Date
July 9, 2025, 12:11 a.m.
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 96.546067] Internal error: Oops: 0000000096000005 [#1] SMP [ 96.550279] Modules linked in: [ 96.551442] CPU: 1 UID: 0 PID: 533 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 96.552549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 96.553202] Hardware name: linux,dummy-virt (DT) [ 96.553956] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.554887] pc : kunit_test_null_dereference+0x70/0x170 [ 96.555597] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.556272] sp : ffff800081f97d30 [ 96.556495] x29: ffff800081f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 96.556923] x26: 1ffe000018dd36a1 x25: 0000000000000000 x24: 0000000000000004 [ 96.557277] x23: fff00000c6e9b50c x22: ffffaa5610a225f8 x21: fff00000c4200508 [ 96.557636] x20: 1ffff000103f2fa6 x19: ffff800080087990 x18: 000000006cde1cde [ 96.557982] x17: 0000000018b16897 x16: 0000000000000100 x15: 000000008e7db019 [ 96.558324] x14: 00000000f1f1f1f1 x13: 1ffe00001b48e989 x12: fffd8000197173a4 [ 96.559265] x11: 1ffe0000197173a3 x10: fffd8000197173a3 x9 : ffffaa5610a19a60 [ 96.559948] x8 : ffff800081f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 96.560619] x5 : ffff7000103f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 96.561133] x2 : dfff800000000000 x1 : fff00000cb8b9440 x0 : ffff800080087990 [ 96.561607] Call trace: [ 96.561783] kunit_test_null_dereference+0x70/0x170 (P) [ 96.562103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.562366] kthread+0x328/0x630 [ 96.562649] ret_from_fork+0x10/0x20 [ 96.563153] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 96.563787] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.617164] ================================================================== [ 51.617228] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 51.617228] [ 51.617319] Use-after-free read at 0x00000000b4879c15 (in kfence-#150): [ 51.617374] test_krealloc+0x51c/0x830 [ 51.617434] kunit_try_run_case+0x170/0x3f0 [ 51.617482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.617529] kthread+0x328/0x630 [ 51.617570] ret_from_fork+0x10/0x20 [ 51.617611] [ 51.617637] kfence-#150: 0x00000000b4879c15-0x000000009df091f5, size=32, cache=kmalloc-32 [ 51.617637] [ 51.617692] allocated by task 338 on cpu 1 at 51.616468s (0.001220s ago): [ 51.617763] test_alloc+0x29c/0x628 [ 51.617808] test_krealloc+0xc0/0x830 [ 51.617850] kunit_try_run_case+0x170/0x3f0 [ 51.617889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.617932] kthread+0x328/0x630 [ 51.617970] ret_from_fork+0x10/0x20 [ 51.618008] [ 51.618034] freed by task 338 on cpu 1 at 51.616782s (0.001248s ago): [ 51.618098] krealloc_noprof+0x148/0x360 [ 51.618138] test_krealloc+0x1dc/0x830 [ 51.618178] kunit_try_run_case+0x170/0x3f0 [ 51.618217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.618262] kthread+0x328/0x630 [ 51.618299] ret_from_fork+0x10/0x20 [ 51.618339] [ 51.618384] CPU: 1 UID: 0 PID: 338 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 51.618475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.618505] Hardware name: linux,dummy-virt (DT) [ 51.618540] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.532592] ================================================================== [ 51.532692] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.532692] [ 51.532796] Use-after-free read at 0x0000000042a4f4f7 (in kfence-#149): [ 51.532854] test_memcache_typesafe_by_rcu+0x280/0x560 [ 51.532906] kunit_try_run_case+0x170/0x3f0 [ 51.532952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.532999] kthread+0x328/0x630 [ 51.533039] ret_from_fork+0x10/0x20 [ 51.533087] [ 51.533111] kfence-#149: 0x0000000042a4f4f7-0x0000000010fd2fdc, size=32, cache=test [ 51.533111] [ 51.533164] allocated by task 336 on cpu 0 at 51.520441s (0.012719s ago): [ 51.533236] test_alloc+0x230/0x628 [ 51.533279] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 51.533324] kunit_try_run_case+0x170/0x3f0 [ 51.533364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.533423] kthread+0x328/0x630 [ 51.533459] ret_from_fork+0x10/0x20 [ 51.533499] [ 51.533523] freed by task 336 on cpu 0 at 51.520548s (0.012971s ago): [ 51.533581] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 51.533624] kunit_try_run_case+0x170/0x3f0 [ 51.533666] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 51.533709] kthread+0x328/0x630 [ 51.533745] ret_from_fork+0x10/0x20 [ 51.533786] [ 51.533835] CPU: 0 UID: 0 PID: 336 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 51.533918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.533948] Hardware name: linux,dummy-virt (DT) [ 51.533985] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 29.484739] ================================================================== [ 29.484891] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 29.484891] [ 29.484994] Invalid read at 0x000000006df6cea5: [ 29.485142] test_invalid_access+0xdc/0x1f0 [ 29.485209] kunit_try_run_case+0x170/0x3f0 [ 29.485281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.485466] kthread+0x328/0x630 [ 29.485555] ret_from_fork+0x10/0x20 [ 29.485618] [ 29.486345] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 29.486942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.486998] Hardware name: linux,dummy-virt (DT) [ 29.487374] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 29.253319] ================================================================== [ 29.253442] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.253442] [ 29.253512] Corrupted memory at 0x000000003e921eec [ ! . . . . . . . . . . . . . . . ] (in kfence-#145): [ 29.253833] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.253885] kunit_try_run_case+0x170/0x3f0 [ 29.253931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.253978] kthread+0x328/0x630 [ 29.254019] ret_from_fork+0x10/0x20 [ 29.254061] [ 29.254086] kfence-#145: 0x00000000c9d7eb9a-0x00000000fb033fe8, size=73, cache=kmalloc-96 [ 29.254086] [ 29.254157] allocated by task 326 on cpu 0 at 29.253072s (0.001068s ago): [ 29.254224] test_alloc+0x29c/0x628 [ 29.254267] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 29.254312] kunit_try_run_case+0x170/0x3f0 [ 29.254352] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.254409] kthread+0x328/0x630 [ 29.254446] ret_from_fork+0x10/0x20 [ 29.254486] [ 29.254510] freed by task 326 on cpu 0 at 29.253220s (0.001286s ago): [ 29.254576] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 29.254622] kunit_try_run_case+0x170/0x3f0 [ 29.254661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.254710] kthread+0x328/0x630 [ 29.254752] ret_from_fork+0x10/0x20 [ 29.254793] [ 29.254842] CPU: 0 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 29.254924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.254955] Hardware name: linux,dummy-virt (DT) [ 29.254992] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.148784] ================================================================== [ 29.148901] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.148901] [ 29.149010] Out-of-bounds read at 0x0000000087c812eb (105B right of kfence-#144): [ 29.149080] test_kmalloc_aligned_oob_read+0x238/0x468 [ 29.149131] kunit_try_run_case+0x170/0x3f0 [ 29.149177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.149224] kthread+0x328/0x630 [ 29.149263] ret_from_fork+0x10/0x20 [ 29.149307] [ 29.149333] kfence-#144: 0x00000000487d6161-0x0000000044c3ad43, size=73, cache=kmalloc-96 [ 29.149333] [ 29.149388] allocated by task 324 on cpu 1 at 29.148529s (0.000855s ago): [ 29.149474] test_alloc+0x29c/0x628 [ 29.149518] test_kmalloc_aligned_oob_read+0x100/0x468 [ 29.149563] kunit_try_run_case+0x170/0x3f0 [ 29.149604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.149650] kthread+0x328/0x630 [ 29.149687] ret_from_fork+0x10/0x20 [ 29.149727] [ 29.149779] CPU: 1 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 29.149864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.149894] Hardware name: linux,dummy-virt (DT) [ 29.149931] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.260807] ================================================================== [ 24.260900] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.260900] [ 24.260965] Corrupted memory at 0x00000000daa75484 [ ! ] (in kfence-#97): [ 24.261107] test_corruption+0x284/0x378 [ 24.261154] kunit_try_run_case+0x170/0x3f0 [ 24.261200] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.261246] kthread+0x328/0x630 [ 24.261285] ret_from_fork+0x10/0x20 [ 24.261327] [ 24.261351] kfence-#97: 0x000000009b7f58ef-0x00000000905227e2, size=32, cache=kmalloc-32 [ 24.261351] [ 24.261420] allocated by task 312 on cpu 1 at 24.260529s (0.000887s ago): [ 24.261484] test_alloc+0x29c/0x628 [ 24.261526] test_corruption+0x198/0x378 [ 24.261567] kunit_try_run_case+0x170/0x3f0 [ 24.261608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.261653] kthread+0x328/0x630 [ 24.261689] ret_from_fork+0x10/0x20 [ 24.261727] [ 24.261752] freed by task 312 on cpu 1 at 24.260636s (0.001112s ago): [ 24.261815] test_corruption+0x284/0x378 [ 24.261856] kunit_try_run_case+0x170/0x3f0 [ 24.261896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.261942] kthread+0x328/0x630 [ 24.261978] ret_from_fork+0x10/0x20 [ 24.262019] [ 24.262061] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.262139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.262169] Hardware name: linux,dummy-virt (DT) [ 24.262204] ================================================================== [ 24.156699] ================================================================== [ 24.156795] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.156795] [ 24.156863] Corrupted memory at 0x0000000031e45208 [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 24.157191] test_corruption+0x278/0x378 [ 24.157240] kunit_try_run_case+0x170/0x3f0 [ 24.157288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.157333] kthread+0x328/0x630 [ 24.157377] ret_from_fork+0x10/0x20 [ 24.157436] [ 24.157461] kfence-#96: 0x00000000fd3ee8c3-0x000000002fcb8cc9, size=32, cache=kmalloc-32 [ 24.157461] [ 24.157519] allocated by task 312 on cpu 1 at 24.156491s (0.001025s ago): [ 24.157585] test_alloc+0x29c/0x628 [ 24.157627] test_corruption+0xdc/0x378 [ 24.157668] kunit_try_run_case+0x170/0x3f0 [ 24.157711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.157757] kthread+0x328/0x630 [ 24.157793] ret_from_fork+0x10/0x20 [ 24.157834] [ 24.157858] freed by task 312 on cpu 1 at 24.156604s (0.001250s ago): [ 24.157923] test_corruption+0x278/0x378 [ 24.157964] kunit_try_run_case+0x170/0x3f0 [ 24.158005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.158049] kthread+0x328/0x630 [ 24.158086] ret_from_fork+0x10/0x20 [ 24.158126] [ 24.158174] CPU: 1 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.158254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.158284] Hardware name: linux,dummy-virt (DT) [ 24.158321] ================================================================== [ 24.468670] ================================================================== [ 24.468771] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 24.468771] [ 24.468837] Corrupted memory at 0x000000006e61604c [ ! . . . . . . . . . . . . . . . ] (in kfence-#99): [ 24.469159] test_corruption+0x120/0x378 [ 24.469206] kunit_try_run_case+0x170/0x3f0 [ 24.469255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.469302] kthread+0x328/0x630 [ 24.469345] ret_from_fork+0x10/0x20 [ 24.469392] [ 24.469431] kfence-#99: 0x00000000f73a05a7-0x00000000091248ed, size=32, cache=test [ 24.469431] [ 24.469489] allocated by task 314 on cpu 1 at 24.468515s (0.000970s ago): [ 24.469553] test_alloc+0x230/0x628 [ 24.469595] test_corruption+0xdc/0x378 [ 24.469635] kunit_try_run_case+0x170/0x3f0 [ 24.469678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.469723] kthread+0x328/0x630 [ 24.469760] ret_from_fork+0x10/0x20 [ 24.469801] [ 24.469826] freed by task 314 on cpu 1 at 24.468579s (0.001243s ago): [ 24.469889] test_corruption+0x120/0x378 [ 24.469929] kunit_try_run_case+0x170/0x3f0 [ 24.469971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.470015] kthread+0x328/0x630 [ 24.470053] ret_from_fork+0x10/0x20 [ 24.470093] [ 24.470138] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.470222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.470259] Hardware name: linux,dummy-virt (DT) [ 24.470293] ================================================================== [ 24.572685] ================================================================== [ 24.572775] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 24.572775] [ 24.572839] Corrupted memory at 0x00000000307c5e5e [ ! ] (in kfence-#100): [ 24.572957] test_corruption+0x1d8/0x378 [ 24.573004] kunit_try_run_case+0x170/0x3f0 [ 24.573049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.573102] kthread+0x328/0x630 [ 24.573141] ret_from_fork+0x10/0x20 [ 24.573183] [ 24.573207] kfence-#100: 0x00000000c514062e-0x00000000203c452d, size=32, cache=test [ 24.573207] [ 24.573262] allocated by task 314 on cpu 1 at 24.572543s (0.000715s ago): [ 24.573324] test_alloc+0x230/0x628 [ 24.573367] test_corruption+0x198/0x378 [ 24.573419] kunit_try_run_case+0x170/0x3f0 [ 24.573461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.573506] kthread+0x328/0x630 [ 24.573543] ret_from_fork+0x10/0x20 [ 24.573582] [ 24.573605] freed by task 314 on cpu 1 at 24.572599s (0.001002s ago): [ 24.573668] test_corruption+0x1d8/0x378 [ 24.573710] kunit_try_run_case+0x170/0x3f0 [ 24.573749] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.573793] kthread+0x328/0x630 [ 24.573829] ret_from_fork+0x10/0x20 [ 24.573869] [ 24.573911] CPU: 1 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.573989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.574020] Hardware name: linux,dummy-virt (DT) [ 24.574053] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 23.948644] ================================================================== [ 23.948740] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 23.948740] [ 23.948805] Invalid free of 0x00000000badb57dd (in kfence-#94): [ 23.948863] test_invalid_addr_free+0x1ac/0x238 [ 23.948913] kunit_try_run_case+0x170/0x3f0 [ 23.948975] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.949019] kthread+0x328/0x630 [ 23.949058] ret_from_fork+0x10/0x20 [ 23.949108] [ 23.949133] kfence-#94: 0x000000002236b352-0x00000000ad6e720e, size=32, cache=kmalloc-32 [ 23.949133] [ 23.949187] allocated by task 308 on cpu 0 at 23.948492s (0.000691s ago): [ 23.949252] test_alloc+0x29c/0x628 [ 23.949295] test_invalid_addr_free+0xd4/0x238 [ 23.949337] kunit_try_run_case+0x170/0x3f0 [ 23.949379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.949437] kthread+0x328/0x630 [ 23.949475] ret_from_fork+0x10/0x20 [ 23.949514] [ 23.949564] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.949647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.949676] Hardware name: linux,dummy-virt (DT) [ 23.949714] ================================================================== [ 24.052676] ================================================================== [ 24.052771] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 24.052771] [ 24.052834] Invalid free of 0x00000000b2c684f0 (in kfence-#95): [ 24.052888] test_invalid_addr_free+0xec/0x238 [ 24.052936] kunit_try_run_case+0x170/0x3f0 [ 24.052981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.053027] kthread+0x328/0x630 [ 24.053065] ret_from_fork+0x10/0x20 [ 24.053114] [ 24.053139] kfence-#95: 0x0000000040429a02-0x0000000085951ed4, size=32, cache=test [ 24.053139] [ 24.053194] allocated by task 310 on cpu 0 at 24.052545s (0.000645s ago): [ 24.053256] test_alloc+0x230/0x628 [ 24.053297] test_invalid_addr_free+0xd4/0x238 [ 24.053340] kunit_try_run_case+0x170/0x3f0 [ 24.053379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.053434] kthread+0x328/0x630 [ 24.053470] ret_from_fork+0x10/0x20 [ 24.053513] [ 24.053555] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.053637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.053665] Hardware name: linux,dummy-virt (DT) [ 24.053703] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 23.844684] ================================================================== [ 23.844782] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 23.844782] [ 23.844845] Invalid free of 0x0000000047b28c95 (in kfence-#93): [ 23.844897] test_double_free+0x100/0x238 [ 23.844944] kunit_try_run_case+0x170/0x3f0 [ 23.844988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.845033] kthread+0x328/0x630 [ 23.845079] ret_from_fork+0x10/0x20 [ 23.845120] [ 23.845147] kfence-#93: 0x0000000047b28c95-0x00000000b20710b9, size=32, cache=test [ 23.845147] [ 23.845201] allocated by task 306 on cpu 1 at 23.844487s (0.000710s ago): [ 23.845265] test_alloc+0x230/0x628 [ 23.845307] test_double_free+0xd4/0x238 [ 23.845348] kunit_try_run_case+0x170/0x3f0 [ 23.845390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.845446] kthread+0x328/0x630 [ 23.845483] ret_from_fork+0x10/0x20 [ 23.845524] [ 23.845549] freed by task 306 on cpu 1 at 23.844548s (0.000997s ago): [ 23.845615] test_double_free+0xf0/0x238 [ 23.845657] kunit_try_run_case+0x170/0x3f0 [ 23.845698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.845743] kthread+0x328/0x630 [ 23.845780] ret_from_fork+0x10/0x20 [ 23.845821] [ 23.845867] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.845950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.845978] Hardware name: linux,dummy-virt (DT) [ 23.846014] ================================================================== [ 23.744985] ================================================================== [ 23.745106] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 23.745106] [ 23.745412] Invalid free of 0x00000000d34f7ba8 (in kfence-#92): [ 23.745506] test_double_free+0x1bc/0x238 [ 23.745561] kunit_try_run_case+0x170/0x3f0 [ 23.745606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.745683] kthread+0x328/0x630 [ 23.745745] ret_from_fork+0x10/0x20 [ 23.745790] [ 23.745830] kfence-#92: 0x00000000d34f7ba8-0x00000000e034250a, size=32, cache=kmalloc-32 [ 23.745830] [ 23.745933] allocated by task 304 on cpu 1 at 23.744689s (0.001222s ago): [ 23.746023] test_alloc+0x29c/0x628 [ 23.746066] test_double_free+0xd4/0x238 [ 23.746126] kunit_try_run_case+0x170/0x3f0 [ 23.746167] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.746209] kthread+0x328/0x630 [ 23.746257] ret_from_fork+0x10/0x20 [ 23.746305] [ 23.746346] freed by task 304 on cpu 1 at 23.744762s (0.001572s ago): [ 23.746420] test_double_free+0x1ac/0x238 [ 23.746462] kunit_try_run_case+0x170/0x3f0 [ 23.746512] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.746555] kthread+0x328/0x630 [ 23.746592] ret_from_fork+0x10/0x20 [ 23.746636] [ 23.746684] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.746767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.746795] Hardware name: linux,dummy-virt (DT) [ 23.746843] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.329419] ================================================================== [ 23.329551] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.329551] [ 23.329653] Use-after-free read at 0x0000000000b62a98 (in kfence-#88): [ 23.329706] test_use_after_free_read+0x114/0x248 [ 23.329892] kunit_try_run_case+0x170/0x3f0 [ 23.329987] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.330032] kthread+0x328/0x630 [ 23.330073] ret_from_fork+0x10/0x20 [ 23.330292] [ 23.330498] kfence-#88: 0x0000000000b62a98-0x000000005c43023c, size=32, cache=kmalloc-32 [ 23.330498] [ 23.330580] allocated by task 296 on cpu 1 at 23.329028s (0.001541s ago): [ 23.330669] test_alloc+0x29c/0x628 [ 23.330728] test_use_after_free_read+0xd0/0x248 [ 23.330772] kunit_try_run_case+0x170/0x3f0 [ 23.330829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.330890] kthread+0x328/0x630 [ 23.330927] ret_from_fork+0x10/0x20 [ 23.330973] [ 23.331021] freed by task 296 on cpu 1 at 23.329120s (0.001891s ago): [ 23.331102] test_use_after_free_read+0x1c0/0x248 [ 23.331161] kunit_try_run_case+0x170/0x3f0 [ 23.331229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.331325] kthread+0x328/0x630 [ 23.331371] ret_from_fork+0x10/0x20 [ 23.331437] [ 23.331502] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.331642] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.331679] Hardware name: linux,dummy-virt (DT) [ 23.331726] ================================================================== [ 23.433125] ================================================================== [ 23.433248] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.433248] [ 23.433339] Use-after-free read at 0x0000000028235b8c (in kfence-#89): [ 23.433416] test_use_after_free_read+0x114/0x248 [ 23.433612] kunit_try_run_case+0x170/0x3f0 [ 23.433675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.433841] kthread+0x328/0x630 [ 23.433897] ret_from_fork+0x10/0x20 [ 23.434029] [ 23.434057] kfence-#89: 0x0000000028235b8c-0x00000000d6d64202, size=32, cache=test [ 23.434057] [ 23.434284] allocated by task 298 on cpu 1 at 23.432672s (0.001443s ago): [ 23.434389] test_alloc+0x230/0x628 [ 23.434442] test_use_after_free_read+0xd0/0x248 [ 23.434487] kunit_try_run_case+0x170/0x3f0 [ 23.434548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.434625] kthread+0x328/0x630 [ 23.434662] ret_from_fork+0x10/0x20 [ 23.434708] [ 23.434757] freed by task 298 on cpu 1 at 23.432729s (0.002007s ago): [ 23.434879] test_use_after_free_read+0xf0/0x248 [ 23.434935] kunit_try_run_case+0x170/0x3f0 [ 23.434976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.435235] kthread+0x328/0x630 [ 23.435310] ret_from_fork+0x10/0x20 [ 23.435352] [ 23.435481] CPU: 1 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.435666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.435716] Hardware name: linux,dummy-virt (DT) [ 23.435753] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.224717] ================================================================== [ 23.224795] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.224795] [ 23.224883] Out-of-bounds write at 0x00000000c990637b (1B left of kfence-#87): [ 23.224952] test_out_of_bounds_write+0x100/0x240 [ 23.225002] kunit_try_run_case+0x170/0x3f0 [ 23.225046] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.225159] kthread+0x328/0x630 [ 23.225222] ret_from_fork+0x10/0x20 [ 23.225383] [ 23.225514] kfence-#87: 0x00000000fba22dce-0x00000000a0ff4a3e, size=32, cache=test [ 23.225514] [ 23.225672] allocated by task 294 on cpu 1 at 23.224635s (0.001033s ago): [ 23.225901] test_alloc+0x230/0x628 [ 23.226066] test_out_of_bounds_write+0xc8/0x240 [ 23.226134] kunit_try_run_case+0x170/0x3f0 [ 23.226326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.226553] kthread+0x328/0x630 [ 23.226607] ret_from_fork+0x10/0x20 [ 23.226749] [ 23.226910] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.227181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.227263] Hardware name: linux,dummy-virt (DT) [ 23.227322] ================================================================== [ 23.117913] ================================================================== [ 23.117996] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.117996] [ 23.118107] Out-of-bounds write at 0x00000000b9e5bd33 (1B left of kfence-#86): [ 23.118165] test_out_of_bounds_write+0x100/0x240 [ 23.118261] kunit_try_run_case+0x170/0x3f0 [ 23.118308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.118353] kthread+0x328/0x630 [ 23.118392] ret_from_fork+0x10/0x20 [ 23.118551] [ 23.118576] kfence-#86: 0x0000000076ef7448-0x00000000e571aee4, size=32, cache=kmalloc-32 [ 23.118576] [ 23.118734] allocated by task 292 on cpu 1 at 23.117012s (0.001719s ago): [ 23.118807] test_alloc+0x29c/0x628 [ 23.118867] test_out_of_bounds_write+0xc8/0x240 [ 23.118909] kunit_try_run_case+0x170/0x3f0 [ 23.118950] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.118994] kthread+0x328/0x630 [ 23.119030] ret_from_fork+0x10/0x20 [ 23.119100] [ 23.119247] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.119489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.119557] Hardware name: linux,dummy-virt (DT) [ 23.119593] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.475579] ================================================================== [ 22.476096] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.476096] [ 22.476598] Out-of-bounds read at 0x00000000b9a4f087 (1B left of kfence-#80): [ 22.476917] test_out_of_bounds_read+0x114/0x3e0 [ 22.477029] kunit_try_run_case+0x170/0x3f0 [ 22.477378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.477495] kthread+0x328/0x630 [ 22.477566] ret_from_fork+0x10/0x20 [ 22.477609] [ 22.477690] kfence-#80: 0x00000000f9a5051e-0x00000000d120b72f, size=32, cache=kmalloc-32 [ 22.477690] [ 22.477760] allocated by task 288 on cpu 1 at 22.473977s (0.003779s ago): [ 22.477837] test_alloc+0x29c/0x628 [ 22.477880] test_out_of_bounds_read+0xdc/0x3e0 [ 22.477942] kunit_try_run_case+0x170/0x3f0 [ 22.477999] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.478060] kthread+0x328/0x630 [ 22.478104] ret_from_fork+0x10/0x20 [ 22.478178] [ 22.478231] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.478327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.478367] Hardware name: linux,dummy-virt (DT) [ 22.478682] ================================================================== [ 22.797475] ================================================================== [ 22.797572] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.797572] [ 22.797679] Out-of-bounds read at 0x000000008a681964 (1B left of kfence-#83): [ 22.797754] test_out_of_bounds_read+0x114/0x3e0 [ 22.797818] kunit_try_run_case+0x170/0x3f0 [ 22.797885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.797929] kthread+0x328/0x630 [ 22.797986] ret_from_fork+0x10/0x20 [ 22.798027] [ 22.798051] kfence-#83: 0x000000001f3b5790-0x00000000b8f2dbc1, size=32, cache=test [ 22.798051] [ 22.798375] allocated by task 290 on cpu 1 at 22.797245s (0.001122s ago): [ 22.798564] test_alloc+0x230/0x628 [ 22.798610] test_out_of_bounds_read+0xdc/0x3e0 [ 22.798669] kunit_try_run_case+0x170/0x3f0 [ 22.798712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.798756] kthread+0x328/0x630 [ 22.798807] ret_from_fork+0x10/0x20 [ 22.798854] [ 22.798909] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.799010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.799058] Hardware name: linux,dummy-virt (DT) [ 22.799092] ================================================================== [ 22.905904] ================================================================== [ 22.906003] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.906003] [ 22.906090] Out-of-bounds read at 0x00000000ad50ace4 (32B right of kfence-#84): [ 22.906156] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.906222] kunit_try_run_case+0x170/0x3f0 [ 22.906463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.906528] kthread+0x328/0x630 [ 22.906587] ret_from_fork+0x10/0x20 [ 22.906638] [ 22.906686] kfence-#84: 0x0000000001508f73-0x0000000068dde7ef, size=32, cache=test [ 22.906686] [ 22.906752] allocated by task 290 on cpu 1 at 22.905774s (0.000967s ago): [ 22.906823] test_alloc+0x230/0x628 [ 22.907048] test_out_of_bounds_read+0x198/0x3e0 [ 22.907130] kunit_try_run_case+0x170/0x3f0 [ 22.907173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.907227] kthread+0x328/0x630 [ 22.907284] ret_from_fork+0x10/0x20 [ 22.907350] [ 22.907424] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.907508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.907538] Hardware name: linux,dummy-virt (DT) [ 22.907572] ================================================================== [ 22.582445] ================================================================== [ 22.582766] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.582766] [ 22.583164] Out-of-bounds read at 0x00000000f7aa01da (32B right of kfence-#81): [ 22.583336] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.583454] kunit_try_run_case+0x170/0x3f0 [ 22.583507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.583573] kthread+0x328/0x630 [ 22.583631] ret_from_fork+0x10/0x20 [ 22.583675] [ 22.583701] kfence-#81: 0x00000000aa4a6067-0x00000000d96589e3, size=32, cache=kmalloc-32 [ 22.583701] [ 22.584031] allocated by task 288 on cpu 1 at 22.581985s (0.002036s ago): [ 22.584135] test_alloc+0x29c/0x628 [ 22.584187] test_out_of_bounds_read+0x198/0x3e0 [ 22.584231] kunit_try_run_case+0x170/0x3f0 [ 22.584272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.584606] kthread+0x328/0x630 [ 22.584754] ret_from_fork+0x10/0x20 [ 22.584825] [ 22.584967] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.585088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.585223] Hardware name: linux,dummy-virt (DT) [ 22.585557] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kasan_atomics
[ 22.088824] ================================================================== [ 22.088880] BUG: KFENCE: memory corruption in kasan_atomics+0x1a0/0x2e0 [ 22.088880] [ 22.088940] Corrupted memory at 0x00000000aaf4f6e5 [ ! ! ! ! ! ! ! ! . . . . . . . . ] (in kfence-#76): [ 22.089479] kasan_atomics+0x1a0/0x2e0 [ 22.089525] kunit_try_run_case+0x170/0x3f0 [ 22.089574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.089639] kthread+0x328/0x630 [ 22.089675] ret_from_fork+0x10/0x20 [ 22.089729] [ 22.089755] kfence-#76: 0x0000000056294201-0x000000005649a9b8, size=48, cache=kmalloc-64 [ 22.089755] [ 22.089841] allocated by task 266 on cpu 1 at 22.052813s (0.037017s ago): [ 22.089909] kasan_atomics+0xb8/0x2e0 [ 22.089969] kunit_try_run_case+0x170/0x3f0 [ 22.090013] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.090094] kthread+0x328/0x630 [ 22.090129] ret_from_fork+0x10/0x20 [ 22.090186] [ 22.090234] freed by task 266 on cpu 1 at 22.088382s (0.001841s ago): [ 22.090300] kasan_atomics+0x1a0/0x2e0 [ 22.091175] kunit_try_run_case+0x170/0x3f0 [ 22.091841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.092262] kthread+0x328/0x630 [ 22.092337] ret_from_fork+0x10/0x20 [ 22.092470] [ 22.092516] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.092937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.093020] Hardware name: linux,dummy-virt (DT) [ 22.093085] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 19.330132] ================================================================== [ 19.330249] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x224/0x488 [ 19.330249] [ 19.330323] Corrupted memory at 0x00000000403df2ee [ ! . . . . . . . . . . . . . . . ] (in kfence-#55): [ 19.332663] kmalloc_track_caller_oob_right+0x224/0x488 [ 19.332723] kunit_try_run_case+0x170/0x3f0 [ 19.332766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.332810] kthread+0x328/0x630 [ 19.332845] ret_from_fork+0x10/0x20 [ 19.332927] [ 19.333149] kfence-#55: 0x00000000ab055b25-0x0000000051e37aa2, size=120, cache=kmalloc-128 [ 19.333149] [ 19.333931] allocated by task 143 on cpu 1 at 19.323287s (0.010030s ago): [ 19.334251] kmalloc_track_caller_oob_right+0x184/0x488 [ 19.334450] kunit_try_run_case+0x170/0x3f0 [ 19.334495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334565] kthread+0x328/0x630 [ 19.334599] ret_from_fork+0x10/0x20 [ 19.334671] [ 19.334808] freed by task 143 on cpu 1 at 19.326499s (0.008211s ago): [ 19.334935] kmalloc_track_caller_oob_right+0x224/0x488 [ 19.335125] kunit_try_run_case+0x170/0x3f0 [ 19.335283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.335327] kthread+0x328/0x630 [ 19.335385] ret_from_fork+0x10/0x20 [ 19.335451] [ 19.335517] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.335647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.335673] Hardware name: linux,dummy-virt (DT) [ 19.335736] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.291801] ================================================================== [ 22.291855] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 22.291911] Write of size 1 at addr fff00000c6e98978 by task kunit_try_catch/286 [ 22.292466] [ 22.292522] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.292900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.293096] Hardware name: linux,dummy-virt (DT) [ 22.293170] Call trace: [ 22.293206] show_stack+0x20/0x38 (C) [ 22.293588] dump_stack_lvl+0x8c/0xd0 [ 22.293657] print_report+0x118/0x608 [ 22.294057] kasan_report+0xdc/0x128 [ 22.294132] __asan_report_store1_noabort+0x20/0x30 [ 22.294556] strncpy_from_user+0x270/0x2a0 [ 22.294642] copy_user_test_oob+0x5c0/0xec8 [ 22.294876] kunit_try_run_case+0x170/0x3f0 [ 22.295059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.295169] kthread+0x328/0x630 [ 22.295412] ret_from_fork+0x10/0x20 [ 22.295642] [ 22.295689] Allocated by task 286: [ 22.295722] kasan_save_stack+0x3c/0x68 [ 22.295988] kasan_save_track+0x20/0x40 [ 22.296199] kasan_save_alloc_info+0x40/0x58 [ 22.296313] __kasan_kmalloc+0xd4/0xd8 [ 22.296367] __kmalloc_noprof+0x198/0x4c8 [ 22.296705] kunit_kmalloc_array+0x34/0x88 [ 22.296933] copy_user_test_oob+0xac/0xec8 [ 22.296993] kunit_try_run_case+0x170/0x3f0 [ 22.297203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.297441] kthread+0x328/0x630 [ 22.297493] ret_from_fork+0x10/0x20 [ 22.297595] [ 22.297918] The buggy address belongs to the object at fff00000c6e98900 [ 22.297918] which belongs to the cache kmalloc-128 of size 128 [ 22.298241] The buggy address is located 0 bytes to the right of [ 22.298241] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.298510] [ 22.298607] The buggy address belongs to the physical page: [ 22.298701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.298786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.298984] page_type: f5(slab) [ 22.299181] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.299254] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.299702] page dumped because: kasan: bad access detected [ 22.300042] [ 22.300104] Memory state around the buggy address: [ 22.300313] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.300649] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.300892] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.300959] ^ [ 22.301005] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.301088] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.301130] ================================================================== [ 22.285221] ================================================================== [ 22.285295] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 22.285354] Write of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.285421] [ 22.285453] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.285536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.285565] Hardware name: linux,dummy-virt (DT) [ 22.285673] Call trace: [ 22.285708] show_stack+0x20/0x38 (C) [ 22.285761] dump_stack_lvl+0x8c/0xd0 [ 22.285925] print_report+0x118/0x608 [ 22.286099] kasan_report+0xdc/0x128 [ 22.286349] kasan_check_range+0x100/0x1a8 [ 22.286497] __kasan_check_write+0x20/0x30 [ 22.286551] strncpy_from_user+0x3c/0x2a0 [ 22.286607] copy_user_test_oob+0x5c0/0xec8 [ 22.286714] kunit_try_run_case+0x170/0x3f0 [ 22.286766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.286822] kthread+0x328/0x630 [ 22.287202] ret_from_fork+0x10/0x20 [ 22.287327] [ 22.287365] Allocated by task 286: [ 22.287465] kasan_save_stack+0x3c/0x68 [ 22.287531] kasan_save_track+0x20/0x40 [ 22.287577] kasan_save_alloc_info+0x40/0x58 [ 22.287628] __kasan_kmalloc+0xd4/0xd8 [ 22.287916] __kmalloc_noprof+0x198/0x4c8 [ 22.287992] kunit_kmalloc_array+0x34/0x88 [ 22.288156] copy_user_test_oob+0xac/0xec8 [ 22.288240] kunit_try_run_case+0x170/0x3f0 [ 22.288293] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.288446] kthread+0x328/0x630 [ 22.288531] ret_from_fork+0x10/0x20 [ 22.288570] [ 22.288591] The buggy address belongs to the object at fff00000c6e98900 [ 22.288591] which belongs to the cache kmalloc-128 of size 128 [ 22.288993] The buggy address is located 0 bytes inside of [ 22.288993] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.289384] [ 22.289576] The buggy address belongs to the physical page: [ 22.289616] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.289944] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.290010] page_type: f5(slab) [ 22.290095] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.290183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.290243] page dumped because: kasan: bad access detected [ 22.290279] [ 22.290316] Memory state around the buggy address: [ 22.290356] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.290430] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.290476] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.290518] ^ [ 22.290563] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.290624] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.290667] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 22.275449] ================================================================== [ 22.275503] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 22.275583] Write of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.275655] [ 22.275743] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.275845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.275899] Hardware name: linux,dummy-virt (DT) [ 22.275973] Call trace: [ 22.275999] show_stack+0x20/0x38 (C) [ 22.276147] dump_stack_lvl+0x8c/0xd0 [ 22.276243] print_report+0x118/0x608 [ 22.276311] kasan_report+0xdc/0x128 [ 22.276359] kasan_check_range+0x100/0x1a8 [ 22.276420] __kasan_check_write+0x20/0x30 [ 22.276467] copy_user_test_oob+0x434/0xec8 [ 22.276517] kunit_try_run_case+0x170/0x3f0 [ 22.276721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.276880] kthread+0x328/0x630 [ 22.276976] ret_from_fork+0x10/0x20 [ 22.277077] [ 22.277156] Allocated by task 286: [ 22.277224] kasan_save_stack+0x3c/0x68 [ 22.277321] kasan_save_track+0x20/0x40 [ 22.277429] kasan_save_alloc_info+0x40/0x58 [ 22.277486] __kasan_kmalloc+0xd4/0xd8 [ 22.277525] __kmalloc_noprof+0x198/0x4c8 [ 22.277705] kunit_kmalloc_array+0x34/0x88 [ 22.277836] copy_user_test_oob+0xac/0xec8 [ 22.278080] kunit_try_run_case+0x170/0x3f0 [ 22.278148] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.278234] kthread+0x328/0x630 [ 22.278514] ret_from_fork+0x10/0x20 [ 22.278584] [ 22.278606] The buggy address belongs to the object at fff00000c6e98900 [ 22.278606] which belongs to the cache kmalloc-128 of size 128 [ 22.278678] The buggy address is located 0 bytes inside of [ 22.278678] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.278744] [ 22.278780] The buggy address belongs to the physical page: [ 22.278814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.278868] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.278933] page_type: f5(slab) [ 22.278974] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.279026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.279068] page dumped because: kasan: bad access detected [ 22.279112] [ 22.279141] Memory state around the buggy address: [ 