22.509063] [ 22.509090] kfence-#90: 0x00000000219e4bfc-0x00000000dbb11ab0, size=32, cache=test [ 22.509090] [ 22.509501] allocated by task 293 on cpu 0 at 22.507397s (0.001742s ago): [ 22.509946] test_alloc+0x230/0x628 [ 22.510032] test_out_of_bounds_write+0xc8/0x240 [ 22.510125] kunit_try_run_case+0x170/0x3f0 [ 22.510169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.510212] kthread+0x328/0x630 [ 22.510555] ret_from_fork+0x10/0x20 [ 22.510690] [ 22.510775] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.510977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.511029] Hardware name: linux,dummy-virt (DT) [ 22.511076] ================================================================== [ 22.396237] ================================================================== [ 22.396320] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.396320] [ 22.396413] Out-of-bounds write at 0x000000009a78d8ef (1B left of kfence-#89): [ 22.396467] test_out_of_bounds_write+0x100/0x240 [ 22.396514] kunit_try_run_case+0x170/0x3f0 [ 22.396558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.396600] kthread+0x328/0x630 [ 22.396693] ret_from_fork+0x10/0x20 [ 22.396749] [ 22.396800] kfence-#89: 0x000000009eb0880e-0x000000000f6201e8, size=32, cache=kmalloc-32 [ 22.396800] [ 22.396927] allocated by task 291 on cpu 0 at 22.395754s (0.001095s ago): [ 22.396997] test_alloc+0x29c/0x628 [ 22.397055] test_out_of_bounds_write+0xc8/0x240 [ 22.397117] kunit_try_run_case+0x170/0x3f0 [ 22.397159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.397436] kthread+0x328/0x630 [ 22.397499] ret_from_fork+0x10/0x20 [ 22.397567] [ 22.397624] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.397701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.397729] Hardware name: linux,dummy-virt (DT) [ 22.397764] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.321833] ================================================================== [ 20.321927] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 20.322135] Read of size 1 at addr ffff800080a77b4a by task kunit_try_catch/253 [ 20.322186] [ 20.322220] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.322304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.322485] Hardware name: linux,dummy-virt (DT) [ 20.322591] Call trace: [ 20.322620] show_stack+0x20/0x38 (C) [ 20.322686] dump_stack_lvl+0x8c/0xd0 [ 20.322735] print_report+0x310/0x608 [ 20.322923] kasan_report+0xdc/0x128 [ 20.323112] __asan_report_load1_noabort+0x20/0x30 [ 20.323210] kasan_alloca_oob_right+0x2dc/0x340 [ 20.323362] kunit_try_run_case+0x170/0x3f0 [ 20.323462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.323545] kthread+0x328/0x630 [ 20.323590] ret_from_fork+0x10/0x20 [ 20.323638] [ 20.323661] The buggy address belongs to stack of task kunit_try_catch/253 [ 20.323718] [ 20.323742] The buggy address belongs to the virtual mapping at [ 20.323742] [ffff800080a70000, ffff800080a79000) created by: [ 20.323742] kernel_clone+0x150/0x7a8 [ 20.324131] [ 20.324227] The buggy address belongs to the physical page: [ 20.324492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078bc [ 20.324572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.324718] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.324808] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.324874] page dumped because: kasan: bad access detected [ 20.325058] [ 20.325091] Memory state around the buggy address: [ 20.325135] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.325212] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.325256] >ffff800080a77b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.325298] ^ [ 20.325336] ffff800080a77b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.325440] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.325481] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.436841] ================================================================== [ 21.436972] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.436972] [ 21.437098] Out-of-bounds read at 0x00000000b6a2ff98 (1B left of kfence-#80): [ 21.437876] test_out_of_bounds_read+0x114/0x3e0 [ 21.438349] kunit_try_run_case+0x170/0x3f0 [ 21.438426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.438470] kthread+0x328/0x630 [ 21.438665] ret_from_fork+0x10/0x20 [ 21.438990] [ 21.439426] kfence-#80: 0x00000000d1c48644-0x0000000044045e4a, size=32, cache=kmalloc-32 [ 21.439426] [ 21.439909] allocated by task 287 on cpu 0 at 21.435838s (0.003745s ago): [ 21.441363] test_alloc+0x29c/0x628 [ 21.441742] test_out_of_bounds_read+0xdc/0x3e0 [ 21.441827] kunit_try_run_case+0x170/0x3f0 [ 21.441963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.442107] kthread+0x328/0x630 [ 21.442155] ret_from_fork+0x10/0x20 [ 21.442358] [ 21.442455] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.442555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.442594] Hardware name: linux,dummy-virt (DT) [ 21.442633] ================================================================== [ 22.179678] ================================================================== [ 22.179761] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.179761] [ 22.180107] Out-of-bounds read at 0x0000000049ebdb83 (32B right of kfence-#87): [ 22.180171] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.180249] kunit_try_run_case+0x170/0x3f0 [ 22.180433] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.180478] kthread+0x328/0x630 [ 22.180669] ret_from_fork+0x10/0x20 [ 22.180773] [ 22.180797] kfence-#87: 0x000000005ccdb84e-0x0000000058e0420a, size=32, cache=test [ 22.180797] [ 22.181101] allocated by task 289 on cpu 0 at 22.179439s (0.001636s ago): [ 22.181256] test_alloc+0x230/0x628 [ 22.181302] test_out_of_bounds_read+0x198/0x3e0 [ 22.181360] kunit_try_run_case+0x170/0x3f0 [ 22.181540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.181596] kthread+0x328/0x630 [ 22.181727] ret_from_fork+0x10/0x20 [ 22.181827] [ 22.181920] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.182148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.182312] Hardware name: linux,dummy-virt (DT) [ 22.182464] ================================================================== [ 21.968940] ================================================================== [ 21.969381] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.969381] [ 21.969789] Out-of-bounds read at 0x000000007f076f59 (32B right of kfence-#85): [ 21.970147] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.970209] kunit_try_run_case+0x170/0x3f0 [ 21.970254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.970312] kthread+0x328/0x630 [ 21.970353] ret_from_fork+0x10/0x20 [ 21.970403] [ 21.970433] kfence-#85: 0x000000000ddae7d0-0x00000000d9fe8d73, size=32, cache=kmalloc-32 [ 21.970433] [ 21.970493] allocated by task 287 on cpu 0 at 21.967985s (0.002497s ago): [ 21.970563] test_alloc+0x29c/0x628 [ 21.970603] test_out_of_bounds_read+0x198/0x3e0 [ 21.970654] kunit_try_run_case+0x170/0x3f0 [ 21.970695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.970739] kthread+0x328/0x630 [ 21.971667] ret_from_fork+0x10/0x20 [ 21.971814] [ 21.971905] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.972065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.972125] Hardware name: linux,dummy-virt (DT) [ 21.972170] ================================================================== [ 22.072796] ================================================================== [ 22.072885] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.072885] [ 22.072966] Out-of-bounds read at 0x00000000c03f4a06 (1B left of kfence-#86): [ 22.073022] test_out_of_bounds_read+0x114/0x3e0 [ 22.073069] kunit_try_run_case+0x170/0x3f0 [ 22.073112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.073154] kthread+0x328/0x630 [ 22.074410] ret_from_fork+0x10/0x20 [ 22.074847] [ 22.075403] kfence-#86: 0x00000000fd8a4f4e-0x00000000e6cffa40, size=32, cache=test [ 22.075403] [ 22.075525] allocated by task 289 on cpu 0 at 22.072527s (0.002993s ago): [ 22.075776] test_alloc+0x230/0x628 [ 22.075934] test_out_of_bounds_read+0xdc/0x3e0 [ 22.076174] kunit_try_run_case+0x170/0x3f0 [ 22.076226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.076270] kthread+0x328/0x630 [ 22.076816] ret_from_fork+0x10/0x20 [ 22.076895] [ 22.077103] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 22.077288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.077320] Hardware name: linux,dummy-virt (DT) [ 22.077435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 21.315675] ================================================================== [ 21.315763] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 21.315887] Write of size 1 at addr fff00000c6398d78 by task kunit_try_catch/285 [ 21.315940] [ 21.315969] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.316286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.316318] Hardware name: linux,dummy-virt (DT) [ 21.316389] Call trace: [ 21.316469] show_stack+0x20/0x38 (C) [ 21.316553] dump_stack_lvl+0x8c/0xd0 [ 21.316621] print_report+0x118/0x608 [ 21.316669] kasan_report+0xdc/0x128 [ 21.316834] __asan_report_store1_noabort+0x20/0x30 [ 21.316894] strncpy_from_user+0x270/0x2a0 [ 21.316944] copy_user_test_oob+0x5c0/0xec8 [ 21.316990] kunit_try_run_case+0x170/0x3f0 [ 21.317137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.317223] kthread+0x328/0x630 [ 21.317304] ret_from_fork+0x10/0x20 [ 21.317403] [ 21.317423] Allocated by task 285: [ 21.317485] kasan_save_stack+0x3c/0x68 [ 21.317583] kasan_save_track+0x20/0x40 [ 21.317897] kasan_save_alloc_info+0x40/0x58 [ 21.318041] __kasan_kmalloc+0xd4/0xd8 [ 21.318128] __kmalloc_noprof+0x198/0x4c8 [ 21.318197] kunit_kmalloc_array+0x34/0x88 [ 21.318272] copy_user_test_oob+0xac/0xec8 [ 21.318369] kunit_try_run_case+0x170/0x3f0 [ 21.318445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.318502] kthread+0x328/0x630 [ 21.318536] ret_from_fork+0x10/0x20 [ 21.318574] [ 21.318594] The buggy address belongs to the object at fff00000c6398d00 [ 21.318594] which belongs to the cache kmalloc-128 of size 128 [ 21.318653] The buggy address is located 0 bytes to the right of [ 21.318653] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.318855] [ 21.318948] The buggy address belongs to the physical page: [ 21.319018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.319101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.319285] page_type: f5(slab) [ 21.319378] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.319504] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.319632] page dumped because: kasan: bad access detected [ 21.319719] [ 21.319844] Memory state around the buggy address: [ 21.319940] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.320018] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320119] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.320223] ^ [ 21.320312] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320386] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320435] ================================================================== [ 21.312153] ================================================================== [ 21.312207] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 21.312371] Write of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.312433] [ 21.312527] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.312607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.312634] Hardware name: linux,dummy-virt (DT) [ 21.312730] Call trace: [ 21.312755] show_stack+0x20/0x38 (C) [ 21.312832] dump_stack_lvl+0x8c/0xd0 [ 21.313029] print_report+0x118/0x608 [ 21.313170] kasan_report+0xdc/0x128 [ 21.313256] kasan_check_range+0x100/0x1a8 [ 21.313327] __kasan_check_write+0x20/0x30 [ 21.313375] strncpy_from_user+0x3c/0x2a0 [ 21.313536] copy_user_test_oob+0x5c0/0xec8 [ 21.313588] kunit_try_run_case+0x170/0x3f0 [ 21.313709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.313787] kthread+0x328/0x630 [ 21.313878] ret_from_fork+0x10/0x20 [ 21.313946] [ 21.313975] Allocated by task 285: [ 21.314007] kasan_save_stack+0x3c/0x68 [ 21.314048] kasan_save_track+0x20/0x40 [ 21.314087] kasan_save_alloc_info+0x40/0x58 [ 21.314129] __kasan_kmalloc+0xd4/0xd8 [ 21.314166] __kmalloc_noprof+0x198/0x4c8 [ 21.314237] kunit_kmalloc_array+0x34/0x88 [ 21.314358] copy_user_test_oob+0xac/0xec8 [ 21.314437] kunit_try_run_case+0x170/0x3f0 [ 21.314494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.314540] kthread+0x328/0x630 [ 21.314575] ret_from_fork+0x10/0x20 [ 21.314611] [ 21.314631] The buggy address belongs to the object at fff00000c6398d00 [ 21.314631] which belongs to the cache kmalloc-128 of size 128 [ 21.314690] The buggy address is located 0 bytes inside of [ 21.314690] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.314752] [ 21.314774] The buggy address belongs to the physical page: [ 21.314805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.314870] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.314930] page_type: f5(slab) [ 21.314977] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.315034] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.315086] page dumped because: kasan: bad access detected [ 21.315119] [ 21.315148] Memory state around the buggy address: [ 21.315181] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.315234] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.315280] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.315320] ^ [ 21.315366] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.315414] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.315460] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 21.299387] ================================================================== [ 21.299446] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 21.299659] Read of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.299721] [ 21.299770] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.299891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.299939] Hardware name: linux,dummy-virt (DT) [ 21.300002] Call trace: [ 21.300030] show_stack+0x20/0x38 (C) [ 21.300096] dump_stack_lvl+0x8c/0xd0 [ 21.300186] print_report+0x118/0x608 [ 21.300235] kasan_report+0xdc/0x128 [ 21.300295] kasan_check_range+0x100/0x1a8 [ 21.300343] __kasan_check_read+0x20/0x30 [ 21.300389] copy_user_test_oob+0x3c8/0xec8 [ 21.300459] kunit_try_run_case+0x170/0x3f0 [ 21.300510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.300562] kthread+0x328/0x630 [ 21.300604] ret_from_fork+0x10/0x20 [ 21.300651] [ 21.300672] Allocated by task 285: [ 21.300782] kasan_save_stack+0x3c/0x68 [ 21.300849] kasan_save_track+0x20/0x40 [ 21.300905] kasan_save_alloc_info+0x40/0x58 [ 21.300948] __kasan_kmalloc+0xd4/0xd8 [ 21.300985] __kmalloc_noprof+0x198/0x4c8 [ 21.301042] kunit_kmalloc_array+0x34/0x88 [ 21.301095] copy_user_test_oob+0xac/0xec8 [ 21.301141] kunit_try_run_case+0x170/0x3f0 [ 21.301196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.301242] kthread+0x328/0x630 [ 21.301276] ret_from_fork+0x10/0x20 [ 21.301312] [ 21.301358] The buggy address belongs to the object at fff00000c6398d00 [ 21.301358] which belongs to the cache kmalloc-128 of size 128 [ 21.301489] The buggy address is located 0 bytes inside of [ 21.301489] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.301552] [ 21.301612] The buggy address belongs to the physical page: [ 21.301656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.301707] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.301754] page_type: f5(slab) [ 21.301800] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.301893] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.301937] page dumped because: kasan: bad access detected [ 21.302088] [ 21.302110] Memory state around the buggy address: [ 21.302229] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.302275] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.302318] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.302377] ^ [ 21.302420] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.302505] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.302551] ================================================================== [ 21.284360] ================================================================== [ 21.284478] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 21.284671] Read of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.284770] [ 21.284805] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.284922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.284969] Hardware name: linux,dummy-virt (DT) [ 21.285007] Call trace: [ 21.285056] show_stack+0x20/0x38 (C) [ 21.285107] dump_stack_lvl+0x8c/0xd0 [ 21.285181] print_report+0x118/0x608 [ 21.285228] kasan_report+0xdc/0x128 [ 21.285274] kasan_check_range+0x100/0x1a8 [ 21.285325] __kasan_check_read+0x20/0x30 [ 21.285370] copy_user_test_oob+0x728/0xec8 [ 21.285540] kunit_try_run_case+0x170/0x3f0 [ 21.285622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.285695] kthread+0x328/0x630 [ 21.285766] ret_from_fork+0x10/0x20 [ 21.285973] [ 21.286002] Allocated by task 285: [ 21.286072] kasan_save_stack+0x3c/0x68 [ 21.286117] kasan_save_track+0x20/0x40 [ 21.286157] kasan_save_alloc_info+0x40/0x58 [ 21.286277] __kasan_kmalloc+0xd4/0xd8 [ 21.286358] __kmalloc_noprof+0x198/0x4c8 [ 21.286471] kunit_kmalloc_array+0x34/0x88 [ 21.286514] copy_user_test_oob+0xac/0xec8 [ 21.286588] kunit_try_run_case+0x170/0x3f0 [ 21.286635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.286699] kthread+0x328/0x630 [ 21.286742] ret_from_fork+0x10/0x20 [ 21.286963] [ 21.287010] The buggy address belongs to the object at fff00000c6398d00 [ 21.287010] which belongs to the cache kmalloc-128 of size 128 [ 21.287074] The buggy address is located 0 bytes inside of [ 21.287074] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.287137] [ 21.287162] The buggy address belongs to the physical page: [ 21.287192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.287506] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.287595] page_type: f5(slab) [ 21.287652] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.287726] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.287909] page dumped because: kasan: bad access detected [ 21.288001] [ 21.288022] Memory state around the buggy address: [ 21.288131] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.288221] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288310] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.288426] ^ [ 21.288505] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288589] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.288645] ================================================================== [ 21.274952] ================================================================== [ 21.275056] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 21.275149] Write of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.275206] [ 21.275250] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.275338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.275367] Hardware name: linux,dummy-virt (DT) [ 21.275402] Call trace: [ 21.275440] show_stack+0x20/0x38 (C) [ 21.275492] dump_stack_lvl+0x8c/0xd0 [ 21.275543] print_report+0x118/0x608 [ 21.275599] kasan_report+0xdc/0x128 [ 21.275645] kasan_check_range+0x100/0x1a8 [ 21.275704] __kasan_check_write+0x20/0x30 [ 21.275757] copy_user_test_oob+0x234/0xec8 [ 21.275806] kunit_try_run_case+0x170/0x3f0 [ 21.275854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.275919] kthread+0x328/0x630 [ 21.275963] ret_from_fork+0x10/0x20 [ 21.276058] [ 21.276104] Allocated by task 285: [ 21.276971] kasan_save_stack+0x3c/0x68 [ 21.277080] kasan_save_track+0x20/0x40 [ 21.277244] kasan_save_alloc_info+0x40/0x58 [ 21.277333] __kasan_kmalloc+0xd4/0xd8 [ 21.277434] __kmalloc_noprof+0x198/0x4c8 [ 21.277512] kunit_kmalloc_array+0x34/0x88 [ 21.277623] copy_user_test_oob+0xac/0xec8 [ 21.277690] kunit_try_run_case+0x170/0x3f0 [ 21.277778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.277847] kthread+0x328/0x630 [ 21.277919] ret_from_fork+0x10/0x20 [ 21.278007] [ 21.278056] The buggy address belongs to the object at fff00000c6398d00 [ 21.278056] which belongs to the cache kmalloc-128 of size 128 [ 21.278118] The buggy address is located 0 bytes inside of [ 21.278118] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.278180] [ 21.278226] The buggy address belongs to the physical page: [ 21.278262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.278398] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.278469] page_type: f5(slab) [ 21.278511] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.278565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.278632] page dumped because: kasan: bad access detected [ 21.278777] [ 21.278821] Memory state around the buggy address: [ 21.278908] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.278984] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279048] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.279111] ^ [ 21.279189] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279244] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.279450] ================================================================== [ 21.294107] ================================================================== [ 21.294169] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 21.294224] Write of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.294302] [ 21.294338] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.294420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.294449] Hardware name: linux,dummy-virt (DT) [ 21.294480] Call trace: [ 21.294504] show_stack+0x20/0x38 (C) [ 21.294713] dump_stack_lvl+0x8c/0xd0 [ 21.294824] print_report+0x118/0x608 [ 21.294936] kasan_report+0xdc/0x128 [ 21.295143] kasan_check_range+0x100/0x1a8 [ 21.295318] __kasan_check_write+0x20/0x30 [ 21.295384] copy_user_test_oob+0x35c/0xec8 [ 21.295487] kunit_try_run_case+0x170/0x3f0 [ 21.295574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.295665] kthread+0x328/0x630 [ 21.295748] ret_from_fork+0x10/0x20 [ 21.295886] [ 21.295955] Allocated by task 285: [ 21.296007] kasan_save_stack+0x3c/0x68 [ 21.296093] kasan_save_track+0x20/0x40 [ 21.296250] kasan_save_alloc_info+0x40/0x58 [ 21.296429] __kasan_kmalloc+0xd4/0xd8 [ 21.296510] __kmalloc_noprof+0x198/0x4c8 [ 21.296622] kunit_kmalloc_array+0x34/0x88 [ 21.296731] copy_user_test_oob+0xac/0xec8 [ 21.296812] kunit_try_run_case+0x170/0x3f0 [ 21.296882] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.296966] kthread+0x328/0x630 [ 21.297025] ret_from_fork+0x10/0x20 [ 21.297080] [ 21.297104] The buggy address belongs to the object at fff00000c6398d00 [ 21.297104] which belongs to the cache kmalloc-128 of size 128 [ 21.297161] The buggy address is located 0 bytes inside of [ 21.297161] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.297248] [ 21.297274] The buggy address belongs to the physical page: [ 21.297306] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.297359] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.297407] page_type: f5(slab) [ 21.297445] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.297615] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.297717] page dumped because: kasan: bad access detected [ 21.297806] [ 21.297837] Memory state around the buggy address: [ 21.297917] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.298250] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.298317] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.298452] ^ [ 21.298558] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.298642] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.298683] ================================================================== [ 21.302695] ================================================================== [ 21.302738] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 21.303124] Write of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.303220] [ 21.303279] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.303402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.303436] Hardware name: linux,dummy-virt (DT) [ 21.303467] Call trace: [ 21.303489] show_stack+0x20/0x38 (C) [ 21.303536] dump_stack_lvl+0x8c/0xd0 [ 21.303585] print_report+0x118/0x608 [ 21.303631] kasan_report+0xdc/0x128 [ 21.303678] kasan_check_range+0x100/0x1a8 [ 21.303726] __kasan_check_write+0x20/0x30 [ 21.303773] copy_user_test_oob+0x434/0xec8 [ 21.303820] kunit_try_run_case+0x170/0x3f0 [ 21.303879] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.304087] kthread+0x328/0x630 [ 21.304150] ret_from_fork+0x10/0x20 [ 21.304292] [ 21.304350] Allocated by task 285: [ 21.304434] kasan_save_stack+0x3c/0x68 [ 21.304671] kasan_save_track+0x20/0x40 [ 21.304757] kasan_save_alloc_info+0x40/0x58 [ 21.305105] __kasan_kmalloc+0xd4/0xd8 [ 21.305147] __kmalloc_noprof+0x198/0x4c8 [ 21.305187] kunit_kmalloc_array+0x34/0x88 [ 21.305225] copy_user_test_oob+0xac/0xec8 [ 21.305265] kunit_try_run_case+0x170/0x3f0 [ 21.305305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.305351] kthread+0x328/0x630 [ 21.305386] ret_from_fork+0x10/0x20 [ 21.305422] [ 21.305445] The buggy address belongs to the object at fff00000c6398d00 [ 21.305445] which belongs to the cache kmalloc-128 of size 128 [ 21.305503] The buggy address is located 0 bytes inside of [ 21.305503] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.305566] [ 21.305586] The buggy address belongs to the physical page: [ 21.305618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.305669] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.305716] page_type: f5(slab) [ 21.305754] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.305804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.305846] page dumped because: kasan: bad access detected [ 21.305957] [ 21.306024] Memory state around the buggy address: [ 21.306137] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.306183] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.306227] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.306266] ^ [ 21.306309] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.306363] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.306411] ================================================================== [ 21.306632] ================================================================== [ 21.306707] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 21.307016] Read of size 121 at addr fff00000c6398d00 by task kunit_try_catch/285 [ 21.307124] [ 21.307232] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.307447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.307480] Hardware name: linux,dummy-virt (DT) [ 21.307511] Call trace: [ 21.307535] show_stack+0x20/0x38 (C) [ 21.307586] dump_stack_lvl+0x8c/0xd0 [ 21.307635] print_report+0x118/0x608 [ 21.307681] kasan_report+0xdc/0x128 [ 21.307727] kasan_check_range+0x100/0x1a8 [ 21.307776] __kasan_check_read+0x20/0x30 [ 21.307960] copy_user_test_oob+0x4a0/0xec8 [ 21.308112] kunit_try_run_case+0x170/0x3f0 [ 21.308169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.308268] kthread+0x328/0x630 [ 21.308345] ret_from_fork+0x10/0x20 [ 21.308393] [ 21.308413] Allocated by task 285: [ 21.308443] kasan_save_stack+0x3c/0x68 [ 21.308685] kasan_save_track+0x20/0x40 [ 21.308752] kasan_save_alloc_info+0x40/0x58 [ 21.308872] __kasan_kmalloc+0xd4/0xd8 [ 21.308911] __kmalloc_noprof+0x198/0x4c8 [ 21.309089] kunit_kmalloc_array+0x34/0x88 [ 21.309178] copy_user_test_oob+0xac/0xec8 [ 21.309221] kunit_try_run_case+0x170/0x3f0 [ 21.309346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.309436] kthread+0x328/0x630 [ 21.309513] ret_from_fork+0x10/0x20 [ 21.309569] [ 21.309590] The buggy address belongs to the object at fff00000c6398d00 [ 21.309590] which belongs to the cache kmalloc-128 of size 128 [ 21.309649] The buggy address is located 0 bytes inside of [ 21.309649] allocated 120-byte region [fff00000c6398d00, fff00000c6398d78) [ 21.309870] [ 21.309945] The buggy address belongs to the physical page: [ 21.310012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.310158] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.310254] page_type: f5(slab) [ 21.310381] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.310452] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.310518] page dumped because: kasan: bad access detected [ 21.310559] [ 21.310579] Memory state around the buggy address: [ 21.310613] fff00000c6398c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.310656] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.310710] >fff00000c6398d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.311065] ^ [ 21.311161] fff00000c6398d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.311207] fff00000c6398e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.311247] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.241711] ================================================================== [ 21.241765] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 21.242284] Write of size 8 at addr fff00000c6398c78 by task kunit_try_catch/281 [ 21.242464] [ 21.242501] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.242583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.242800] Hardware name: linux,dummy-virt (DT) [ 21.243195] Call trace: [ 21.243275] show_stack+0x20/0x38 (C) [ 21.243467] dump_stack_lvl+0x8c/0xd0 [ 21.243559] print_report+0x118/0x608 [ 21.243811] kasan_report+0xdc/0x128 [ 21.244132] kasan_check_range+0x100/0x1a8 [ 21.244187] __kasan_check_write+0x20/0x30 [ 21.244300] copy_to_kernel_nofault+0x8c/0x250 [ 21.244964] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 21.245369] kunit_try_run_case+0x170/0x3f0 [ 21.245586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.245681] kthread+0x328/0x630 [ 21.245780] ret_from_fork+0x10/0x20 [ 21.245847] [ 21.245879] Allocated by task 281: [ 21.245919] kasan_save_stack+0x3c/0x68 [ 21.245979] kasan_save_track+0x20/0x40 [ 21.246027] kasan_save_alloc_info+0x40/0x58 [ 21.246082] __kasan_kmalloc+0xd4/0xd8 [ 21.246135] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.246178] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.246218] kunit_try_run_case+0x170/0x3f0 [ 21.246258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.246334] kthread+0x328/0x630 [ 21.246368] ret_from_fork+0x10/0x20 [ 21.246405] [ 21.246426] The buggy address belongs to the object at fff00000c6398c00 [ 21.246426] which belongs to the cache kmalloc-128 of size 128 [ 21.246493] The buggy address is located 0 bytes to the right of [ 21.246493] allocated 120-byte region [fff00000c6398c00, fff00000c6398c78) [ 21.246567] [ 21.246598] The buggy address belongs to the physical page: [ 21.246647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.246708] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.247125] page_type: f5(slab) [ 21.247522] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.247835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.248016] page dumped because: kasan: bad access detected [ 21.248149] [ 21.248209] Memory state around the buggy address: [ 21.248274] fff00000c6398b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.248411] fff00000c6398b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.248489] >fff00000c6398c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.248653] ^ [ 21.248822] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.248941] fff00000c6398d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.249047] ================================================================== [ 21.230186] ================================================================== [ 21.230255] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 21.230322] Read of size 8 at addr fff00000c6398c78 by task kunit_try_catch/281 [ 21.230373] [ 21.230412] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.230496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.231454] Hardware name: linux,dummy-virt (DT) [ 21.232499] Call trace: [ 21.232535] show_stack+0x20/0x38 (C) [ 21.232651] dump_stack_lvl+0x8c/0xd0 [ 21.232705] print_report+0x118/0x608 [ 21.232757] kasan_report+0xdc/0x128 [ 21.232802] __asan_report_load8_noabort+0x20/0x30 [ 21.232849] copy_to_kernel_nofault+0x204/0x250 [ 21.232912] copy_to_kernel_nofault_oob+0x158/0x418 [ 21.232962] kunit_try_run_case+0x170/0x3f0 [ 21.233013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.233067] kthread+0x328/0x630 [ 21.233112] ret_from_fork+0x10/0x20 [ 21.233162] [ 21.233184] Allocated by task 281: [ 21.233218] kasan_save_stack+0x3c/0x68 [ 21.234851] kasan_save_track+0x20/0x40 [ 21.234926] kasan_save_alloc_info+0x40/0x58 [ 21.234969] __kasan_kmalloc+0xd4/0xd8 [ 21.235009] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.235050] copy_to_kernel_nofault_oob+0xc8/0x418 [ 21.235093] kunit_try_run_case+0x170/0x3f0 [ 21.235132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.235178] kthread+0x328/0x630 [ 21.235213] ret_from_fork+0x10/0x20 [ 21.235251] [ 21.235275] The buggy address belongs to the object at fff00000c6398c00 [ 21.235275] which belongs to the cache kmalloc-128 of size 128 [ 21.235336] The buggy address is located 0 bytes to the right of [ 21.235336] allocated 120-byte region [fff00000c6398c00, fff00000c6398c78) [ 21.235400] [ 21.235428] The buggy address belongs to the physical page: [ 21.236073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 21.236143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.236342] page_type: f5(slab) [ 21.236389] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.237899] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.238347] page dumped because: kasan: bad access detected [ 21.238391] [ 21.238412] Memory state around the buggy address: [ 21.238737] fff00000c6398b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.238792] fff00000c6398b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.238839] >fff00000c6398c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.238891] ^ [ 21.239635] fff00000c6398c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.239915] fff00000c6398d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.240004] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 21.176238] ================================================================== [ 21.176402] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 21.176607] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 21.176986] [ 21.177201] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.177306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.177334] Hardware name: linux,dummy-virt (DT) [ 21.177760] Call trace: [ 21.177816] show_stack+0x20/0x38 (C) [ 21.178026] dump_stack_lvl+0x8c/0xd0 [ 21.178305] print_report+0x310/0x608 [ 21.178431] kasan_report+0xdc/0x128 [ 21.178504] __asan_report_load1_noabort+0x20/0x30 [ 21.178559] vmalloc_oob+0x51c/0x5d0 [ 21.178623] kunit_try_run_case+0x170/0x3f0 [ 21.178916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.179089] kthread+0x328/0x630 [ 21.179274] ret_from_fork+0x10/0x20 [ 21.179442] [ 21.179472] The buggy address belongs to the virtual mapping at [ 21.179472] [ffff8000800fe000, ffff800080100000) created by: [ 21.179472] vmalloc_oob+0x98/0x5d0 [ 21.179582] [ 21.179734] The buggy address belongs to the physical page: [ 21.179811] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 21.179985] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.180517] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.180972] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.181084] page dumped because: kasan: bad access detected [ 21.181176] [ 21.181313] Memory state around the buggy address: [ 21.181401] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.181465] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.181659] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.181728] ^ [ 21.182094] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.182333] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.182534] ================================================================== [ 21.171505] ================================================================== [ 21.171967] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 21.172077] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 21.172144] [ 21.172190] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.172285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.172323] Hardware name: linux,dummy-virt (DT) [ 21.172358] Call trace: [ 21.172398] show_stack+0x20/0x38 (C) [ 21.172450] dump_stack_lvl+0x8c/0xd0 [ 21.172500] print_report+0x310/0x608 [ 21.172557] kasan_report+0xdc/0x128 [ 21.172606] __asan_report_load1_noabort+0x20/0x30 [ 21.172660] vmalloc_oob+0x578/0x5d0 [ 21.172705] kunit_try_run_case+0x170/0x3f0 [ 21.172756] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.172819] kthread+0x328/0x630 [ 21.172881] ret_from_fork+0x10/0x20 [ 21.172970] [ 21.173026] The buggy address belongs to the virtual mapping at [ 21.173026] [ffff8000800fe000, ffff800080100000) created by: [ 21.173026] vmalloc_oob+0x98/0x5d0 [ 21.173112] [ 21.173138] The buggy address belongs to the physical page: [ 21.173188] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c3 [ 21.173259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.173324] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.173384] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.173445] page dumped because: kasan: bad access detected [ 21.173491] [ 21.173511] Memory state around the buggy address: [ 21.173554] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.173608] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.173658] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 21.173700] ^ [ 21.173750] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.173795] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 21.173837] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 20.900359] ================================================================== [ 20.900412] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 20.900465] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.900920] [ 20.901000] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.901175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.901234] Hardware name: linux,dummy-virt (DT) [ 20.901267] Call trace: [ 20.901293] show_stack+0x20/0x38 (C) [ 20.901565] dump_stack_lvl+0x8c/0xd0 [ 20.901629] print_report+0x118/0x608 [ 20.902011] kasan_report+0xdc/0x128 [ 20.902083] kasan_check_range+0x100/0x1a8 [ 20.902189] __kasan_check_write+0x20/0x30 [ 20.902257] kasan_atomics_helper+0xe44/0x4858 [ 20.902402] kasan_atomics+0x198/0x2e0 [ 20.902480] kunit_try_run_case+0x170/0x3f0 [ 20.902543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.902775] kthread+0x328/0x630 [ 20.903025] ret_from_fork+0x10/0x20 [ 20.903288] [ 20.903393] Allocated by task 265: [ 20.903538] kasan_save_stack+0x3c/0x68 [ 20.903605] kasan_save_track+0x20/0x40 [ 20.903768] kasan_save_alloc_info+0x40/0x58 [ 20.903992] __kasan_kmalloc+0xd4/0xd8 [ 20.904192] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.904263] kasan_atomics+0xb8/0x2e0 [ 20.904606] kunit_try_run_case+0x170/0x3f0 [ 20.904763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.905083] kthread+0x328/0x630 [ 20.905235] ret_from_fork+0x10/0x20 [ 20.905362] [ 20.905423] The buggy address belongs to the object at fff00000c77daf80 [ 20.905423] which belongs to the cache kmalloc-64 of size 64 [ 20.905752] The buggy address is located 0 bytes to the right of [ 20.905752] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.906012] [ 20.906449] The buggy address belongs to the physical page: [ 20.906516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.906769] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.907015] page_type: f5(slab) [ 20.907070] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.907317] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.907483] page dumped because: kasan: bad access detected [ 20.907584] [ 20.907951] Memory state around the buggy address: [ 20.908000] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.908083] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.908313] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.908453] ^ [ 20.908526] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.908986] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.909176] ================================================================== [ 20.869682] ================================================================== [ 20.869737] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 20.870236] Write of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.870306] [ 20.870343] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.870695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.870926] Hardware name: linux,dummy-virt (DT) [ 20.871118] Call trace: [ 20.871228] show_stack+0x20/0x38 (C) [ 20.871369] dump_stack_lvl+0x8c/0xd0 [ 20.871473] print_report+0x118/0x608 [ 20.871592] kasan_report+0xdc/0x128 [ 20.871643] kasan_check_range+0x100/0x1a8 [ 20.871694] __kasan_check_write+0x20/0x30 [ 20.872023] kasan_atomics_helper+0xd3c/0x4858 [ 20.872347] kasan_atomics+0x198/0x2e0 [ 20.872762] kunit_try_run_case+0x170/0x3f0 [ 20.873142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.873236] kthread+0x328/0x630 [ 20.873282] ret_from_fork+0x10/0x20 [ 20.873576] [ 20.873627] Allocated by task 265: [ 20.873680] kasan_save_stack+0x3c/0x68 [ 20.874029] kasan_save_track+0x20/0x40 [ 20.874123] kasan_save_alloc_info+0x40/0x58 [ 20.874169] __kasan_kmalloc+0xd4/0xd8 [ 20.874453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.874614] kasan_atomics+0xb8/0x2e0 [ 20.874835] kunit_try_run_case+0x170/0x3f0 [ 20.875028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.875083] kthread+0x328/0x630 [ 20.875118] ret_from_fork+0x10/0x20 [ 20.875157] [ 20.875189] The buggy address belongs to the object at fff00000c77daf80 [ 20.875189] which belongs to the cache kmalloc-64 of size 64 [ 20.875567] The buggy address is located 0 bytes to the right of [ 20.875567] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.875690] [ 20.876220] The buggy address belongs to the physical page: [ 20.876287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.876651] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.876731] page_type: f5(slab) [ 20.876774] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.877050] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.877359] page dumped because: kasan: bad access detected [ 20.877552] [ 20.877614] Memory state around the buggy address: [ 20.877690] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.877827] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.877902] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.878143] ^ [ 