Date
July 8, 2025, 7:07 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.002823] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x894/0x4858 [ 21.902574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f94/0x4858 [ 21.849869] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f7c/0x4858 [ 21.877925] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2b0/0x4858 [ 21.945095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x54c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.758111] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.732804] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 99.129895] Internal error: Oops: 0000000096000005 [#1] SMP [ 99.136314] Modules linked in: [ 99.136897] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 99.137878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 99.138343] Hardware name: linux,dummy-virt (DT) [ 99.138931] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 99.139751] pc : kunit_test_null_dereference+0x70/0x170 [ 99.140577] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.141321] sp : ffff800080ec7d30 [ 99.141702] x29: ffff800080ec7d90 x28: 0000000000000000 x27: 0000000000000000 [ 99.142140] x26: 1ffe000018ad1ae1 x25: 0000000000000000 x24: 0000000000000004 [ 99.142483] x23: fff00000c568d70c x22: ffff9d16e92235b8 x21: fff00000c8d0d508 [ 99.142833] x20: 1ffff000101d8fa6 x19: ffff800080087990 x18: 000000008cd981ae [ 99.143173] x17: 0000000000000001 x16: fff00000da453d28 x15: 000000009bce1a63 [ 99.143571] x14: 00000000e05c83f4 x13: 1ffe00001b48a789 x12: fffd800018ce48b4 [ 99.144530] x11: 1ffe000018ce48b3 x10: fffd800018ce48b3 x9 : ffff9d16e921aa20 [ 99.145840] x8 : ffff800080ec7c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 99.146767] x5 : ffff7000101d8fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 99.147992] x2 : dfff800000000000 x1 : fff00000c6723cc0 x0 : ffff800080087990 [ 99.149202] Call trace: [ 99.149780] kunit_test_null_dereference+0x70/0x170 (P) [ 99.150650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 99.151512] kthread+0x328/0x630 [ 99.152129] ret_from_fork+0x10/0x20 [ 99.153034] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 99.154346] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 54.500458] ================================================================== [ 54.500532] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 54.500532] [ 54.500613] Use-after-free read at 0x000000005569bad2 (in kfence-#160): [ 54.500663] test_krealloc+0x51c/0x830 [ 54.500707] kunit_try_run_case+0x170/0x3f0 [ 54.500767] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.500811] kthread+0x328/0x630 [ 54.500849] ret_from_fork+0x10/0x20 [ 54.500891] [ 54.500914] kfence-#160: 0x000000005569bad2-0x000000001b3bcb38, size=32, cache=kmalloc-32 [ 54.500914] [ 54.500968] allocated by task 337 on cpu 1 at 54.499803s (0.001161s ago): [ 54.501033] test_alloc+0x29c/0x628 [ 54.501073] test_krealloc+0xc0/0x830 [ 54.501112] kunit_try_run_case+0x170/0x3f0 [ 54.501153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.501198] kthread+0x328/0x630 [ 54.501232] ret_from_fork+0x10/0x20 [ 54.501270] [ 54.501294] freed by task 337 on cpu 1 at 54.500057s (0.001233s ago): [ 54.501354] krealloc_noprof+0x148/0x360 [ 54.501396] test_krealloc+0x1dc/0x830 [ 54.501435] kunit_try_run_case+0x170/0x3f0 [ 54.501474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.501517] kthread+0x328/0x630 [ 54.501553] ret_from_fork+0x10/0x20 [ 54.501592] [ 54.501633] CPU: 1 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 54.501717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.501746] Hardware name: linux,dummy-virt (DT) [ 54.501778] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 54.423984] ================================================================== [ 54.424088] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 54.424088] [ 54.424197] Use-after-free read at 0x00000000e16fc365 (in kfence-#159): [ 54.424251] test_memcache_typesafe_by_rcu+0x280/0x560 [ 54.424299] kunit_try_run_case+0x170/0x3f0 [ 54.424347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.424393] kthread+0x328/0x630 [ 54.424431] ret_from_fork+0x10/0x20 [ 54.424472] [ 54.424495] kfence-#159: 0x00000000e16fc365-0x0000000067494d1a, size=32, cache=test [ 54.424495] [ 54.424548] allocated by task 335 on cpu 1 at 54.403802s (0.020742s ago): [ 54.424616] test_alloc+0x230/0x628 [ 54.424656] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 54.424698] kunit_try_run_case+0x170/0x3f0 [ 54.424753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.424797] kthread+0x328/0x630 [ 54.424831] ret_from_fork+0x10/0x20 [ 54.424871] [ 54.424893] freed by task 335 on cpu 1 at 54.403920s (0.020969s ago): [ 54.424950] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 54.424993] kunit_try_run_case+0x170/0x3f0 [ 54.425031] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 54.425073] kthread+0x328/0x630 [ 54.425109] ret_from_fork+0x10/0x20 [ 54.425147] [ 54.425193] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 54.425273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.425301] Hardware name: linux,dummy-virt (DT) [ 54.425337] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 31.015389] ================================================================== [ 31.017450] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 31.017450] [ 31.017616] Invalid read at 0x00000000ee569ed4: [ 31.017727] test_invalid_access+0xdc/0x1f0 [ 31.017787] kunit_try_run_case+0x170/0x3f0 [ 31.017863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.017926] kthread+0x328/0x630 [ 31.017972] ret_from_fork+0x10/0x20 [ 31.018026] [ 31.018078] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 31.018164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.018200] Hardware name: linux,dummy-virt (DT) [ 31.018240] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 30.788162] ================================================================== [ 30.788257] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.788257] [ 30.788322] Corrupted memory at 0x00000000c97fe440 [ ! . . . . . . . . . . . . . . . ] (in kfence-#155): [ 30.788629] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.788677] kunit_try_run_case+0x170/0x3f0 [ 30.788733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.788776] kthread+0x328/0x630 [ 30.788814] ret_from_fork+0x10/0x20 [ 30.788853] [ 30.788878] kfence-#155: 0x00000000f1a0d503-0x00000000c1971818, size=73, cache=kmalloc-96 [ 30.788878] [ 30.788934] allocated by task 325 on cpu 1 at 30.787916s (0.001014s ago): [ 30.788997] test_alloc+0x29c/0x628 [ 30.789037] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 30.789080] kunit_try_run_case+0x170/0x3f0 [ 30.789119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.789162] kthread+0x328/0x630 [ 30.789198] ret_from_fork+0x10/0x20 [ 30.789236] [ 30.789260] freed by task 325 on cpu 1 at 30.788070s (0.001186s ago): [ 30.789321] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 30.789364] kunit_try_run_case+0x170/0x3f0 [ 30.789404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.789445] kthread+0x328/0x630 [ 30.789482] ret_from_fork+0x10/0x20 [ 30.789519] [ 30.789562] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 30.789640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.789668] Hardware name: linux,dummy-virt (DT) [ 30.789701] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 30.580131] ================================================================== [ 30.580236] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 30.580236] [ 30.580338] Out-of-bounds read at 0x00000000ab592a25 (105B right of kfence-#153): [ 30.580398] test_kmalloc_aligned_oob_read+0x238/0x468 [ 30.580447] kunit_try_run_case+0x170/0x3f0 [ 30.580492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.580536] kthread+0x328/0x630 [ 30.580575] ret_from_fork+0x10/0x20 [ 30.580616] [ 30.580640] kfence-#153: 0x0000000018ea57af-0x00000000b981af42, size=73, cache=kmalloc-96 [ 30.580640] [ 30.580693] allocated by task 323 on cpu 1 at 30.579877s (0.000812s ago): [ 30.580778] test_alloc+0x29c/0x628 [ 30.580819] test_kmalloc_aligned_oob_read+0x100/0x468 [ 30.580864] kunit_try_run_case+0x170/0x3f0 [ 30.580904] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 30.580947] kthread+0x328/0x630 [ 30.580983] ret_from_fork+0x10/0x20 [ 30.581023] [ 30.581069] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 30.581151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.581182] Hardware name: linux,dummy-virt (DT) [ 30.581218] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 25.484041] ================================================================== [ 25.484140] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 25.484140] [ 25.484202] Corrupted memory at 0x0000000054587bbd [ ! ] (in kfence-#104): [ 25.484315] test_corruption+0x1d8/0x378 [ 25.484360] kunit_try_run_case+0x170/0x3f0 [ 25.484405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.484449] kthread+0x328/0x630 [ 25.484487] ret_from_fork+0x10/0x20 [ 25.484526] [ 25.484551] kfence-#104: 0x00000000a7c01411-0x000000007a7f48fc, size=32, cache=test [ 25.484551] [ 25.484604] allocated by task 313 on cpu 0 at 25.483900s (0.000700s ago): [ 25.484664] test_alloc+0x230/0x628 [ 25.484705] test_corruption+0x198/0x378 [ 25.484758] kunit_try_run_case+0x170/0x3f0 [ 25.484798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.484840] kthread+0x328/0x630 [ 25.484877] ret_from_fork+0x10/0x20 [ 25.484915] [ 25.484937] freed by task 313 on cpu 0 at 25.483956s (0.000977s ago): [ 25.484998] test_corruption+0x1d8/0x378 [ 25.485040] kunit_try_run_case+0x170/0x3f0 [ 25.485078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.485121] kthread+0x328/0x630 [ 25.485155] ret_from_fork+0x10/0x20 [ 25.485195] [ 25.485235] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.485311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.485340] Hardware name: linux,dummy-virt (DT) [ 25.485375] ================================================================== [ 24.860169] ================================================================== [ 24.860254] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 24.860254] [ 24.860317] Corrupted memory at 0x000000002e42f50f [ ! ] (in kfence-#98): [ 24.860443] test_corruption+0x284/0x378 [ 24.860490] kunit_try_run_case+0x170/0x3f0 [ 24.860534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.860578] kthread+0x328/0x630 [ 24.860617] ret_from_fork+0x10/0x20 [ 24.860657] [ 24.860682] kfence-#98: 0x000000001734efec-0x00000000496d01d9, size=32, cache=kmalloc-32 [ 24.860682] [ 24.860749] allocated by task 311 on cpu 0 at 24.859895s (0.000851s ago): [ 24.860811] test_alloc+0x29c/0x628 [ 24.860850] test_corruption+0x198/0x378 [ 24.860891] kunit_try_run_case+0x170/0x3f0 [ 24.860932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.860976] kthread+0x328/0x630 [ 24.861011] ret_from_fork+0x10/0x20 [ 24.861048] [ 24.861072] freed by task 311 on cpu 0 at 24.859997s (0.001072s ago): [ 24.861132] test_corruption+0x284/0x378 [ 24.861171] kunit_try_run_case+0x170/0x3f0 [ 24.861210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.861254] kthread+0x328/0x630 [ 24.861288] ret_from_fork+0x10/0x20 [ 24.861327] [ 24.861369] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.861445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.861475] Hardware name: linux,dummy-virt (DT) [ 24.861506] ================================================================== [ 25.068166] ================================================================== [ 25.068268] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 25.068268] [ 25.068331] Corrupted memory at 0x00000000236048fd [ ! . . . . . . . . . . . . . . . ] (in kfence-#100): [ 25.068636] test_corruption+0x120/0x378 [ 25.068681] kunit_try_run_case+0x170/0x3f0 [ 25.068740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.068785] kthread+0x328/0x630 [ 25.068824] ret_from_fork+0x10/0x20 [ 25.068863] [ 25.068886] kfence-#100: 0x00000000dd91d07f-0x00000000059339d2, size=32, cache=test [ 25.068886] [ 25.068940] allocated by task 313 on cpu 0 at 25.067918s (0.001018s ago): [ 25.069001] test_alloc+0x230/0x628 [ 25.069041] test_corruption+0xdc/0x378 [ 25.069081] kunit_try_run_case+0x170/0x3f0 [ 25.069120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.069164] kthread+0x328/0x630 [ 25.069198] ret_from_fork+0x10/0x20 [ 25.069236] [ 25.069260] freed by task 313 on cpu 0 at 25.067972s (0.001284s ago): [ 25.069320] test_corruption+0x120/0x378 [ 25.069360] kunit_try_run_case+0x170/0x3f0 [ 25.069399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 25.069443] kthread+0x328/0x630 [ 25.069479] ret_from_fork+0x10/0x20 [ 25.069517] [ 25.069559] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 25.069635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.069663] Hardware name: linux,dummy-virt (DT) [ 25.069699] ================================================================== [ 24.756149] ================================================================== [ 24.756259] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 24.756259] [ 24.756327] Corrupted memory at 0x00000000b67b27c3 [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 24.757441] test_corruption+0x278/0x378 [ 24.757494] kunit_try_run_case+0x170/0x3f0 [ 24.757540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.757585] kthread+0x328/0x630 [ 24.757623] ret_from_fork+0x10/0x20 [ 24.757664] [ 24.757687] kfence-#97: 0x0000000093bea726-0x00000000cddf3fee, size=32, cache=kmalloc-32 [ 24.757687] [ 24.757758] allocated by task 311 on cpu 0 at 24.755847s (0.001908s ago): [ 24.757823] test_alloc+0x29c/0x628 [ 24.757864] test_corruption+0xdc/0x378 [ 24.757905] kunit_try_run_case+0x170/0x3f0 [ 24.757945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.757989] kthread+0x328/0x630 [ 24.758025] ret_from_fork+0x10/0x20 [ 24.758064] [ 24.758087] freed by task 311 on cpu 0 at 24.755964s (0.002119s ago): [ 24.758148] test_corruption+0x278/0x378 [ 24.758190] kunit_try_run_case+0x170/0x3f0 [ 24.758230] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.758274] kthread+0x328/0x630 [ 24.758310] ret_from_fork+0x10/0x20 [ 24.758349] [ 24.758396] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.758476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.758508] Hardware name: linux,dummy-virt (DT) [ 24.758544] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 24.651951] ================================================================== [ 24.652042] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 24.652042] [ 24.652104] Invalid free of 0x000000002946c79a (in kfence-#96): [ 24.652156] test_invalid_addr_free+0xec/0x238 [ 24.652201] kunit_try_run_case+0x170/0x3f0 [ 24.652243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.652286] kthread+0x328/0x630 [ 24.652323] ret_from_fork+0x10/0x20 [ 24.652361] [ 24.652384] kfence-#96: 0x00000000cba4ec33-0x0000000060b851a3, size=32, cache=test [ 24.652384] [ 24.652435] allocated by task 309 on cpu 1 at 24.651838s (0.000594s ago): [ 24.652498] test_alloc+0x230/0x628 [ 24.652537] test_invalid_addr_free+0xd4/0x238 [ 24.652578] kunit_try_run_case+0x170/0x3f0 [ 24.652616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.652660] kthread+0x328/0x630 [ 24.652696] ret_from_fork+0x10/0x20 [ 24.652746] [ 24.652789] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.652867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.652895] Hardware name: linux,dummy-virt (DT) [ 24.652928] ================================================================== [ 24.547988] ================================================================== [ 24.548081] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 24.548081] [ 24.548149] Invalid free of 0x00000000d1686fe3 (in kfence-#95): [ 24.548201] test_invalid_addr_free+0x1ac/0x238 [ 24.548247] kunit_try_run_case+0x170/0x3f0 [ 24.548288] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.548333] kthread+0x328/0x630 [ 24.548372] ret_from_fork+0x10/0x20 [ 24.548413] [ 24.548438] kfence-#95: 0x00000000811687dc-0x00000000a84ebcd0, size=32, cache=kmalloc-32 [ 24.548438] [ 24.548492] allocated by task 307 on cpu 1 at 24.547849s (0.000640s ago): [ 24.548555] test_alloc+0x29c/0x628 [ 24.548594] test_invalid_addr_free+0xd4/0x238 [ 24.548636] kunit_try_run_case+0x170/0x3f0 [ 24.548675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.548731] kthread+0x328/0x630 [ 24.548766] ret_from_fork+0x10/0x20 [ 24.548806] [ 24.548849] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.548933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.548962] Hardware name: linux,dummy-virt (DT) [ 24.548997] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 24.340253] ================================================================== [ 24.340372] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 24.340372] [ 24.340443] Invalid free of 0x00000000e90dc952 (in kfence-#93): [ 24.340508] test_double_free+0x1bc/0x238 [ 24.340554] kunit_try_run_case+0x170/0x3f0 [ 24.340599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.340643] kthread+0x328/0x630 [ 24.340682] ret_from_fork+0x10/0x20 [ 24.340738] [ 24.340762] kfence-#93: 0x00000000e90dc952-0x000000003a4fa68d, size=32, cache=kmalloc-32 [ 24.340762] [ 24.340817] allocated by task 303 on cpu 1 at 24.339922s (0.000891s ago): [ 24.340880] test_alloc+0x29c/0x628 [ 24.340920] test_double_free+0xd4/0x238 [ 24.340962] kunit_try_run_case+0x170/0x3f0 [ 24.341000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.341044] kthread+0x328/0x630 [ 24.341079] ret_from_fork+0x10/0x20 [ 24.341119] [ 24.341142] freed by task 303 on cpu 1 at 24.339994s (0.001144s ago): [ 24.341206] test_double_free+0x1ac/0x238 [ 24.341247] kunit_try_run_case+0x170/0x3f0 [ 24.341286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.341330] kthread+0x328/0x630 [ 24.341366] ret_from_fork+0x10/0x20 [ 24.341403] [ 24.341451] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.341533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.341563] Hardware name: linux,dummy-virt (DT) [ 24.341603] ================================================================== [ 24.444028] ================================================================== [ 24.444132] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 24.444132] [ 24.444194] Invalid free of 0x00000000f87393c8 (in kfence-#94): [ 24.444248] test_double_free+0x100/0x238 [ 24.444291] kunit_try_run_case+0x170/0x3f0 [ 24.444333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.444378] kthread+0x328/0x630 [ 24.444414] ret_from_fork+0x10/0x20 [ 24.444452] [ 24.444476] kfence-#94: 0x00000000f87393c8-0x00000000e7483b79, size=32, cache=test [ 24.444476] [ 24.444528] allocated by task 305 on cpu 1 at 24.443821s (0.000703s ago): [ 24.444590] test_alloc+0x230/0x628 [ 24.444631] test_double_free+0xd4/0x238 [ 24.444669] kunit_try_run_case+0x170/0x3f0 [ 24.444721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.444765] kthread+0x328/0x630 [ 24.444800] ret_from_fork+0x10/0x20 [ 24.444839] [ 24.444861] freed by task 305 on cpu 1 at 24.443883s (0.000975s ago): [ 24.444923] test_double_free+0xf0/0x238 [ 24.444963] kunit_try_run_case+0x170/0x3f0 [ 24.445003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.445046] kthread+0x328/0x630 [ 24.445082] ret_from_fork+0x10/0x20 [ 24.445121] [ 24.445162] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.445240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.445268] Hardware name: linux,dummy-virt (DT) [ 24.445302] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 24.028894] ================================================================== [ 24.029428] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 24.029428] [ 24.029540] Use-after-free read at 0x000000001524bf6d (in kfence-#90): [ 24.029752] test_use_after_free_read+0x114/0x248 [ 24.029871] kunit_try_run_case+0x170/0x3f0 [ 24.029936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.029982] kthread+0x328/0x630 [ 24.030048] ret_from_fork+0x10/0x20 [ 24.030164] [ 24.030190] kfence-#90: 0x000000001524bf6d-0x00000000659b3732, size=32, cache=test [ 24.030190] [ 24.030242] allocated by task 297 on cpu 0 at 24.028578s (0.001660s ago): [ 24.030319] test_alloc+0x230/0x628 [ 24.030636] test_use_after_free_read+0xd0/0x248 [ 24.030777] kunit_try_run_case+0x170/0x3f0 [ 24.030871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.030957] kthread+0x328/0x630 [ 24.031014] ret_from_fork+0x10/0x20 [ 24.031125] [ 24.031174] freed by task 297 on cpu 0 at 24.028652s (0.002511s ago): [ 24.031286] test_use_after_free_read+0xf0/0x248 [ 24.031332] kunit_try_run_case+0x170/0x3f0 [ 24.031503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.031889] kthread+0x328/0x630 [ 24.032012] ret_from_fork+0x10/0x20 [ 24.032054] [ 24.032111] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 24.032529] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.032771] Hardware name: linux,dummy-virt (DT) [ 24.033013] ================================================================== [ 23.926957] ================================================================== [ 23.927037] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 23.927037] [ 23.927135] Use-after-free read at 0x00000000f33885df (in kfence-#89): [ 23.927420] test_use_after_free_read+0x114/0x248 [ 23.927590] kunit_try_run_case+0x170/0x3f0 [ 23.927807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.927972] kthread+0x328/0x630 [ 23.928164] ret_from_fork+0x10/0x20 [ 23.928228] [ 23.928253] kfence-#89: 0x00000000f33885df-0x00000000faa50229, size=32, cache=kmalloc-32 [ 23.928253] [ 23.928307] allocated by task 295 on cpu 0 at 23.926099s (0.002204s ago): [ 23.928379] test_alloc+0x29c/0x628 [ 23.928840] test_use_after_free_read+0xd0/0x248 [ 23.929005] kunit_try_run_case+0x170/0x3f0 [ 23.929174] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.929278] kthread+0x328/0x630 [ 23.929929] ret_from_fork+0x10/0x20 [ 23.930026] [ 23.930167] freed by task 295 on cpu 0 at 23.926416s (0.003730s ago): [ 23.930353] test_use_after_free_read+0x1c0/0x248 [ 23.930486] kunit_try_run_case+0x170/0x3f0 [ 23.930703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.931118] kthread+0x328/0x630 [ 23.931217] ret_from_fork+0x10/0x20 [ 23.931389] [ 23.931485] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.931733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.931765] Hardware name: linux,dummy-virt (DT) [ 23.931799] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.821508] ================================================================== [ 23.821588] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.821588] [ 23.821955] Out-of-bounds write at 0x00000000a37231ef (1B left of kfence-#88): [ 23.822027] test_out_of_bounds_write+0x100/0x240 [ 23.822078] kunit_try_run_case+0x170/0x3f0 [ 23.822233] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.822286] kthread+0x328/0x630 [ 23.822335] ret_from_fork+0x10/0x20 [ 23.822633] [ 23.822702] kfence-#88: 0x00000000739abab5-0x000000001b85e7c6, size=32, cache=test [ 23.822702] [ 23.822786] allocated by task 293 on cpu 0 at 23.821361s (0.001412s ago): [ 23.822858] test_alloc+0x230/0x628 [ 23.823131] test_out_of_bounds_write+0xc8/0x240 [ 23.823201] kunit_try_run_case+0x170/0x3f0 [ 23.823263] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.823374] kthread+0x328/0x630 [ 23.823436] ret_from_fork+0x10/0x20 [ 23.823493] [ 23.823540] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.823919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.824039] Hardware name: linux,dummy-virt (DT) [ 23.824199] ================================================================== [ 23.717889] ================================================================== [ 23.717975] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 23.717975] [ 23.718193] Out-of-bounds write at 0x00000000a758121f (1B left of kfence-#87): [ 23.718263] test_out_of_bounds_write+0x100/0x240 [ 23.718402] kunit_try_run_case+0x170/0x3f0 [ 23.718455] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.718500] kthread+0x328/0x630 [ 23.718605] ret_from_fork+0x10/0x20 [ 23.718670] [ 23.718695] kfence-#87: 0x000000001ac3167a-0x000000001fb590fe, size=32, cache=kmalloc-32 [ 23.718695] [ 23.718800] allocated by task 291 on cpu 0 at 23.717192s (0.001593s ago): [ 23.718901] test_alloc+0x29c/0x628 [ 23.719195] test_out_of_bounds_write+0xc8/0x240 [ 23.719256] kunit_try_run_case+0x170/0x3f0 [ 23.719301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.719458] kthread+0x328/0x630 [ 23.719593] ret_from_fork+0x10/0x20 [ 23.719736] [ 23.719888] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.720148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.720311] Hardware name: linux,dummy-virt (DT) [ 23.720387] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.677344] ================================================================== [ 22.677425] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 22.677425] [ 22.677764] Out-of-bounds read at 0x0000000015d7aa74 (1B left of kfence-#77): [ 22.678514] test_out_of_bounds_read+0x114/0x3e0 [ 22.678594] kunit_try_run_case+0x170/0x3f0 [ 22.678639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.678683] kthread+0x328/0x630 [ 22.678971] ret_from_fork+0x10/0x20 [ 22.679042] [ 22.679083] kfence-#77: 0x00000000f1910bc1-0x0000000089a2c536, size=32, cache=kmalloc-32 [ 22.679083] [ 22.679138] allocated by task 287 on cpu 0 at 22.676623s (0.002511s ago): [ 22.679426] test_alloc+0x29c/0x628 [ 22.680072] test_out_of_bounds_read+0xdc/0x3e0 [ 22.680203] kunit_try_run_case+0x170/0x3f0 [ 22.680247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.680311] kthread+0x328/0x630 [ 22.680464] ret_from_fork+0x10/0x20 [ 22.680941] [ 22.681317] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.681490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.681683] Hardware name: linux,dummy-virt (DT) [ 22.681757] ================================================================== [ 23.301267] ================================================================== [ 23.301357] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 23.301357] [ 23.301436] Out-of-bounds read at 0x000000002e96711b (32B right of kfence-#83): [ 23.301745] test_out_of_bounds_read+0x1c8/0x3e0 [ 23.301972] kunit_try_run_case+0x170/0x3f0 [ 23.302251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.302316] kthread+0x328/0x630 [ 23.302391] ret_from_fork+0x10/0x20 [ 23.302433] [ 23.302597] kfence-#83: 0x0000000089413cdd-0x000000001b28c0b6, size=32, cache=test [ 23.302597] [ 23.302798] allocated by task 289 on cpu 0 at 23.300879s (0.001777s ago): [ 23.302881] test_alloc+0x230/0x628 [ 23.303223] test_out_of_bounds_read+0x198/0x3e0 [ 23.303291] kunit_try_run_case+0x170/0x3f0 [ 23.303332] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.303626] kthread+0x328/0x630 [ 23.303766] ret_from_fork+0x10/0x20 [ 23.303814] [ 23.303960] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.304085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.304172] Hardware name: linux,dummy-virt (DT) [ 23.304238] ================================================================== [ 22.884892] ================================================================== [ 22.885242] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 22.885242] [ 22.885354] Out-of-bounds read at 0x000000001a44f42f (32B right of kfence-#79): [ 22.885628] test_out_of_bounds_read+0x1c8/0x3e0 [ 22.885816] kunit_try_run_case+0x170/0x3f0 [ 22.885870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.885926] kthread+0x328/0x630 [ 22.885963] ret_from_fork+0x10/0x20 [ 22.886172] [ 22.886294] kfence-#79: 0x00000000e3f45ea9-0x00000000dc3036f5, size=32, cache=kmalloc-32 [ 22.886294] [ 22.886382] allocated by task 287 on cpu 0 at 22.884288s (0.002090s ago): [ 22.886467] test_alloc+0x29c/0x628 [ 22.886508] test_out_of_bounds_read+0x198/0x3e0 [ 22.886551] kunit_try_run_case+0x170/0x3f0 [ 22.886590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.887047] kthread+0x328/0x630 [ 22.887089] ret_from_fork+0x10/0x20 [ 22.887130] [ 22.887173] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.887261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.887410] Hardware name: linux,dummy-virt (DT) [ 22.887511] ================================================================== [ 23.093044] ================================================================== [ 23.093137] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 23.093137] [ 23.093221] Out-of-bounds read at 0x0000000048a1d9ef (1B left of kfence-#81): [ 23.093277] test_out_of_bounds_read+0x114/0x3e0 [ 23.093729] kunit_try_run_case+0x170/0x3f0 [ 23.093931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.094003] kthread+0x328/0x630 [ 23.094045] ret_from_fork+0x10/0x20 [ 23.094133] [ 23.094507] kfence-#81: 0x00000000e0305de5-0x0000000085dc5664, size=32, cache=test [ 23.094507] [ 23.094760] allocated by task 289 on cpu 0 at 23.092600s (0.002058s ago): [ 23.094912] test_alloc+0x230/0x628 [ 23.095004] test_out_of_bounds_read+0xdc/0x3e0 [ 23.095058] kunit_try_run_case+0x170/0x3f0 [ 23.095099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.095143] kthread+0x328/0x630 [ 23.095179] ret_from_fork+0x10/0x20 [ 23.095227] [ 23.095273] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 23.095352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.095402] Hardware name: linux,dummy-virt (DT) [ 23.095598] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset
[ 19.414845] ================================================================== [ 19.414937] BUG: KFENCE: use-after-free write in __memset+0xc/0x20 [ 19.414937] [ 19.415423] Use-after-free write at 0x00000000c36ab212 (in kfence-#54): [ 19.415847] __memset+0xc/0x20 [ 19.416032] kmalloc_uaf_memset+0x170/0x310 [ 19.416141] kunit_try_run_case+0x170/0x3f0 [ 19.416237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.416556] kthread+0x328/0x630 [ 19.416659] ret_from_fork+0x10/0x20 [ 19.416707] [ 19.417261] kfence-#54: 0x00000000c36ab212-0x0000000041f9e45c, size=33, cache=kmalloc-64 [ 19.417261] [ 19.417496] allocated by task 186 on cpu 1 at 19.413346s (0.004064s ago): [ 19.417947] kmalloc_uaf_memset+0xb8/0x310 [ 19.418025] kunit_try_run_case+0x170/0x3f0 [ 19.418067] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418120] kthread+0x328/0x630 [ 19.418166] ret_from_fork+0x10/0x20 [ 19.418282] [ 19.418414] freed by task 186 on cpu 1 at 19.413407s (0.004913s ago): [ 19.418565] kmalloc_uaf_memset+0x11c/0x310 [ 19.418604] kunit_try_run_case+0x170/0x3f0 [ 19.418642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418684] kthread+0x328/0x630 [ 19.418751] ret_from_fork+0x10/0x20 [ 19.419627] [ 19.420029] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.420492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.420525] Hardware name: linux,dummy-virt (DT) [ 19.420885] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.585931] ================================================================== [ 22.585992] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 22.586138] Write of size 1 at addr fff00000c5713f78 by task kunit_try_catch/285 [ 22.586199] [ 22.586280] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.586744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.586809] Hardware name: linux,dummy-virt (DT) [ 22.586976] Call trace: [ 22.587201] show_stack+0x20/0x38 (C) [ 22.587416] dump_stack_lvl+0x8c/0xd0 [ 22.587486] print_report+0x118/0x608 [ 22.587854] kasan_report+0xdc/0x128 [ 22.588024] __asan_report_store1_noabort+0x20/0x30 [ 22.588141] strncpy_from_user+0x270/0x2a0 [ 22.588602] copy_user_test_oob+0x5c0/0xec8 [ 22.588681] kunit_try_run_case+0x170/0x3f0 [ 22.588918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.589052] kthread+0x328/0x630 [ 22.589280] ret_from_fork+0x10/0x20 [ 22.589347] [ 22.589369] Allocated by task 285: [ 22.589398] kasan_save_stack+0x3c/0x68 [ 