22.279175] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.279221] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.279271] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.279322] ^ [ 22.279365] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.279769] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.279868] ================================================================== [ 22.280427] ================================================================== [ 22.280477] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 22.280527] Read of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.280579] [ 22.280610] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.280695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.280765] Hardware name: linux,dummy-virt (DT) [ 22.280802] Call trace: [ 22.280825] show_stack+0x20/0x38 (C) [ 22.280887] dump_stack_lvl+0x8c/0xd0 [ 22.281037] print_report+0x118/0x608 [ 22.281096] kasan_report+0xdc/0x128 [ 22.281142] kasan_check_range+0x100/0x1a8 [ 22.281193] __kasan_check_read+0x20/0x30 [ 22.281240] copy_user_test_oob+0x4a0/0xec8 [ 22.281475] kunit_try_run_case+0x170/0x3f0 [ 22.281559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.281663] kthread+0x328/0x630 [ 22.281709] ret_from_fork+0x10/0x20 [ 22.281777] [ 22.281853] Allocated by task 286: [ 22.281903] kasan_save_stack+0x3c/0x68 [ 22.281958] kasan_save_track+0x20/0x40 [ 22.282000] kasan_save_alloc_info+0x40/0x58 [ 22.282043] __kasan_kmalloc+0xd4/0xd8 [ 22.282083] __kmalloc_noprof+0x198/0x4c8 [ 22.282147] kunit_kmalloc_array+0x34/0x88 [ 22.282189] copy_user_test_oob+0xac/0xec8 [ 22.282387] kunit_try_run_case+0x170/0x3f0 [ 22.282474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.282541] kthread+0x328/0x630 [ 22.282598] ret_from_fork+0x10/0x20 [ 22.282638] [ 22.282721] The buggy address belongs to the object at fff00000c6e98900 [ 22.282721] which belongs to the cache kmalloc-128 of size 128 [ 22.282798] The buggy address is located 0 bytes inside of [ 22.282798] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.282888] [ 22.282927] The buggy address belongs to the physical page: [ 22.282979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.283032] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.283081] page_type: f5(slab) [ 22.283146] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.283199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.283366] page dumped because: kasan: bad access detected [ 22.283551] [ 22.283638] Memory state around the buggy address: [ 22.283694] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.283760] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.283835] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.283897] ^ [ 22.283942] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.283987] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.284076] ================================================================== [ 22.270186] ================================================================== [ 22.270241] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 22.270502] Read of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.270558] [ 22.270592] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.270677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.270707] Hardware name: linux,dummy-virt (DT) [ 22.270741] Call trace: [ 22.270766] show_stack+0x20/0x38 (C) [ 22.270816] dump_stack_lvl+0x8c/0xd0 [ 22.270865] print_report+0x118/0x608 [ 22.270913] kasan_report+0xdc/0x128 [ 22.270961] kasan_check_range+0x100/0x1a8 [ 22.271012] __kasan_check_read+0x20/0x30 [ 22.271058] copy_user_test_oob+0x3c8/0xec8 [ 22.271108] kunit_try_run_case+0x170/0x3f0 [ 22.271158] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.271213] kthread+0x328/0x630 [ 22.271257] ret_from_fork+0x10/0x20 [ 22.271306] [ 22.271328] Allocated by task 286: [ 22.271358] kasan_save_stack+0x3c/0x68 [ 22.271415] kasan_save_track+0x20/0x40 [ 22.271456] kasan_save_alloc_info+0x40/0x58 [ 22.271500] __kasan_kmalloc+0xd4/0xd8 [ 22.271539] __kmalloc_noprof+0x198/0x4c8 [ 22.271618] kunit_kmalloc_array+0x34/0x88 [ 22.271678] copy_user_test_oob+0xac/0xec8 [ 22.271746] kunit_try_run_case+0x170/0x3f0 [ 22.271834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.271901] kthread+0x328/0x630 [ 22.271961] ret_from_fork+0x10/0x20 [ 22.272076] [ 22.272117] The buggy address belongs to the object at fff00000c6e98900 [ 22.272117] which belongs to the cache kmalloc-128 of size 128 [ 22.272207] The buggy address is located 0 bytes inside of [ 22.272207] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.272356] [ 22.272436] The buggy address belongs to the physical page: [ 22.272498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.272853] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.272987] page_type: f5(slab) [ 22.273046] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.273131] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.273264] page dumped because: kasan: bad access detected [ 22.273313] [ 22.273353] Memory state around the buggy address: [ 22.273676] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.273795] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.273909] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.273972] ^ [ 22.274018] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274377] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274530] ================================================================== [ 22.223260] ================================================================== [ 22.223373] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 22.224887] Write of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.224995] [ 22.225071] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.225551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.225613] Hardware name: linux,dummy-virt (DT) [ 22.226013] Call trace: [ 22.226054] show_stack+0x20/0x38 (C) [ 22.226480] dump_stack_lvl+0x8c/0xd0 [ 22.226540] print_report+0x118/0x608 [ 22.226596] kasan_report+0xdc/0x128 [ 22.226646] kasan_check_range+0x100/0x1a8 [ 22.226697] __kasan_check_write+0x20/0x30 [ 22.226781] copy_user_test_oob+0x234/0xec8 [ 22.226842] kunit_try_run_case+0x170/0x3f0 [ 22.226897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.226951] kthread+0x328/0x630 [ 22.227006] ret_from_fork+0x10/0x20 [ 22.227068] [ 22.227089] Allocated by task 286: [ 22.227122] kasan_save_stack+0x3c/0x68 [ 22.227180] kasan_save_track+0x20/0x40 [ 22.227221] kasan_save_alloc_info+0x40/0x58 [ 22.227264] __kasan_kmalloc+0xd4/0xd8 [ 22.227314] __kmalloc_noprof+0x198/0x4c8 [ 22.227367] kunit_kmalloc_array+0x34/0x88 [ 22.227432] copy_user_test_oob+0xac/0xec8 [ 22.227488] kunit_try_run_case+0x170/0x3f0 [ 22.227536] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.227588] kthread+0x328/0x630 [ 22.227623] ret_from_fork+0x10/0x20 [ 22.227683] [ 22.227713] The buggy address belongs to the object at fff00000c6e98900 [ 22.227713] which belongs to the cache kmalloc-128 of size 128 [ 22.227785] The buggy address is located 0 bytes inside of [ 22.227785] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.227865] [ 22.227900] The buggy address belongs to the physical page: [ 22.227945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.228012] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.229368] page_type: f5(slab) [ 22.229480] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.229572] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.229636] page dumped because: kasan: bad access detected [ 22.229669] [ 22.229719] Memory state around the buggy address: [ 22.229757] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.229823] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.229885] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.229949] ^ [ 22.229995] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.230058] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.230126] ================================================================== [ 22.238930] ================================================================== [ 22.239028] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 22.239168] Read of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.239234] [ 22.239271] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.239790] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.239832] Hardware name: linux,dummy-virt (DT) [ 22.239867] Call trace: [ 22.239894] show_stack+0x20/0x38 (C) [ 22.240233] dump_stack_lvl+0x8c/0xd0 [ 22.240327] print_report+0x118/0x608 [ 22.240465] kasan_report+0xdc/0x128 [ 22.240555] kasan_check_range+0x100/0x1a8 [ 22.240643] __kasan_check_read+0x20/0x30 [ 22.240786] copy_user_test_oob+0x728/0xec8 [ 22.240837] kunit_try_run_case+0x170/0x3f0 [ 22.241303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.241691] kthread+0x328/0x630 [ 22.241871] ret_from_fork+0x10/0x20 [ 22.241930] [ 22.241981] Allocated by task 286: [ 22.242230] kasan_save_stack+0x3c/0x68 [ 22.242420] kasan_save_track+0x20/0x40 [ 22.242644] kasan_save_alloc_info+0x40/0x58 [ 22.242891] __kasan_kmalloc+0xd4/0xd8 [ 22.243068] __kmalloc_noprof+0x198/0x4c8 [ 22.243861] kunit_kmalloc_array+0x34/0x88 [ 22.243948] copy_user_test_oob+0xac/0xec8 [ 22.244009] kunit_try_run_case+0x170/0x3f0 [ 22.244106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.244299] kthread+0x328/0x630 [ 22.244583] ret_from_fork+0x10/0x20 [ 22.244905] [ 22.244946] The buggy address belongs to the object at fff00000c6e98900 [ 22.244946] which belongs to the cache kmalloc-128 of size 128 [ 22.245435] The buggy address is located 0 bytes inside of [ 22.245435] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.245555] [ 22.245597] The buggy address belongs to the physical page: [ 22.245632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.245688] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.245748] page_type: f5(slab) [ 22.245804] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.245859] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.245915] page dumped because: kasan: bad access detected [ 22.245958] [ 22.245979] Memory state around the buggy address: [ 22.246022] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.246069] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.246123] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.246164] ^ [ 22.246208] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.246254] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.246304] ================================================================== [ 22.254932] ================================================================== [ 22.254999] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 22.255300] Write of size 121 at addr fff00000c6e98900 by task kunit_try_catch/286 [ 22.255482] [ 22.255525] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.255784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.255827] Hardware name: linux,dummy-virt (DT) [ 22.255992] Call trace: [ 22.256019] show_stack+0x20/0x38 (C) [ 22.256214] dump_stack_lvl+0x8c/0xd0 [ 22.256474] print_report+0x118/0x608 [ 22.256641] kasan_report+0xdc/0x128 [ 22.256997] kasan_check_range+0x100/0x1a8 [ 22.257109] __kasan_check_write+0x20/0x30 [ 22.257332] copy_user_test_oob+0x35c/0xec8 [ 22.257391] kunit_try_run_case+0x170/0x3f0 [ 22.257837] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.258445] kthread+0x328/0x630 [ 22.258511] ret_from_fork+0x10/0x20 [ 22.260097] [ 22.260145] Allocated by task 286: [ 22.260440] kasan_save_stack+0x3c/0x68 [ 22.260510] kasan_save_track+0x20/0x40 [ 22.263819] kasan_save_alloc_info+0x40/0x58 [ 22.263990] __kasan_kmalloc+0xd4/0xd8 [ 22.264967] __kmalloc_noprof+0x198/0x4c8 [ 22.265606] kunit_kmalloc_array+0x34/0x88 [ 22.265689] copy_user_test_oob+0xac/0xec8 [ 22.266444] kunit_try_run_case+0x170/0x3f0 [ 22.266503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.266550] kthread+0x328/0x630 [ 22.266589] ret_from_fork+0x10/0x20 [ 22.266628] [ 22.266651] The buggy address belongs to the object at fff00000c6e98900 [ 22.266651] which belongs to the cache kmalloc-128 of size 128 [ 22.266714] The buggy address is located 0 bytes inside of [ 22.266714] allocated 120-byte region [fff00000c6e98900, fff00000c6e98978) [ 22.266779] [ 22.266803] The buggy address belongs to the physical page: [ 22.266843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.266900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.266952] page_type: f5(slab) [ 22.266995] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.267049] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.267093] page dumped because: kasan: bad access detected [ 22.267127] [ 22.267148] Memory state around the buggy address: [ 22.267183] fff00000c6e98800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.267229] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.267274] >fff00000c6e98900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.267316] ^ [ 22.267359] fff00000c6e98980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.267415] fff00000c6e98a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.267458] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 22.169687] ================================================================== [ 22.169774] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 22.169930] Read of size 8 at addr fff00000c6e98878 by task kunit_try_catch/282 [ 22.170005] [ 22.170052] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.170261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.170486] Hardware name: linux,dummy-virt (DT) [ 22.170536] Call trace: [ 22.170565] show_stack+0x20/0x38 (C) [ 22.170744] dump_stack_lvl+0x8c/0xd0 [ 22.170915] print_report+0x118/0x608 [ 22.170979] kasan_report+0xdc/0x128 [ 22.171084] __asan_report_load8_noabort+0x20/0x30 [ 22.171167] copy_to_kernel_nofault+0x204/0x250 [ 22.171478] copy_to_kernel_nofault_oob+0x158/0x418 [ 22.171562] kunit_try_run_case+0x170/0x3f0 [ 22.171618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.172243] kthread+0x328/0x630 [ 22.172436] ret_from_fork+0x10/0x20 [ 22.172516] [ 22.172607] Allocated by task 282: [ 22.172752] kasan_save_stack+0x3c/0x68 [ 22.172976] kasan_save_track+0x20/0x40 [ 22.173111] kasan_save_alloc_info+0x40/0x58 [ 22.173322] __kasan_kmalloc+0xd4/0xd8 [ 22.173579] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.173635] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.173991] kunit_try_run_case+0x170/0x3f0 [ 22.174114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.174194] kthread+0x328/0x630 [ 22.174275] ret_from_fork+0x10/0x20 [ 22.174429] [ 22.174501] The buggy address belongs to the object at fff00000c6e98800 [ 22.174501] which belongs to the cache kmalloc-128 of size 128 [ 22.174704] The buggy address is located 0 bytes to the right of [ 22.174704] allocated 120-byte region [fff00000c6e98800, fff00000c6e98878) [ 22.174925] [ 22.174963] The buggy address belongs to the physical page: [ 22.175141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.175210] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.175509] page_type: f5(slab) [ 22.175776] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.175857] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.176050] page dumped because: kasan: bad access detected [ 22.176119] [ 22.176265] Memory state around the buggy address: [ 22.176329] fff00000c6e98700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.176433] fff00000c6e98780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.176523] >fff00000c6e98800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.176566] ^ [ 22.176763] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.176819] fff00000c6e98900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.177358] ================================================================== [ 22.179329] ================================================================== [ 22.179412] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 22.179473] Write of size 8 at addr fff00000c6e98878 by task kunit_try_catch/282 [ 22.179593] [ 22.179645] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.179734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.179764] Hardware name: linux,dummy-virt (DT) [ 22.179796] Call trace: [ 22.179831] show_stack+0x20/0x38 (C) [ 22.179888] dump_stack_lvl+0x8c/0xd0 [ 22.179948] print_report+0x118/0x608 [ 22.179998] kasan_report+0xdc/0x128 [ 22.180517] kasan_check_range+0x100/0x1a8 [ 22.180610] __kasan_check_write+0x20/0x30 [ 22.180664] copy_to_kernel_nofault+0x8c/0x250 [ 22.180715] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 22.181013] kunit_try_run_case+0x170/0x3f0 [ 22.181227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.181485] kthread+0x328/0x630 [ 22.181652] ret_from_fork+0x10/0x20 [ 22.181809] [ 22.181833] Allocated by task 282: [ 22.181908] kasan_save_stack+0x3c/0x68 [ 22.182128] kasan_save_track+0x20/0x40 [ 22.182379] kasan_save_alloc_info+0x40/0x58 [ 22.182537] __kasan_kmalloc+0xd4/0xd8 [ 22.182583] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.182664] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.182878] kunit_try_run_case+0x170/0x3f0 [ 22.182961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.183286] kthread+0x328/0x630 [ 22.183558] ret_from_fork+0x10/0x20 [ 22.183912] [ 22.184172] The buggy address belongs to the object at fff00000c6e98800 [ 22.184172] which belongs to the cache kmalloc-128 of size 128 [ 22.184424] The buggy address is located 0 bytes to the right of [ 22.184424] allocated 120-byte region [fff00000c6e98800, fff00000c6e98878) [ 22.184758] [ 22.184866] The buggy address belongs to the physical page: [ 22.184948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e98 [ 22.185358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.185497] page_type: f5(slab) [ 22.185540] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.185642] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.185722] page dumped because: kasan: bad access detected [ 22.186023] [ 22.186252] Memory state around the buggy address: [ 22.186466] fff00000c6e98700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.186520] fff00000c6e98780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.186929] >fff00000c6e98800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.187094] ^ [ 22.187146] fff00000c6e98880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.187352] fff00000c6e98900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.187616] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 22.109891] ================================================================== [ 22.109963] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 22.110790] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270 [ 22.110883] [ 22.110956] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.111046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.111131] Hardware name: linux,dummy-virt (DT) [ 22.111188] Call trace: [ 22.111216] show_stack+0x20/0x38 (C) [ 22.111271] dump_stack_lvl+0x8c/0xd0 [ 22.111462] print_report+0x310/0x608 [ 22.111527] kasan_report+0xdc/0x128 [ 22.111680] __asan_report_load1_noabort+0x20/0x30 [ 22.111950] vmalloc_oob+0x578/0x5d0 [ 22.112176] kunit_try_run_case+0x170/0x3f0 [ 22.112282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.112462] kthread+0x328/0x630 [ 22.112692] ret_from_fork+0x10/0x20 [ 22.112793] [ 22.112853] The buggy address belongs to the virtual mapping at [ 22.112853] [ffff8000800fe000, ffff800080100000) created by: [ 22.112853] vmalloc_oob+0x98/0x5d0 [ 22.112943] [ 22.112974] The buggy address belongs to the physical page: [ 22.113020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106eaf [ 22.113391] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.113832] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.113965] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.114152] page dumped because: kasan: bad access detected [ 22.114386] [ 22.114545] Memory state around the buggy address: [ 22.114642] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.114725] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.114791] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.114917] ^ [ 22.114992] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.115100] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.115159] ================================================================== [ 22.115967] ================================================================== [ 22.116020] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 22.116527] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270 [ 22.116664] [ 22.116742] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.116922] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.117011] Hardware name: linux,dummy-virt (DT) [ 22.117046] Call trace: [ 22.117075] show_stack+0x20/0x38 (C) [ 22.117434] dump_stack_lvl+0x8c/0xd0 [ 22.117542] print_report+0x310/0x608 [ 22.117616] kasan_report+0xdc/0x128 [ 22.117739] __asan_report_load1_noabort+0x20/0x30 [ 22.117830] vmalloc_oob+0x51c/0x5d0 [ 22.117920] kunit_try_run_case+0x170/0x3f0 [ 22.118026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.118096] kthread+0x328/0x630 [ 22.118292] ret_from_fork+0x10/0x20 [ 22.118359] [ 22.118509] The buggy address belongs to the virtual mapping at [ 22.118509] [ffff8000800fe000, ffff800080100000) created by: [ 22.118509] vmalloc_oob+0x98/0x5d0 [ 22.118600] [ 22.118701] The buggy address belongs to the physical page: [ 22.118738] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106eaf [ 22.118812] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.118879] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.118932] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.118975] page dumped because: kasan: bad access detected [ 22.119017] [ 22.119038] Memory state around the buggy address: [ 22.119087] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.119133] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.119188] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.119250] ^ [ 22.119304] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.119350] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.119669] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 22.011638] ================================================================== [ 22.011691] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 22.011746] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.011806] [ 22.011844] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.011998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.012052] Hardware name: linux,dummy-virt (DT) [ 22.012104] Call trace: [ 22.012207] show_stack+0x20/0x38 (C) [ 22.012315] dump_stack_lvl+0x8c/0xd0 [ 22.012415] print_report+0x118/0x608 [ 22.012481] kasan_report+0xdc/0x128 [ 22.012551] __asan_report_load8_noabort+0x20/0x30 [ 22.012793] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 22.012966] kasan_bitops_generic+0x11c/0x1c8 [ 22.013093] kunit_try_run_case+0x170/0x3f0 [ 22.013180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.013285] kthread+0x328/0x630 [ 22.013479] ret_from_fork+0x10/0x20 [ 22.013673] [ 22.013745] Allocated by task 262: [ 22.013872] kasan_save_stack+0x3c/0x68 [ 22.013957] kasan_save_track+0x20/0x40 [ 22.014044] kasan_save_alloc_info+0x40/0x58 [ 22.014130] __kasan_kmalloc+0xd4/0xd8 [ 22.014197] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.014279] kasan_bitops_generic+0xa0/0x1c8 [ 22.014360] kunit_try_run_case+0x170/0x3f0 [ 22.014464] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.014582] kthread+0x328/0x630 [ 22.014647] ret_from_fork+0x10/0x20 [ 22.014687] [ 22.014749] The buggy address belongs to the object at fff00000c63901c0 [ 22.014749] which belongs to the cache kmalloc-16 of size 16 [ 22.015073] The buggy address is located 8 bytes inside of [ 22.015073] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.015165] [ 22.015266] The buggy address belongs to the physical page: [ 22.015343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.015429] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.015543] page_type: f5(slab) [ 22.015615] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.015745] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.015823] page dumped because: kasan: bad access detected [ 22.015888] [ 22.015909] Memory state around the buggy address: [ 22.015943] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.016166] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.016227] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.016311] ^ [ 22.016530] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.016580] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.016623] ================================================================== [ 22.020468] ================================================================== [ 22.020518] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 22.020572] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.020624] [ 22.020653] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.020736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.020766] Hardware name: linux,dummy-virt (DT) [ 22.020799] Call trace: [ 22.020823] show_stack+0x20/0x38 (C) [ 22.020873] dump_stack_lvl+0x8c/0xd0 [ 22.020923] print_report+0x118/0x608 [ 22.020971] kasan_report+0xdc/0x128 [ 22.021021] __asan_report_load8_noabort+0x20/0x30 [ 22.021081] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 22.021138] kasan_bitops_generic+0x11c/0x1c8 [ 22.021189] kunit_try_run_case+0x170/0x3f0 [ 22.021238] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.021295] kthread+0x328/0x630 [ 22.021340] ret_from_fork+0x10/0x20 [ 22.021390] [ 22.021442] Allocated by task 262: [ 22.021471] kasan_save_stack+0x3c/0x68 [ 22.021545] kasan_save_track+0x20/0x40 [ 22.021587] kasan_save_alloc_info+0x40/0x58 [ 22.021664] __kasan_kmalloc+0xd4/0xd8 [ 22.021741] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.021846] kasan_bitops_generic+0xa0/0x1c8 [ 22.021922] kunit_try_run_case+0x170/0x3f0 [ 22.021992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.022083] kthread+0x328/0x630 [ 22.022153] ret_from_fork+0x10/0x20 [ 22.022255] [ 22.022313] The buggy address belongs to the object at fff00000c63901c0 [ 22.022313] which belongs to the cache kmalloc-16 of size 16 [ 22.022441] The buggy address is located 8 bytes inside of [ 22.022441] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.022556] [ 22.022704] The buggy address belongs to the physical page: [ 22.022738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.022921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.023044] page_type: f5(slab) [ 22.023122] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.023179] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.023342] page dumped because: kasan: bad access detected [ 22.023429] [ 22.023552] Memory state around the buggy address: [ 22.023670] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.023736] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.023802] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.023898] ^ [ 22.023966] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.024094] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.024179] ================================================================== [ 22.024826] ================================================================== [ 22.024877] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 22.024928] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.025200] [ 22.025260] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.025372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.025435] Hardware name: linux,dummy-virt (DT) [ 22.025470] Call trace: [ 22.025510] show_stack+0x20/0x38 (C) [ 22.025563] dump_stack_lvl+0x8c/0xd0 [ 22.025610] print_report+0x118/0x608 [ 22.025690] kasan_report+0xdc/0x128 [ 22.025756] kasan_check_range+0x100/0x1a8 [ 22.025808] __kasan_check_write+0x20/0x30 [ 22.025968] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 22.026029] kasan_bitops_generic+0x11c/0x1c8 [ 22.026104] kunit_try_run_case+0x170/0x3f0 [ 22.026174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.026277] kthread+0x328/0x630 [ 22.026322] ret_from_fork+0x10/0x20 [ 22.026390] [ 22.026440] Allocated by task 262: [ 22.026472] kasan_save_stack+0x3c/0x68 [ 22.026530] kasan_save_track+0x20/0x40 [ 22.026573] kasan_save_alloc_info+0x40/0x58 [ 22.026632] __kasan_kmalloc+0xd4/0xd8 [ 22.026675] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.026717] kasan_bitops_generic+0xa0/0x1c8 [ 22.026877] kunit_try_run_case+0x170/0x3f0 [ 22.026929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.026977] kthread+0x328/0x630 [ 22.027073] ret_from_fork+0x10/0x20 [ 22.027134] [ 22.027163] The buggy address belongs to the object at fff00000c63901c0 [ 22.027163] which belongs to the cache kmalloc-16 of size 16 [ 22.027225] The buggy address is located 8 bytes inside of [ 22.027225] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.027296] [ 22.027319] The buggy address belongs to the physical page: [ 22.027351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.027509] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.027580] page_type: f5(slab) [ 22.027726] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.027798] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.027864] page dumped because: kasan: bad access detected [ 22.027899] [ 22.027935] Memory state around the buggy address: [ 22.027971] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.028017] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.028077] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.028126] ^ [ 22.028181] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.028236] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.028278] ================================================================== [ 22.017032] ================================================================== [ 22.017091] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 22.017143] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.017195] [ 22.017224] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.017309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.017338] Hardware name: linux,dummy-virt (DT) [ 22.017371] Call trace: [ 22.017395] show_stack+0x20/0x38 (C) [ 22.017474] dump_stack_lvl+0x8c/0xd0 [ 22.017522] print_report+0x118/0x608 [ 22.017572] kasan_report+0xdc/0x128 [ 22.017619] kasan_check_range+0x100/0x1a8 [ 22.017670] __kasan_check_write+0x20/0x30 [ 22.017718] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 22.017775] kasan_bitops_generic+0x11c/0x1c8 [ 22.017825] kunit_try_run_case+0x170/0x3f0 [ 22.017875] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.017932] kthread+0x328/0x630 [ 22.017978] ret_from_fork+0x10/0x20 [ 22.018029] [ 22.018050] Allocated by task 262: [ 22.018081] kasan_save_stack+0x3c/0x68 [ 22.018124] kasan_save_track+0x20/0x40 [ 22.018183] kasan_save_alloc_info+0x40/0x58 [ 22.018232] __kasan_kmalloc+0xd4/0xd8 [ 22.018273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.018315] kasan_bitops_generic+0xa0/0x1c8 [ 22.018357] kunit_try_run_case+0x170/0x3f0 [ 22.018409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.018456] kthread+0x328/0x630 [ 22.018492] ret_from_fork+0x10/0x20 [ 22.018531] [ 22.018551] The buggy address belongs to the object at fff00000c63901c0 [ 22.018551] which belongs to the cache kmalloc-16 of size 16 [ 22.018617] The buggy address is located 8 bytes inside of [ 22.018617] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.018688] [ 22.018710] The buggy address belongs to the physical page: [ 22.018744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.018800] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.018850] page_type: f5(slab) [ 22.018888] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.018942] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.018987] page dumped because: kasan: bad access detected [ 22.019021] [ 22.019050] Memory state around the buggy address: [ 22.019085] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.019130] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.019173] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.019214] ^ [ 22.019251] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.019296] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.019346] ================================================================== [ 22.028851] ================================================================== [ 22.028931] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 22.028985] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.029039] [ 22.029099] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.029183] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.029211] Hardware name: linux,dummy-virt (DT) [ 22.029245] Call trace: [ 22.029365] show_stack+0x20/0x38 (C) [ 22.029451] dump_stack_lvl+0x8c/0xd0 [ 22.029573] print_report+0x118/0x608 [ 22.029633] kasan_report+0xdc/0x128 [ 22.029691] __asan_report_load8_noabort+0x20/0x30 [ 22.029765] kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 22.029858] kasan_bitops_generic+0x11c/0x1c8 [ 22.029914] kunit_try_run_case+0x170/0x3f0 [ 22.029967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.030023] kthread+0x328/0x630 [ 22.030190] ret_from_fork+0x10/0x20 [ 22.030242] [ 22.030262] Allocated by task 262: [ 22.030291] kasan_save_stack+0x3c/0x68 [ 22.030334] kasan_save_track+0x20/0x40 [ 22.030391] kasan_save_alloc_info+0x40/0x58 [ 22.030447] __kasan_kmalloc+0xd4/0xd8 [ 22.030514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.030557] kasan_bitops_generic+0xa0/0x1c8 [ 22.030616] kunit_try_run_case+0x170/0x3f0 [ 22.030689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.030735] kthread+0x328/0x630 [ 22.030771] ret_from_fork+0x10/0x20 [ 22.030808] [ 22.030837] The buggy address belongs to the object at fff00000c63901c0 [ 22.030837] which belongs to the cache kmalloc-16 of size 16 [ 22.031024] The buggy address is located 8 bytes inside of [ 22.031024] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.031121] [ 22.031245] The buggy address belongs to the physical page: [ 22.031312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.031387] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.031457] page_type: f5(slab) [ 22.031498] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.031552] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.031622] page dumped because: kasan: bad access detected [ 22.031657] [ 22.031682] Memory state around the buggy address: [ 22.031716] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.031861] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.031928] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.032075] ^ [ 22.032127] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.032190] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.032274] ================================================================== [ 22.039989] ================================================================== [ 22.040030] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 22.040077] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.040129] [ 22.040160] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.040299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.040554] Hardware name: linux,dummy-virt (DT) [ 22.040592] Call trace: [ 22.040617] show_stack+0x20/0x38 (C) [ 22.040671] dump_stack_lvl+0x8c/0xd0 [ 22.040720] print_report+0x118/0x608 [ 22.040768] kasan_report+0xdc/0x128 [ 22.040817] __asan_report_load8_noabort+0x20/0x30 [ 22.040870] kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 22.040928] kasan_bitops_generic+0x11c/0x1c8 [ 22.040980] kunit_try_run_case+0x170/0x3f0 [ 22.041030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.041097] kthread+0x328/0x630 [ 22.041142] ret_from_fork+0x10/0x20 [ 22.041191] [ 22.041213] Allocated by task 262: [ 22.041243] kasan_save_stack+0x3c/0x68 [ 22.041287] kasan_save_track+0x20/0x40 [ 22.041328] kasan_save_alloc_info+0x40/0x58 [ 22.041370] __kasan_kmalloc+0xd4/0xd8 [ 22.041424] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.041466] kasan_bitops_generic+0xa0/0x1c8 [ 22.041507] kunit_try_run_case+0x170/0x3f0 [ 22.041548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.041594] kthread+0x328/0x630 [ 22.041630] ret_from_fork+0x10/0x20 [ 22.041671] [ 22.041691] The buggy address belongs to the object at fff00000c63901c0 [ 22.041691] which belongs to the cache kmalloc-16 of size 16 [ 22.041751] The buggy address is located 8 bytes inside of [ 22.041751] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.041817] [ 22.041838] The buggy address belongs to the physical page: [ 22.041871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.041927] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.041979] page_type: f5(slab) [ 22.042017] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.042073] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.042117] page dumped because: kasan: bad access detected [ 22.042151] [ 22.042171] Memory state around the buggy address: [ 22.042204] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.042249] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.042295] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.042334] ^ [ 22.042371] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.044319] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.044368] ================================================================== [ 22.008163] ================================================================== [ 22.008225] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 22.008281] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.008333] [ 22.008367] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.008468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.008497] Hardware name: linux,dummy-virt (DT) [ 22.008529] Call trace: [ 22.008555] show_stack+0x20/0x38 (C) [ 22.008606] dump_stack_lvl+0x8c/0xd0 [ 22.008655] print_report+0x118/0x608 [ 22.008702] kasan_report+0xdc/0x128 [ 22.008751] kasan_check_range+0x100/0x1a8 [ 22.008800] __kasan_check_write+0x20/0x30 [ 22.008847] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 22.008905] kasan_bitops_generic+0x11c/0x1c8 [ 22.008955] kunit_try_run_case+0x170/0x3f0 [ 22.009004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.009059] kthread+0x328/0x630 [ 22.009114] ret_from_fork+0x10/0x20 [ 22.009164] [ 22.009187] Allocated by task 262: [ 22.009217] kasan_save_stack+0x3c/0x68 [ 22.009261] kasan_save_track+0x20/0x40 [ 22.009302] kasan_save_alloc_info+0x40/0x58 [ 22.009345] __kasan_kmalloc+0xd4/0xd8 [ 22.009384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.009467] kasan_bitops_generic+0xa0/0x1c8 [ 22.009509] kunit_try_run_case+0x170/0x3f0 [ 22.009729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.009791] kthread+0x328/0x630 [ 22.009827] ret_from_fork+0x10/0x20 [ 22.009870] [ 22.009892] The buggy address belongs to the object at fff00000c63901c0 [ 22.009892] which belongs to the cache kmalloc-16 of size 16 [ 22.009956] The buggy address is located 8 bytes inside of [ 22.009956] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.010100] [ 22.010137] The buggy address belongs to the physical page: [ 