20.878380] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.878559] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.878685] ================================================================== [ 21.044928] ================================================================== [ 21.045043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 21.045123] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.045176] [ 21.045306] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.045392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.045422] Hardware name: linux,dummy-virt (DT) [ 21.045715] Call trace: [ 21.045759] show_stack+0x20/0x38 (C) [ 21.045812] dump_stack_lvl+0x8c/0xd0 [ 21.045874] print_report+0x118/0x608 [ 21.046370] kasan_report+0xdc/0x128 [ 21.046444] kasan_check_range+0x100/0x1a8 [ 21.046621] __kasan_check_write+0x20/0x30 [ 21.046685] kasan_atomics_helper+0x147c/0x4858 [ 21.047078] kasan_atomics+0x198/0x2e0 [ 21.047386] kunit_try_run_case+0x170/0x3f0 [ 21.047585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.047666] kthread+0x328/0x630 [ 21.047715] ret_from_fork+0x10/0x20 [ 21.048015] [ 21.048178] Allocated by task 265: [ 21.048315] kasan_save_stack+0x3c/0x68 [ 21.048386] kasan_save_track+0x20/0x40 [ 21.048463] kasan_save_alloc_info+0x40/0x58 [ 21.048536] __kasan_kmalloc+0xd4/0xd8 [ 21.048717] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.048934] kasan_atomics+0xb8/0x2e0 [ 21.048998] kunit_try_run_case+0x170/0x3f0 [ 21.049052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.049097] kthread+0x328/0x630 [ 21.049302] ret_from_fork+0x10/0x20 [ 21.049361] [ 21.049953] The buggy address belongs to the object at fff00000c77daf80 [ 21.049953] which belongs to the cache kmalloc-64 of size 64 [ 21.050025] The buggy address is located 0 bytes to the right of [ 21.050025] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.050278] [ 21.050453] The buggy address belongs to the physical page: [ 21.050519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.050953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.051316] page_type: f5(slab) [ 21.051464] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.051836] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.052060] page dumped because: kasan: bad access detected [ 21.052101] [ 21.052257] Memory state around the buggy address: [ 21.052426] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.052600] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.052879] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.053024] ^ [ 21.053063] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.053324] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.053523] ================================================================== [ 20.794272] ================================================================== [ 20.794381] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 20.794435] Write of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.795765] __kasan_check_write+0x20/0x30 [ 20.797100] [ 20.797217] Allocated by task 265: [ 20.797287] kasan_save_stack+0x3c/0x68 [ 20.797432] kasan_save_track+0x20/0x40 [ 20.797506] kasan_save_alloc_info+0x40/0x58 [ 20.797576] __kasan_kmalloc+0xd4/0xd8 [ 20.798001] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.798103] kasan_atomics+0xb8/0x2e0 [ 20.798200] kunit_try_run_case+0x170/0x3f0 [ 20.798269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.798352] kthread+0x328/0x630 [ 20.798458] ret_from_fork+0x10/0x20 [ 20.798502] [ 20.798559] The buggy address belongs to the object at fff00000c77daf80 [ 20.798559] which belongs to the cache kmalloc-64 of size 64 [ 20.798872] The buggy address is located 0 bytes to the right of [ 20.798872] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.799125] [ 20.799168] The buggy address belongs to the physical page: [ 20.799229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.799371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.799442] page_type: f5(slab) [ 20.799483] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.799541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.799583] page dumped because: kasan: bad access detected [ 20.799618] [ 20.799638] Memory state around the buggy address: [ 20.799671] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.799924] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.800432] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.800704] ^ [ 20.800753] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.800811] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.800886] ================================================================== [ 20.959605] ================================================================== [ 20.959771] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 20.959832] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.959895] [ 20.959928] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.960010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.960260] Hardware name: linux,dummy-virt (DT) [ 20.960513] Call trace: [ 20.960541] show_stack+0x20/0x38 (C) [ 20.960596] dump_stack_lvl+0x8c/0xd0 [ 20.960644] print_report+0x118/0x608 [ 20.961155] kasan_report+0xdc/0x128 [ 20.961227] kasan_check_range+0x100/0x1a8 [ 20.961403] __kasan_check_write+0x20/0x30 [ 20.961568] kasan_atomics_helper+0x10c0/0x4858 [ 20.961625] kasan_atomics+0x198/0x2e0 [ 20.961672] kunit_try_run_case+0x170/0x3f0 [ 20.961731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.961783] kthread+0x328/0x630 [ 20.961826] ret_from_fork+0x10/0x20 [ 20.961882] [ 20.961982] Allocated by task 265: [ 20.962023] kasan_save_stack+0x3c/0x68 [ 20.962075] kasan_save_track+0x20/0x40 [ 20.962125] kasan_save_alloc_info+0x40/0x58 [ 20.962168] __kasan_kmalloc+0xd4/0xd8 [ 20.962207] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.962253] kasan_atomics+0xb8/0x2e0 [ 20.962308] kunit_try_run_case+0x170/0x3f0 [ 20.962347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.962394] kthread+0x328/0x630 [ 20.962428] ret_from_fork+0x10/0x20 [ 20.962467] [ 20.962488] The buggy address belongs to the object at fff00000c77daf80 [ 20.962488] which belongs to the cache kmalloc-64 of size 64 [ 20.962548] The buggy address is located 0 bytes to the right of [ 20.962548] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.962612] [ 20.962634] The buggy address belongs to the physical page: [ 20.962666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.962722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.963451] page_type: f5(slab) [ 20.963522] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.963967] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.964417] page dumped because: kasan: bad access detected [ 20.964486] [ 20.964843] Memory state around the buggy address: [ 20.964940] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.965014] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.965744] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.965830] ^ [ 20.967173] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.967383] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.969798] ================================================================== [ 21.020930] ================================================================== [ 21.020994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 21.021107] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.021368] [ 21.021445] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.021549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.021589] Hardware name: linux,dummy-virt (DT) [ 21.021623] Call trace: [ 21.021836] show_stack+0x20/0x38 (C) [ 21.021916] dump_stack_lvl+0x8c/0xd0 [ 21.021972] print_report+0x118/0x608 [ 21.022312] kasan_report+0xdc/0x128 [ 21.022553] kasan_check_range+0x100/0x1a8 [ 21.022621] __kasan_check_write+0x20/0x30 [ 21.022682] kasan_atomics_helper+0x1384/0x4858 [ 21.022733] kasan_atomics+0x198/0x2e0 [ 21.023150] kunit_try_run_case+0x170/0x3f0 [ 21.023268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.023333] kthread+0x328/0x630 [ 21.023378] ret_from_fork+0x10/0x20 [ 21.023431] [ 21.023451] Allocated by task 265: [ 21.023482] kasan_save_stack+0x3c/0x68 [ 21.023526] kasan_save_track+0x20/0x40 [ 21.023566] kasan_save_alloc_info+0x40/0x58 [ 21.023608] __kasan_kmalloc+0xd4/0xd8 [ 21.023646] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.024375] kasan_atomics+0xb8/0x2e0 [ 21.024499] kunit_try_run_case+0x170/0x3f0 [ 21.024636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.024801] kthread+0x328/0x630 [ 21.024882] ret_from_fork+0x10/0x20 [ 21.024921] [ 21.025115] The buggy address belongs to the object at fff00000c77daf80 [ 21.025115] which belongs to the cache kmalloc-64 of size 64 [ 21.025352] The buggy address is located 0 bytes to the right of [ 21.025352] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.025438] [ 21.025747] The buggy address belongs to the physical page: [ 21.026107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.026302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.026612] page_type: f5(slab) [ 21.026679] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.026795] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.027223] page dumped because: kasan: bad access detected [ 21.027330] [ 21.027739] Memory state around the buggy address: [ 21.027815] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.027881] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.028109] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.028288] ^ [ 21.028351] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.028616] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.028660] ================================================================== [ 21.141737] ================================================================== [ 21.141800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 21.142293] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.142433] [ 21.142509] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.142703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.142738] Hardware name: linux,dummy-virt (DT) [ 21.142881] Call trace: [ 21.142988] show_stack+0x20/0x38 (C) [ 21.143068] dump_stack_lvl+0x8c/0xd0 [ 21.143118] print_report+0x118/0x608 [ 21.143591] kasan_report+0xdc/0x128 [ 21.143799] kasan_check_range+0x100/0x1a8 [ 21.143960] __kasan_check_write+0x20/0x30 [ 21.144510] kasan_atomics_helper+0x17ec/0x4858 [ 21.144767] kasan_atomics+0x198/0x2e0 [ 21.144914] kunit_try_run_case+0x170/0x3f0 [ 21.145090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.145167] kthread+0x328/0x630 [ 21.145241] ret_from_fork+0x10/0x20 [ 21.145574] [ 21.145918] Allocated by task 265: [ 21.146073] kasan_save_stack+0x3c/0x68 [ 21.146182] kasan_save_track+0x20/0x40 [ 21.146372] kasan_save_alloc_info+0x40/0x58 [ 21.146421] __kasan_kmalloc+0xd4/0xd8 [ 21.146478] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.146559] kasan_atomics+0xb8/0x2e0 [ 21.146814] kunit_try_run_case+0x170/0x3f0 [ 21.146952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.147049] kthread+0x328/0x630 [ 21.147471] ret_from_fork+0x10/0x20 [ 21.147673] [ 21.147748] The buggy address belongs to the object at fff00000c77daf80 [ 21.147748] which belongs to the cache kmalloc-64 of size 64 [ 21.147835] The buggy address is located 0 bytes to the right of [ 21.147835] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.148284] [ 21.148330] The buggy address belongs to the physical page: [ 21.148519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.148620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.148807] page_type: f5(slab) [ 21.149055] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.149228] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.149439] page dumped because: kasan: bad access detected [ 21.149586] [ 21.149608] Memory state around the buggy address: [ 21.149755] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.150016] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.150235] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.150494] ^ [ 21.150818] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.151070] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.151136] ================================================================== [ 20.925837] ================================================================== [ 20.925905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 20.925992] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.926243] [ 20.926308] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.926700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.926828] Hardware name: linux,dummy-virt (DT) [ 20.926919] Call trace: [ 20.926966] show_stack+0x20/0x38 (C) [ 20.927047] dump_stack_lvl+0x8c/0xd0 [ 20.927195] print_report+0x118/0x608 [ 20.927263] kasan_report+0xdc/0x128 [ 20.927311] kasan_check_range+0x100/0x1a8 [ 20.927557] __kasan_check_write+0x20/0x30 [ 20.927758] kasan_atomics_helper+0xf20/0x4858 [ 20.928152] kasan_atomics+0x198/0x2e0 [ 20.928336] kunit_try_run_case+0x170/0x3f0 [ 20.928434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.928522] kthread+0x328/0x630 [ 20.928840] ret_from_fork+0x10/0x20 [ 20.929087] [ 20.929159] Allocated by task 265: [ 20.929361] kasan_save_stack+0x3c/0x68 [ 20.929556] kasan_save_track+0x20/0x40 [ 20.929629] kasan_save_alloc_info+0x40/0x58 [ 20.929817] __kasan_kmalloc+0xd4/0xd8 [ 20.929921] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.929982] kasan_atomics+0xb8/0x2e0 [ 20.930022] kunit_try_run_case+0x170/0x3f0 [ 20.930394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.930650] kthread+0x328/0x630 [ 20.931087] ret_from_fork+0x10/0x20 [ 20.931205] [ 20.931264] The buggy address belongs to the object at fff00000c77daf80 [ 20.931264] which belongs to the cache kmalloc-64 of size 64 [ 20.931358] The buggy address is located 0 bytes to the right of [ 20.931358] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.931600] [ 20.931626] The buggy address belongs to the physical page: [ 20.931694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.932082] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.932341] page_type: f5(slab) [ 20.932415] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.932921] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.932994] page dumped because: kasan: bad access detected [ 20.933205] [ 20.933330] Memory state around the buggy address: [ 20.933495] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.933559] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.933605] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.933788] ^ [ 20.934012] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.934379] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.934444] ================================================================== [ 21.115287] ================================================================== [ 21.115339] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 21.115813] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.116224] [ 21.116277] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.116489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.116545] Hardware name: linux,dummy-virt (DT) [ 21.116605] Call trace: [ 21.116632] show_stack+0x20/0x38 (C) [ 21.116686] dump_stack_lvl+0x8c/0xd0 [ 21.116903] print_report+0x118/0x608 [ 21.117100] kasan_report+0xdc/0x128 [ 21.117374] __asan_report_load8_noabort+0x20/0x30 [ 21.117648] kasan_atomics_helper+0x3e10/0x4858 [ 21.117725] kasan_atomics+0x198/0x2e0 [ 21.118046] kunit_try_run_case+0x170/0x3f0 [ 21.118187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.118272] kthread+0x328/0x630 [ 21.118381] ret_from_fork+0x10/0x20 [ 21.118446] [ 21.118488] Allocated by task 265: [ 21.118522] kasan_save_stack+0x3c/0x68 [ 21.118586] kasan_save_track+0x20/0x40 [ 21.118847] kasan_save_alloc_info+0x40/0x58 [ 21.119018] __kasan_kmalloc+0xd4/0xd8 [ 21.119309] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.119516] kasan_atomics+0xb8/0x2e0 [ 21.119579] kunit_try_run_case+0x170/0x3f0 [ 21.119721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.120128] kthread+0x328/0x630 [ 21.120235] ret_from_fork+0x10/0x20 [ 21.120475] [ 21.120526] The buggy address belongs to the object at fff00000c77daf80 [ 21.120526] which belongs to the cache kmalloc-64 of size 64 [ 21.120612] The buggy address is located 0 bytes to the right of [ 21.120612] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.121232] [ 21.121321] The buggy address belongs to the physical page: [ 21.121718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.121816] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.122112] page_type: f5(slab) [ 21.122281] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.122782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.122887] page dumped because: kasan: bad access detected [ 21.123124] [ 21.123263] Memory state around the buggy address: [ 21.123474] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.123721] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.123953] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.124220] ^ [ 21.124263] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.124493] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.124585] ================================================================== [ 20.887491] ================================================================== [ 20.887556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 20.887728] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.887992] [ 20.888068] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.888278] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.888464] Hardware name: linux,dummy-virt (DT) [ 20.888523] Call trace: [ 20.888548] show_stack+0x20/0x38 (C) [ 20.888696] dump_stack_lvl+0x8c/0xd0 [ 20.888782] print_report+0x118/0x608 [ 20.888965] kasan_report+0xdc/0x128 [ 20.889171] kasan_check_range+0x100/0x1a8 [ 20.889248] __kasan_check_read+0x20/0x30 [ 20.889442] kasan_atomics_helper+0xdd4/0x4858 [ 20.889629] kasan_atomics+0x198/0x2e0 [ 20.889705] kunit_try_run_case+0x170/0x3f0 [ 20.889759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.889822] kthread+0x328/0x630 [ 20.889875] ret_from_fork+0x10/0x20 [ 20.889968] [ 20.890020] Allocated by task 265: [ 20.890055] kasan_save_stack+0x3c/0x68 [ 20.890101] kasan_save_track+0x20/0x40 [ 20.890431] kasan_save_alloc_info+0x40/0x58 [ 20.890645] __kasan_kmalloc+0xd4/0xd8 [ 20.890695] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.890975] kasan_atomics+0xb8/0x2e0 [ 20.891227] kunit_try_run_case+0x170/0x3f0 [ 20.891282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.891344] kthread+0x328/0x630 [ 20.891387] ret_from_fork+0x10/0x20 [ 20.891465] [ 20.891509] The buggy address belongs to the object at fff00000c77daf80 [ 20.891509] which belongs to the cache kmalloc-64 of size 64 [ 20.891577] The buggy address is located 0 bytes to the right of [ 20.891577] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.891781] [ 20.892157] The buggy address belongs to the physical page: [ 20.892320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.892695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.893036] page_type: f5(slab) [ 20.893495] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.893606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.893675] page dumped because: kasan: bad access detected [ 20.893767] [ 20.893788] Memory state around the buggy address: [ 20.893828] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.894183] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.894360] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.894406] ^ [ 20.894743] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.895009] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.895109] ================================================================== [ 20.941357] ================================================================== [ 20.941410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 20.941459] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.941509] [ 20.941674] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.941774] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.942261] Hardware name: linux,dummy-virt (DT) [ 20.942318] Call trace: [ 20.942434] show_stack+0x20/0x38 (C) [ 20.942490] dump_stack_lvl+0x8c/0xd0 [ 20.942557] print_report+0x118/0x608 [ 20.942625] kasan_report+0xdc/0x128 [ 20.942675] kasan_check_range+0x100/0x1a8 [ 20.942724] __kasan_check_write+0x20/0x30 [ 20.943148] kasan_atomics_helper+0xff0/0x4858 [ 20.943471] kasan_atomics+0x198/0x2e0 [ 20.943666] kunit_try_run_case+0x170/0x3f0 [ 20.943755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.943953] kthread+0x328/0x630 [ 20.944015] ret_from_fork+0x10/0x20 [ 20.944063] [ 20.944085] Allocated by task 265: [ 20.944287] kasan_save_stack+0x3c/0x68 [ 20.944407] kasan_save_track+0x20/0x40 [ 20.944846] kasan_save_alloc_info+0x40/0x58 [ 20.944998] __kasan_kmalloc+0xd4/0xd8 [ 20.945085] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.945247] kasan_atomics+0xb8/0x2e0 [ 20.945315] kunit_try_run_case+0x170/0x3f0 [ 20.945368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.945420] kthread+0x328/0x630 [ 20.945661] ret_from_fork+0x10/0x20 [ 20.946049] [ 20.946093] The buggy address belongs to the object at fff00000c77daf80 [ 20.946093] which belongs to the cache kmalloc-64 of size 64 [ 20.946156] The buggy address is located 0 bytes to the right of [ 20.946156] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.946539] [ 20.946792] The buggy address belongs to the physical page: [ 20.946894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.947151] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.947403] page_type: f5(slab) [ 20.947476] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.947767] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.947977] page dumped because: kasan: bad access detected [ 20.948016] [ 20.948275] Memory state around the buggy address: [ 20.948912] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.949000] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.949329] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.949494] ^ [ 20.949721] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.949897] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.950012] ================================================================== [ 20.952002] ================================================================== [ 20.952086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 20.952207] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.952260] [ 20.952296] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.952386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952726] Hardware name: linux,dummy-virt (DT) [ 20.952779] Call trace: [ 20.952806] show_stack+0x20/0x38 (C) [ 20.952898] dump_stack_lvl+0x8c/0xd0 [ 20.952952] print_report+0x118/0x608 [ 20.953018] kasan_report+0xdc/0x128 [ 20.953301] kasan_check_range+0x100/0x1a8 [ 20.953475] __kasan_check_write+0x20/0x30 [ 20.953537] kasan_atomics_helper+0x1058/0x4858 [ 20.953589] kasan_atomics+0x198/0x2e0 [ 20.953635] kunit_try_run_case+0x170/0x3f0 [ 20.954083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.954246] kthread+0x328/0x630 [ 20.954305] ret_from_fork+0x10/0x20 [ 20.954357] [ 20.954382] Allocated by task 265: [ 20.954421] kasan_save_stack+0x3c/0x68 [ 20.954476] kasan_save_track+0x20/0x40 [ 20.954516] kasan_save_alloc_info+0x40/0x58 [ 20.954559] __kasan_kmalloc+0xd4/0xd8 [ 20.954596] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.954638] kasan_atomics+0xb8/0x2e0 [ 20.954676] kunit_try_run_case+0x170/0x3f0 [ 20.954714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.954777] kthread+0x328/0x630 [ 20.955190] ret_from_fork+0x10/0x20 [ 20.955485] [ 20.955602] The buggy address belongs to the object at fff00000c77daf80 [ 20.955602] which belongs to the cache kmalloc-64 of size 64 [ 20.955700] The buggy address is located 0 bytes to the right of [ 20.955700] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.955918] [ 20.955975] The buggy address belongs to the physical page: [ 20.956194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.956268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.956419] page_type: f5(slab) [ 20.956646] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.956732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.956966] page dumped because: kasan: bad access detected [ 20.957148] [ 20.957193] Memory state around the buggy address: [ 20.957267] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.957343] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.957776] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.957842] ^ [ 20.957901] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.958239] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.958344] ================================================================== [ 20.802542] ================================================================== [ 20.802996] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 20.803189] Write of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.803318] [ 20.803775] Call trace: [ 20.806475] kasan_save_alloc_info+0x40/0x58 [ 20.806689] __kasan_kmalloc+0xd4/0xd8 [ 20.806830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.806898] kasan_atomics+0xb8/0x2e0 [ 20.807069] kunit_try_run_case+0x170/0x3f0 [ 20.807285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.808068] [ 20.808490] [ 20.811429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xad4/0x4858 [ 20.814835] kasan_save_alloc_info+0x40/0x58 [ 20.815017] __kasan_kmalloc+0xd4/0xd8 [ 20.815082] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.815133] kasan_atomics+0xb8/0x2e0 [ 20.815172] kunit_try_run_case+0x170/0x3f0 [ 20.815213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.815398] kthread+0x328/0x630 [ 20.815782] The buggy address belongs to the object at fff00000c77daf80 [ 20.815782] which belongs to the cache kmalloc-64 of size 64 [ 20.818332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.820954] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.823516] page dumped because: kasan: bad access detected [ 20.827184] kasan_atomics+0x198/0x2e0 [ 20.830845] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.834591] ret_from_fork+0x10/0x20 [ 20.838361] page_type: f5(slab) [ 20.838721] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.841955] kunit_try_run_case+0x170/0x3f0 [ 20.843525] kthread+0x328/0x630 [ 20.846070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.848644] Hardware name: linux,dummy-virt (DT) [ 20.849460] __kasan_kmalloc+0xd4/0xd8 [ 20.851977] page dumped because: kasan: bad access detected [ 20.853612] ================================================================== [ 21.125636] ================================================================== [ 21.125691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 21.126243] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.126314] [ 21.126588] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.127099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.127143] Hardware name: linux,dummy-virt (DT) [ 21.127179] Call trace: [ 21.127203] show_stack+0x20/0x38 (C) [ 21.127257] dump_stack_lvl+0x8c/0xd0 [ 21.127304] print_report+0x118/0x608 [ 21.127354] kasan_report+0xdc/0x128 [ 21.127399] kasan_check_range+0x100/0x1a8 [ 21.127455] __kasan_check_write+0x20/0x30 [ 21.127501] kasan_atomics_helper+0x175c/0x4858 [ 21.127549] kasan_atomics+0x198/0x2e0 [ 21.127891] kunit_try_run_case+0x170/0x3f0 [ 21.128079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.128294] kthread+0x328/0x630 [ 21.128509] ret_from_fork+0x10/0x20 [ 21.128599] [ 21.128698] Allocated by task 265: [ 21.128809] kasan_save_stack+0x3c/0x68 [ 21.128854] kasan_save_track+0x20/0x40 [ 21.129297] kasan_save_alloc_info+0x40/0x58 [ 21.129368] __kasan_kmalloc+0xd4/0xd8 [ 21.129747] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.129818] kasan_atomics+0xb8/0x2e0 [ 21.129969] kunit_try_run_case+0x170/0x3f0 [ 21.130069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.130510] kthread+0x328/0x630 [ 21.130743] ret_from_fork+0x10/0x20 [ 21.130947] [ 21.131004] The buggy address belongs to the object at fff00000c77daf80 [ 21.131004] which belongs to the cache kmalloc-64 of size 64 [ 21.131280] The buggy address is located 0 bytes to the right of [ 21.131280] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.131555] [ 21.131612] The buggy address belongs to the physical page: [ 21.131670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.131752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.132084] page_type: f5(slab) [ 21.132156] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.132613] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.132667] page dumped because: kasan: bad access detected [ 21.132704] [ 21.132886] Memory state around the buggy address: [ 21.133070] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.133143] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.133500] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.133565] ^ [ 21.133603] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.133970] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.134293] ================================================================== [ 21.097491] ================================================================== [ 21.098027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 21.098102] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.098472] [ 21.098516] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.098601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.098870] Hardware name: linux,dummy-virt (DT) [ 21.098976] Call trace: [ 21.099001] show_stack+0x20/0x38 (C) [ 21.099056] dump_stack_lvl+0x8c/0xd0 [ 21.099104] print_report+0x118/0x608 [ 21.099815] kasan_report+0xdc/0x128 [ 21.100002] __asan_report_load8_noabort+0x20/0x30 [ 21.100128] kasan_atomics_helper+0x3df4/0x4858 [ 21.100219] kasan_atomics+0x198/0x2e0 [ 21.100402] kunit_try_run_case+0x170/0x3f0 [ 21.100460] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.100670] kthread+0x328/0x630 [ 21.101219] ret_from_fork+0x10/0x20 [ 21.101364] [ 21.101444] Allocated by task 265: [ 21.101569] kasan_save_stack+0x3c/0x68 [ 21.101673] kasan_save_track+0x20/0x40 [ 21.101982] kasan_save_alloc_info+0x40/0x58 [ 21.102510] __kasan_kmalloc+0xd4/0xd8 [ 21.102627] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.103006] kasan_atomics+0xb8/0x2e0 [ 21.103058] kunit_try_run_case+0x170/0x3f0 [ 21.103097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.103395] kthread+0x328/0x630 [ 21.103881] ret_from_fork+0x10/0x20 [ 21.104136] [ 21.104352] The buggy address belongs to the object at fff00000c77daf80 [ 21.104352] which belongs to the cache kmalloc-64 of size 64 [ 21.104463] The buggy address is located 0 bytes to the right of [ 21.104463] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.105026] [ 21.105102] The buggy address belongs to the physical page: [ 21.105280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.105512] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.105592] page_type: f5(slab) [ 21.105634] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.106005] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.106352] page dumped because: kasan: bad access detected [ 21.106429] [ 21.106450] Memory state around the buggy address: [ 21.106631] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.106855] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.106945] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.107299] ^ [ 21.107447] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.107720] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.108011] ================================================================== [ 20.879544] ================================================================== [ 20.879629] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 20.879683] Read of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.879744] [ 20.879895] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.880054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.880087] Hardware name: linux,dummy-virt (DT) [ 20.880121] Call trace: [ 20.880145] show_stack+0x20/0x38 (C) [ 20.880203] dump_stack_lvl+0x8c/0xd0 [ 20.880253] print_report+0x118/0x608 [ 20.880542] kasan_report+0xdc/0x128 [ 20.880792] __asan_report_load4_noabort+0x20/0x30 [ 20.881016] kasan_atomics_helper+0x3e04/0x4858 [ 20.881081] kasan_atomics+0x198/0x2e0 [ 20.881220] kunit_try_run_case+0x170/0x3f0 [ 20.881305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.881497] kthread+0x328/0x630 [ 20.881558] ret_from_fork+0x10/0x20 [ 20.881763] [ 20.881794] Allocated by task 265: [ 20.882155] kasan_save_stack+0x3c/0x68 [ 20.882218] kasan_save_track+0x20/0x40 [ 20.882540] kasan_save_alloc_info+0x40/0x58 [ 20.882598] __kasan_kmalloc+0xd4/0xd8 [ 20.882638] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.882679] kasan_atomics+0xb8/0x2e0 [ 20.882715] kunit_try_run_case+0x170/0x3f0 [ 20.882755] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.882800] kthread+0x328/0x630 [ 20.882834] ret_from_fork+0x10/0x20 [ 20.882921] [ 20.882945] The buggy address belongs to the object at fff00000c77daf80 [ 20.882945] which belongs to the cache kmalloc-64 of size 64 [ 20.883015] The buggy address is located 0 bytes to the right of [ 20.883015] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.883089] [ 20.883129] The buggy address belongs to the physical page: [ 20.883442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.883510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.883560] page_type: f5(slab) [ 20.883628] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.884054] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.884351] page dumped because: kasan: bad access detected [ 20.884404] [ 20.884691] Memory state around the buggy address: [ 20.884935] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.885024] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.885199] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.885504] ^ [ 20.885880] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.886044] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.886123] ================================================================== [ 20.935245] ================================================================== [ 20.935299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 20.935481] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.935536] [ 20.935570] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.935893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.935933] Hardware name: linux,dummy-virt (DT) [ 20.935968] Call trace: [ 20.936373] show_stack+0x20/0x38 (C) [ 20.936448] dump_stack_lvl+0x8c/0xd0 [ 20.936500] print_report+0x118/0x608 [ 20.936548] kasan_report+0xdc/0x128 [ 20.936596] kasan_check_range+0x100/0x1a8 [ 20.936645] __kasan_check_write+0x20/0x30 [ 20.936690] kasan_atomics_helper+0xf88/0x4858 [ 20.936739] kasan_atomics+0x198/0x2e0 [ 20.936785] kunit_try_run_case+0x170/0x3f0 [ 20.936835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.936901] kthread+0x328/0x630 [ 20.936943] ret_from_fork+0x10/0x20 [ 20.936992] [ 20.937090] Allocated by task 265: [ 20.937124] kasan_save_stack+0x3c/0x68 [ 20.937180] kasan_save_track+0x20/0x40 [ 20.937231] kasan_save_alloc_info+0x40/0x58 [ 20.937274] __kasan_kmalloc+0xd4/0xd8 [ 20.937313] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.937353] kasan_atomics+0xb8/0x2e0 [ 20.937392] kunit_try_run_case+0x170/0x3f0 [ 20.937434] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.937479] kthread+0x328/0x630 [ 20.937523] ret_from_fork+0x10/0x20 [ 20.937562] [ 20.937590] The buggy address belongs to the object at fff00000c77daf80 [ 20.937590] which belongs to the cache kmalloc-64 of size 64 [ 20.937657] The buggy address is located 0 bytes to the right of [ 20.937657] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.937723] [ 20.937744] The buggy address belongs to the physical page: [ 20.937775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.937831] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.938674] page_type: f5(slab) [ 20.938779] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.939121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.939452] page dumped because: kasan: bad access detected [ 20.939500] [ 20.939692] Memory state around the buggy address: [ 20.939754] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.939976] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.940185] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.940250] ^ [ 20.940309] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.940498] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.940551] ================================================================== [ 21.065487] ================================================================== [ 21.065543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 21.065595] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.065881] [ 21.065939] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.066025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.066055] Hardware name: linux,dummy-virt (DT) [ 21.066361] Call trace: [ 21.066406] show_stack+0x20/0x38 (C) [ 21.066613] dump_stack_lvl+0x8c/0xd0 [ 21.066883] print_report+0x118/0x608 [ 21.066961] kasan_report+0xdc/0x128 [ 21.067477] kasan_check_range+0x100/0x1a8 [ 21.067555] __kasan_check_write+0x20/0x30 [ 21.067778] kasan_atomics_helper+0x154c/0x4858 [ 21.068080] kasan_atomics+0x198/0x2e0 [ 21.068258] kunit_try_run_case+0x170/0x3f0 [ 21.068524] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.068703] kthread+0x328/0x630 [ 21.069017] ret_from_fork+0x10/0x20 [ 21.069164] [ 21.069310] Allocated by task 265: [ 21.069350] kasan_save_stack+0x3c/0x68 [ 21.069481] kasan_save_track+0x20/0x40 [ 21.069522] kasan_save_alloc_info+0x40/0x58 [ 21.069566] __kasan_kmalloc+0xd4/0xd8 [ 21.069618] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.069658] kasan_atomics+0xb8/0x2e0 [ 21.069697] kunit_try_run_case+0x170/0x3f0 [ 21.069737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.069816] kthread+0x328/0x630 [ 21.069853] ret_from_fork+0x10/0x20 [ 21.069905] [ 21.069943] The buggy address belongs to the object at fff00000c77daf80 [ 21.069943] which belongs to the cache kmalloc-64 of size 64 [ 21.070010] The buggy address is located 0 bytes to the right of [ 21.070010] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.070093] [ 21.070124] The buggy address belongs to the physical page: [ 21.070161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.070232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.070298] page_type: f5(slab) [ 21.070351] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.070410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.070458] page dumped because: kasan: bad access detected [ 21.070493] [ 21.070513] Memory state around the buggy address: [ 21.070549] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.070617] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.070679] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.070737] ^ [ 21.070802] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.070846] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.070895] ================================================================== [ 20.862736] ================================================================== [ 20.863143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 20.863251] Read of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.863365] [ 20.863411] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.863520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.863614] Hardware name: linux,dummy-virt (DT) [ 20.863650] Call trace: [ 20.863696] show_stack+0x20/0x38 (C) [ 20.863754] dump_stack_lvl+0x8c/0xd0 [ 20.864041] print_report+0x118/0x608 [ 20.864389] kasan_report+0xdc/0x128 [ 20.864560] __asan_report_load4_noabort+0x20/0x30 [ 20.864657] kasan_atomics_helper+0x3dd8/0x4858 [ 20.865126] kasan_atomics+0x198/0x2e0 [ 20.865189] kunit_try_run_case+0x170/0x3f0 [ 20.865352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.865460] kthread+0x328/0x630 [ 20.866000] ret_from_fork+0x10/0x20 [ 20.866080] [ 20.866102] Allocated by task 265: [ 20.866347] kasan_save_stack+0x3c/0x68 [ 20.866549] kasan_save_track+0x20/0x40 [ 20.866792] kasan_save_alloc_info+0x40/0x58 [ 20.866850] __kasan_kmalloc+0xd4/0xd8 [ 20.866904] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.866946] kasan_atomics+0xb8/0x2e0 [ 20.866984] kunit_try_run_case+0x170/0x3f0 [ 20.867570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.867728] kthread+0x328/0x630 [ 20.867796] ret_from_fork+0x10/0x20 [ 20.867845] [ 20.867883] The buggy address belongs to the object at fff00000c77daf80 [ 20.867883] which belongs to the cache kmalloc-64 of size 64 [ 20.867946] The buggy address is located 0 bytes to the right of [ 20.867946] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.868013] [ 20.868057] The buggy address belongs to the physical page: [ 20.868103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.868179] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.868235] page_type: f5(slab) [ 20.868291] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.868343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.868386] page dumped because: kasan: bad access detected [ 20.868436] [ 20.868456] Memory state around the buggy address: [ 20.868489] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868543] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.868588] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.868628] ^ [ 20.868662] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.868706] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.868756] ================================================================== [ 21.072225] ================================================================== [ 21.072440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 21.072524] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.072779] [ 21.072825] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.072922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.073175] Hardware name: linux,dummy-virt (DT) [ 21.073566] Call trace: [ 21.073609] show_stack+0x20/0x38 (C) [ 21.073661] dump_stack_lvl+0x8c/0xd0 [ 21.073718] print_report+0x118/0x608 [ 21.073971] kasan_report+0xdc/0x128 [ 21.074052] kasan_check_range+0x100/0x1a8 [ 21.074107] __kasan_check_write+0x20/0x30 [ 21.074153] kasan_atomics_helper+0x15b4/0x4858 [ 21.074290] kasan_atomics+0x198/0x2e0 [ 21.074344] kunit_try_run_case+0x170/0x3f0 [ 21.074396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.074450] kthread+0x328/0x630 [ 21.074491] ret_from_fork+0x10/0x20 [ 21.074540] [ 21.074659] Allocated by