22.589792] kasan_save_track+0x20/0x40 [ 22.589861] kasan_save_alloc_info+0x40/0x58 [ 22.589905] __kasan_kmalloc+0xd4/0xd8 [ 22.589942] __kmalloc_noprof+0x198/0x4c8 [ 22.589989] kunit_kmalloc_array+0x34/0x88 [ 22.590037] copy_user_test_oob+0xac/0xec8 [ 22.590078] kunit_try_run_case+0x170/0x3f0 [ 22.590120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.590168] kthread+0x328/0x630 [ 22.590212] ret_from_fork+0x10/0x20 [ 22.590249] [ 22.590278] The buggy address belongs to the object at fff00000c5713f00 [ 22.590278] which belongs to the cache kmalloc-128 of size 128 [ 22.590348] The buggy address is located 0 bytes to the right of [ 22.590348] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.590423] [ 22.590450] The buggy address belongs to the physical page: [ 22.590492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.590547] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.590596] page_type: f5(slab) [ 22.590655] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.590728] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.590771] page dumped because: kasan: bad access detected [ 22.590806] [ 22.590825] Memory state around the buggy address: [ 22.590859] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.590904] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.590948] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.590990] ^ [ 22.591032] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.591076] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.591133] ================================================================== [ 22.575008] ================================================================== [ 22.575061] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 22.575117] Write of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.575170] [ 22.575200] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.575685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.576082] Hardware name: linux,dummy-virt (DT) [ 22.576210] Call trace: [ 22.576278] show_stack+0x20/0x38 (C) [ 22.576504] dump_stack_lvl+0x8c/0xd0 [ 22.576739] print_report+0x118/0x608 [ 22.576881] kasan_report+0xdc/0x128 [ 22.576998] kasan_check_range+0x100/0x1a8 [ 22.577111] __kasan_check_write+0x20/0x30 [ 22.577160] strncpy_from_user+0x3c/0x2a0 [ 22.577215] copy_user_test_oob+0x5c0/0xec8 [ 22.577264] kunit_try_run_case+0x170/0x3f0 [ 22.577312] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.577668] kthread+0x328/0x630 [ 22.577969] ret_from_fork+0x10/0x20 [ 22.578229] [ 22.578274] Allocated by task 285: [ 22.578479] kasan_save_stack+0x3c/0x68 [ 22.578810] kasan_save_track+0x20/0x40 [ 22.578889] kasan_save_alloc_info+0x40/0x58 [ 22.579023] __kasan_kmalloc+0xd4/0xd8 [ 22.579143] __kmalloc_noprof+0x198/0x4c8 [ 22.579214] kunit_kmalloc_array+0x34/0x88 [ 22.579253] copy_user_test_oob+0xac/0xec8 [ 22.579576] kunit_try_run_case+0x170/0x3f0 [ 22.579814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.579890] kthread+0x328/0x630 [ 22.580024] ret_from_fork+0x10/0x20 [ 22.580295] [ 22.580394] The buggy address belongs to the object at fff00000c5713f00 [ 22.580394] which belongs to the cache kmalloc-128 of size 128 [ 22.580496] The buggy address is located 0 bytes inside of [ 22.580496] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.580851] [ 22.580951] The buggy address belongs to the physical page: [ 22.581015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.581234] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.581504] page_type: f5(slab) [ 22.581731] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.581933] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.582304] page dumped because: kasan: bad access detected [ 22.582453] [ 22.582478] Memory state around the buggy address: [ 22.582517] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.582733] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.582958] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.583129] ^ [ 22.583275] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.583392] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.583838] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 22.558701] ================================================================== [ 22.558769] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 22.558819] Write of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.559276] [ 22.559329] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.559737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.560006] Hardware name: linux,dummy-virt (DT) [ 22.560235] Call trace: [ 22.560361] show_stack+0x20/0x38 (C) [ 22.560467] dump_stack_lvl+0x8c/0xd0 [ 22.560517] print_report+0x118/0x608 [ 22.560565] kasan_report+0xdc/0x128 [ 22.560611] kasan_check_range+0x100/0x1a8 [ 22.560658] __kasan_check_write+0x20/0x30 [ 22.560703] copy_user_test_oob+0x434/0xec8 [ 22.560771] kunit_try_run_case+0x170/0x3f0 [ 22.560835] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.560887] kthread+0x328/0x630 [ 22.560938] ret_from_fork+0x10/0x20 [ 22.561001] [ 22.561030] Allocated by task 285: [ 22.561069] kasan_save_stack+0x3c/0x68 [ 22.561117] kasan_save_track+0x20/0x40 [ 22.561158] kasan_save_alloc_info+0x40/0x58 [ 22.561200] __kasan_kmalloc+0xd4/0xd8 [ 22.561247] __kmalloc_noprof+0x198/0x4c8 [ 22.561295] kunit_kmalloc_array+0x34/0x88 [ 22.561333] copy_user_test_oob+0xac/0xec8 [ 22.561374] kunit_try_run_case+0x170/0x3f0 [ 22.561422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.561467] kthread+0x328/0x630 [ 22.561510] ret_from_fork+0x10/0x20 [ 22.561546] [ 22.561567] The buggy address belongs to the object at fff00000c5713f00 [ 22.561567] which belongs to the cache kmalloc-128 of size 128 [ 22.561627] The buggy address is located 0 bytes inside of [ 22.561627] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.561692] [ 22.561733] The buggy address belongs to the physical page: [ 22.561765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.561826] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.561876] page_type: f5(slab) [ 22.561925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.561986] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.562043] page dumped because: kasan: bad access detected [ 22.562090] [ 22.562112] Memory state around the buggy address: [ 22.562154] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.562198] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.562254] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.562295] ^ [ 22.562337] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.562388] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.562430] ================================================================== [ 22.541833] ================================================================== [ 22.541915] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 22.542061] Write of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.542147] [ 22.542182] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.542272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.542301] Hardware name: linux,dummy-virt (DT) [ 22.542400] Call trace: [ 22.542462] show_stack+0x20/0x38 (C) [ 22.542516] dump_stack_lvl+0x8c/0xd0 [ 22.542993] print_report+0x118/0x608 [ 22.543061] kasan_report+0xdc/0x128 [ 22.543149] kasan_check_range+0x100/0x1a8 [ 22.543202] __kasan_check_write+0x20/0x30 [ 22.543247] copy_user_test_oob+0x35c/0xec8 [ 22.543674] kunit_try_run_case+0x170/0x3f0 [ 22.543941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.544219] kthread+0x328/0x630 [ 22.544377] ret_from_fork+0x10/0x20 [ 22.544431] [ 22.544452] Allocated by task 285: [ 22.544502] kasan_save_stack+0x3c/0x68 [ 22.544554] kasan_save_track+0x20/0x40 [ 22.544594] kasan_save_alloc_info+0x40/0x58 [ 22.544634] __kasan_kmalloc+0xd4/0xd8 [ 22.544681] __kmalloc_noprof+0x198/0x4c8 [ 22.544748] kunit_kmalloc_array+0x34/0x88 [ 22.544806] copy_user_test_oob+0xac/0xec8 [ 22.544860] kunit_try_run_case+0x170/0x3f0 [ 22.544898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.544945] kthread+0x328/0x630 [ 22.544978] ret_from_fork+0x10/0x20 [ 22.545015] [ 22.545044] The buggy address belongs to the object at fff00000c5713f00 [ 22.545044] which belongs to the cache kmalloc-128 of size 128 [ 22.545119] The buggy address is located 0 bytes inside of [ 22.545119] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.545200] [ 22.545236] The buggy address belongs to the physical page: [ 22.545279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.545332] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.545389] page_type: f5(slab) [ 22.545430] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.545481] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.545523] page dumped because: kasan: bad access detected [ 22.545567] [ 22.545603] Memory state around the buggy address: [ 22.545638] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.545683] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.546107] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.546544] ^ [ 22.546614] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.546679] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.546755] ================================================================== [ 22.525878] ================================================================== [ 22.525948] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 22.526001] Read of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.526085] [ 22.526367] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.526551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.526585] Hardware name: linux,dummy-virt (DT) [ 22.526645] Call trace: [ 22.526753] show_stack+0x20/0x38 (C) [ 22.526826] dump_stack_lvl+0x8c/0xd0 [ 22.526914] print_report+0x118/0x608 [ 22.526960] kasan_report+0xdc/0x128 [ 22.527312] kasan_check_range+0x100/0x1a8 [ 22.527381] __kasan_check_read+0x20/0x30 [ 22.527425] copy_user_test_oob+0x728/0xec8 [ 22.527693] kunit_try_run_case+0x170/0x3f0 [ 22.527822] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.527972] kthread+0x328/0x630 [ 22.528322] ret_from_fork+0x10/0x20 [ 22.528549] [ 22.528595] Allocated by task 285: [ 22.528664] kasan_save_stack+0x3c/0x68 [ 22.528808] kasan_save_track+0x20/0x40 [ 22.528850] kasan_save_alloc_info+0x40/0x58 [ 22.529130] __kasan_kmalloc+0xd4/0xd8 [ 22.529744] __kmalloc_noprof+0x198/0x4c8 [ 22.530154] kunit_kmalloc_array+0x34/0x88 [ 22.530375] copy_user_test_oob+0xac/0xec8 [ 22.530420] kunit_try_run_case+0x170/0x3f0 [ 22.530462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.530507] kthread+0x328/0x630 [ 22.530540] ret_from_fork+0x10/0x20 [ 22.530576] [ 22.530600] The buggy address belongs to the object at fff00000c5713f00 [ 22.530600] which belongs to the cache kmalloc-128 of size 128 [ 22.530661] The buggy address is located 0 bytes inside of [ 22.530661] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.530900] [ 22.530930] The buggy address belongs to the physical page: [ 22.530970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.531033] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.531082] page_type: f5(slab) [ 22.531123] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.531175] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.531217] page dumped because: kasan: bad access detected [ 22.531256] [ 22.531297] Memory state around the buggy address: [ 22.531331] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.531376] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.531420] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.531837] ^ [ 22.532049] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.532124] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.532406] ================================================================== [ 22.563201] ================================================================== [ 22.563254] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 22.563747] Read of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.563848] [ 22.563912] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.564227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.564303] Hardware name: linux,dummy-virt (DT) [ 22.564469] Call trace: [ 22.564647] show_stack+0x20/0x38 (C) [ 22.565079] dump_stack_lvl+0x8c/0xd0 [ 22.565204] print_report+0x118/0x608 [ 22.565385] kasan_report+0xdc/0x128 [ 22.565439] kasan_check_range+0x100/0x1a8 [ 22.565702] __kasan_check_read+0x20/0x30 [ 22.566101] copy_user_test_oob+0x4a0/0xec8 [ 22.566321] kunit_try_run_case+0x170/0x3f0 [ 22.566547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.566845] kthread+0x328/0x630 [ 22.567219] ret_from_fork+0x10/0x20 [ 22.567442] [ 22.567513] Allocated by task 285: [ 22.567603] kasan_save_stack+0x3c/0x68 [ 22.567668] kasan_save_track+0x20/0x40 [ 22.567706] kasan_save_alloc_info+0x40/0x58 [ 22.567761] __kasan_kmalloc+0xd4/0xd8 [ 22.567798] __kmalloc_noprof+0x198/0x4c8 [ 22.568005] kunit_kmalloc_array+0x34/0x88 [ 22.568281] copy_user_test_oob+0xac/0xec8 [ 22.568509] kunit_try_run_case+0x170/0x3f0 [ 22.568652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.568745] kthread+0x328/0x630 [ 22.568967] ret_from_fork+0x10/0x20 [ 22.569207] [ 22.569249] The buggy address belongs to the object at fff00000c5713f00 [ 22.569249] which belongs to the cache kmalloc-128 of size 128 [ 22.569768] The buggy address is located 0 bytes inside of [ 22.569768] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.569927] [ 22.570089] The buggy address belongs to the physical page: [ 22.570175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.570258] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.570370] page_type: f5(slab) [ 22.570410] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.570743] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.571263] page dumped because: kasan: bad access detected [ 22.571694] [ 22.571749] Memory state around the buggy address: [ 22.571825] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.571909] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.572085] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.572284] ^ [ 22.572898] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.573046] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.573258] ================================================================== [ 22.513305] ================================================================== [ 22.513872] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 22.514015] Write of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.514071] [ 22.514538] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.514920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.514967] Hardware name: linux,dummy-virt (DT) [ 22.515032] Call trace: [ 22.515060] show_stack+0x20/0x38 (C) [ 22.515209] dump_stack_lvl+0x8c/0xd0 [ 22.515265] print_report+0x118/0x608 [ 22.515325] kasan_report+0xdc/0x128 [ 22.515370] kasan_check_range+0x100/0x1a8 [ 22.515418] __kasan_check_write+0x20/0x30 [ 22.515464] copy_user_test_oob+0x234/0xec8 [ 22.515676] kunit_try_run_case+0x170/0x3f0 [ 22.515932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.516022] kthread+0x328/0x630 [ 22.516176] ret_from_fork+0x10/0x20 [ 22.516250] [ 22.516271] Allocated by task 285: [ 22.516569] kasan_save_stack+0x3c/0x68 [ 22.516793] kasan_save_track+0x20/0x40 [ 22.516965] kasan_save_alloc_info+0x40/0x58 [ 22.517256] __kasan_kmalloc+0xd4/0xd8 [ 22.517374] __kmalloc_noprof+0x198/0x4c8 [ 22.517424] kunit_kmalloc_array+0x34/0x88 [ 22.517488] copy_user_test_oob+0xac/0xec8 [ 22.517814] kunit_try_run_case+0x170/0x3f0 [ 22.517888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.518178] kthread+0x328/0x630 [ 22.518362] ret_from_fork+0x10/0x20 [ 22.518472] [ 22.518501] The buggy address belongs to the object at fff00000c5713f00 [ 22.518501] which belongs to the cache kmalloc-128 of size 128 [ 22.518584] The buggy address is located 0 bytes inside of [ 22.518584] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.518649] [ 22.518698] The buggy