22.010172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.010232] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.010322] page_type: f5(slab) [ 22.010373] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.010591] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.010635] page dumped because: kasan: bad access detected [ 22.010701] [ 22.010802] Memory state around the buggy address: [ 22.010844] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.010930] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.011006] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.011047] ^ [ 22.011099] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.011144] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.011186] ================================================================== [ 22.032647] ================================================================== [ 22.032696] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 22.032748] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.032944] [ 22.033000] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.033143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.033175] Hardware name: linux,dummy-virt (DT) [ 22.033215] Call trace: [ 22.033268] show_stack+0x20/0x38 (C) [ 22.033321] dump_stack_lvl+0x8c/0xd0 [ 22.033388] print_report+0x118/0x608 [ 22.033480] kasan_report+0xdc/0x128 [ 22.033535] kasan_check_range+0x100/0x1a8 [ 22.033587] __kasan_check_write+0x20/0x30 [ 22.033749] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 22.033811] kasan_bitops_generic+0x11c/0x1c8 [ 22.033861] kunit_try_run_case+0x170/0x3f0 [ 22.033929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.034068] kthread+0x328/0x630 [ 22.034150] ret_from_fork+0x10/0x20 [ 22.034217] [ 22.034245] Allocated by task 262: [ 22.034293] kasan_save_stack+0x3c/0x68 [ 22.034377] kasan_save_track+0x20/0x40 [ 22.034454] kasan_save_alloc_info+0x40/0x58 [ 22.034498] __kasan_kmalloc+0xd4/0xd8 [ 22.034540] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.034581] kasan_bitops_generic+0xa0/0x1c8 [ 22.034638] kunit_try_run_case+0x170/0x3f0 [ 22.034680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.034725] kthread+0x328/0x630 [ 22.034884] ret_from_fork+0x10/0x20 [ 22.034952] [ 22.035048] The buggy address belongs to the object at fff00000c63901c0 [ 22.035048] which belongs to the cache kmalloc-16 of size 16 [ 22.035114] The buggy address is located 8 bytes inside of [ 22.035114] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.035198] [ 22.035249] The buggy address belongs to the physical page: [ 22.035283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.035338] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.035388] page_type: f5(slab) [ 22.035436] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.035576] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.035639] page dumped because: kasan: bad access detected [ 22.035698] [ 22.035724] Memory state around the buggy address: [ 22.035801] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.035864] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.035910] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.035956] ^ [ 22.036011] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.036085] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.036162] ================================================================== [ 22.036542] ================================================================== [ 22.036598] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 22.036700] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.036775] [ 22.036824] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.036909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.036938] Hardware name: linux,dummy-virt (DT) [ 22.037083] Call trace: [ 22.037131] show_stack+0x20/0x38 (C) [ 22.037191] dump_stack_lvl+0x8c/0xd0 [ 22.037316] print_report+0x118/0x608 [ 22.037387] kasan_report+0xdc/0x128 [ 22.037455] __asan_report_load8_noabort+0x20/0x30 [ 22.037536] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 22.037596] kasan_bitops_generic+0x11c/0x1c8 [ 22.037663] kunit_try_run_case+0x170/0x3f0 [ 22.037716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.037784] kthread+0x328/0x630 [ 22.037829] ret_from_fork+0x10/0x20 [ 22.037881] [ 22.037901] Allocated by task 262: [ 22.037933] kasan_save_stack+0x3c/0x68 [ 22.038003] kasan_save_track+0x20/0x40 [ 22.038050] kasan_save_alloc_info+0x40/0x58 [ 22.038094] __kasan_kmalloc+0xd4/0xd8 [ 22.038134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.038276] kasan_bitops_generic+0xa0/0x1c8 [ 22.038326] kunit_try_run_case+0x170/0x3f0 [ 22.038482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.038560] kthread+0x328/0x630 [ 22.038624] ret_from_fork+0x10/0x20 [ 22.038671] [ 22.038695] The buggy address belongs to the object at fff00000c63901c0 [ 22.038695] which belongs to the cache kmalloc-16 of size 16 [ 22.038760] The buggy address is located 8 bytes inside of [ 22.038760] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.038855] [ 22.038906] The buggy address belongs to the physical page: [ 22.038955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.039029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.039083] page_type: f5(slab) [ 22.039238] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.039291] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.039457] page dumped because: kasan: bad access detected [ 22.039509] [ 22.039547] Memory state around the buggy address: [ 22.039582] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.039647] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.039711] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.039753] ^ [ 22.039791] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.039836] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.039879] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.938848] ================================================================== [ 21.938932] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.939178] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.939308] [ 21.939365] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.939550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.939586] Hardware name: linux,dummy-virt (DT) [ 21.939636] Call trace: [ 21.939663] show_stack+0x20/0x38 (C) [ 21.939765] dump_stack_lvl+0x8c/0xd0 [ 21.939852] print_report+0x118/0x608 [ 21.939905] kasan_report+0xdc/0x128 [ 21.939973] kasan_check_range+0x100/0x1a8 [ 21.940327] __kasan_check_write+0x20/0x30 [ 21.940411] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.940564] kasan_bitops_generic+0x110/0x1c8 [ 21.940654] kunit_try_run_case+0x170/0x3f0 [ 21.941029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.941277] kthread+0x328/0x630 [ 21.941420] ret_from_fork+0x10/0x20 [ 21.941631] [ 21.941712] Allocated by task 262: [ 21.941842] kasan_save_stack+0x3c/0x68 [ 21.941917] kasan_save_track+0x20/0x40 [ 21.942171] kasan_save_alloc_info+0x40/0x58 [ 21.942327] __kasan_kmalloc+0xd4/0xd8 [ 21.942492] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.942569] kasan_bitops_generic+0xa0/0x1c8 [ 21.942657] kunit_try_run_case+0x170/0x3f0 [ 21.942781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.942850] kthread+0x328/0x630 [ 21.942905] ret_from_fork+0x10/0x20 [ 21.943238] [ 21.943344] The buggy address belongs to the object at fff00000c63901c0 [ 21.943344] which belongs to the cache kmalloc-16 of size 16 [ 21.943459] The buggy address is located 8 bytes inside of [ 21.943459] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.943612] [ 21.943646] The buggy address belongs to the physical page: [ 21.943680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.943760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.943822] page_type: f5(slab) [ 21.943864] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.943916] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.943969] page dumped because: kasan: bad access detected [ 21.944013] [ 21.944043] Memory state around the buggy address: [ 21.944255] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.944326] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.944508] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.944555] ^ [ 21.944595] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.944849] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.944985] ================================================================== [ 21.988350] ================================================================== [ 21.988601] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 21.988678] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.988774] [ 21.988811] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.988897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.989041] Hardware name: linux,dummy-virt (DT) [ 21.989081] Call trace: [ 21.989106] show_stack+0x20/0x38 (C) [ 21.989161] dump_stack_lvl+0x8c/0xd0 [ 21.989284] print_report+0x118/0x608 [ 21.989356] kasan_report+0xdc/0x128 [ 21.989606] kasan_check_range+0x100/0x1a8 [ 21.989734] __kasan_check_write+0x20/0x30 [ 21.989792] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 21.989855] kasan_bitops_generic+0x110/0x1c8 [ 21.989960] kunit_try_run_case+0x170/0x3f0 [ 21.990034] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.990100] kthread+0x328/0x630 [ 21.990292] ret_from_fork+0x10/0x20 [ 21.990426] [ 21.990509] Allocated by task 262: [ 21.990559] kasan_save_stack+0x3c/0x68 [ 21.990612] kasan_save_track+0x20/0x40 [ 21.990715] kasan_save_alloc_info+0x40/0x58 [ 21.990763] __kasan_kmalloc+0xd4/0xd8 [ 21.990809] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.990851] kasan_bitops_generic+0xa0/0x1c8 [ 21.991152] kunit_try_run_case+0x170/0x3f0 [ 21.991220] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.991340] kthread+0x328/0x630 [ 21.991382] ret_from_fork+0x10/0x20 [ 21.991449] [ 21.991587] The buggy address belongs to the object at fff00000c63901c0 [ 21.991587] which belongs to the cache kmalloc-16 of size 16 [ 21.991729] The buggy address is located 8 bytes inside of [ 21.991729] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.991855] [ 21.991881] The buggy address belongs to the physical page: [ 21.991930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.991990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.992187] page_type: f5(slab) [ 21.992440] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.992517] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.992595] page dumped because: kasan: bad access detected [ 21.992704] [ 21.992772] Memory state around the buggy address: [ 21.992815] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.993092] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.993179] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.993221] ^ [ 21.993259] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.993304] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.993346] ================================================================== [ 21.954595] ================================================================== [ 21.954840] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.955161] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.955244] [ 21.955307] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.955395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.955605] Hardware name: linux,dummy-virt (DT) [ 21.955722] Call trace: [ 21.955798] show_stack+0x20/0x38 (C) [ 21.955873] dump_stack_lvl+0x8c/0xd0 [ 21.955930] print_report+0x118/0x608 [ 21.955978] kasan_report+0xdc/0x128 [ 21.956163] kasan_check_range+0x100/0x1a8 [ 21.956337] __kasan_check_write+0x20/0x30 [ 21.956425] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.956551] kasan_bitops_generic+0x110/0x1c8 [ 21.956607] kunit_try_run_case+0x170/0x3f0 [ 21.956662] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.956911] kthread+0x328/0x630 [ 21.957043] ret_from_fork+0x10/0x20 [ 21.957119] [ 21.957149] Allocated by task 262: [ 21.957180] kasan_save_stack+0x3c/0x68 [ 21.957224] kasan_save_track+0x20/0x40 [ 21.957265] kasan_save_alloc_info+0x40/0x58 [ 21.957307] __kasan_kmalloc+0xd4/0xd8 [ 21.957351] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.957430] kasan_bitops_generic+0xa0/0x1c8 [ 21.957475] kunit_try_run_case+0x170/0x3f0 [ 21.957517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.957566] kthread+0x328/0x630 [ 21.957620] ret_from_fork+0x10/0x20 [ 21.957659] [ 21.957682] The buggy address belongs to the object at fff00000c63901c0 [ 21.957682] which belongs to the cache kmalloc-16 of size 16 [ 21.957743] The buggy address is located 8 bytes inside of [ 21.957743] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.957807] [ 21.957846] The buggy address belongs to the physical page: [ 21.957880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.957947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.958010] page_type: f5(slab) [ 21.958051] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.958114] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.958161] page dumped because: kasan: bad access detected [ 21.958198] [ 21.958221] Memory state around the buggy address: [ 21.958271] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.958318] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.958364] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.958417] ^ [ 21.958464] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.958520] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.958577] ================================================================== [ 21.975038] ================================================================== [ 21.975159] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.975214] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.975315] [ 21.975374] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.975548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.975580] Hardware name: linux,dummy-virt (DT) [ 21.975623] Call trace: [ 21.975813] show_stack+0x20/0x38 (C) [ 21.975885] dump_stack_lvl+0x8c/0xd0 [ 21.976120] print_report+0x118/0x608 [ 21.976282] kasan_report+0xdc/0x128 [ 21.976391] kasan_check_range+0x100/0x1a8 [ 21.976572] __kasan_check_write+0x20/0x30 [ 21.976622] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.976859] kasan_bitops_generic+0x110/0x1c8 [ 21.977052] kunit_try_run_case+0x170/0x3f0 [ 21.977170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.977354] kthread+0x328/0x630 [ 21.977475] ret_from_fork+0x10/0x20 [ 21.977584] [ 21.977813] Allocated by task 262: [ 21.978016] kasan_save_stack+0x3c/0x68 [ 21.978206] kasan_save_track+0x20/0x40 [ 21.978249] kasan_save_alloc_info+0x40/0x58 [ 21.978436] __kasan_kmalloc+0xd4/0xd8 [ 21.978573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.978701] kasan_bitops_generic+0xa0/0x1c8 [ 21.978789] kunit_try_run_case+0x170/0x3f0 [ 21.978916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.979014] kthread+0x328/0x630 [ 21.979081] ret_from_fork+0x10/0x20 [ 21.979178] [ 21.979202] The buggy address belongs to the object at fff00000c63901c0 [ 21.979202] which belongs to the cache kmalloc-16 of size 16 [ 21.979456] The buggy address is located 8 bytes inside of [ 21.979456] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.979655] [ 21.979760] The buggy address belongs to the physical page: [ 21.979828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.979960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.980065] page_type: f5(slab) [ 21.980145] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.980201] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.980475] page dumped because: kasan: bad access detected [ 21.980617] [ 21.980648] Memory state around the buggy address: [ 21.980684] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.980731] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.980776] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.980831] ^ [ 21.980869] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.980916] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.980966] ================================================================== [ 22.000942] ================================================================== [ 22.000994] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 22.001047] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 22.001105] [ 22.001135] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.001218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.001248] Hardware name: linux,dummy-virt (DT) [ 22.001280] Call trace: [ 22.001303] show_stack+0x20/0x38 (C) [ 22.001354] dump_stack_lvl+0x8c/0xd0 [ 22.001414] print_report+0x118/0x608 [ 22.001465] kasan_report+0xdc/0x128 [ 22.001514] __asan_report_load8_noabort+0x20/0x30 [ 22.001568] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 22.001622] kasan_bitops_generic+0x110/0x1c8 [ 22.001675] kunit_try_run_case+0x170/0x3f0 [ 22.001725] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.001782] kthread+0x328/0x630 [ 22.001827] ret_from_fork+0x10/0x20 [ 22.001878] [ 22.001898] Allocated by task 262: [ 22.001928] kasan_save_stack+0x3c/0x68 [ 22.001971] kasan_save_track+0x20/0x40 [ 22.002012] kasan_save_alloc_info+0x40/0x58 [ 22.002055] __kasan_kmalloc+0xd4/0xd8 [ 22.002095] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.002136] kasan_bitops_generic+0xa0/0x1c8 [ 22.002177] kunit_try_run_case+0x170/0x3f0 [ 22.002217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.002263] kthread+0x328/0x630 [ 22.002299] ret_from_fork+0x10/0x20 [ 22.002337] [ 22.002357] The buggy address belongs to the object at fff00000c63901c0 [ 22.002357] which belongs to the cache kmalloc-16 of size 16 [ 22.003508] The buggy address is located 8 bytes inside of [ 22.003508] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 22.003594] [ 22.003615] The buggy address belongs to the physical page: [ 22.003649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 22.003714] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.003765] page_type: f5(slab) [ 22.003806] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.003859] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.003902] page dumped because: kasan: bad access detected [ 22.003934] [ 22.003953] Memory state around the buggy address: [ 22.003987] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 22.004034] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.005087] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.005132] ^ [ 22.005172] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.005530] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.005580] ================================================================== [ 21.947748] ================================================================== [ 21.947822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.947897] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.947952] [ 21.948227] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.948442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.948507] Hardware name: linux,dummy-virt (DT) [ 21.948888] Call trace: [ 21.948920] show_stack+0x20/0x38 (C) [ 21.948978] dump_stack_lvl+0x8c/0xd0 [ 21.949036] print_report+0x118/0x608 [ 21.949092] kasan_report+0xdc/0x128 [ 21.949204] __asan_report_load8_noabort+0x20/0x30 [ 21.949563] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.949670] kasan_bitops_generic+0x110/0x1c8 [ 21.949811] kunit_try_run_case+0x170/0x3f0 [ 21.949871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.949934] kthread+0x328/0x630 [ 21.949981] ret_from_fork+0x10/0x20 [ 21.950030] [ 21.950051] Allocated by task 262: [ 21.950083] kasan_save_stack+0x3c/0x68 [ 21.950137] kasan_save_track+0x20/0x40 [ 21.950178] kasan_save_alloc_info+0x40/0x58 [ 21.950220] __kasan_kmalloc+0xd4/0xd8 [ 21.950270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.950312] kasan_bitops_generic+0xa0/0x1c8 [ 21.950361] kunit_try_run_case+0x170/0x3f0 [ 21.950541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.950825] kthread+0x328/0x630 [ 21.951024] ret_from_fork+0x10/0x20 [ 21.951236] [ 21.951458] The buggy address belongs to the object at fff00000c63901c0 [ 21.951458] which belongs to the cache kmalloc-16 of size 16 [ 21.951601] The buggy address is located 8 bytes inside of [ 21.951601] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.951670] [ 21.951694] The buggy address belongs to the physical page: [ 21.951903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.952220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.952346] page_type: f5(slab) [ 21.952436] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.952569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.952658] page dumped because: kasan: bad access detected [ 21.952757] [ 21.952817] Memory state around the buggy address: [ 21.952972] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.953058] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.953186] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.953263] ^ [ 21.953303] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.953349] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.953544] ================================================================== [ 21.960349] ================================================================== [ 21.960411] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.960467] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.960886] [ 21.960934] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.961108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.961168] Hardware name: linux,dummy-virt (DT) [ 21.961365] Call trace: [ 21.961462] show_stack+0x20/0x38 (C) [ 21.961583] dump_stack_lvl+0x8c/0xd0 [ 21.961848] print_report+0x118/0x608 [ 21.961978] kasan_report+0xdc/0x128 [ 21.962065] __asan_report_load8_noabort+0x20/0x30 [ 21.962215] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.962311] kasan_bitops_generic+0x110/0x1c8 [ 21.962716] kunit_try_run_case+0x170/0x3f0 [ 21.962804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.962919] kthread+0x328/0x630 [ 21.963016] ret_from_fork+0x10/0x20 [ 21.963170] [ 21.963278] Allocated by task 262: [ 21.963336] kasan_save_stack+0x3c/0x68 [ 21.963459] kasan_save_track+0x20/0x40 [ 21.963541] kasan_save_alloc_info+0x40/0x58 [ 21.963618] __kasan_kmalloc+0xd4/0xd8 [ 21.963786] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.963947] kasan_bitops_generic+0xa0/0x1c8 [ 21.964068] kunit_try_run_case+0x170/0x3f0 [ 21.964236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.964361] kthread+0x328/0x630 [ 21.964457] ret_from_fork+0x10/0x20 [ 21.964589] [ 21.964612] The buggy address belongs to the object at fff00000c63901c0 [ 21.964612] which belongs to the cache kmalloc-16 of size 16 [ 21.964683] The buggy address is located 8 bytes inside of [ 21.964683] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.964921] [ 21.965089] The buggy address belongs to the physical page: [ 21.965212] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.965327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.965472] page_type: f5(slab) [ 21.965556] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.965654] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.965699] page dumped because: kasan: bad access detected [ 21.965773] [ 21.965926] Memory state around the buggy address: [ 21.966055] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.966129] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.966376] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.966527] ^ [ 21.966601] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.966738] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.966815] ================================================================== [ 21.982320] ================================================================== [ 21.982490] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.982578] Read of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.982633] [ 21.982697] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.983030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.983075] Hardware name: linux,dummy-virt (DT) [ 21.983110] Call trace: [ 21.983173] show_stack+0x20/0x38 (C) [ 21.983259] dump_stack_lvl+0x8c/0xd0 [ 21.983508] print_report+0x118/0x608 [ 21.983725] kasan_report+0xdc/0x128 [ 21.984009] __asan_report_load8_noabort+0x20/0x30 [ 21.984148] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.984224] kasan_bitops_generic+0x110/0x1c8 [ 21.984367] kunit_try_run_case+0x170/0x3f0 [ 21.984514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.984632] kthread+0x328/0x630 [ 21.984762] ret_from_fork+0x10/0x20 [ 21.984819] [ 21.984839] Allocated by task 262: [ 21.984890] kasan_save_stack+0x3c/0x68 [ 21.984934] kasan_save_track+0x20/0x40 [ 21.984975] kasan_save_alloc_info+0x40/0x58 [ 21.985219] __kasan_kmalloc+0xd4/0xd8 [ 21.985446] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.985582] kasan_bitops_generic+0xa0/0x1c8 [ 21.985678] kunit_try_run_case+0x170/0x3f0 [ 21.985774] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.985831] kthread+0x328/0x630 [ 21.985878] ret_from_fork+0x10/0x20 [ 21.985916] [ 21.985938] The buggy address belongs to the object at fff00000c63901c0 [ 21.985938] which belongs to the cache kmalloc-16 of size 16 [ 21.986011] The buggy address is located 8 bytes inside of [ 21.986011] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.986075] [ 21.986101] The buggy address belongs to the physical page: [ 21.986144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.986202] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.986261] page_type: f5(slab) [ 21.986302] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.986355] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.986410] page dumped because: kasan: bad access detected [ 21.986443] [ 21.986462] Memory state around the buggy address: [ 21.986853] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.986989] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.987085] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.987167] ^ [ 21.987208] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.987273] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.987520] ================================================================== [ 21.993827] ================================================================== [ 21.993878] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 21.993929] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.993981] [ 21.994013] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.994097] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.994125] Hardware name: linux,dummy-virt (DT) [ 21.994157] Call trace: [ 21.994180] show_stack+0x20/0x38 (C) [ 21.994231] dump_stack_lvl+0x8c/0xd0 [ 21.994281] print_report+0x118/0x608 [ 21.994339] kasan_report+0xdc/0x128 [ 21.994389] kasan_check_range+0x100/0x1a8 [ 21.994798] __kasan_check_write+0x20/0x30 [ 21.995128] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 21.995195] kasan_bitops_generic+0x110/0x1c8 [ 21.995261] kunit_try_run_case+0x170/0x3f0 [ 21.995316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.995391] kthread+0x328/0x630 [ 21.995659] ret_from_fork+0x10/0x20 [ 21.995734] [ 21.995843] Allocated by task 262: [ 21.995878] kasan_save_stack+0x3c/0x68 [ 21.995924] kasan_save_track+0x20/0x40 [ 21.996016] kasan_save_alloc_info+0x40/0x58 [ 21.996104] __kasan_kmalloc+0xd4/0xd8 [ 21.996182] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.996438] kasan_bitops_generic+0xa0/0x1c8 [ 21.996535] kunit_try_run_case+0x170/0x3f0 [ 21.996663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.996737] kthread+0x328/0x630 [ 21.997022] ret_from_fork+0x10/0x20 [ 21.997383] [ 21.997482] The buggy address belongs to the object at fff00000c63901c0 [ 21.997482] which belongs to the cache kmalloc-16 of size 16 [ 21.997588] The buggy address is located 8 bytes inside of [ 21.997588] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.997751] [ 21.997830] The buggy address belongs to the physical page: [ 21.997919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.997989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.998180] page_type: f5(slab) [ 21.998389] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.998536] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.998617] page dumped because: kasan: bad access detected [ 21.998730] [ 21.998779] Memory state around the buggy address: [ 21.998947] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.999034] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.999383] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.999453] ^ [ 21.999554] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.999636] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.999702] ================================================================== [ 21.967757] ================================================================== [ 21.967813] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.968057] Write of size 8 at addr fff00000c63901c8 by task kunit_try_catch/262 [ 21.968203] [ 21.968284] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.968372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.968706] Hardware name: linux,dummy-virt (DT) [ 21.968809] Call trace: [ 21.968870] show_stack+0x20/0x38 (C) [ 21.968973] dump_stack_lvl+0x8c/0xd0 [ 21.969133] print_report+0x118/0x608 [ 21.969218] kasan_report+0xdc/0x128 [ 21.969351] kasan_check_range+0x100/0x1a8 [ 21.969445] __kasan_check_write+0x20/0x30 [ 21.969561] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.969628] kasan_bitops_generic+0x110/0x1c8 [ 21.969908] kunit_try_run_case+0x170/0x3f0 [ 21.970045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.970149] kthread+0x328/0x630 [ 21.970250] ret_from_fork+0x10/0x20 [ 21.970358] [ 21.970482] Allocated by task 262: [ 21.970571] kasan_save_stack+0x3c/0x68 [ 21.970901] kasan_save_track+0x20/0x40 [ 21.971021] kasan_save_alloc_info+0x40/0x58 [ 21.971107] __kasan_kmalloc+0xd4/0xd8 [ 21.971198] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.971357] kasan_bitops_generic+0xa0/0x1c8 [ 21.971481] kunit_try_run_case+0x170/0x3f0 [ 21.971550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.971736] kthread+0x328/0x630 [ 21.971860] ret_from_fork+0x10/0x20 [ 21.972003] [ 21.972055] The buggy address belongs to the object at fff00000c63901c0 [ 21.972055] which belongs to the cache kmalloc-16 of size 16 [ 21.972223] The buggy address is located 8 bytes inside of [ 21.972223] allocated 9-byte region [fff00000c63901c0, fff00000c63901c9) [ 21.972338] [ 21.972484] The buggy address belongs to the physical page: [ 21.972550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 21.972672] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.972725] page_type: f5(slab) [ 21.972776] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.972848] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.973044] page dumped because: kasan: bad access detected [ 21.973223] [ 21.973338] Memory state around the buggy address: [ 21.973426] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 21.973501] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.973617] >fff00000c6390180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.973660] ^ [ 21.973699] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.973891] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.974019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.923505] ================================================================== [ 21.923569] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 21.923809] Read of size 1 at addr fff00000c6e97810 by task kunit_try_catch/260 [ 21.923946] [ 21.923983] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.924213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.924261] Hardware name: linux,dummy-virt (DT) [ 21.924299] Call trace: [ 21.924326] show_stack+0x20/0x38 (C) [ 21.924534] dump_stack_lvl+0x8c/0xd0 [ 21.924638] print_report+0x118/0x608 [ 21.924764] kasan_report+0xdc/0x128 [ 21.924852] __asan_report_load1_noabort+0x20/0x30 [ 21.925080] strnlen+0x80/0x88 [ 21.925211] kasan_strings+0x478/0xb00 [ 21.925298] kunit_try_run_case+0x170/0x3f0 [ 21.925454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.925541] kthread+0x328/0x630 [ 21.925762] ret_from_fork+0x10/0x20 [ 21.925918] [ 21.925982] Allocated by task 260: [ 21.926115] kasan_save_stack+0x3c/0x68 [ 21.926193] kasan_save_track+0x20/0x40 [ 21.926304] kasan_save_alloc_info+0x40/0x58 [ 21.926356] __kasan_kmalloc+0xd4/0xd8 [ 21.926580] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.926734] kasan_strings+0xc8/0xb00 [ 21.926838] kunit_try_run_case+0x170/0x3f0 [ 21.926924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.927191] kthread+0x328/0x630 [ 21.927327] ret_from_fork+0x10/0x20 [ 21.927464] [ 21.927530] Freed by task 260: [ 21.927623] kasan_save_stack+0x3c/0x68 [ 21.927812] kasan_save_track+0x20/0x40 [ 21.927921] kasan_save_free_info+0x4c/0x78 [ 21.928056] __kasan_slab_free+0x6c/0x98 [ 21.928126] kfree+0x214/0x3c8 [ 21.928246] kasan_strings+0x24c/0xb00 [ 21.928325] kunit_try_run_case+0x170/0x3f0 [ 21.928528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.928648] kthread+0x328/0x630 [ 21.928816] ret_from_fork+0x10/0x20 [ 21.928880] [ 21.928955] The buggy address belongs to the object at fff00000c6e97800 [ 21.928955] which belongs to the cache kmalloc-32 of size 32 [ 21.929038] The buggy address is located 16 bytes inside of [ 21.929038] freed 32-byte region [fff00000c6e97800, fff00000c6e97820) [ 21.929123] [ 21.929147] The buggy address belongs to the physical page: [ 21.929190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e97 [ 21.929248] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.929311] page_type: f5(slab) [ 21.929353] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.929431] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.929477] page dumped because: kasan: bad access detected [ 21.929517] [ 21.929540] Memory state around the buggy address: [ 21.929584] fff00000c6e97700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.929631] fff00000c6e97780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.929677] >fff00000c6e97800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.929727] ^ [ 21.929759] fff00000c6e97880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.929805] fff00000c6e97900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.929848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 21.915190] ================================================================== [ 21.915242] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 21.915292] Read of size 1 at addr fff00000c6e97810 by task kunit_try_catch/260 [ 21.915345] [ 21.915375] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.915474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.915504] Hardware name: linux,dummy-virt (DT) [ 21.915750] Call trace: [ 21.916255] show_stack+0x20/0x38 (C) [ 21.916366] dump_stack_lvl+0x8c/0xd0 [ 21.916546] print_report+0x118/0x608 [ 21.916737] kasan_report+0xdc/0x128 [ 21.916863] __asan_report_load1_noabort+0x20/0x30 [ 21.916953] strlen+0xa8/0xb0 [ 21.917082] kasan_strings+0x418/0xb00 [ 21.917160] kunit_try_run_case+0x170/0x3f0 [ 21.917223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.917439] kthread+0x328/0x630 [ 21.917566] ret_from_fork+0x10/0x20 [ 21.917664] [ 21.917763] Allocated by task 260: [ 21.917823] kasan_save_stack+0x3c/0x68 [ 21.917889] kasan_save_track+0x20/0x40 [ 21.918189] kasan_save_alloc_info+0x40/0x58 [ 21.918319] __kasan_kmalloc+0xd4/0xd8 [ 21.918453] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.918523] kasan_strings+0xc8/0xb00 [ 21.918560] kunit_try_run_case+0x170/0x3f0 [ 21.918621] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.918877] kthread+0x328/0x630 [ 21.918998] ret_from_fork+0x10/0x20 [ 21.919067] [ 21.919138] Freed by task 260: [ 21.919284] kasan_save_stack+0x3c/0x68 [ 21.919347] kasan_save_track+0x20/0x40 [ 21.919612] kasan_save_free_info+0x4c/0x78 [ 21.919779] __kasan_slab_free+0x6c/0x98 [ 21.919856] kfree+0x214/0x3c8 [ 21.919979] kasan_strings+0x24c/0xb00 [ 21.920037] kunit_try_run_case+0x170/0x3f0 [ 21.920080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.920125] kthread+0x328/0x630 [ 21.920319] ret_from_fork+0x10/0x20 [ 21.920392] [ 21.920425] The buggy address belongs to the object at fff00000c6e97800 [ 21.920425] which belongs to the cache kmalloc-32 of size 32 [ 21.920592] The buggy address is located 16 bytes inside of [ 21.920592] freed 32-byte region [fff00000c6e97800, fff00000c6e97820) [ 21.920678] [ 21.920775] The buggy address belongs to the physical page: [ 21.920826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e97 [ 21.920913] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.921239] page_type: f5(slab) [ 21.921370] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.921521] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.921610] page dumped because: kasan: bad access detected [ 21.921830] [ 21.921870] Memory state around the buggy address: [ 21.921917] fff00000c6e97700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.921993] fff00000c6e97780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.922120] >fff00000c6e97800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.922175] ^ [ 21.922316] fff00000c6e97880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.922372] fff00000c6e97900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.922484] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.908499] ================================================================== [ 21.908845] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 21.908920] Read of size 1 at addr fff00000c6e97810 by task kunit_try_catch/260 [ 21.909026] [ 21.909088] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.909213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.909308] Hardware name: linux,dummy-virt (DT) [ 21.909362] Call trace: [ 21.909494] show_stack+0x20/0x38 (C) [ 21.909589] dump_stack_lvl+0x8c/0xd0 [ 21.909656] print_report+0x118/0x608 [ 21.909952] kasan_report+0xdc/0x128 [ 21.910088] __asan_report_load1_noabort+0x20/0x30 [ 21.910174] kasan_strings+0x95c/0xb00 [ 21.910311] kunit_try_run_case+0x170/0x3f0 [ 21.910564] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.910762] kthread+0x328/0x630 [ 21.910896] ret_from_fork+0x10/0x20 [ 21.910964] [ 21.910985] Allocated by task 260: [ 21.911048] kasan_save_stack+0x3c/0x68 [ 21.911218] kasan_save_track+0x20/0x40 [ 21.911372] kasan_save_alloc_info+0x40/0x58 [ 21.911531] __kasan_kmalloc+0xd4/0xd8 [ 21.911610] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.911715] kasan_strings+0xc8/0xb00 [ 21.911782] kunit_try_run_case+0x170/0x3f0 [ 21.911980] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.912087] kthread+0x328/0x630 [ 21.912139] ret_from_fork+0x10/0x20 [ 21.912293] [ 21.912323] Freed by task 260: [ 21.912472] kasan_save_stack+0x3c/0x68 [ 21.912646] kasan_save_track+0x20/0x40 [ 21.912722] kasan_save_free_info+0x4c/0x78 [ 21.912833] __kasan_slab_free+0x6c/0x98 [ 21.912920] kfree+0x214/0x3c8 [ 21.913055] kasan_strings+0x24c/0xb00 [ 21.913141] kunit_try_run_case+0x170/0x3f0 [ 21.913247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.913324] kthread+0x328/0x630 [ 