task 265: [ 21.074701] kasan_save_stack+0x3c/0x68 [ 21.075342] kasan_save_track+0x20/0x40 [ 21.075523] kasan_save_alloc_info+0x40/0x58 [ 21.075684] __kasan_kmalloc+0xd4/0xd8 [ 21.075818] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.075923] kasan_atomics+0xb8/0x2e0 [ 21.076372] kunit_try_run_case+0x170/0x3f0 [ 21.076501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.076701] kthread+0x328/0x630 [ 21.076811] ret_from_fork+0x10/0x20 [ 21.076904] [ 21.077245] The buggy address belongs to the object at fff00000c77daf80 [ 21.077245] which belongs to the cache kmalloc-64 of size 64 [ 21.077520] The buggy address is located 0 bytes to the right of [ 21.077520] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.077620] [ 21.077925] The buggy address belongs to the physical page: [ 21.078023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.078503] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.078761] page_type: f5(slab) [ 21.078937] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.079553] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.079604] page dumped because: kasan: bad access detected [ 21.079641] [ 21.079661] Memory state around the buggy address: [ 21.079697] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.079953] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.080150] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.080220] ^ [ 21.080450] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.080599] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.080641] ================================================================== [ 21.081907] ================================================================== [ 21.082135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 21.082253] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.082309] [ 21.082603] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.082700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.082737] Hardware name: linux,dummy-virt (DT) [ 21.083204] Call trace: [ 21.083257] show_stack+0x20/0x38 (C) [ 21.083470] dump_stack_lvl+0x8c/0xd0 [ 21.083603] print_report+0x118/0x608 [ 21.083761] kasan_report+0xdc/0x128 [ 21.083836] __asan_report_load8_noabort+0x20/0x30 [ 21.083898] kasan_atomics_helper+0x3db0/0x4858 [ 21.084335] kasan_atomics+0x198/0x2e0 [ 21.084551] kunit_try_run_case+0x170/0x3f0 [ 21.084751] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.084849] kthread+0x328/0x630 [ 21.084905] ret_from_fork+0x10/0x20 [ 21.084954] [ 21.085518] Allocated by task 265: [ 21.085615] kasan_save_stack+0x3c/0x68 [ 21.085758] kasan_save_track+0x20/0x40 [ 21.085843] kasan_save_alloc_info+0x40/0x58 [ 21.085955] __kasan_kmalloc+0xd4/0xd8 [ 21.086387] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.086570] kasan_atomics+0xb8/0x2e0 [ 21.086645] kunit_try_run_case+0x170/0x3f0 [ 21.086783] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.086897] kthread+0x328/0x630 [ 21.086985] ret_from_fork+0x10/0x20 [ 21.087405] [ 21.087449] The buggy address belongs to the object at fff00000c77daf80 [ 21.087449] which belongs to the cache kmalloc-64 of size 64 [ 21.087777] The buggy address is located 0 bytes to the right of [ 21.087777] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.088044] [ 21.088073] The buggy address belongs to the physical page: [ 21.088107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.088169] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.088672] page_type: f5(slab) [ 21.088725] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.089039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.089474] page dumped because: kasan: bad access detected [ 21.089607] [ 21.089632] Memory state around the buggy address: [ 21.089670] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.089995] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.090140] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.090381] ^ [ 21.090509] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.090553] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.090919] ================================================================== [ 21.030096] ================================================================== [ 21.030192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 21.030366] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.030428] [ 21.030531] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.030638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.030675] Hardware name: linux,dummy-virt (DT) [ 21.030708] Call trace: [ 21.030734] show_stack+0x20/0x38 (C) [ 21.031044] dump_stack_lvl+0x8c/0xd0 [ 21.031268] print_report+0x118/0x608 [ 21.031477] kasan_report+0xdc/0x128 [ 21.031595] __asan_report_load8_noabort+0x20/0x30 [ 21.031833] kasan_atomics_helper+0x3f04/0x4858 [ 21.032074] kasan_atomics+0x198/0x2e0 [ 21.032337] kunit_try_run_case+0x170/0x3f0 [ 21.032542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.032759] kthread+0x328/0x630 [ 21.033219] ret_from_fork+0x10/0x20 [ 21.033491] [ 21.033645] Allocated by task 265: [ 21.033785] kasan_save_stack+0x3c/0x68 [ 21.033837] kasan_save_track+0x20/0x40 [ 21.034071] kasan_save_alloc_info+0x40/0x58 [ 21.034335] __kasan_kmalloc+0xd4/0xd8 [ 21.034582] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.034734] kasan_atomics+0xb8/0x2e0 [ 21.034977] kunit_try_run_case+0x170/0x3f0 [ 21.035024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.035091] kthread+0x328/0x630 [ 21.035132] ret_from_fork+0x10/0x20 [ 21.035352] [ 21.036031] The buggy address belongs to the object at fff00000c77daf80 [ 21.036031] which belongs to the cache kmalloc-64 of size 64 [ 21.036147] The buggy address is located 0 bytes to the right of [ 21.036147] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.036244] [ 21.036471] The buggy address belongs to the physical page: [ 21.036518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.037006] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.037086] page_type: f5(slab) [ 21.037332] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.037840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.037923] page dumped because: kasan: bad access detected [ 21.038337] [ 21.038555] Memory state around the buggy address: [ 21.038599] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.038646] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.038877] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.039216] ^ [ 21.039437] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.039509] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.039551] ================================================================== [ 20.918977] ================================================================== [ 20.919139] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 20.919321] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.919405] [ 20.919478] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.919562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.919591] Hardware name: linux,dummy-virt (DT) [ 20.919625] Call trace: [ 20.919648] show_stack+0x20/0x38 (C) [ 20.919697] dump_stack_lvl+0x8c/0xd0 [ 20.919747] print_report+0x118/0x608 [ 20.919796] kasan_report+0xdc/0x128 [ 20.919842] kasan_check_range+0x100/0x1a8 [ 20.919904] __kasan_check_write+0x20/0x30 [ 20.920174] kasan_atomics_helper+0xeb8/0x4858 [ 20.920649] kasan_atomics+0x198/0x2e0 [ 20.920838] kunit_try_run_case+0x170/0x3f0 [ 20.920923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.921108] kthread+0x328/0x630 [ 20.921181] ret_from_fork+0x10/0x20 [ 20.921231] [ 20.921283] Allocated by task 265: [ 20.921527] kasan_save_stack+0x3c/0x68 [ 20.921892] kasan_save_track+0x20/0x40 [ 20.922045] kasan_save_alloc_info+0x40/0x58 [ 20.922143] __kasan_kmalloc+0xd4/0xd8 [ 20.922309] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.922395] kasan_atomics+0xb8/0x2e0 [ 20.922526] kunit_try_run_case+0x170/0x3f0 [ 20.922747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.922927] kthread+0x328/0x630 [ 20.923311] ret_from_fork+0x10/0x20 [ 20.923426] [ 20.923459] The buggy address belongs to the object at fff00000c77daf80 [ 20.923459] which belongs to the cache kmalloc-64 of size 64 [ 20.923521] The buggy address is located 0 bytes to the right of [ 20.923521] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.923585] [ 20.923927] The buggy address belongs to the physical page: [ 20.924058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.924122] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.924175] page_type: f5(slab) [ 20.924214] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.924278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.924322] page dumped because: kasan: bad access detected [ 20.924357] [ 20.924387] Memory state around the buggy address: [ 20.924422] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.924484] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.924537] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.924576] ^ [ 20.924612] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.924655] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.924695] ================================================================== [ 21.108894] ================================================================== [ 21.108972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 21.109023] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.109320] [ 21.109364] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.109458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.109801] Hardware name: linux,dummy-virt (DT) [ 21.109853] Call trace: [ 21.110073] show_stack+0x20/0x38 (C) [ 21.110153] dump_stack_lvl+0x8c/0xd0 [ 21.110358] print_report+0x118/0x608 [ 21.110420] kasan_report+0xdc/0x128 [ 21.110498] kasan_check_range+0x100/0x1a8 [ 21.110647] __kasan_check_write+0x20/0x30 [ 21.110711] kasan_atomics_helper+0x16d0/0x4858 [ 21.111109] kasan_atomics+0x198/0x2e0 [ 21.111471] kunit_try_run_case+0x170/0x3f0 [ 21.111702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.111765] kthread+0x328/0x630 [ 21.111807] ret_from_fork+0x10/0x20 [ 21.111895] [ 21.112172] Allocated by task 265: [ 21.112440] kasan_save_stack+0x3c/0x68 [ 21.112585] kasan_save_track+0x20/0x40 [ 21.112712] kasan_save_alloc_info+0x40/0x58 [ 21.112764] __kasan_kmalloc+0xd4/0xd8 [ 21.112804] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.112883] kasan_atomics+0xb8/0x2e0 [ 21.112925] kunit_try_run_case+0x170/0x3f0 [ 21.112964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.113022] kthread+0x328/0x630 [ 21.113066] ret_from_fork+0x10/0x20 [ 21.113103] [ 21.113135] The buggy address belongs to the object at fff00000c77daf80 [ 21.113135] which belongs to the cache kmalloc-64 of size 64 [ 21.113212] The buggy address is located 0 bytes to the right of [ 21.113212] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.113278] [ 21.113299] The buggy address belongs to the physical page: [ 21.113346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.113411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.113471] page_type: f5(slab) [ 21.113535] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.113587] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.113629] page dumped because: kasan: bad access detected [ 21.113673] [ 21.113693] Memory state around the buggy address: [ 21.113728] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.113782] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.113827] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.114217] ^ [ 21.114614] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.114694] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.114776] ================================================================== [ 21.135315] ================================================================== [ 21.135588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 21.135652] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.135703] [ 21.135736] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.135816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.135844] Hardware name: linux,dummy-virt (DT) [ 21.135960] Call trace: [ 21.135986] show_stack+0x20/0x38 (C) [ 21.136038] dump_stack_lvl+0x8c/0xd0 [ 21.136085] print_report+0x118/0x608 [ 21.136134] kasan_report+0xdc/0x128 [ 21.136181] __asan_report_load8_noabort+0x20/0x30 [ 21.136230] kasan_atomics_helper+0x3e20/0x4858 [ 21.136282] kasan_atomics+0x198/0x2e0 [ 21.136341] kunit_try_run_case+0x170/0x3f0 [ 21.136393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.136447] kthread+0x328/0x630 [ 21.136500] ret_from_fork+0x10/0x20 [ 21.136551] [ 21.136571] Allocated by task 265: [ 21.136600] kasan_save_stack+0x3c/0x68 [ 21.136652] kasan_save_track+0x20/0x40 [ 21.136696] kasan_save_alloc_info+0x40/0x58 [ 21.136748] __kasan_kmalloc+0xd4/0xd8 [ 21.136787] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.136835] kasan_atomics+0xb8/0x2e0 [ 21.137631] kunit_try_run_case+0x170/0x3f0 [ 21.137712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.137773] kthread+0x328/0x630 [ 21.137808] ret_from_fork+0x10/0x20 [ 21.138037] [ 21.138072] The buggy address belongs to the object at fff00000c77daf80 [ 21.138072] which belongs to the cache kmalloc-64 of size 64 [ 21.138133] The buggy address is located 0 bytes to the right of [ 21.138133] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.138208] [ 21.138229] The buggy address belongs to the physical page: [ 21.138262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.138319] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.138662] page_type: f5(slab) [ 21.138873] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.139127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.139215] page dumped because: kasan: bad access detected [ 21.139384] [ 21.139447] Memory state around the buggy address: [ 21.139900] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.139993] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.140219] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.140412] ^ [ 21.140496] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.140703] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.140751] ================================================================== [ 21.091850] ================================================================== [ 21.092018] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 21.092161] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.092247] [ 21.092282] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.092397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.092425] Hardware name: linux,dummy-virt (DT) [ 21.092622] Call trace: [ 21.092794] show_stack+0x20/0x38 (C) [ 21.092875] dump_stack_lvl+0x8c/0xd0 [ 21.093138] print_report+0x118/0x608 [ 21.093206] kasan_report+0xdc/0x128 [ 21.093440] kasan_check_range+0x100/0x1a8 [ 21.093665] __kasan_check_write+0x20/0x30 [ 21.093728] kasan_atomics_helper+0x1644/0x4858 [ 21.093808] kasan_atomics+0x198/0x2e0 [ 21.093905] kunit_try_run_case+0x170/0x3f0 [ 21.094111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.094224] kthread+0x328/0x630 [ 21.094511] ret_from_fork+0x10/0x20 [ 21.094593] [ 21.094630] Allocated by task 265: [ 21.094665] kasan_save_stack+0x3c/0x68 [ 21.094710] kasan_save_track+0x20/0x40 [ 21.094947] kasan_save_alloc_info+0x40/0x58 [ 21.095119] __kasan_kmalloc+0xd4/0xd8 [ 21.095168] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.095211] kasan_atomics+0xb8/0x2e0 [ 21.095297] kunit_try_run_case+0x170/0x3f0 [ 21.095342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.095401] kthread+0x328/0x630 [ 21.095442] ret_from_fork+0x10/0x20 [ 21.095480] [ 21.095522] The buggy address belongs to the object at fff00000c77daf80 [ 21.095522] which belongs to the cache kmalloc-64 of size 64 [ 21.095584] The buggy address is located 0 bytes to the right of [ 21.095584] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.095667] [ 21.095692] The buggy address belongs to the physical page: [ 21.095746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.095812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.095879] page_type: f5(slab) [ 21.095938] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.095997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.096039] page dumped because: kasan: bad access detected [ 21.096075] [ 21.096095] Memory state around the buggy address: [ 21.096130] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.096177] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.096231] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.096287] ^ [ 21.096323] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.096364] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.096413] ================================================================== [ 21.040019] ================================================================== [ 21.040088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 21.040150] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.040204] [ 21.040238] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.040320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.040348] Hardware name: linux,dummy-virt (DT) [ 21.040392] Call trace: [ 21.040416] show_stack+0x20/0x38 (C) [ 21.040467] dump_stack_lvl+0x8c/0xd0 [ 21.040513] print_report+0x118/0x608 [ 21.040568] kasan_report+0xdc/0x128 [ 21.040615] kasan_check_range+0x100/0x1a8 [ 21.040673] __kasan_check_write+0x20/0x30 [ 21.040721] kasan_atomics_helper+0x1414/0x4858 [ 21.040777] kasan_atomics+0x198/0x2e0 [ 21.040826] kunit_try_run_case+0x170/0x3f0 [ 21.040905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040974] kthread+0x328/0x630 [ 21.041018] ret_from_fork+0x10/0x20 [ 21.041066] [ 21.041086] Allocated by task 265: [ 21.041117] kasan_save_stack+0x3c/0x68 [ 21.041166] kasan_save_track+0x20/0x40 [ 21.041220] kasan_save_alloc_info+0x40/0x58 [ 21.041272] __kasan_kmalloc+0xd4/0xd8 [ 21.041311] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.041352] kasan_atomics+0xb8/0x2e0 [ 21.041396] kunit_try_run_case+0x170/0x3f0 [ 21.041446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.041491] kthread+0x328/0x630 [ 21.041524] ret_from_fork+0x10/0x20 [ 21.041562] [ 21.041588] The buggy address belongs to the object at fff00000c77daf80 [ 21.041588] which belongs to the cache kmalloc-64 of size 64 [ 21.041649] The buggy address is located 0 bytes to the right of [ 21.041649] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.041713] [ 21.041735] The buggy address belongs to the physical page: [ 21.041776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.041837] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.041925] page_type: f5(slab) [ 21.042389] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.042459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.043047] page dumped because: kasan: bad access detected [ 21.043143] [ 21.043187] Memory state around the buggy address: [ 21.043260] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.043332] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.043407] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.043729] ^ [ 21.043773] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.043922] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.043964] ================================================================== [ 20.772892] ================================================================== [ 20.772944] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 20.772995] Read of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.773047] [ 20.773380] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.773550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.773585] Hardware name: linux,dummy-virt (DT) [ 20.773619] Call trace: [ 20.773683] show_stack+0x20/0x38 (C) [ 20.773912] dump_stack_lvl+0x8c/0xd0 [ 20.774127] print_report+0x118/0x608 [ 20.774192] kasan_report+0xdc/0x128 [ 20.774242] __asan_report_load4_noabort+0x20/0x30 [ 20.774531] kasan_atomics_helper+0x42d8/0x4858 [ 20.774660] kasan_atomics+0x198/0x2e0 [ 20.774723] kunit_try_run_case+0x170/0x3f0 [ 20.774823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.774956] kthread+0x328/0x630 [ 20.775014] ret_from_fork+0x10/0x20 [ 20.775445] [ 20.776111] __kasan_kmalloc+0xd4/0xd8 [ 20.776163] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.776251] kasan_atomics+0xb8/0x2e0 [ 20.776466] kunit_try_run_case+0x170/0x3f0 [ 20.776783] kthread+0x328/0x630 [ 20.777217] The buggy address is located 0 bytes to the right of [ 20.777217] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.778852] [ 20.779192] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.780998] ================================================================== [ 20.895991] ================================================================== [ 20.896155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 20.896219] Read of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.896271] [ 20.896304] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.896385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.896436] Hardware name: linux,dummy-virt (DT) [ 20.896471] Call trace: [ 20.896495] show_stack+0x20/0x38 (C) [ 20.896545] dump_stack_lvl+0x8c/0xd0 [ 20.896596] print_report+0x118/0x608 [ 20.896644] kasan_report+0xdc/0x128 [ 20.896692] __asan_report_load8_noabort+0x20/0x30 [ 20.896741] kasan_atomics_helper+0x3f58/0x4858 [ 20.896790] kasan_atomics+0x198/0x2e0 [ 20.896837] kunit_try_run_case+0x170/0x3f0 [ 20.896902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.896962] kthread+0x328/0x630 [ 20.897007] ret_from_fork+0x10/0x20 [ 20.897055] [ 20.897075] Allocated by task 265: [ 20.897106] kasan_save_stack+0x3c/0x68 [ 20.897150] kasan_save_track+0x20/0x40 [ 20.897191] kasan_save_alloc_info+0x40/0x58 [ 20.897234] __kasan_kmalloc+0xd4/0xd8 [ 20.897273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.897316] kasan_atomics+0xb8/0x2e0 [ 20.897354] kunit_try_run_case+0x170/0x3f0 [ 20.897394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.897440] kthread+0x328/0x630 [ 20.897496] ret_from_fork+0x10/0x20 [ 20.897541] [ 20.897567] The buggy address belongs to the object at fff00000c77daf80 [ 20.897567] which belongs to the cache kmalloc-64 of size 64 [ 20.897627] The buggy address is located 0 bytes to the right of [ 20.897627] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.897703] [ 20.897733] The buggy address belongs to the physical page: [ 20.897766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.897824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.898269] page_type: f5(slab) [ 20.898318] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.898714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.898803] page dumped because: kasan: bad access detected [ 20.898858] [ 20.898888] Memory state around the buggy address: [ 20.898923] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.898967] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.899012] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.899053] ^ [ 20.899335] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.899696] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.899984] ================================================================== [ 20.909718] ================================================================== [ 20.909879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 20.909937] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.910004] [ 20.910205] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.910300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.910336] Hardware name: linux,dummy-virt (DT) [ 20.910641] Call trace: [ 20.910819] show_stack+0x20/0x38 (C) [ 20.910969] dump_stack_lvl+0x8c/0xd0 [ 20.911121] print_report+0x118/0x608 [ 20.911182] kasan_report+0xdc/0x128 [ 20.911229] __asan_report_store8_noabort+0x20/0x30 [ 20.911286] kasan_atomics_helper+0x3e5c/0x4858 [ 20.911670] kasan_atomics+0x198/0x2e0 [ 20.911748] kunit_try_run_case+0x170/0x3f0 [ 20.911961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.912170] kthread+0x328/0x630 [ 20.912328] ret_from_fork+0x10/0x20 [ 20.912448] [ 20.912507] Allocated by task 265: [ 20.912879] kasan_save_stack+0x3c/0x68 [ 20.913201] kasan_save_track+0x20/0x40 [ 20.913285] kasan_save_alloc_info+0x40/0x58 [ 20.913623] __kasan_kmalloc+0xd4/0xd8 [ 20.913698] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.914052] kasan_atomics+0xb8/0x2e0 [ 20.914455] kunit_try_run_case+0x170/0x3f0 [ 20.914553] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.914847] kthread+0x328/0x630 [ 20.915046] ret_from_fork+0x10/0x20 [ 20.915098] [ 20.915121] The buggy address belongs to the object at fff00000c77daf80 [ 20.915121] which belongs to the cache kmalloc-64 of size 64 [ 20.915180] The buggy address is located 0 bytes to the right of [ 20.915180] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.915536] [ 20.915992] The buggy address belongs to the physical page: [ 20.916041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.916483] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.916590] page_type: f5(slab) [ 20.916665] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.916944] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.917109] page dumped because: kasan: bad access detected [ 20.917370] [ 20.917412] Memory state around the buggy address: [ 20.917549] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.917613] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.917671] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.917709] ^ [ 20.917755] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.917799] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.917848] ================================================================== [ 20.789097] ================================================================== [ 20.789192] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 20.789324] Write of size 4 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.789410] [ 20.789508] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.789597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.789626] Hardware name: linux,dummy-virt (DT) [ 20.789675] Call trace: [ 20.789702] show_stack+0x20/0x38 (C) [ 20.790026] dump_stack_lvl+0x8c/0xd0 [ 20.790109] print_report+0x118/0x608 [ 20.790286] kasan_report+0xdc/0x128 [ 20.790500] kasan_check_range+0x100/0x1a8 [ 20.790562] __kasan_check_write+0x20/0x30 [ 20.790608] kasan_atomics_helper+0x99c/0x4858 [ 20.790774] kasan_atomics+0x198/0x2e0 [ 20.790961] kunit_try_run_case+0x170/0x3f0 [ 20.791031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.791105] kthread+0x328/0x630 [ 20.791149] ret_from_fork+0x10/0x20 [ 20.791198] [ 20.791597] Allocated by task 265: [ 20.791692] kasan_save_stack+0x3c/0x68 [ 20.791757] kasan_save_track+0x20/0x40 [ 20.791846] kasan_save_alloc_info+0x40/0x58 [ 20.791912] __kasan_kmalloc+0xd4/0xd8 [ 20.791955] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.791995] kasan_atomics+0xb8/0x2e0 [ 20.792043] kunit_try_run_case+0x170/0x3f0 [ 20.792093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.792140] kthread+0x328/0x630 [ 20.792185] ret_from_fork+0x10/0x20 [ 20.792223] [ 20.792245] The buggy address belongs to the object at fff00000c77daf80 [ 20.792245] which belongs to the cache kmalloc-64 of size 64 [ 20.792314] The buggy address is located 0 bytes to the right of [ 20.792314] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.792378] [ 20.792399] The buggy address belongs to the physical page: [ 20.792433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.792489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.792538] page_type: f5(slab) [ 20.792577] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.792629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.792687] page dumped because: kasan: bad access detected [ 20.792721] [ 20.792747] Memory state around the buggy address: [ 20.792780] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.792832] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.792895] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.792946] ^ [ 20.792982] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.793035] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.793074] ================================================================== [ 20.990395] ================================================================== [ 20.990456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 20.990505] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.990730] [ 20.990875] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.991447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.991606] Hardware name: linux,dummy-virt (DT) [ 20.991645] Call trace: [ 20.991670] show_stack+0x20/0x38 (C) [ 20.992297] dump_stack_lvl+0x8c/0xd0 [ 20.992512] print_report+0x118/0x608 [ 20.992850] kasan_report+0xdc/0x128 [ 20.993109] kasan_check_range+0x100/0x1a8 [ 20.993188] __kasan_check_write+0x20/0x30 [ 20.993322] kasan_atomics_helper+0x11f8/0x4858 [ 20.993442] kasan_atomics+0x198/0x2e0 [ 20.993510] kunit_try_run_case+0x170/0x3f0 [ 20.993785] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.994157] kthread+0x328/0x630 [ 20.994385] ret_from_fork+0x10/0x20 [ 20.994490] [ 20.994544] Allocated by task 265: [ 20.994713] kasan_save_stack+0x3c/0x68 [ 20.994837] kasan_save_track+0x20/0x40 [ 20.995231] kasan_save_alloc_info+0x40/0x58 [ 20.995511] __kasan_kmalloc+0xd4/0xd8 [ 20.995682] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.995842] kasan_atomics+0xb8/0x2e0 [ 20.995991] kunit_try_run_case+0x170/0x3f0 [ 20.996035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.996100] kthread+0x328/0x630 [ 20.996438] ret_from_fork+0x10/0x20 [ 20.996772] [ 20.996844] The buggy address belongs to the object at fff00000c77daf80 [ 20.996844] which belongs to the cache kmalloc-64 of size 64 [ 20.997314] The buggy address is located 0 bytes to the right of [ 20.997314] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.997794] [ 20.997827] The buggy address belongs to the physical page: [ 20.997926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.998333] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.998798] page_type: f5(slab) [ 20.998856] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.999217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.999502] page dumped because: kasan: bad access detected [ 20.999810] [ 20.999887] Memory state around the buggy address: [ 21.000093] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.000440] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.000499] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.000971] ^ [ 21.001337] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.001421] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.001819] ================================================================== [ 21.054636] ================================================================== [ 21.054854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 21.055023] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.055086] [ 21.055140] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.055393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.055589] Hardware name: linux,dummy-virt (DT) [ 21.055643] Call trace: [ 21.055843] show_stack+0x20/0x38 (C) [ 21.056319] dump_stack_lvl+0x8c/0xd0 [ 21.056423] print_report+0x118/0x608 [ 21.056615] kasan_report+0xdc/0x128 [ 21.056694] kasan_check_range+0x100/0x1a8 [ 21.057107] __kasan_check_write+0x20/0x30 [ 21.057320] kasan_atomics_helper+0x14e4/0x4858 [ 21.057440] kasan_atomics+0x198/0x2e0 [ 21.057856] kunit_try_run_case+0x170/0x3f0 [ 21.057955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.058272] kthread+0x328/0x630 [ 21.058428] ret_from_fork+0x10/0x20 [ 21.058645] [ 21.058935] Allocated by task 265: [ 21.059232] kasan_save_stack+0x3c/0x68 [ 21.059448] kasan_save_track+0x20/0x40 [ 21.059654] kasan_save_alloc_info+0x40/0x58 [ 21.059733] __kasan_kmalloc+0xd4/0xd8 [ 21.059896] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.060009] kasan_atomics+0xb8/0x2e0 [ 21.060193] kunit_try_run_case+0x170/0x3f0 [ 21.060281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.060525] kthread+0x328/0x630 [ 21.060956] ret_from_fork+0x10/0x20 [ 21.061039] [ 21.061189] The buggy address belongs to the object at fff00000c77daf80 [ 21.061189] which belongs to the cache kmalloc-64 of size 64 [ 21.061292] The buggy address is located 0 bytes to the right of [ 21.061292] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.061510] [ 21.061559] The buggy address belongs to the physical page: [ 21.061648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.061876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.062104] page_type: f5(slab) [ 21.062173] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.062465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.062595] page dumped because: kasan: bad access detected [ 21.062741] [ 21.063236] Memory state around the buggy address: [ 21.063296] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.063494] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.063755] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.063929] ^ [ 21.064208] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.064393] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.064448] ================================================================== [ 21.002848] ================================================================== [ 21.003123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 21.003175] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.003472] [ 21.003651] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.004176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.004269] Hardware name: linux,dummy-virt (DT) [ 21.004318] Call trace: [ 21.004498] show_stack+0x20/0x38 (C) [ 21.004572] dump_stack_lvl+0x8c/0xd0 [ 21.004688] print_report+0x118/0x608 [ 21.005040] kasan_report+0xdc/0x128 [ 21.005287] kasan_check_range+0x100/0x1a8 [ 21.005390] __kasan_check_write+0x20/0x30 [ 21.005452] kasan_atomics_helper+0x126c/0x4858 [ 21.005501] kasan_atomics+0x198/0x2e0 [ 21.005553] kunit_try_run_case+0x170/0x3f0 [ 21.005605] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.005672] kthread+0x328/0x630 [ 21.005719] ret_from_fork+0x10/0x20 [ 21.005790] [ 21.005819] Allocated by task 265: [ 21.005872] kasan_save_stack+0x3c/0x68 [ 21.005926] kasan_save_track+0x20/0x40 [ 21.005967] kasan_save_alloc_info+0x40/0x58 [ 21.006010] __kasan_kmalloc+0xd4/0xd8 [ 21.006048] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.006090] kasan_atomics+0xb8/0x2e0 [ 21.006127] kunit_try_run_case+0x170/0x3f0 [ 21.006174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.006225] kthread+0x328/0x630 [ 21.006267] ret_from_fork+0x10/0x20 [ 21.006317] [ 21.006348] The buggy address belongs to the object at fff00000c77daf80 [ 21.006348] which belongs to the cache kmalloc-64 of size 64 [ 21.006410] The buggy address is located 0 bytes to the right of [ 21.006410] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.006476] [ 21.006497] The buggy address belongs to the physical page: [ 21.006545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.006617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.006668] page_type: f5(slab) [ 21.006706] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.007090] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.007521] page dumped because: kasan: bad access detected [ 21.007581] [ 21.007603] Memory state around the buggy address: [ 21.007639] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.007738] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.008067] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.008131] ^ [ 21.008618] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.009190] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.009509] ================================================================== [ 21.010057] ================================================================== [ 21.010371] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 21.010435] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 21.010487] [ 21.010716] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 21.010905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.011249] Hardware name: linux,dummy-virt (DT) [ 21.011307] Call trace: [ 21.011434] show_stack+0x20/0x38 (C) [ 21.011650] dump_stack_lvl+0x8c/0xd0 [ 21.011746] print_report+0x118/0x608 [ 21.011967] kasan_report+0xdc/0x128 [ 21.012217] kasan_check_range+0x100/0x1a8 [ 21.012435] __kasan_check_write+0x20/0x30 [ 21.012533] kasan_atomics_helper+0x12d8/0x4858 [ 21.012935] kasan_atomics+0x198/0x2e0 [ 21.013028] kunit_try_run_case+0x170/0x3f0 [ 21.013225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.013303] kthread+0x328/0x630 [ 21.013379] ret_from_fork+0x10/0x20 [ 21.013880] [ 21.014084] Allocated by task 265: [ 21.014241] kasan_save_stack+0x3c/0x68 [ 21.014448] kasan_save_track+0x20/0x40 [ 21.014532] kasan_save_alloc_info+0x40/0x58 [ 21.014576] __kasan_kmalloc+0xd4/0xd8 [ 21.014639] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.014792] kasan_atomics+0xb8/0x2e0 [ 21.015128] kunit_try_run_case+0x170/0x3f0 [ 21.015232] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.015457] kthread+0x328/0x630 [ 21.015710] ret_from_fork+0x10/0x20 [ 21.015848] [ 21.015895] The buggy address belongs to the object at fff00000c77daf80 [ 21.015895] which belongs to the cache kmalloc-64 of size 64 [ 21.015958] The buggy address is located 0 bytes to the right of [ 21.015958] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 21.016023] [ 21.016470] The buggy address belongs to the physical page: [ 21.016713] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 21.016982] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.017042] page_type: f5(slab) [ 21.017264] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 21.017664] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.017732] page dumped because: kasan: bad access detected [ 21.017853] [ 21.018138] Memory state around the buggy address: [ 21.018359] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.018684] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.019041] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.019120] ^ [ 21.019493] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.019545] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.019585] ================================================================== [ 20.983697] ================================================================== [ 20.983752] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 20.983805] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.984230] [ 20.984311] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.984473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.984503] Hardware name: linux,dummy-virt (DT) [ 20.984535] Call trace: [ 20.984561] show_stack+0x20/0x38 (C) [ 20.984634] dump_stack_lvl+0x8c/0xd0 [ 20.984686] print_report+0x118/0x608 [ 20.984733] kasan_report+0xdc/0x128 [ 20.984780] kasan_check_range+0x100/0x1a8 [ 20.984828] __kasan_check_write+0x20/0x30 [ 20.984937] kasan_atomics_helper+0x1190/0x4858 [ 20.984988] kasan_atomics+0x198/0x2e0 [ 20.985033] kunit_try_run_case+0x170/0x3f0 [ 20.985082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.985138] kthread+0x328/0x630 [ 20.985181] ret_from_fork+0x10/0x20 [ 20.985231] [ 20.985251] Allocated by task 265: [ 20.985290] kasan_save_stack+0x3c/0x68 [ 20.985340] kasan_save_track+0x20/0x40 [ 20.985379] kasan_save_alloc_info+0x40/0x58 [ 20.985428] __kasan_kmalloc+0xd4/0xd8 [ 20.985468] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.985508] kasan_atomics+0xb8/0x2e0 [ 20.985546] kunit_try_run_case+0x170/0x3f0 [ 20.985594] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.985641] kthread+0x328/0x630 [ 20.985674] ret_from_fork+0x10/0x20 [ 20.985710] [ 20.985731] The buggy address belongs to the object at fff00000c77daf80 [ 20.985731] which belongs to the cache kmalloc-64 of size 64 [ 20.985790] The buggy address is located 0 bytes to the right of [ 20.985790] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.985854] [ 20.985886] The buggy address belongs to the physical page: [ 20.986048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.986562] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.987001] page_type: f5(slab) [ 20.987114] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.987229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.987514] page dumped because: kasan: bad access detected [ 20.987638] [ 20.987730] Memory state around the buggy address: [ 20.988217] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.988342] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.988422] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.988877] ^ [ 20.988935] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.989009] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.989284] ================================================================== [ 20.973658] ================================================================== [ 20.973713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 20.973766] Write of size 8 at addr fff00000c77dafb0 by task kunit_try_catch/265 [ 20.975242] [ 20.975300] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.975385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.975414] Hardware name: linux,dummy-virt (DT) [ 20.975454] Call trace: [ 20.975477] show_stack+0x20/0x38 (C) [ 20.975532] dump_stack_lvl+0x8c/0xd0 [ 20.975581] print_report+0x118/0x608 [ 20.975629] kasan_report+0xdc/0x128 [ 20.975674] kasan_check_range+0x100/0x1a8 [ 20.975723] __kasan_check_write+0x20/0x30 [ 20.975768] kasan_atomics_helper+0x1128/0x4858 [ 20.975817] kasan_atomics+0x198/0x2e0 [ 20.975880] kunit_try_run_case+0x170/0x3f0 [ 20.975952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.976065] kthread+0x328/0x630 [ 20.976245] ret_from_fork+0x10/0x20 [ 20.976570] [ 20.976632] Allocated by task 265: [ 20.976685] kasan_save_stack+0x3c/0x68 [ 20.976757] kasan_save_track+0x20/0x40 [ 20.977158] kasan_save_alloc_info+0x40/0x58 [ 20.977337] __kasan_kmalloc+0xd4/0xd8 [ 20.977397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.977448] kasan_atomics+0xb8/0x2e0 [ 20.977676] kunit_try_run_case+0x170/0x3f0 [ 20.978166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.978371] kthread+0x328/0x630 [ 20.978539] ret_from_fork+0x10/0x20 [ 20.978782] [ 20.978840] The buggy address belongs to the object at fff00000c77daf80 [ 20.978840] which belongs to the cache kmalloc-64 of size 64 [ 20.978958] The buggy address is located 0 bytes to the right of [ 20.978958] allocated 48-byte region [fff00000c77daf80, fff00000c77dafb0) [ 20.979119] [ 20.979177] The buggy address belongs to the physical page: [ 20.979452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077da [ 