address belongs to the physical page: [ 22.518766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.518825] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.518876] page_type: f5(slab) [ 22.518941] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.519008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.519050] page dumped because: kasan: bad access detected [ 22.519084] [ 22.519104] Memory state around the buggy address: [ 22.519152] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.519197] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.519250] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.519298] ^ [ 22.519341] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.519384] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.519434] ================================================================== [ 22.548559] ================================================================== [ 22.548935] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 22.549006] Read of size 121 at addr fff00000c5713f00 by task kunit_try_catch/285 [ 22.549059] [ 22.549092] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.549203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.549250] Hardware name: linux,dummy-virt (DT) [ 22.549287] Call trace: [ 22.549316] show_stack+0x20/0x38 (C) [ 22.549642] dump_stack_lvl+0x8c/0xd0 [ 22.549863] print_report+0x118/0x608 [ 22.549913] kasan_report+0xdc/0x128 [ 22.550314] kasan_check_range+0x100/0x1a8 [ 22.550394] __kasan_check_read+0x20/0x30 [ 22.550440] copy_user_test_oob+0x3c8/0xec8 [ 22.550735] kunit_try_run_case+0x170/0x3f0 [ 22.550814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.550870] kthread+0x328/0x630 [ 22.551002] ret_from_fork+0x10/0x20 [ 22.551324] [ 22.551383] Allocated by task 285: [ 22.551418] kasan_save_stack+0x3c/0x68 [ 22.551580] kasan_save_track+0x20/0x40 [ 22.551685] kasan_save_alloc_info+0x40/0x58 [ 22.552116] __kasan_kmalloc+0xd4/0xd8 [ 22.552232] __kmalloc_noprof+0x198/0x4c8 [ 22.552343] kunit_kmalloc_array+0x34/0x88 [ 22.552385] copy_user_test_oob+0xac/0xec8 [ 22.552675] kunit_try_run_case+0x170/0x3f0 [ 22.552807] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.552917] kthread+0x328/0x630 [ 22.553318] ret_from_fork+0x10/0x20 [ 22.553497] [ 22.553636] The buggy address belongs to the object at fff00000c5713f00 [ 22.553636] which belongs to the cache kmalloc-128 of size 128 [ 22.553751] The buggy address is located 0 bytes inside of [ 22.553751] allocated 120-byte region [fff00000c5713f00, fff00000c5713f78) [ 22.553978] [ 22.554041] The buggy address belongs to the physical page: [ 22.554166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.554256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.554622] page_type: f5(slab) [ 22.554945] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.555269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.555352] page dumped because: kasan: bad access detected [ 22.555733] [ 22.555978] Memory state around the buggy address: [ 22.556034] fff00000c5713e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.556089] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.556503] >fff00000c5713f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.556669] ^ [ 22.556921] fff00000c5713f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.556989] fff00000c5714000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.557030] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 22.470324] ================================================================== [ 22.470378] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 22.470458] Write of size 8 at addr fff00000c5713e78 by task kunit_try_catch/281 [ 22.470576] [ 22.470609] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.470956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.471000] Hardware name: linux,dummy-virt (DT) [ 22.471139] Call trace: [ 22.471173] show_stack+0x20/0x38 (C) [ 22.471242] dump_stack_lvl+0x8c/0xd0 [ 22.471371] print_report+0x118/0x608 [ 22.471425] kasan_report+0xdc/0x128 [ 22.471511] kasan_check_range+0x100/0x1a8 [ 22.471560] __kasan_check_write+0x20/0x30 [ 22.471607] copy_to_kernel_nofault+0x8c/0x250 [ 22.472160] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 22.472276] kunit_try_run_case+0x170/0x3f0 [ 22.472534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.472652] kthread+0x328/0x630 [ 22.472798] ret_from_fork+0x10/0x20 [ 22.472986] [ 22.473096] Allocated by task 281: [ 22.473174] kasan_save_stack+0x3c/0x68 [ 22.473252] kasan_save_track+0x20/0x40 [ 22.473830] kasan_save_alloc_info+0x40/0x58 [ 22.473982] __kasan_kmalloc+0xd4/0xd8 [ 22.474114] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.474167] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.474415] kunit_try_run_case+0x170/0x3f0 [ 22.474667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.474837] kthread+0x328/0x630 [ 22.474924] ret_from_fork+0x10/0x20 [ 22.475055] [ 22.475080] The buggy address belongs to the object at fff00000c5713e00 [ 22.475080] which belongs to the cache kmalloc-128 of size 128 [ 22.475299] The buggy address is located 0 bytes to the right of [ 22.475299] allocated 120-byte region [fff00000c5713e00, fff00000c5713e78) [ 22.475805] [ 22.476120] The buggy address belongs to the physical page: [ 22.476160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.476236] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.476570] page_type: f5(slab) [ 22.477120] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.477184] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.477547] page dumped because: kasan: bad access detected [ 22.477771] [ 22.477793] Memory state around the buggy address: [ 22.478080] fff00000c5713d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.478363] fff00000c5713d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.478753] >fff00000c5713e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.478868] ^ [ 22.479390] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.479697] fff00000c5713f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.479759] ================================================================== [ 22.465143] ================================================================== [ 22.465216] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 22.465339] Read of size 8 at addr fff00000c5713e78 by task kunit_try_catch/281 [ 22.465423] [ 22.465463] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.465550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.465888] Hardware name: linux,dummy-virt (DT) [ 22.466140] Call trace: [ 22.466184] show_stack+0x20/0x38 (C) [ 22.466248] dump_stack_lvl+0x8c/0xd0 [ 22.466441] print_report+0x118/0x608 [ 22.466542] kasan_report+0xdc/0x128 [ 22.466741] __asan_report_load8_noabort+0x20/0x30 [ 22.466982] copy_to_kernel_nofault+0x204/0x250 [ 22.467116] copy_to_kernel_nofault_oob+0x158/0x418 [ 22.467274] kunit_try_run_case+0x170/0x3f0 [ 22.467326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.467382] kthread+0x328/0x630 [ 22.467423] ret_from_fork+0x10/0x20 [ 22.467473] [ 22.467495] Allocated by task 281: [ 22.467527] kasan_save_stack+0x3c/0x68 [ 22.467575] kasan_save_track+0x20/0x40 [ 22.467615] kasan_save_alloc_info+0x40/0x58 [ 22.467659] __kasan_kmalloc+0xd4/0xd8 [ 22.467699] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.467755] copy_to_kernel_nofault_oob+0xc8/0x418 [ 22.467795] kunit_try_run_case+0x170/0x3f0 [ 22.467836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.467882] kthread+0x328/0x630 [ 22.467932] ret_from_fork+0x10/0x20 [ 22.467972] [ 22.467994] The buggy address belongs to the object at fff00000c5713e00 [ 22.467994] which belongs to the cache kmalloc-128 of size 128 [ 22.468055] The buggy address is located 0 bytes to the right of [ 22.468055] allocated 120-byte region [fff00000c5713e00, fff00000c5713e78) [ 22.468133] [ 22.468156] The buggy address belongs to the physical page: [ 22.468199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 22.468253] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.468303] page_type: f5(slab) [ 22.468349] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 22.468409] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.468451] page dumped because: kasan: bad access detected [ 22.468485] [ 22.468512] Memory state around the buggy address: [ 22.468545] fff00000c5713d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.468590] fff00000c5713d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.468635] >fff00000c5713e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.468675] ^ [ 22.469392] fff00000c5713e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.469577] fff00000c5713f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.469629] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 22.400759] ================================================================== [ 22.400833] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 22.400995] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 22.401052] [ 22.401109] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.402032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.402082] Hardware name: linux,dummy-virt (DT) [ 22.402117] Call trace: [ 22.402144] show_stack+0x20/0x38 (C) [ 22.402323] dump_stack_lvl+0x8c/0xd0 [ 22.402522] print_report+0x310/0x608 [ 22.402609] kasan_report+0xdc/0x128 [ 22.402895] __asan_report_load1_noabort+0x20/0x30 [ 22.402973] vmalloc_oob+0x578/0x5d0 [ 22.403021] kunit_try_run_case+0x170/0x3f0 [ 22.403072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.403471] kthread+0x328/0x630 [ 22.403566] ret_from_fork+0x10/0x20 [ 22.403841] [ 22.403901] The buggy address belongs to the virtual mapping at [ 22.403901] [ffff8000800fe000, ffff800080100000) created by: [ 22.403901] vmalloc_oob+0x98/0x5d0 [ 22.404147] [ 22.404183] The buggy address belongs to the physical page: [ 22.404218] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106422 [ 22.404645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.404843] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.405127] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.405201] page dumped because: kasan: bad access detected [ 22.405283] [ 22.405495] Memory state around the buggy address: [ 22.405576] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.405836] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.405914] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.405974] ^ [ 22.406499] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.406598] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.406848] ================================================================== [ 22.408832] ================================================================== [ 22.409008] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 22.409070] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 22.409122] [ 22.409155] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.409614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.409663] Hardware name: linux,dummy-virt (DT) [ 22.409860] Call trace: [ 22.409899] show_stack+0x20/0x38 (C) [ 22.409953] dump_stack_lvl+0x8c/0xd0 [ 22.410223] print_report+0x310/0x608 [ 22.410618] kasan_report+0xdc/0x128 [ 22.410690] __asan_report_load1_noabort+0x20/0x30 [ 22.410910] vmalloc_oob+0x51c/0x5d0 [ 22.411112] kunit_try_run_case+0x170/0x3f0 [ 22.411172] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.411227] kthread+0x328/0x630 [ 22.411306] ret_from_fork+0x10/0x20 [ 22.411357] [ 22.411384] The buggy address belongs to the virtual mapping at [ 22.411384] [ffff8000800fe000, ffff800080100000) created by: [ 22.411384] vmalloc_oob+0x98/0x5d0 [ 22.411460] [ 22.411481] The buggy address belongs to the physical page: [ 22.411722] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106422 [ 22.412092] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.412379] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 22.412664] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.412852] page dumped because: kasan: bad access detected [ 22.412930] [ 22.413057] Memory state around the buggy address: [ 22.413460] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.413856] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.414016] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 22.414192] ^ [ 22.414325] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.414461] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 22.414511] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.202160] ================================================================== [ 22.202233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 22.202323] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.202373] [ 22.202453] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.202535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.202564] Hardware name: linux,dummy-virt (DT) [ 22.202594] Call trace: [ 22.202620] show_stack+0x20/0x38 (C) [ 22.202668] dump_stack_lvl+0x8c/0xd0 [ 22.202730] print_report+0x118/0x608 [ 22.202776] kasan_report+0xdc/0x128 [ 22.202822] kasan_check_range+0x100/0x1a8 [ 22.202869] __kasan_check_write+0x20/0x30 [ 22.202924] kasan_atomics_helper+0x1058/0x4858 [ 22.202979] kasan_atomics+0x198/0x2e0 [ 22.203024] kunit_try_run_case+0x170/0x3f0 [ 22.203072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.203135] kthread+0x328/0x630 [ 22.203177] ret_from_fork+0x10/0x20 [ 22.203223] [ 22.203245] Allocated by task 265: [ 22.203272] kasan_save_stack+0x3c/0x68 [ 22.203314] kasan_save_track+0x20/0x40 [ 22.203351] kasan_save_alloc_info+0x40/0x58 [ 22.203391] __kasan_kmalloc+0xd4/0xd8 [ 22.203439] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.203961] kasan_atomics+0xb8/0x2e0 [ 22.204658] kunit_try_run_case+0x170/0x3f0 [ 22.204935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.205141] kthread+0x328/0x630 [ 22.205243] ret_from_fork+0x10/0x20 [ 22.205396] [ 22.205459] The buggy address belongs to the object at fff00000c569f300 [ 22.205459] which belongs to the cache kmalloc-64 of size 64 [ 22.205631] The buggy address is located 0 bytes to the right of [ 22.205631] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.205782] [ 22.205805] The buggy address belongs to the physical page: [ 22.205838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.206031] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.206343] page_type: f5(slab) [ 22.206398] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.206603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.206683] page dumped because: kasan: bad access detected [ 22.206730] [ 22.206750] Memory state around the buggy address: [ 22.206965] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.207110] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.207386] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.207763] ^ [ 22.207808] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.208049] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.208184] ================================================================== [ 22.183233] ================================================================== [ 22.183288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 22.183337] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.183389] [ 22.183419] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.183505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.183531] Hardware name: linux,dummy-virt (DT) [ 22.183563] Call trace: [ 22.183587] show_stack+0x20/0x38 (C) [ 22.184231] dump_stack_lvl+0x8c/0xd0 [ 22.184462] print_report+0x118/0x608 [ 22.184592] kasan_report+0xdc/0x128 [ 22.184729] kasan_check_range+0x100/0x1a8 [ 22.184820] __kasan_check_write+0x20/0x30 [ 22.184865] kasan_atomics_helper+0xf88/0x4858 [ 22.184922] kasan_atomics+0x198/0x2e0 [ 22.184967] kunit_try_run_case+0x170/0x3f0 [ 22.185176] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.185679] kthread+0x328/0x630 [ 22.185910] ret_from_fork+0x10/0x20 [ 22.186075] [ 22.186135] Allocated