21.913465] ret_from_fork+0x10/0x20 [ 21.913544] [ 21.913647] The buggy address belongs to the object at fff00000c6e97800 [ 21.913647] which belongs to the cache kmalloc-32 of size 32 [ 21.913746] The buggy address is located 16 bytes inside of [ 21.913746] freed 32-byte region [fff00000c6e97800, fff00000c6e97820) [ 21.913936] [ 21.913965] The buggy address belongs to the physical page: [ 21.913998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e97 [ 21.914101] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.914210] page_type: f5(slab) [ 21.914266] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.914319] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.914362] page dumped because: kasan: bad access detected [ 21.914407] [ 21.914428] Memory state around the buggy address: [ 21.914476] fff00000c6e97700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.914521] fff00000c6e97780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.914567] >fff00000c6e97800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.914608] ^ [ 21.914650] fff00000c6e97880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.914696] fff00000c6e97900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.914738] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.899690] ================================================================== [ 21.899825] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 21.899901] Read of size 1 at addr fff00000c6e97810 by task kunit_try_catch/260 [ 21.899955] [ 21.900373] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.900673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.900735] Hardware name: linux,dummy-virt (DT) [ 21.900933] Call trace: [ 21.901115] show_stack+0x20/0x38 (C) [ 21.901267] dump_stack_lvl+0x8c/0xd0 [ 21.901501] print_report+0x118/0x608 [ 21.901642] kasan_report+0xdc/0x128 [ 21.901729] __asan_report_load1_noabort+0x20/0x30 [ 21.901865] strcmp+0xc0/0xc8 [ 21.901933] kasan_strings+0x340/0xb00 [ 21.902005] kunit_try_run_case+0x170/0x3f0 [ 21.902191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.902348] kthread+0x328/0x630 [ 21.902484] ret_from_fork+0x10/0x20 [ 21.902691] [ 21.902747] Allocated by task 260: [ 21.902816] kasan_save_stack+0x3c/0x68 [ 21.902944] kasan_save_track+0x20/0x40 [ 21.903022] kasan_save_alloc_info+0x40/0x58 [ 21.903186] __kasan_kmalloc+0xd4/0xd8 [ 21.903312] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.903485] kasan_strings+0xc8/0xb00 [ 21.903564] kunit_try_run_case+0x170/0x3f0 [ 21.903644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.903751] kthread+0x328/0x630 [ 21.903840] ret_from_fork+0x10/0x20 [ 21.904082] [ 21.904173] Freed by task 260: [ 21.904280] kasan_save_stack+0x3c/0x68 [ 21.904339] kasan_save_track+0x20/0x40 [ 21.904459] kasan_save_free_info+0x4c/0x78 [ 21.904518] __kasan_slab_free+0x6c/0x98 [ 21.904582] kfree+0x214/0x3c8 [ 21.904715] kasan_strings+0x24c/0xb00 [ 21.904792] kunit_try_run_case+0x170/0x3f0 [ 21.904979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.905137] kthread+0x328/0x630 [ 21.905291] ret_from_fork+0x10/0x20 [ 21.905419] [ 21.905490] The buggy address belongs to the object at fff00000c6e97800 [ 21.905490] which belongs to the cache kmalloc-32 of size 32 [ 21.905572] The buggy address is located 16 bytes inside of [ 21.905572] freed 32-byte region [fff00000c6e97800, fff00000c6e97820) [ 21.905747] [ 21.905833] The buggy address belongs to the physical page: [ 21.905904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e97 [ 21.905984] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.906039] page_type: f5(slab) [ 21.906083] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.906146] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.906189] page dumped because: kasan: bad access detected [ 21.906233] [ 21.906256] Memory state around the buggy address: [ 21.906300] fff00000c6e97700: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.906346] fff00000c6e97780: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.906393] >fff00000c6e97800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.906515] ^ [ 21.906577] fff00000c6e97880: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.906907] fff00000c6e97900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.907081] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.883290] ================================================================== [ 21.883355] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 21.883425] Read of size 1 at addr fff00000c6e97658 by task kunit_try_catch/258 [ 21.883480] [ 21.883515] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.883600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.883843] Hardware name: linux,dummy-virt (DT) [ 21.883950] Call trace: [ 21.884310] show_stack+0x20/0x38 (C) [ 21.884372] dump_stack_lvl+0x8c/0xd0 [ 21.884438] print_report+0x118/0x608 [ 21.884490] kasan_report+0xdc/0x128 [ 21.884540] __asan_report_load1_noabort+0x20/0x30 [ 21.884770] memcmp+0x198/0x1d8 [ 21.885025] kasan_memcmp+0x16c/0x300 [ 21.885161] kunit_try_run_case+0x170/0x3f0 [ 21.885254] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.885340] kthread+0x328/0x630 [ 21.885388] ret_from_fork+0x10/0x20 [ 21.885476] [ 21.885498] Allocated by task 258: [ 21.885532] kasan_save_stack+0x3c/0x68 [ 21.885578] kasan_save_track+0x20/0x40 [ 21.885620] kasan_save_alloc_info+0x40/0x58 [ 21.885663] __kasan_kmalloc+0xd4/0xd8 [ 21.885712] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.885771] kasan_memcmp+0xbc/0x300 [ 21.885809] kunit_try_run_case+0x170/0x3f0 [ 21.885851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.885912] kthread+0x328/0x630 [ 21.885949] ret_from_fork+0x10/0x20 [ 21.885995] [ 21.886036] The buggy address belongs to the object at fff00000c6e97640 [ 21.886036] which belongs to the cache kmalloc-32 of size 32 [ 21.886097] The buggy address is located 0 bytes to the right of [ 21.886097] allocated 24-byte region [fff00000c6e97640, fff00000c6e97658) [ 21.886180] [ 21.886210] The buggy address belongs to the physical page: [ 21.886260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e97 [ 21.886327] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.886390] page_type: f5(slab) [ 21.886440] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.886663] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.886868] page dumped because: kasan: bad access detected [ 21.887091] [ 21.887134] Memory state around the buggy address: [ 21.887382] fff00000c6e97500: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.887550] fff00000c6e97580: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.887639] >fff00000c6e97600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.887793] ^ [ 21.887922] fff00000c6e97680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.888175] fff00000c6e97700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.888223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.860079] ================================================================== [ 21.860230] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 21.860304] Read of size 1 at addr ffff800080a87b4a by task kunit_try_catch/254 [ 21.860504] [ 21.860548] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.860888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.860967] Hardware name: linux,dummy-virt (DT) [ 21.861023] Call trace: [ 21.861069] show_stack+0x20/0x38 (C) [ 21.861380] dump_stack_lvl+0x8c/0xd0 [ 21.861552] print_report+0x310/0x608 [ 21.861675] kasan_report+0xdc/0x128 [ 21.861779] __asan_report_load1_noabort+0x20/0x30 [ 21.861874] kasan_alloca_oob_right+0x2dc/0x340 [ 21.861997] kunit_try_run_case+0x170/0x3f0 [ 21.862051] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.862350] kthread+0x328/0x630 [ 21.862477] ret_from_fork+0x10/0x20 [ 21.862714] [ 21.862777] The buggy address belongs to stack of task kunit_try_catch/254 [ 21.862892] [ 21.862941] The buggy address belongs to the virtual mapping at [ 21.862941] [ffff800080a80000, ffff800080a89000) created by: [ 21.862941] kernel_clone+0x150/0x7a8 [ 21.863079] [ 21.863105] The buggy address belongs to the physical page: [ 21.863159] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ea1 [ 21.863465] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.863652] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.863769] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.863857] page dumped because: kasan: bad access detected [ 21.863918] [ 21.864013] Memory state around the buggy address: [ 21.864119] ffff800080a87a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.864214] ffff800080a87a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.864262] >ffff800080a87b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.864429] ^ [ 21.864555] ffff800080a87b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.864794] ffff800080a87c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.864899] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.847732] ================================================================== [ 21.847988] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 21.848343] Read of size 1 at addr ffff800080a77b5f by task kunit_try_catch/252 [ 21.848424] [ 21.848583] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.848702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.848732] Hardware name: linux,dummy-virt (DT) [ 21.848765] Call trace: [ 21.848790] show_stack+0x20/0x38 (C) [ 21.849593] dump_stack_lvl+0x8c/0xd0 [ 21.849920] print_report+0x310/0x608 [ 21.850018] kasan_report+0xdc/0x128 [ 21.850148] __asan_report_load1_noabort+0x20/0x30 [ 21.850244] kasan_alloca_oob_left+0x2b8/0x310 [ 21.850366] kunit_try_run_case+0x170/0x3f0 [ 21.850474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.850540] kthread+0x328/0x630 [ 21.850598] ret_from_fork+0x10/0x20 [ 21.850681] [ 21.850728] The buggy address belongs to stack of task kunit_try_catch/252 [ 21.850814] [ 21.850860] The buggy address belongs to the virtual mapping at [ 21.850860] [ffff800080a70000, ffff800080a79000) created by: [ 21.850860] kernel_clone+0x150/0x7a8 [ 21.850968] [ 21.851004] The buggy address belongs to the physical page: [ 21.851038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e8c [ 21.851100] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.851194] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.851257] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.851310] page dumped because: kasan: bad access detected [ 21.851352] [ 21.851382] Memory state around the buggy address: [ 21.851437] ffff800080a77a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.851493] ffff800080a77a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.851540] >ffff800080a77b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 21.851581] ^ [ 21.851622] ffff800080a77b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.851669] ffff800080a77c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.851712] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.832099] ================================================================== [ 21.832587] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 21.832646] Read of size 1 at addr ffff800080a77c2a by task kunit_try_catch/250 [ 21.832697] [ 21.832728] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.832832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.832876] Hardware name: linux,dummy-virt (DT) [ 21.832915] Call trace: [ 21.832950] show_stack+0x20/0x38 (C) [ 21.833010] dump_stack_lvl+0x8c/0xd0 [ 21.833081] print_report+0x310/0x608 [ 21.833129] kasan_report+0xdc/0x128 [ 21.833370] __asan_report_load1_noabort+0x20/0x30 [ 21.833635] kasan_stack_oob+0x238/0x270 [ 21.833839] kunit_try_run_case+0x170/0x3f0 [ 21.834005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.834134] kthread+0x328/0x630 [ 21.834417] ret_from_fork+0x10/0x20 [ 21.834665] [ 21.834865] The buggy address belongs to stack of task kunit_try_catch/250 [ 21.835299] and is located at offset 138 in frame: [ 21.835545] kasan_stack_oob+0x0/0x270 [ 21.836094] [ 21.836293] This frame has 4 objects: [ 21.836791] [48, 49) '__assertion' [ 21.836908] [64, 72) 'array' [ 21.837031] [96, 112) '__assertion' [ 21.837100] [128, 138) 'stack_array' [ 21.837147] [ 21.837497] The buggy address belongs to the virtual mapping at [ 21.837497] [ffff800080a70000, ffff800080a79000) created by: [ 21.837497] kernel_clone+0x150/0x7a8 [ 21.837684] [ 21.837750] The buggy address belongs to the physical page: [ 21.837816] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e8c [ 21.837947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.838082] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.838618] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.838866] page dumped because: kasan: bad access detected [ 21.839016] [ 21.839051] Memory state around the buggy address: [ 21.839088] ffff800080a77b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.839145] ffff800080a77b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 21.839204] >ffff800080a77c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 21.839252] ^ [ 21.839288] ffff800080a77c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 21.839333] ffff800080a77d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.839375] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.815438] ================================================================== [ 21.815510] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 21.815607] Read of size 1 at addr ffffaa561734f58d by task kunit_try_catch/246 [ 21.815660] [ 21.815938] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.816038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.816200] Hardware name: linux,dummy-virt (DT) [ 21.816442] Call trace: [ 21.816488] show_stack+0x20/0x38 (C) [ 21.816553] dump_stack_lvl+0x8c/0xd0 [ 21.816868] print_report+0x310/0x608 [ 21.817015] kasan_report+0xdc/0x128 [ 21.817095] __asan_report_load1_noabort+0x20/0x30 [ 21.817324] kasan_global_oob_right+0x230/0x270 [ 21.817494] kunit_try_run_case+0x170/0x3f0 [ 21.817646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.817718] kthread+0x328/0x630 [ 21.817891] ret_from_fork+0x10/0x20 [ 21.818118] [ 21.818187] The buggy address belongs to the variable: [ 21.818229] global_array+0xd/0x40 [ 21.818333] [ 21.818454] The buggy address belongs to the virtual mapping at [ 21.818454] [ffffaa5615500000, ffffaa5617401000) created by: [ 21.818454] paging_init+0x66c/0x7d0 [ 21.818559] [ 21.818643] The buggy address belongs to the physical page: [ 21.818677] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 21.818750] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 21.818821] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 21.818872] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.818927] page dumped because: kasan: bad access detected [ 21.818959] [ 21.818992] Memory state around the buggy address: [ 21.819043] ffffaa561734f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.819097] ffffaa561734f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 21.819141] >ffffaa561734f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 21.819180] ^ [ 21.819219] ffffaa561734f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 21.819262] ffffaa561734f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.819310] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.797278] ================================================================== [ 21.797337] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.797395] Free of addr fff00000c784c001 by task kunit_try_catch/244 [ 21.797452] [ 21.797485] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.797568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.797595] Hardware name: linux,dummy-virt (DT) [ 21.797629] Call trace: [ 21.797651] show_stack+0x20/0x38 (C) [ 21.797702] dump_stack_lvl+0x8c/0xd0 [ 21.797750] print_report+0x118/0x608 [ 21.797799] kasan_report_invalid_free+0xc0/0xe8 [ 21.797851] __kasan_mempool_poison_object+0xfc/0x150 [ 21.797904] mempool_free+0x28c/0x328 [ 21.797950] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.798004] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 21.798056] kunit_try_run_case+0x170/0x3f0 [ 21.798107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.798161] kthread+0x328/0x630 [ 21.799810] ret_from_fork+0x10/0x20 [ 21.799889] [ 21.800069] The buggy address belongs to the physical page: [ 21.800133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10784c [ 21.800191] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.800249] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.800305] page_type: f8(unknown) [ 21.800343] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.800393] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.801082] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.801561] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.801903] head: 0bfffe0000000002 ffffc1ffc31e1301 00000000ffffffff 00000000ffffffff [ 21.802049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.802318] page dumped because: kasan: bad access detected [ 21.802355] [ 21.802376] Memory state around the buggy address: [ 21.802781] fff00000c784bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.802829] fff00000c784bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.802873] >fff00000c784c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.803391] ^ [ 21.803774] fff00000c784c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.804053] fff00000c784c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.804127] ================================================================== [ 21.775759] ================================================================== [ 21.775832] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.775887] Free of addr fff00000c6e94201 by task kunit_try_catch/242 [ 21.775929] [ 21.775960] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.776042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.776332] Hardware name: linux,dummy-virt (DT) [ 21.776418] Call trace: [ 21.776606] show_stack+0x20/0x38 (C) [ 21.776696] dump_stack_lvl+0x8c/0xd0 [ 21.776810] print_report+0x118/0x608 [ 21.776906] kasan_report_invalid_free+0xc0/0xe8 [ 21.777054] check_slab_allocation+0xfc/0x108 [ 21.777177] __kasan_mempool_poison_object+0x78/0x150 [ 21.777428] mempool_free+0x28c/0x328 [ 21.777552] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.777637] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.777792] kunit_try_run_case+0x170/0x3f0 [ 21.777892] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.778045] kthread+0x328/0x630 [ 21.778130] ret_from_fork+0x10/0x20 [ 21.778314] [ 21.778504] Allocated by task 242: [ 21.778600] kasan_save_stack+0x3c/0x68 [ 21.778657] kasan_save_track+0x20/0x40 [ 21.778722] kasan_save_alloc_info+0x40/0x58 [ 21.778801] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.778934] remove_element+0x130/0x1f8 [ 21.779011] mempool_alloc_preallocated+0x58/0xc0 [ 21.779143] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 21.779209] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.779278] kunit_try_run_case+0x170/0x3f0 [ 21.779526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.779767] kthread+0x328/0x630 [ 21.779854] ret_from_fork+0x10/0x20 [ 21.779979] [ 21.780044] The buggy address belongs to the object at fff00000c6e94200 [ 21.780044] which belongs to the cache kmalloc-128 of size 128 [ 21.780272] The buggy address is located 1 bytes inside of [ 21.780272] 128-byte region [fff00000c6e94200, fff00000c6e94280) [ 21.780498] [ 21.780558] The buggy address belongs to the physical page: [ 21.780692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e94 [ 21.780777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.780856] page_type: f5(slab) [ 21.780969] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.781075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.781281] page dumped because: kasan: bad access detected [ 21.781318] [ 21.781337] Memory state around the buggy address: [ 21.781381] fff00000c6e94100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.782021] fff00000c6e94180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.782326] >fff00000c6e94200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.782654] ^ [ 21.782695] fff00000c6e94280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.782739] fff00000c6e94300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.783441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.763039] ================================================================== [ 21.763161] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.763224] Free of addr fff00000c7848000 by task kunit_try_catch/240 [ 21.763326] [ 21.763363] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.763698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.763744] Hardware name: linux,dummy-virt (DT) [ 21.763879] Call trace: [ 21.763906] show_stack+0x20/0x38 (C) [ 21.763963] dump_stack_lvl+0x8c/0xd0 [ 21.764167] print_report+0x118/0x608 [ 21.764265] kasan_report_invalid_free+0xc0/0xe8 [ 21.764424] __kasan_mempool_poison_pages+0xe0/0xe8 [ 21.764579] mempool_free+0x24c/0x328 [ 21.764638] mempool_double_free_helper+0x150/0x2e8 [ 21.764690] mempool_page_alloc_double_free+0xbc/0x118 [ 21.764749] kunit_try_run_case+0x170/0x3f0 [ 21.764800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.765044] kthread+0x328/0x630 [ 21.765194] ret_from_fork+0x10/0x20 [ 21.765307] [ 21.765367] The buggy address belongs to the physical page: [ 21.765447] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 21.765717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.765917] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.766057] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.766101] page dumped because: kasan: bad access detected [ 21.766151] [ 21.766330] Memory state around the buggy address: [ 21.766513] fff00000c7847f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.766653] fff00000c7847f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.766718] >fff00000c7848000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.766765] ^ [ 21.766832] fff00000c7848080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.767021] fff00000c7848100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.767142] ================================================================== [ 21.729903] ================================================================== [ 21.730157] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.730577] Free of addr fff00000c64b5e00 by task kunit_try_catch/236 [ 21.730677] [ 21.730715] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.731075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.731414] Hardware name: linux,dummy-virt (DT) [ 21.731467] Call trace: [ 21.731506] show_stack+0x20/0x38 (C) [ 21.731815] dump_stack_lvl+0x8c/0xd0 [ 21.731954] print_report+0x118/0x608 [ 21.732030] kasan_report_invalid_free+0xc0/0xe8 [ 21.732187] check_slab_allocation+0xd4/0x108 [ 21.732291] __kasan_mempool_poison_object+0x78/0x150 [ 21.732446] mempool_free+0x28c/0x328 [ 21.732515] mempool_double_free_helper+0x150/0x2e8 [ 21.732568] mempool_kmalloc_double_free+0xc0/0x118 [ 21.732627] kunit_try_run_case+0x170/0x3f0 [ 21.732676] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.732730] kthread+0x328/0x630 [ 21.733063] ret_from_fork+0x10/0x20 [ 21.733270] [ 21.733319] Allocated by task 236: [ 21.733731] kasan_save_stack+0x3c/0x68 [ 21.733837] kasan_save_track+0x20/0x40 [ 21.733988] kasan_save_alloc_info+0x40/0x58 [ 21.734067] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.734191] remove_element+0x130/0x1f8 [ 21.734268] mempool_alloc_preallocated+0x58/0xc0 [ 21.734327] mempool_double_free_helper+0x94/0x2e8 [ 21.734632] mempool_kmalloc_double_free+0xc0/0x118 [ 21.734730] kunit_try_run_case+0x170/0x3f0 [ 21.734777] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.735048] kthread+0x328/0x630 [ 21.735147] ret_from_fork+0x10/0x20 [ 21.735276] [ 21.735346] Freed by task 236: [ 21.735491] kasan_save_stack+0x3c/0x68 [ 21.735595] kasan_save_track+0x20/0x40 [ 21.735647] kasan_save_free_info+0x4c/0x78 [ 21.735688] __kasan_mempool_poison_object+0xc0/0x150 [ 21.735801] mempool_free+0x28c/0x328 [ 21.735840] mempool_double_free_helper+0x100/0x2e8 [ 21.735882] mempool_kmalloc_double_free+0xc0/0x118 [ 21.735923] kunit_try_run_case+0x170/0x3f0 [ 21.735977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.736031] kthread+0x328/0x630 [ 21.736291] ret_from_fork+0x10/0x20 [ 21.736490] [ 21.736672] The buggy address belongs to the object at fff00000c64b5e00 [ 21.736672] which belongs to the cache kmalloc-128 of size 128 [ 21.736808] The buggy address is located 0 bytes inside of [ 21.736808] 128-byte region [fff00000c64b5e00, fff00000c64b5e80) [ 21.736895] [ 21.736922] The buggy address belongs to the physical page: [ 21.737036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 21.737157] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.737276] page_type: f5(slab) [ 21.737570] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.737706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.738067] page dumped because: kasan: bad access detected [ 21.738289] [ 21.738554] Memory state around the buggy address: [ 21.738618] fff00000c64b5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.738949] fff00000c64b5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.739182] >fff00000c64b5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.739634] ^ [ 21.740159] fff00000c64b5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.740248] fff00000c64b5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.740323] ================================================================== [ 21.750414] ================================================================== [ 21.750472] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.750532] Free of addr fff00000c7848000 by task kunit_try_catch/238 [ 21.750575] [ 21.750608] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.750757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.750796] Hardware name: linux,dummy-virt (DT) [ 21.750989] Call trace: [ 21.751040] show_stack+0x20/0x38 (C) [ 21.751164] dump_stack_lvl+0x8c/0xd0 [ 21.751219] print_report+0x118/0x608 [ 21.751284] kasan_report_invalid_free+0xc0/0xe8 [ 21.751769] __kasan_mempool_poison_object+0x14c/0x150 [ 21.751829] mempool_free+0x28c/0x328 [ 21.751905] mempool_double_free_helper+0x150/0x2e8 [ 21.752292] mempool_kmalloc_large_double_free+0xc0/0x118 [ 21.752353] kunit_try_run_case+0x170/0x3f0 [ 21.752675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.752854] kthread+0x328/0x630 [ 21.752930] ret_from_fork+0x10/0x20 [ 21.753323] [ 21.753479] The buggy address belongs to the physical page: [ 21.753555] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 21.753680] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.753757] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.754026] page_type: f8(unknown) [ 21.754090] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.754177] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.754497] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.754746] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.754842] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff [ 21.755115] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.755253] page dumped because: kasan: bad access detected [ 21.755287] [ 21.755604] Memory state around the buggy address: [ 21.755698] fff00000c7847f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.755823] fff00000c7847f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.755878] >fff00000c7848000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.756041] ^ [ 21.756150] fff00000c7848080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.756348] fff00000c7848100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.756526] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.658297] ================================================================== [ 21.658355] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.658446] Read of size 1 at addr fff00000c77e0000 by task kunit_try_catch/230 [ 21.658499] [ 21.658534] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.658617] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.658646] Hardware name: linux,dummy-virt (DT) [ 21.658680] Call trace: [ 21.658702] show_stack+0x20/0x38 (C) [ 21.658762] dump_stack_lvl+0x8c/0xd0 [ 21.658811] print_report+0x118/0x608 [ 21.658860] kasan_report+0xdc/0x128 [ 21.658906] __asan_report_load1_noabort+0x20/0x30 [ 21.658958] mempool_uaf_helper+0x314/0x340 [ 21.659004] mempool_kmalloc_large_uaf+0xc4/0x120 [ 21.659062] kunit_try_run_case+0x170/0x3f0 [ 21.659111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.659165] kthread+0x328/0x630 [ 21.659208] ret_from_fork+0x10/0x20 [ 21.659266] [ 21.659288] The buggy address belongs to the physical page: [ 21.659321] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0 [ 21.659376] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.659805] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.660455] page_type: f8(unknown) [ 21.660542] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.660702] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.660755] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.660804] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.660859] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff [ 21.660912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.661252] page dumped because: kasan: bad access detected [ 21.661332] [ 21.661463] Memory state around the buggy address: [ 21.661549] fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.661625] fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.661778] >fff00000c77e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.661830] ^ [ 21.661857] fff00000c77e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.662279] fff00000c77e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.662367] ================================================================== [ 21.714369] ================================================================== [ 21.714481] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.714545] Read of size 1 at addr fff00000c7848000 by task kunit_try_catch/234 [ 21.714595] [ 21.714630] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.714716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.714742] Hardware name: linux,dummy-virt (DT) [ 21.714786] Call trace: [ 21.714809] show_stack+0x20/0x38 (C) [ 21.714860] dump_stack_lvl+0x8c/0xd0 [ 21.714906] print_report+0x118/0x608 [ 21.714954] kasan_report+0xdc/0x128 [ 21.715000] __asan_report_load1_noabort+0x20/0x30 [ 21.715050] mempool_uaf_helper+0x314/0x340 [ 21.715097] mempool_page_alloc_uaf+0xc0/0x118 [ 21.715153] kunit_try_run_case+0x170/0x3f0 [ 21.715209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.715263] kthread+0x328/0x630 [ 21.715306] ret_from_fork+0x10/0x20 [ 21.715353] [ 21.715375] The buggy address belongs to the physical page: [ 21.716237] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848 [ 21.716308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.716638] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.716900] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.717033] page dumped because: kasan: bad access detected [ 21.717085] [ 21.717103] Memory state around the buggy address: [ 21.717156] fff00000c7847f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.717524] fff00000c7847f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.717599] >fff00000c7848000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.717676] ^ [ 21.717984] fff00000c7848080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.718092] fff00000c7848100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.718158] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.637338] ================================================================== [ 21.637429] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.637808] Read of size 1 at addr fff00000c64b5a00 by task kunit_try_catch/228 [ 21.637871] [ 21.638169] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.638333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.638363] Hardware name: linux,dummy-virt (DT) [ 21.638408] Call trace: [ 21.638434] show_stack+0x20/0x38 (C) [ 21.638498] dump_stack_lvl+0x8c/0xd0 [ 21.638690] print_report+0x118/0x608 [ 21.638912] kasan_report+0xdc/0x128 [ 21.638967] __asan_report_load1_noabort+0x20/0x30 [ 21.639019] mempool_uaf_helper+0x314/0x340 [ 21.639334] mempool_kmalloc_uaf+0xc4/0x120 [ 21.639474] kunit_try_run_case+0x170/0x3f0 [ 21.639560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.639616] kthread+0x328/0x630 [ 21.639791] ret_from_fork+0x10/0x20 [ 21.639844] [ 21.639863] Allocated by task 228: [ 21.640063] kasan_save_stack+0x3c/0x68 [ 21.640164] kasan_save_track+0x20/0x40 [ 21.640212] kasan_save_alloc_info+0x40/0x58 [ 21.640280] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.640638] remove_element+0x130/0x1f8 [ 21.640758] mempool_alloc_preallocated+0x58/0xc0 [ 21.640833] mempool_uaf_helper+0xa4/0x340 [ 21.640956] mempool_kmalloc_uaf+0xc4/0x120 [ 21.640997] kunit_try_run_case+0x170/0x3f0 [ 21.641180] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.641387] kthread+0x328/0x630 [ 21.641486] ret_from_fork+0x10/0x20 [ 21.641563] [ 21.641613] Freed by task 228: [ 21.642026] kasan_save_stack+0x3c/0x68 [ 21.642166] kasan_save_track+0x20/0x40 [ 21.642208] kasan_save_free_info+0x4c/0x78 [ 21.642440] __kasan_mempool_poison_object+0xc0/0x150 [ 21.642607] mempool_free+0x28c/0x328 [ 21.642674] mempool_uaf_helper+0x104/0x340 [ 21.642749] mempool_kmalloc_uaf+0xc4/0x120 [ 21.642813] kunit_try_run_case+0x170/0x3f0 [ 21.642873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.642927] kthread+0x328/0x630 [ 21.642960] ret_from_fork+0x10/0x20 [ 21.643007] [ 21.643028] The buggy address belongs to the object at fff00000c64b5a00 [ 21.643028] which belongs to the cache kmalloc-128 of size 128 [ 21.643100] The buggy address is located 0 bytes inside of [ 21.643100] freed 128-byte region [fff00000c64b5a00, fff00000c64b5a80) [ 21.643176] [ 21.643207] The buggy address belongs to the physical page: [ 21.643240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 21.643296] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.643354] page_type: f5(slab) [ 21.643416] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.643475] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.643518] page dumped because: kasan: bad access detected [ 21.643559] [ 21.643577] Memory state around the buggy address: [ 21.643617] fff00000c64b5900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.643678] fff00000c64b5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.643731] >fff00000c64b5a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.643769] ^ [ 21.643796] fff00000c64b5a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.643838] fff00000c64b5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.643877] ================================================================== [ 21.677748] ================================================================== [ 21.677860] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.677922] Read of size 1 at addr fff00000c6e92240 by task kunit_try_catch/232 [ 21.678260] [ 21.678347] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.678450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.678635] Hardware name: linux,dummy-virt (DT) [ 21.678877] Call trace: [ 21.678935] show_stack+0x20/0x38 (C) [ 21.679010] dump_stack_lvl+0x8c/0xd0 [ 21.679066] print_report+0x118/0x608 [ 21.679227] kasan_report+0xdc/0x128 [ 21.679288] __asan_report_load1_noabort+0x20/0x30 [ 21.679548] mempool_uaf_helper+0x314/0x340 [ 21.679613] mempool_slab_uaf+0xc0/0x118 [ 21.679687] kunit_try_run_case+0x170/0x3f0 [ 21.679981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.680118] kthread+0x328/0x630 [ 21.680187] ret_from_fork+0x10/0x20 [ 21.680417] [ 21.680449] Allocated by task 232: [ 21.680688] kasan_save_stack+0x3c/0x68 [ 21.680778] kasan_save_track+0x20/0x40 [ 21.680901] kasan_save_alloc_info+0x40/0x58 [ 21.680978] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.681032] remove_element+0x16c/0x1f8 [ 21.681233] mempool_alloc_preallocated+0x58/0xc0 [ 21.681454] mempool_uaf_helper+0xa4/0x340 [ 21.681571] mempool_slab_uaf+0xc0/0x118 [ 21.681622] kunit_try_run_case+0x170/0x3f0 [ 21.681709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.682039] kthread+0x328/0x630 [ 21.682174] ret_from_fork+0x10/0x20 [ 21.682233] [ 21.682393] Freed by task 232: [ 21.682595] kasan_save_stack+0x3c/0x68 [ 21.682730] kasan_save_track+0x20/0x40 [ 21.682785] kasan_save_free_info+0x4c/0x78 [ 21.682853] __kasan_mempool_poison_object+0xc0/0x150 [ 21.683079] mempool_free+0x28c/0x328 [ 21.683284] mempool_uaf_helper+0x104/0x340 [ 21.683343] mempool_slab_uaf+0xc0/0x118 [ 21.683561] kunit_try_run_case+0x170/0x3f0 [ 21.683809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.683953] kthread+0x328/0x630 [ 21.684050] ret_from_fork+0x10/0x20 [ 21.684100] [ 21.684122] The buggy address belongs to the object at fff00000c6e92240 [ 21.684122] which belongs to the cache test_cache of size 123 [ 21.684183] The buggy address is located 0 bytes inside of [ 21.684183] freed 123-byte region [fff00000c6e92240, fff00000c6e922bb) [ 21.684244] [ 21.684540] The buggy address belongs to the physical page: [ 21.684686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e92 [ 21.684758] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.685096] page_type: f5(slab) [ 21.685425] raw: 0bfffe0000000000 fff00000c471ab40 dead000000000122 0000000000000000 [ 21.685535] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.685897] page dumped because: kasan: bad access detected [ 21.685949] [ 21.685969] Memory state around the buggy address: [ 21.686131] fff00000c6e92100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.686216] fff00000c6e92180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.686393] >fff00000c6e92200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.686802] ^ [ 21.686890] fff00000c6e92280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.686951] fff00000c6e92300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.686991] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.594977] ================================================================== [ 21.595432] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.595987] Read of size 1 at addr fff00000c639c2bb by task kunit_try_catch/226 [ 21.596210] [ 21.596248] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.596562] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.596595] Hardware name: linux,dummy-virt (DT) [ 21.596636] Call trace: [ 21.596660] show_stack+0x20/0x38 (C) [ 21.596713] dump_stack_lvl+0x8c/0xd0 [ 21.597145] print_report+0x118/0x608 [ 21.597610] kasan_report+0xdc/0x128 [ 21.597847] __asan_report_load1_noabort+0x20/0x30 [ 21.598272] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.598531] mempool_slab_oob_right+0xc0/0x118 [ 21.598890] kunit_try_run_case+0x170/0x3f0 [ 21.598992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.599050] kthread+0x328/0x630 [ 21.599504] ret_from_fork+0x10/0x20 [ 21.599560] [ 21.599579] Allocated by task 226: [ 21.599713] kasan_save_stack+0x3c/0x68 [ 21.599945] kasan_save_track+0x20/0x40 [ 21.600089] kasan_save_alloc_info+0x40/0x58 [ 21.600378] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.600624] remove_element+0x16c/0x1f8 [ 21.600672] mempool_alloc_preallocated+0x58/0xc0 [ 21.600818] mempool_oob_right_helper+0x98/0x2f0 [ 21.601123] mempool_slab_oob_right+0xc0/0x118 [ 21.601347] kunit_try_run_case+0x170/0x3f0 [ 21.601386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.601444] kthread+0x328/0x630 [ 21.601481] ret_from_fork+0x10/0x20 [ 21.601519] [ 21.601539] The buggy address belongs to the object at fff00000c639c240 [ 21.601539] which belongs to the cache test_cache of size 123 [ 21.602811] The buggy address is located 0 bytes to the right of [ 21.602811] allocated 123-byte region [fff00000c639c240, fff00000c639c2bb) [ 21.603085] [ 21.603222] The buggy address belongs to the physical page: [ 21.603337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10639c [ 21.603427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.603477] page_type: f5(slab) [ 21.603535] raw: 0bfffe0000000000 fff00000c471aa00 dead000000000122 0000000000000000 [ 21.603704] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.603780] page dumped because: kasan: bad access detected [ 21.603813] [ 21.603831] Memory state around the buggy address: [ 21.603873] fff00000c639c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.603933] fff00000c639c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.603994] >fff00000c639c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.604046] ^ [ 21.604082] fff00000c639c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.604130] fff00000c639c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.604169] ================================================================== [ 21.562822] ================================================================== [ 21.562896] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.562973] Read of size 1 at addr fff00000c64b5673 by task kunit_try_catch/222 [ 21.563024] [ 21.563069] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.563159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.563188] Hardware name: linux,dummy-virt (DT) [ 21.563222] Call trace: [ 21.563248] show_stack+0x20/0x38 (C) [ 21.563301] dump_stack_lvl+0x8c/0xd0 [ 21.563349] print_report+0x118/0x608 [ 21.563413] kasan_report+0xdc/0x128 [ 21.563459] __asan_report_load1_noabort+0x20/0x30 [ 21.563512] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.563562] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.563611] kunit_try_run_case+0x170/0x3f0 [ 21.563663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.563715] kthread+0x328/0x630 [ 21.563761] ret_from_fork+0x10/0x20 [ 21.563811] [ 21.563831] Allocated by task 222: [ 21.563863] kasan_save_stack+0x3c/0x68 [ 21.563906] kasan_save_track+0x20/0x40 [ 21.563946] kasan_save_alloc_info+0x40/0x58 [ 21.563986] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.564031] remove_element+0x130/0x1f8 [ 21.564180] mempool_alloc_preallocated+0x58/0xc0 [ 21.564226] mempool_oob_right_helper+0x98/0x2f0 [ 21.564267] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.564309] kunit_try_run_case+0x170/0x3f0 [ 21.564349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.564394] kthread+0x328/0x630 [ 21.564446] ret_from_fork+0x10/0x20 [ 21.564488] [ 21.564509] The buggy address belongs to the object at fff00000c64b5600 [ 21.564509] which belongs to the cache kmalloc-128 of size 128 [ 21.564569] The buggy address is located 0 bytes to the right of [ 21.564569] allocated 115-byte region [fff00000c64b5600, fff00000c64b5673) [ 21.564635] [ 21.564658] The buggy address belongs to the physical page: [ 21.564693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 21.564753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.564811] page_type: f5(slab) [ 21.564858] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.564909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.564952] page dumped because: kasan: bad access detected [ 21.564983] [ 21.565001] Memory state around the buggy address: [ 21.565037] fff00000c64b5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.565086] fff00000c64b5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.565132] >fff00000c64b5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.565172] ^ [ 21.565212] fff00000c64b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.565257] fff00000c64b5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.565297] ================================================================== [ 21.582732] ================================================================== [ 21.582792] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.582845] Read of size 1 at addr fff00000c77de001 by task kunit_try_catch/224 [ 21.582896] [ 21.582927] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.583011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.583039] Hardware name: linux,dummy-virt (DT) [ 21.583071] Call trace: [ 21.583094] show_stack+0x20/0x38 (C) [ 21.583144] dump_stack_lvl+0x8c/0xd0 [ 21.583190] print_report+0x118/0x608 [ 21.583236] kasan_report+0xdc/0x128 [ 21.583282] __asan_report_load1_noabort+0x20/0x30 [ 21.583333] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.583383] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 21.583478] kunit_try_run_case+0x170/0x3f0 [ 21.583528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.583581] kthread+0x328/0x630 [ 21.583623] ret_from_fork+0x10/0x20 [ 21.583680] [ 21.583703] The buggy address belongs to the physical page: [ 21.583743] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dc [ 21.583800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.583847] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.583902] page_type: f8(unknown) [ 21.583940] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.583990] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.584040] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.584124] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.584527] head: 0bfffe0000000002 ffffc1ffc31df701 00000000ffffffff 00000000ffffffff [ 21.584580] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.584630] page dumped because: kasan: bad access detected [ 21.584663] [ 21.584681] Memory state around the buggy address: [ 21.584714] fff00000c77ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.585021] fff00000c77ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.585087] >fff00000c77de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.585142] ^ [ 21.585178] fff00000c77de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.585258] fff00000c77de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.585306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 21.011366] ================================================================== [ 21.011462] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 21.011545] Read of size 1 at addr fff00000c56b9640 by task kunit_try_catch/216 [ 21.011598] [ 21.011645] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.011735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.011763] Hardware name: linux,dummy-virt (DT) [ 21.011798] Call trace: [ 21.011825] show_stack+0x20/0x38 (C) [ 21.011883] dump_stack_lvl+0x8c/0xd0 [ 21.011934] print_report+0x118/0x608 [ 21.011982] kasan_report+0xdc/0x128 [ 21.012027] __kasan_check_byte+0x54/0x70 [ 21.012110] kmem_cache_destroy+0x34/0x218 [ 21.012178] kmem_cache_double_destroy+0x174/0x300 [ 21.012230] kunit_try_run_case+0x170/0x3f0 [ 21.012280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.012334] kthread+0x328/0x630 [ 21.012378] ret_from_fork+0x10/0x20 [ 21.012439] [ 21.012458] Allocated by task 216: [ 21.012490] kasan_save_stack+0x3c/0x68 [ 21.012533] kasan_save_track+0x20/0x40 [ 21.012573] kasan_save_alloc_info+0x40/0x58 [ 21.012615] __kasan_slab_alloc+0xa8/0xb0 [ 21.012652] kmem_cache_alloc_noprof+0x10c/0x398 [ 21.012695] __kmem_cache_create_args+0x178/0x280 [ 21.012734] kmem_cache_double_destroy+0xc0/0x300 [ 21.012775] kunit_try_run_case+0x170/0x3f0 [ 21.012813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.012858] kthread+0x328/0x630 [ 21.012891] ret_from_fork+0x10/0x20 [ 21.012928] [ 21.012947] Freed by task 216: [ 21.012973] kasan_save_stack+0x3c/0x68 [ 21.013012] kasan_save_track+0x20/0x40 [ 21.013049] kasan_save_free_info+0x4c/0x78 [ 21.013095] __kasan_slab_free+0x6c/0x98 [ 21.013134] kmem_cache_free+0x260/0x468 [ 21.013172] slab_kmem_cache_release+0x38/0x50 [ 21.013212] kmem_cache_release+0x1c/0x30 [ 21.013248] kobject_put+0x17c/0x420 [ 21.013286] sysfs_slab_release+0x1c/0x30 [ 21.013324] kmem_cache_destroy+0x118/0x218 [ 21.013363] kmem_cache_double_destroy+0x128/0x300 [ 21.013427] kunit_try_run_case+0x170/0x3f0 [ 21.013467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.013511] kthread+0x328/0x630 [ 21.013544] ret_from_fork+0x10/0x20 [ 21.013582] [ 21.013601] The buggy address belongs to the object at fff00000c56b9640 [ 21.013601] which belongs to the cache kmem_cache of size 208 [ 21.013661] The buggy address is located 0 bytes inside of [ 21.013661] freed 208-byte region [fff00000c56b9640, fff00000c56b9710) [ 21.013722] [ 21.013744] The buggy address belongs to the physical page: [ 21.013779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056b9 [ 21.013838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.013892] page_type: f5(slab) [ 21.013937] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 21.013989] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 21.014032] page dumped because: kasan: bad access detected [ 21.014065] [ 21.014082] Memory state around the buggy address: [ 21.014118] fff00000c56b9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.014162] fff00000c56b9580: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 21.014207] >fff00000c56b9600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.014246] ^ [ 21.014282] fff00000c56b9680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.014326] fff00000c56b9700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.014366] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 20.866236] ================================================================== [ 20.866366] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 20.866463] Read of size 1 at addr fff00000c6472000 by task kunit_try_catch/214 [ 20.866518] [ 20.866565] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.866653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.866681] Hardware name: linux,dummy-virt (DT) [ 20.866714] Call trace: [ 20.866741] show_stack+0x20/0x38 (C) [ 20.866796] dump_stack_lvl+0x8c/0xd0 [ 20.866846] print_report+0x118/0x608 [ 20.866896] kasan_report+0xdc/0x128 [ 20.866941] __asan_report_load1_noabort+0x20/0x30 [ 20.866995] kmem_cache_rcu_uaf+0x388/0x468 [ 20.867043] kunit_try_run_case+0x170/0x3f0 [ 20.867107] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.867167] kthread+0x328/0x630 [ 20.867213] ret_from_fork+0x10/0x20 [ 20.867265] [ 20.867284] Allocated by task 214: [ 20.867318] kasan_save_stack+0x3c/0x68 [ 20.867361] kasan_save_track+0x20/0x40 [ 20.867440] kasan_save_alloc_info+0x40/0x58 [ 20.867483] __kasan_slab_alloc+0xa8/0xb0 [ 20.867522] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.867573] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.867790] kunit_try_run_case+0x170/0x3f0 [ 20.867842] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.868014] kthread+0x328/0x630 [ 20.868430] ret_from_fork+0x10/0x20 [ 20.869027] [ 20.869057] Freed by task 0: [ 20.869252] kasan_save_stack+0x3c/0x68 [ 20.869341] kasan_save_track+0x20/0x40 [ 20.869610] kasan_save_free_info+0x4c/0x78 [ 20.869675] __kasan_slab_free+0x6c/0x98 [ 20.869712] slab_free_after_rcu_debug+0xd4/0x2f8 [ 20.869754] rcu_core+0x9f4/0x1e20 [ 20.870677] rcu_core_si+0x18/0x30 [ 20.871233] handle_softirqs+0x374/0xb28 [ 20.871289] __do_softirq+0x1c/0x28 [ 20.871325] [ 20.871362] Last potentially related work creation: [ 20.871392] kasan_save_stack+0x3c/0x68 [ 20.871819] kasan_record_aux_stack+0xb4/0xc8 [ 20.872051] kmem_cache_free+0x120/0x468 [ 20.872755] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.873427] kunit_try_run_case+0x170/0x3f0 [ 20.873583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.873631] kthread+0x328/0x630 [ 20.874142] ret_from_fork+0x10/0x20 [ 20.874595] [ 20.874619] The buggy address belongs to the object at fff00000c6472000 [ 20.874619] which belongs to the cache test_cache of size 200 [ 20.875247] The buggy address is located 0 bytes inside of [ 20.875247] freed 200-byte region [fff00000c6472000, fff00000c64720c8) [ 20.875812] [ 20.875845] The buggy address belongs to the physical page: [ 20.876264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106472 [ 20.876607] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.877089] page_type: f5(slab) [ 20.877297] raw: 0bfffe0000000000 fff00000c471a780 dead000000000122 0000000000000000 [ 20.877507] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.878263] page dumped because: kasan: bad access detected [ 20.878604] [ 20.878753] Memory state around the buggy address: [ 20.878932] fff00000c6471f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.878980] fff00000c6471f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.879025] >fff00000c6472000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.880077] ^ [ 20.880456] fff00000c6472080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.881016] fff00000c6472100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.881486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.359633] ================================================================== [ 20.359732] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.360000] Free of addr fff00000c6ecf001 by task kunit_try_catch/212 [ 20.360193] [ 20.360252] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.360525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.360716] Hardware name: linux,dummy-virt (DT) [ 20.360825] Call trace: [ 20.360875] show_stack+0x20/0x38 (C) [ 20.360954] dump_stack_lvl+0x8c/0xd0 [ 20.361086] print_report+0x118/0x608 [ 20.361149] kasan_report_invalid_free+0xc0/0xe8 [ 20.361436] check_slab_allocation+0xfc/0x108 [ 20.361555] __kasan_slab_pre_free+0x2c/0x48 [ 20.361657] kmem_cache_free+0xf0/0x468 [ 20.361732] kmem_cache_invalid_free+0x184/0x3c8 [ 20.362001] kunit_try_run_case+0x170/0x3f0 [ 20.362142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.362241] kthread+0x328/0x630 [ 20.362316] ret_from_fork+0x10/0x20 [ 20.362493] [ 20.362515] Allocated by task 212: [ 20.362651] kasan_save_stack+0x3c/0x68 [ 20.362724] kasan_save_track+0x20/0x40 [ 20.362805] kasan_save_alloc_info+0x40/0x58 [ 20.362882] __kasan_slab_alloc+0xa8/0xb0 [ 20.362922] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.362987] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.363182] kunit_try_run_case+0x170/0x3f0 [ 20.363240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.363358] kthread+0x328/0x630 [ 20.363429] ret_from_fork+0x10/0x20 [ 20.363549] [ 20.363570] The buggy address belongs to the object at fff00000c6ecf000 [ 20.363570] which belongs to the cache test_cache of size 200 [ 20.363660] The buggy address is located 1 bytes inside of [ 20.363660] 200-byte region [fff00000c6ecf000, fff00000c6ecf0c8) [ 20.364002] [ 20.364108] The buggy address belongs to the physical page: [ 20.364208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106ecf [ 20.364267] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.364615] page_type: f5(slab) [ 20.364726] raw: 0bfffe0000000000 fff00000c471a640 dead000000000122 0000000000000000 [ 20.364804] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.364948] page dumped because: kasan: bad access detected [ 20.365016] [ 20.365116] Memory state around the buggy address: [ 20.365152] fff00000c6ecef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.365443] fff00000c6ecef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.365572] >fff00000c6ecf000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.365663] ^ [ 20.365756] fff00000c6ecf080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.365800] fff00000c6ecf100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.365840] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.332684] ================================================================== [ 20.332807] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 20.333083] Free of addr fff00000c63aa000 by task kunit_try_catch/210 [ 20.333196] [ 20.333324] CPU: 1 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.333500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.333559] Hardware name: linux,dummy-virt (DT) [ 20.333614] Call trace: [ 20.333654] show_stack+0x20/0x38 (C) [ 20.333840] dump_stack_lvl+0x8c/0xd0 [ 20.333902] print_report+0x118/0x608 [ 20.334016] kasan_report_invalid_free+0xc0/0xe8 [ 20.334123] check_slab_allocation+0xd4/0x108 [ 20.334280] __kasan_slab_pre_free+0x2c/0x48 [ 20.334368] kmem_cache_free+0xf0/0x468 [ 20.334433] kmem_cache_double_free+0x190/0x3c8 [ 20.334629] kunit_try_run_case+0x170/0x3f0 [ 20.334744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.334902] kthread+0x328/0x630 [ 20.334951] ret_from_fork+0x10/0x20 [ 20.335125] [ 20.335148] Allocated by task 210: [ 20.335238] kasan_save_stack+0x3c/0x68 [ 20.335313] kasan_save_track+0x20/0x40 [ 20.335487] kasan_save_alloc_info+0x40/0x58 [ 20.335534] __kasan_slab_alloc+0xa8/0xb0 [ 20.335604] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.335769] kmem_cache_double_free+0x12c/0x3c8 [ 20.335821] kunit_try_run_case+0x170/0x3f0 [ 20.335862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.336172] kthread+0x328/0x630 [ 20.336336] ret_from_fork+0x10/0x20 [ 20.336416] [ 20.336529] Freed by task 210: [ 20.336618] kasan_save_stack+0x3c/0x68 [ 20.336692] kasan_save_track+0x20/0x40 [ 20.336792] kasan_save_free_info+0x4c/0x78 [ 20.336890] __kasan_slab_free+0x6c/0x98 [ 20.337154] kmem_cache_free+0x260/0x468 [ 20.337224] kmem_cache_double_free+0x140/0x3c8 [ 20.337393] kunit_try_run_case+0x170/0x3f0 [ 20.337479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.337602] kthread+0x328/0x630 [ 20.337635] ret_from_fork+0x10/0x20 [ 20.337915] [ 20.337956] The buggy address belongs to the object at fff00000c63aa000 [ 20.337956] which belongs to the cache test_cache of size 200 [ 20.338088] The buggy address is located 0 bytes inside of [ 20.338088] 200-byte region [fff00000c63aa000, fff00000c63aa0c8) [ 20.338236] [ 20.338297] The buggy address belongs to the physical page: [ 20.338362] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063aa [ 20.338500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.338597] page_type: f5(slab) [ 20.338906] raw: 0bfffe0000000000 fff00000c471a500 dead000000000122 0000000000000000 [ 20.339041] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.339110] page dumped because: kasan: bad access detected [ 20.339169] [ 20.339269] Memory state around the buggy address: [ 20.339346] fff00000c63a9f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.339484] fff00000c63a9f80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.339751] >fff00000c63aa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.339802] ^ [ 20.340074] fff00000c63aa080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.340219] fff00000c63aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.340318] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 20.067007] ================================================================== [ 20.067100] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 20.067164] Read of size 1 at addr fff00000c64590c8 by task kunit_try_catch/208 [ 20.067235] [ 20.067630] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.068163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.068555] Hardware name: linux,dummy-virt (DT) [ 20.068752] Call trace: [ 20.068792] show_stack+0x20/0x38 (C) [ 20.068915] dump_stack_lvl+0x8c/0xd0 [ 20.069004] print_report+0x118/0x608 [ 20.069107] kasan_report+0xdc/0x128 [ 20.069547] __asan_report_load1_noabort+0x20/0x30 [ 20.069639] kmem_cache_oob+0x344/0x430 [ 20.069747] kunit_try_run_case+0x170/0x3f0 [ 20.069845] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.069941] kthread+0x328/0x630 [ 20.070080] ret_from_fork+0x10/0x20 [ 20.070135] [ 20.070153] Allocated by task 208: [ 20.070193] kasan_save_stack+0x3c/0x68 [ 20.070479] kasan_save_track+0x20/0x40 [ 20.070694] kasan_save_alloc_info+0x40/0x58 [ 20.070820] __kasan_slab_alloc+0xa8/0xb0 [ 20.070878] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.070943] kmem_cache_oob+0x12c/0x430 [ 20.071070] kunit_try_run_case+0x170/0x3f0 [ 20.071111] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.071310] kthread+0x328/0x630 [ 20.071668] ret_from_fork+0x10/0x20 [ 20.071736] [ 20.071820] The buggy address belongs to the object at fff00000c6459000 [ 20.071820] which belongs to the cache test_cache of size 200 [ 20.071918] The buggy address is located 0 bytes to the right of [ 20.071918] allocated 200-byte region [fff00000c6459000, fff00000c64590c8) [ 20.072023] [ 20.072726] The buggy address belongs to the physical page: [ 20.072793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106459 [ 20.072910] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.073003] page_type: f5(slab) [ 20.073067] raw: 0bfffe0000000000 fff00000c471a3c0 dead000000000122 0000000000000000 [ 20.074135] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.074201] page dumped because: kasan: bad access detected [ 20.074342] [ 20.074365] Memory state around the buggy address: [ 20.074409] fff00000c6458f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.074771] fff00000c6459000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.074866] >fff00000c6459080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.074954] ^ [ 20.075025] fff00000c6459100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.075140] fff00000c6459180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.075198] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 20.022964] ================================================================== [ 20.023046] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 20.023443] Read of size 8 at addr fff00000c64b3f00 by task kunit_try_catch/201 [ 20.023533] [ 20.023569] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.023743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.023792] Hardware name: linux,dummy-virt (DT) [ 20.023831] Call trace: [ 20.023860] show_stack+0x20/0x38 (C) [ 20.024080] dump_stack_lvl+0x8c/0xd0 [ 20.024316] print_report+0x118/0x608 [ 20.024484] kasan_report+0xdc/0x128 [ 20.024584] __asan_report_load8_noabort+0x20/0x30 [ 20.024672] workqueue_uaf+0x480/0x4a8 [ 20.024802] kunit_try_run_case+0x170/0x3f0 [ 20.024855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.025058] kthread+0x328/0x630 [ 20.025119] ret_from_fork+0x10/0x20 [ 20.025318] [ 20.025460] Allocated by task 201: [ 20.025528] kasan_save_stack+0x3c/0x68 [ 20.025610] kasan_save_track+0x20/0x40 [ 20.025741] kasan_save_alloc_info+0x40/0x58 [ 20.025807] __kasan_kmalloc+0xd4/0xd8 [ 20.025876] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.026226] workqueue_uaf+0x13c/0x4a8 [ 20.026365] kunit_try_run_case+0x170/0x3f0 [ 20.026440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.026563] kthread+0x328/0x630 [ 20.026642] ret_from_fork+0x10/0x20 [ 20.026714] [ 20.026785] Freed by task 48: [ 20.026823] kasan_save_stack+0x3c/0x68 [ 20.026879] kasan_save_track+0x20/0x40 [ 20.027233] kasan_save_free_info+0x4c/0x78 [ 20.027309] __kasan_slab_free+0x6c/0x98 [ 20.027459] kfree+0x214/0x3c8 [ 20.027526] workqueue_uaf_work+0x18/0x30 [ 20.027659] process_one_work+0x530/0xf98 [ 20.027730] worker_thread+0x618/0xf38 [ 20.027767] kthread+0x328/0x630 [ 20.028051] ret_from_fork+0x10/0x20 [ 20.028263] [ 20.028376] Last potentially related work creation: [ 20.028477] kasan_save_stack+0x3c/0x68 [ 20.028619] kasan_record_aux_stack+0xb4/0xc8 [ 20.028785] __queue_work+0x65c/0x1008 [ 20.028832] queue_work_on+0xbc/0xf8 [ 20.028870] workqueue_uaf+0x210/0x4a8 [ 20.028915] kunit_try_run_case+0x170/0x3f0 [ 20.028959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.029006] kthread+0x328/0x630 [ 20.029040] ret_from_fork+0x10/0x20 [ 20.029769] [ 20.030234] The buggy address belongs to the object at fff00000c64b3f00 [ 20.030234] which belongs to the cache kmalloc-32 of size 32 [ 20.030439] The buggy address is located 0 bytes inside of [ 20.030439] freed 32-byte region [fff00000c64b3f00, fff00000c64b3f20) [ 20.030576] [ 20.030616] The buggy address belongs to the physical page: [ 20.030665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b3 [ 20.032613] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.032960] page_type: f5(slab) [ 20.033178] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.033256] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.033564] page dumped because: kasan: bad access detected [ 20.033786] [ 20.033832] Memory state around the buggy address: [ 20.033869] fff00000c64b3e00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.034059] fff00000c64b3e80: 00 00 00 07 fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.034277] >fff00000c64b3f00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.034361] ^ [ 20.034433] fff00000c64b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.034496] fff00000c64b4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.034810] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.993319] ================================================================== [ 19.993527] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.993590] Read of size 4 at addr fff00000c64b3cc0 by task swapper/1/0 [ 19.993868] [ 19.994051] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.994197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.994237] Hardware name: linux,dummy-virt (DT) [ 19.994270] Call trace: [ 19.994292] show_stack+0x20/0x38 (C) [ 19.994367] dump_stack_lvl+0x8c/0xd0 [ 19.994726] print_report+0x118/0x608 [ 19.994798] kasan_report+0xdc/0x128 [ 19.995029] __asan_report_load4_noabort+0x20/0x30 [ 19.995119] rcu_uaf_reclaim+0x64/0x70 [ 19.995167] rcu_core+0x9f4/0x1e20 [ 19.995442] rcu_core_si+0x18/0x30 [ 19.995498] handle_softirqs+0x374/0xb28 [ 19.995675] __do_softirq+0x1c/0x28 [ 19.995862] ____do_softirq+0x18/0x30 [ 19.995938] call_on_irq_stack+0x24/0x30 [ 19.995989] do_softirq_own_stack+0x24/0x38 [ 19.996348] __irq_exit_rcu+0x1fc/0x318 [ 19.996442] irq_exit_rcu+0x1c/0x80 [ 19.996488] el1_interrupt+0x38/0x58 [ 19.996562] el1h_64_irq_handler+0x18/0x28 [ 19.996610] el1h_64_irq+0x6c/0x70 [ 19.996738] arch_local_irq_enable+0x4/0x8 (P) [ 19.997129] do_idle+0x384/0x4e8 [ 19.997292] cpu_startup_entry+0x64/0x80 [ 19.997369] secondary_start_kernel+0x288/0x340 [ 19.997513] __secondary_switched+0xc0/0xc8 [ 19.997869] [ 19.997932] Allocated by task 199: [ 19.998096] kasan_save_stack+0x3c/0x68 [ 19.998162] kasan_save_track+0x20/0x40 [ 19.998275] kasan_save_alloc_info+0x40/0x58 [ 19.998332] __kasan_kmalloc+0xd4/0xd8 [ 19.998387] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.998728] rcu_uaf+0xb0/0x2d8 [ 19.998893] kunit_try_run_case+0x170/0x3f0 [ 19.999042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.999132] kthread+0x328/0x630 [ 19.999278] ret_from_fork+0x10/0x20 [ 19.999330] [ 19.999359] Freed by task 0: [ 19.999671] kasan_save_stack+0x3c/0x68 [ 19.999852] kasan_save_track+0x20/0x40 [ 19.999932] kasan_save_free_info+0x4c/0x78 [ 20.000122] __kasan_slab_free+0x6c/0x98 [ 20.000184] kfree+0x214/0x3c8 [ 20.000459] rcu_uaf_reclaim+0x28/0x70 [ 20.000686] rcu_core+0x9f4/0x1e20 [ 20.000801] rcu_core_si+0x18/0x30 [ 20.000839] handle_softirqs+0x374/0xb28 [ 20.000876] __do_softirq+0x1c/0x28 [ 20.000935] [ 20.000971] Last potentially related work creation: [ 20.001025] kasan_save_stack+0x3c/0x68 [ 20.001082] kasan_record_aux_stack+0xb4/0xc8 [ 20.001124] __call_rcu_common.constprop.0+0x74/0x8c8 [ 20.001176] call_rcu+0x18/0x30 [ 20.001221] rcu_uaf+0x14c/0x2d8 [ 20.001259] kunit_try_run_case+0x170/0x3f0 [ 20.001297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.001351] kthread+0x328/0x630 [ 20.001391] ret_from_fork+0x10/0x20 [ 20.001448] [ 20.001493] The buggy address belongs to the object at fff00000c64b3cc0 [ 20.001493] which belongs to the cache kmalloc-32 of size 32 [ 20.001584] The buggy address is located 0 bytes inside of [ 20.001584] freed 32-byte region [fff00000c64b3cc0, fff00000c64b3ce0) [ 20.001679] [ 20.001701] The buggy address belongs to the physical page: [ 20.001735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b3 [ 20.001810] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.001870] page_type: f5(slab) [ 20.001923] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 20.002002] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.002045] page dumped because: kasan: bad access detected [ 20.002092] [ 20.002110] Memory state around the buggy address: [ 20.002153] fff00000c64b3b80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.002207] fff00000c64b3c00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 20.002259] >fff00000c64b3c80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.002309] ^ [ 20.002352] fff00000c64b3d00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.002407] fff00000c64b3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.002444] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.964956] ================================================================== [ 19.965027] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 19.965106] Read of size 1 at addr fff00000c64b5378 by task kunit_try_catch/197 [ 19.965162] [ 19.965200] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.965313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.965339] Hardware name: linux,dummy-virt (DT) [ 19.965389] Call trace: [ 19.965444] show_stack+0x20/0x38 (C) [ 19.965551] dump_stack_lvl+0x8c/0xd0 [ 19.965606] print_report+0x118/0x608 [ 19.965663] kasan_report+0xdc/0x128 [ 19.965711] __asan_report_load1_noabort+0x20/0x30 [ 19.965762] ksize_uaf+0x544/0x5f8 [ 19.966058] kunit_try_run_case+0x170/0x3f0 [ 19.966115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.966169] kthread+0x328/0x630 [ 19.966229] ret_from_fork+0x10/0x20 [ 19.966285] [ 19.966305] Allocated by task 197: [ 19.966386] kasan_save_stack+0x3c/0x68 [ 19.966440] kasan_save_track+0x20/0x40 [ 19.966496] kasan_save_alloc_info+0x40/0x58 [ 19.966559] __kasan_kmalloc+0xd4/0xd8 [ 19.966633] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.966701] ksize_uaf+0xb8/0x5f8 [ 19.966748] kunit_try_run_case+0x170/0x3f0 [ 19.966788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.966833] kthread+0x328/0x630 [ 19.966873] ret_from_fork+0x10/0x20 [ 19.966910] [ 19.966939] Freed by task 197: [ 19.966967] kasan_save_stack+0x3c/0x68 [ 19.967004] kasan_save_track+0x20/0x40 [ 19.967043] kasan_save_free_info+0x4c/0x78 [ 19.967083] __kasan_slab_free+0x6c/0x98 [ 19.967121] kfree+0x214/0x3c8 [ 19.967158] ksize_uaf+0x11c/0x5f8 [ 19.967192] kunit_try_run_case+0x170/0x3f0 [ 19.967240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.967285] kthread+0x328/0x630 [ 19.967322] ret_from_fork+0x10/0x20 [ 19.967367] [ 19.967386] The buggy address belongs to the object at fff00000c64b5300 [ 19.967386] which belongs to the cache kmalloc-128 of size 128 [ 19.967453] The buggy address is located 120 bytes inside of [ 19.967453] freed 128-byte region [fff00000c64b5300, fff00000c64b5380) [ 19.967515] [ 19.967534] The buggy address belongs to the physical page: [ 19.967565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.967617] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.967665] page_type: f5(slab) [ 19.967703] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.967753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.967793] page dumped because: kasan: bad access detected [ 19.967824] [ 19.967860] Memory state around the buggy address: [ 19.967911] fff00000c64b5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.967955] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968004] >fff00000c64b5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.968110] ^ [ 19.968184] fff00000c64b5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968228] fff00000c64b5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968291] ================================================================== [ 19.959346] ================================================================== [ 19.959445] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 19.959511] Read of size 1 at addr fff00000c64b5300 by task kunit_try_catch/197 [ 19.959578] [ 19.959607] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.959692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.959719] Hardware name: linux,dummy-virt (DT) [ 19.959751] Call trace: [ 19.960054] show_stack+0x20/0x38 (C) [ 19.960104] dump_stack_lvl+0x8c/0xd0 [ 19.960184] print_report+0x118/0x608 [ 19.960251] kasan_report+0xdc/0x128 [ 19.960314] __asan_report_load1_noabort+0x20/0x30 [ 19.960377] ksize_uaf+0x598/0x5f8 [ 19.960431] kunit_try_run_case+0x170/0x3f0 [ 19.960479] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.960533] kthread+0x328/0x630 [ 19.960577] ret_from_fork+0x10/0x20 [ 19.960625] [ 19.960643] Allocated by task 197: [ 19.960671] kasan_save_stack+0x3c/0x68 [ 19.960712] kasan_save_track+0x20/0x40 [ 19.960751] kasan_save_alloc_info+0x40/0x58 [ 19.961090] __kasan_kmalloc+0xd4/0xd8 [ 19.961167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.961277] ksize_uaf+0xb8/0x5f8 [ 19.961326] kunit_try_run_case+0x170/0x3f0 [ 19.961425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.961543] kthread+0x328/0x630 [ 19.961604] ret_from_fork+0x10/0x20 [ 19.961723] [ 19.961761] Freed by task 197: [ 19.961787] kasan_save_stack+0x3c/0x68 [ 19.961851] kasan_save_track+0x20/0x40 [ 19.962157] kasan_save_free_info+0x4c/0x78 [ 19.962226] __kasan_slab_free+0x6c/0x98 [ 19.962361] kfree+0x214/0x3c8 [ 19.962428] ksize_uaf+0x11c/0x5f8 [ 19.962543] kunit_try_run_case+0x170/0x3f0 [ 19.962622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.962696] kthread+0x328/0x630 [ 19.962787] ret_from_fork+0x10/0x20 [ 19.962857] [ 19.962908] The buggy address belongs to the object at fff00000c64b5300 [ 19.962908] which belongs to the cache kmalloc-128 of size 128 [ 19.963037] The buggy address is located 0 bytes inside of [ 19.963037] freed 128-byte region [fff00000c64b5300, fff00000c64b5380) [ 19.963111] [ 19.963131] The buggy address belongs to the physical page: [ 19.963163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.963497] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.963584] page_type: f5(slab) [ 19.963667] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.963743] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.963855] page dumped because: kasan: bad access detected [ 19.963923] [ 19.963982] Memory state around the buggy address: [ 19.964063] fff00000c64b5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.964134] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.964187] >fff00000c64b5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.964231] ^ [ 19.964271] fff00000c64b5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.964315] fff00000c64b5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.964353] ================================================================== [ 19.955252] ================================================================== [ 19.955312] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 19.955597] Read of size 1 at addr fff00000c64b5300 by task kunit_try_catch/197 [ 19.955649] [ 19.955679] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.955769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.955797] Hardware name: linux,dummy-virt (DT) [ 19.955844] Call trace: [ 19.955883] show_stack+0x20/0x38 (C) [ 19.955934] dump_stack_lvl+0x8c/0xd0 [ 19.955981] print_report+0x118/0x608 [ 19.956030] kasan_report+0xdc/0x128 [ 19.956150] __kasan_check_byte+0x54/0x70 [ 19.956236] ksize+0x30/0x88 [ 19.956368] ksize_uaf+0x168/0x5f8 [ 19.956434] kunit_try_run_case+0x170/0x3f0 [ 19.956484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.956538] kthread+0x328/0x630 [ 19.956601] ret_from_fork+0x10/0x20 [ 19.956650] [ 19.956668] Allocated by task 197: [ 19.956697] kasan_save_stack+0x3c/0x68 [ 19.956739] kasan_save_track+0x20/0x40 [ 19.956778] kasan_save_alloc_info+0x40/0x58 [ 19.956819] __kasan_kmalloc+0xd4/0xd8 [ 19.956856] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.956897] ksize_uaf+0xb8/0x5f8 [ 19.956934] kunit_try_run_case+0x170/0x3f0 [ 19.957026] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.957108] kthread+0x328/0x630 [ 19.957166] ret_from_fork+0x10/0x20 [ 19.957221] [ 19.957283] Freed by task 197: [ 19.957423] kasan_save_stack+0x3c/0x68 [ 19.957500] kasan_save_track+0x20/0x40 [ 19.957608] kasan_save_free_info+0x4c/0x78 [ 19.957661] __kasan_slab_free+0x6c/0x98 [ 19.957701] kfree+0x214/0x3c8 [ 19.957735] ksize_uaf+0x11c/0x5f8 [ 19.957771] kunit_try_run_case+0x170/0x3f0 [ 19.957819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.957864] kthread+0x328/0x630 [ 19.957897] ret_from_fork+0x10/0x20 [ 19.957941] [ 19.957961] The buggy address belongs to the object at fff00000c64b5300 [ 19.957961] which belongs to the cache kmalloc-128 of size 128 [ 19.958027] The buggy address is located 0 bytes inside of [ 19.958027] freed 128-byte region [fff00000c64b5300, fff00000c64b5380) [ 19.958099] [ 19.958119] The buggy address belongs to the physical page: [ 19.958159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.958219] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.958268] page_type: f5(slab) [ 19.958315] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.958376] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.958426] page dumped because: kasan: bad access detected [ 19.958457] [ 19.958475] Memory state around the buggy address: [ 19.958507] fff00000c64b5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.958550] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.958593] >fff00000c64b5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.958631] ^ [ 19.958657] fff00000c64b5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.958700] fff00000c64b5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.958739] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.944767] ================================================================== [ 19.944821] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.944891] Read of size 1 at addr fff00000c64b5278 by task kunit_try_catch/195 [ 19.944946] [ 19.944992] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.945086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.945115] Hardware name: linux,dummy-virt (DT) [ 19.945153] Call trace: [ 19.945188] show_stack+0x20/0x38 (C) [ 19.945238] dump_stack_lvl+0x8c/0xd0 [ 19.945284] print_report+0x118/0x608 [ 19.945331] kasan_report+0xdc/0x128 [ 19.945442] __asan_report_load1_noabort+0x20/0x30 [ 19.945705] ksize_unpoisons_memory+0x618/0x740 [ 19.945754] kunit_try_run_case+0x170/0x3f0 [ 19.945804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.945858] kthread+0x328/0x630 [ 