20.980102] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.980202] page_type: f5(slab) [ 20.980281] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 20.980651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.980843] page dumped because: kasan: bad access detected [ 20.981066] [ 20.981308] Memory state around the buggy address: [ 20.981388] fff00000c77dae80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.981857] fff00000c77daf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.981929] >fff00000c77daf80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.981970] ^ [ 20.982006] fff00000c77db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.982052] fff00000c77db080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.982179] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.471746] ================================================================== [ 20.471934] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.472029] Write of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.472119] [ 20.472169] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.472296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.472323] Hardware name: linux,dummy-virt (DT) [ 20.472371] Call trace: [ 20.472566] show_stack+0x20/0x38 (C) [ 20.472673] dump_stack_lvl+0x8c/0xd0 [ 20.472726] print_report+0x118/0x608 [ 20.472773] kasan_report+0xdc/0x128 [ 20.472902] kasan_check_range+0x100/0x1a8 [ 20.472988] __kasan_check_write+0x20/0x30 [ 20.473038] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.473353] kasan_bitops_generic+0x110/0x1c8 [ 20.473429] kunit_try_run_case+0x170/0x3f0 [ 20.473481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.473627] kthread+0x328/0x630 [ 20.473691] ret_from_fork+0x10/0x20 [ 20.473903] [ 20.474010] Allocated by task 261: [ 20.474060] kasan_save_stack+0x3c/0x68 [ 20.474206] kasan_save_track+0x20/0x40 [ 20.474272] kasan_save_alloc_info+0x40/0x58 [ 20.474376] __kasan_kmalloc+0xd4/0xd8 [ 20.474419] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.474479] kasan_bitops_generic+0xa0/0x1c8 [ 20.474525] kunit_try_run_case+0x170/0x3f0 [ 20.474711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.474959] kthread+0x328/0x630 [ 20.475038] ret_from_fork+0x10/0x20 [ 20.475141] [ 20.475225] The buggy address belongs to the object at fff00000c604ecc0 [ 20.475225] which belongs to the cache kmalloc-16 of size 16 [ 20.475286] The buggy address is located 8 bytes inside of [ 20.475286] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.475372] [ 20.475641] The buggy address belongs to the physical page: [ 20.475757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.475854] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.475959] page_type: f5(slab) [ 20.476023] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.476302] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.476454] page dumped because: kasan: bad access detected [ 20.476541] [ 20.476823] Memory state around the buggy address: [ 20.476944] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.476994] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.477064] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.477218] ^ [ 20.477263] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.477388] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.477477] ================================================================== [ 20.478162] ================================================================== [ 20.478216] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.478269] Read of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.478329] [ 20.478364] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.478444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.478471] Hardware name: linux,dummy-virt (DT) [ 20.478675] Call trace: [ 20.478718] show_stack+0x20/0x38 (C) [ 20.478900] dump_stack_lvl+0x8c/0xd0 [ 20.479027] print_report+0x118/0x608 [ 20.479098] kasan_report+0xdc/0x128 [ 20.479189] __asan_report_load8_noabort+0x20/0x30 [ 20.479247] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.479584] [ 20.479802] __kasan_kmalloc+0xd4/0xd8 [ 20.481137] The buggy address is located 8 bytes inside of [ 20.481137] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.482536] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.483198] ================================================================== [ 20.458025] ================================================================== [ 20.458088] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.458151] Write of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.458202] [ 20.458237] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.458321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.458513] Hardware name: linux,dummy-virt (DT) [ 20.458565] Call trace: [ 20.458948] show_stack+0x20/0x38 (C) [ 20.459262] dump_stack_lvl+0x8c/0xd0 [ 20.459318] print_report+0x118/0x608 [ 20.459367] kasan_report+0xdc/0x128 [ 20.459413] kasan_check_range+0x100/0x1a8 [ 20.459469] __kasan_check_write+0x20/0x30 [ 20.459517] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.459572] kasan_bitops_generic+0x110/0x1c8 [ 20.459621] kunit_try_run_case+0x170/0x3f0 [ 20.459672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.459726] kthread+0x328/0x630 [ 20.460509] ret_from_fork+0x10/0x20 [ 20.460575] [ 20.460596] Allocated by task 261: [ 20.460641] kasan_save_stack+0x3c/0x68 [ 20.460686] kasan_save_track+0x20/0x40 [ 20.460725] kasan_save_alloc_info+0x40/0x58 [ 20.460768] __kasan_kmalloc+0xd4/0xd8 [ 20.460806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.460856] kasan_bitops_generic+0xa0/0x1c8 [ 20.461153] kunit_try_run_case+0x170/0x3f0 [ 20.461290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.461525] kthread+0x328/0x630 [ 20.461597] ret_from_fork+0x10/0x20 [ 20.461673] [ 20.462112] The buggy address belongs to the object at fff00000c604ecc0 [ 20.462112] which belongs to the cache kmalloc-16 of size 16 [ 20.462196] The buggy address is located 8 bytes inside of [ 20.462196] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.462354] [ 20.462398] The buggy address belongs to the physical page: [ 20.462448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.462628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.462707] page_type: f5(slab) [ 20.462753] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.462977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.463075] page dumped because: kasan: bad access detected [ 20.463175] [ 20.463208] Memory state around the buggy address: [ 20.463407] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.463461] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.463506] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.463964] ^ [ 20.464059] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.464208] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.464355] ================================================================== [ 20.465741] ================================================================== [ 20.465926] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.465991] Read of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.466245] [ 20.466291] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.466404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.466434] Hardware name: linux,dummy-virt (DT) [ 20.466468] Call trace: [ 20.466539] show_stack+0x20/0x38 (C) [ 20.466593] dump_stack_lvl+0x8c/0xd0 [ 20.466665] print_report+0x118/0x608 [ 20.467099] kasan_report+0xdc/0x128 [ 20.467173] __asan_report_load8_noabort+0x20/0x30 [ 20.467530] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.467618] kasan_bitops_generic+0x110/0x1c8 [ 20.467782] kunit_try_run_case+0x170/0x3f0 [ 20.467901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.467986] kthread+0x328/0x630 [ 20.468113] ret_from_fork+0x10/0x20 [ 20.468221] [ 20.468306] Allocated by task 261: [ 20.468364] kasan_save_stack+0x3c/0x68 [ 20.468484] kasan_save_track+0x20/0x40 [ 20.468562] kasan_save_alloc_info+0x40/0x58 [ 20.468602] __kasan_kmalloc+0xd4/0xd8 [ 20.468810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.468970] kasan_bitops_generic+0xa0/0x1c8 [ 20.469085] kunit_try_run_case+0x170/0x3f0 [ 20.469203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.469261] kthread+0x328/0x630 [ 20.469471] ret_from_fork+0x10/0x20 [ 20.469612] [ 20.469685] The buggy address belongs to the object at fff00000c604ecc0 [ 20.469685] which belongs to the cache kmalloc-16 of size 16 [ 20.469889] The buggy address is located 8 bytes inside of [ 20.469889] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.469967] [ 20.469995] The buggy address belongs to the physical page: [ 20.470047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.470103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.470151] page_type: f5(slab) [ 20.470189] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.470241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.470283] page dumped because: kasan: bad access detected [ 20.470317] [ 20.470344] Memory state around the buggy address: [ 20.470377] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.470422] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.470478] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.470528] ^ [ 20.470571] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.470645] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.470686] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.428606] ================================================================== [ 20.428678] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 20.428732] Read of size 1 at addr fff00000c77d8490 by task kunit_try_catch/259 [ 20.429465] [ 20.429998] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.430414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.430445] Hardware name: linux,dummy-virt (DT) [ 20.430478] Call trace: [ 20.430505] show_stack+0x20/0x38 (C) [ 20.431041] dump_stack_lvl+0x8c/0xd0 [ 20.431381] print_report+0x118/0x608 [ 20.431830] kasan_report+0xdc/0x128 [ 20.431902] __asan_report_load1_noabort+0x20/0x30 [ 20.431956] strnlen+0x80/0x88 [ 20.431998] kasan_strings+0x478/0xb00 [ 20.432043] kunit_try_run_case+0x170/0x3f0 [ 20.433233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.433745] kthread+0x328/0x630 [ 20.434642] ret_from_fork+0x10/0x20 [ 20.434735] [ 20.435204] Allocated by task 259: [ 20.435582] kasan_save_stack+0x3c/0x68 [ 20.435938] kasan_save_track+0x20/0x40 [ 20.436132] kasan_save_alloc_info+0x40/0x58 [ 20.436777] __kasan_kmalloc+0xd4/0xd8 [ 20.436891] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.437369] kasan_strings+0xc8/0xb00 [ 20.437411] kunit_try_run_case+0x170/0x3f0 [ 20.438086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.438248] kthread+0x328/0x630 [ 20.438283] ret_from_fork+0x10/0x20 [ 20.438323] [ 20.438344] Freed by task 259: [ 20.438373] kasan_save_stack+0x3c/0x68 [ 20.438415] kasan_save_track+0x20/0x40 [ 20.438454] kasan_save_free_info+0x4c/0x78 [ 20.439508] __kasan_slab_free+0x6c/0x98 [ 20.439977] kfree+0x214/0x3c8 [ 20.440360] kasan_strings+0x24c/0xb00 [ 20.440403] kunit_try_run_case+0x170/0x3f0 [ 20.440708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.440956] kthread+0x328/0x630 [ 20.441087] ret_from_fork+0x10/0x20 [ 20.441128] [ 20.441734] The buggy address belongs to the object at fff00000c77d8480 [ 20.441734] which belongs to the cache kmalloc-32 of size 32 [ 20.442201] The buggy address is located 16 bytes inside of [ 20.442201] freed 32-byte region [fff00000c77d8480, fff00000c77d84a0) [ 20.442298] [ 20.442322] The buggy address belongs to the physical page: [ 20.442356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 20.443283] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.443528] page_type: f5(slab) [ 20.444048] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.444411] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.444577] page dumped because: kasan: bad access detected [ 20.444837] [ 20.444962] Memory state around the buggy address: [ 20.445002] fff00000c77d8380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.445050] fff00000c77d8400: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.445094] >fff00000c77d8480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.445134] ^ [ 20.445165] fff00000c77d8500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.445209] fff00000c77d8580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.445248] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.309409] ================================================================== [ 20.309488] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 20.309545] Read of size 1 at addr ffff800080a97b5f by task kunit_try_catch/251 [ 20.309595] [ 20.309649] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.309733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.309768] Hardware name: linux,dummy-virt (DT) [ 20.309800] Call trace: [ 20.309824] show_stack+0x20/0x38 (C) [ 20.310201] dump_stack_lvl+0x8c/0xd0 [ 20.310300] print_report+0x310/0x608 [ 20.310511] kasan_report+0xdc/0x128 [ 20.310576] __asan_report_load1_noabort+0x20/0x30 [ 20.310839] kasan_alloca_oob_left+0x2b8/0x310 [ 20.310983] kunit_try_run_case+0x170/0x3f0 [ 20.311082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.311250] kthread+0x328/0x630 [ 20.311373] ret_from_fork+0x10/0x20 [ 20.311577] [ 20.311740] The buggy address belongs to stack of task kunit_try_catch/251 [ 20.311915] [ 20.311975] The buggy address belongs to the virtual mapping at [ 20.311975] [ffff800080a90000, ffff800080a99000) created by: [ 20.311975] kernel_clone+0x150/0x7a8 [ 20.312210] [ 20.312309] The buggy address belongs to the physical page: [ 20.312453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 20.312567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.312722] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.312794] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.313098] page dumped because: kasan: bad access detected [ 20.313202] [ 20.313273] Memory state around the buggy address: [ 20.313457] ffff800080a97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.313516] ffff800080a97a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.313749] >ffff800080a97b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 20.313915] ^ [ 20.313999] ffff800080a97b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 20.314163] ffff800080a97c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.314252] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.403748] ================================================================== [ 20.405183] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 20.405400] Read of size 1 at addr fff00000c77d8490 by task kunit_try_catch/259 [ 20.405453] [ 20.406147] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.406250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.406594] Hardware name: linux,dummy-virt (DT) [ 20.406928] Call trace: [ 20.407259] show_stack+0x20/0x38 (C) [ 20.407673] dump_stack_lvl+0x8c/0xd0 [ 20.408093] print_report+0x118/0x608 [ 20.408150] kasan_report+0xdc/0x128 [ 20.408198] __asan_report_load1_noabort+0x20/0x30 [ 20.408833] strlen+0xa8/0xb0 [ 20.409592] kasan_strings+0x418/0xb00 [ 20.409899] kunit_try_run_case+0x170/0x3f0 [ 20.410808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.411135] kthread+0x328/0x630 [ 20.411194] ret_from_fork+0x10/0x20 [ 20.411694] [ 20.411717] Allocated by task 259: [ 20.412097] kasan_save_stack+0x3c/0x68 [ 20.412633] kasan_save_track+0x20/0x40 [ 20.413014] kasan_save_alloc_info+0x40/0x58 [ 20.413392] __kasan_kmalloc+0xd4/0xd8 [ 20.413494] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.414401] kasan_strings+0xc8/0xb00 [ 20.414584] kunit_try_run_case+0x170/0x3f0 [ 20.414713] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.415239] kthread+0x328/0x630 [ 20.415482] ret_from_fork+0x10/0x20 [ 20.415553] [ 20.415576] Freed by task 259: [ 20.415889] kasan_save_stack+0x3c/0x68 [ 20.416369] kasan_save_track+0x20/0x40 [ 20.416535] kasan_save_free_info+0x4c/0x78 [ 20.416637] __kasan_slab_free+0x6c/0x98 [ 20.416676] kfree+0x214/0x3c8 [ 20.416884] kasan_strings+0x24c/0xb00 [ 20.417095] kunit_try_run_case+0x170/0x3f0 [ 20.417748] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.418194] kthread+0x328/0x630 [ 20.418321] ret_from_fork+0x10/0x20 [ 20.418359] [ 20.418653] The buggy address belongs to the object at fff00000c77d8480 [ 20.418653] which belongs to the cache kmalloc-32 of size 32 [ 20.419027] The buggy address is located 16 bytes inside of [ 20.419027] freed 32-byte region [fff00000c77d8480, fff00000c77d84a0) [ 20.419095] [ 20.419724] The buggy address belongs to the physical page: [ 20.419799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 20.420244] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.420772] page_type: f5(slab) [ 20.420822] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.420885] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.420927] page dumped because: kasan: bad access detected [ 20.420962] [ 20.420982] Memory state around the buggy address: [ 20.421016] fff00000c77d8380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.421061] fff00000c77d8400: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.422994] >fff00000c77d8480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.423044] ^ [ 20.423078] fff00000c77d8500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.423554] fff00000c77d8580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.423655] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.375107] ================================================================== [ 20.375166] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 20.375219] Read of size 1 at addr fff00000c77d8490 by task kunit_try_catch/259 [ 20.376072] [ 20.376148] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.377276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.377307] Hardware name: linux,dummy-virt (DT) [ 20.377758] Call trace: [ 20.377912] show_stack+0x20/0x38 (C) [ 20.378280] dump_stack_lvl+0x8c/0xd0 [ 20.378453] print_report+0x118/0x608 [ 20.379022] kasan_report+0xdc/0x128 [ 20.379783] __asan_report_load1_noabort+0x20/0x30 [ 20.380228] kasan_strings+0x95c/0xb00 [ 20.380279] kunit_try_run_case+0x170/0x3f0 [ 20.380330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.381023] kthread+0x328/0x630 [ 20.381557] ret_from_fork+0x10/0x20 [ 20.381852] [ 20.382122] Allocated by task 259: [ 20.382523] kasan_save_stack+0x3c/0x68 [ 20.382577] kasan_save_track+0x20/0x40 [ 20.382616] kasan_save_alloc_info+0x40/0x58 [ 20.383347] __kasan_kmalloc+0xd4/0xd8 [ 20.383769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.384206] kasan_strings+0xc8/0xb00 [ 20.384251] kunit_try_run_case+0x170/0x3f0 [ 20.384354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.384662] kthread+0x328/0x630 [ 20.385166] ret_from_fork+0x10/0x20 [ 20.385568] [ 20.385631] Freed by task 259: [ 20.385684] kasan_save_stack+0x3c/0x68 [ 20.386140] kasan_save_track+0x20/0x40 [ 20.386620] kasan_save_free_info+0x4c/0x78 [ 20.386715] __kasan_slab_free+0x6c/0x98 [ 20.386969] kfree+0x214/0x3c8 [ 20.387288] kasan_strings+0x24c/0xb00 [ 20.387532] kunit_try_run_case+0x170/0x3f0 [ 20.387579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.388042] kthread+0x328/0x630 [ 20.388392] ret_from_fork+0x10/0x20 [ 20.388680] [ 20.389030] The buggy address belongs to the object at fff00000c77d8480 [ 20.389030] which belongs to the cache kmalloc-32 of size 32 [ 20.389914] The buggy address is located 16 bytes inside of [ 20.389914] freed 32-byte region [fff00000c77d8480, fff00000c77d84a0) [ 20.390098] [ 20.390532] The buggy address belongs to the physical page: [ 20.390601] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 20.391301] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.391450] page_type: f5(slab) [ 20.391727] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.392350] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.392962] page dumped because: kasan: bad access detected [ 20.393068] [ 20.393411] Memory state around the buggy address: [ 20.393728] fff00000c77d8380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.394222] fff00000c77d8400: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.394794] >fff00000c77d8480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.395062] ^ [ 20.395101] fff00000c77d8500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.395573] fff00000c77d8580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.395621] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.358022] ================================================================== [ 20.358140] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 20.358275] Read of size 1 at addr fff00000c77d8490 by task kunit_try_catch/259 [ 20.358399] [ 20.358457] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.358605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.358654] Hardware name: linux,dummy-virt (DT) [ 20.358688] Call trace: [ 20.358727] show_stack+0x20/0x38 (C) [ 20.358787] dump_stack_lvl+0x8c/0xd0 [ 20.359191] print_report+0x118/0x608 [ 20.359341] kasan_report+0xdc/0x128 [ 20.359431] __asan_report_load1_noabort+0x20/0x30 [ 20.359499] strcmp+0xc0/0xc8 [ 20.359645] kasan_strings+0x340/0xb00 [ 20.359789] kunit_try_run_case+0x170/0x3f0 [ 20.361926] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.362084] kthread+0x328/0x630 [ 20.362169] ret_from_fork+0x10/0x20 [ 20.362298] [ 20.362369] Allocated by task 259: [ 20.362402] kasan_save_stack+0x3c/0x68 [ 20.362447] kasan_save_track+0x20/0x40 [ 20.362538] kasan_save_alloc_info+0x40/0x58 [ 20.362760] __kasan_kmalloc+0xd4/0xd8 [ 20.362917] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.363017] kasan_strings+0xc8/0xb00 [ 20.363093] kunit_try_run_case+0x170/0x3f0 [ 20.363167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.363220] kthread+0x328/0x630 [ 20.363377] ret_from_fork+0x10/0x20 [ 20.363430] [ 20.363450] Freed by task 259: [ 20.363480] kasan_save_stack+0x3c/0x68 [ 20.363539] kasan_save_track+0x20/0x40 [ 20.363587] kasan_save_free_info+0x4c/0x78 [ 20.364220] __kasan_slab_free+0x6c/0x98 [ 20.364547] kfree+0x214/0x3c8 [ 20.364806] kasan_strings+0x24c/0xb00 [ 20.365049] kunit_try_run_case+0x170/0x3f0 [ 20.365111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.365155] kthread+0x328/0x630 [ 20.365191] ret_from_fork+0x10/0x20 [ 20.365230] [ 20.366545] The buggy address belongs to the object at fff00000c77d8480 [ 20.366545] which belongs to the cache kmalloc-32 of size 32 [ 20.366935] The buggy address is located 16 bytes inside of [ 20.366935] freed 32-byte region [fff00000c77d8480, fff00000c77d84a0) [ 20.367850] [ 20.367917] The buggy address belongs to the physical page: [ 20.367950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 20.368302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.368360] page_type: f5(slab) [ 20.368401] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.368454] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.368785] page dumped because: kasan: bad access detected [ 20.369055] [ 20.369798] Memory state around the buggy address: [ 20.370360] fff00000c77d8380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.370443] fff00000c77d8400: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.370488] >fff00000c77d8480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.370961] ^ [ 20.371055] fff00000c77d8500: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.371170] fff00000c77d8580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.371466] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.340245] ================================================================== [ 20.340575] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 20.340660] Read of size 1 at addr fff00000c77d82d8 by task kunit_try_catch/257 [ 20.340771] [ 20.340814] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.340954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.340989] Hardware name: linux,dummy-virt (DT) [ 20.341049] Call trace: [ 20.341102] show_stack+0x20/0x38 (C) [ 20.341165] dump_stack_lvl+0x8c/0xd0 [ 20.341243] print_report+0x118/0x608 [ 20.341441] kasan_report+0xdc/0x128 [ 20.341529] __asan_report_load1_noabort+0x20/0x30 [ 20.341610] memcmp+0x198/0x1d8 [ 20.341663] kasan_memcmp+0x16c/0x300 [ 20.341712] kunit_try_run_case+0x170/0x3f0 [ 20.341786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.341842] kthread+0x328/0x630 [ 20.342085] ret_from_fork+0x10/0x20 [ 20.342142] [ 20.342230] Allocated by task 257: [ 20.342352] kasan_save_stack+0x3c/0x68 [ 20.342407] kasan_save_track+0x20/0x40 [ 20.342471] kasan_save_alloc_info+0x40/0x58 [ 20.342518] __kasan_kmalloc+0xd4/0xd8 [ 20.342585] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.342671] kasan_memcmp+0xbc/0x300 [ 20.342712] kunit_try_run_case+0x170/0x3f0 [ 20.342760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.343062] kthread+0x328/0x630 [ 20.343114] ret_from_fork+0x10/0x20 [ 20.343155] [ 20.343179] The buggy address belongs to the object at fff00000c77d82c0 [ 20.343179] which belongs to the cache kmalloc-32 of size 32 [ 20.343478] The buggy address is located 0 bytes to the right of [ 20.343478] allocated 24-byte region [fff00000c77d82c0, fff00000c77d82d8) [ 20.343604] [ 20.343670] The buggy address belongs to the physical page: [ 20.343725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077d8 [ 20.343800] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.343894] page_type: f5(slab) [ 20.344088] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.344209] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.344299] page dumped because: kasan: bad access detected [ 20.344388] [ 20.344461] Memory state around the buggy address: [ 20.344496] fff00000c77d8180: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.344686] fff00000c77d8200: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 20.344752] >fff00000c77d8280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.344793] ^ [ 20.344833] fff00000c77d8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.344933] fff00000c77d8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.344976] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.296083] ================================================================== [ 20.296412] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 20.296580] Read of size 1 at addr ffff800080a97c2a by task kunit_try_catch/249 [ 20.296634] [ 20.296685] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.296878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.297104] Hardware name: linux,dummy-virt (DT) [ 20.297387] Call trace: [ 20.297474] show_stack+0x20/0x38 (C) [ 20.297621] dump_stack_lvl+0x8c/0xd0 [ 20.297676] print_report+0x310/0x608 [ 20.297742] kasan_report+0xdc/0x128 [ 20.297894] __asan_report_load1_noabort+0x20/0x30 [ 20.297969] kasan_stack_oob+0x238/0x270 [ 20.298036] kunit_try_run_case+0x170/0x3f0 [ 20.298088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.298220] kthread+0x328/0x630 [ 20.298268] ret_from_fork+0x10/0x20 [ 20.298335] [ 20.298617] The buggy address belongs to stack of task kunit_try_catch/249 [ 20.298844] and is located at offset 138 in frame: [ 20.298958] kasan_stack_oob+0x0/0x270 [ 20.299609] [ 20.299763] This frame has 4 objects: [ 20.300130] [48, 49) '__assertion' [ 20.300287] [64, 72) 'array' [ 20.300379] [96, 112) '__assertion' [ 20.300447] [128, 138) 'stack_array' [ 20.300510] [ 20.300742] The buggy address belongs to the virtual mapping at [ 20.300742] [ffff800080a90000, ffff800080a99000) created by: [ 20.300742] kernel_clone+0x150/0x7a8 [ 20.300902] [ 20.300933] The buggy address belongs to the physical page: [ 20.301099] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 20.301181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.301262] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.301330] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.301373] page dumped because: kasan: bad access detected [ 20.301416] [ 20.301445] Memory state around the buggy address: [ 20.301480] ffff800080a97b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.301530] ffff800080a97b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 20.301574] >ffff800080a97c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 20.301611] ^ [ 20.301658] ffff800080a97c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 20.301702] ffff800080a97d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 20.301752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.273643] ================================================================== [ 20.273707] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 20.273922] Read of size 1 at addr ffff986348d4f5cd by task kunit_try_catch/245 [ 20.273997] [ 20.274041] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.274222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.274253] Hardware name: linux,dummy-virt (DT) [ 20.274466] Call trace: [ 20.274501] show_stack+0x20/0x38 (C) [ 20.274579] dump_stack_lvl+0x8c/0xd0 [ 20.274672] print_report+0x310/0x608 [ 20.274732] kasan_report+0xdc/0x128 [ 20.274778] __asan_report_load1_noabort+0x20/0x30 [ 20.274942] kasan_global_oob_right+0x230/0x270 [ 20.275067] kunit_try_run_case+0x170/0x3f0 [ 20.275117] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.275169] kthread+0x328/0x630 [ 20.275212] ret_from_fork+0x10/0x20 [ 20.275270] [ 20.275466] The buggy address belongs to the variable: [ 20.275644] global_array+0xd/0x40 [ 20.275888] [ 20.276084] The buggy address belongs to the virtual mapping at [ 20.276084] [ffff986346f00000, ffff986348e01000) created by: [ 20.276084] paging_init+0x66c/0x7d0 [ 20.276197] [ 20.276604] The buggy address belongs to the physical page: [ 20.276722] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 20.276978] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 20.277127] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 20.277253] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.277403] page dumped because: kasan: bad access detected [ 20.277451] [ 20.277468] Memory state around the buggy address: [ 20.277513] ffff986348d4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.277578] ffff986348d4f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.277631] >ffff986348d4f580: 02 f9 f9 f9 f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 [ 20.277678] ^ [ 20.277714] ffff986348d4f600: 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.277757] ffff986348d4f680: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.277804] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.261312] ================================================================== [ 20.261395] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.261461] Free of addr fff00000c7968001 by task kunit_try_catch/243 [ 20.261502] [ 20.261533] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.261851] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.261946] Hardware name: linux,dummy-virt (DT) [ 20.261982] Call trace: [ 20.262011] show_stack+0x20/0x38 (C) [ 20.262289] dump_stack_lvl+0x8c/0xd0 [ 20.262375] print_report+0x118/0x608 [ 20.262478] kasan_report_invalid_free+0xc0/0xe8 [ 20.262533] __kasan_mempool_poison_object+0xfc/0x150 [ 20.262629] mempool_free+0x28c/0x328 [ 20.262677] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.262728] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 20.263046] kunit_try_run_case+0x170/0x3f0 [ 20.263254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.263329] kthread+0x328/0x630 [ 20.263563] ret_from_fork+0x10/0x20 [ 20.263745] [ 20.263869] The buggy address belongs to the physical page: [ 20.263939] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 20.264079] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.264145] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.264339] page_type: f8(unknown) [ 20.264409] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.264521] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.264689] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.264801] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.264852] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff [ 20.264952] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.265143] page dumped because: kasan: bad access detected [ 20.265280] [ 20.265341] Memory state around the buggy address: [ 20.265474] fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.265540] fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.265583] >fff00000c7968000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.265628] ^ [ 20.265803] fff00000c7968080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.266039] fff00000c7968100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.266161] ================================================================== [ 20.248901] ================================================================== [ 20.249022] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.249096] Free of addr fff00000c6398801 by task kunit_try_catch/241 [ 20.249148] [ 20.249179] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.249272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.249299] Hardware name: linux,dummy-virt (DT) [ 20.249338] Call trace: [ 20.249359] show_stack+0x20/0x38 (C) [ 20.249409] dump_stack_lvl+0x8c/0xd0 [ 20.249455] print_report+0x118/0x608 [ 20.249502] kasan_report_invalid_free+0xc0/0xe8 [ 20.249560] check_slab_allocation+0xfc/0x108 [ 20.249607] __kasan_mempool_poison_object+0x78/0x150 [ 20.249658] mempool_free+0x28c/0x328 [ 20.249700] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 20.249753] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.249800] kunit_try_run_case+0x170/0x3f0 [ 20.249848] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.250254] kthread+0x328/0x630 [ 20.250331] ret_from_fork+0x10/0x20 [ 20.250463] [ 20.250492] Allocated by task 241: [ 20.250528] kasan_save_stack+0x3c/0x68 [ 20.250571] kasan_save_track+0x20/0x40 [ 20.250617] kasan_save_alloc_info+0x40/0x58 [ 20.250701] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.250782] remove_element+0x130/0x1f8 [ 20.250932] mempool_alloc_preallocated+0x58/0xc0 [ 20.250987] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 20.251030] mempool_kmalloc_invalid_free+0xc0/0x118 [ 20.251077] kunit_try_run_case+0x170/0x3f0 [ 20.251115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.251432] kthread+0x328/0x630 [ 20.251513] ret_from_fork+0x10/0x20 [ 20.251633] [ 20.251658] The buggy address belongs to the object at fff00000c6398800 [ 20.251658] which belongs to the cache kmalloc-128 of size 128 [ 20.251906] The buggy address is located 1 bytes inside of [ 20.251906] 128-byte region [fff00000c6398800, fff00000c6398880) [ 20.252116] [ 20.252147] The buggy address belongs to the physical page: [ 20.252205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 20.252339] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.252404] page_type: f5(slab) [ 20.252481] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.252582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.252623] page dumped because: kasan: bad access detected [ 20.252653] [ 20.252670] Memory state around the buggy address: [ 20.252884] fff00000c6398700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.253046] fff00000c6398780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.253131] >fff00000c6398800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.253278] ^ [ 20.253347] fff00000c6398880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.253510] fff00000c6398900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.253599] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.224258] ================================================================== [ 20.224379] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.224452] Free of addr fff00000c7964000 by task kunit_try_catch/237 [ 20.224495] [ 20.224725] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.224904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.224953] Hardware name: linux,dummy-virt (DT) [ 20.225003] Call trace: [ 20.225028] show_stack+0x20/0x38 (C) [ 20.225163] dump_stack_lvl+0x8c/0xd0 [ 20.225214] print_report+0x118/0x608 [ 20.225262] kasan_report_invalid_free+0xc0/0xe8 [ 20.225469] __kasan_mempool_poison_object+0x14c/0x150 [ 20.225616] mempool_free+0x28c/0x328 [ 20.225711] mempool_double_free_helper+0x150/0x2e8 [ 20.225765] mempool_kmalloc_large_double_free+0xc0/0x118 [ 20.225844] kunit_try_run_case+0x170/0x3f0 [ 20.225993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.226048] kthread+0x328/0x630 [ 20.226107] ret_from_fork+0x10/0x20 [ 20.226289] [ 20.226355] The buggy address belongs to the physical page: [ 20.226507] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107964 [ 20.226589] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.226731] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.226886] page_type: f8(unknown) [ 20.227042] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.227150] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.227374] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.227589] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.227751] head: 0bfffe0000000002 ffffc1ffc31e5901 00000000ffffffff 00000000ffffffff [ 20.227850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.228018] page dumped because: kasan: bad access detected [ 20.228097] [ 20.228138] Memory state around the buggy address: [ 20.228277] fff00000c7963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.228407] fff00000c7963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.228451] >fff00000c7964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.228676] ^ [ 20.228759] fff00000c7964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.228816] fff00000c7964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.229316] ================================================================== [ 20.211678] ================================================================== [ 20.211738] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.211794] Free of addr fff00000c6398400 by task kunit_try_catch/235 [ 20.211836] [ 20.211886] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.211967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.211994] Hardware name: linux,dummy-virt (DT) [ 20.212026] Call trace: [ 20.212048] show_stack+0x20/0x38 (C) [ 20.212097] dump_stack_lvl+0x8c/0xd0 [ 20.212479] print_report+0x118/0x608 [ 20.212545] kasan_report_invalid_free+0xc0/0xe8 [ 20.212606] check_slab_allocation+0xd4/0x108 [ 20.212665] __kasan_mempool_poison_object+0x78/0x150 [ 20.212767] mempool_free+0x28c/0x328 [ 20.212828] mempool_double_free_helper+0x150/0x2e8 [ 20.212889] mempool_kmalloc_double_free+0xc0/0x118 [ 20.212937] kunit_try_run_case+0x170/0x3f0 [ 20.212988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.213041] kthread+0x328/0x630 [ 20.213082] ret_from_fork+0x10/0x20 [ 20.213149] [ 20.213166] Allocated by task 235: [ 20.213195] kasan_save_stack+0x3c/0x68 [ 20.213237] kasan_save_track+0x20/0x40 [ 20.213274] kasan_save_alloc_info+0x40/0x58 [ 20.213329] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.213373] remove_element+0x130/0x1f8 [ 20.213406] mempool_alloc_preallocated+0x58/0xc0 [ 20.213455] mempool_double_free_helper+0x94/0x2e8 [ 20.213493] mempool_kmalloc_double_free+0xc0/0x118 [ 20.213543] kunit_try_run_case+0x170/0x3f0 [ 20.213596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.213639] kthread+0x328/0x630 [ 20.213671] ret_from_fork+0x10/0x20 [ 20.213707] [ 20.213736] Freed by task 235: [ 20.213771] kasan_save_stack+0x3c/0x68 [ 20.213808] kasan_save_track+0x20/0x40 [ 20.213845] kasan_save_free_info+0x4c/0x78 [ 20.213894] __kasan_mempool_poison_object+0xc0/0x150 [ 20.213936] mempool_free+0x28c/0x328 [ 20.213970] mempool_double_free_helper+0x100/0x2e8 [ 20.214027] mempool_kmalloc_double_free+0xc0/0x118 [ 20.214067] kunit_try_run_case+0x170/0x3f0 [ 20.214120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.214163] kthread+0x328/0x630 [ 20.214195] ret_from_fork+0x10/0x20 [ 20.214232] [ 20.214258] The buggy address belongs to the object at fff00000c6398400 [ 20.214258] which belongs to the cache kmalloc-128 of size 128 [ 20.214332] The buggy address is located 0 bytes inside of [ 20.214332] 128-byte region [fff00000c6398400, fff00000c6398480) [ 20.214414] [ 20.214442] The buggy address belongs to the physical page: [ 20.214479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 20.214531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.214578] page_type: f5(slab) [ 20.214629] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.214679] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.214719] page dumped because: kasan: bad access detected [ 20.214934] [ 20.215072] Memory state around the buggy address: [ 20.215230] fff00000c6398300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.215380] fff00000c6398380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.215478] >fff00000c6398400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.215519] ^ [ 20.215548] fff00000c6398480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.215693] fff00000c6398500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.215735] ================================================================== [ 20.237407] ================================================================== [ 20.237463] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 20.237516] Free of addr fff00000c7964000 by task kunit_try_catch/239 [ 20.237555] [ 20.237794] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.237951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.238010] Hardware name: linux,dummy-virt (DT) [ 20.238060] Call trace: [ 20.238152] show_stack+0x20/0x38 (C) [ 20.238207] dump_stack_lvl+0x8c/0xd0 [ 20.238265] print_report+0x118/0x608 [ 20.238313] kasan_report_invalid_free+0xc0/0xe8 [ 20.238363] __kasan_mempool_poison_pages+0xe0/0xe8 [ 20.238603] mempool_free+0x24c/0x328 [ 20.238709] mempool_double_free_helper+0x150/0x2e8 [ 20.238773] mempool_page_alloc_double_free+0xbc/0x118 [ 20.238933] kunit_try_run_case+0x170/0x3f0 [ 20.239127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.239324] kthread+0x328/0x630 [ 20.239465] ret_from_fork+0x10/0x20 [ 20.239635] [ 20.239715] The buggy address belongs to the physical page: [ 20.239824] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107964 [ 20.239943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.240189] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.240356] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.240425] page dumped because: kasan: bad access detected [ 20.240554] [ 20.240634] Memory state around the buggy address: [ 20.240672] fff00000c7963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.240890] fff00000c7963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241075] >fff00000c7964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241191] ^ [ 20.241221] fff00000c7964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241298] fff00000c7964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.241493] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 20.200520] ================================================================== [ 20.200605] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.200689] Read of size 1 at addr fff00000c7964000 by task kunit_try_catch/233 [ 20.200850] [ 20.200908] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.200993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.201019] Hardware name: linux,dummy-virt (DT) [ 20.201072] Call trace: [ 20.201121] show_stack+0x20/0x38 (C) [ 20.201176] dump_stack_lvl+0x8c/0xd0 [ 20.201244] print_report+0x118/0x608 [ 20.201290] kasan_report+0xdc/0x128 [ 20.201363] __asan_report_load1_noabort+0x20/0x30 [ 20.201421] mempool_uaf_helper+0x314/0x340 [ 20.201477] mempool_page_alloc_uaf+0xc0/0x118 [ 20.201523] kunit_try_run_case+0x170/0x3f0 [ 20.201572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.201729] kthread+0x328/0x630 [ 20.201817] ret_from_fork+0x10/0x20 [ 20.201908] [ 20.201933] The buggy address belongs to the physical page: [ 20.201972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107964 [ 20.202026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.202088] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.202138] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.202178] page dumped because: kasan: bad access detected [ 20.202210] [ 20.202227] Memory state around the buggy address: [ 20.202259] fff00000c7963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.202302] fff00000c7963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.202345] >fff00000c7964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.202383] ^ [ 20.202409] fff00000c7964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.202449] fff00000c7964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.202485] ================================================================== [ 20.133931] ================================================================== [ 20.133996] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.134051] Read of size 1 at addr fff00000c7918000 by task kunit_try_catch/229 [ 20.135813] [ 20.135992] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.136856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.137160] Hardware name: linux,dummy-virt (DT) [ 20.137905] Call trace: [ 20.137930] show_stack+0x20/0x38 (C) [ 20.138544] dump_stack_lvl+0x8c/0xd0 [ 20.138650] print_report+0x118/0x608 [ 20.139161] kasan_report+0xdc/0x128 [ 20.139380] __asan_report_load1_noabort+0x20/0x30 [ 20.140082] mempool_uaf_helper+0x314/0x340 [ 20.140235] mempool_kmalloc_large_uaf+0xc4/0x120 [ 20.140285] kunit_try_run_case+0x170/0x3f0 [ 20.140710] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.141168] kthread+0x328/0x630 [ 20.141831] ret_from_fork+0x10/0x20 [ 20.142694] [ 20.142887] The buggy address belongs to the physical page: [ 20.142924] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107918 [ 20.143273] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.143844] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.144371] page_type: f8(unknown) [ 20.144778] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.144951] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.145760] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.146220] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.146581] head: 0bfffe0000000002 ffffc1ffc31e4601 00000000ffffffff 00000000ffffffff [ 20.146928] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.146970] page dumped because: kasan: bad access detected [ 20.147003] [ 20.148014] Memory state around the buggy address: [ 20.148151] fff00000c7917f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.148381] fff00000c7917f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.149560] >fff00000c7918000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.149670] ^ [ 20.149829] fff00000c7918080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.149894] fff00000c7918100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.149933] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 20.169699] ================================================================== [ 20.169778] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.169837] Read of size 1 at addr fff00000c7823240 by task kunit_try_catch/231 [ 20.169900] [ 20.169938] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.170020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.170045] Hardware name: linux,dummy-virt (DT) [ 20.170077] Call trace: [ 20.170100] show_stack+0x20/0x38 (C) [ 20.170148] dump_stack_lvl+0x8c/0xd0 [ 20.170195] print_report+0x118/0x608 [ 20.170241] kasan_report+0xdc/0x128 [ 20.170285] __asan_report_load1_noabort+0x20/0x30 [ 20.170335] mempool_uaf_helper+0x314/0x340 [ 20.170381] mempool_slab_uaf+0xc0/0x118 [ 20.170424] kunit_try_run_case+0x170/0x3f0 [ 20.170473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.170524] kthread+0x328/0x630 [ 20.170565] ret_from_fork+0x10/0x20 [ 20.170610] [ 20.170630] Allocated by task 231: [ 20.170658] kasan_save_stack+0x3c/0x68 [ 20.170700] kasan_save_track+0x20/0x40 [ 20.170738] kasan_save_alloc_info+0x40/0x58 [ 20.170895] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.170941] remove_element+0x16c/0x1f8 [ 20.170979] mempool_alloc_preallocated+0x58/0xc0 [ 20.171018] mempool_uaf_helper+0xa4/0x340 [ 20.171055] mempool_slab_uaf+0xc0/0x118 [ 20.171092] kunit_try_run_case+0x170/0x3f0 [ 20.171130] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.171174] kthread+0x328/0x630 [ 20.171206] ret_from_fork+0x10/0x20 [ 20.171242] [ 20.171261] Freed by task 231: [ 20.171288] kasan_save_stack+0x3c/0x68 [ 20.171326] kasan_save_track+0x20/0x40 [ 20.171363] kasan_save_free_info+0x4c/0x78 [ 20.171401] __kasan_mempool_poison_object+0xc0/0x150 [ 20.171449] mempool_free+0x28c/0x328 [ 20.171485] mempool_uaf_helper+0x104/0x340 [ 20.171522] mempool_slab_uaf+0xc0/0x118 [ 20.171558] kunit_try_run_case+0x170/0x3f0 [ 20.171596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.171639] kthread+0x328/0x630 [ 20.171672] ret_from_fork+0x10/0x20 [ 20.171708] [ 20.171727] The buggy address belongs to the object at fff00000c7823240 [ 20.171727] which belongs to the cache test_cache of size 123 [ 20.171785] The buggy address is located 0 bytes inside of [ 20.171785] freed 123-byte region [fff00000c7823240, fff00000c78232bb) [ 20.171846] [ 20.171875] The buggy address belongs to the physical page: [ 20.171906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107823 [ 20.171956] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.172002] page_type: f5(slab) [ 20.172040] raw: 0bfffe0000000000 fff00000c5693500 dead000000000122 0000000000000000 [ 20.172089] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.172128] page dumped because: kasan: bad access detected [ 20.172157] [ 20.172176] Memory state around the buggy address: [ 20.172205] fff00000c7823100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.172248] fff00000c7823180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.172289] >fff00000c7823200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.172326] ^ [ 20.172358] fff00000c7823280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.172399] fff00000c7823300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.172436] ================================================================== [ 20.088913] ================================================================== [ 20.088978] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 20.089048] Read of size 1 at addr fff00000c77e8300 by task kunit_try_catch/227 [ 20.089336] [ 20.089402] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.089648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.089674] Hardware name: linux,dummy-virt (DT) [ 20.089842] Call trace: [ 20.090172] show_stack+0x20/0x38 (C) [ 20.090322] dump_stack_lvl+0x8c/0xd0 [ 20.090372] print_report+0x118/0x608 [ 20.090969] kasan_report+0xdc/0x128 [ 20.091099] __asan_report_load1_noabort+0x20/0x30 [ 20.091162] mempool_uaf_helper+0x314/0x340 [ 20.091208] mempool_kmalloc_uaf+0xc4/0x120 [ 20.091508] kunit_try_run_case+0x170/0x3f0 [ 20.091672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.091778] kthread+0x328/0x630 [ 20.091822] ret_from_fork+0x10/0x20 [ 20.091879] [ 20.092191] Allocated by task 227: [ 20.092229] kasan_save_stack+0x3c/0x68 [ 20.092275] kasan_save_track+0x20/0x40 [ 20.092693] kasan_save_alloc_info+0x40/0x58 [ 20.092739] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.092783] remove_element+0x130/0x1f8 [ 20.092821] mempool_alloc_preallocated+0x58/0xc0 [ 20.093023] mempool_uaf_helper+0xa4/0x340 [ 20.093294] mempool_kmalloc_uaf+0xc4/0x120 [ 20.093697] kunit_try_run_case+0x170/0x3f0 [ 20.093883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.093987] kthread+0x328/0x630 [ 20.094019] ret_from_fork+0x10/0x20 [ 20.094063] [ 20.094082] Freed by task 227: [ 20.094110] kasan_save_stack+0x3c/0x68 [ 20.094148] kasan_save_track+0x20/0x40 [ 20.094325] kasan_save_free_info+0x4c/0x78 [ 20.094554] __kasan_mempool_poison_object+0xc0/0x150 [ 20.094600] mempool_free+0x28c/0x328 [ 20.095014] mempool_uaf_helper+0x104/0x340 [ 20.095123] mempool_kmalloc_uaf+0xc4/0x120 [ 20.095194] kunit_try_run_case+0x170/0x3f0 [ 20.095240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.095284] kthread+0x328/0x630 [ 20.095337] ret_from_fork+0x10/0x20 [ 20.095373] [ 20.095395] The buggy address belongs to the object at fff00000c77e8300 [ 20.095395] which belongs to the cache kmalloc-128 of size 128 [ 20.095489] The buggy address is located 0 bytes inside of [ 20.095489] freed 128-byte region [fff00000c77e8300, fff00000c77e8380) [ 20.095824] [ 20.095851] The buggy address belongs to the physical page: [ 20.095894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 20.095947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.095995] page_type: f5(slab) [ 20.096044] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.096300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.096348] page dumped because: kasan: bad access detected [ 20.096642] [ 20.096893] Memory state around the buggy address: [ 20.097103] fff00000c77e8200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.097151] fff00000c77e8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097193] >fff00000c77e8300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.097231] ^ [ 20.097258] fff00000c77e8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.097300] fff00000c77e8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.097577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 20.066143] ================================================================== [ 20.066206] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.066520] Read of size 1 at addr fff00000c792d2bb by task kunit_try_catch/225 [ 20.066683] [ 20.066801] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.066955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.066982] Hardware name: linux,dummy-virt (DT) [ 20.067014] Call trace: [ 20.067039] show_stack+0x20/0x38 (C) [ 20.067085] dump_stack_lvl+0x8c/0xd0 [ 20.067131] print_report+0x118/0x608 [ 20.067177] kasan_report+0xdc/0x128 [ 20.067222] __asan_report_load1_noabort+0x20/0x30 [ 20.067271] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.067318] mempool_slab_oob_right+0xc0/0x118 [ 20.067366] kunit_try_run_case+0x170/0x3f0 [ 20.067444] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.067499] kthread+0x328/0x630 [ 20.067635] ret_from_fork+0x10/0x20 [ 20.067942] [ 20.067965] Allocated by task 225: [ 20.068103] kasan_save_stack+0x3c/0x68 [ 20.068177] kasan_save_track+0x20/0x40 [ 20.068363] kasan_save_alloc_info+0x40/0x58 [ 20.068552] __kasan_mempool_unpoison_object+0xbc/0x180 [ 20.068713] remove_element+0x16c/0x1f8 [ 20.068793] mempool_alloc_preallocated+0x58/0xc0 [ 20.068895] mempool_oob_right_helper+0x98/0x2f0 [ 20.068936] mempool_slab_oob_right+0xc0/0x118 [ 20.068974] kunit_try_run_case+0x170/0x3f0 [ 20.069031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.069210] kthread+0x328/0x630 [ 20.069242] ret_from_fork+0x10/0x20 [ 20.069322] [ 20.069405] The buggy address belongs to the object at fff00000c792d240 [ 20.069405] which belongs to the cache test_cache of size 123 [ 20.069488] The buggy address is located 0 bytes to the right of [ 20.069488] allocated 123-byte region [fff00000c792d240, fff00000c792d2bb) [ 20.069659] [ 20.069681] The buggy address belongs to the physical page: [ 20.069716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10792d [ 20.069839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.069896] page_type: f5(slab) [ 20.069932] raw: 0bfffe0000000000 fff00000c5ca5dc0 dead000000000122 0000000000000000 [ 20.069981] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 20.070020] page dumped because: kasan: bad access detected [ 20.070051] [ 20.070427] Memory state around the buggy address: [ 20.070644] fff00000c792d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.070713] fff00000c792d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 20.070784] >fff00000c792d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 20.070822] ^ [ 20.071095] fff00000c792d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.071142] fff00000c792d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.071180] ================================================================== [ 20.021842] ================================================================== [ 20.021942] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.022017] Read of size 1 at addr fff00000c6398073 by task kunit_try_catch/221 [ 20.022068] [ 20.022113] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.022196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.022223] Hardware name: linux,dummy-virt (DT) [ 20.022257] Call trace: [ 20.022281] show_stack+0x20/0x38 (C) [ 20.022336] dump_stack_lvl+0x8c/0xd0 [ 20.022386] print_report+0x118/0x608 [ 20.022434] kasan_report+0xdc/0x128 [ 20.022480] __asan_report_load1_noabort+0x20/0x30 [ 20.022532] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.022579] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.022628] kunit_try_run_case+0x170/0x3f0 [ 20.022678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.022730] kthread+0x328/0x630 [ 20.022807] ret_from_fork+0x10/0x20 [ 20.022870] [ 20.022901] Allocated by task 221: [ 20.022932] kasan_save_stack+0x3c/0x68 [ 20.022975] kasan_save_track+0x20/0x40 [ 20.023013] kasan_save_alloc_info+0x40/0x58 [ 20.023054] __kasan_mempool_unpoison_object+0x11c/0x180 [ 20.023098] remove_element+0x130/0x1f8 [ 20.023135] mempool_alloc_preallocated+0x58/0xc0 [ 20.023174] mempool_oob_right_helper+0x98/0x2f0 [ 20.023212] mempool_kmalloc_oob_right+0xc4/0x120 [ 20.023253] kunit_try_run_case+0x170/0x3f0 [ 20.023291] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.023334] kthread+0x328/0x630 [ 20.023367] ret_from_fork+0x10/0x20 [ 20.023403] [ 20.023427] The buggy address belongs to the object at fff00000c6398000 [ 20.023427] which belongs to the cache kmalloc-128 of size 128 [ 20.023485] The buggy address is located 0 bytes to the right of [ 20.023485] allocated 115-byte region [fff00000c6398000, fff00000c6398073) [ 20.023548] [ 20.023569] The buggy address belongs to the physical page: [ 20.023603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398 [ 20.023655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.023707] page_type: f5(slab) [ 20.023749] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.023798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.023838] page dumped because: kasan: bad access detected [ 20.023881] [ 20.023900] Memory state around the buggy address: [ 20.023934] fff00000c6397f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.023976] fff00000c6397f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.024019] >fff00000c6398000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.024059] ^ [ 20.024098] fff00000c6398080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.024140] fff00000c6398100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.024178] ================================================================== [ 20.052949] ================================================================== [ 20.053020] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 20.053086] Read of size 1 at addr fff00000c7916001 by task kunit_try_catch/223 [ 20.053135] [ 20.053173] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.053257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.053286] Hardware name: linux,dummy-virt (DT) [ 20.053319] Call trace: [ 20.053343] show_stack+0x20/0x38 (C) [ 20.053394] dump_stack_lvl+0x8c/0xd0 [ 20.053448] print_report+0x118/0x608 [ 20.053498] kasan_report+0xdc/0x128 [ 20.053543] __asan_report_load1_noabort+0x20/0x30 [ 20.053592] mempool_oob_right_helper+0x2ac/0x2f0 [ 20.053640] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 20.053689] kunit_try_run_case+0x170/0x3f0 [ 20.053739] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.053791] kthread+0x328/0x630 [ 20.053834] ret_from_fork+0x10/0x20 [ 20.053894] [ 20.053915] The buggy address belongs to the physical page: [ 20.053949] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107914 [ 20.054001] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.054049] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 20.054103] page_type: f8(unknown) [ 20.054141] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.054190] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.054238] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.054287] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 20.054335] head: 0bfffe0000000002 ffffc1ffc31e4501 00000000ffffffff 00000000ffffffff [ 20.054382] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 20.054424] page dumped because: kasan: bad access detected [ 20.054454] [ 20.054474] Memory state around the buggy address: [ 20.054505] fff00000c7915f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.054547] fff00000c7915f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.054590] >fff00000c7916000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.054627] ^ [ 20.054653] fff00000c7916080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.054694] fff00000c7916100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 20.054732] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.464177] ================================================================== [ 19.464248] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 19.464320] Read of size 1 at addr fff00000c5ca5a00 by task kunit_try_catch/215 [ 19.464369] [ 19.464411] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.464495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.464523] Hardware name: linux,dummy-virt (DT) [ 19.464556] Call trace: [ 19.464579] show_stack+0x20/0x38 (C) [ 19.464644] dump_stack_lvl+0x8c/0xd0 [ 19.464696] print_report+0x118/0x608 [ 19.464756] kasan_report+0xdc/0x128 [ 19.464800] __kasan_check_byte+0x54/0x70 [ 19.464845] kmem_cache_destroy+0x34/0x218 [ 19.464908] kmem_cache_double_destroy+0x174/0x300 [ 19.464954] kunit_try_run_case+0x170/0x3f0 [ 19.465110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.465164] kthread+0x328/0x630 [ 19.465207] ret_from_fork+0x10/0x20 [ 19.465255] [ 19.465273] Allocated by task 215: [ 19.465304] kasan_save_stack+0x3c/0x68 [ 19.465356] kasan_save_track+0x20/0x40 [ 19.465414] kasan_save_alloc_info+0x40/0x58 [ 19.465491] __kasan_slab_alloc+0xa8/0xb0 [ 19.465598] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.465641] __kmem_cache_create_args+0x178/0x280 [ 19.465713] kmem_cache_double_destroy+0xc0/0x300 [ 19.465778] kunit_try_run_case+0x170/0x3f0 [ 19.465817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.465994] kthread+0x328/0x630 [ 19.466033] ret_from_fork+0x10/0x20 [ 19.466167] [ 19.466215] Freed by task 215: [ 19.466264] kasan_save_stack+0x3c/0x68 [ 19.466306] kasan_save_track+0x20/0x40 [ 19.466342] kasan_save_free_info+0x4c/0x78 [ 19.466428] __kasan_slab_free+0x6c/0x98 [ 19.466526] kmem_cache_free+0x260/0x468 [ 19.466590] slab_kmem_cache_release+0x38/0x50 [ 19.466630] kmem_cache_release+0x1c/0x30 [ 19.466809] kobject_put+0x17c/0x420 [ 19.466887] sysfs_slab_release+0x1c/0x30 [ 19.467081] kmem_cache_destroy+0x118/0x218 [ 19.467121] kmem_cache_double_destroy+0x128/0x300 [ 19.467161] kunit_try_run_case+0x170/0x3f0 [ 19.467201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.467457] kthread+0x328/0x630 [ 19.467653] ret_from_fork+0x10/0x20 [ 19.467728] [ 19.467932] The buggy address belongs to the object at fff00000c5ca5a00 [ 19.467932] which belongs to the cache kmem_cache of size 208 [ 19.467993] The buggy address is located 0 bytes inside of [ 19.467993] freed 208-byte region [fff00000c5ca5a00, fff00000c5ca5ad0) [ 19.468190] [ 19.468262] The buggy address belongs to the physical page: [ 19.468470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ca5 [ 19.468561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.468665] page_type: f5(slab) [ 19.468752] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 19.468801] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 19.469008] page dumped because: kasan: bad access detected [ 19.469211] [ 19.469262] Memory state around the buggy address: [ 19.469389] fff00000c5ca5900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.469530] fff00000c5ca5980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.469573] >fff00000c5ca5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.469775] ^ [ 19.469936] fff00000c5ca5a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 19.470054] fff00000c5ca5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.470142] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.326261] ================================================================== [ 19.326359] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 19.326436] Read of size 1 at addr fff00000c7827000 by task kunit_try_catch/213 [ 19.326486] [ 19.326528] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.326613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.326639] Hardware name: linux,dummy-virt (DT) [ 19.326672] Call trace: [ 19.326697] show_stack+0x20/0x38 (C) [ 19.326759] dump_stack_lvl+0x8c/0xd0 [ 19.326811] print_report+0x118/0x608 [ 19.330359] kasan_report+0xdc/0x128 [ 19.330716] __asan_report_load1_noabort+0x20/0x30 [ 19.330994] kmem_cache_rcu_uaf+0x388/0x468 [ 19.331076] kunit_try_run_case+0x170/0x3f0 [ 19.332028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.332449] kthread+0x328/0x630 [ 19.333143] ret_from_fork+0x10/0x20 [ 19.334027] [ 19.334415] Allocated by task 213: [ 19.334645] kasan_save_stack+0x3c/0x68 [ 19.335249] kasan_save_track+0x20/0x40 [ 19.335356] kasan_save_alloc_info+0x40/0x58 [ 19.335689] __kasan_slab_alloc+0xa8/0xb0 [ 19.336254] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.336664] kmem_cache_rcu_uaf+0x12c/0x468 [ 19.336931] kunit_try_run_case+0x170/0x3f0 [ 19.337409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.337809] kthread+0x328/0x630 [ 19.337857] ret_from_fork+0x10/0x20 [ 19.338499] [ 19.339063] Freed by task 12: [ 19.339249] kasan_save_stack+0x3c/0x68 [ 19.339409] kasan_save_track+0x20/0x40 [ 19.340021] kasan_save_free_info+0x4c/0x78 [ 19.340282] __kasan_slab_free+0x6c/0x98 [ 19.340484] slab_free_after_rcu_debug+0xd4/0x2f8 [ 19.341243] rcu_core+0x9f4/0x1e20 [ 19.341361] rcu_core_si+0x18/0x30 [ 19.341676] handle_softirqs+0x374/0xb28 [ 19.341766] __do_softirq+0x1c/0x28 [ 19.342194] [ 19.342818] Last potentially related work creation: [ 19.343127] kasan_save_stack+0x3c/0x68 [ 19.343244] kasan_record_aux_stack+0xb4/0xc8 [ 19.344104] kmem_cache_free+0x120/0x468 [ 19.344239] kmem_cache_rcu_uaf+0x16c/0x468 [ 19.345026] kunit_try_run_case+0x170/0x3f0 [ 19.345128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.345173] kthread+0x328/0x630 [ 19.345205] ret_from_fork+0x10/0x20 [ 19.345939] [ 19.346131] The buggy address belongs to the object at fff00000c7827000 [ 19.346131] which belongs to the cache test_cache of size 200 [ 19.346611] The buggy address is located 0 bytes inside of [ 19.346611] freed 200-byte region [fff00000c7827000, fff00000c78270c8) [ 19.346710] [ 19.346980] The buggy address belongs to the physical page: [ 19.347394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107827 [ 19.347464] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.347518] page_type: f5(slab) [ 19.347560] raw: 0bfffe0000000000 fff00000c5ca58c0 dead000000000122 0000000000000000 [ 19.347610] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.348258] page dumped because: kasan: bad access detected [ 19.348298] [ 19.348316] Memory state around the buggy address: [ 19.348613] fff00000c7826f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.348661] fff00000c7826f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.349055] >fff00000c7827000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.349325] ^ [ 19.349357] fff00000c7827080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.349824] fff00000c7827100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.349886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.925307] ================================================================== [ 18.925368] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 18.925683] Free of addr fff00000c785f001 by task kunit_try_catch/211 [ 18.925803] [ 18.925910] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.926022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.926049] Hardware name: linux,dummy-virt (DT) [ 18.926083] Call trace: [ 18.926123] show_stack+0x20/0x38 (C) [ 18.926225] dump_stack_lvl+0x8c/0xd0 [ 18.926275] print_report+0x118/0x608 [ 18.926330] kasan_report_invalid_free+0xc0/0xe8 [ 18.926573] check_slab_allocation+0xfc/0x108 [ 18.926678] __kasan_slab_pre_free+0x2c/0x48 [ 18.926826] kmem_cache_free+0xf0/0x468 [ 18.926890] kmem_cache_invalid_free+0x184/0x3c8 [ 18.926938] kunit_try_run_case+0x170/0x3f0 [ 18.926987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.927039] kthread+0x328/0x630 [ 18.927081] ret_from_fork+0x10/0x20 [ 18.927130] [ 18.927148] Allocated by task 211: [ 18.927337] kasan_save_stack+0x3c/0x68 [ 18.927470] kasan_save_track+0x20/0x40 [ 18.927547] kasan_save_alloc_info+0x40/0x58 [ 18.927681] __kasan_slab_alloc+0xa8/0xb0 [ 18.927761] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.927803] kmem_cache_invalid_free+0x12c/0x3c8 [ 18.927842] kunit_try_run_case+0x170/0x3f0 [ 18.927912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.927956] kthread+0x328/0x630 [ 18.927989] ret_from_fork+0x10/0x20 [ 18.928025] [ 18.928044] The buggy address belongs to the object at fff00000c785f000 [ 18.928044] which belongs to the cache test_cache of size 200 [ 18.928112] The buggy address is located 1 bytes inside of [ 18.928112] 200-byte region [fff00000c785f000, fff00000c785f0c8) [ 18.928171] [ 18.928197] The buggy address belongs to the physical page: [ 18.928239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10785f [ 18.928302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.928351] page_type: f5(slab) [ 18.928400] raw: 0bfffe0000000000 fff00000c5ca5780 dead000000000122 0000000000000000 [ 18.928449] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.928498] page dumped because: kasan: bad access detected [ 18.928529] [ 18.928548] Memory state around the buggy address: [ 18.928578] fff00000c785ef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.928627] fff00000c785ef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.928678] >fff00000c785f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.928715] ^ [ 18.928748] fff00000c785f080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.928791] fff00000c785f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.928839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.886572] ================================================================== [ 18.886636] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 18.886710] Free of addr fff00000c78a8000 by task kunit_try_catch/209 [ 18.887381] [ 18.887494] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.887620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.887671] Hardware name: linux,dummy-virt (DT) [ 18.887801] Call trace: [ 18.887849] show_stack+0x20/0x38 (C) [ 18.887964] dump_stack_lvl+0x8c/0xd0 [ 18.888016] print_report+0x118/0x608 [ 18.888064] kasan_report_invalid_free+0xc0/0xe8 [ 18.888115] check_slab_allocation+0xd4/0x108 [ 18.888310] __kasan_slab_pre_free+0x2c/0x48 [ 18.888367] kmem_cache_free+0xf0/0x468 [ 18.888416] kmem_cache_double_free+0x190/0x3c8 [ 18.888464] kunit_try_run_case+0x170/0x3f0 [ 18.888544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.888655] kthread+0x328/0x630 [ 18.888707] ret_from_fork+0x10/0x20 [ 18.888759] [ 18.888778] Allocated by task 209: [ 18.890341] kasan_save_stack+0x3c/0x68 [ 18.891238] kasan_save_track+0x20/0x40 [ 18.892845] kasan_save_alloc_info+0x40/0x58 [ 18.893795] __kasan_slab_alloc+0xa8/0xb0 [ 18.893848] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.893905] kmem_cache_double_free+0x12c/0x3c8 [ 18.893944] kunit_try_run_case+0x170/0x3f0 [ 18.895493] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.895552] kthread+0x328/0x630 [ 18.895584] ret_from_fork+0x10/0x20 [ 18.895657] [ 18.895687] Freed by task 209: [ 18.895715] kasan_save_stack+0x3c/0x68 [ 18.897027] kasan_save_track+0x20/0x40 [ 18.897133] kasan_save_free_info+0x4c/0x78 [ 18.897272] __kasan_slab_free+0x6c/0x98 [ 18.897318] kmem_cache_free+0x260/0x468 [ 18.897354] kmem_cache_double_free+0x140/0x3c8 [ 18.897392] kunit_try_run_case+0x170/0x3f0 [ 18.897430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.899144] kthread+0x328/0x630 [ 18.899247] ret_from_fork+0x10/0x20 [ 18.899291] [ 18.899311] The buggy address belongs to the object at fff00000c78a8000 [ 18.899311] which belongs to the cache test_cache of size 200 [ 18.899368] The buggy address is located 0 bytes inside of [ 18.899368] 200-byte region [fff00000c78a8000, fff00000c78a80c8) [ 18.899734] [ 18.899773] The buggy address belongs to the physical page: [ 18.899854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 18.899972] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.900129] page_type: f5(slab) [ 18.900221] raw: 0bfffe0000000000 fff00000c5ca5640 dead000000000122 0000000000000000 [ 18.900423] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.900578] page dumped because: kasan: bad access detected [ 18.900677] [ 18.900753] Memory state around the buggy address: [ 18.900789] fff00000c78a7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.901104] fff00000c78a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.901343] >fff00000c78a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.901456] ^ [ 18.901567] fff00000c78a8080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.901657] fff00000c78a8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.901747] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.689117] ================================================================== [ 18.689178] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 18.689255] Read of size 1 at addr fff00000c78ad0c8 by task kunit_try_catch/207 [ 18.689319] [ 18.689357] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.689439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.689466] Hardware name: linux,dummy-virt (DT) [ 18.689498] Call trace: [ 18.689521] show_stack+0x20/0x38 (C) [ 18.689569] dump_stack_lvl+0x8c/0xd0 [ 18.689623] print_report+0x118/0x608 [ 18.689670] kasan_report+0xdc/0x128 [ 18.689716] __asan_report_load1_noabort+0x20/0x30 [ 18.689777] kmem_cache_oob+0x344/0x430 [ 18.689823] kunit_try_run_case+0x170/0x3f0 [ 18.690480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.690561] kthread+0x328/0x630 [ 18.690603] ret_from_fork+0x10/0x20 [ 18.690649] [ 18.690667] Allocated by task 207: [ 18.690704] kasan_save_stack+0x3c/0x68 [ 18.690751] kasan_save_track+0x20/0x40 [ 18.690789] kasan_save_alloc_info+0x40/0x58 [ 18.690831] __kasan_slab_alloc+0xa8/0xb0 [ 18.690880] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.690920] kmem_cache_oob+0x12c/0x430 [ 18.690992] kunit_try_run_case+0x170/0x3f0 [ 18.691168] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.691251] kthread+0x328/0x630 [ 18.691318] ret_from_fork+0x10/0x20 [ 18.691365] [ 18.691384] The buggy address belongs to the object at fff00000c78ad000 [ 18.691384] which belongs to the cache test_cache of size 200 [ 18.691454] The buggy address is located 0 bytes to the right of [ 18.691454] allocated 200-byte region [fff00000c78ad000, fff00000c78ad0c8) [ 18.691516] [ 18.691536] The buggy address belongs to the physical page: [ 18.691565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078ad [ 18.691618] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.691665] page_type: f5(slab) [ 18.691704] raw: 0bfffe0000000000 fff00000c5ca5500 dead000000000122 0000000000000000 [ 18.691753] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.691854] page dumped because: kasan: bad access detected [ 18.691974] [ 18.692045] Memory state around the buggy address: [ 18.692172] fff00000c78acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.692289] fff00000c78ad000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.692331] >fff00000c78ad080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.692642] ^ [ 18.692711] fff00000c78ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.692829] fff00000c78ad180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.692907] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.668686] ================================================================== [ 18.668754] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 18.668807] Read of size 8 at addr fff00000c77eb480 by task kunit_try_catch/200 [ 18.668857] [ 18.668903] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.668985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.669012] Hardware name: linux,dummy-virt (DT) [ 18.669042] Call trace: [ 18.669065] show_stack+0x20/0x38 (C) [ 18.669111] dump_stack_lvl+0x8c/0xd0 [ 18.669157] print_report+0x118/0x608 [ 18.669203] kasan_report+0xdc/0x128 [ 18.669248] __asan_report_load8_noabort+0x20/0x30 [ 18.669295] workqueue_uaf+0x480/0x4a8 [ 18.669341] kunit_try_run_case+0x170/0x3f0 [ 18.669426] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.669534] kthread+0x328/0x630 [ 18.669577] ret_from_fork+0x10/0x20 [ 18.669624] [ 18.669672] Allocated by task 200: [ 18.669727] kasan_save_stack+0x3c/0x68 [ 18.669770] kasan_save_track+0x20/0x40 [ 18.669828] kasan_save_alloc_info+0x40/0x58 [ 18.669917] __kasan_kmalloc+0xd4/0xd8 [ 18.669983] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.670026] workqueue_uaf+0x13c/0x4a8 [ 18.670060] kunit_try_run_case+0x170/0x3f0 [ 18.670099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.670140] kthread+0x328/0x630 [ 18.670173] ret_from_fork+0x10/0x20 [ 18.670209] [ 18.670227] Freed by task 47: [ 18.670253] kasan_save_stack+0x3c/0x68 [ 18.670289] kasan_save_track+0x20/0x40 [ 18.670327] kasan_save_free_info+0x4c/0x78 [ 18.670366] __kasan_slab_free+0x6c/0x98 [ 18.670421] kfree+0x214/0x3c8 [ 18.670471] workqueue_uaf_work+0x18/0x30 [ 18.670527] process_one_work+0x530/0xf98 [ 18.670565] worker_thread+0x618/0xf38 [ 18.670600] kthread+0x328/0x630 [ 18.670631] ret_from_fork+0x10/0x20 [ 18.670667] [ 18.670686] Last potentially related work creation: [ 18.670722] kasan_save_stack+0x3c/0x68 [ 18.670970] kasan_record_aux_stack+0xb4/0xc8 [ 18.671017] __queue_work+0x65c/0x1008 [ 18.671054] queue_work_on+0xbc/0xf8 [ 18.671093] workqueue_uaf+0x210/0x4a8 [ 18.671129] kunit_try_run_case+0x170/0x3f0 [ 18.671166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.671209] kthread+0x328/0x630 [ 18.671240] ret_from_fork+0x10/0x20 [ 18.671276] [ 18.671295] The buggy address belongs to the object at fff00000c77eb480 [ 18.671295] which belongs to the cache kmalloc-32 of size 32 [ 18.671352] The buggy address is located 0 bytes inside of [ 18.671352] freed 32-byte region [fff00000c77eb480, fff00000c77eb4a0) [ 18.671410] [ 18.671434] The buggy address belongs to the physical page: [ 18.671465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077eb [ 18.671515] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.671562] page_type: f5(slab) [ 18.671599] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.671647] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.671686] page dumped because: kasan: bad access detected [ 18.671717] [ 18.671734] Memory state around the buggy address: [ 18.671765] fff00000c77eb380: 00 00 07 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 18.671807] fff00000c77eb400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.671848] >fff00000c77eb480: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.672307] ^ [ 18.672416] fff00000c77eb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.672478] fff00000c77eb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.672533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.651458] ================================================================== [ 18.651712] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 18.651779] Read of size 4 at addr fff00000c77eb280 by task swapper/1/0 [ 18.651825] [ 18.651877] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.651977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.652033] Hardware name: linux,dummy-virt (DT) [ 18.652076] Call trace: [ 18.652145] show_stack+0x20/0x38 (C) [ 18.652242] dump_stack_lvl+0x8c/0xd0 [ 18.652293] print_report+0x118/0x608 [ 18.652338] kasan_report+0xdc/0x128 [ 18.652389] __asan_report_load4_noabort+0x20/0x30 [ 18.652484] rcu_uaf_reclaim+0x64/0x70 [ 18.652556] rcu_core+0x9f4/0x1e20 [ 18.652644] rcu_core_si+0x18/0x30 [ 18.652707] handle_softirqs+0x374/0xb28 [ 18.652753] __do_softirq+0x1c/0x28 [ 18.652818] ____do_softirq+0x18/0x30 [ 18.652873] call_on_irq_stack+0x24/0x30 [ 18.653172] do_softirq_own_stack+0x24/0x38 [ 18.653237] __irq_exit_rcu+0x1fc/0x318 [ 18.653281] irq_exit_rcu+0x1c/0x80 [ 18.653325] el1_interrupt+0x38/0x58 [ 18.653373] el1h_64_irq_handler+0x18/0x28 [ 18.653417] el1h_64_irq+0x6c/0x70 [ 18.653519] arch_local_irq_enable+0x4/0x8 (P) [ 18.653620] do_idle+0x384/0x4e8 [ 18.653664] cpu_startup_entry+0x64/0x80 [ 18.653708] secondary_start_kernel+0x288/0x340 [ 18.653764] __secondary_switched+0xc0/0xc8 [ 18.653855] [ 18.653923] Allocated by task 198: [ 18.653969] kasan_save_stack+0x3c/0x68 [ 18.654010] kasan_save_track+0x20/0x40 [ 18.654246] kasan_save_alloc_info+0x40/0x58 [ 18.654315] __kasan_kmalloc+0xd4/0xd8 [ 18.654376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.654443] rcu_uaf+0xb0/0x2d8 [ 18.654517] kunit_try_run_case+0x170/0x3f0 [ 18.654583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.654628] kthread+0x328/0x630 [ 18.654690] ret_from_fork+0x10/0x20 [ 18.654959] [ 18.655028] Freed by task 0: [ 18.655094] kasan_save_stack+0x3c/0x68 [ 18.655257] kasan_save_track+0x20/0x40 [ 18.655315] kasan_save_free_info+0x4c/0x78 [ 18.655382] __kasan_slab_free+0x6c/0x98 [ 18.655428] kfree+0x214/0x3c8 [ 18.655460] rcu_uaf_reclaim+0x28/0x70 [ 18.655502] rcu_core+0x9f4/0x1e20 [ 18.655537] rcu_core_si+0x18/0x30 [ 18.655669] handle_softirqs+0x374/0xb28 [ 18.655833] __do_softirq+0x1c/0x28 [ 18.655943] [ 18.656003] Last potentially related work creation: [ 18.656054] kasan_save_stack+0x3c/0x68 [ 18.656129] kasan_record_aux_stack+0xb4/0xc8 [ 18.656396] __call_rcu_common.constprop.0+0x74/0x8c8 [ 18.656579] call_rcu+0x18/0x30 [ 18.656705] rcu_uaf+0x14c/0x2d8 [ 18.656784] kunit_try_run_case+0x170/0x3f0 [ 18.656916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.657035] kthread+0x328/0x630 [ 18.657090] ret_from_fork+0x10/0x20 [ 18.657131] [ 18.657338] The buggy address belongs to the object at fff00000c77eb280 [ 18.657338] which belongs to the cache kmalloc-32 of size 32 [ 18.657457] The buggy address is located 0 bytes inside of [ 18.657457] freed 32-byte region [fff00000c77eb280, fff00000c77eb2a0) [ 18.657560] [ 18.657601] The buggy address belongs to the physical page: [ 18.657633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077eb [ 18.657773] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.657879] page_type: f5(slab) [ 18.657957] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.658035] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.658140] page dumped because: kasan: bad access detected [ 18.658190] [ 18.658221] Memory state around the buggy address: [ 18.658271] fff00000c77eb180: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.658332] fff00000c77eb200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.658375] >fff00000c77eb280: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.658413] ^ [ 18.658443] fff00000c77eb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.658502] fff00000c77eb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.658551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.494065] ================================================================== [ 18.494138] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 18.494191] Read of size 1 at addr fff00000c77e8000 by task kunit_try_catch/196 [ 18.494247] [ 18.494390] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.494636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.494662] Hardware name: linux,dummy-virt (DT) [ 18.494731] Call trace: [ 18.494813] show_stack+0x20/0x38 (C) [ 18.494869] dump_stack_lvl+0x8c/0xd0 [ 18.495207] print_report+0x118/0x608 [ 18.495268] kasan_report+0xdc/0x128 [ 18.495433] __kasan_check_byte+0x54/0x70 [ 18.495659] ksize+0x30/0x88 [ 18.495757] ksize_uaf+0x168/0x5f8 [ 18.495811] kunit_try_run_case+0x170/0x3f0 [ 18.495878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.495999] kthread+0x328/0x630 [ 18.496052] ret_from_fork+0x10/0x20 [ 18.496098] [ 18.496116] Allocated by task 196: [ 18.496391] kasan_save_stack+0x3c/0x68 [ 18.496505] kasan_save_track+0x20/0x40 [ 18.496561] kasan_save_alloc_info+0x40/0x58 [ 18.496798] __kasan_kmalloc+0xd4/0xd8 [ 18.496883] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.496956] ksize_uaf+0xb8/0x5f8 [ 18.497105] kunit_try_run_case+0x170/0x3f0 [ 18.497150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.497503] kthread+0x328/0x630 [ 18.497554] ret_from_fork+0x10/0x20 [ 18.497592] [ 18.497613] Freed by task 196: [ 18.497685] kasan_save_stack+0x3c/0x68 [ 18.497763] kasan_save_track+0x20/0x40 [ 18.497800] kasan_save_free_info+0x4c/0x78 [ 18.497842] __kasan_slab_free+0x6c/0x98 [ 18.497889] kfree+0x214/0x3c8 [ 18.497924] ksize_uaf+0x11c/0x5f8 [ 18.497957] kunit_try_run_case+0x170/0x3f0 [ 18.498035] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.498278] kthread+0x328/0x630 [ 18.498311] ret_from_fork+0x10/0x20 [ 