by task 265: [ 22.186181] kasan_save_stack+0x3c/0x68 [ 22.186466] kasan_save_track+0x20/0x40 [ 22.186749] kasan_save_alloc_info+0x40/0x58 [ 22.186916] __kasan_kmalloc+0xd4/0xd8 [ 22.187587] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.187897] kasan_atomics+0xb8/0x2e0 [ 22.188144] kunit_try_run_case+0x170/0x3f0 [ 22.188315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.188556] kthread+0x328/0x630 [ 22.188617] ret_from_fork+0x10/0x20 [ 22.188657] [ 22.188681] The buggy address belongs to the object at fff00000c569f300 [ 22.188681] which belongs to the cache kmalloc-64 of size 64 [ 22.189064] The buggy address is located 0 bytes to the right of [ 22.189064] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.189304] [ 22.189353] The buggy address belongs to the physical page: [ 22.189769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.189951] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.190199] page_type: f5(slab) [ 22.190253] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.190449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.190657] page dumped because: kasan: bad access detected [ 22.190963] [ 22.191062] Memory state around the buggy address: [ 22.191240] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.191348] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.191765] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.191975] ^ [ 22.192017] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192063] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192114] ================================================================== [ 22.325432] ================================================================== [ 22.325487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 22.325579] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.325867] [ 22.325919] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.326152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.326249] Hardware name: linux,dummy-virt (DT) [ 22.326284] Call trace: [ 22.326311] show_stack+0x20/0x38 (C) [ 22.326362] dump_stack_lvl+0x8c/0xd0 [ 22.326618] print_report+0x118/0x608 [ 22.326996] kasan_report+0xdc/0x128 [ 22.327079] kasan_check_range+0x100/0x1a8 [ 22.327132] __kasan_check_write+0x20/0x30 [ 22.327176] kasan_atomics_helper+0x1644/0x4858 [ 22.327507] kasan_atomics+0x198/0x2e0 [ 22.327679] kunit_try_run_case+0x170/0x3f0 [ 22.327851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.327948] kthread+0x328/0x630 [ 22.328115] ret_from_fork+0x10/0x20 [ 22.328234] [ 22.328256] Allocated by task 265: [ 22.328287] kasan_save_stack+0x3c/0x68 [ 22.328330] kasan_save_track+0x20/0x40 [ 22.328369] kasan_save_alloc_info+0x40/0x58 [ 22.328576] __kasan_kmalloc+0xd4/0xd8 [ 22.328755] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.328973] kasan_atomics+0xb8/0x2e0 [ 22.329162] kunit_try_run_case+0x170/0x3f0 [ 22.329246] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.329395] kthread+0x328/0x630 [ 22.329482] ret_from_fork+0x10/0x20 [ 22.329599] [ 22.329623] The buggy address belongs to the object at fff00000c569f300 [ 22.329623] which belongs to the cache kmalloc-64 of size 64 [ 22.329870] The buggy address is located 0 bytes to the right of [ 22.329870] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.330069] [ 22.330599] The buggy address belongs to the physical page: [ 22.331014] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.331115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.331187] page_type: f5(slab) [ 22.331262] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.331347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.331604] page dumped because: kasan: bad access detected [ 22.331967] [ 22.332015] Memory state around the buggy address: [ 22.332216] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.332269] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.332502] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.332548] ^ [ 22.332621] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.332759] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.333050] ================================================================== [ 22.114913] ================================================================== [ 22.115189] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 22.115363] Read of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.115427] [ 22.115579] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.115675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.115704] Hardware name: linux,dummy-virt (DT) [ 22.115751] Call trace: [ 22.115776] show_stack+0x20/0x38 (C) [ 22.116205] dump_stack_lvl+0x8c/0xd0 [ 22.116621] print_report+0x118/0x608 [ 22.116818] kasan_report+0xdc/0x128 [ 22.116881] __asan_report_load4_noabort+0x20/0x30 [ 22.116933] kasan_atomics_helper+0x3dd8/0x4858 [ 22.117000] kasan_atomics+0x198/0x2e0 [ 22.117067] kunit_try_run_case+0x170/0x3f0 [ 22.117116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.117173] kthread+0x328/0x630 [ 22.117218] ret_from_fork+0x10/0x20 [ 22.117269] [ 22.117290] Allocated by task 265: [ 22.117320] kasan_save_stack+0x3c/0x68 [ 22.117374] kasan_save_track+0x20/0x40 [ 22.117434] kasan_save_alloc_info+0x40/0x58 [ 22.117476] __kasan_kmalloc+0xd4/0xd8 [ 22.117523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.117564] kasan_atomics+0xb8/0x2e0 [ 22.117608] kunit_try_run_case+0x170/0x3f0 [ 22.117657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.117703] kthread+0x328/0x630 [ 22.117748] ret_from_fork+0x10/0x20 [ 22.117805] [ 22.117827] The buggy address belongs to the object at fff00000c569f300 [ 22.117827] which belongs to the cache kmalloc-64 of size 64 [ 22.117896] The buggy address is located 0 bytes to the right of [ 22.117896] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.117971] [ 22.118002] The buggy address belongs to the physical page: [ 22.118041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.118098] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.118155] page_type: f5(slab) [ 22.118223] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.118275] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.118317] page dumped because: kasan: bad access detected [ 22.118350] [ 22.118374] Memory state around the buggy address: [ 22.118409] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.118453] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.118498] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.118538] ^ [ 22.118574] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.118621] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.118661] ================================================================== [ 22.286261] ================================================================== [ 22.286354] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 22.286535] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.286650] [ 22.286707] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.286844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.286882] Hardware name: linux,dummy-virt (DT) [ 22.286914] Call trace: [ 22.286939] show_stack+0x20/0x38 (C) [ 22.287111] dump_stack_lvl+0x8c/0xd0 [ 22.287174] print_report+0x118/0x608 [ 22.287327] kasan_report+0xdc/0x128 [ 22.287438] kasan_check_range+0x100/0x1a8 [ 22.287494] __kasan_check_write+0x20/0x30 [ 22.287540] kasan_atomics_helper+0x147c/0x4858 [ 22.287588] kasan_atomics+0x198/0x2e0 [ 22.287635] kunit_try_run_case+0x170/0x3f0 [ 22.288226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.288440] kthread+0x328/0x630 [ 22.288553] ret_from_fork+0x10/0x20 [ 22.288618] [ 22.288641] Allocated by task 265: [ 22.288669] kasan_save_stack+0x3c/0x68 [ 22.288894] kasan_save_track+0x20/0x40 [ 22.289099] kasan_save_alloc_info+0x40/0x58 [ 22.289302] __kasan_kmalloc+0xd4/0xd8 [ 22.289421] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.289689] kasan_atomics+0xb8/0x2e0 [ 22.289791] kunit_try_run_case+0x170/0x3f0 [ 22.289860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.289904] kthread+0x328/0x630 [ 22.290174] ret_from_fork+0x10/0x20 [ 22.290431] [ 22.290471] The buggy address belongs to the object at fff00000c569f300 [ 22.290471] which belongs to the cache kmalloc-64 of size 64 [ 22.290765] The buggy address is located 0 bytes to the right of [ 22.290765] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.290840] [ 22.290861] The buggy address belongs to the physical page: [ 22.291026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.291399] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.291661] page_type: f5(slab) [ 22.291770] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.292149] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.292261] page dumped because: kasan: bad access detected [ 22.292440] [ 22.292632] Memory state around the buggy address: [ 22.292841] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.293035] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.293087] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.293136] ^ [ 22.293173] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.293216] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.293257] ================================================================== [ 22.042949] ================================================================== [ 22.043171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa6c/0x4858 [ 22.043261] Write of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.043366] [ 22.043401] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.043817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.043925] Hardware name: linux,dummy-virt (DT) [ 22.044131] Call trace: [ 22.044172] show_stack+0x20/0x38 (C) [ 22.044403] dump_stack_lvl+0x8c/0xd0 [ 22.044577] print_report+0x118/0x608 [ 22.044849] kasan_report+0xdc/0x128 [ 22.045031] kasan_check_range+0x100/0x1a8 [ 22.045302] __kasan_check_write+0x20/0x30 [ 22.045443] kasan_atomics_helper+0xa6c/0x4858 [ 22.045892] kasan_atomics+0x198/0x2e0 [ 22.046086] kunit_try_run_case+0x170/0x3f0 [ 22.046513] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.046805] kthread+0x328/0x630 [ 22.047117] ret_from_fork+0x10/0x20 [ 22.047262] [ 22.047302] Allocated by task 265: [ 22.047332] kasan_save_stack+0x3c/0x68 [ 22.047533] kasan_save_track+0x20/0x40 [ 22.047729] kasan_save_alloc_info+0x40/0x58 [ 22.047878] __kasan_kmalloc+0xd4/0xd8 [ 22.047979] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.048172] kasan_atomics+0xb8/0x2e0 [ 22.048429] kunit_try_run_case+0x170/0x3f0 [ 22.048525] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.048730] kthread+0x328/0x630 [ 22.048790] ret_from_fork+0x10/0x20 [ 22.049150] [ 22.049235] The buggy address belongs to the object at fff00000c569f300 [ 22.049235] which belongs to the cache kmalloc-64 of size 64 [ 22.049353] The buggy address is located 0 bytes to the right of [ 22.049353] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.049594] [ 22.049832] The buggy address belongs to the physical page: [ 22.049878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.049967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.050087] page_type: f5(slab) [ 22.050185] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.051081] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.051139] page dumped because: kasan: bad access detected [ 22.051318] [ 22.051374] Memory state around the buggy address: [ 22.051411] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.052504] ^ [ 22.054519] [ 22.055055] kasan_atomics_helper+0xad4/0x4858 [ 22.055482] kasan_save_alloc_info+0x40/0x58 [ 22.055533] __kasan_kmalloc+0xd4/0xd8 [ 22.055582] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.055624] kasan_atomics+0xb8/0x2e0 [ 22.055661] kunit_try_run_case+0x170/0x3f0 [ 22.055720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.056733] kthread+0x328/0x630 [ 22.056806] ret_from_fork+0x10/0x20 [ 22.056915] [ 22.056995] The buggy address belongs to the object at fff00000c569f300 [ 22.056995] which belongs to the cache kmalloc-64 of size 64 [ 22.057103] The buggy address is located 0 bytes to the right of [ 22.057103] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.057324] [ 22.057639] The buggy address belongs to the physical page: [ 22.057724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.058043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.058234] page_type: f5(slab) [ 22.058320] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.058929] [ 22.059462] ^ [ 22.062096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.063438] kasan_atomics+0x198/0x2e0 [ 22.065276] __kasan_kmalloc+0xd4/0xd8 [ 22.065395] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.065567] kasan_atomics+0xb8/0x2e0 [ 22.066108] ret_from_fork+0x10/0x20 [ 22.067137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.067899] page dumped because: kasan: bad access detected [ 22.068669] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.070867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb70/0x4858 [ 22.071383] Call trace: [ 22.072237] kasan_check_range+0x100/0x1a8 [ 22.074578] kasan_save_alloc_info+0x40/0x58 [ 22.074683] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.074737] kasan_atomics+0xb8/0x2e0 [ 22.074966] [ 22.075147] [ 22.075168] The buggy address belongs to the physical page: [ 22.075444] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.077380] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.082188] kasan_atomics+0x198/0x2e0 [ 22.084296] kunit_try_run_case+0x170/0x3f0 [ 22.085083] [ 22.085789] The buggy address belongs to the physical page: [ 22.086207] page_type: f5(slab) [ 22.086459] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.086747] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.086941] ================================================================== [ 22.367086] ================================================================== [ 22.367243] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 22.367353] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.367673] [ 22.367756] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.367955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.368035] Hardware name: linux,dummy-virt (DT) [ 22.368167] Call trace: [ 22.368207] show_stack+0x20/0x38 (C) [ 22.368258] dump_stack_lvl+0x8c/0xd0 [ 22.368659] print_report+0x118/0x608 [ 22.369050] kasan_report+0xdc/0x128 [ 22.369242] __asan_report_load8_noabort+0x20/0x30 [ 22.369302] kasan_atomics_helper+0x3e20/0x4858 [ 22.369351] kasan_atomics+0x198/0x2e0 [ 22.369397] kunit_try_run_case+0x170/0x3f0 [ 22.369446] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.369590] kthread+0x328/0x630 [ 22.369653] ret_from_fork+0x10/0x20 [ 22.369704] [ 22.369738] Allocated by task 265: [ 22.369777] kasan_save_stack+0x3c/0x68 [ 22.369827] kasan_save_track+0x20/0x40 [ 22.369864] kasan_save_alloc_info+0x40/0x58 [ 22.369906] __kasan_kmalloc+0xd4/0xd8 [ 22.369950] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.369991] kasan_atomics+0xb8/0x2e0 [ 22.370066] kunit_try_run_case+0x170/0x3f0 [ 22.370115] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.370161] kthread+0x328/0x630 [ 22.370194] ret_from_fork+0x10/0x20 [ 22.370231] [ 22.370259] The buggy address belongs to the object at fff00000c569f300 [ 22.370259] which belongs to the cache kmalloc-64 of size 64 [ 22.370325] The buggy address is located 0 bytes to the right of [ 22.370325] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.370400] [ 22.370430] The buggy address belongs to the physical page: [ 22.370471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.370525] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.370575] page_type: f5(slab) [ 22.370637] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.370698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.371494] page dumped because: kasan: bad access detected [ 22.371562] [ 22.371801] Memory state around the buggy address: [ 