19.945903] ret_from_fork+0x10/0x20 [ 19.945950] [ 19.945967] Allocated by task 195: [ 19.945994] kasan_save_stack+0x3c/0x68 [ 19.946035] kasan_save_track+0x20/0x40 [ 19.946072] kasan_save_alloc_info+0x40/0x58 [ 19.946114] __kasan_kmalloc+0xd4/0xd8 [ 19.946151] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.946190] ksize_unpoisons_memory+0xc0/0x740 [ 19.946229] kunit_try_run_case+0x170/0x3f0 [ 19.946267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.946309] kthread+0x328/0x630 [ 19.946341] ret_from_fork+0x10/0x20 [ 19.946376] [ 19.946394] The buggy address belongs to the object at fff00000c64b5200 [ 19.946394] which belongs to the cache kmalloc-128 of size 128 [ 19.946471] The buggy address is located 5 bytes to the right of [ 19.946471] allocated 115-byte region [fff00000c64b5200, fff00000c64b5273) [ 19.946537] [ 19.946555] The buggy address belongs to the physical page: [ 19.946586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.946640] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.946688] page_type: f5(slab) [ 19.946725] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.946776] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.946829] page dumped because: kasan: bad access detected [ 19.946871] [ 19.946891] Memory state around the buggy address: [ 19.946922] fff00000c64b5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.946974] fff00000c64b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.947027] >fff00000c64b5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.947065] ^ [ 19.947115] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.947181] fff00000c64b5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.947220] ================================================================== [ 19.939700] ================================================================== [ 19.939794] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.939864] Read of size 1 at addr fff00000c64b5273 by task kunit_try_catch/195 [ 19.939917] [ 19.939957] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.940044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.941118] Hardware name: linux,dummy-virt (DT) [ 19.941155] Call trace: [ 19.941182] show_stack+0x20/0x38 (C) [ 19.941244] dump_stack_lvl+0x8c/0xd0 [ 19.941294] print_report+0x118/0x608 [ 19.941343] kasan_report+0xdc/0x128 [ 19.941390] __asan_report_load1_noabort+0x20/0x30 [ 19.941458] ksize_unpoisons_memory+0x628/0x740 [ 19.941548] kunit_try_run_case+0x170/0x3f0 [ 19.941656] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.941736] kthread+0x328/0x630 [ 19.941815] ret_from_fork+0x10/0x20 [ 19.941913] [ 19.941985] Allocated by task 195: [ 19.942069] kasan_save_stack+0x3c/0x68 [ 19.942141] kasan_save_track+0x20/0x40 [ 19.942180] kasan_save_alloc_info+0x40/0x58 [ 19.942222] __kasan_kmalloc+0xd4/0xd8 [ 19.942259] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.942301] ksize_unpoisons_memory+0xc0/0x740 [ 19.942341] kunit_try_run_case+0x170/0x3f0 [ 19.942380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.942444] kthread+0x328/0x630 [ 19.942479] ret_from_fork+0x10/0x20 [ 19.942563] [ 19.942631] The buggy address belongs to the object at fff00000c64b5200 [ 19.942631] which belongs to the cache kmalloc-128 of size 128 [ 19.942745] The buggy address is located 0 bytes to the right of [ 19.942745] allocated 115-byte region [fff00000c64b5200, fff00000c64b5273) [ 19.942848] [ 19.942893] The buggy address belongs to the physical page: [ 19.942962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.943038] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.943093] page_type: f5(slab) [ 19.943354] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.943500] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.943555] page dumped because: kasan: bad access detected [ 19.943587] [ 19.943615] Memory state around the buggy address: [ 19.943657] fff00000c64b5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.943719] fff00000c64b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.943776] >fff00000c64b5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.943817] ^ [ 19.943858] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.943915] fff00000c64b5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.943956] ================================================================== [ 19.947357] ================================================================== [ 19.947419] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.947466] Read of size 1 at addr fff00000c64b527f by task kunit_try_catch/195 [ 19.947517] [ 19.947555] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.947638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.947672] Hardware name: linux,dummy-virt (DT) [ 19.947703] Call trace: [ 19.947732] show_stack+0x20/0x38 (C) [ 19.947783] dump_stack_lvl+0x8c/0xd0 [ 19.947829] print_report+0x118/0x608 [ 19.947887] kasan_report+0xdc/0x128 [ 19.947933] __asan_report_load1_noabort+0x20/0x30 [ 19.947993] ksize_unpoisons_memory+0x690/0x740 [ 19.948081] kunit_try_run_case+0x170/0x3f0 [ 19.948132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.948187] kthread+0x328/0x630 [ 19.948229] ret_from_fork+0x10/0x20 [ 19.948278] [ 19.948297] Allocated by task 195: [ 19.948325] kasan_save_stack+0x3c/0x68 [ 19.948365] kasan_save_track+0x20/0x40 [ 19.948421] kasan_save_alloc_info+0x40/0x58 [ 19.948462] __kasan_kmalloc+0xd4/0xd8 [ 19.948500] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.948540] ksize_unpoisons_memory+0xc0/0x740 [ 19.948580] kunit_try_run_case+0x170/0x3f0 [ 19.948619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.948702] kthread+0x328/0x630 [ 19.948758] ret_from_fork+0x10/0x20 [ 19.948794] [ 19.948813] The buggy address belongs to the object at fff00000c64b5200 [ 19.948813] which belongs to the cache kmalloc-128 of size 128 [ 19.948872] The buggy address is located 12 bytes to the right of [ 19.948872] allocated 115-byte region [fff00000c64b5200, fff00000c64b5273) [ 19.948939] [ 19.948959] The buggy address belongs to the physical page: [ 19.948989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.949041] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.949095] page_type: f5(slab) [ 19.949154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.949230] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.949308] page dumped because: kasan: bad access detected [ 19.949367] [ 19.949478] Memory state around the buggy address: [ 19.949546] fff00000c64b5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.949624] fff00000c64b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.949685] >fff00000c64b5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.949752] ^ [ 19.949812] fff00000c64b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.949881] fff00000c64b5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.949940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.878566] ================================================================== [ 19.878965] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.879030] Free of addr fff00000c63901a0 by task kunit_try_catch/193 [ 19.879074] [ 19.879102] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.879544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.879656] Hardware name: linux,dummy-virt (DT) [ 19.879693] Call trace: [ 19.879778] show_stack+0x20/0x38 (C) [ 19.879862] dump_stack_lvl+0x8c/0xd0 [ 19.879917] print_report+0x118/0x608 [ 19.880053] kasan_report_invalid_free+0xc0/0xe8 [ 19.880144] check_slab_allocation+0xd4/0x108 [ 19.880348] __kasan_slab_pre_free+0x2c/0x48 [ 19.880623] kfree+0xe8/0x3c8 [ 19.880700] kfree_sensitive+0x3c/0xb0 [ 19.880854] kmalloc_double_kzfree+0x168/0x308 [ 19.880952] kunit_try_run_case+0x170/0x3f0 [ 19.881085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.881177] kthread+0x328/0x630 [ 19.881247] ret_from_fork+0x10/0x20 [ 19.881461] [ 19.881572] Allocated by task 193: [ 19.881737] kasan_save_stack+0x3c/0x68 [ 19.882427] kasan_save_track+0x20/0x40 [ 19.882475] kasan_save_alloc_info+0x40/0x58 [ 19.882515] __kasan_kmalloc+0xd4/0xd8 [ 19.882553] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.882593] kmalloc_double_kzfree+0xb8/0x308 [ 19.882633] kunit_try_run_case+0x170/0x3f0 [ 19.882672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.882716] kthread+0x328/0x630 [ 19.882750] ret_from_fork+0x10/0x20 [ 19.882785] [ 19.882805] Freed by task 193: [ 19.882832] kasan_save_stack+0x3c/0x68 [ 19.882870] kasan_save_track+0x20/0x40 [ 19.882909] kasan_save_free_info+0x4c/0x78 [ 19.882950] __kasan_slab_free+0x6c/0x98 [ 19.882988] kfree+0x214/0x3c8 [ 19.883024] kfree_sensitive+0x80/0xb0 [ 19.883060] kmalloc_double_kzfree+0x11c/0x308 [ 19.883099] kunit_try_run_case+0x170/0x3f0 [ 19.883138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.883182] kthread+0x328/0x630 [ 19.883215] ret_from_fork+0x10/0x20 [ 19.883254] [ 19.883273] The buggy address belongs to the object at fff00000c63901a0 [ 19.883273] which belongs to the cache kmalloc-16 of size 16 [ 19.883334] The buggy address is located 0 bytes inside of [ 19.883334] 16-byte region [fff00000c63901a0, fff00000c63901b0) [ 19.883393] [ 19.883451] The buggy address belongs to the physical page: [ 19.883547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.883620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.884038] page_type: f5(slab) [ 19.884112] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.884165] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.884206] page dumped because: kasan: bad access detected [ 19.884238] [ 19.884721] Memory state around the buggy address: [ 19.884762] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.884807] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.885352] >fff00000c6390180: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.885996] ^ [ 19.886199] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.886247] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.886975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.868336] ================================================================== [ 19.868411] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.868469] Read of size 1 at addr fff00000c63901a0 by task kunit_try_catch/193 [ 19.868519] [ 19.868552] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.868637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.868664] Hardware name: linux,dummy-virt (DT) [ 19.868695] Call trace: [ 19.868716] show_stack+0x20/0x38 (C) [ 19.868767] dump_stack_lvl+0x8c/0xd0 [ 19.868814] print_report+0x118/0x608 [ 19.868928] kasan_report+0xdc/0x128 [ 19.868989] __kasan_check_byte+0x54/0x70 [ 19.869036] kfree_sensitive+0x30/0xb0 [ 19.869097] kmalloc_double_kzfree+0x168/0x308 [ 19.869145] kunit_try_run_case+0x170/0x3f0 [ 19.869195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.869248] kthread+0x328/0x630 [ 19.869290] ret_from_fork+0x10/0x20 [ 19.869340] [ 19.869359] Allocated by task 193: [ 19.869388] kasan_save_stack+0x3c/0x68 [ 19.870143] kasan_save_track+0x20/0x40 [ 19.870525] kasan_save_alloc_info+0x40/0x58 [ 19.870624] __kasan_kmalloc+0xd4/0xd8 [ 19.870755] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.870824] kmalloc_double_kzfree+0xb8/0x308 [ 19.870949] kunit_try_run_case+0x170/0x3f0 [ 19.871002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.871065] kthread+0x328/0x630 [ 19.871599] ret_from_fork+0x10/0x20 [ 19.871851] [ 19.871914] Freed by task 193: [ 19.872066] kasan_save_stack+0x3c/0x68 [ 19.872128] kasan_save_track+0x20/0x40 [ 19.872241] kasan_save_free_info+0x4c/0x78 [ 19.872311] __kasan_slab_free+0x6c/0x98 [ 19.872412] kfree+0x214/0x3c8 [ 19.872590] kfree_sensitive+0x80/0xb0 [ 19.872871] kmalloc_double_kzfree+0x11c/0x308 [ 19.873012] kunit_try_run_case+0x170/0x3f0 [ 19.873097] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.873176] kthread+0x328/0x630 [ 19.873282] ret_from_fork+0x10/0x20 [ 19.873372] [ 19.873490] The buggy address belongs to the object at fff00000c63901a0 [ 19.873490] which belongs to the cache kmalloc-16 of size 16 [ 19.873587] The buggy address is located 0 bytes inside of [ 19.873587] freed 16-byte region [fff00000c63901a0, fff00000c63901b0) [ 19.873924] [ 19.874007] The buggy address belongs to the physical page: [ 19.874108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.874214] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.874371] page_type: f5(slab) [ 19.874440] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.874562] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.874607] page dumped because: kasan: bad access detected [ 19.874639] [ 19.874922] Memory state around the buggy address: [ 19.875005] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.875164] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.875234] >fff00000c6390180: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.875292] ^ [ 19.875423] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.875491] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.875547] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.839842] ================================================================== [ 19.839919] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.841501] Read of size 1 at addr fff00000c63a2628 by task kunit_try_catch/189 [ 19.841701] [ 19.841845] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.841947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.842012] Hardware name: linux,dummy-virt (DT) [ 19.842107] Call trace: [ 19.842178] show_stack+0x20/0x38 (C) [ 19.842251] dump_stack_lvl+0x8c/0xd0 [ 19.842508] print_report+0x118/0x608 [ 19.842669] kasan_report+0xdc/0x128 [ 19.842760] __asan_report_load1_noabort+0x20/0x30 [ 19.842935] kmalloc_uaf2+0x3f4/0x468 [ 19.843026] kunit_try_run_case+0x170/0x3f0 [ 19.843187] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.843244] kthread+0x328/0x630 [ 19.843587] ret_from_fork+0x10/0x20 [ 19.843684] [ 19.843796] Allocated by task 189: [ 19.843853] kasan_save_stack+0x3c/0x68 [ 19.843922] kasan_save_track+0x20/0x40 [ 19.844015] kasan_save_alloc_info+0x40/0x58 [ 19.844103] __kasan_kmalloc+0xd4/0xd8 [ 19.844161] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.844231] kmalloc_uaf2+0xc4/0x468 [ 19.844554] kunit_try_run_case+0x170/0x3f0 [ 19.845144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.845236] kthread+0x328/0x630 [ 19.845319] ret_from_fork+0x10/0x20 [ 19.845445] [ 19.845498] Freed by task 189: [ 19.845577] kasan_save_stack+0x3c/0x68 [ 19.845618] kasan_save_track+0x20/0x40 [ 19.845793] kasan_save_free_info+0x4c/0x78 [ 19.845923] __kasan_slab_free+0x6c/0x98 [ 19.845989] kfree+0x214/0x3c8 [ 19.846114] kmalloc_uaf2+0x134/0x468 [ 19.846164] kunit_try_run_case+0x170/0x3f0 [ 19.846243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.846523] kthread+0x328/0x630 [ 19.846559] ret_from_fork+0x10/0x20 [ 19.846619] [ 19.846665] The buggy address belongs to the object at fff00000c63a2600 [ 19.846665] which belongs to the cache kmalloc-64 of size 64 [ 19.846738] The buggy address is located 40 bytes inside of [ 19.846738] freed 64-byte region [fff00000c63a2600, fff00000c63a2640) [ 19.847034] [ 19.847129] The buggy address belongs to the physical page: [ 19.847186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a2 [ 19.847294] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.847372] page_type: f5(slab) [ 19.847443] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.847560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.847641] page dumped because: kasan: bad access detected [ 19.847741] [ 19.847794] Memory state around the buggy address: [ 19.847826] fff00000c63a2500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.848127] fff00000c63a2580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.848185] >fff00000c63a2600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.848224] ^ [ 19.848510] fff00000c63a2680: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.848646] fff00000c63a2700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.848750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.829238] ================================================================== [ 19.829361] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 19.829645] Write of size 33 at addr fff00000c63a2480 by task kunit_try_catch/187 [ 19.829775] [ 19.829836] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.829940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.829980] Hardware name: linux,dummy-virt (DT) [ 19.830016] Call trace: [ 19.830081] show_stack+0x20/0x38 (C) [ 19.830156] dump_stack_lvl+0x8c/0xd0 [ 19.830215] print_report+0x118/0x608 [ 19.830317] kasan_report+0xdc/0x128 [ 19.830366] kasan_check_range+0x100/0x1a8 [ 19.830423] __asan_memset+0x34/0x78 [ 19.830477] kmalloc_uaf_memset+0x170/0x310 [ 19.830525] kunit_try_run_case+0x170/0x3f0 [ 19.830576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.830630] kthread+0x328/0x630 [ 19.830682] ret_from_fork+0x10/0x20 [ 19.830733] [ 19.830753] Allocated by task 187: [ 19.830791] kasan_save_stack+0x3c/0x68 [ 19.830844] kasan_save_track+0x20/0x40 [ 19.830883] kasan_save_alloc_info+0x40/0x58 [ 19.830930] __kasan_kmalloc+0xd4/0xd8 [ 19.830966] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.831006] kmalloc_uaf_memset+0xb8/0x310 [ 19.831051] kunit_try_run_case+0x170/0x3f0 [ 19.831093] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831138] kthread+0x328/0x630 [ 19.831173] ret_from_fork+0x10/0x20 [ 19.831209] [ 19.831235] Freed by task 187: [ 19.831263] kasan_save_stack+0x3c/0x68 [ 19.831307] kasan_save_track+0x20/0x40 [ 19.831345] kasan_save_free_info+0x4c/0x78 [ 19.831394] __kasan_slab_free+0x6c/0x98 [ 19.831441] kfree+0x214/0x3c8 [ 19.831475] kmalloc_uaf_memset+0x11c/0x310 [ 19.831511] kunit_try_run_case+0x170/0x3f0 [ 19.831559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.831611] kthread+0x328/0x630 [ 19.831645] ret_from_fork+0x10/0x20 [ 19.831679] [ 19.831705] The buggy address belongs to the object at fff00000c63a2480 [ 19.831705] which belongs to the cache kmalloc-64 of size 64 [ 19.831772] The buggy address is located 0 bytes inside of [ 19.831772] freed 64-byte region [fff00000c63a2480, fff00000c63a24c0) [ 19.831835] [ 19.831854] The buggy address belongs to the physical page: [ 19.831888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a2 [ 19.831947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.831999] page_type: f5(slab) [ 19.832320] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.832390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.832446] page dumped because: kasan: bad access detected [ 19.832480] [ 19.832498] Memory state around the buggy address: [ 19.832531] fff00000c63a2380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.832576] fff00000c63a2400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.832711] >fff00000c63a2480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.832789] ^ [ 19.832900] fff00000c63a2500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.832954] fff00000c63a2580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.833104] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.774748] ================================================================== [ 19.774821] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.774879] Read of size 1 at addr fff00000c6390188 by task kunit_try_catch/185 [ 19.774930] [ 19.774963] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.775048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.775075] Hardware name: linux,dummy-virt (DT) [ 19.775106] Call trace: [ 19.775130] show_stack+0x20/0x38 (C) [ 19.775180] dump_stack_lvl+0x8c/0xd0 [ 19.776825] print_report+0x118/0x608 [ 19.777881] kasan_report+0xdc/0x128 [ 19.778417] __asan_report_load1_noabort+0x20/0x30 [ 19.778534] kmalloc_uaf+0x300/0x338 [ 19.779377] kunit_try_run_case+0x170/0x3f0 [ 19.779608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.779663] kthread+0x328/0x630 [ 19.779706] ret_from_fork+0x10/0x20 [ 19.781771] [ 19.781809] Allocated by task 185: [ 19.781961] kasan_save_stack+0x3c/0x68 [ 19.782607] kasan_save_track+0x20/0x40 [ 19.783517] kasan_save_alloc_info+0x40/0x58 [ 19.784043] __kasan_kmalloc+0xd4/0xd8 [ 19.784276] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.784319] kmalloc_uaf+0xb8/0x338 [ 19.784355] kunit_try_run_case+0x170/0x3f0 [ 19.784394] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.784456] kthread+0x328/0x630 [ 19.785111] ret_from_fork+0x10/0x20 [ 19.785912] [ 19.786231] Freed by task 185: [ 19.786481] kasan_save_stack+0x3c/0x68 [ 19.787060] kasan_save_track+0x20/0x40 [ 19.787149] kasan_save_free_info+0x4c/0x78 [ 19.787797] __kasan_slab_free+0x6c/0x98 [ 19.788125] kfree+0x214/0x3c8 [ 19.788172] kmalloc_uaf+0x11c/0x338 [ 19.788208] kunit_try_run_case+0x170/0x3f0 [ 19.788249] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.788302] kthread+0x328/0x630 [ 19.790046] ret_from_fork+0x10/0x20 [ 19.790299] [ 19.790548] The buggy address belongs to the object at fff00000c6390180 [ 19.790548] which belongs to the cache kmalloc-16 of size 16 [ 19.791226] The buggy address is located 8 bytes inside of [ 19.791226] freed 16-byte region [fff00000c6390180, fff00000c6390190) [ 19.791539] [ 19.791750] The buggy address belongs to the physical page: [ 19.792426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.792491] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.792613] page_type: f5(slab) [ 19.792851] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.792978] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.793511] page dumped because: kasan: bad access detected [ 19.793857] [ 19.793976] Memory state around the buggy address: [ 19.794216] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.794264] fff00000c6390100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.794814] >fff00000c6390180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795941] ^ [ 19.796111] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.796215] fff00000c6390280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.797586] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.755154] ================================================================== [ 19.755215] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.755289] Read of size 64 at addr fff00000c63a2184 by task kunit_try_catch/183 [ 19.755342] [ 19.755375] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.755472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.755511] Hardware name: linux,dummy-virt (DT) [ 19.755543] Call trace: [ 19.755567] show_stack+0x20/0x38 (C) [ 19.755624] dump_stack_lvl+0x8c/0xd0 [ 19.755672] print_report+0x118/0x608 [ 19.755717] kasan_report+0xdc/0x128 [ 19.755763] kasan_check_range+0x100/0x1a8 [ 19.755812] __asan_memmove+0x3c/0x98 [ 19.755854] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.755904] kunit_try_run_case+0x170/0x3f0 [ 19.755953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756006] kthread+0x328/0x630 [ 19.756048] ret_from_fork+0x10/0x20 [ 19.756498] [ 19.756529] Allocated by task 183: [ 19.757071] kasan_save_stack+0x3c/0x68 [ 19.757468] kasan_save_track+0x20/0x40 [ 19.757647] kasan_save_alloc_info+0x40/0x58 [ 19.758071] __kasan_kmalloc+0xd4/0xd8 [ 19.758342] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.758496] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.758614] kunit_try_run_case+0x170/0x3f0 [ 19.758703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.759202] kthread+0x328/0x630 [ 19.759293] ret_from_fork+0x10/0x20 [ 19.759391] [ 19.759425] The buggy address belongs to the object at fff00000c63a2180 [ 19.759425] which belongs to the cache kmalloc-64 of size 64 [ 19.759755] The buggy address is located 4 bytes inside of [ 19.759755] allocated 64-byte region [fff00000c63a2180, fff00000c63a21c0) [ 19.759850] [ 19.759898] The buggy address belongs to the physical page: [ 19.760327] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063a2 [ 19.760417] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.760521] page_type: f5(slab) [ 19.760680] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.760915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.761044] page dumped because: kasan: bad access detected [ 19.761120] [ 19.761176] Memory state around the buggy address: [ 19.761255] fff00000c63a2080: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.761345] fff00000c63a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.761406] >fff00000c63a2180: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.761693] ^ [ 19.761869] fff00000c63a2200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.761953] fff00000c63a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.762220] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.735624] ================================================================== [ 19.735868] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.735952] Read of size 18446744073709551614 at addr fff00000c76c5f84 by task kunit_try_catch/181 [ 19.736152] [ 19.736187] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.736605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.736665] Hardware name: linux,dummy-virt (DT) [ 19.736733] Call trace: [ 19.736826] show_stack+0x20/0x38 (C) [ 19.736930] dump_stack_lvl+0x8c/0xd0 [ 19.737007] print_report+0x118/0x608 [ 19.737147] kasan_report+0xdc/0x128 [ 19.737208] kasan_check_range+0x100/0x1a8 [ 19.737578] __asan_memmove+0x3c/0x98 [ 19.737788] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.738027] kunit_try_run_case+0x170/0x3f0 [ 19.738102] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.738202] kthread+0x328/0x630 [ 19.738325] ret_from_fork+0x10/0x20 [ 19.738463] [ 19.738512] Allocated by task 181: [ 19.738564] kasan_save_stack+0x3c/0x68 [ 19.738871] kasan_save_track+0x20/0x40 [ 19.738956] kasan_save_alloc_info+0x40/0x58 [ 19.739066] __kasan_kmalloc+0xd4/0xd8 [ 19.739155] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.739283] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.739362] kunit_try_run_case+0x170/0x3f0 [ 19.739486] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.739639] kthread+0x328/0x630 [ 19.739827] ret_from_fork+0x10/0x20 [ 19.739991] [ 19.740043] The buggy address belongs to the object at fff00000c76c5f80 [ 19.740043] which belongs to the cache kmalloc-64 of size 64 [ 19.740111] The buggy address is located 4 bytes inside of [ 19.740111] 64-byte region [fff00000c76c5f80, fff00000c76c5fc0) [ 19.740260] [ 19.740309] The buggy address belongs to the physical page: [ 19.740366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076c5 [ 19.740527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.740578] page_type: f5(slab) [ 19.740616] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.740672] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.740844] page dumped because: kasan: bad access detected [ 19.741043] [ 19.741102] Memory state around the buggy address: [ 19.741250] fff00000c76c5e80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.742152] fff00000c76c5f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.742303] >fff00000c76c5f80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.742391] ^ [ 19.742461] fff00000c76c6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.742570] fff00000c76c6080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.742641] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.717854] ================================================================== [ 19.717926] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.717990] Write of size 16 at addr fff00000c64b5169 by task kunit_try_catch/179 [ 19.718052] [ 19.718107] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.718201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.718237] Hardware name: linux,dummy-virt (DT) [ 19.718302] Call trace: [ 19.718343] show_stack+0x20/0x38 (C) [ 19.718393] dump_stack_lvl+0x8c/0xd0 [ 19.719246] print_report+0x118/0x608 [ 19.719320] kasan_report+0xdc/0x128 [ 19.719512] kasan_check_range+0x100/0x1a8 [ 19.719674] __asan_memset+0x34/0x78 [ 19.719867] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.720198] kunit_try_run_case+0x170/0x3f0 [ 19.720457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.720568] kthread+0x328/0x630 [ 19.720660] ret_from_fork+0x10/0x20 [ 19.721093] [ 19.721137] Allocated by task 179: [ 19.721188] kasan_save_stack+0x3c/0x68 [ 19.721275] kasan_save_track+0x20/0x40 [ 19.721314] kasan_save_alloc_info+0x40/0x58 [ 19.721479] __kasan_kmalloc+0xd4/0xd8 [ 19.721527] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.721685] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.721859] kunit_try_run_case+0x170/0x3f0 [ 19.721942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.721995] kthread+0x328/0x630 [ 19.722281] ret_from_fork+0x10/0x20 [ 19.722451] [ 19.722641] The buggy address belongs to the object at fff00000c64b5100 [ 19.722641] which belongs to the cache kmalloc-128 of size 128 [ 19.722926] The buggy address is located 105 bytes inside of [ 19.722926] allocated 120-byte region [fff00000c64b5100, fff00000c64b5178) [ 19.723068] [ 19.723106] The buggy address belongs to the physical page: [ 19.723144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.723223] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.723450] page_type: f5(slab) [ 19.723695] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.724158] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.724359] page dumped because: kasan: bad access detected [ 19.724484] [ 19.724826] Memory state around the buggy address: [ 19.725003] fff00000c64b5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.725056] fff00000c64b5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.725411] >fff00000c64b5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.725477] ^ [ 19.725764] fff00000c64b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.726013] fff00000c64b5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.726112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.705392] ================================================================== [ 19.705470] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.705577] Write of size 8 at addr fff00000c64b5071 by task kunit_try_catch/177 [ 19.705629] [ 19.705660] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.705769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.705795] Hardware name: linux,dummy-virt (DT) [ 19.705964] Call trace: [ 19.706063] show_stack+0x20/0x38 (C) [ 19.706174] dump_stack_lvl+0x8c/0xd0 [ 19.706231] print_report+0x118/0x608 [ 19.706338] kasan_report+0xdc/0x128 [ 19.706384] kasan_check_range+0x100/0x1a8 [ 19.706440] __asan_memset+0x34/0x78 [ 19.706512] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.706559] kunit_try_run_case+0x170/0x3f0 [ 19.706803] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.706925] kthread+0x328/0x630 [ 19.706971] ret_from_fork+0x10/0x20 [ 19.707091] [ 19.707143] Allocated by task 177: [ 19.707180] kasan_save_stack+0x3c/0x68 [ 19.707238] kasan_save_track+0x20/0x40 [ 19.707339] kasan_save_alloc_info+0x40/0x58 [ 19.707383] __kasan_kmalloc+0xd4/0xd8 [ 19.707429] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.707604] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.707712] kunit_try_run_case+0x170/0x3f0 [ 19.707776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.707885] kthread+0x328/0x630 [ 19.707932] ret_from_fork+0x10/0x20 [ 19.707978] [ 19.708007] The buggy address belongs to the object at fff00000c64b5000 [ 19.708007] which belongs to the cache kmalloc-128 of size 128 [ 19.708190] The buggy address is located 113 bytes inside of [ 19.708190] allocated 120-byte region [fff00000c64b5000, fff00000c64b5078) [ 19.708278] [ 19.708371] The buggy address belongs to the physical page: [ 19.708418] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5 [ 19.708626] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.708787] page_type: f5(slab) [ 19.708918] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.708986] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.709189] page dumped because: kasan: bad access detected [ 19.709255] [ 19.709292] Memory state around the buggy address: [ 19.709420] fff00000c64b4f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.710009] fff00000c64b4f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.710185] >fff00000c64b5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.710318] ^ [ 19.710373] fff00000c64b5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.710494] fff00000c64b5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.710554] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.692980] ================================================================== [ 19.693079] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.693132] Write of size 4 at addr fff00000c638df75 by task kunit_try_catch/175 [ 19.693188] [ 19.693244] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.693336] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.693362] Hardware name: linux,dummy-virt (DT) [ 19.693439] Call trace: [ 19.693468] show_stack+0x20/0x38 (C) [ 19.693535] dump_stack_lvl+0x8c/0xd0 [ 19.693723] print_report+0x118/0x608 [ 19.693772] kasan_report+0xdc/0x128 [ 19.693817] kasan_check_range+0x100/0x1a8 [ 19.693864] __asan_memset+0x34/0x78 [ 19.693917] kmalloc_oob_memset_4+0x150/0x300 [ 19.693964] kunit_try_run_case+0x170/0x3f0 [ 19.694012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.694074] kthread+0x328/0x630 [ 19.694116] ret_from_fork+0x10/0x20 [ 19.694163] [ 19.694181] Allocated by task 175: [ 19.694209] kasan_save_stack+0x3c/0x68 [ 19.694250] kasan_save_track+0x20/0x40 [ 19.694287] kasan_save_alloc_info+0x40/0x58 [ 19.694346] __kasan_kmalloc+0xd4/0xd8 [ 19.694383] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.694431] kmalloc_oob_memset_4+0xb0/0x300 [ 19.694485] kunit_try_run_case+0x170/0x3f0 [ 19.694571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.694617] kthread+0x328/0x630 [ 19.694650] ret_from_fork+0x10/0x20 [ 19.694928] [ 19.695138] The buggy address belongs to the object at fff00000c638df00 [ 19.695138] which belongs to the cache kmalloc-128 of size 128 [ 19.695221] The buggy address is located 117 bytes inside of [ 19.695221] allocated 120-byte region [fff00000c638df00, fff00000c638df78) [ 19.695282] [ 19.695302] The buggy address belongs to the physical page: [ 19.695597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.695920] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.696002] page_type: f5(slab) [ 19.696090] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.696185] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.696342] page dumped because: kasan: bad access detected [ 19.696435] [ 19.696476] Memory state around the buggy address: [ 19.696524] fff00000c638de00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.696640] fff00000c638de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.696719] >fff00000c638df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.696887] ^ [ 19.696933] fff00000c638df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.696978] fff00000c638e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.697175] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.682873] ================================================================== [ 19.683122] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.683196] Write of size 2 at addr fff00000c638de77 by task kunit_try_catch/173 [ 19.683255] [ 19.683293] CPU: 1 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.683384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.683426] Hardware name: linux,dummy-virt (DT) [ 19.683472] Call trace: [ 19.683502] show_stack+0x20/0x38 (C) [ 19.683570] dump_stack_lvl+0x8c/0xd0 [ 19.683618] print_report+0x118/0x608 [ 19.683664] kasan_report+0xdc/0x128 [ 19.683708] kasan_check_range+0x100/0x1a8 [ 19.683756] __asan_memset+0x34/0x78 [ 19.683798] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.683843] kunit_try_run_case+0x170/0x3f0 [ 19.684069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.684202] kthread+0x328/0x630 [ 19.684261] ret_from_fork+0x10/0x20 [ 19.684349] [ 19.684440] Allocated by task 173: [ 19.684497] kasan_save_stack+0x3c/0x68 [ 19.684573] kasan_save_track+0x20/0x40 [ 19.684655] kasan_save_alloc_info+0x40/0x58 [ 19.684716] __kasan_kmalloc+0xd4/0xd8 [ 19.684753] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.684794] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.684971] kunit_try_run_case+0x170/0x3f0 [ 19.685014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.685057] kthread+0x328/0x630 [ 19.685096] ret_from_fork+0x10/0x20 [ 19.685132] [ 19.685152] The buggy address belongs to the object at fff00000c638de00 [ 19.685152] which belongs to the cache kmalloc-128 of size 128 [ 19.685211] The buggy address is located 119 bytes inside of [ 19.685211] allocated 120-byte region [fff00000c638de00, fff00000c638de78) [ 19.685310] [ 19.685347] The buggy address belongs to the physical page: [ 19.685385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.685471] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.685549] page_type: f5(slab) [ 19.685605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.685701] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.685780] page dumped because: kasan: bad access detected [ 19.685833] [ 19.685870] Memory state around the buggy address: [ 19.685900] fff00000c638dd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.686076] fff00000c638dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686946] >fff00000c638de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.686992] ^ [ 19.687034] fff00000c638de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.687300] fff00000c638df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.687357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.666141] ================================================================== [ 19.666355] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 19.666433] Write of size 128 at addr fff00000c638dd00 by task kunit_try_catch/171 [ 19.666500] [ 19.666549] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.666632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.666671] Hardware name: linux,dummy-virt (DT) [ 19.666702] Call trace: [ 19.666731] show_stack+0x20/0x38 (C) [ 19.666786] dump_stack_lvl+0x8c/0xd0 [ 19.666832] print_report+0x118/0x608 [ 19.666877] kasan_report+0xdc/0x128 [ 19.666922] kasan_check_range+0x100/0x1a8 [ 19.667143] __asan_memset+0x34/0x78 [ 19.667211] kmalloc_oob_in_memset+0x144/0x2d0 [ 19.667266] kunit_try_run_case+0x170/0x3f0 [ 19.667333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667386] kthread+0x328/0x630 [ 19.667440] ret_from_fork+0x10/0x20 [ 19.667487] [ 19.667505] Allocated by task 171: [ 19.667534] kasan_save_stack+0x3c/0x68 [ 19.667590] kasan_save_track+0x20/0x40 [ 19.667628] kasan_save_alloc_info+0x40/0x58 [ 19.667676] __kasan_kmalloc+0xd4/0xd8 [ 19.667714] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.667753] kmalloc_oob_in_memset+0xb0/0x2d0 [ 19.667790] kunit_try_run_case+0x170/0x3f0 [ 19.667827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667980] kthread+0x328/0x630 [ 19.668027] ret_from_fork+0x10/0x20 [ 19.668083] [ 19.668103] The buggy address belongs to the object at fff00000c638dd00 [ 19.668103] which