18.498346] [ 18.498410] The buggy address belongs to the object at fff00000c77e8000 [ 18.498410] which belongs to the cache kmalloc-128 of size 128 [ 18.498654] The buggy address is located 0 bytes inside of [ 18.498654] freed 128-byte region [fff00000c77e8000, fff00000c77e8080) [ 18.498713] [ 18.498739] The buggy address belongs to the physical page: [ 18.498815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 18.498877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.498925] page_type: f5(slab) [ 18.498963] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.499147] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.499467] page dumped because: kasan: bad access detected [ 18.499503] [ 18.499521] Memory state around the buggy address: [ 18.499613] fff00000c77e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.499671] fff00000c77e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.499727] >fff00000c77e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.500085] ^ [ 18.500120] fff00000c77e8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.500163] fff00000c77e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.500224] ================================================================== [ 18.501853] ================================================================== [ 18.502034] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 18.502078] Read of size 1 at addr fff00000c77e8000 by task kunit_try_catch/196 [ 18.502128] [ 18.502158] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.502243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.502408] Hardware name: linux,dummy-virt (DT) [ 18.502445] Call trace: [ 18.502516] show_stack+0x20/0x38 (C) [ 18.502580] dump_stack_lvl+0x8c/0xd0 [ 18.502629] print_report+0x118/0x608 [ 18.502827] kasan_report+0xdc/0x128 [ 18.502881] __asan_report_load1_noabort+0x20/0x30 [ 18.502932] ksize_uaf+0x598/0x5f8 [ 18.502975] kunit_try_run_case+0x170/0x3f0 [ 18.503319] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.503378] kthread+0x328/0x630 [ 18.503426] ret_from_fork+0x10/0x20 [ 18.503592] [ 18.503749] Allocated by task 196: [ 18.503847] kasan_save_stack+0x3c/0x68 [ 18.503930] kasan_save_track+0x20/0x40 [ 18.503968] kasan_save_alloc_info+0x40/0x58 [ 18.504035] __kasan_kmalloc+0xd4/0xd8 [ 18.504221] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.504306] ksize_uaf+0xb8/0x5f8 [ 18.504368] kunit_try_run_case+0x170/0x3f0 [ 18.504442] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.504503] kthread+0x328/0x630 [ 18.504536] ret_from_fork+0x10/0x20 [ 18.504590] [ 18.504650] Freed by task 196: [ 18.504677] kasan_save_stack+0x3c/0x68 [ 18.504716] kasan_save_track+0x20/0x40 [ 18.504754] kasan_save_free_info+0x4c/0x78 [ 18.504831] __kasan_slab_free+0x6c/0x98 [ 18.505050] kfree+0x214/0x3c8 [ 18.505083] ksize_uaf+0x11c/0x5f8 [ 18.505194] kunit_try_run_case+0x170/0x3f0 [ 18.505314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.505393] kthread+0x328/0x630 [ 18.505426] ret_from_fork+0x10/0x20 [ 18.505462] [ 18.505487] The buggy address belongs to the object at fff00000c77e8000 [ 18.505487] which belongs to the cache kmalloc-128 of size 128 [ 18.505590] The buggy address is located 0 bytes inside of [ 18.505590] freed 128-byte region [fff00000c77e8000, fff00000c77e8080) [ 18.505649] [ 18.505668] The buggy address belongs to the physical page: [ 18.505723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 18.505802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.506438] page_type: f5(slab) [ 18.506879] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.506937] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.506976] page dumped because: kasan: bad access detected [ 18.507009] [ 18.507027] Memory state around the buggy address: [ 18.507060] fff00000c77e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.507104] fff00000c77e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.507147] >fff00000c77e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.507673] ^ [ 18.507707] fff00000c77e8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507751] fff00000c77e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.507836] ================================================================== [ 18.509135] ================================================================== [ 18.509691] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 18.509763] Read of size 1 at addr fff00000c77e8078 by task kunit_try_catch/196 [ 18.509902] [ 18.509930] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.510008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.510035] Hardware name: linux,dummy-virt (DT) [ 18.510065] Call trace: [ 18.510085] show_stack+0x20/0x38 (C) [ 18.510560] dump_stack_lvl+0x8c/0xd0 [ 18.510747] print_report+0x118/0x608 [ 18.511069] kasan_report+0xdc/0x128 [ 18.511442] __asan_report_load1_noabort+0x20/0x30 [ 18.511498] ksize_uaf+0x544/0x5f8 [ 18.511587] kunit_try_run_case+0x170/0x3f0 [ 18.511653] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.511705] kthread+0x328/0x630 [ 18.511873] ret_from_fork+0x10/0x20 [ 18.511920] [ 18.511938] Allocated by task 196: [ 18.511966] kasan_save_stack+0x3c/0x68 [ 18.512154] kasan_save_track+0x20/0x40 [ 18.512195] kasan_save_alloc_info+0x40/0x58 [ 18.512244] __kasan_kmalloc+0xd4/0xd8 [ 18.512381] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.512421] ksize_uaf+0xb8/0x5f8 [ 18.512464] kunit_try_run_case+0x170/0x3f0 [ 18.512794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.512837] kthread+0x328/0x630 [ 18.512879] ret_from_fork+0x10/0x20 [ 18.512916] [ 18.512934] Freed by task 196: [ 18.512960] kasan_save_stack+0x3c/0x68 [ 18.513055] kasan_save_track+0x20/0x40 [ 18.513224] kasan_save_free_info+0x4c/0x78 [ 18.513413] __kasan_slab_free+0x6c/0x98 [ 18.513456] kfree+0x214/0x3c8 [ 18.513531] ksize_uaf+0x11c/0x5f8 [ 18.513593] kunit_try_run_case+0x170/0x3f0 [ 18.513697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.513791] kthread+0x328/0x630 [ 18.513824] ret_from_fork+0x10/0x20 [ 18.513877] [ 18.513895] The buggy address belongs to the object at fff00000c77e8000 [ 18.513895] which belongs to the cache kmalloc-128 of size 128 [ 18.514138] The buggy address is located 120 bytes inside of [ 18.514138] freed 128-byte region [fff00000c77e8000, fff00000c77e8080) [ 18.514319] [ 18.514409] The buggy address belongs to the physical page: [ 18.514492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e8 [ 18.514566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.514612] page_type: f5(slab) [ 18.514732] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.514789] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.514829] page dumped because: kasan: bad access detected [ 18.514869] [ 18.514886] Memory state around the buggy address: [ 18.514919] fff00000c77e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.514961] fff00000c77e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.515547] >fff00000c77e8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.515587] ^ [ 18.515627] fff00000c77e8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.515667] fff00000c77e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.515705] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.473608] ================================================================== [ 18.473711] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 18.473889] Read of size 1 at addr fff00000c5cbbf78 by task kunit_try_catch/194 [ 18.473938] [ 18.473967] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.474045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.474071] Hardware name: linux,dummy-virt (DT) [ 18.474739] Call trace: [ 18.474955] show_stack+0x20/0x38 (C) [ 18.475439] dump_stack_lvl+0x8c/0xd0 [ 18.475566] print_report+0x118/0x608 [ 18.475681] kasan_report+0xdc/0x128 [ 18.475728] __asan_report_load1_noabort+0x20/0x30 [ 18.475806] ksize_unpoisons_memory+0x618/0x740 [ 18.476042] kunit_try_run_case+0x170/0x3f0 [ 18.476101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.476187] kthread+0x328/0x630 [ 18.476230] ret_from_fork+0x10/0x20 [ 18.476277] [ 18.476295] Allocated by task 194: [ 18.476328] kasan_save_stack+0x3c/0x68 [ 18.476399] kasan_save_track+0x20/0x40 [ 18.476436] kasan_save_alloc_info+0x40/0x58 [ 18.476475] __kasan_kmalloc+0xd4/0xd8 [ 18.476822] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.476874] ksize_unpoisons_memory+0xc0/0x740 [ 18.476913] kunit_try_run_case+0x170/0x3f0 [ 18.477052] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.477195] kthread+0x328/0x630 [ 18.477227] ret_from_fork+0x10/0x20 [ 18.477370] [ 18.477411] The buggy address belongs to the object at fff00000c5cbbf00 [ 18.477411] which belongs to the cache kmalloc-128 of size 128 [ 18.477513] The buggy address is located 5 bytes to the right of [ 18.477513] allocated 115-byte region [fff00000c5cbbf00, fff00000c5cbbf73) [ 18.477735] [ 18.477762] The buggy address belongs to the physical page: [ 18.477840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.477906] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.477952] page_type: f5(slab) [ 18.478313] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.478399] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.478452] page dumped because: kasan: bad access detected [ 18.478485] [ 18.478504] Memory state around the buggy address: [ 18.478639] fff00000c5cbbe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.478787] fff00000c5cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.478833] >fff00000c5cbbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.478889] ^ [ 18.478929] fff00000c5cbbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.478993] fff00000c5cbc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.479033] ================================================================== [ 18.480013] ================================================================== [ 18.480202] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 18.480372] Read of size 1 at addr fff00000c5cbbf7f by task kunit_try_catch/194 [ 18.480471] [ 18.480499] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.480940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.480970] Hardware name: linux,dummy-virt (DT) [ 18.480999] Call trace: [ 18.481021] show_stack+0x20/0x38 (C) [ 18.481155] dump_stack_lvl+0x8c/0xd0 [ 18.481200] print_report+0x118/0x608 [ 18.481529] kasan_report+0xdc/0x128 [ 18.481588] __asan_report_load1_noabort+0x20/0x30 [ 18.481640] ksize_unpoisons_memory+0x690/0x740 [ 18.481686] kunit_try_run_case+0x170/0x3f0 [ 18.481733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.481785] kthread+0x328/0x630 [ 18.481826] ret_from_fork+0x10/0x20 [ 18.481884] [ 18.481901] Allocated by task 194: [ 18.481929] kasan_save_stack+0x3c/0x68 [ 18.481978] kasan_save_track+0x20/0x40 [ 18.482017] kasan_save_alloc_info+0x40/0x58 [ 18.482055] __kasan_kmalloc+0xd4/0xd8 [ 18.482199] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.482321] ksize_unpoisons_memory+0xc0/0x740 [ 18.482418] kunit_try_run_case+0x170/0x3f0 [ 18.482541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.482584] kthread+0x328/0x630 [ 18.482615] ret_from_fork+0x10/0x20 [ 18.482649] [ 18.482668] The buggy address belongs to the object at fff00000c5cbbf00 [ 18.482668] which belongs to the cache kmalloc-128 of size 128 [ 18.483157] The buggy address is located 12 bytes to the right of [ 18.483157] allocated 115-byte region [fff00000c5cbbf00, fff00000c5cbbf73) [ 18.483231] [ 18.483260] The buggy address belongs to the physical page: [ 18.483301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.483379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.483429] page_type: f5(slab) [ 18.483466] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.483516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.483726] page dumped because: kasan: bad access detected [ 18.483760] [ 18.483928] Memory state around the buggy address: [ 18.483968] fff00000c5cbbe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.484139] fff00000c5cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.484182] >fff00000c5cbbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.484246] ^ [ 18.484288] fff00000c5cbbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.484329] fff00000c5cbc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.484368] ================================================================== [ 18.465780] ================================================================== [ 18.466095] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 18.466220] Read of size 1 at addr fff00000c5cbbf73 by task kunit_try_catch/194 [ 18.466308] [ 18.466430] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.466540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.466568] Hardware name: linux,dummy-virt (DT) [ 18.466600] Call trace: [ 18.466621] show_stack+0x20/0x38 (C) [ 18.467000] dump_stack_lvl+0x8c/0xd0 [ 18.467051] print_report+0x118/0x608 [ 18.467097] kasan_report+0xdc/0x128 [ 18.467459] __asan_report_load1_noabort+0x20/0x30 [ 18.467540] ksize_unpoisons_memory+0x628/0x740 [ 18.467619] kunit_try_run_case+0x170/0x3f0 [ 18.467672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.467725] kthread+0x328/0x630 [ 18.467775] ret_from_fork+0x10/0x20 [ 18.467853] [ 18.467884] Allocated by task 194: [ 18.467914] kasan_save_stack+0x3c/0x68 [ 18.468000] kasan_save_track+0x20/0x40 [ 18.468059] kasan_save_alloc_info+0x40/0x58 [ 18.468209] __kasan_kmalloc+0xd4/0xd8 [ 18.468252] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.468290] ksize_unpoisons_memory+0xc0/0x740 [ 18.468368] kunit_try_run_case+0x170/0x3f0 [ 18.468543] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.468595] kthread+0x328/0x630 [ 18.468761] ret_from_fork+0x10/0x20 [ 18.468798] [ 18.468817] The buggy address belongs to the object at fff00000c5cbbf00 [ 18.468817] which belongs to the cache kmalloc-128 of size 128 [ 18.468882] The buggy address is located 0 bytes to the right of [ 18.468882] allocated 115-byte region [fff00000c5cbbf00, fff00000c5cbbf73) [ 18.468944] [ 18.468963] The buggy address belongs to the physical page: [ 18.468992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.469044] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.469432] page_type: f5(slab) [ 18.469740] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.469935] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.470216] page dumped because: kasan: bad access detected [ 18.470477] [ 18.470576] Memory state around the buggy address: [ 18.470651] fff00000c5cbbe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.470774] fff00000c5cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.470919] >fff00000c5cbbf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.471056] ^ [ 18.471096] fff00000c5cbbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.471318] fff00000c5cbc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.471607] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.454176] ================================================================== [ 18.454243] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 18.454289] Free of addr fff00000c5cb3720 by task kunit_try_catch/192 [ 18.454408] [ 18.454521] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.454600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.454626] Hardware name: linux,dummy-virt (DT) [ 18.454676] Call trace: [ 18.454705] show_stack+0x20/0x38 (C) [ 18.454850] dump_stack_lvl+0x8c/0xd0 [ 18.454909] print_report+0x118/0x608 [ 18.454955] kasan_report_invalid_free+0xc0/0xe8 [ 18.455004] check_slab_allocation+0xd4/0x108 [ 18.455059] __kasan_slab_pre_free+0x2c/0x48 [ 18.455107] kfree+0xe8/0x3c8 [ 18.455148] kfree_sensitive+0x3c/0xb0 [ 18.455191] kmalloc_double_kzfree+0x168/0x308 [ 18.455239] kunit_try_run_case+0x170/0x3f0 [ 18.455285] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.455343] kthread+0x328/0x630 [ 18.455400] ret_from_fork+0x10/0x20 [ 18.455453] [ 18.455471] Allocated by task 192: [ 18.455526] kasan_save_stack+0x3c/0x68 [ 18.455566] kasan_save_track+0x20/0x40 [ 18.455607] kasan_save_alloc_info+0x40/0x58 [ 18.455649] __kasan_kmalloc+0xd4/0xd8 [ 18.455686] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.455723] kmalloc_double_kzfree+0xb8/0x308 [ 18.455770] kunit_try_run_case+0x170/0x3f0 [ 18.455820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.455909] kthread+0x328/0x630 [ 18.456207] ret_from_fork+0x10/0x20 [ 18.456263] [ 18.456343] Freed by task 192: [ 18.456438] kasan_save_stack+0x3c/0x68 [ 18.456477] kasan_save_track+0x20/0x40 [ 18.456515] kasan_save_free_info+0x4c/0x78 [ 18.456553] __kasan_slab_free+0x6c/0x98 [ 18.456630] kfree+0x214/0x3c8 [ 18.456770] kfree_sensitive+0x80/0xb0 [ 18.456806] kmalloc_double_kzfree+0x11c/0x308 [ 18.456985] kunit_try_run_case+0x170/0x3f0 [ 18.457043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.457147] kthread+0x328/0x630 [ 18.457236] ret_from_fork+0x10/0x20 [ 18.457289] [ 18.457307] The buggy address belongs to the object at fff00000c5cb3720 [ 18.457307] which belongs to the cache kmalloc-16 of size 16 [ 18.457361] The buggy address is located 0 bytes inside of [ 18.457361] 16-byte region [fff00000c5cb3720, fff00000c5cb3730) [ 18.457419] [ 18.457438] The buggy address belongs to the physical page: [ 18.457517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 18.457568] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.457661] page_type: f5(slab) [ 18.457745] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.458476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.458538] page dumped because: kasan: bad access detected [ 18.458631] [ 18.458654] Memory state around the buggy address: [ 18.458726] fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.458776] fff00000c5cb3680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.458818] >fff00000c5cb3700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.458855] ^ [ 18.458895] fff00000c5cb3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.458937] fff00000c5cb3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.458975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.448856] ================================================================== [ 18.449383] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 18.449558] Read of size 1 at addr fff00000c5cb3720 by task kunit_try_catch/192 [ 18.449656] [ 18.449870] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.449953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.449978] Hardware name: linux,dummy-virt (DT) [ 18.450010] Call trace: [ 18.450031] show_stack+0x20/0x38 (C) [ 18.450079] dump_stack_lvl+0x8c/0xd0 [ 18.450125] print_report+0x118/0x608 [ 18.450171] kasan_report+0xdc/0x128 [ 18.450225] __kasan_check_byte+0x54/0x70 [ 18.450272] kfree_sensitive+0x30/0xb0 [ 18.450318] kmalloc_double_kzfree+0x168/0x308 [ 18.450363] kunit_try_run_case+0x170/0x3f0 [ 18.450409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.450460] kthread+0x328/0x630 [ 18.450603] ret_from_fork+0x10/0x20 [ 18.450655] [ 18.450675] Allocated by task 192: [ 18.450762] kasan_save_stack+0x3c/0x68 [ 18.450854] kasan_save_track+0x20/0x40 [ 18.450902] kasan_save_alloc_info+0x40/0x58 [ 18.451010] __kasan_kmalloc+0xd4/0xd8 [ 18.451047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.451086] kmalloc_double_kzfree+0xb8/0x308 [ 18.451125] kunit_try_run_case+0x170/0x3f0 [ 18.451163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.451206] kthread+0x328/0x630 [ 18.451238] ret_from_fork+0x10/0x20 [ 18.451274] [ 18.451292] Freed by task 192: [ 18.451317] kasan_save_stack+0x3c/0x68 [ 18.451353] kasan_save_track+0x20/0x40 [ 18.451407] kasan_save_free_info+0x4c/0x78 [ 18.451459] __kasan_slab_free+0x6c/0x98 [ 18.451506] kfree+0x214/0x3c8 [ 18.451608] kfree_sensitive+0x80/0xb0 [ 18.451675] kmalloc_double_kzfree+0x11c/0x308 [ 18.451733] kunit_try_run_case+0x170/0x3f0 [ 18.452005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.452090] kthread+0x328/0x630 [ 18.452123] ret_from_fork+0x10/0x20 [ 18.452159] [ 18.452177] The buggy address belongs to the object at fff00000c5cb3720 [ 18.452177] which belongs to the cache kmalloc-16 of size 16 [ 18.452233] The buggy address is located 0 bytes inside of [ 18.452233] freed 16-byte region [fff00000c5cb3720, fff00000c5cb3730) [ 18.452292] [ 18.452311] The buggy address belongs to the physical page: [ 18.452342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 18.452392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.452437] page_type: f5(slab) [ 18.452472] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.452521] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.452561] page dumped because: kasan: bad access detected [ 18.452677] [ 18.452695] Memory state around the buggy address: [ 18.452726] fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.452774] fff00000c5cb3680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.452815] >fff00000c5cb3700: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 18.452852] ^ [ 18.452953] fff00000c5cb3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.453168] fff00000c5cb3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.453319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.434321] ================================================================== [ 18.434436] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 18.434628] Read of size 1 at addr fff00000c7818b28 by task kunit_try_catch/188 [ 18.434677] [ 18.434709] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.434797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.434830] Hardware name: linux,dummy-virt (DT) [ 18.434870] Call trace: [ 18.434893] show_stack+0x20/0x38 (C) [ 18.434939] dump_stack_lvl+0x8c/0xd0 [ 18.434986] print_report+0x118/0x608 [ 18.435031] kasan_report+0xdc/0x128 [ 18.435076] __asan_report_load1_noabort+0x20/0x30 [ 18.435127] kmalloc_uaf2+0x3f4/0x468 [ 18.435170] kunit_try_run_case+0x170/0x3f0 [ 18.435217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.435269] kthread+0x328/0x630 [ 18.435312] ret_from_fork+0x10/0x20 [ 18.435358] [ 18.435377] Allocated by task 188: [ 18.435541] kasan_save_stack+0x3c/0x68 [ 18.435614] kasan_save_track+0x20/0x40 [ 18.435712] kasan_save_alloc_info+0x40/0x58 [ 18.435754] __kasan_kmalloc+0xd4/0xd8 [ 18.435789] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.435829] kmalloc_uaf2+0xc4/0x468 [ 18.435873] kunit_try_run_case+0x170/0x3f0 [ 18.435920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.435963] kthread+0x328/0x630 [ 18.435994] ret_from_fork+0x10/0x20 [ 18.436030] [ 18.436048] Freed by task 188: [ 18.436075] kasan_save_stack+0x3c/0x68 [ 18.436111] kasan_save_track+0x20/0x40 [ 18.436147] kasan_save_free_info+0x4c/0x78 [ 18.436295] __kasan_slab_free+0x6c/0x98 [ 18.436333] kfree+0x214/0x3c8 [ 18.436460] kmalloc_uaf2+0x134/0x468 [ 18.436505] kunit_try_run_case+0x170/0x3f0 [ 18.436550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.436633] kthread+0x328/0x630 [ 18.436783] ret_from_fork+0x10/0x20 [ 18.436857] [ 18.436908] The buggy address belongs to the object at fff00000c7818b00 [ 18.436908] which belongs to the cache kmalloc-64 of size 64 [ 18.436998] The buggy address is located 40 bytes inside of [ 18.436998] freed 64-byte region [fff00000c7818b00, fff00000c7818b40) [ 18.437091] [ 18.437110] The buggy address belongs to the physical page: [ 18.437145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 18.437383] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.437430] page_type: f5(slab) [ 18.437466] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.437515] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.437555] page dumped because: kasan: bad access detected [ 18.437611] [ 18.437667] Memory state around the buggy address: [ 18.437717] fff00000c7818a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.437857] fff00000c7818a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.437908] >fff00000c7818b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.437965] ^ [ 18.438113] fff00000c7818b80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.438189] fff00000c7818c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.438339] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.422142] ================================================================== [ 18.422235] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 18.422474] Write of size 33 at addr fff00000c7818980 by task kunit_try_catch/186 [ 18.422613] [ 18.422683] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.422994] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.423021] Hardware name: linux,dummy-virt (DT) [ 18.423157] Call trace: [ 18.423256] show_stack+0x20/0x38 (C) [ 18.423398] dump_stack_lvl+0x8c/0xd0 [ 18.423544] print_report+0x118/0x608 [ 18.423780] kasan_report+0xdc/0x128 [ 18.424413] kasan_check_range+0x100/0x1a8 [ 18.424503] __asan_memset+0x34/0x78 [ 18.424544] kmalloc_uaf_memset+0x170/0x310 [ 18.424591] kunit_try_run_case+0x170/0x3f0 [ 18.424637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.424689] kthread+0x328/0x630 [ 18.424729] ret_from_fork+0x10/0x20 [ 18.424776] [ 18.424795] Allocated by task 186: [ 18.424821] kasan_save_stack+0x3c/0x68 [ 18.424870] kasan_save_track+0x20/0x40 [ 18.424908] kasan_save_alloc_info+0x40/0x58 [ 18.424947] __kasan_kmalloc+0xd4/0xd8 [ 18.424986] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.425024] kmalloc_uaf_memset+0xb8/0x310 [ 18.425060] kunit_try_run_case+0x170/0x3f0 [ 18.425116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.425159] kthread+0x328/0x630 [ 18.425192] ret_from_fork+0x10/0x20 [ 18.425353] [ 18.425382] Freed by task 186: [ 18.425407] kasan_save_stack+0x3c/0x68 [ 18.425446] kasan_save_track+0x20/0x40 [ 18.425482] kasan_save_free_info+0x4c/0x78 [ 18.425521] __kasan_slab_free+0x6c/0x98 [ 18.425557] kfree+0x214/0x3c8 [ 18.425589] kmalloc_uaf_memset+0x11c/0x310 [ 18.425624] kunit_try_run_case+0x170/0x3f0 [ 18.425661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.425712] kthread+0x328/0x630 [ 18.425830] ret_from_fork+0x10/0x20 [ 18.425881] [ 18.425968] The buggy address belongs to the object at fff00000c7818980 [ 18.425968] which belongs to the cache kmalloc-64 of size 64 [ 18.426023] The buggy address is located 0 bytes inside of [ 18.426023] freed 64-byte region [fff00000c7818980, fff00000c78189c0) [ 18.426122] [ 18.426184] The buggy address belongs to the physical page: [ 18.426214] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 18.426411] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.426631] page_type: f5(slab) [ 18.426673] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.427206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.427250] page dumped because: kasan: bad access detected [ 18.427281] [ 18.427298] Memory state around the buggy address: [ 18.427356] fff00000c7818880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.427398] fff00000c7818900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.427445] >fff00000c7818980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.427722] ^ [ 18.427750] fff00000c7818a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.427791] fff00000c7818a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.428025] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 18.412715] ================================================================== [ 18.412775] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 18.412825] Read of size 1 at addr fff00000c5cb3708 by task kunit_try_catch/184 [ 18.412893] [ 18.413004] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.413272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.413411] Hardware name: linux,dummy-virt (DT) [ 18.413463] Call trace: [ 18.413486] show_stack+0x20/0x38 (C) [ 18.413710] dump_stack_lvl+0x8c/0xd0 [ 18.413757] print_report+0x118/0x608 [ 18.413801] kasan_report+0xdc/0x128 [ 18.413844] __asan_report_load1_noabort+0x20/0x30 [ 18.413905] kmalloc_uaf+0x300/0x338 [ 18.413946] kunit_try_run_case+0x170/0x3f0 [ 18.413992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.414042] kthread+0x328/0x630 [ 18.414083] ret_from_fork+0x10/0x20 [ 18.414130] [ 18.414148] Allocated by task 184: [ 18.414173] kasan_save_stack+0x3c/0x68 [ 18.414212] kasan_save_track+0x20/0x40 [ 18.414250] kasan_save_alloc_info+0x40/0x58 [ 18.414290] __kasan_kmalloc+0xd4/0xd8 [ 18.414327] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.414365] kmalloc_uaf+0xb8/0x338 [ 18.414399] kunit_try_run_case+0x170/0x3f0 [ 18.414435] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.414489] kthread+0x328/0x630 [ 18.414523] ret_from_fork+0x10/0x20 [ 18.414557] [ 18.414576] Freed by task 184: [ 18.414601] kasan_save_stack+0x3c/0x68 [ 18.414638] kasan_save_track+0x20/0x40 [ 18.414674] kasan_save_free_info+0x4c/0x78 [ 18.414713] __kasan_slab_free+0x6c/0x98 [ 18.414750] kfree+0x214/0x3c8 [ 18.414803] kmalloc_uaf+0x11c/0x338 [ 18.414999] kunit_try_run_case+0x170/0x3f0 [ 18.415040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.415099] kthread+0x328/0x630 [ 18.415132] ret_from_fork+0x10/0x20 [ 18.415169] [ 18.415187] The buggy address belongs to the object at fff00000c5cb3700 [ 18.415187] which belongs to the cache kmalloc-16 of size 16 [ 18.415243] The buggy address is located 8 bytes inside of [ 18.415243] freed 16-byte region [fff00000c5cb3700, fff00000c5cb3710) [ 18.415302] [ 18.415323] The buggy address belongs to the physical page: [ 18.415353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 18.415402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.415463] page_type: f5(slab) [ 18.415501] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.415632] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.415672] page dumped because: kasan: bad access detected [ 18.415732] [ 18.415750] Memory state around the buggy address: [ 18.415781] fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.415868] fff00000c5cb3680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.415954] >fff00000c5cb3700: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.415991] ^ [ 18.416049] fff00000c5cb3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.416090] fff00000c5cb3800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.416128] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 18.405444] ================================================================== [ 18.405502] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.405551] Read of size 64 at addr fff00000c7818604 by task kunit_try_catch/182 [ 18.405601] [ 18.405630] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.405710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.405736] Hardware name: linux,dummy-virt (DT) [ 18.405766] Call trace: [ 18.405787] show_stack+0x20/0x38 (C) [ 18.405832] dump_stack_lvl+0x8c/0xd0 [ 18.405907] print_report+0x118/0x608 [ 18.406126] kasan_report+0xdc/0x128 [ 18.406172] kasan_check_range+0x100/0x1a8 [ 18.406221] __asan_memmove+0x3c/0x98 [ 18.406263] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 18.406313] kunit_try_run_case+0x170/0x3f0 [ 18.406359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.406409] kthread+0x328/0x630 [ 18.406450] ret_from_fork+0x10/0x20 [ 18.406498] [ 18.406515] Allocated by task 182: [ 18.406541] kasan_save_stack+0x3c/0x68 [ 18.406582] kasan_save_track+0x20/0x40 [ 18.406620] kasan_save_alloc_info+0x40/0x58 [ 18.406669] __kasan_kmalloc+0xd4/0xd8 [ 18.406759] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.406873] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 18.406915] kunit_try_run_case+0x170/0x3f0 [ 18.406951] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.406994] kthread+0x328/0x630 [ 18.407026] ret_from_fork+0x10/0x20 [ 18.407062] [ 18.407096] The buggy address belongs to the object at fff00000c7818600 [ 18.407096] which belongs to the cache kmalloc-64 of size 64 [ 18.407152] The buggy address is located 4 bytes inside of [ 18.407152] allocated 64-byte region [fff00000c7818600, fff00000c7818640) [ 18.407224] [ 18.407245] The buggy address belongs to the physical page: [ 18.407274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 18.407413] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.407464] page_type: f5(slab) [ 18.407594] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.407693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.407777] page dumped because: kasan: bad access detected [ 18.407893] [ 18.407910] Memory state around the buggy address: [ 18.407983] fff00000c7818500: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 18.408091] fff00000c7818580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.408168] >fff00000c7818600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.408232] ^ [ 18.408269] fff00000c7818680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.408310] fff00000c7818700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.408375] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 18.395599] ================================================================== [ 18.395665] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.395714] Read of size 18446744073709551614 at addr fff00000c7818404 by task kunit_try_catch/180 [ 18.395800] [ 18.395956] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.396145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.396177] Hardware name: linux,dummy-virt (DT) [ 18.396245] Call trace: [ 18.396266] show_stack+0x20/0x38 (C) [ 18.396351] dump_stack_lvl+0x8c/0xd0 [ 18.396401] print_report+0x118/0x608 [ 18.396631] kasan_report+0xdc/0x128 [ 18.396676] kasan_check_range+0x100/0x1a8 [ 18.396799] __asan_memmove+0x3c/0x98 [ 18.396840] kmalloc_memmove_negative_size+0x154/0x2e0 [ 18.396904] kunit_try_run_case+0x170/0x3f0 [ 18.397593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.397771] kthread+0x328/0x630 [ 18.398025] ret_from_fork+0x10/0x20 [ 18.398074] [ 18.398094] Allocated by task 180: [ 18.398120] kasan_save_stack+0x3c/0x68 [ 18.398214] kasan_save_track+0x20/0x40 [ 18.398250] kasan_save_alloc_info+0x40/0x58 [ 18.398291] __kasan_kmalloc+0xd4/0xd8 [ 18.398328] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.398385] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 18.398517] kunit_try_run_case+0x170/0x3f0 [ 18.398557] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.398601] kthread+0x328/0x630 [ 18.398641] ret_from_fork+0x10/0x20 [ 18.398682] [ 18.398750] The buggy address belongs to the object at fff00000c7818400 [ 18.398750] which belongs to the cache kmalloc-64 of size 64 [ 18.398981] The buggy address is located 4 bytes inside of [ 18.398981] 64-byte region [fff00000c7818400, fff00000c7818440) [ 18.399047] [ 18.399067] The buggy address belongs to the physical page: [ 18.399099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 18.399150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.399196] page_type: f5(slab) [ 18.399232] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 18.399281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.399320] page dumped because: kasan: bad access detected [ 18.399351] [ 18.399369] Memory state around the buggy address: [ 18.399399] fff00000c7818300: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 18.399448] fff00000c7818380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.399490] >fff00000c7818400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 18.399528] ^ [ 18.399554] fff00000c7818480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.399596] fff00000c7818500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.399634] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 18.382597] ================================================================== [ 18.382654] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 18.382706] Write of size 16 at addr fff00000c5cbbe69 by task kunit_try_catch/178 [ 18.382762] [ 18.382796] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.382917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382943] Hardware name: linux,dummy-virt (DT) [ 18.382972] Call trace: [ 18.382994] show_stack+0x20/0x38 (C) [ 18.383041] dump_stack_lvl+0x8c/0xd0 [ 18.383086] print_report+0x118/0x608 [ 18.383210] kasan_report+0xdc/0x128 [ 18.383339] kasan_check_range+0x100/0x1a8 [ 18.383406] __asan_memset+0x34/0x78 [ 18.383511] kmalloc_oob_memset_16+0x150/0x2f8 [ 18.383556] kunit_try_run_case+0x170/0x3f0 [ 18.383603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.383814] kthread+0x328/0x630 [ 18.383884] ret_from_fork+0x10/0x20 [ 18.383934] [ 18.383951] Allocated by task 178: [ 18.383979] kasan_save_stack+0x3c/0x68 [ 18.384020] kasan_save_track+0x20/0x40 [ 18.384056] kasan_save_alloc_info+0x40/0x58 [ 18.384122] __kasan_kmalloc+0xd4/0xd8 [ 18.384197] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.384247] kmalloc_oob_memset_16+0xb0/0x2f8 [ 18.384353] kunit_try_run_case+0x170/0x3f0 [ 18.384396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.384568] kthread+0x328/0x630 [ 18.384600] ret_from_fork+0x10/0x20 [ 18.384678] [ 18.384698] The buggy address belongs to the object at fff00000c5cbbe00 [ 18.384698] which belongs to the cache kmalloc-128 of size 128 [ 18.384778] The buggy address is located 105 bytes inside of [ 18.384778] allocated 120-byte region [fff00000c5cbbe00, fff00000c5cbbe78) [ 18.385269] [ 18.385295] The buggy address belongs to the physical page: [ 18.385324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.385402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.385447] page_type: f5(slab) [ 18.385483] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.385552] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.385591] page dumped because: kasan: bad access detected [ 18.385620] [ 18.385638] Memory state around the buggy address: [ 18.385668] fff00000c5cbbd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.385819] fff00000c5cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385961] >fff00000c5cbbe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.386009] ^ [ 18.386046] fff00000c5cbbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.386086] fff00000c5cbbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.386122] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 18.361996] ================================================================== [ 18.362110] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 18.362195] Write of size 8 at addr fff00000c5cbbd71 by task kunit_try_catch/176 [ 18.362387] [ 18.362436] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.362732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.362826] Hardware name: linux,dummy-virt (DT) [ 18.362920] Call trace: [ 18.363020] show_stack+0x20/0x38 (C) [ 18.363209] dump_stack_lvl+0x8c/0xd0 [ 18.363282] print_report+0x118/0x608 [ 18.363459] kasan_report+0xdc/0x128 [ 18.363519] kasan_check_range+0x100/0x1a8 [ 18.363788] __asan_memset+0x34/0x78 [ 18.363925] kmalloc_oob_memset_8+0x150/0x2f8 [ 18.364105] kunit_try_run_case+0x170/0x3f0 [ 18.364298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364422] kthread+0x328/0x630 [ 18.364464] ret_from_fork+0x10/0x20 [ 18.364528] [ 18.364546] Allocated by task 176: [ 18.364608] kasan_save_stack+0x3c/0x68 [ 18.364665] kasan_save_track+0x20/0x40 [ 18.364713] kasan_save_alloc_info+0x40/0x58 [ 18.364767] __kasan_kmalloc+0xd4/0xd8 [ 18.364805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.364843] kmalloc_oob_memset_8+0xb0/0x2f8 [ 18.364888] kunit_try_run_case+0x170/0x3f0 [ 18.364933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.364984] kthread+0x328/0x630 [ 18.365016] ret_from_fork+0x10/0x20 [ 18.365050] [ 18.365069] The buggy address belongs to the object at fff00000c5cbbd00 [ 18.365069] which belongs to the cache kmalloc-128 of size 128 [ 18.365144] The buggy address is located 113 bytes inside of [ 18.365144] allocated 120-byte region [fff00000c5cbbd00, fff00000c5cbbd78) [ 18.365209] [ 18.365228] The buggy address belongs to the physical page: [ 18.365262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.365318] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.365373] page_type: f5(slab) [ 18.365409] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.365456] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.365504] page dumped because: kasan: bad access detected [ 18.365542] [ 18.365560] Memory state around the buggy address: [ 18.365604] fff00000c5cbbc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.365645] fff00000c5cbbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.365700] >fff00000c5cbbd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.365736] ^ [ 18.365774] fff00000c5cbbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.365813] fff00000c5cbbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.365867] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 18.345325] ================================================================== [ 18.345384] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 18.345436] Write of size 4 at addr fff00000c5cbbc75 by task kunit_try_catch/174 [ 18.345492] [ 18.345526] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.345604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.345629] Hardware name: linux,dummy-virt (DT) [ 18.346039] Call trace: [ 18.346112] show_stack+0x20/0x38 (C) [ 18.346165] dump_stack_lvl+0x8c/0xd0 [ 18.346210] print_report+0x118/0x608 [ 18.346254] kasan_report+0xdc/0x128 [ 18.346297] kasan_check_range+0x100/0x1a8 [ 18.346343] __asan_memset+0x34/0x78 [ 18.346443] kmalloc_oob_memset_4+0x150/0x300 [ 18.346518] kunit_try_run_case+0x170/0x3f0 [ 18.346649] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.346703] kthread+0x328/0x630 [ 18.346874] ret_from_fork+0x10/0x20 [ 18.347111] [ 18.347249] Allocated by task 174: [ 18.347389] kasan_save_stack+0x3c/0x68 [ 18.347593] kasan_save_track+0x20/0x40 [ 18.347764] kasan_save_alloc_info+0x40/0x58 [ 18.347848] __kasan_kmalloc+0xd4/0xd8 [ 18.348039] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.348221] kmalloc_oob_memset_4+0xb0/0x300 [ 18.348258] kunit_try_run_case+0x170/0x3f0 [ 18.348593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.348647] kthread+0x328/0x630 [ 18.349044] ret_from_fork+0x10/0x20 [ 18.349110] [ 18.349190] The buggy address belongs to the object at fff00000c5cbbc00 [ 18.349190] which belongs to the cache kmalloc-128 of size 128 [ 18.349363] The buggy address is located 117 bytes inside of [ 18.349363] allocated 120-byte region [fff00000c5cbbc00, fff00000c5cbbc78) [ 18.349672] [ 18.349941] The buggy address belongs to the physical page: [ 18.349994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.350087] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.350156] page_type: f5(slab) [ 18.350534] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.350634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.350761] page dumped because: kasan: bad access detected [ 18.350982] [ 18.351004] Memory state around the buggy address: [ 