22.371882] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.372113] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.372166] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.372235] ^ [ 22.372271] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.372594] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.372750] ================================================================== [ 22.243121] ================================================================== [ 22.243178] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 22.243229] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.243280] [ 22.243314] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.243396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.243426] Hardware name: linux,dummy-virt (DT) [ 22.243672] Call trace: [ 22.243833] show_stack+0x20/0x38 (C) [ 22.244172] dump_stack_lvl+0x8c/0xd0 [ 22.244406] print_report+0x118/0x608 [ 22.244545] kasan_report+0xdc/0x128 [ 22.244739] kasan_check_range+0x100/0x1a8 [ 22.244795] __kasan_check_write+0x20/0x30 [ 22.244840] kasan_atomics_helper+0x126c/0x4858 [ 22.245078] kasan_atomics+0x198/0x2e0 [ 22.245653] kunit_try_run_case+0x170/0x3f0 [ 22.245797] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.245892] kthread+0x328/0x630 [ 22.246038] ret_from_fork+0x10/0x20 [ 22.246130] [ 22.246151] Allocated by task 265: [ 22.246365] kasan_save_stack+0x3c/0x68 [ 22.246552] kasan_save_track+0x20/0x40 [ 22.246862] kasan_save_alloc_info+0x40/0x58 [ 22.247056] __kasan_kmalloc+0xd4/0xd8 [ 22.247158] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.247289] kasan_atomics+0xb8/0x2e0 [ 22.247359] kunit_try_run_case+0x170/0x3f0 [ 22.247417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.247464] kthread+0x328/0x630 [ 22.248272] ret_from_fork+0x10/0x20 [ 22.248764] [ 22.248806] The buggy address belongs to the object at fff00000c569f300 [ 22.248806] which belongs to the cache kmalloc-64 of size 64 [ 22.249143] The buggy address is located 0 bytes to the right of [ 22.249143] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.249433] [ 22.249637] The buggy address belongs to the physical page: [ 22.249718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.250011] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.250094] page_type: f5(slab) [ 22.250143] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.250803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.250857] page dumped because: kasan: bad access detected [ 22.250897] [ 22.250919] Memory state around the buggy address: [ 22.250962] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.251008] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.251052] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.251101] ^ [ 22.251137] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.251190] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.251234] ================================================================== [ 22.320816] ================================================================== [ 22.320892] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 22.320945] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.320996] [ 22.321030] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.321111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.321138] Hardware name: linux,dummy-virt (DT) [ 22.321171] Call trace: [ 22.321194] show_stack+0x20/0x38 (C) [ 22.321244] dump_stack_lvl+0x8c/0xd0 [ 22.321294] print_report+0x118/0x608 [ 22.321341] kasan_report+0xdc/0x128 [ 22.321398] __asan_report_load8_noabort+0x20/0x30 [ 22.321451] kasan_atomics_helper+0x3db0/0x4858 [ 22.321508] kasan_atomics+0x198/0x2e0 [ 22.321576] kunit_try_run_case+0x170/0x3f0 [ 22.321625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.321681] kthread+0x328/0x630 [ 22.321737] ret_from_fork+0x10/0x20 [ 22.321792] [ 22.321813] Allocated by task 265: [ 22.321843] kasan_save_stack+0x3c/0x68 [ 22.321883] kasan_save_track+0x20/0x40 [ 22.321922] kasan_save_alloc_info+0x40/0x58 [ 22.321962] __kasan_kmalloc+0xd4/0xd8 [ 22.322001] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.322040] kasan_atomics+0xb8/0x2e0 [ 22.322077] kunit_try_run_case+0x170/0x3f0 [ 22.322114] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.322165] kthread+0x328/0x630 [ 22.322198] ret_from_fork+0x10/0x20 [ 22.322234] [ 22.322264] The buggy address belongs to the object at fff00000c569f300 [ 22.322264] which belongs to the cache kmalloc-64 of size 64 [ 22.322324] The buggy address is located 0 bytes to the right of [ 22.322324] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.322395] [ 22.322417] The buggy address belongs to the physical page: [ 22.322448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.322511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.322560] page_type: f5(slab) [ 22.322599] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.322651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.322696] page dumped because: kasan: bad access detected [ 22.323140] [ 22.323584] Memory state around the buggy address: [ 22.323656] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.323731] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.324012] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.324113] ^ [ 22.324594] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.324920] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.324990] ================================================================== [ 22.277323] ================================================================== [ 22.277484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 22.277734] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.277845] [ 22.277882] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.278116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.278337] Hardware name: linux,dummy-virt (DT) [ 22.278533] Call trace: [ 22.278579] show_stack+0x20/0x38 (C) [ 22.278632] dump_stack_lvl+0x8c/0xd0 [ 22.278864] print_report+0x118/0x608 [ 22.278978] kasan_report+0xdc/0x128 [ 22.279066] kasan_check_range+0x100/0x1a8 [ 22.279119] __kasan_check_write+0x20/0x30 [ 22.279247] kasan_atomics_helper+0x1414/0x4858 [ 22.279320] kasan_atomics+0x198/0x2e0 [ 22.279690] kunit_try_run_case+0x170/0x3f0 [ 22.279787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.280087] kthread+0x328/0x630 [ 22.280278] ret_from_fork+0x10/0x20 [ 22.280394] [ 22.280415] Allocated by task 265: [ 22.280446] kasan_save_stack+0x3c/0x68 [ 22.280488] kasan_save_track+0x20/0x40 [ 22.280528] kasan_save_alloc_info+0x40/0x58 [ 22.280958] __kasan_kmalloc+0xd4/0xd8 [ 22.281195] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.281247] kasan_atomics+0xb8/0x2e0 [ 22.281315] kunit_try_run_case+0x170/0x3f0 [ 22.281992] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.282077] kthread+0x328/0x630 [ 22.282136] ret_from_fork+0x10/0x20 [ 22.282174] [ 22.282545] The buggy address belongs to the object at fff00000c569f300 [ 22.282545] which belongs to the cache kmalloc-64 of size 64 [ 22.282997] The buggy address is located 0 bytes to the right of [ 22.282997] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.283072] [ 22.283095] The buggy address belongs to the physical page: [ 22.283150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.283228] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.283313] page_type: f5(slab) [ 22.283646] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.283736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.284030] page dumped because: kasan: bad access detected [ 22.284115] [ 22.284138] Memory state around the buggy address: [ 22.284475] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.284653] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.284871] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.285014] ^ [ 22.285057] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.285101] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.285168] ================================================================== [ 22.193413] ================================================================== [ 22.193657] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 22.193730] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.193781] [ 22.193814] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.193898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.193927] Hardware name: linux,dummy-virt (DT) [ 22.194201] Call trace: [ 22.194245] show_stack+0x20/0x38 (C) [ 22.194571] dump_stack_lvl+0x8c/0xd0 [ 22.194650] print_report+0x118/0x608 [ 22.194777] kasan_report+0xdc/0x128 [ 22.194832] kasan_check_range+0x100/0x1a8 [ 22.194879] __kasan_check_write+0x20/0x30 [ 22.195094] kasan_atomics_helper+0xff0/0x4858 [ 22.195376] kasan_atomics+0x198/0x2e0 [ 22.195566] kunit_try_run_case+0x170/0x3f0 [ 22.195665] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.195785] kthread+0x328/0x630 [ 22.195911] ret_from_fork+0x10/0x20 [ 22.196176] [ 22.196211] Allocated by task 265: [ 22.196242] kasan_save_stack+0x3c/0x68 [ 22.196444] kasan_save_track+0x20/0x40 [ 22.196647] kasan_save_alloc_info+0x40/0x58 [ 22.196887] __kasan_kmalloc+0xd4/0xd8 [ 22.197065] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.197304] kasan_atomics+0xb8/0x2e0 [ 22.197438] kunit_try_run_case+0x170/0x3f0 [ 22.197526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.197572] kthread+0x328/0x630 [ 22.197659] ret_from_fork+0x10/0x20 [ 22.198115] [ 22.198260] The buggy address belongs to the object at fff00000c569f300 [ 22.198260] which belongs to the cache kmalloc-64 of size 64 [ 22.198501] The buggy address is located 0 bytes to the right of [ 22.198501] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.198724] [ 22.198956] The buggy address belongs to the physical page: [ 22.199124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.199326] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.199391] page_type: f5(slab) [ 22.199433] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.199611] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.199864] page dumped because: kasan: bad access detected [ 22.199946] [ 22.199969] Memory state around the buggy address: [ 22.200218] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.200327] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.200680] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.200788] ^ [ 22.200964] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.201158] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.201213] ================================================================== [ 22.168723] ================================================================== [ 22.168785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 22.168914] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.168980] [ 22.169016] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.169381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.169432] Hardware name: linux,dummy-virt (DT) [ 22.169622] Call trace: [ 22.169658] show_stack+0x20/0x38 (C) [ 22.169790] dump_stack_lvl+0x8c/0xd0 [ 22.169969] print_report+0x118/0x608 [ 22.170056] kasan_report+0xdc/0x128 [ 22.170186] __asan_report_store8_noabort+0x20/0x30 [ 22.170247] kasan_atomics_helper+0x3e5c/0x4858 [ 22.170296] kasan_atomics+0x198/0x2e0 [ 22.170481] kunit_try_run_case+0x170/0x3f0 [ 22.170544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.170972] kthread+0x328/0x630 [ 22.171058] ret_from_fork+0x10/0x20 [ 22.171356] [ 22.171431] Allocated by task 265: [ 22.171603] kasan_save_stack+0x3c/0x68 [ 22.171700] kasan_save_track+0x20/0x40 [ 22.171754] kasan_save_alloc_info+0x40/0x58 [ 22.171797] __kasan_kmalloc+0xd4/0xd8 [ 22.171837] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.172226] kasan_atomics+0xb8/0x2e0 [ 22.172459] kunit_try_run_case+0x170/0x3f0 [ 22.172633] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.172685] kthread+0x328/0x630 [ 22.172733] ret_from_fork+0x10/0x20 [ 22.173258] [ 22.173354] The buggy address belongs to the object at fff00000c569f300 [ 22.173354] which belongs to the cache kmalloc-64 of size 64 [ 22.173512] The buggy address is located 0 bytes to the right of [ 22.173512] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.173585] [ 22.173607] The buggy address belongs to the physical page: [ 22.173979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.174342] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.174643] page_type: f5(slab) [ 22.174887] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.175159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.175253] page dumped because: kasan: bad access detected [ 22.175526] [ 22.175621] Memory state around the buggy address: [ 22.175850] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.175920] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.175985] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.176053] ^ [ 22.176090] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.176139] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.176182] ================================================================== [ 22.217811] ================================================================== [ 22.217879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 22.217929] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.218377] [ 22.218442] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.218537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.218671] Hardware name: linux,dummy-virt (DT) [ 22.218747] Call trace: [ 22.218776] show_stack+0x20/0x38 (C) [ 22.218833] dump_stack_lvl+0x8c/0xd0 [ 22.219231] print_report+0x118/0x608 [ 22.219440] kasan_report+0xdc/0x128 [ 22.219702] kasan_check_range+0x100/0x1a8 [ 22.219859] __kasan_check_write+0x20/0x30 [ 22.219908] kasan_atomics_helper+0x1128/0x4858 [ 22.219958] kasan_atomics+0x198/0x2e0 [ 22.220002] kunit_try_run_case+0x170/0x3f0 [ 22.220060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.220119] kthread+0x328/0x630 [ 22.220162] ret_from_fork+0x10/0x20 [ 22.220221] [ 22.220250] Allocated by task 265: [ 22.220279] kasan_save_stack+0x3c/0x68 [ 22.220331] kasan_save_track+0x20/0x40 [ 22.220379] kasan_save_alloc_info+0x40/0x58 [ 22.220419] __kasan_kmalloc+0xd4/0xd8 [ 22.220474] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.220522] kasan_atomics+0xb8/0x2e0 [ 22.220560] kunit_try_run_case+0x170/0x3f0 [ 22.220597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.220650] kthread+0x328/0x630 [ 22.220693] ret_from_fork+0x10/0x20 [ 22.220742] [ 22.220771] The buggy address belongs to the object at fff00000c569f300 [ 22.220771] which belongs to the cache kmalloc-64 of size 64 [ 22.220846] The buggy address is located 0 bytes to the right of [ 22.220846] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.220914] [ 22.220936] The buggy address belongs to the physical page: [ 22.220967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.221020] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.221070] page_type: f5(slab) [ 22.221112] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.221192] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.221237] page dumped because: kasan: bad access detected [ 22.221280] [ 22.221309] Memory state around the buggy address: [ 22.221343] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.221387] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.221433] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.221474] ^ [ 22.221510] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.221565] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.221611] ================================================================== [ 22.303294] ================================================================== [ 22.303357] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 22.303490] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.303722] [ 22.303763] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.304033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.304153] Hardware name: linux,dummy-virt (DT) [ 22.304368] Call trace: [ 22.304594] show_stack+0x20/0x38 (C) [ 22.304806] dump_stack_lvl+0x8c/0xd0 [ 22.304918] print_report+0x118/0x608 [ 22.305034] kasan_report+0xdc/0x128 [ 22.305094] kasan_check_range+0x100/0x1a8 [ 22.305167] __kasan_check_write+0x20/0x30 [ 22.305566] kasan_atomics_helper+0x154c/0x4858 [ 22.305643] kasan_atomics+0x198/0x2e0 [ 22.305882] kunit_try_run_case+0x170/0x3f0 [ 22.306132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.306248] kthread+0x328/0x630 [ 22.306346] ret_from_fork+0x10/0x20 [ 22.306584] [ 22.306765] Allocated by task 265: [ 22.306960] kasan_save_stack+0x3c/0x68 [ 22.307178] kasan_save_track+0x20/0x40 [ 22.307274] kasan_save_alloc_info+0x40/0x58 [ 22.307389] __kasan_kmalloc+0xd4/0xd8 [ 22.307481] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.307567] kasan_atomics+0xb8/0x2e0 [ 22.307772] kunit_try_run_case+0x170/0x3f0 [ 22.307823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.308033] kthread+0x328/0x630 [ 22.308293] ret_from_fork+0x10/0x20 [ 22.308485] [ 22.308531] The buggy address belongs to the object at fff00000c569f300 [ 22.308531] which belongs to the cache kmalloc-64 of size 64 [ 22.308745] The buggy address is located 0 bytes to the right of [ 22.308745] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.308987] [ 22.309032] The buggy address belongs to the physical page: [ 22.309242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.309406] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.309811] page_type: f5(slab) [ 22.310131] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.310359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.310435] page dumped because: kasan: bad access detected [ 22.310501] [ 22.310523] Memory state around the buggy address: [ 22.310578] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.310828] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.311020] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.311065] ^ [ 22.311101] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.311145] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.311185] ================================================================== [ 22.295020] ================================================================== [ 22.295075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 22.295150] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.295479] [ 22.295688] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.295947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.296068] Hardware name: linux,dummy-virt (DT) [ 22.296189] Call trace: [ 22.296314] show_stack+0x20/0x38 (C) [ 22.296509] dump_stack_lvl+0x8c/0xd0 [ 22.296573] print_report+0x118/0x608 [ 22.296626] kasan_report+0xdc/0x128 [ 22.296673] kasan_check_range+0x100/0x1a8 [ 22.297045] __kasan_check_write+0x20/0x30 [ 22.297448] kasan_atomics_helper+0x14e4/0x4858 [ 22.297588] kasan_atomics+0x198/0x2e0 [ 22.297705] kunit_try_run_case+0x170/0x3f0 [ 22.297833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.298093] kthread+0x328/0x630 [ 22.298294] ret_from_fork+0x10/0x20 [ 22.298391] [ 22.298545] Allocated by task 265: [ 22.298622] kasan_save_stack+0x3c/0x68 [ 22.298805] kasan_save_track+0x20/0x40 [ 22.298983] kasan_save_alloc_info+0x40/0x58 [ 22.299130] __kasan_kmalloc+0xd4/0xd8 [ 22.299234] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.299278] kasan_atomics+0xb8/0x2e0 [ 22.299321] kunit_try_run_case+0x170/0x3f0 [ 22.299618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.299764] kthread+0x328/0x630 [ 22.299807] ret_from_fork+0x10/0x20 [ 22.299848] [ 22.300210] The buggy address belongs to the object at fff00000c569f300 [ 22.300210] which belongs to the cache kmalloc-64 of size 64 [ 22.300506] The buggy address is located 0 bytes to the right of [ 22.300506] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.300618] [ 22.300763] The buggy address belongs to the physical page: [ 22.300800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.300858] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.301300] page_type: f5(slab) [ 22.301371] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.301425] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.301467] page dumped because: kasan: bad access detected [ 22.301546] [ 22.301569] Memory state around the buggy address: [ 22.301616] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.301682] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.301738] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.301779] ^ [ 22.301816] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.301859] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.301915] ================================================================== [ 22.358206] ================================================================== [ 22.358337] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 22.358451] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.358528] [ 22.358561] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.358644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.358935] Hardware name: linux,dummy-virt (DT) [ 22.358986] Call trace: [ 22.359220] show_stack+0x20/0x38 (C) [ 22.359313] dump_stack_lvl+0x8c/0xd0 [ 22.359370] print_report+0x118/0x608 [ 22.359436] kasan_report+0xdc/0x128 [ 22.359655] kasan_check_range+0x100/0x1a8 [ 22.359803] __kasan_check_write+0x20/0x30 [ 22.359891] kasan_atomics_helper+0x175c/0x4858 [ 22.359949] kasan_atomics+0x198/0x2e0 [ 22.359994] kunit_try_run_case+0x170/0x3f0 [ 22.360042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.360102] kthread+0x328/0x630 [ 22.360327] ret_from_fork+0x10/0x20 [ 22.360788] [ 22.360901] Allocated by task 265: [ 22.361039] kasan_save_stack+0x3c/0x68 [ 22.361181] kasan_save_track+0x20/0x40 [ 22.361476] kasan_save_alloc_info+0x40/0x58 [ 22.361681] __kasan_kmalloc+0xd4/0xd8 [ 22.361914] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.362160] kasan_atomics+0xb8/0x2e0 [ 22.362311] kunit_try_run_case+0x170/0x3f0 [ 22.362392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.362474] kthread+0x328/0x630 [ 22.362604] ret_from_fork+0x10/0x20 [ 22.362657] [ 22.362679] The buggy address belongs to the object at fff00000c569f300 [ 22.362679] which belongs to the cache kmalloc-64 of size 64 [ 22.362910] The buggy address is located 0 bytes to the right of [ 22.362910] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.363019] [ 22.363181] The buggy address belongs to the physical page: [ 22.363377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.363518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.363987] page_type: f5(slab) [ 22.364102] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.364637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.364917] page dumped because: kasan: bad access detected [ 22.365216] [ 22.365355] Memory state around the buggy address: [ 22.365509] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.365756] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.365836] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.366033] ^ [ 22.366261] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.366319] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.366534] ================================================================== [ 22.374386] ================================================================== [ 22.374458] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 22.374544] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.374597] [ 22.374796] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.374932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.374983] Hardware name: linux,dummy-virt (DT) [ 22.375023] Call trace: [ 22.375049] show_stack+0x20/0x38 (C) [ 22.375101] dump_stack_lvl+0x8c/0xd0 [ 22.375325] print_report+0x118/0x608 [ 22.375390] kasan_report+0xdc/0x128 [ 22.375737] kasan_check_range+0x100/0x1a8 [ 22.376070] __kasan_check_write+0x20/0x30 [ 22.376148] kasan_atomics_helper+0x17ec/0x4858 [ 22.376205] kasan_atomics+0x198/0x2e0 [ 22.376252] kunit_try_run_case+0x170/0x3f0 [ 22.376492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.376743] kthread+0x328/0x630 [ 22.377084] ret_from_fork+0x10/0x20 [ 22.377207] [ 22.377415] Allocated by task 265: [ 22.377684] kasan_save_stack+0x3c/0x68 [ 22.377902] kasan_save_track+0x20/0x40 [ 22.377976] kasan_save_alloc_info+0x40/0x58 [ 22.378208] __kasan_kmalloc+0xd4/0xd8 [ 22.378548] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.378680] kasan_atomics+0xb8/0x2e0 [ 22.378933] kunit_try_run_case+0x170/0x3f0 [ 22.379181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.379285] kthread+0x328/0x630 [ 22.379474] ret_from_fork+0x10/0x20 [ 22.379723] [ 22.379763] The buggy address belongs to the object at fff00000c569f300 [ 22.379763] which belongs to the cache kmalloc-64 of size 64 [ 22.380094] The buggy address is located 0 bytes to the right of [ 22.380094] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.380178] [ 22.380202] The buggy address belongs to the physical page: [ 22.380656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.380862] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.381348] page_type: f5(slab) [ 22.381405] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.381843] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.381927] page dumped because: kasan: bad access detected [ 22.382016] [ 22.382039] Memory state around the buggy address: [ 22.382076] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.382348] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.382444] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.382651] ^ [ 22.382862] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.382928] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.382984] ================================================================== [ 22.012267] ================================================================== [ 22.012322] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 22.012374] Read of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.012563] [ 22.012608] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.012859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.012901] Hardware name: linux,dummy-virt (DT) [ 22.013201] Call trace: [ 22.013245] show_stack+0x20/0x38 (C) [ 22.013312] dump_stack_lvl+0x8c/0xd0 [ 22.013440] print_report+0x118/0x608 [ 22.013495] kasan_report+0xdc/0x128 [ 22.013541] __asan_report_load4_noabort+0x20/0x30 [ 22.013703] kasan_atomics_helper+0x42d8/0x4858 [ 22.013824] kunit_try_run_case+0x170/0x3f0 [ 22.014656] kasan_save_alloc_info+0x40/0x58 [ 22.014726] __kasan_kmalloc+0xd4/0xd8 [ 22.014993] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.015249] kthread+0x328/0x630 [ 22.015838] [ 22.015860] The buggy address belongs to the physical page: [ 22.016402] page_type: f5(slab) [ 22.017513] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.017754] ================================================================== [ 22.344489] ================================================================== [ 22.344543] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 22.344592] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.344689] [ 22.344732] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.344816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.344843] Hardware name: linux,dummy-virt (DT) [ 22.344874] Call trace: [ 22.344898] show_stack+0x20/0x38 (C) [ 22.344948] dump_stack_lvl+0x8c/0xd0 [ 22.344995] print_report+0x118/0x608 [ 22.345043] kasan_report+0xdc/0x128 [ 22.345103] kasan_check_range+0x100/0x1a8 [ 22.345160] __kasan_check_write+0x20/0x30 [ 22.345207] kasan_atomics_helper+0x16d0/0x4858 [ 22.345254] kasan_atomics+0x198/0x2e0 [ 22.345300] kunit_try_run_case+0x170/0x3f0 [ 22.345355] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.345417] kthread+0x328/0x630 [ 22.345459] ret_from_fork+0x10/0x20 [ 22.345511] [ 22.345534] Allocated by task 265: [ 22.345562] kasan_save_stack+0x3c/0x68 [ 22.345604] kasan_save_track+0x20/0x40 [ 22.345650] kasan_save_alloc_info+0x40/0x58 [ 22.345692] __kasan_kmalloc+0xd4/0xd8 [ 22.345740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.345790] kasan_atomics+0xb8/0x2e0 [ 22.345826] kunit_try_run_case+0x170/0x3f0 [ 22.345865] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.345911] kthread+0x328/0x630 [ 22.345945] ret_from_fork+0x10/0x20 [ 22.345982] [ 22.346002] The buggy address belongs to the object at fff00000c569f300 [ 22.346002] which belongs to the cache kmalloc-64 of size 64 [ 22.346061] The buggy address is located 0 bytes to the right of [ 22.346061] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.346135] [ 22.346158] The buggy address belongs to the physical page: [ 22.346199] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.346261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.346318] page_type: f5(slab) [ 22.346356] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.346408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.346451] page dumped because: kasan: bad access detected [ 22.346483] [ 22.346504] Memory state around the buggy address: [ 22.346539] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.346584] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.346636] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.346682] ^ [ 22.347228] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.347953] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.348013] ================================================================== [ 22.151250] ================================================================== [ 22.151429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 22.151517] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.151570] [ 22.151741] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.151892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.151937] Hardware name: linux,dummy-virt (DT) [ 22.151968] Call trace: [ 22.152124] show_stack+0x20/0x38 (C) [ 22.152336] dump_stack_lvl+0x8c/0xd0 [ 22.152462] print_report+0x118/0x608 [ 22.152626] kasan_report+0xdc/0x128 [ 22.152794] __asan_report_load8_noabort+0x20/0x30 [ 22.153007] kasan_atomics_helper+0x3f58/0x4858 [ 22.153141] kasan_atomics+0x198/0x2e0 [ 22.153232] kunit_try_run_case+0x170/0x3f0 [ 22.153366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.153424] kthread+0x328/0x630 [ 22.153493] ret_from_fork+0x10/0x20 [ 22.153910] [ 22.154358] Allocated by task 265: [ 22.154411] kasan_save_stack+0x3c/0x68 [ 22.154724] kasan_save_track+0x20/0x40 [ 22.154783] kasan_save_alloc_info+0x40/0x58 [ 22.154836] __kasan_kmalloc+0xd4/0xd8 [ 22.154875] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.154916] kasan_atomics+0xb8/0x2e0 [ 22.154955] kunit_try_run_case+0x170/0x3f0 [ 22.155343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.155692] kthread+0x328/0x630 [ 22.156106] ret_from_fork+0x10/0x20 [ 22.156176] [ 22.156313] The buggy address belongs to the object at fff00000c569f300 [ 22.156313] which belongs to the cache kmalloc-64 of size 64 [ 22.156544] The buggy address is located 0 bytes to the right of [ 22.156544] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.156963] [ 22.157098] The buggy address belongs to the physical page: [ 22.157161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.157237] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.157449] page_type: f5(slab) [ 22.157662] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.157984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.158111] page dumped because: kasan: bad access detected [ 22.158311] [ 22.158485] Memory state around the buggy address: [ 22.158527] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.158842] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.159077] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.159347] ^ [ 22.159566] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.159626] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.159951] ================================================================== [ 