belongs to the cache kmalloc-128 of size 128 [ 19.668192] The buggy address is located 0 bytes inside of [ 19.668192] allocated 120-byte region [fff00000c638dd00, fff00000c638dd78) [ 19.668271] [ 19.668290] The buggy address belongs to the physical page: [ 19.668320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.668374] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.668433] page_type: f5(slab) [ 19.668478] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.668526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.668565] page dumped because: kasan: bad access detected [ 19.668595] [ 19.668613] Memory state around the buggy address: [ 19.668866] fff00000c638dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.668914] fff00000c638dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.668957] >fff00000c638dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.668995] ^ [ 19.669093] fff00000c638dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.669151] fff00000c638de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.669221] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.654458] ================================================================== [ 19.654528] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 19.654763] Read of size 16 at addr fff00000c6390160 by task kunit_try_catch/169 [ 19.654866] [ 19.655286] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.655380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.655446] Hardware name: linux,dummy-virt (DT) [ 19.655488] Call trace: [ 19.655547] show_stack+0x20/0x38 (C) [ 19.655603] dump_stack_lvl+0x8c/0xd0 [ 19.655650] print_report+0x118/0x608 [ 19.655898] kasan_report+0xdc/0x128 [ 19.656000] __asan_report_load16_noabort+0x20/0x30 [ 19.656125] kmalloc_uaf_16+0x3bc/0x438 [ 19.656224] kunit_try_run_case+0x170/0x3f0 [ 19.656516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.656694] kthread+0x328/0x630 [ 19.656768] ret_from_fork+0x10/0x20 [ 19.656849] [ 19.656876] Allocated by task 169: [ 19.656923] kasan_save_stack+0x3c/0x68 [ 19.656963] kasan_save_track+0x20/0x40 [ 19.657022] kasan_save_alloc_info+0x40/0x58 [ 19.657067] __kasan_kmalloc+0xd4/0xd8 [ 19.657141] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.657183] kmalloc_uaf_16+0x140/0x438 [ 19.657221] kunit_try_run_case+0x170/0x3f0 [ 19.657258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.657301] kthread+0x328/0x630 [ 19.657473] ret_from_fork+0x10/0x20 [ 19.657557] [ 19.657606] Freed by task 169: [ 19.657697] kasan_save_stack+0x3c/0x68 [ 19.657753] kasan_save_track+0x20/0x40 [ 19.657811] kasan_save_free_info+0x4c/0x78 [ 19.657893] __kasan_slab_free+0x6c/0x98 [ 19.657970] kfree+0x214/0x3c8 [ 19.658061] kmalloc_uaf_16+0x190/0x438 [ 19.658127] kunit_try_run_case+0x170/0x3f0 [ 19.658227] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.658312] kthread+0x328/0x630 [ 19.658345] ret_from_fork+0x10/0x20 [ 19.658381] [ 19.658410] The buggy address belongs to the object at fff00000c6390160 [ 19.658410] which belongs to the cache kmalloc-16 of size 16 [ 19.658489] The buggy address is located 0 bytes inside of [ 19.658489] freed 16-byte region [fff00000c6390160, fff00000c6390170) [ 19.658692] [ 19.658738] The buggy address belongs to the physical page: [ 19.658769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.659011] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.659122] page_type: f5(slab) [ 19.659219] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.659285] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.659351] page dumped because: kasan: bad access detected [ 19.659429] [ 19.659459] Memory state around the buggy address: [ 19.659509] fff00000c6390000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.659576] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.659620] >fff00000c6390100: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 19.659670] ^ [ 19.659729] fff00000c6390180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.659787] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.659855] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.643911] ================================================================== [ 19.643975] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 19.644180] Write of size 16 at addr fff00000c6390100 by task kunit_try_catch/167 [ 19.644257] [ 19.644301] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.644388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.644436] Hardware name: linux,dummy-virt (DT) [ 19.644474] Call trace: [ 19.644502] show_stack+0x20/0x38 (C) [ 19.644559] dump_stack_lvl+0x8c/0xd0 [ 19.644615] print_report+0x118/0x608 [ 19.644671] kasan_report+0xdc/0x128 [ 19.644756] __asan_report_store16_noabort+0x20/0x30 [ 19.644808] kmalloc_oob_16+0x3a0/0x3f8 [ 19.644853] kunit_try_run_case+0x170/0x3f0 [ 19.645131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.645325] kthread+0x328/0x630 [ 19.645371] ret_from_fork+0x10/0x20 [ 19.645431] [ 19.645449] Allocated by task 167: [ 19.645477] kasan_save_stack+0x3c/0x68 [ 19.645517] kasan_save_track+0x20/0x40 [ 19.645554] kasan_save_alloc_info+0x40/0x58 [ 19.645594] __kasan_kmalloc+0xd4/0xd8 [ 19.645630] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.645667] kmalloc_oob_16+0xb4/0x3f8 [ 19.645871] kunit_try_run_case+0x170/0x3f0 [ 19.645918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.645960] kthread+0x328/0x630 [ 19.646030] ret_from_fork+0x10/0x20 [ 19.646079] [ 19.646118] The buggy address belongs to the object at fff00000c6390100 [ 19.646118] which belongs to the cache kmalloc-16 of size 16 [ 19.646207] The buggy address is located 0 bytes inside of [ 19.646207] allocated 13-byte region [fff00000c6390100, fff00000c639010d) [ 19.646292] [ 19.646317] The buggy address belongs to the physical page: [ 19.646423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.646507] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.646555] page_type: f5(slab) [ 19.646889] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.646977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.647113] page dumped because: kasan: bad access detected [ 19.647173] [ 19.647234] Memory state around the buggy address: [ 19.647297] fff00000c6390000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.647417] fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 19.647472] >fff00000c6390100: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.647526] ^ [ 19.647649] fff00000c6390180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.647724] fff00000c6390200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.647763] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.634128] ================================================================== [ 19.634199] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 19.634249] Read of size 1 at addr fff00000c46e0400 by task kunit_try_catch/165 [ 19.634305] [ 19.634338] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.634429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.634463] Hardware name: linux,dummy-virt (DT) [ 19.634499] Call trace: [ 19.634521] show_stack+0x20/0x38 (C) [ 19.634569] dump_stack_lvl+0x8c/0xd0 [ 19.634620] print_report+0x118/0x608 [ 19.634667] kasan_report+0xdc/0x128 [ 19.634713] __asan_report_load1_noabort+0x20/0x30 [ 19.634772] krealloc_uaf+0x4c8/0x520 [ 19.634829] kunit_try_run_case+0x170/0x3f0 [ 19.634876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.634930] kthread+0x328/0x630 [ 19.634973] ret_from_fork+0x10/0x20 [ 19.635020] [ 19.635041] Allocated by task 165: [ 19.635079] kasan_save_stack+0x3c/0x68 [ 19.635126] kasan_save_track+0x20/0x40 [ 19.635163] kasan_save_alloc_info+0x40/0x58 [ 19.635202] __kasan_kmalloc+0xd4/0xd8 [ 19.635238] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.635276] krealloc_uaf+0xc8/0x520 [ 19.635310] kunit_try_run_case+0x170/0x3f0 [ 19.635347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.635392] kthread+0x328/0x630 [ 19.635799] ret_from_fork+0x10/0x20 [ 19.635999] [ 19.636025] Freed by task 165: [ 19.636071] kasan_save_stack+0x3c/0x68 [ 19.636137] kasan_save_track+0x20/0x40 [ 19.636260] kasan_save_free_info+0x4c/0x78 [ 19.636338] __kasan_slab_free+0x6c/0x98 [ 19.636446] kfree+0x214/0x3c8 [ 19.636496] krealloc_uaf+0x12c/0x520 [ 19.636555] kunit_try_run_case+0x170/0x3f0 [ 19.636592] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.636634] kthread+0x328/0x630 [ 19.636666] ret_from_fork+0x10/0x20 [ 19.636738] [ 19.636841] The buggy address belongs to the object at fff00000c46e0400 [ 19.636841] which belongs to the cache kmalloc-256 of size 256 [ 19.636908] The buggy address is located 0 bytes inside of [ 19.636908] freed 256-byte region [fff00000c46e0400, fff00000c46e0500) [ 19.636997] [ 19.637023] The buggy address belongs to the physical page: [ 19.637079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.637145] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.637220] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.637331] page_type: f5(slab) [ 19.637379] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.637454] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.637515] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.637595] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.637721] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.637802] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.637902] page dumped because: kasan: bad access detected [ 19.637961] [ 19.637991] Memory state around the buggy address: [ 19.638090] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638133] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638184] >fff00000c46e0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.638228] ^ [ 19.638255] fff00000c46e0480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.638295] fff00000c46e0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638331] ================================================================== [ 19.622067] ================================================================== [ 19.622170] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 19.622232] Read of size 1 at addr fff00000c46e0400 by task kunit_try_catch/165 [ 19.624105] [ 19.624364] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.626930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.626957] Hardware name: linux,dummy-virt (DT) [ 19.626996] Call trace: [ 19.627019] show_stack+0x20/0x38 (C) [ 19.628609] dump_stack_lvl+0x8c/0xd0 [ 19.628732] print_report+0x118/0x608 [ 19.628816] kasan_report+0xdc/0x128 [ 19.628924] __kasan_check_byte+0x54/0x70 [ 19.629011] krealloc_noprof+0x44/0x360 [ 19.629125] krealloc_uaf+0x180/0x520 [ 19.629194] kunit_try_run_case+0x170/0x3f0 [ 19.629243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.629295] kthread+0x328/0x630 [ 19.629337] ret_from_fork+0x10/0x20 [ 19.629750] [ 19.629786] Allocated by task 165: [ 19.629819] kasan_save_stack+0x3c/0x68 [ 19.629886] kasan_save_track+0x20/0x40 [ 19.629966] kasan_save_alloc_info+0x40/0x58 [ 19.630007] __kasan_kmalloc+0xd4/0xd8 [ 19.630075] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.630143] krealloc_uaf+0xc8/0x520 [ 19.630210] kunit_try_run_case+0x170/0x3f0 [ 19.630264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.630329] kthread+0x328/0x630 [ 19.630362] ret_from_fork+0x10/0x20 [ 19.630407] [ 19.630443] Freed by task 165: [ 19.630681] kasan_save_stack+0x3c/0x68 [ 19.630747] kasan_save_track+0x20/0x40 [ 19.630868] kasan_save_free_info+0x4c/0x78 [ 19.630936] __kasan_slab_free+0x6c/0x98 [ 19.631032] kfree+0x214/0x3c8 [ 19.631090] krealloc_uaf+0x12c/0x520 [ 19.631233] kunit_try_run_case+0x170/0x3f0 [ 19.631303] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.631348] kthread+0x328/0x630 [ 19.631430] ret_from_fork+0x10/0x20 [ 19.631478] [ 19.631715] The buggy address belongs to the object at fff00000c46e0400 [ 19.631715] which belongs to the cache kmalloc-256 of size 256 [ 19.631901] The buggy address is located 0 bytes inside of [ 19.631901] freed 256-byte region [fff00000c46e0400, fff00000c46e0500) [ 19.631968] [ 19.631990] The buggy address belongs to the physical page: [ 19.632021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.632117] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.632268] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.632336] page_type: f5(slab) [ 19.632424] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.632491] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.632575] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.632636] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.632718] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.632766] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.632805] page dumped because: kasan: bad access detected [ 19.632835] [ 19.632892] Memory state around the buggy address: [ 19.632927] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.633077] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.633158] >fff00000c46e0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.633226] ^ [ 19.633314] fff00000c46e0480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.633371] fff00000c46e0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.633471] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 19.436582] ================================================================== [ 19.436635] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.436685] Write of size 1 at addr fff00000c46e02da by task kunit_try_catch/159 [ 19.436738] [ 19.436845] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.436927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.438412] Hardware name: linux,dummy-virt (DT) [ 19.438471] Call trace: [ 19.438512] show_stack+0x20/0x38 (C) [ 19.438568] dump_stack_lvl+0x8c/0xd0 [ 19.438614] print_report+0x118/0x608 [ 19.438666] kasan_report+0xdc/0x128 [ 19.438905] __asan_report_store1_noabort+0x20/0x30 [ 19.439165] krealloc_less_oob_helper+0xa80/0xc50 [ 19.439261] krealloc_less_oob+0x20/0x38 [ 19.439306] kunit_try_run_case+0x170/0x3f0 [ 19.439361] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.439451] kthread+0x328/0x630 [ 19.439493] ret_from_fork+0x10/0x20 [ 19.439661] [ 19.439680] Allocated by task 159: [ 19.439718] kasan_save_stack+0x3c/0x68 [ 19.439760] kasan_save_track+0x20/0x40 [ 19.439797] kasan_save_alloc_info+0x40/0x58 [ 19.439837] __kasan_krealloc+0x118/0x178 [ 19.440172] krealloc_noprof+0x128/0x360 [ 19.440228] krealloc_less_oob_helper+0x168/0xc50 [ 19.441131] krealloc_less_oob+0x20/0x38 [ 19.441415] kunit_try_run_case+0x170/0x3f0 [ 19.441585] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.441648] kthread+0x328/0x630 [ 19.441892] ret_from_fork+0x10/0x20 [ 19.442153] [ 19.442208] The buggy address belongs to the object at fff00000c46e0200 [ 19.442208] which belongs to the cache kmalloc-256 of size 256 [ 19.442280] The buggy address is located 17 bytes to the right of [ 19.442280] allocated 201-byte region [fff00000c46e0200, fff00000c46e02c9) [ 19.442708] [ 19.442733] The buggy address belongs to the physical page: [ 19.442979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.443310] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.443645] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.443844] page_type: f5(slab) [ 19.444197] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.444271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.444321] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.444370] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.444511] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.444700] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.444794] page dumped because: kasan: bad access detected [ 19.444847] [ 19.444865] Memory state around the buggy address: [ 19.444897] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.444941] fff00000c46e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.444983] >fff00000c46e0280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.445023] ^ [ 19.445059] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445164] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.445313] ================================================================== [ 19.527005] ================================================================== [ 19.527106] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.527159] Write of size 1 at addr fff00000c76ba0d0 by task kunit_try_catch/163 [ 19.527208] [ 19.527492] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.527930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.528245] Hardware name: linux,dummy-virt (DT) [ 19.528387] Call trace: [ 19.528421] show_stack+0x20/0x38 (C) [ 19.528476] dump_stack_lvl+0x8c/0xd0 [ 19.528728] print_report+0x118/0x608 [ 19.529030] kasan_report+0xdc/0x128 [ 19.529209] __asan_report_store1_noabort+0x20/0x30 [ 19.529316] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.529575] krealloc_large_less_oob+0x20/0x38 [ 19.529626] kunit_try_run_case+0x170/0x3f0 [ 19.530047] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.530494] kthread+0x328/0x630 [ 19.530732] ret_from_fork+0x10/0x20 [ 19.530950] [ 19.530971] The buggy address belongs to the physical page: [ 19.531001] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.531385] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.531449] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.531502] page_type: f8(unknown) [ 19.531801] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.531865] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.532098] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.532357] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.532810] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.533234] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.533664] page dumped because: kasan: bad access detected [ 19.534307] [ 19.534414] Memory state around the buggy address: [ 19.534448] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.535203] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.535915] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.536429] ^ [ 19.536505] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.536922] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.537369] ================================================================== [ 19.459469] ================================================================== [ 19.459726] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.459779] Write of size 1 at addr fff00000c46e02eb by task kunit_try_catch/159 [ 19.459827] [ 19.459856] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.459935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.459961] Hardware name: linux,dummy-virt (DT) [ 19.459991] Call trace: [ 19.460012] show_stack+0x20/0x38 (C) [ 19.460115] dump_stack_lvl+0x8c/0xd0 [ 19.460177] print_report+0x118/0x608 [ 19.460223] kasan_report+0xdc/0x128 [ 19.460269] __asan_report_store1_noabort+0x20/0x30 [ 19.460321] krealloc_less_oob_helper+0xa58/0xc50 [ 19.460370] krealloc_less_oob+0x20/0x38 [ 19.460425] kunit_try_run_case+0x170/0x3f0 [ 19.460473] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.460525] kthread+0x328/0x630 [ 19.460567] ret_from_fork+0x10/0x20 [ 19.460614] [ 19.460632] Allocated by task 159: [ 19.460659] kasan_save_stack+0x3c/0x68 [ 19.460726] kasan_save_track+0x20/0x40 [ 19.460763] kasan_save_alloc_info+0x40/0x58 [ 19.460818] __kasan_krealloc+0x118/0x178 [ 19.460901] krealloc_noprof+0x128/0x360 [ 19.461156] krealloc_less_oob_helper+0x168/0xc50 [ 19.461291] krealloc_less_oob+0x20/0x38 [ 19.461430] kunit_try_run_case+0x170/0x3f0 [ 19.461778] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462129] kthread+0x328/0x630 [ 19.462444] ret_from_fork+0x10/0x20 [ 19.462546] [ 19.462566] The buggy address belongs to the object at fff00000c46e0200 [ 19.462566] which belongs to the cache kmalloc-256 of size 256 [ 19.463014] The buggy address is located 34 bytes to the right of [ 19.463014] allocated 201-byte region [fff00000c46e0200, fff00000c46e02c9) [ 19.463305] [ 19.463327] The buggy address belongs to the physical page: [ 19.463511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.463853] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.464154] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.464429] page_type: f5(slab) [ 19.464474] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.464909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.464976] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.465032] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.465280] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.465839] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.466152] page dumped because: kasan: bad access detected [ 19.466210] [ 19.466230] Memory state around the buggy address: [ 19.466322] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466810] fff00000c46e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.467054] >fff00000c46e0280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.467095] ^ [ 19.467137] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.467650] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.468147] ================================================================== [ 19.423840] ================================================================== [ 19.423896] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.424050] Write of size 1 at addr fff00000c46e02c9 by task kunit_try_catch/159 [ 19.424160] [ 19.424208] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.425604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.425879] Hardware name: linux,dummy-virt (DT) [ 19.425980] Call trace: [ 19.426028] show_stack+0x20/0x38 (C) [ 19.426099] dump_stack_lvl+0x8c/0xd0 [ 19.426145] print_report+0x118/0x608 [ 19.426192] kasan_report+0xdc/0x128 [ 19.426321] __asan_report_store1_noabort+0x20/0x30 [ 19.426412] krealloc_less_oob_helper+0xa48/0xc50 [ 19.426486] krealloc_less_oob+0x20/0x38 [ 19.426568] kunit_try_run_case+0x170/0x3f0 [ 19.426663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.426717] kthread+0x328/0x630 [ 19.426761] ret_from_fork+0x10/0x20 [ 19.426809] [ 19.426827] Allocated by task 159: [ 19.426861] kasan_save_stack+0x3c/0x68 [ 19.426901] kasan_save_track+0x20/0x40 [ 19.426938] kasan_save_alloc_info+0x40/0x58 [ 19.427099] __kasan_krealloc+0x118/0x178 [ 19.427167] krealloc_noprof+0x128/0x360 [ 19.427223] krealloc_less_oob_helper+0x168/0xc50 [ 19.427269] krealloc_less_oob+0x20/0x38 [ 19.427305] kunit_try_run_case+0x170/0x3f0 [ 19.427342] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427384] kthread+0x328/0x630 [ 19.427542] ret_from_fork+0x10/0x20 [ 19.427580] [ 19.427606] The buggy address belongs to the object at fff00000c46e0200 [ 19.427606] which belongs to the cache kmalloc-256 of size 256 [ 19.427677] The buggy address is located 0 bytes to the right of [ 19.427677] allocated 201-byte region [fff00000c46e0200, fff00000c46e02c9) [ 19.427740] [ 19.427765] The buggy address belongs to the physical page: [ 19.427796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.427852] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.427915] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.427965] page_type: f5(slab) [ 19.428002] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.428075] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.428126] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.428174] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.428222] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.428270] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.428310] page dumped because: kasan: bad access detected [ 19.428488] [ 19.428511] Memory state around the buggy address: [ 19.428543] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.428585] fff00000c46e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.428627] >fff00000c46e0280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.428664] ^ [ 19.428704] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.428745] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.428781] ================================================================== [ 19.578026] ================================================================== [ 19.578199] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.578774] Write of size 1 at addr fff00000c76ba0eb by task kunit_try_catch/163 [ 19.579982] [ 19.580074] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.580236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.580272] Hardware name: linux,dummy-virt (DT) [ 19.580327] Call trace: [ 19.580875] show_stack+0x20/0x38 (C) [ 19.581966] dump_stack_lvl+0x8c/0xd0 [ 19.582026] print_report+0x118/0x608 [ 19.582081] kasan_report+0xdc/0x128 [ 19.582127] __asan_report_store1_noabort+0x20/0x30 [ 19.582513] krealloc_less_oob_helper+0xa58/0xc50 [ 19.582650] krealloc_large_less_oob+0x20/0x38 [ 19.582699] kunit_try_run_case+0x170/0x3f0 [ 19.582750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.583865] kthread+0x328/0x630 [ 19.584811] ret_from_fork+0x10/0x20 [ 19.585633] [ 19.585663] The buggy address belongs to the physical page: [ 19.586046] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.586116] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.586530] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.587304] page_type: f8(unknown) [ 19.587593] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.588122] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.588622] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.588675] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.588724] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.588773] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.588812] page dumped because: kasan: bad access detected [ 19.588842] [ 19.588861] Memory state around the buggy address: [ 19.590510] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.590973] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.591332] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.591483] ^ [ 19.591886] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.592112] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.592153] ================================================================== [ 19.559352] ================================================================== [ 19.559528] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.559579] Write of size 1 at addr fff00000c76ba0ea by task kunit_try_catch/163 [ 19.559628] [ 19.559660] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.559739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.561180] Hardware name: linux,dummy-virt (DT) [ 19.561736] Call trace: [ 19.561878] show_stack+0x20/0x38 (C) [ 19.562274] dump_stack_lvl+0x8c/0xd0 [ 19.562504] print_report+0x118/0x608 [ 19.562910] kasan_report+0xdc/0x128 [ 19.564438] __asan_report_store1_noabort+0x20/0x30 [ 19.564708] krealloc_less_oob_helper+0xae4/0xc50 [ 19.564923] krealloc_large_less_oob+0x20/0x38 [ 19.565981] kunit_try_run_case+0x170/0x3f0 [ 19.566109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566212] kthread+0x328/0x630 [ 19.566964] ret_from_fork+0x10/0x20 [ 19.567020] [ 19.567041] The buggy address belongs to the physical page: [ 19.567078] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.567204] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.567384] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.567446] page_type: f8(unknown) [ 19.568186] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.568457] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.568600] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.568773] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.569498] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.569920] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.570702] page dumped because: kasan: bad access detected [ 19.571190] [ 19.571289] Memory state around the buggy address: [ 19.571421] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.571646] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.572174] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.572240] ^ [ 19.572699] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.572849] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.573408] ================================================================== [ 19.519392] ================================================================== [ 19.519467] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.519522] Write of size 1 at addr fff00000c76ba0c9 by task kunit_try_catch/163 [ 19.519571] [ 19.519602] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.519681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.519708] Hardware name: linux,dummy-virt (DT) [ 19.519737] Call trace: [ 19.519758] show_stack+0x20/0x38 (C) [ 19.519807] dump_stack_lvl+0x8c/0xd0 [ 19.519852] print_report+0x118/0x608 [ 19.519898] kasan_report+0xdc/0x128 [ 19.519945] __asan_report_store1_noabort+0x20/0x30 [ 19.519995] krealloc_less_oob_helper+0xa48/0xc50 [ 19.520056] krealloc_large_less_oob+0x20/0x38 [ 19.520106] kunit_try_run_case+0x170/0x3f0 [ 19.520155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.520207] kthread+0x328/0x630 [ 19.520248] ret_from_fork+0x10/0x20 [ 19.520295] [ 19.520315] The buggy address belongs to the physical page: [ 19.520345] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.520407] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.520454] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.521235] page_type: f8(unknown) [ 19.521339] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.521391] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.522024] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.522564] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.523307] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.523358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.524143] page dumped because: kasan: bad access detected [ 19.524365] [ 19.524387] Memory state around the buggy address: [ 19.524457] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.524514] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.524557] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.524593] ^ [ 19.524629] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.524675] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.525245] ================================================================== [ 19.541978] ================================================================== [ 19.542162] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.542648] Write of size 1 at addr fff00000c76ba0da by task kunit_try_catch/163 [ 19.542853] [ 19.542896] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.543785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.544264] Hardware name: linux,dummy-virt (DT) [ 19.544568] Call trace: [ 19.544639] show_stack+0x20/0x38 (C) [ 19.545005] dump_stack_lvl+0x8c/0xd0 [ 19.545622] print_report+0x118/0x608 [ 19.546147] kasan_report+0xdc/0x128 [ 19.546387] __asan_report_store1_noabort+0x20/0x30 [ 19.547005] krealloc_less_oob_helper+0xa80/0xc50 [ 19.547518] krealloc_large_less_oob+0x20/0x38 [ 19.547636] kunit_try_run_case+0x170/0x3f0 [ 19.548390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.549044] kthread+0x328/0x630 [ 19.549368] ret_from_fork+0x10/0x20 [ 19.550225] [ 19.550362] The buggy address belongs to the physical page: [ 19.550539] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.550675] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.550809] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.550864] page_type: f8(unknown) [ 19.551415] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.551472] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.551974] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.552382] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.552861] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.553500] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.554009] page dumped because: kasan: bad access detected [ 19.554055] [ 19.554073] Memory state around the buggy address: [ 19.554106] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.554681] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.554731] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.555406] ^ [ 19.555869] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.556336] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.556651] ================================================================== [ 19.429951] ================================================================== [ 19.430009] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.430070] Write of size 1 at addr fff00000c46e02d0 by task kunit_try_catch/159 [ 19.430137] [ 19.430175] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.430266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.430313] Hardware name: linux,dummy-virt (DT) [ 19.430352] Call trace: [ 19.430373] show_stack+0x20/0x38 (C) [ 19.430444] dump_stack_lvl+0x8c/0xd0 [ 19.430690] print_report+0x118/0x608 [ 19.430747] kasan_report+0xdc/0x128 [ 19.430793] __asan_report_store1_noabort+0x20/0x30 [ 19.430863] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.430921] krealloc_less_oob+0x20/0x38 [ 19.430977] kunit_try_run_case+0x170/0x3f0 [ 19.431033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.431101] kthread+0x328/0x630 [ 19.431144] ret_from_fork+0x10/0x20 [ 19.431202] [ 19.431221] Allocated by task 159: [ 19.431249] kasan_save_stack+0x3c/0x68 [ 19.432634] kasan_save_track+0x20/0x40 [ 19.432956] kasan_save_alloc_info+0x40/0x58 [ 19.433009] __kasan_krealloc+0x118/0x178 [ 19.433111] krealloc_noprof+0x128/0x360 [ 19.433232] krealloc_less_oob_helper+0x168/0xc50 [ 19.433322] krealloc_less_oob+0x20/0x38 [ 19.433388] kunit_try_run_case+0x170/0x3f0 [ 19.433466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.433533] kthread+0x328/0x630 [ 19.433596] ret_from_fork+0x10/0x20 [ 19.433847] [ 19.433869] The buggy address belongs to the object at fff00000c46e0200 [ 19.433869] which belongs to the cache kmalloc-256 of size 256 [ 19.434014] The buggy address is located 7 bytes to the right of [ 19.434014] allocated 201-byte region [fff00000c46e0200, fff00000c46e02c9) [ 19.434086] [ 19.434128] The buggy address belongs to the physical page: [ 19.434166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.434248] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.434325] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.434443] page_type: f5(slab) [ 19.434500] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.434577] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.434639] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.434687] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.434753] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.434801] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.434840] page dumped because: kasan: bad access detected [ 19.434870] [ 19.434888] Memory state around the buggy address: [ 19.434917] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.434984] fff00000c46e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.435131] >fff00000c46e0280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.435222] ^ [ 19.435282] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.435339] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.435579] ================================================================== [ 19.446320] ================================================================== [ 19.446391] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.446880] Write of size 1 at addr fff00000c46e02ea by task kunit_try_catch/159 [ 19.446930] [ 19.446963] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.447042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.447786] Hardware name: linux,dummy-virt (DT) [ 19.448146] Call trace: [ 19.448254] show_stack+0x20/0x38 (C) [ 19.448543] dump_stack_lvl+0x8c/0xd0 [ 19.448761] print_report+0x118/0x608 [ 19.448893] kasan_report+0xdc/0x128 [ 19.448941] __asan_report_store1_noabort+0x20/0x30 [ 19.448993] krealloc_less_oob_helper+0xae4/0xc50 [ 19.449043] krealloc_less_oob+0x20/0x38 [ 19.449705] kunit_try_run_case+0x170/0x3f0 [ 19.451961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.452029] kthread+0x328/0x630 [ 19.452149] ret_from_fork+0x10/0x20 [ 19.452490] [ 19.452516] Allocated by task 159: [ 19.452546] kasan_save_stack+0x3c/0x68 [ 19.453149] kasan_save_track+0x20/0x40 [ 19.453189] kasan_save_alloc_info+0x40/0x58 [ 19.453228] __kasan_krealloc+0x118/0x178 [ 19.453266] krealloc_noprof+0x128/0x360 [ 19.453305] krealloc_less_oob_helper+0x168/0xc50 [ 19.453344] krealloc_less_oob+0x20/0x38 [ 19.453380] kunit_try_run_case+0x170/0x3f0 [ 19.454215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.454277] kthread+0x328/0x630 [ 19.454311] ret_from_fork+0x10/0x20 [ 19.454681] [ 19.454704] The buggy address belongs to the object at fff00000c46e0200 [ 19.454704] which belongs to the cache kmalloc-256 of size 256 [ 19.454762] The buggy address is located 33 bytes to the right of [ 19.454762] allocated 201-byte region [fff00000c46e0200, fff00000c46e02c9) [ 19.454826] [ 19.454844] The buggy address belongs to the physical page: [ 19.454874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.455982] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.456117] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.456172] page_type: f5(slab) [ 19.456210] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.456260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.456308] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.456357] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.456416] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.456488] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.456529] page dumped because: kasan: bad access detected [ 19.456613] [ 19.456674] Memory state around the buggy address: [ 19.456711] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.456832] fff00000c46e0200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.456912] >fff00000c46e0280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.457190] ^ [ 19.457236] fff00000c46e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.457641] fff00000c46e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.457992] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.408001] ================================================================== [ 19.408070] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.408125] Write of size 1 at addr fff00000c46e00f0 by task kunit_try_catch/157 [ 19.408174] [ 19.408813] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.409293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.409322] Hardware name: linux,dummy-virt (DT) [ 19.409352] Call trace: [ 19.409375] show_stack+0x20/0x38 (C) [ 19.409445] dump_stack_lvl+0x8c/0xd0 [ 19.409491] print_report+0x118/0x608 [ 19.409539] kasan_report+0xdc/0x128 [ 19.409585] __asan_report_store1_noabort+0x20/0x30 [ 19.409636] krealloc_more_oob_helper+0x5c0/0x678 [ 19.409688] krealloc_more_oob+0x20/0x38 [ 19.409736] kunit_try_run_case+0x170/0x3f0 [ 19.409784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.409836] kthread+0x328/0x630 [ 19.409879] ret_from_fork+0x10/0x20 [ 19.409927] [ 19.409947] Allocated by task 