18.351036] fff00000c5cbbb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.351206] fff00000c5cbbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.351264] >fff00000c5cbbc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.351392] ^ [ 18.351585] fff00000c5cbbc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.351635] fff00000c5cbbd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352202] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 18.321947] ================================================================== [ 18.322076] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 18.322127] Write of size 2 at addr fff00000c5cbbb77 by task kunit_try_catch/172 [ 18.322237] [ 18.322271] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.322479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.322517] Hardware name: linux,dummy-virt (DT) [ 18.322546] Call trace: [ 18.322731] show_stack+0x20/0x38 (C) [ 18.322929] dump_stack_lvl+0x8c/0xd0 [ 18.323093] print_report+0x118/0x608 [ 18.323284] kasan_report+0xdc/0x128 [ 18.323473] kasan_check_range+0x100/0x1a8 [ 18.323633] __asan_memset+0x34/0x78 [ 18.323723] kmalloc_oob_memset_2+0x150/0x2f8 [ 18.323796] kunit_try_run_case+0x170/0x3f0 [ 18.323841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.324282] kthread+0x328/0x630 [ 18.324436] ret_from_fork+0x10/0x20 [ 18.324553] [ 18.324879] Allocated by task 172: [ 18.324994] kasan_save_stack+0x3c/0x68 [ 18.325246] kasan_save_track+0x20/0x40 [ 18.325340] kasan_save_alloc_info+0x40/0x58 [ 18.325382] __kasan_kmalloc+0xd4/0xd8 [ 18.325438] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.325482] kmalloc_oob_memset_2+0xb0/0x2f8 [ 18.325518] kunit_try_run_case+0x170/0x3f0 [ 18.325555] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.325597] kthread+0x328/0x630 [ 18.325633] ret_from_fork+0x10/0x20 [ 18.325670] [ 18.325690] The buggy address belongs to the object at fff00000c5cbbb00 [ 18.325690] which belongs to the cache kmalloc-128 of size 128 [ 18.325745] The buggy address is located 119 bytes inside of [ 18.325745] allocated 120-byte region [fff00000c5cbbb00, fff00000c5cbbb78) [ 18.325803] [ 18.325832] The buggy address belongs to the physical page: [ 18.325873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.325931] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.325982] page_type: f5(slab) [ 18.326019] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.326076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.326114] page dumped because: kasan: bad access detected [ 18.326158] [ 18.326177] Memory state around the buggy address: [ 18.326206] fff00000c5cbba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.326257] fff00000c5cbba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326299] >fff00000c5cbbb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.326344] ^ [ 18.326404] fff00000c5cbbb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326446] fff00000c5cbbc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.326483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 18.304808] ================================================================== [ 18.305221] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 18.305286] Write of size 128 at addr fff00000c5cbba00 by task kunit_try_catch/170 [ 18.305352] [ 18.305401] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.305480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.305506] Hardware name: linux,dummy-virt (DT) [ 18.305535] Call trace: [ 18.305802] show_stack+0x20/0x38 (C) [ 18.305935] dump_stack_lvl+0x8c/0xd0 [ 18.306009] print_report+0x118/0x608 [ 18.306063] kasan_report+0xdc/0x128 [ 18.306107] kasan_check_range+0x100/0x1a8 [ 18.306189] __asan_memset+0x34/0x78 [ 18.306233] kmalloc_oob_in_memset+0x144/0x2d0 [ 18.306313] kunit_try_run_case+0x170/0x3f0 [ 18.306528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.306596] kthread+0x328/0x630 [ 18.306638] ret_from_fork+0x10/0x20 [ 18.306692] [ 18.306710] Allocated by task 170: [ 18.306737] kasan_save_stack+0x3c/0x68 [ 18.306985] kasan_save_track+0x20/0x40 [ 18.307165] kasan_save_alloc_info+0x40/0x58 [ 18.307257] __kasan_kmalloc+0xd4/0xd8 [ 18.307459] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.307613] kmalloc_oob_in_memset+0xb0/0x2d0 [ 18.307750] kunit_try_run_case+0x170/0x3f0 [ 18.307839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.308095] kthread+0x328/0x630 [ 18.308330] ret_from_fork+0x10/0x20 [ 18.308398] [ 18.308827] The buggy address belongs to the object at fff00000c5cbba00 [ 18.308827] which belongs to the cache kmalloc-128 of size 128 [ 18.308928] The buggy address is located 0 bytes inside of [ 18.308928] allocated 120-byte region [fff00000c5cbba00, fff00000c5cbba78) [ 18.309171] [ 18.309274] The buggy address belongs to the physical page: [ 18.309392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.309583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.309666] page_type: f5(slab) [ 18.309837] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.309915] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.310061] page dumped because: kasan: bad access detected [ 18.310205] [ 18.310303] Memory state around the buggy address: [ 18.310502] fff00000c5cbb900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.310582] fff00000c5cbb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.310759] >fff00000c5cbba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.310913] ^ [ 18.311050] fff00000c5cbba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.311176] fff00000c5cbbb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.311286] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 18.286336] ================================================================== [ 18.286439] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 18.286740] Read of size 16 at addr fff00000c5cb36e0 by task kunit_try_catch/168 [ 18.286910] [ 18.287144] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.287430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.287555] Hardware name: linux,dummy-virt (DT) [ 18.287696] Call trace: [ 18.287806] show_stack+0x20/0x38 (C) [ 18.287999] dump_stack_lvl+0x8c/0xd0 [ 18.288093] print_report+0x118/0x608 [ 18.288382] kasan_report+0xdc/0x128 [ 18.288578] __asan_report_load16_noabort+0x20/0x30 [ 18.288681] kmalloc_uaf_16+0x3bc/0x438 [ 18.288912] kunit_try_run_case+0x170/0x3f0 [ 18.289307] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.289401] kthread+0x328/0x630 [ 18.289531] ret_from_fork+0x10/0x20 [ 18.289697] [ 18.289757] Allocated by task 168: [ 18.289879] kasan_save_stack+0x3c/0x68 [ 18.289924] kasan_save_track+0x20/0x40 [ 18.290195] kasan_save_alloc_info+0x40/0x58 [ 18.290406] __kasan_kmalloc+0xd4/0xd8 [ 18.290449] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.290504] kmalloc_uaf_16+0x140/0x438 [ 18.290768] kunit_try_run_case+0x170/0x3f0 [ 18.291008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.291324] kthread+0x328/0x630 [ 18.291466] ret_from_fork+0x10/0x20 [ 18.291515] [ 18.291767] Freed by task 168: [ 18.291814] kasan_save_stack+0x3c/0x68 [ 18.291965] kasan_save_track+0x20/0x40 [ 18.292101] kasan_save_free_info+0x4c/0x78 [ 18.292494] __kasan_slab_free+0x6c/0x98 [ 18.292775] kfree+0x214/0x3c8 [ 18.293167] kmalloc_uaf_16+0x190/0x438 [ 18.293375] kunit_try_run_case+0x170/0x3f0 [ 18.293452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.294083] kthread+0x328/0x630 [ 18.294274] ret_from_fork+0x10/0x20 [ 18.294460] [ 18.294580] The buggy address belongs to the object at fff00000c5cb36e0 [ 18.294580] which belongs to the cache kmalloc-16 of size 16 [ 18.294784] The buggy address is located 0 bytes inside of [ 18.294784] freed 16-byte region [fff00000c5cb36e0, fff00000c5cb36f0) [ 18.294921] [ 18.294951] The buggy address belongs to the physical page: [ 18.294997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 18.295050] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.295374] page_type: f5(slab) [ 18.295532] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.295687] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.295731] page dumped because: kasan: bad access detected [ 18.295949] [ 18.296144] Memory state around the buggy address: [ 18.296206] fff00000c5cb3580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.296262] fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.296503] >fff00000c5cb3680: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 18.296710] ^ [ 18.296748] fff00000c5cb3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.297087] fff00000c5cb3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.297236] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 18.273095] ================================================================== [ 18.273517] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 18.273601] Write of size 16 at addr fff00000c5cb3680 by task kunit_try_catch/166 [ 18.273653] [ 18.273695] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.273772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.273798] Hardware name: linux,dummy-virt (DT) [ 18.274054] Call trace: [ 18.274294] show_stack+0x20/0x38 (C) [ 18.274355] dump_stack_lvl+0x8c/0xd0 [ 18.274400] print_report+0x118/0x608 [ 18.274509] kasan_report+0xdc/0x128 [ 18.274612] __asan_report_store16_noabort+0x20/0x30 [ 18.275053] kmalloc_oob_16+0x3a0/0x3f8 [ 18.275290] kunit_try_run_case+0x170/0x3f0 [ 18.275566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.275693] kthread+0x328/0x630 [ 18.275759] ret_from_fork+0x10/0x20 [ 18.276299] [ 18.276408] Allocated by task 166: [ 18.276537] kasan_save_stack+0x3c/0x68 [ 18.276704] kasan_save_track+0x20/0x40 [ 18.276755] kasan_save_alloc_info+0x40/0x58 [ 18.276794] __kasan_kmalloc+0xd4/0xd8 [ 18.276830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.276880] kmalloc_oob_16+0xb4/0x3f8 [ 18.276920] kunit_try_run_case+0x170/0x3f0 [ 18.276956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.276997] kthread+0x328/0x630 [ 18.277029] ret_from_fork+0x10/0x20 [ 18.277064] [ 18.277099] The buggy address belongs to the object at fff00000c5cb3680 [ 18.277099] which belongs to the cache kmalloc-16 of size 16 [ 18.277154] The buggy address is located 0 bytes inside of [ 18.277154] allocated 13-byte region [fff00000c5cb3680, fff00000c5cb368d) [ 18.277223] [ 18.277242] The buggy address belongs to the physical page: [ 18.277278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 18.277329] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.277374] page_type: f5(slab) [ 18.277412] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.277460] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.277498] page dumped because: kasan: bad access detected [ 18.277537] [ 18.277554] Memory state around the buggy address: [ 18.277593] fff00000c5cb3580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.277634] fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.277683] >fff00000c5cb3680: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.277726] ^ [ 18.277752] fff00000c5cb3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277802] fff00000c5cb3780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.277846] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 18.241663] ================================================================== [ 18.241749] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 18.241819] Read of size 1 at addr fff00000c47a5c00 by task kunit_try_catch/164 [ 18.242215] [ 18.242268] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.242597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.242639] Hardware name: linux,dummy-virt (DT) [ 18.242781] Call trace: [ 18.242822] show_stack+0x20/0x38 (C) [ 18.242937] dump_stack_lvl+0x8c/0xd0 [ 18.243043] print_report+0x118/0x608 [ 18.243284] kasan_report+0xdc/0x128 [ 18.243498] __kasan_check_byte+0x54/0x70 [ 18.243555] krealloc_noprof+0x44/0x360 [ 18.243711] krealloc_uaf+0x180/0x520 [ 18.243795] kunit_try_run_case+0x170/0x3f0 [ 18.244045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.244192] kthread+0x328/0x630 [ 18.244348] ret_from_fork+0x10/0x20 [ 18.244464] [ 18.244522] Allocated by task 164: [ 18.244749] kasan_save_stack+0x3c/0x68 [ 18.245010] kasan_save_track+0x20/0x40 [ 18.245177] kasan_save_alloc_info+0x40/0x58 [ 18.245333] __kasan_kmalloc+0xd4/0xd8 [ 18.245389] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.245636] krealloc_uaf+0xc8/0x520 [ 18.245683] kunit_try_run_case+0x170/0x3f0 [ 18.246221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.246321] kthread+0x328/0x630 [ 18.246356] ret_from_fork+0x10/0x20 [ 18.246392] [ 18.246620] Freed by task 164: [ 18.246903] kasan_save_stack+0x3c/0x68 [ 18.247059] kasan_save_track+0x20/0x40 [ 18.247113] kasan_save_free_info+0x4c/0x78 [ 18.247161] __kasan_slab_free+0x6c/0x98 [ 18.247203] kfree+0x214/0x3c8 [ 18.247235] krealloc_uaf+0x12c/0x520 [ 18.247269] kunit_try_run_case+0x170/0x3f0 [ 18.247573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.247768] kthread+0x328/0x630 [ 18.247918] ret_from_fork+0x10/0x20 [ 18.248065] [ 18.248213] The buggy address belongs to the object at fff00000c47a5c00 [ 18.248213] which belongs to the cache kmalloc-256 of size 256 [ 18.248933] The buggy address is located 0 bytes inside of [ 18.248933] freed 256-byte region [fff00000c47a5c00, fff00000c47a5d00) [ 18.249086] [ 18.249123] The buggy address belongs to the physical page: [ 18.249235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.249423] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.249471] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.249551] page_type: f5(slab) [ 18.249600] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.249657] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.249704] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.249749] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.249795] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.249841] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.249888] page dumped because: kasan: bad access detected [ 18.249918] [ 18.249936] Memory state around the buggy address: [ 18.250002] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250044] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250084] >fff00000c47a5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.250122] ^ [ 18.250175] fff00000c47a5c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.250214] fff00000c47a5d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.250250] ================================================================== [ 18.252091] ================================================================== [ 18.252143] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 18.252188] Read of size 1 at addr fff00000c47a5c00 by task kunit_try_catch/164 [ 18.252546] [ 18.252742] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.252830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.252856] Hardware name: linux,dummy-virt (DT) [ 18.252900] Call trace: [ 18.252921] show_stack+0x20/0x38 (C) [ 18.252972] dump_stack_lvl+0x8c/0xd0 [ 18.253402] print_report+0x118/0x608 [ 18.253483] kasan_report+0xdc/0x128 [ 18.253529] __asan_report_load1_noabort+0x20/0x30 [ 18.253789] krealloc_uaf+0x4c8/0x520 [ 18.253843] kunit_try_run_case+0x170/0x3f0 [ 18.254013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.254078] kthread+0x328/0x630 [ 18.254275] ret_from_fork+0x10/0x20 [ 18.254745] [ 18.254987] Allocated by task 164: [ 18.255021] kasan_save_stack+0x3c/0x68 [ 18.255216] kasan_save_track+0x20/0x40 [ 18.255831] kasan_save_alloc_info+0x40/0x58 [ 18.255924] __kasan_kmalloc+0xd4/0xd8 [ 18.255992] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.256055] krealloc_uaf+0xc8/0x520 [ 18.256222] kunit_try_run_case+0x170/0x3f0 [ 18.256289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.256340] kthread+0x328/0x630 [ 18.256753] ret_from_fork+0x10/0x20 [ 18.256890] [ 18.257029] Freed by task 164: [ 18.257231] kasan_save_stack+0x3c/0x68 [ 18.257387] kasan_save_track+0x20/0x40 [ 18.257591] kasan_save_free_info+0x4c/0x78 [ 18.257793] __kasan_slab_free+0x6c/0x98 [ 18.258009] kfree+0x214/0x3c8 [ 18.258078] krealloc_uaf+0x12c/0x520 [ 18.258181] kunit_try_run_case+0x170/0x3f0 [ 18.258218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.258260] kthread+0x328/0x630 [ 18.258292] ret_from_fork+0x10/0x20 [ 18.258344] [ 18.258379] The buggy address belongs to the object at fff00000c47a5c00 [ 18.258379] which belongs to the cache kmalloc-256 of size 256 [ 18.258434] The buggy address is located 0 bytes inside of [ 18.258434] freed 256-byte region [fff00000c47a5c00, fff00000c47a5d00) [ 18.258492] [ 18.258512] The buggy address belongs to the physical page: [ 18.258550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.258608] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.258662] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.258710] page_type: f5(slab) [ 18.258973] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.259599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.259737] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.260118] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.260191] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.260341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.260424] page dumped because: kasan: bad access detected [ 18.260746] [ 18.260912] Memory state around the buggy address: [ 18.260975] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.261296] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.261366] >fff00000c47a5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.261470] ^ [ 18.261567] fff00000c47a5c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.261633] fff00000c47a5d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.261670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.141589] ================================================================== [ 18.141660] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.141718] Write of size 1 at addr fff00000c47a5ada by task kunit_try_catch/158 [ 18.141880] [ 18.141929] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.142084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.142163] Hardware name: linux,dummy-virt (DT) [ 18.142194] Call trace: [ 18.142214] show_stack+0x20/0x38 (C) [ 18.142263] dump_stack_lvl+0x8c/0xd0 [ 18.142467] print_report+0x118/0x608 [ 18.142727] kasan_report+0xdc/0x128 [ 18.142885] __asan_report_store1_noabort+0x20/0x30 [ 18.143074] krealloc_less_oob_helper+0xa80/0xc50 [ 18.143282] krealloc_less_oob+0x20/0x38 [ 18.143342] kunit_try_run_case+0x170/0x3f0 [ 18.143590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.143745] kthread+0x328/0x630 [ 18.143906] ret_from_fork+0x10/0x20 [ 18.144060] [ 18.144108] Allocated by task 158: [ 18.144245] kasan_save_stack+0x3c/0x68 [ 18.144298] kasan_save_track+0x20/0x40 [ 18.144350] kasan_save_alloc_info+0x40/0x58 [ 18.144746] __kasan_krealloc+0x118/0x178 [ 18.145744] krealloc_noprof+0x128/0x360 [ 18.145833] krealloc_less_oob_helper+0x168/0xc50 [ 18.145887] krealloc_less_oob+0x20/0x38 [ 18.145923] kunit_try_run_case+0x170/0x3f0 [ 18.145983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.146430] kthread+0x328/0x630 [ 18.146538] ret_from_fork+0x10/0x20 [ 18.146776] [ 18.147009] The buggy address belongs to the object at fff00000c47a5a00 [ 18.147009] which belongs to the cache kmalloc-256 of size 256 [ 18.147174] The buggy address is located 17 bytes to the right of [ 18.147174] allocated 201-byte region [fff00000c47a5a00, fff00000c47a5ac9) [ 18.147490] [ 18.147578] The buggy address belongs to the physical page: [ 18.147657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.147772] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.147910] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.148040] page_type: f5(slab) [ 18.148354] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.148417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.148763] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.148942] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.149045] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.149154] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.149296] page dumped because: kasan: bad access detected [ 18.149380] [ 18.149442] Memory state around the buggy address: [ 18.149560] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.149639] fff00000c47a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.149784] >fff00000c47a5a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.149878] ^ [ 18.149915] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.149956] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.150007] ================================================================== [ 18.225309] ================================================================== [ 18.225359] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.225404] Write of size 1 at addr fff00000c78460eb by task kunit_try_catch/162 [ 18.225576] [ 18.225840] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.225986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.226015] Hardware name: linux,dummy-virt (DT) [ 18.226045] Call trace: [ 18.226065] show_stack+0x20/0x38 (C) [ 18.226113] dump_stack_lvl+0x8c/0xd0 [ 18.226297] print_report+0x118/0x608 [ 18.226811] kasan_report+0xdc/0x128 [ 18.226904] __asan_report_store1_noabort+0x20/0x30 [ 18.226961] krealloc_less_oob_helper+0xa58/0xc50 [ 18.227009] krealloc_large_less_oob+0x20/0x38 [ 18.227155] kunit_try_run_case+0x170/0x3f0 [ 18.227208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.227398] kthread+0x328/0x630 [ 18.227586] ret_from_fork+0x10/0x20 [ 18.227710] [ 18.227799] The buggy address belongs to the physical page: [ 18.228244] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.228349] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.228479] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.228576] page_type: f8(unknown) [ 18.228620] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.228693] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.228766] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.228814] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.228872] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.228928] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.228966] page dumped because: kasan: bad access detected [ 18.229009] [ 18.229053] Memory state around the buggy address: [ 18.229093] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.229142] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.229182] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.229220] ^ [ 18.229257] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.229309] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.229352] ================================================================== [ 18.220230] ================================================================== [ 18.220316] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.220409] Write of size 1 at addr fff00000c78460ea by task kunit_try_catch/162 [ 18.220458] [ 18.220486] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.220674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.220705] Hardware name: linux,dummy-virt (DT) [ 18.220876] Call trace: [ 18.221062] show_stack+0x20/0x38 (C) [ 18.221188] dump_stack_lvl+0x8c/0xd0 [ 18.221296] print_report+0x118/0x608 [ 18.221371] kasan_report+0xdc/0x128 [ 18.221478] __asan_report_store1_noabort+0x20/0x30 [ 18.221556] krealloc_less_oob_helper+0xae4/0xc50 [ 18.221652] krealloc_large_less_oob+0x20/0x38 [ 18.221754] kunit_try_run_case+0x170/0x3f0 [ 18.221849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.222172] kthread+0x328/0x630 [ 18.222309] ret_from_fork+0x10/0x20 [ 18.222371] [ 18.222396] The buggy address belongs to the physical page: [ 18.222426] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.222501] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.222549] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.222597] page_type: f8(unknown) [ 18.222633] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.222682] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.222729] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.222787] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.223204] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.223259] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.223602] page dumped because: kasan: bad access detected [ 18.223715] [ 18.223755] Memory state around the buggy address: [ 18.223787] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.223981] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.224081] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.224290] ^ [ 18.224338] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.224662] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.224730] ================================================================== [ 18.198158] ================================================================== [ 18.198254] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.198309] Write of size 1 at addr fff00000c78460c9 by task kunit_try_catch/162 [ 18.198356] [ 18.198410] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.198487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.198521] Hardware name: linux,dummy-virt (DT) [ 18.198552] Call trace: [ 18.198573] show_stack+0x20/0x38 (C) [ 18.198621] dump_stack_lvl+0x8c/0xd0 [ 18.198674] print_report+0x118/0x608 [ 18.198720] kasan_report+0xdc/0x128 [ 18.199366] __asan_report_store1_noabort+0x20/0x30 [ 18.199446] krealloc_less_oob_helper+0xa48/0xc50 [ 18.199497] krealloc_large_less_oob+0x20/0x38 [ 18.199926] kunit_try_run_case+0x170/0x3f0 [ 18.200040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.200176] kthread+0x328/0x630 [ 18.200260] ret_from_fork+0x10/0x20 [ 18.200622] [ 18.200666] The buggy address belongs to the physical page: [ 18.200731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.200784] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.201113] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.201274] page_type: f8(unknown) [ 18.201315] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.201430] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.201752] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.202016] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.202142] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.202287] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.202385] page dumped because: kasan: bad access detected [ 18.202576] [ 18.202855] Memory state around the buggy address: [ 18.202952] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.203141] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.203192] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.203551] ^ [ 18.203620] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.203704] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.203845] ================================================================== [ 18.134549] ================================================================== [ 18.134713] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.134767] Write of size 1 at addr fff00000c47a5ad0 by task kunit_try_catch/158 [ 18.134988] [ 18.135201] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.135306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.135467] Hardware name: linux,dummy-virt (DT) [ 18.135650] Call trace: [ 18.135729] show_stack+0x20/0x38 (C) [ 18.135797] dump_stack_lvl+0x8c/0xd0 [ 18.136019] print_report+0x118/0x608 [ 18.136262] kasan_report+0xdc/0x128 [ 18.136373] __asan_report_store1_noabort+0x20/0x30 [ 18.136481] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.136609] krealloc_less_oob+0x20/0x38 [ 18.136662] kunit_try_run_case+0x170/0x3f0 [ 18.136714] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.136765] kthread+0x328/0x630 [ 18.136805] ret_from_fork+0x10/0x20 [ 18.136928] [ 18.136948] Allocated by task 158: [ 18.136975] kasan_save_stack+0x3c/0x68 [ 18.137016] kasan_save_track+0x20/0x40 [ 18.137052] kasan_save_alloc_info+0x40/0x58 [ 18.137090] __kasan_krealloc+0x118/0x178 [ 18.137135] krealloc_noprof+0x128/0x360 [ 18.137171] krealloc_less_oob_helper+0x168/0xc50 [ 18.137208] krealloc_less_oob+0x20/0x38 [ 18.137258] kunit_try_run_case+0x170/0x3f0 [ 18.137294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.137335] kthread+0x328/0x630 [ 18.137376] ret_from_fork+0x10/0x20 [ 18.137420] [ 18.137438] The buggy address belongs to the object at fff00000c47a5a00 [ 18.137438] which belongs to the cache kmalloc-256 of size 256 [ 18.137500] The buggy address is located 7 bytes to the right of [ 18.137500] allocated 201-byte region [fff00000c47a5a00, fff00000c47a5ac9) [ 18.137560] [ 18.137594] The buggy address belongs to the physical page: [ 18.137623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.137672] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.137716] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.137764] page_type: f5(slab) [ 18.137814] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.138182] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.138466] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.138979] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.139130] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.139243] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.139293] page dumped because: kasan: bad access detected [ 18.139323] [ 18.139341] Memory state around the buggy address: [ 18.139539] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.139702] fff00000c47a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.139851] >fff00000c47a5a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.139955] ^ [ 18.140033] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140150] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140231] ================================================================== [ 18.205424] ================================================================== [ 18.205623] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 18.205813] Write of size 1 at addr fff00000c78460d0 by task kunit_try_catch/162 [ 18.205881] [ 18.205910] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.206184] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.206229] Hardware name: linux,dummy-virt (DT) [ 18.206381] Call trace: [ 18.206459] show_stack+0x20/0x38 (C) [ 18.206517] dump_stack_lvl+0x8c/0xd0 [ 18.206571] print_report+0x118/0x608 [ 18.206617] kasan_report+0xdc/0x128 [ 18.206661] __asan_report_store1_noabort+0x20/0x30 [ 18.206708] krealloc_less_oob_helper+0xb9c/0xc50 [ 18.206896] krealloc_large_less_oob+0x20/0x38 [ 18.207109] kunit_try_run_case+0x170/0x3f0 [ 18.207292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.207422] kthread+0x328/0x630 [ 18.207602] ret_from_fork+0x10/0x20 [ 18.208087] [ 18.208193] The buggy address belongs to the physical page: [ 18.208225] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.208741] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.208959] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.209110] page_type: f8(unknown) [ 18.209190] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.209287] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.209523] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.209584] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.209631] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.209687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.209736] page dumped because: kasan: bad access detected [ 18.209766] [ 18.209783] Memory state around the buggy address: [ 18.209822] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.209884] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.209925] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.209981] ^ [ 18.210019] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.210061] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.210098] ================================================================== [ 18.126214] ================================================================== [ 18.126275] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 18.126326] Write of size 1 at addr fff00000c47a5ac9 by task kunit_try_catch/158 [ 18.126375] [ 18.126405] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.126560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126601] Hardware name: linux,dummy-virt (DT) [ 18.126631] Call trace: [ 18.126652] show_stack+0x20/0x38 (C) [ 18.126700] dump_stack_lvl+0x8c/0xd0 [ 18.126745] print_report+0x118/0x608 [ 18.127069] kasan_report+0xdc/0x128 [ 18.127145] __asan_report_store1_noabort+0x20/0x30 [ 18.127232] krealloc_less_oob_helper+0xa48/0xc50 [ 18.127319] krealloc_less_oob+0x20/0x38 [ 18.127405] kunit_try_run_case+0x170/0x3f0 [ 18.127503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127666] kthread+0x328/0x630 [ 18.127738] ret_from_fork+0x10/0x20 [ 18.127838] [ 18.127909] Allocated by task 158: [ 18.127978] kasan_save_stack+0x3c/0x68 [ 18.128035] kasan_save_track+0x20/0x40 [ 18.128071] kasan_save_alloc_info+0x40/0x58 [ 18.128355] __kasan_krealloc+0x118/0x178 [ 18.128715] krealloc_noprof+0x128/0x360 [ 18.128777] krealloc_less_oob_helper+0x168/0xc50 [ 18.128851] krealloc_less_oob+0x20/0x38 [ 18.128942] kunit_try_run_case+0x170/0x3f0 [ 18.129004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.129146] kthread+0x328/0x630 [ 18.129637] ret_from_fork+0x10/0x20 [ 18.129706] [ 18.129754] The buggy address belongs to the object at fff00000c47a5a00 [ 18.129754] which belongs to the cache kmalloc-256 of size 256 [ 18.129838] The buggy address is located 0 bytes to the right of [ 18.129838] allocated 201-byte region [fff00000c47a5a00, fff00000c47a5ac9) [ 18.129983] [ 18.130003] The buggy address belongs to the physical page: [ 18.130063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.130405] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.130533] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.130611] page_type: f5(slab) [ 18.130684] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.130887] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.131254] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.131361] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.131514] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.131628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.131668] page dumped because: kasan: bad access detected [ 18.131697] [ 18.132148] Memory state around the buggy address: [ 18.132240] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.132288] fff00000c47a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.132329] >fff00000c47a5a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.132364] ^ [ 18.132398] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.132438] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.132606] ================================================================== [ 18.152813] ================================================================== [ 18.152906] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 18.152990] Write of size 1 at addr fff00000c47a5aea by task kunit_try_catch/158 [ 18.153256] [ 18.153301] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.153389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.153533] Hardware name: linux,dummy-virt (DT) [ 18.153576] Call trace: [ 18.153597] show_stack+0x20/0x38 (C) [ 18.153645] dump_stack_lvl+0x8c/0xd0 [ 18.153692] print_report+0x118/0x608 [ 18.153737] kasan_report+0xdc/0x128 [ 18.153797] __asan_report_store1_noabort+0x20/0x30 [ 18.153844] krealloc_less_oob_helper+0xae4/0xc50 [ 18.153904] krealloc_less_oob+0x20/0x38 [ 18.154119] kunit_try_run_case+0x170/0x3f0 [ 18.154365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.154466] kthread+0x328/0x630 [ 18.154509] ret_from_fork+0x10/0x20 [ 18.154564] [ 18.154582] Allocated by task 158: [ 18.154844] kasan_save_stack+0x3c/0x68 [ 18.155029] kasan_save_track+0x20/0x40 [ 18.155121] kasan_save_alloc_info+0x40/0x58 [ 18.155244] __kasan_krealloc+0x118/0x178 [ 18.155284] krealloc_noprof+0x128/0x360 [ 18.155340] krealloc_less_oob_helper+0x168/0xc50 [ 18.155592] krealloc_less_oob+0x20/0x38 [ 18.155802] kunit_try_run_case+0x170/0x3f0 [ 18.155847] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.156279] kthread+0x328/0x630 [ 18.156405] ret_from_fork+0x10/0x20 [ 18.156555] [ 18.156726] The buggy address belongs to the object at fff00000c47a5a00 [ 18.156726] which belongs to the cache kmalloc-256 of size 256 [ 18.156824] The buggy address is located 33 bytes to the right of [ 18.156824] allocated 201-byte region [fff00000c47a5a00, fff00000c47a5ac9) [ 18.157161] [ 18.157479] The buggy address belongs to the physical page: [ 18.157539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.157688] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.157766] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.158242] page_type: f5(slab) [ 18.158317] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.158520] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.158739] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.158791] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.158979] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.159178] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.159263] page dumped because: kasan: bad access detected [ 18.159411] [ 18.159437] Memory state around the buggy address: [ 18.159505] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.159966] fff00000c47a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.160012] >fff00000c47a5a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.160050] ^ [ 18.160088] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.160129] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.160166] ================================================================== [ 18.212459] ================================================================== [ 18.212507] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 18.212925] Write of size 1 at addr fff00000c78460da by task kunit_try_catch/162 [ 18.213036] [ 18.213145] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.213225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.213250] Hardware name: linux,dummy-virt (DT) [ 18.213320] Call trace: [ 18.213348] show_stack+0x20/0x38 (C) [ 18.213421] dump_stack_lvl+0x8c/0xd0 [ 18.213750] print_report+0x118/0x608 [ 18.213810] kasan_report+0xdc/0x128 [ 18.213854] __asan_report_store1_noabort+0x20/0x30 [ 18.213963] krealloc_less_oob_helper+0xa80/0xc50 [ 18.214059] krealloc_large_less_oob+0x20/0x38 [ 18.214231] kunit_try_run_case+0x170/0x3f0 [ 18.214282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.214499] kthread+0x328/0x630 [ 18.214548] ret_from_fork+0x10/0x20 [ 18.214602] [ 18.214710] The buggy address belongs to the physical page: [ 18.214817] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.215111] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.215356] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.215555] page_type: f8(unknown) [ 18.215630] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.215834] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.216202] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.216321] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.216384] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.216576] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.216799] page dumped because: kasan: bad access detected [ 18.216852] [ 18.216970] Memory state around the buggy address: [ 18.217151] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.217273] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.217348] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.218399] ^ [ 18.218730] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.219286] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.219361] ================================================================== [ 18.162027] ================================================================== [ 18.162110] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 18.162165] Write of size 1 at addr fff00000c47a5aeb by task kunit_try_catch/158 [ 18.162232] [ 18.162262] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.162340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.162365] Hardware name: linux,dummy-virt (DT) [ 18.162533] Call trace: [ 18.162645] show_stack+0x20/0x38 (C) [ 18.162813] dump_stack_lvl+0x8c/0xd0 [ 18.162874] print_report+0x118/0x608 [ 18.162920] kasan_report+0xdc/0x128 [ 18.163605] __asan_report_store1_noabort+0x20/0x30 [ 18.163754] krealloc_less_oob_helper+0xa58/0xc50 [ 18.163855] krealloc_less_oob+0x20/0x38 [ 18.163923] kunit_try_run_case+0x170/0x3f0 [ 18.163970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.164031] kthread+0x328/0x630 [ 18.164072] ret_from_fork+0x10/0x20 [ 18.164118] [ 18.164157] Allocated by task 158: [ 18.164192] kasan_save_stack+0x3c/0x68 [ 18.164246] kasan_save_track+0x20/0x40 [ 18.164286] kasan_save_alloc_info+0x40/0x58 [ 18.164325] __kasan_krealloc+0x118/0x178 [ 18.164362] krealloc_noprof+0x128/0x360 [ 18.164400] krealloc_less_oob_helper+0x168/0xc50 [ 18.164450] krealloc_less_oob+0x20/0x38 [ 18.164486] kunit_try_run_case+0x170/0x3f0 [ 18.164550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.164592] kthread+0x328/0x630 [ 18.164625] ret_from_fork+0x10/0x20 [ 18.164671] [ 18.164689] The buggy address belongs to the object at fff00000c47a5a00 [ 18.164689] which belongs to the cache kmalloc-256 of size 256 [ 18.164753] The buggy address is located 34 bytes to the right of [ 18.164753] allocated 201-byte region [fff00000c47a5a00, fff00000c47a5ac9) [ 18.164820] [ 18.164840] The buggy address belongs to the physical page: [ 18.164893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.164956] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.165009] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.165073] page_type: f5(slab) [ 18.165114] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.165171] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.165226] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.165273] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.165320] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.165365] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.165403] page dumped because: kasan: bad access detected [ 18.165432] [ 18.165449] Memory state around the buggy address: [ 18.165478] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.165518] fff00000c47a5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.165564] >fff00000c47a5a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.165600] ^ [ 18.165636] fff00000c47a5b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.165686] fff00000c47a5b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.165722] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.174326] ================================================================== [ 18.174408] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.174563] Write of size 1 at addr fff00000c78460eb by task kunit_try_catch/160 [ 18.174679] [ 18.174760] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.174857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.175031] Hardware name: linux,dummy-virt (DT) [ 18.175068] Call trace: [ 18.175089] show_stack+0x20/0x38 (C) [ 18.175139] dump_stack_lvl+0x8c/0xd0 [ 18.175304] print_report+0x118/0x608 [ 18.175464] kasan_report+0xdc/0x128 [ 18.175579] __asan_report_store1_noabort+0x20/0x30 [ 18.175761] krealloc_more_oob_helper+0x60c/0x678 [ 18.175848] krealloc_large_more_oob+0x20/0x38 [ 18.176117] kunit_try_run_case+0x170/0x3f0 [ 18.176463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.176605] kthread+0x328/0x630 [ 18.176724] ret_from_fork+0x10/0x20 [ 18.176781] [ 18.176802] The buggy address belongs to the physical page: [ 18.177178] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.177350] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.177468] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.177643] page_type: f8(unknown) [ 18.177711] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.178278] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.178489] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.178669] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.178748] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.178801] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.178839] page dumped because: kasan: bad access detected [ 18.178881] [ 18.178899] Memory state around the buggy address: [ 18.179294] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.179380] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.179441] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.179566] ^ [ 18.179613] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.179698] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.179832] ================================================================== [ 18.102552] ================================================================== [ 18.102699] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 18.102844] Write of size 1 at addr fff00000c47a58eb by task kunit_try_catch/156 [ 18.102906] [ 18.103081] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.103163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.103188] Hardware name: linux,dummy-virt (DT) [ 18.103302] Call trace: [ 18.103362] show_stack+0x20/0x38 (C) [ 18.103676] dump_stack_lvl+0x8c/0xd0 [ 18.103827] print_report+0x118/0x608 [ 18.103962] kasan_report+0xdc/0x128 [ 18.104048] __asan_report_store1_noabort+0x20/0x30 [ 18.104095] krealloc_more_oob_helper+0x60c/0x678 [ 18.104180] krealloc_more_oob+0x20/0x38 [ 18.104227] kunit_try_run_case+0x170/0x3f0 [ 18.104278] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104340] kthread+0x328/0x630 [ 18.104390] ret_from_fork+0x10/0x20 [ 18.104437] [ 18.104456] Allocated by task 156: [ 18.104501] kasan_save_stack+0x3c/0x68 [ 18.104553] kasan_save_track+0x20/0x40 [ 18.104592] kasan_save_alloc_info+0x40/0x58 [ 18.104639] __kasan_krealloc+0x118/0x178 [ 18.104676] krealloc_noprof+0x128/0x360 [ 18.104712] krealloc_more_oob_helper+0x168/0x678 [ 18.104749] krealloc_more_oob+0x20/0x38 [ 18.104785] kunit_try_run_case+0x170/0x3f0 [ 18.104821] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.104977] kthread+0x328/0x630 [ 18.105161] ret_from_fork+0x10/0x20 [ 18.105250] [ 18.105377] The buggy address belongs to the object at fff00000c47a5800 [ 18.105377] which belongs to the cache kmalloc-256 of size 256 [ 18.105470] The buggy address is located 0 bytes to the right of [ 18.105470] allocated 235-byte region [fff00000c47a5800, fff00000c47a58eb) [ 18.105730] [ 18.105995] The buggy address belongs to the physical page: [ 18.106174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.106279] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.106391] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.106443] page_type: f5(slab) [ 18.106480] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.106704] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.106884] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.106976] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.107069] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.107188] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.107455] page dumped because: kasan: bad access detected [ 18.107621] [ 18.107745] Memory state around the buggy address: [ 18.107825] fff00000c47a5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.107879] fff00000c47a5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.108117] >fff00000c47a5880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.108321] ^ [ 18.108411] fff00000c47a5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.108464] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.108501] ================================================================== [ 18.111607] ================================================================== [ 18.112890] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.112954] Write of size 1 at addr fff00000c47a58f0 by task kunit_try_catch/156 [ 18.113569] [ 18.114187] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.114690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.114739] Hardware name: linux,dummy-virt (DT) [ 18.114779] Call trace: [ 18.115690] show_stack+0x20/0x38 (C) [ 18.115743] dump_stack_lvl+0x8c/0xd0 [ 18.115788] print_report+0x118/0x608 [ 18.115833] kasan_report+0xdc/0x128 [ 18.115891] __asan_report_store1_noabort+0x20/0x30 [ 18.115940] krealloc_more_oob_helper+0x5c0/0x678 [ 18.115987] krealloc_more_oob+0x20/0x38 [ 18.116032] kunit_try_run_case+0x170/0x3f0 [ 18.116077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.116128] kthread+0x328/0x630 [ 18.116168] ret_from_fork+0x10/0x20 [ 18.116218] [ 18.116236] Allocated by task 156: [ 18.116263] kasan_save_stack+0x3c/0x68 [ 18.116303] kasan_save_track+0x20/0x40 [ 18.116339] kasan_save_alloc_info+0x40/0x58 [ 18.116377] __kasan_krealloc+0x118/0x178 [ 18.116414] krealloc_noprof+0x128/0x360 [ 18.116449] krealloc_more_oob_helper+0x168/0x678 [ 18.116487] krealloc_more_oob+0x20/0x38 [ 18.116522] kunit_try_run_case+0x170/0x3f0 [ 18.116559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.116601] kthread+0x328/0x630 [ 18.116632] ret_from_fork+0x10/0x20 [ 18.116665] [ 18.116683] The buggy address belongs to the object at fff00000c47a5800 [ 18.116683] which belongs to the cache kmalloc-256 of size 256 [ 18.116737] The buggy address is located 5 bytes to the right of [ 18.116737] allocated 235-byte region [fff00000c47a5800, fff00000c47a58eb) [ 18.116797] [ 18.116816] The buggy address belongs to the physical page: [ 18.116846] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1047a4 [ 18.116905] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.116950] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.116998] page_type: f5(slab) [ 18.117034] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.117082] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.117129] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 18.117175] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.117221] head: 0bfffe0000000001 ffffc1ffc311e901 00000000ffffffff 00000000ffffffff [ 18.117267] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.117305] page dumped because: kasan: bad access detected [ 18.117334] [ 18.117351] Memory state around the buggy address: [ 18.117380] fff00000c47a5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117421] fff00000c47a5800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.117461] >fff00000c47a5880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.117497] ^ [ 18.117534] fff00000c47a5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117574] fff00000c47a5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.117610] ================================================================== [ 18.182787] ================================================================== [ 18.182970] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 18.183067] Write of size 1 at addr fff00000c78460f0 by task kunit_try_catch/160 [ 18.183314] [ 18.183350] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.183582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183691] Hardware name: linux,dummy-virt (DT) [ 18.184151] Call trace: [ 18.184305] show_stack+0x20/0x38 (C) [ 18.184609] dump_stack_lvl+0x8c/0xd0 [ 18.184679] print_report+0x118/0x608 [ 18.184725] kasan_report+0xdc/0x128 [ 18.184902] __asan_report_store1_noabort+0x20/0x30 [ 18.185107] krealloc_more_oob_helper+0x5c0/0x678 [ 18.185195] krealloc_large_more_oob+0x20/0x38 [ 18.185682] kunit_try_run_case+0x170/0x3f0 [ 18.185809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.185887] kthread+0x328/0x630 [ 18.186075] ret_from_fork+0x10/0x20 [ 18.186343] [ 18.186429] The buggy address belongs to the physical page: [ 18.186500] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107844 [ 18.186572] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.186625] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.186795] page_type: f8(unknown) [ 18.186840] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.186903] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.186973] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.187044] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.187091] head: 0bfffe0000000002 ffffc1ffc31e1101 00000000ffffffff 00000000ffffffff [ 18.187137] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.187175] page dumped because: kasan: bad access detected [ 18.187232] [ 18.187252] Memory state around the buggy address: [ 18.187301] fff00000c7845f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.187343] fff00000c7846000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.187405] >fff00000c7846080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.187447] ^ [ 18.187486] fff00000c7846100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.187537] fff00000c7846180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.187574] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.092385] ================================================================== [ 18.092451] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 18.092498] Read of size 1 at addr fff00000c7840000 by task kunit_try_catch/154 [ 18.092603] [ 18.092715] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.092793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.092818] Hardware name: linux,dummy-virt (DT) [ 18.092848] Call trace: [ 18.092880] show_stack+0x20/0x38 (C) [ 18.092927] dump_stack_lvl+0x8c/0xd0 [ 18.092996] print_report+0x118/0x608 [ 18.093042] kasan_report+0xdc/0x128 [ 18.093125] __asan_report_load1_noabort+0x20/0x30 [ 18.093229] page_alloc_uaf+0x328/0x350 [ 18.093273] kunit_try_run_case+0x170/0x3f0 [ 18.093318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.093407] kthread+0x328/0x630 [ 18.093521] ret_from_fork+0x10/0x20 [ 18.093605] [ 18.093634] The buggy address belongs to the physical page: [ 18.093744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 18.093796] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.093841] page_type: f0(buddy) [ 18.093921] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 18.094015] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 18.094105] page dumped because: kasan: bad access detected [ 18.094172] [ 18.094190] Memory state around the buggy address: [ 18.094237] fff00000c783ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094279] fff00000c783ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094319] >fff00000c7840000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094483] ^ [ 18.094546] fff00000c7840080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094692] fff00000c7840100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094880] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 18.079356] ================================================================== [ 18.079486] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 18.079566] Free of addr fff00000c65c0001 by task kunit_try_catch/150 [ 18.079610] [ 18.079736] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.079814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.079900] Hardware name: linux,dummy-virt (DT) [ 18.079948] Call trace: [ 18.079986] show_stack+0x20/0x38 (C) [ 18.080040] dump_stack_lvl+0x8c/0xd0 [ 18.080084] print_report+0x118/0x608 [ 18.080128] kasan_report_invalid_free+0xc0/0xe8 [ 18.080203] __kasan_kfree_large+0x5c/0xa8 [ 18.080249] free_large_kmalloc+0x64/0x190 [ 18.080293] kfree+0x270/0x3c8 [ 18.080333] kmalloc_large_invalid_free+0x108/0x270 [ 18.080380] kunit_try_run_case+0x170/0x3f0 [ 18.080424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.080494] kthread+0x328/0x630 [ 18.080534] ret_from_fork+0x10/0x20 [ 18.080613] [ 18.080692] The buggy address belongs to the physical page: [ 18.080803] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c0 [ 18.080855] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.080911] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.081241] page_type: f8(unknown) [ 18.081296] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.081361] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.081468] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.081533] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.081598] head: 0bfffe0000000002 ffffc1ffc3197001 00000000ffffffff 00000000ffffffff [ 18.081676] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.081742] page dumped because: kasan: bad access detected [ 18.081834] [ 18.081913] Memory state around the buggy address: [ 18.081961] fff00000c65bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.082218] fff00000c65bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.082259] >fff00000c65c0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.082295] ^ [ 18.082321] fff00000c65c0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.082360] fff00000c65c0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.082407] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.072014] ================================================================== [ 18.072140] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 18.072200] Read of size 1 at addr fff00000c65c0000 by task kunit_try_catch/148 [ 18.072247] [ 18.072278] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.072441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.072468] Hardware name: linux,dummy-virt (DT) [ 18.072543] Call trace: [ 18.072597] show_stack+0x20/0x38 (C) [ 18.072650] dump_stack_lvl+0x8c/0xd0 [ 18.072700] print_report+0x118/0x608 [ 18.072744] kasan_report+0xdc/0x128 [ 18.072787] __asan_report_load1_noabort+0x20/0x30 [ 18.072835] kmalloc_large_uaf+0x2cc/0x2f8 [ 18.072890] kunit_try_run_case+0x170/0x3f0 [ 18.072936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.072986] kthread+0x328/0x630 [ 18.073025] ret_from_fork+0x10/0x20 [ 18.073261] [ 18.073289] The buggy address belongs to the physical page: [ 18.073327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c0 [ 18.073459] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.073545] raw: 0bfffe0000000000 fff00000da479c40 fff00000da479c40 0000000000000000 [ 18.073593] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.073631] page dumped because: kasan: bad access detected [ 18.073709] [ 18.073728] Memory state around the buggy address: [ 18.073777] fff00000c65bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073818] fff00000c65bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.073867] >fff00000c65c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.074055] ^ [ 18.074180] fff00000c65c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.074292] fff00000c65c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.074342] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.060223] ================================================================== [ 18.060290] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 18.060336] Write of size 1 at addr fff00000c65c200a by task kunit_try_catch/146 [ 18.060383] [ 18.060412] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.060488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.060528] Hardware name: linux,dummy-virt (DT) [ 18.060558] Call trace: [ 18.060579] show_stack+0x20/0x38 (C) [ 18.060624] dump_stack_lvl+0x8c/0xd0 [ 18.060682] print_report+0x118/0x608 [ 18.060727] kasan_report+0xdc/0x128 [ 18.060779] __asan_report_store1_noabort+0x20/0x30 [ 18.060824] kmalloc_large_oob_right+0x278/0x2b8 [ 18.061504] kunit_try_run_case+0x170/0x3f0 [ 18.061554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.061604] kthread+0x328/0x630 [ 18.061644] ret_from_fork+0x10/0x20 [ 18.061689] [ 18.061722] The buggy address belongs to the physical page: [ 18.061751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065c0 [ 18.061983] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.062036] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.062130] page_type: f8(unknown) [ 18.062216] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.062321] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.062442] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.062505] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.062552] head: 0bfffe0000000002 ffffc1ffc3197001 00000000ffffffff 00000000ffffffff [ 18.062598] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.062635] page dumped because: kasan: bad access detected [ 18.062664] [ 18.062681] Memory state around the buggy address: [ 18.062735] fff00000c65c1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.062801] fff00000c65c1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.062841] >fff00000c65c2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.062971] ^ [ 18.063030] fff00000c65c2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.063108] fff00000c65c2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.063195] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 18.050559] ================================================================== [ 18.050647] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.050711] Write of size 1 at addr fff00000c65d5f00 by task kunit_try_catch/144 [ 18.050986] [ 18.051116] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.051260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.051368] Hardware name: linux,dummy-virt (DT) [ 18.051460] Call trace: [ 18.051488] show_stack+0x20/0x38 (C) [ 18.051535] dump_stack_lvl+0x8c/0xd0 [ 18.051601] print_report+0x118/0x608 [ 18.051646] kasan_report+0xdc/0x128 [ 18.051712] __asan_report_store1_noabort+0x20/0x30 [ 18.051758] kmalloc_big_oob_right+0x2a4/0x2f0 [ 18.051986] kunit_try_run_case+0x170/0x3f0 [ 18.052417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.052734] kthread+0x328/0x630 [ 18.052830] ret_from_fork+0x10/0x20 [ 18.052930] [ 18.052999] Allocated by task 144: [ 18.053070] kasan_save_stack+0x3c/0x68 [ 18.053186] kasan_save_track+0x20/0x40 [ 18.053223] kasan_save_alloc_info+0x40/0x58 [ 18.053281] __kasan_kmalloc+0xd4/0xd8 [ 18.053540] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.053622] kmalloc_big_oob_right+0xb8/0x2f0 [ 18.053670] kunit_try_run_case+0x170/0x3f0 [ 18.053773] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.053869] kthread+0x328/0x630 [ 18.053902] ret_from_fork+0x10/0x20 [ 18.053937] [ 18.053956] The buggy address belongs to the object at fff00000c65d4000 [ 18.053956] which belongs to the cache kmalloc-8k of size 8192 [ 18.054012] The buggy address is located 0 bytes to the right of [ 18.054012] allocated 7936-byte region [fff00000c65d4000, fff00000c65d5f00) [ 18.054257] [ 18.054315] The buggy address belongs to the physical page: [ 18.054346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065d0 [ 18.054408] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.054462] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.054512] page_type: f5(slab) [ 18.054548] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.054595] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.054642] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 18.054688] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 18.054734] head: 0bfffe0000000003 ffffc1ffc3197401 00000000ffffffff 00000000ffffffff [ 18.054812] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.054850] page dumped because: kasan: bad access detected [ 18.055045] [ 18.055065] Memory state around the buggy address: [ 18.055097] fff00000c65d5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.055138] fff00000c65d5e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.055178] >fff00000c65d5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055213] ^ [ 18.055240] fff00000c65d5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055280] fff00000c65d6000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.055494] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 18.035227] ================================================================== [ 18.035273] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 18.036415] Write of size 1 at addr fff00000c5cbb978 by task kunit_try_catch/142 [ 18.036486] [ 18.036578] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.036658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.036704] Hardware name: linux,dummy-virt (DT) [ 18.036774] Call trace: [ 18.036802] show_stack+0x20/0x38 (C) [ 18.036882] dump_stack_lvl+0x8c/0xd0 [ 18.036932] print_report+0x118/0x608 [ 18.037095] kasan_report+0xdc/0x128 [ 18.037170] __asan_report_store1_noabort+0x20/0x30 [ 18.037349] kmalloc_track_caller_oob_right+0x418/0x488 [ 18.037413] kunit_try_run_case+0x170/0x3f0 [ 18.037467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.037533] kthread+0x328/0x630 [ 18.037574] ret_from_fork+0x10/0x20 [ 18.037644] [ 18.037662] Allocated by task 142: [ 18.037689] kasan_save_stack+0x3c/0x68 [ 18.037735] kasan_save_track+0x20/0x40 [ 18.037772] kasan_save_alloc_info+0x40/0x58 [ 18.037813] __kasan_kmalloc+0xd4/0xd8 [ 18.037885] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.037928] kmalloc_track_caller_oob_right+0x184/0x488 [ 18.037968] kunit_try_run_case+0x170/0x3f0 [ 18.038017] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.038058] kthread+0x328/0x630 [ 18.038369] ret_from_fork+0x10/0x20 [ 18.038444] [ 18.038464] The buggy address belongs to the object at fff00000c5cbb900 [ 18.038464] which belongs to the cache kmalloc-128 of size 128 [ 18.038518] The buggy address is located 0 bytes to the right of [ 18.038518] allocated 120-byte region [fff00000c5cbb900, fff00000c5cbb978) [ 18.038579] [ 18.038597] The buggy address belongs to the physical page: [ 18.038625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.038687] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.038739] page_type: f5(slab) [ 18.038776] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.038831] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.039308] page dumped because: kasan: bad access detected [ 18.039340] [ 18.039359] Memory state around the buggy address: [ 18.039393] fff00000c5cbb800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.039440] fff00000c5cbb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.039480] >fff00000c5cbb900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.039529] ^ [ 18.039581] fff00000c5cbb980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.039621] fff00000c5cbba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.039665] ================================================================== [ 18.027742] ================================================================== [ 18.027813] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.027884] Write of size 1 at addr fff00000c5cbb878 by task kunit_try_catch/142 [ 18.027944] [ 18.027977] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.028260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.028404] Hardware name: linux,dummy-virt (DT) [ 18.028469] Call trace: [ 18.029335] show_stack+0x20/0x38 (C) [ 18.029399] dump_stack_lvl+0x8c/0xd0 [ 18.029464] print_report+0x118/0x608 [ 18.029511] kasan_report+0xdc/0x128 [ 18.029556] __asan_report_store1_noabort+0x20/0x30 [ 18.029607] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.029657] kunit_try_run_case+0x170/0x3f0 [ 18.031177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.031923] kthread+0x328/0x630 [ 18.031988] ret_from_fork+0x10/0x20 [ 18.032080] [ 18.032139] Allocated by task 142: [ 18.032199] kasan_save_stack+0x3c/0x68 [ 18.032265] kasan_save_track+0x20/0x40 [ 18.032320] kasan_save_alloc_info+0x40/0x58 [ 18.032399] __kasan_kmalloc+0xd4/0xd8 [ 18.032457] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.032519] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.032757] kunit_try_run_case+0x170/0x3f0 [ 18.032877] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.032982] kthread+0x328/0x630 [ 18.033039] ret_from_fork+0x10/0x20 [ 18.033104] [ 18.033184] The buggy address belongs to the object at fff00000c5cbb800 [ 18.033184] which belongs to the cache kmalloc-128 of size 128 [ 18.033281] The buggy address is located 0 bytes to the right of [ 18.033281] allocated 120-byte region [fff00000c5cbb800, fff00000c5cbb878) [ 18.033429] [ 18.033448] The buggy address belongs to the physical page: [ 18.033477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 18.033574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.033809] page_type: f5(slab) [ 18.033873] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.034137] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.034330] page dumped because: kasan: bad access detected [ 18.034369] [ 18.034387] Memory state around the buggy address: [ 18.034419] fff00000c5cbb700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.034464] fff00000c5cbb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034504] >fff00000c5cbb800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.034546] ^ [ 18.034584] fff00000c5cbb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034630] fff00000c5cbb900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 18.003376] ================================================================== [ 18.003443] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.003495] Read of size 1 at addr fff00000c5e93000 by task kunit_try_catch/140 [ 18.003542] [ 18.003590] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 18.003667] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.003692] Hardware name: linux,dummy-virt (DT) [ 18.003738] Call trace: [ 18.003760] show_stack+0x20/0x38 (C) [ 18.003807] dump_stack_lvl+0x8c/0xd0 [ 18.003851] print_report+0x118/0x608 [ 18.003909] kasan_report+0xdc/0x128 [ 18.003953] __asan_report_load1_noabort+0x20/0x30 [ 18.004151] kmalloc_node_oob_right+0x2f4/0x330 [ 18.004200] kunit_try_run_case+0x170/0x3f0 [ 18.004245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.004430] kthread+0x328/0x630 [ 18.004486] ret_from_fork+0x10/0x20 [ 18.004627] [ 18.004645] Allocated by task 140: [ 18.004672] kasan_save_stack+0x3c/0x68 [ 18.004758] kasan_save_track+0x20/0x40 [ 18.004795] kasan_save_alloc_info+0x40/0x58 [ 18.004938] __kasan_kmalloc+0xd4/0xd8 [ 18.004975] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.005014] kmalloc_node_oob_right+0xbc/0x330 [ 18.005050] kunit_try_run_case+0x170/0x3f0 [ 18.005086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.005127] kthread+0x328/0x630 [ 18.005174] ret_from_fork+0x10/0x20 [ 18.005209] [ 18.005227] The buggy address belongs to the object at fff00000c5e92000 [ 18.005227] which belongs to the cache kmalloc-4k of size 4096 [ 18.005282] The buggy address is located 0 bytes to the right of [ 18.005282] allocated 4096-byte region [fff00000c5e92000, fff00000c5e93000) [ 18.005342] [ 18.005361] The buggy address belongs to the physical page: [ 18.005430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105e90 [ 18.005581] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.005643] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.005705] page_type: f5(slab) [ 18.005740] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.005789] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.005849] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.005907] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.005954] head: 0bfffe0000000003 ffffc1ffc317a401 00000000ffffffff 00000000ffffffff [ 18.006001] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.006042] page dumped because: kasan: bad access detected [ 18.006071] [ 18.006088] Memory state around the buggy address: [ 18.006117] fff00000c5e92f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.006157] fff00000c5e92f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.006197] >fff00000c5e93000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.006233] ^ [ 18.006258] fff00000c5e93080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.006298] fff00000c5e93100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.006333] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.988400] ================================================================== [ 17.988527] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 17.988580] Read of size 1 at addr fff00000c5cb365f by task kunit_try_catch/138 [ 17.988645] [ 17.988678] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.988755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.988816] Hardware name: linux,dummy-virt (DT) [ 17.988848] Call trace: [ 17.988881] show_stack+0x20/0x38 (C) [ 17.988927] dump_stack_lvl+0x8c/0xd0 [ 17.988971] print_report+0x118/0x608 [ 17.989016] kasan_report+0xdc/0x128 [ 17.989061] __asan_report_load1_noabort+0x20/0x30 [ 17.989357] kmalloc_oob_left+0x2ec/0x320 [ 17.989456] kunit_try_run_case+0x170/0x3f0 [ 17.989532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.989584] kthread+0x328/0x630 [ 17.989625] ret_from_fork+0x10/0x20 [ 17.989671] [ 17.989883] Allocated by task 26: [ 17.989999] kasan_save_stack+0x3c/0x68 [ 17.990076] kasan_save_track+0x20/0x40 [ 17.990133] kasan_save_alloc_info+0x40/0x58 [ 17.990201] __kasan_kmalloc+0xd4/0xd8 [ 17.990237] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 17.990296] kstrdup+0x54/0xc8 [ 17.990330] devtmpfs_work_loop+0x6f8/0xa58 [ 17.990396] devtmpfsd+0x50/0x58 [ 17.990462] kthread+0x328/0x630 [ 17.990511] ret_from_fork+0x10/0x20 [ 17.990547] [ 17.990594] Freed by task 26: [ 17.990657] kasan_save_stack+0x3c/0x68 [ 17.990702] kasan_save_track+0x20/0x40 [ 17.990739] kasan_save_free_info+0x4c/0x78 [ 17.990778] __kasan_slab_free+0x6c/0x98 [ 17.990822] kfree+0x214/0x3c8 [ 17.991018] devtmpfs_work_loop+0x804/0xa58 [ 17.991054] devtmpfsd+0x50/0x58 [ 17.991086] kthread+0x328/0x630 [ 17.991203] ret_from_fork+0x10/0x20 [ 17.991439] [ 17.991519] The buggy address belongs to the object at fff00000c5cb3640 [ 17.991519] which belongs to the cache kmalloc-16 of size 16 [ 17.991621] The buggy address is located 15 bytes to the right of [ 17.991621] allocated 16-byte region [fff00000c5cb3640, fff00000c5cb3650) [ 17.991692] [ 17.991729] The buggy address belongs to the physical page: [ 17.991758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cb3 [ 17.991808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.991854] page_type: f5(slab) [ 17.991914] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.991966] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.992006] page dumped because: kasan: bad access detected [ 17.992036] [ 17.992053] Memory state around the buggy address: [ 17.992093] fff00000c5cb3500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.992140] fff00000c5cb3580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.992183] >fff00000c5cb3600: fa fb fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 17.992219] ^ [ 17.992269] fff00000c5cb3680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992315] fff00000c5cb3700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.992363] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 17.952979] ================================================================== [ 17.953335] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 17.954410] Write of size 1 at addr fff00000c5cbb773 by task kunit_try_catch/136 [ 17.954537] [ 17.956117] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc4 #1 PREEMPT [ 17.956696] Tainted: [N]=TEST [ 17.956729] Hardware name: linux,dummy-virt (DT) [ 17.957416] Call trace: [ 17.957632] show_stack+0x20/0x38 (C) [ 17.957815] dump_stack_lvl+0x8c/0xd0 [ 17.958426] print_report+0x118/0x608 [ 17.958588] kasan_report+0xdc/0x128 [ 17.958677] __asan_report_store1_noabort+0x20/0x30 [ 17.958868] kmalloc_oob_right+0x5a4/0x660 [ 17.958939] kunit_try_run_case+0x170/0x3f0 [ 17.958990] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959041] kthread+0x328/0x630 [ 17.959084] ret_from_fork+0x10/0x20 [ 17.959240] [ 17.959291] Allocated by task 136: [ 17.959439] kasan_save_stack+0x3c/0x68 [ 17.959505] kasan_save_track+0x20/0x40 [ 17.959542] kasan_save_alloc_info+0x40/0x58 [ 17.959580] __kasan_kmalloc+0xd4/0xd8 [ 17.959616] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.959655] kmalloc_oob_right+0xb0/0x660 [ 17.959689] kunit_try_run_case+0x170/0x3f0 [ 17.959725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959767] kthread+0x328/0x630 [ 17.959874] ret_from_fork+0x10/0x20 [ 17.960020] [ 17.960288] The buggy address belongs to the object at fff00000c5cbb700 [ 17.960288] which belongs to the cache kmalloc-128 of size 128 [ 17.962769] The buggy address is located 0 bytes to the right of [ 17.962769] allocated 115-byte region [fff00000c5cbb700, fff00000c5cbb773) [ 17.962848] [ 17.962953] The buggy address belongs to the physical page: [ 17.963156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 17.963426] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.963705] page_type: f5(slab) [ 17.964020] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.964080] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.964181] page dumped because: kasan: bad access detected [ 17.964221] [ 17.964349] Memory state around the buggy address: [ 17.964677] fff00000c5cbb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.964753] fff00000c5cbb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.964816] >fff00000c5cbb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.964902] ^ [ 17.965039] fff00000c5cbb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.965108] fff00000c5cbb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.965194] ================================================================== [ 17.966692] ================================================================== [ 17.966730] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 17.966788] Write of size 1 at addr fff00000c5cbb778 by task kunit_try_catch/136 [ 17.966839] [ 17.966883] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.966961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.966986] Hardware name: linux,dummy-virt (DT) [ 17.967016] Call trace: [ 17.967037] show_stack+0x20/0x38 (C) [ 17.967219] dump_stack_lvl+0x8c/0xd0 [ 17.967336] print_report+0x118/0x608 [ 17.967415] kasan_report+0xdc/0x128 [ 17.967575] __asan_report_store1_noabort+0x20/0x30 [ 17.967658] kmalloc_oob_right+0x538/0x660 [ 17.967703] kunit_try_run_case+0x170/0x3f0 [ 17.967749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.967800] kthread+0x328/0x630 [ 17.967840] ret_from_fork+0x10/0x20 [ 17.967896] [ 17.967914] Allocated by task 136: [ 17.967940] kasan_save_stack+0x3c/0x68 [ 17.967979] kasan_save_track+0x20/0x40 [ 17.968320] kasan_save_alloc_info+0x40/0x58 [ 17.968410] __kasan_kmalloc+0xd4/0xd8 [ 17.968563] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.968647] kmalloc_oob_right+0xb0/0x660 [ 17.968720] kunit_try_run_case+0x170/0x3f0 [ 17.968795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.968837] kthread+0x328/0x630 [ 17.968877] ret_from_fork+0x10/0x20 [ 17.968911] [ 17.968929] The buggy address belongs to the object at fff00000c5cbb700 [ 17.968929] which belongs to the cache kmalloc-128 of size 128 [ 17.968982] The buggy address is located 5 bytes to the right of [ 17.968982] allocated 115-byte region [fff00000c5cbb700, fff00000c5cbb773) [ 17.969175] [ 17.969210] The buggy address belongs to the physical page: [ 17.969282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 17.969407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.969510] page_type: f5(slab) [ 17.969631] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.969718] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.969814] page dumped because: kasan: bad access detected [ 17.969845] [ 17.969870] Memory state around the buggy address: [ 17.969917] fff00000c5cbb600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.970102] fff00000c5cbb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970184] >fff00000c5cbb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.970325] ^ [ 17.970395] fff00000c5cbb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970441] fff00000c5cbb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.970500] ================================================================== [ 17.971387] ================================================================== [ 17.971475] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 17.971564] Read of size 1 at addr fff00000c5cbb780 by task kunit_try_catch/136 [ 17.971630] [ 17.971677] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 17.971772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.971798] Hardware name: linux,dummy-virt (DT) [ 17.971827] Call trace: [ 17.971853] show_stack+0x20/0x38 (C) [ 17.971912] dump_stack_lvl+0x8c/0xd0 [ 17.972181] print_report+0x118/0x608 [ 17.972227] kasan_report+0xdc/0x128 [ 17.972314] __asan_report_load1_noabort+0x20/0x30 [ 17.972401] kmalloc_oob_right+0x5d0/0x660 [ 17.972457] kunit_try_run_case+0x170/0x3f0 [ 17.972509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.972561] kthread+0x328/0x630 [ 17.972618] ret_from_fork+0x10/0x20 [ 17.972709] [ 17.972753] Allocated by task 136: [ 17.972779] kasan_save_stack+0x3c/0x68 [ 17.972898] kasan_save_track+0x20/0x40 [ 17.972955] kasan_save_alloc_info+0x40/0x58 [ 17.972994] __kasan_kmalloc+0xd4/0xd8 [ 17.973047] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.973112] kmalloc_oob_right+0xb0/0x660 [ 17.973254] kunit_try_run_case+0x170/0x3f0 [ 17.973296] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.973368] kthread+0x328/0x630 [ 17.973416] ret_from_fork+0x10/0x20 [ 17.973527] [ 17.973546] The buggy address belongs to the object at fff00000c5cbb700 [ 17.973546] which belongs to the cache kmalloc-128 of size 128 [ 17.973615] The buggy address is located 13 bytes to the right of [ 17.973615] allocated 115-byte region [fff00000c5cbb700, fff00000c5cbb773) [ 17.973724] [ 17.973743] The buggy address belongs to the physical page: [ 17.973770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105cbb [ 17.973919] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.973982] page_type: f5(slab) [ 17.974018] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.974087] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.974189] page dumped because: kasan: bad access detected [ 17.974218] [ 17.974235] Memory state around the buggy address: [ 17.974264] fff00000c5cbb680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974305] fff00000c5cbb700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.974344] >fff00000c5cbb780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974381] ^ [ 17.974407] fff00000c5cbb800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974458] fff00000c5cbb880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974496] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 95.268924] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 95.270367] Modules linked in: [ 95.270578] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc4 #1 PREEMPT [ 95.271348] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 95.271898] Hardware name: linux,dummy-virt (DT) [ 95.272197] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.272656] pc : intlog10+0x38/0x48 [ 95.272879] lr : intlog10_test+0xe4/0x200 [ 95.273078] sp : ffff8000822f7c10 [ 95.273278] x29: ffff8000822f7c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.273699] x26: 1ffe000019735241 x25: 0000000000000000 x24: ffff8000822f7ce0 [ 95.274110] x23: ffff8000822f7d00 x22: 0000000000000000 x21: 1ffff0001045ef82 [ 95.274554] x20: ffff986344e89ec0 x19: ffff800080087990 x18: 00000000da09506a [ 95.275046] x17: fff0679d936d9000 x16: ffff800080010000 x15: 0000000053e84634 [ 95.275555] x14: 000000001608710c x13: 00000000f66d1f48 x12: ffff730c691a3381 [ 95.276009] x11: 1ffff30c691a3380 x10: ffff730c691a3380 x9 : ffff986342436bdc [ 95.276417] x8 : ffff986348d19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.276816] x5 : ffff70001045ef82 x4 : 1ffff00010010f3a x3 : 1ffff30c689d13d8 [ 95.277228] x2 : 1ffff30c689d13d8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.277636] Call trace: [ 95.277808] intlog10+0x38/0x48 (P) [ 95.278038] kunit_try_run_case+0x170/0x3f0 [ 95.278270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.278553] kthread+0x328/0x630 [ 95.278774] ret_from_fork+0x10/0x20 [ 95.279018] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 95.217403] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 95.221154] Modules linked in: [ 95.221674] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc4 #1 PREEMPT [ 95.222857] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 95.223578] Hardware name: linux,dummy-virt (DT) [ 95.224044] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.224679] pc : intlog2+0xd8/0xf8 [ 95.225105] lr : intlog2_test+0xe4/0x200 [ 95.225444] sp : ffff800080fb7c10 [ 95.225610] x29: ffff800080fb7c90 x28: 0000000000000000 x27: 0000000000000000 [ 95.226220] x26: 1ffe000018bc4f01 x25: 0000000000000000 x24: ffff800080fb7ce0 [ 95.226780] x23: ffff800080fb7d00 x22: 0000000000000000 x21: 1ffff000101f6f82 [ 95.227664] x20: ffff986344e89dc0 x19: ffff800080087990 x18: 0000000092acc8f8 [ 95.228411] x17: 00000000fcab2838 x16: fff00000c097583c x15: fff00000ff616b08 [ 95.228799] x14: 00000000f1f1f1f1 x13: 0000000000000005 x12: ffff730c691a3381 [ 95.229147] x11: 1ffff30c691a3380 x10: ffff730c691a3380 x9 : ffff986342436ddc [ 95.229493] x8 : ffff986348d19c03 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 95.230331] x5 : ffff7000101f6f82 x4 : 1ffff00010010f3a x3 : 1ffff30c689d13b8 [ 95.231157] x2 : 1ffff30c689d13b8 x1 : 0000000000000003 x0 : 0000000000000000 [ 95.232080] Call trace: [ 95.232440] intlog2+0xd8/0xf8 (P) [ 95.232898] kunit_try_run_case+0x170/0x3f0 [ 95.233408] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.234055] kthread+0x328/0x630 [ 95.234478] ret_from_fork+0x10/0x20 [ 95.234991] ---[ end trace 0000000000000000 ]---