157: [ 19.409975] kasan_save_stack+0x3c/0x68 [ 19.410015] kasan_save_track+0x20/0x40 [ 19.410052] kasan_save_alloc_info+0x40/0x58 [ 19.410091] __kasan_krealloc+0x118/0x178 [ 19.410129] krealloc_noprof+0x128/0x360 [ 19.410165] krealloc_more_oob_helper+0x168/0x678 [ 19.410203] krealloc_more_oob+0x20/0x38 [ 19.410239] kunit_try_run_case+0x170/0x3f0 [ 19.410275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.410318] kthread+0x328/0x630 [ 19.410352] ret_from_fork+0x10/0x20 [ 19.410388] [ 19.410415] The buggy address belongs to the object at fff00000c46e0000 [ 19.410415] which belongs to the cache kmalloc-256 of size 256 [ 19.410471] The buggy address is located 5 bytes to the right of [ 19.410471] allocated 235-byte region [fff00000c46e0000, fff00000c46e00eb) [ 19.410534] [ 19.410554] The buggy address belongs to the physical page: [ 19.410584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.410636] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.410684] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.412191] page_type: f5(slab) [ 19.412239] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.412289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.412345] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.412394] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.412454] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.412503] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.412543] page dumped because: kasan: bad access detected [ 19.412573] [ 19.412590] Memory state around the buggy address: [ 19.412622] fff00000c46dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412664] fff00000c46e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.412705] >fff00000c46e0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.412742] ^ [ 19.412784] fff00000c46e0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412826] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.412863] ================================================================== [ 19.399646] ================================================================== [ 19.399921] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.400108] Write of size 1 at addr fff00000c46e00eb by task kunit_try_catch/157 [ 19.400158] [ 19.400186] CPU: 1 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.400265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.400291] Hardware name: linux,dummy-virt (DT) [ 19.400320] Call trace: [ 19.400340] show_stack+0x20/0x38 (C) [ 19.400388] dump_stack_lvl+0x8c/0xd0 [ 19.400445] print_report+0x118/0x608 [ 19.400491] kasan_report+0xdc/0x128 [ 19.400537] __asan_report_store1_noabort+0x20/0x30 [ 19.400588] krealloc_more_oob_helper+0x60c/0x678 [ 19.400636] krealloc_more_oob+0x20/0x38 [ 19.400681] kunit_try_run_case+0x170/0x3f0 [ 19.400729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.400781] kthread+0x328/0x630 [ 19.400824] ret_from_fork+0x10/0x20 [ 19.400870] [ 19.400888] Allocated by task 157: [ 19.400916] kasan_save_stack+0x3c/0x68 [ 19.400956] kasan_save_track+0x20/0x40 [ 19.400993] kasan_save_alloc_info+0x40/0x58 [ 19.401032] __kasan_krealloc+0x118/0x178 [ 19.401077] krealloc_noprof+0x128/0x360 [ 19.401114] krealloc_more_oob_helper+0x168/0x678 [ 19.401152] krealloc_more_oob+0x20/0x38 [ 19.401188] kunit_try_run_case+0x170/0x3f0 [ 19.401268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.401313] kthread+0x328/0x630 [ 19.401347] ret_from_fork+0x10/0x20 [ 19.401383] [ 19.401411] The buggy address belongs to the object at fff00000c46e0000 [ 19.401411] which belongs to the cache kmalloc-256 of size 256 [ 19.401492] The buggy address is located 0 bytes to the right of [ 19.401492] allocated 235-byte region [fff00000c46e0000, fff00000c46e00eb) [ 19.401557] [ 19.401576] The buggy address belongs to the physical page: [ 19.401606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046e0 [ 19.401658] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.401903] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.402023] page_type: f5(slab) [ 19.402174] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.402284] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.402421] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.402516] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.402577] head: 0bfffe0000000001 ffffc1ffc311b801 00000000ffffffff 00000000ffffffff [ 19.402658] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.402700] page dumped because: kasan: bad access detected [ 19.402730] [ 19.402747] Memory state around the buggy address: [ 19.402778] fff00000c46dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.402858] fff00000c46e0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.403041] >fff00000c46e0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.403090] ^ [ 19.403139] fff00000c46e0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403189] fff00000c46e0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403367] ================================================================== [ 19.483319] ================================================================== [ 19.483390] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.484297] Write of size 1 at addr fff00000c76ba0eb by task kunit_try_catch/161 [ 19.484507] [ 19.484821] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.485170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.485207] Hardware name: linux,dummy-virt (DT) [ 19.485511] Call trace: [ 19.485537] show_stack+0x20/0x38 (C) [ 19.485730] dump_stack_lvl+0x8c/0xd0 [ 19.485779] print_report+0x118/0x608 [ 19.485825] kasan_report+0xdc/0x128 [ 19.485871] __asan_report_store1_noabort+0x20/0x30 [ 19.485922] krealloc_more_oob_helper+0x60c/0x678 [ 19.485972] krealloc_large_more_oob+0x20/0x38 [ 19.486892] kunit_try_run_case+0x170/0x3f0 [ 19.486954] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.487221] kthread+0x328/0x630 [ 19.487589] ret_from_fork+0x10/0x20 [ 19.487850] [ 19.488254] The buggy address belongs to the physical page: [ 19.488287] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.488619] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.488852] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.489344] page_type: f8(unknown) [ 19.489438] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.489927] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.490225] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.490294] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.490879] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.491130] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.491392] page dumped because: kasan: bad access detected [ 19.491475] [ 19.491493] Memory state around the buggy address: [ 19.491528] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.491935] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.492111] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.492158] ^ [ 19.492197] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.492857] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.492902] ================================================================== [ 19.494360] ================================================================== [ 19.494424] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.494482] Write of size 1 at addr fff00000c76ba0f0 by task kunit_try_catch/161 [ 19.494530] [ 19.494562] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.494643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.494670] Hardware name: linux,dummy-virt (DT) [ 19.494700] Call trace: [ 19.494722] show_stack+0x20/0x38 (C) [ 19.494770] dump_stack_lvl+0x8c/0xd0 [ 19.494817] print_report+0x118/0x608 [ 19.494864] kasan_report+0xdc/0x128 [ 19.496094] __asan_report_store1_noabort+0x20/0x30 [ 19.496215] krealloc_more_oob_helper+0x5c0/0x678 [ 19.496266] krealloc_large_more_oob+0x20/0x38 [ 19.496357] kunit_try_run_case+0x170/0x3f0 [ 19.496527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.496830] kthread+0x328/0x630 [ 19.497267] ret_from_fork+0x10/0x20 [ 19.497353] [ 19.497840] The buggy address belongs to the physical page: [ 19.498080] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b8 [ 19.498281] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.498733] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.499105] page_type: f8(unknown) [ 19.499187] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.500456] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.500764] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.501336] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.501455] head: 0bfffe0000000002 ffffc1ffc31dae01 00000000ffffffff 00000000ffffffff [ 19.502040] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.502208] page dumped because: kasan: bad access detected [ 19.502240] [ 19.502258] Memory state around the buggy address: [ 19.502289] fff00000c76b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.502332] fff00000c76ba000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.502373] >fff00000c76ba080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.502588] ^ [ 19.502663] fff00000c76ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.502705] fff00000c76ba180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.502742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.392222] ================================================================== [ 19.392277] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.392328] Read of size 1 at addr fff00000c7770000 by task kunit_try_catch/155 [ 19.392376] [ 19.392420] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.392500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.392526] Hardware name: linux,dummy-virt (DT) [ 19.392556] Call trace: [ 19.392576] show_stack+0x20/0x38 (C) [ 19.392655] dump_stack_lvl+0x8c/0xd0 [ 19.392723] print_report+0x118/0x608 [ 19.392770] kasan_report+0xdc/0x128 [ 19.392817] __asan_report_load1_noabort+0x20/0x30 [ 19.392867] page_alloc_uaf+0x328/0x350 [ 19.392913] kunit_try_run_case+0x170/0x3f0 [ 19.393154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393210] kthread+0x328/0x630 [ 19.393260] ret_from_fork+0x10/0x20 [ 19.393348] [ 19.393469] The buggy address belongs to the physical page: [ 19.393499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107770 [ 19.393561] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.393608] page_type: f0(buddy) [ 19.393646] raw: 0bfffe0000000000 fff00000ff6160a0 fff00000ff6160a0 0000000000000000 [ 19.393879] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 19.394025] page dumped because: kasan: bad access detected [ 19.394055] [ 19.394115] Memory state around the buggy address: [ 19.394147] fff00000c776ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.394195] fff00000c776ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.394257] >fff00000c7770000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.394295] ^ [ 19.394322] fff00000c7770080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.394369] fff00000c7770100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.394446] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 19.378102] ================================================================== [ 19.378317] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 19.378445] Free of addr fff00000c76b4001 by task kunit_try_catch/151 [ 19.378490] [ 19.378520] CPU: 1 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.378601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.378627] Hardware name: linux,dummy-virt (DT) [ 19.378658] Call trace: [ 19.378680] show_stack+0x20/0x38 (C) [ 19.378727] dump_stack_lvl+0x8c/0xd0 [ 19.378783] print_report+0x118/0x608 [ 19.378830] kasan_report_invalid_free+0xc0/0xe8 [ 19.378917] __kasan_kfree_large+0x5c/0xa8 [ 19.378971] free_large_kmalloc+0x64/0x190 [ 19.379044] kfree+0x270/0x3c8 [ 19.379093] kmalloc_large_invalid_free+0x108/0x270 [ 19.379177] kunit_try_run_case+0x170/0x3f0 [ 19.379331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.379393] kthread+0x328/0x630 [ 19.379453] ret_from_fork+0x10/0x20 [ 19.379624] [ 19.379652] The buggy address belongs to the physical page: [ 19.379733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b4 [ 19.379787] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.379838] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.380078] page_type: f8(unknown) [ 19.380119] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.380208] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.380259] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.380332] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.380386] head: 0bfffe0000000002 ffffc1ffc31dad01 00000000ffffffff 00000000ffffffff [ 19.380443] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.380507] page dumped because: kasan: bad access detected [ 19.380538] [ 19.380556] Memory state around the buggy address: [ 19.380589] fff00000c76b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.380630] fff00000c76b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.380672] >fff00000c76b4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.380710] ^ [ 19.380737] fff00000c76b4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.380777] fff00000c76b4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.380959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.370386] ================================================================== [ 19.370461] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 19.370512] Read of size 1 at addr fff00000c76b4000 by task kunit_try_catch/149 [ 19.370560] [ 19.370589] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.370670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.370695] Hardware name: linux,dummy-virt (DT) [ 19.370725] Call trace: [ 19.370746] show_stack+0x20/0x38 (C) [ 19.370794] dump_stack_lvl+0x8c/0xd0 [ 19.370843] print_report+0x118/0x608 [ 19.370890] kasan_report+0xdc/0x128 [ 19.370935] __asan_report_load1_noabort+0x20/0x30 [ 19.370986] kmalloc_large_uaf+0x2cc/0x2f8 [ 19.371031] kunit_try_run_case+0x170/0x3f0 [ 19.371079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371131] kthread+0x328/0x630 [ 19.371173] ret_from_fork+0x10/0x20 [ 19.371378] [ 19.371476] The buggy address belongs to the physical page: [ 19.371638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b4 [ 19.371692] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.371751] raw: 0bfffe0000000000 ffffc1ffc31dae08 fff00000da478c40 0000000000000000 [ 19.371802] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.371842] page dumped because: kasan: bad access detected [ 19.371872] [ 19.371890] Memory state around the buggy address: [ 19.371930] fff00000c76b3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372074] fff00000c76b3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372117] >fff00000c76b4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.372154] ^ [ 19.372181] fff00000c76b4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.372222] fff00000c76b4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.372259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.357701] ================================================================== [ 19.358126] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 19.358629] Write of size 1 at addr fff00000c76b600a by task kunit_try_catch/147 [ 19.358687] [ 19.358721] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.358804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.359225] Hardware name: linux,dummy-virt (DT) [ 19.359267] Call trace: [ 19.359304] show_stack+0x20/0x38 (C) [ 19.359356] dump_stack_lvl+0x8c/0xd0 [ 19.359412] print_report+0x118/0x608 [ 19.359458] kasan_report+0xdc/0x128 [ 19.359502] __asan_report_store1_noabort+0x20/0x30 [ 19.359575] kmalloc_large_oob_right+0x278/0x2b8 [ 19.359741] kunit_try_run_case+0x170/0x3f0 [ 19.359849] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.359962] kthread+0x328/0x630 [ 19.360306] ret_from_fork+0x10/0x20 [ 19.360367] [ 19.360413] The buggy address belongs to the physical page: [ 19.360445] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076b4 [ 19.360549] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.360596] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.360684] page_type: f8(unknown) [ 19.360723] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.360796] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.360884] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.361095] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.361328] head: 0bfffe0000000002 ffffc1ffc31dad01 00000000ffffffff 00000000ffffffff [ 19.361376] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.362421] page dumped because: kasan: bad access detected [ 19.362455] [ 19.363103] Memory state around the buggy address: [ 19.363162] fff00000c76b5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.363318] fff00000c76b5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.363359] >fff00000c76b6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.363415] ^ [ 19.363448] fff00000c76b6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.363496] fff00000c76b6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.363541] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.343533] ================================================================== [ 19.343606] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.343661] Write of size 1 at addr fff00000c641df00 by task kunit_try_catch/145 [ 19.343832] [ 19.343988] CPU: 1 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.345044] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.345097] Hardware name: linux,dummy-virt (DT) [ 19.345140] Call trace: [ 19.345178] show_stack+0x20/0x38 (C) [ 19.345253] dump_stack_lvl+0x8c/0xd0 [ 19.345310] print_report+0x118/0x608 [ 19.345357] kasan_report+0xdc/0x128 [ 19.345412] __asan_report_store1_noabort+0x20/0x30 [ 19.345463] kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.345529] kunit_try_run_case+0x170/0x3f0 [ 19.345622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.345674] kthread+0x328/0x630 [ 19.345733] ret_from_fork+0x10/0x20 [ 19.345780] [ 19.345816] Allocated by task 145: [ 19.345846] kasan_save_stack+0x3c/0x68 [ 19.345891] kasan_save_track+0x20/0x40 [ 19.345929] kasan_save_alloc_info+0x40/0x58 [ 19.345969] __kasan_kmalloc+0xd4/0xd8 [ 19.346005] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.346045] kmalloc_big_oob_right+0xb8/0x2f0 [ 19.346082] kunit_try_run_case+0x170/0x3f0 [ 19.346138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346305] kthread+0x328/0x630 [ 19.346347] ret_from_fork+0x10/0x20 [ 19.346493] [ 19.346531] The buggy address belongs to the object at fff00000c641c000 [ 19.346531] which belongs to the cache kmalloc-8k of size 8192 [ 19.346606] The buggy address is located 0 bytes to the right of [ 19.346606] allocated 7936-byte region [fff00000c641c000, fff00000c641df00) [ 19.346797] [ 19.346818] The buggy address belongs to the physical page: [ 19.346849] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106418 [ 19.346972] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.347072] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.347220] page_type: f5(slab) [ 19.347260] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.347315] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.347582] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.347647] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.347696] head: 0bfffe0000000003 ffffc1ffc3190601 00000000ffffffff 00000000ffffffff [ 19.347826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.347952] page dumped because: kasan: bad access detected [ 19.347983] [ 19.348083] Memory state around the buggy address: [ 19.348116] fff00000c641de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.348163] fff00000c641de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.348206] >fff00000c641df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348243] ^ [ 19.348318] fff00000c641df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348359] fff00000c641e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.348416] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.315617] ================================================================== [ 19.315680] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.315732] Write of size 1 at addr fff00000c638db78 by task kunit_try_catch/143 [ 19.315781] [ 19.315810] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.315890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.315916] Hardware name: linux,dummy-virt (DT) [ 19.315946] Call trace: [ 19.315966] show_stack+0x20/0x38 (C) [ 19.316014] dump_stack_lvl+0x8c/0xd0 [ 19.316061] print_report+0x118/0x608 [ 19.316107] kasan_report+0xdc/0x128 [ 19.316153] __asan_report_store1_noabort+0x20/0x30 [ 19.316204] kmalloc_track_caller_oob_right+0x40c/0x488 [ 19.316255] kunit_try_run_case+0x170/0x3f0 [ 19.316304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316356] kthread+0x328/0x630 [ 19.318001] ret_from_fork+0x10/0x20 [ 19.318052] [ 19.318070] Allocated by task 143: [ 19.318101] kasan_save_stack+0x3c/0x68 [ 19.318141] kasan_save_track+0x20/0x40 [ 19.318178] kasan_save_alloc_info+0x40/0x58 [ 19.318217] __kasan_kmalloc+0xd4/0xd8 [ 19.318253] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.318296] kmalloc_track_caller_oob_right+0xa8/0x488 [ 19.318336] kunit_try_run_case+0x170/0x3f0 [ 19.318373] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.318430] kthread+0x328/0x630 [ 19.318462] ret_from_fork+0x10/0x20 [ 19.318498] [ 19.318516] The buggy address belongs to the object at fff00000c638db00 [ 19.318516] which belongs to the cache kmalloc-128 of size 128 [ 19.318573] The buggy address is located 0 bytes to the right of [ 19.318573] allocated 120-byte region [fff00000c638db00, fff00000c638db78) [ 19.318636] [ 19.318655] The buggy address belongs to the physical page: [ 19.318684] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.318737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.318786] page_type: f5(slab) [ 19.318823] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.318873] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.318912] page dumped because: kasan: bad access detected [ 19.318942] [ 19.318960] Memory state around the buggy address: [ 19.318991] fff00000c638da00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.319034] fff00000c638da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.319077] >fff00000c638db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.319114] ^ [ 19.319153] fff00000c638db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.319194] fff00000c638dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.319231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 19.305841] ================================================================== [ 19.305987] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 19.306125] Read of size 1 at addr fff00000c63fb000 by task kunit_try_catch/141 [ 19.306245] [ 19.306307] CPU: 1 UID: 0 PID: 141 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.306387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.306459] Hardware name: linux,dummy-virt (DT) [ 19.306489] Call trace: [ 19.306519] show_stack+0x20/0x38 (C) [ 19.306587] dump_stack_lvl+0x8c/0xd0 [ 19.306673] print_report+0x118/0x608 [ 19.306738] kasan_report+0xdc/0x128 [ 19.306804] __asan_report_load1_noabort+0x20/0x30 [ 19.306861] kmalloc_node_oob_right+0x2f4/0x330 [ 19.306916] kunit_try_run_case+0x170/0x3f0 [ 19.306965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307121] kthread+0x328/0x630 [ 19.307253] ret_from_fork+0x10/0x20 [ 19.307361] [ 19.307379] Allocated by task 141: [ 19.307450] kasan_save_stack+0x3c/0x68 [ 19.307518] kasan_save_track+0x20/0x40 [ 19.307574] kasan_save_alloc_info+0x40/0x58 [ 19.307614] __kasan_kmalloc+0xd4/0xd8 [ 19.307651] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 19.307710] kmalloc_node_oob_right+0xbc/0x330 [ 19.307753] kunit_try_run_case+0x170/0x3f0 [ 19.307790] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.307832] kthread+0x328/0x630 [ 19.307864] ret_from_fork+0x10/0x20 [ 19.307899] [ 19.307917] The buggy address belongs to the object at fff00000c63fa000 [ 19.307917] which belongs to the cache kmalloc-4k of size 4096 [ 19.308029] The buggy address is located 0 bytes to the right of [ 19.308029] allocated 4096-byte region [fff00000c63fa000, fff00000c63fb000) [ 19.308220] [ 19.308239] The buggy address belongs to the physical page: [ 19.308332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f8 [ 19.308628] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.308682] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.308757] page_type: f5(slab) [ 19.308794] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.308844] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.308900] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 19.308948] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 19.308997] head: 0bfffe0000000003 ffffc1ffc318fe01 00000000ffffffff 00000000ffffffff [ 19.309256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.309331] page dumped because: kasan: bad access detected [ 19.309363] [ 19.309382] Memory state around the buggy address: [ 19.309424] fff00000c63faf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.309493] fff00000c63faf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.309560] >fff00000c63fb000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309733] ^ [ 19.309761] fff00000c63fb080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309802] fff00000c63fb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.309839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 19.293533] ================================================================== [ 19.293592] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 19.293645] Read of size 1 at addr fff00000c63900df by task kunit_try_catch/139 [ 19.293694] [ 19.294015] CPU: 1 UID: 0 PID: 139 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.294118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.294145] Hardware name: linux,dummy-virt (DT) [ 19.294177] Call trace: [ 19.294199] show_stack+0x20/0x38 (C) [ 19.294269] dump_stack_lvl+0x8c/0xd0 [ 19.294316] print_report+0x118/0x608 [ 19.294362] kasan_report+0xdc/0x128 [ 19.294428] __asan_report_load1_noabort+0x20/0x30 [ 19.294640] kmalloc_oob_left+0x2ec/0x320 [ 19.294693] kunit_try_run_case+0x170/0x3f0 [ 19.294826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.294879] kthread+0x328/0x630 [ 19.294944] ret_from_fork+0x10/0x20 [ 19.294993] [ 19.295047] Allocated by task 24: [ 19.295076] kasan_save_stack+0x3c/0x68 [ 19.295117] kasan_save_track+0x20/0x40 [ 19.295167] kasan_save_alloc_info+0x40/0x58 [ 19.295207] __kasan_kmalloc+0xd4/0xd8 [ 19.295269] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.295386] kvasprintf+0xe0/0x180 [ 19.295500] __kthread_create_on_node+0x16c/0x350 [ 19.295555] kthread_create_on_node+0xe4/0x130 [ 19.295597] create_worker+0x380/0x6b8 [ 19.295655] worker_thread+0x808/0xf38 [ 19.295690] kthread+0x328/0x630 [ 19.295722] ret_from_fork+0x10/0x20 [ 19.295771] [ 19.295790] The buggy address belongs to the object at fff00000c63900c0 [ 19.295790] which belongs to the cache kmalloc-16 of size 16 [ 19.295850] The buggy address is located 19 bytes to the right of [ 19.295850] allocated 12-byte region [fff00000c63900c0, fff00000c63900cc) [ 19.295914] [ 19.295933] The buggy address belongs to the physical page: [ 19.295962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106390 [ 19.296020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.296593] page_type: f5(slab) [ 19.296653] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.296708] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.296761] page dumped because: kasan: bad access detected [ 19.296805] [ 19.296822] Memory state around the buggy address: [ 19.296853] fff00000c638ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.296895] fff00000c6390000: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.296936] >fff00000c6390080: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 19.296973] ^ [ 19.297008] fff00000c6390100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.297088] fff00000c6390180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.297138] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 19.250842] ================================================================== [ 19.252298] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 19.253776] Write of size 1 at addr fff00000c638da73 by task kunit_try_catch/137 [ 19.253884] [ 19.255330] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 19.256210] Tainted: [N]=TEST [ 19.256347] Hardware name: linux,dummy-virt (DT) [ 19.257850] Call trace: [ 19.258473] show_stack+0x20/0x38 (C) [ 19.259562] dump_stack_lvl+0x8c/0xd0 [ 19.259653] print_report+0x118/0x608 [ 19.259704] kasan_report+0xdc/0x128 [ 19.259751] __asan_report_store1_noabort+0x20/0x30 [ 19.259803] kmalloc_oob_right+0x5a4/0x660 [ 19.259849] kunit_try_run_case+0x170/0x3f0 [ 19.259901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.259963] kthread+0x328/0x630 [ 19.260022] ret_from_fork+0x10/0x20 [ 19.261482] [ 19.261647] Allocated by task 137: [ 19.261931] kasan_save_stack+0x3c/0x68 [ 19.262251] kasan_save_track+0x20/0x40 [ 19.262341] kasan_save_alloc_info+0x40/0x58 [ 19.262418] __kasan_kmalloc+0xd4/0xd8 [ 19.262458] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.262513] kmalloc_oob_right+0xb0/0x660 [ 19.262560] kunit_try_run_case+0x170/0x3f0 [ 19.262597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.262649] kthread+0x328/0x630 [ 19.262682] ret_from_fork+0x10/0x20 [ 19.262763] [ 19.262883] The buggy address belongs to the object at fff00000c638da00 [ 19.262883] which belongs to the cache kmalloc-128 of size 128 [ 19.262999] The buggy address is located 0 bytes to the right of [ 19.262999] allocated 115-byte region [fff00000c638da00, fff00000c638da73) [ 19.263092] [ 19.263231] The buggy address belongs to the physical page: [ 19.263481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.263786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.264129] page_type: f5(slab) [ 19.264451] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.264516] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.264622] page dumped because: kasan: bad access detected [ 19.264662] [ 19.264687] Memory state around the buggy address: [ 19.264908] fff00000c638d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.267258] fff00000c638d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.267339] >fff00000c638da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.267456] ^ [ 19.267606] fff00000c638da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.267650] fff00000c638db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.267746] ================================================================== [ 19.274505] ================================================================== [ 19.274550] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 19.274632] Read of size 1 at addr fff00000c638da80 by task kunit_try_catch/137 [ 19.274696] [ 19.274725] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.274803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.274829] Hardware name: linux,dummy-virt (DT) [ 19.274857] Call trace: [ 19.274877] show_stack+0x20/0x38 (C) [ 19.274937] dump_stack_lvl+0x8c/0xd0 [ 19.275096] print_report+0x118/0x608 [ 19.275181] kasan_report+0xdc/0x128 [ 19.275228] __asan_report_load1_noabort+0x20/0x30 [ 19.275298] kmalloc_oob_right+0x5d0/0x660 [ 19.275387] kunit_try_run_case+0x170/0x3f0 [ 19.275457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.275531] kthread+0x328/0x630 [ 19.275573] ret_from_fork+0x10/0x20 [ 19.275705] [ 19.275737] Allocated by task 137: [ 19.275765] kasan_save_stack+0x3c/0x68 [ 19.275844] kasan_save_track+0x20/0x40 [ 19.275910] kasan_save_alloc_info+0x40/0x58 [ 19.275998] __kasan_kmalloc+0xd4/0xd8 [ 19.276124] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.276204] kmalloc_oob_right+0xb0/0x660 [ 19.276279] kunit_try_run_case+0x170/0x3f0 [ 19.276357] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.276453] kthread+0x328/0x630 [ 19.276487] ret_from_fork+0x10/0x20 [ 19.276534] [ 19.276552] The buggy address belongs to the object at fff00000c638da00 [ 19.276552] which belongs to the cache kmalloc-128 of size 128 [ 19.276756] The buggy address is located 13 bytes to the right of [ 19.276756] allocated 115-byte region [fff00000c638da00, fff00000c638da73) [ 19.276987] [ 19.277030] The buggy address belongs to the physical page: [ 19.277080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.277163] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.277209] page_type: f5(slab) [ 19.277301] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.277389] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.277497] page dumped because: kasan: bad access detected [ 19.277564] [ 19.277623] Memory state around the buggy address: [ 19.277654] fff00000c638d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278844] fff00000c638da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.278922] >fff00000c638da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278960] ^ [ 19.278987] fff00000c638db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279028] fff00000c638db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279500] ================================================================== [ 19.270301] ================================================================== [ 19.270343] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 19.270393] Write of size 1 at addr fff00000c638da78 by task kunit_try_catch/137 [ 19.270523] [ 19.270559] CPU: 1 UID: 0 PID: 137 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.270748] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.270782] Hardware name: linux,dummy-virt (DT) [ 19.270961] Call trace: [ 19.271154] show_stack+0x20/0x38 (C) [ 19.271208] dump_stack_lvl+0x8c/0xd0 [ 19.271254] print_report+0x118/0x608 [ 19.271299] kasan_report+0xdc/0x128 [ 19.271345] __asan_report_store1_noabort+0x20/0x30 [ 19.271408] kmalloc_oob_right+0x538/0x660 [ 19.271453] kunit_try_run_case+0x170/0x3f0 [ 19.271504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.271555] kthread+0x328/0x630 [ 19.271597] ret_from_fork+0x10/0x20 [ 19.271645] [ 19.271662] Allocated by task 137: [ 19.271689] kasan_save_stack+0x3c/0x68 [ 19.271729] kasan_save_track+0x20/0x40 [ 19.271766] kasan_save_alloc_info+0x40/0x58 [ 19.271806] __kasan_kmalloc+0xd4/0xd8 [ 19.271843] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.271881] kmalloc_oob_right+0xb0/0x660 [ 19.271916] kunit_try_run_case+0x170/0x3f0 [ 19.271953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.272076] kthread+0x328/0x630 [ 19.272131] ret_from_fork+0x10/0x20 [ 19.272353] [ 19.272448] The buggy address belongs to the object at fff00000c638da00 [ 19.272448] which belongs to the cache kmalloc-128 of size 128 [ 19.272556] The buggy address is located 5 bytes to the right of [ 19.272556] allocated 115-byte region [fff00000c638da00, fff00000c638da73) [ 19.272696] [ 19.272753] The buggy address belongs to the physical page: [ 19.272783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638d [ 19.272867] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.272917] page_type: f5(slab) [ 19.272955] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.273005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.273045] page dumped because: kasan: bad access detected [ 19.273083] [ 19.273268] Memory state around the buggy address: [ 19.273353] fff00000c638d900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.273467] fff00000c638d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273572] >fff00000c638da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.273673] ^ [ 19.273730] fff00000c638da80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.273774] fff00000c638db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.274093] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 97.475199] WARNING: CPU: 1 PID: 657 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 97.476055] Modules linked in: [ 97.476696] CPU: 1 UID: 0 PID: 657 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 97.477380] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 97.477839] Hardware name: linux,dummy-virt (DT) [ 97.478213] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.478700] pc : intlog10+0x38/0x48 [ 97.479081] lr : intlog10_test+0xe4/0x200 [ 97.479469] sp : ffff800082267c10 [ 97.479833] x29: ffff800082267c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.480514] x26: 1ffe00001977ee41 x25: 0000000000000000 x24: ffff800082267ce0 [ 97.481125] x23: ffff800082267d00 x22: 0000000000000000 x21: 1ffff0001044cf82 [ 97.481681] x20: ffffaa5613489e80 x19: ffff800080087990 x18: 00000000bdd9ed1f [ 97.482177] x17: 0000000094c89144 x16: 0000000000000100 x15: 000000002de6da0e [ 97.482684] x14: 00000000f1f1f1f1 x13: 0000000000000005 x12: ffff754ac2e63379 [ 97.483178] x11: 1ffff54ac2e63378 x10: ffff754ac2e63378 x9 : ffffaa5610a3501c [ 97.483621] x8 : ffffaa5617319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.484217] x5 : ffff70001044cf82 x4 : 1ffff00010010f3a x3 : 1ffff54ac26913d0 [ 97.484694] x2 : 1ffff54ac26913d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.485187] Call trace: [ 97.485392] intlog10+0x38/0x48 (P) [ 97.485685] kunit_try_run_case+0x170/0x3f0 [ 97.486007] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.486356] kthread+0x328/0x630 [ 97.486659] ret_from_fork+0x10/0x20 [ 97.486967] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 97.423306] WARNING: CPU: 1 PID: 639 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 97.425885] Modules linked in: [ 97.426170] CPU: 1 UID: 0 PID: 639 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 97.426769] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 97.426982] Hardware name: linux,dummy-virt (DT) [ 97.427344] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 97.427716] pc : intlog2+0xd8/0xf8 [ 97.427914] lr : intlog2_test+0xe4/0x200 [ 97.428254] sp : ffff8000821e7c10 [ 97.428574] x29: ffff8000821e7c90 x28: 0000000000000000 x27: 0000000000000000 [ 97.429042] x26: 1ffe000018dd5a61 x25: 0000000000000000 x24: ffff8000821e7ce0 [ 97.429465] x23: ffff8000821e7d00 x22: 0000000000000000 x21: 1ffff0001043cf82 [ 97.429871] x20: ffffaa5613489d80 x19: ffff800080087990 x18: 000000003728d8a9 [ 97.430337] x17: 0000000000c9cf95 x16: fff00000c0975c3c x15: fff00000ff616b08 [ 97.430771] x14: 00000000f1f1f1f1 x13: 1ffe00001b48a5cd x12: ffff754ac2e63379 [ 97.431274] x11: 1ffff54ac2e63378 x10: ffff754ac2e63378 x9 : ffffaa5610a3521c [ 97.431695] x8 : ffffaa5617319bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 97.432093] x5 : ffff70001043cf82 x4 : 1ffff00010010f3a x3 : 1ffff54ac26913b0 [ 97.432527] x2 : 1ffff54ac26913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 97.432942] Call trace: [ 97.433128] intlog2+0xd8/0xf8 (P) [ 97.433348] kunit_try_run_case+0x170/0x3f0 [ 97.433629] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 97.433915] kthread+0x328/0x630 [ 97.434102] ret_from_fork+0x10/0x20 [ 97.434317] ---[ end trace 0000000000000000 ]---