22.333608] ================================================================== [ 22.333674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 22.333793] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.334095] [ 22.334379] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.334768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.335055] Hardware name: linux,dummy-virt (DT) [ 22.335101] Call trace: [ 22.335365] show_stack+0x20/0x38 (C) [ 22.335536] dump_stack_lvl+0x8c/0xd0 [ 22.335666] print_report+0x118/0x608 [ 22.335781] kasan_report+0xdc/0x128 [ 22.335846] __asan_report_load8_noabort+0x20/0x30 [ 22.336123] kasan_atomics_helper+0x3df4/0x4858 [ 22.336375] kasan_atomics+0x198/0x2e0 [ 22.336482] kunit_try_run_case+0x170/0x3f0 [ 22.337085] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.337229] kthread+0x328/0x630 [ 22.337422] ret_from_fork+0x10/0x20 [ 22.337636] [ 22.337733] Allocated by task 265: [ 22.337912] kasan_save_stack+0x3c/0x68 [ 22.338211] kasan_save_track+0x20/0x40 [ 22.338299] kasan_save_alloc_info+0x40/0x58 [ 22.338433] __kasan_kmalloc+0xd4/0xd8 [ 22.338530] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.338778] kasan_atomics+0xb8/0x2e0 [ 22.339055] kunit_try_run_case+0x170/0x3f0 [ 22.339132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.339346] kthread+0x328/0x630 [ 22.339505] ret_from_fork+0x10/0x20 [ 22.339706] [ 22.339776] The buggy address belongs to the object at fff00000c569f300 [ 22.339776] which belongs to the cache kmalloc-64 of size 64 [ 22.339984] The buggy address is located 0 bytes to the right of [ 22.339984] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.340064] [ 22.340092] The buggy address belongs to the physical page: [ 22.340130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.340350] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.340596] page_type: f5(slab) [ 22.340972] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.341032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.341076] page dumped because: kasan: bad access detected [ 22.341268] [ 22.341444] Memory state around the buggy address: [ 22.341909] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.341970] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.342162] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.342236] ^ [ 22.342519] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.342832] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.342984] ================================================================== [ 22.032320] ================================================================== [ 22.032373] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa04/0x4858 [ 22.032700] [ 22.033022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.034000] kasan_check_range+0x100/0x1a8 [ 22.034999] ret_from_fork+0x10/0x20 [ 22.035111] [ 22.035178] Allocated by task 265: [ 22.035225] kasan_save_stack+0x3c/0x68 [ 22.035407] kasan_save_track+0x20/0x40 [ 22.035490] kasan_save_alloc_info+0x40/0x58 [ 22.035549] __kasan_kmalloc+0xd4/0xd8 [ 22.035674] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.035925] kasan_atomics+0xb8/0x2e0 [ 22.036112] kunit_try_run_case+0x170/0x3f0 [ 22.036202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.036254] kthread+0x328/0x630 [ 22.036287] ret_from_fork+0x10/0x20 [ 22.036583] [ 22.036827] The buggy address belongs to the object at fff00000c569f300 [ 22.036827] which belongs to the cache kmalloc-64 of size 64 [ 22.037008] The buggy address is located 0 bytes to the right of [ 22.037008] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.037319] [ 22.037467] The buggy address belongs to the physical page: [ 22.037805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.037997] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.038116] page_type: f5(slab) [ 22.038364] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.039298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.039725] page dumped because: kasan: bad access detected [ 22.039793] [ 22.039842] Memory state around the buggy address: [ 22.040004] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.040262] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.040314] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.040414] ^ [ 22.040878] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.040965] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.041094] ================================================================== [ 22.222831] ================================================================== [ 22.222884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 22.222955] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.223007] [ 22.223438] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.223557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.223586] Hardware name: linux,dummy-virt (DT) [ 22.223619] Call trace: [ 22.223952] show_stack+0x20/0x38 (C) [ 22.224185] dump_stack_lvl+0x8c/0xd0 [ 22.224471] print_report+0x118/0x608 [ 22.224870] kasan_report+0xdc/0x128 [ 22.225481] kasan_check_range+0x100/0x1a8 [ 22.225771] __kasan_check_write+0x20/0x30 [ 22.225880] kasan_atomics_helper+0x1190/0x4858 [ 22.225961] kasan_atomics+0x198/0x2e0 [ 22.226008] kunit_try_run_case+0x170/0x3f0 [ 22.226077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.226691] kthread+0x328/0x630 [ 22.226959] ret_from_fork+0x10/0x20 [ 22.227492] [ 22.227738] Allocated by task 265: [ 22.227817] kasan_save_stack+0x3c/0x68 [ 22.227888] kasan_save_track+0x20/0x40 [ 22.228041] kasan_save_alloc_info+0x40/0x58 [ 22.228295] __kasan_kmalloc+0xd4/0xd8 [ 22.228497] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.228677] kasan_atomics+0xb8/0x2e0 [ 22.228783] kunit_try_run_case+0x170/0x3f0 [ 22.229028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.229198] kthread+0x328/0x630 [ 22.229601] ret_from_fork+0x10/0x20 [ 22.229674] [ 22.229697] The buggy address belongs to the object at fff00000c569f300 [ 22.229697] which belongs to the cache kmalloc-64 of size 64 [ 22.229965] The buggy address is located 0 bytes to the right of [ 22.229965] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.230267] [ 22.230601] The buggy address belongs to the physical page: [ 22.230648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.231183] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.231363] page_type: f5(slab) [ 22.231567] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.231637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.231845] page dumped because: kasan: bad access detected [ 22.232073] [ 22.232293] Memory state around the buggy address: [ 22.232506] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.232620] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.232666] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.232867] ^ [ 22.232928] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.233019] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.233191] ================================================================== [ 22.209192] ================================================================== [ 22.209245] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 22.209448] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.209512] [ 22.209547] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.209822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.209998] Hardware name: linux,dummy-virt (DT) [ 22.210042] Call trace: [ 22.210068] show_stack+0x20/0x38 (C) [ 22.210120] dump_stack_lvl+0x8c/0xd0 [ 22.210167] print_report+0x118/0x608 [ 22.210749] kasan_report+0xdc/0x128 [ 22.210828] kasan_check_range+0x100/0x1a8 [ 22.211038] __kasan_check_write+0x20/0x30 [ 22.211209] kasan_atomics_helper+0x10c0/0x4858 [ 22.211270] kasan_atomics+0x198/0x2e0 [ 22.211406] kunit_try_run_case+0x170/0x3f0 [ 22.211586] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.211645] kthread+0x328/0x630 [ 22.211688] ret_from_fork+0x10/0x20 [ 22.211967] [ 22.212125] Allocated by task 265: [ 22.212296] kasan_save_stack+0x3c/0x68 [ 22.212518] kasan_save_track+0x20/0x40 [ 22.212745] kasan_save_alloc_info+0x40/0x58 [ 22.212894] __kasan_kmalloc+0xd4/0xd8 [ 22.212981] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.213024] kasan_atomics+0xb8/0x2e0 [ 22.213101] kunit_try_run_case+0x170/0x3f0 [ 22.213429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.213980] kthread+0x328/0x630 [ 22.214255] ret_from_fork+0x10/0x20 [ 22.214475] [ 22.214534] The buggy address belongs to the object at fff00000c569f300 [ 22.214534] which belongs to the cache kmalloc-64 of size 64 [ 22.214787] The buggy address is located 0 bytes to the right of [ 22.214787] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.214960] [ 22.215200] The buggy address belongs to the physical page: [ 22.215255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.215324] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.215452] page_type: f5(slab) [ 22.215496] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.215688] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.216041] page dumped because: kasan: bad access detected [ 22.216131] [ 22.216302] Memory state around the buggy address: [ 22.216345] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.216530] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.216583] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.216768] ^ [ 22.216831] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.217072] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.217212] ================================================================== [ 22.253198] ================================================================== [ 22.253273] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 22.253326] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.253487] [ 22.253545] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.253685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.253746] Hardware name: linux,dummy-virt (DT) [ 22.253778] Call trace: [ 22.253804] show_stack+0x20/0x38 (C) [ 22.253860] dump_stack_lvl+0x8c/0xd0 [ 22.254213] print_report+0x118/0x608 [ 22.254629] kasan_report+0xdc/0x128 [ 22.254707] kasan_check_range+0x100/0x1a8 [ 22.254862] __kasan_check_write+0x20/0x30 [ 22.254912] kasan_atomics_helper+0x12d8/0x4858 [ 22.255230] kasan_atomics+0x198/0x2e0 [ 22.255299] kunit_try_run_case+0x170/0x3f0 [ 22.255640] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.255751] kthread+0x328/0x630 [ 22.255867] ret_from_fork+0x10/0x20 [ 22.256030] [ 22.256147] Allocated by task 265: [ 22.256190] kasan_save_stack+0x3c/0x68 [ 22.256241] kasan_save_track+0x20/0x40 [ 22.256281] kasan_save_alloc_info+0x40/0x58 [ 22.256592] __kasan_kmalloc+0xd4/0xd8 [ 22.256705] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.257169] kasan_atomics+0xb8/0x2e0 [ 22.257301] kunit_try_run_case+0x170/0x3f0 [ 22.257378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.257759] kthread+0x328/0x630 [ 22.258003] ret_from_fork+0x10/0x20 [ 22.258083] [ 22.258128] The buggy address belongs to the object at fff00000c569f300 [ 22.258128] which belongs to the cache kmalloc-64 of size 64 [ 22.258205] The buggy address is located 0 bytes to the right of [ 22.258205] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.258655] [ 22.258924] The buggy address belongs to the physical page: [ 22.259093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.259188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.259391] page_type: f5(slab) [ 22.259653] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.259808] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.259931] page dumped because: kasan: bad access detected [ 22.259968] [ 22.260240] Memory state around the buggy address: [ 22.260376] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.260424] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.260497] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.260553] ^ [ 22.260600] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.260643] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.260689] ================================================================== [ 22.261979] ================================================================== [ 22.262033] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 22.262204] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.262269] [ 22.262473] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.262616] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.262648] Hardware name: linux,dummy-virt (DT) [ 22.262678] Call trace: [ 22.262705] show_stack+0x20/0x38 (C) [ 22.262768] dump_stack_lvl+0x8c/0xd0 [ 22.263236] print_report+0x118/0x608 [ 22.263308] kasan_report+0xdc/0x128 [ 22.263355] kasan_check_range+0x100/0x1a8 [ 22.263583] __kasan_check_write+0x20/0x30 [ 22.263688] kasan_atomics_helper+0x1384/0x4858 [ 22.263751] kasan_atomics+0x198/0x2e0 [ 22.263795] kunit_try_run_case+0x170/0x3f0 [ 22.264195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.264303] kthread+0x328/0x630 [ 22.264603] ret_from_fork+0x10/0x20 [ 22.264830] [ 22.265004] Allocated by task 265: [ 22.265321] kasan_save_stack+0x3c/0x68 [ 22.265518] kasan_save_track+0x20/0x40 [ 22.265685] kasan_save_alloc_info+0x40/0x58 [ 22.265820] __kasan_kmalloc+0xd4/0xd8 [ 22.265920] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.265981] kasan_atomics+0xb8/0x2e0 [ 22.266020] kunit_try_run_case+0x170/0x3f0 [ 22.266058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.266104] kthread+0x328/0x630 [ 22.266176] ret_from_fork+0x10/0x20 [ 22.266214] [ 22.266237] The buggy address belongs to the object at fff00000c569f300 [ 22.266237] which belongs to the cache kmalloc-64 of size 64 [ 22.266311] The buggy address is located 0 bytes to the right of [ 22.266311] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.266386] [ 22.266423] The buggy address belongs to the physical page: [ 22.266464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.266534] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.266583] page_type: f5(slab) [ 22.266658] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.266731] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.266793] page dumped because: kasan: bad access detected [ 22.266829] [ 22.266859] Memory state around the buggy address: [ 22.266900] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.266945] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.266990] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.267030] ^ [ 22.267065] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.267108] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.267148] ================================================================== [ 22.268037] ================================================================== [ 22.268481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 22.268634] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.268981] [ 22.269024] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.269130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.269169] Hardware name: linux,dummy-virt (DT) [ 22.269211] Call trace: [ 22.269243] show_stack+0x20/0x38 (C) [ 22.269297] dump_stack_lvl+0x8c/0xd0 [ 22.269578] print_report+0x118/0x608 [ 22.269776] kasan_report+0xdc/0x128 [ 22.269849] __asan_report_load8_noabort+0x20/0x30 [ 22.269901] kasan_atomics_helper+0x3f04/0x4858 [ 22.270160] kasan_atomics+0x198/0x2e0 [ 22.270275] kunit_try_run_case+0x170/0x3f0 [ 22.270456] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.270647] kthread+0x328/0x630 [ 22.270929] ret_from_fork+0x10/0x20 [ 22.271088] [ 22.271115] Allocated by task 265: [ 22.271184] kasan_save_stack+0x3c/0x68 [ 22.271342] kasan_save_track+0x20/0x40 [ 22.271408] kasan_save_alloc_info+0x40/0x58 [ 22.271460] __kasan_kmalloc+0xd4/0xd8 [ 22.271556] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.271613] kasan_atomics+0xb8/0x2e0 [ 22.271651] kunit_try_run_case+0x170/0x3f0 [ 22.271860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.272068] kthread+0x328/0x630 [ 22.272184] ret_from_fork+0x10/0x20 [ 22.272244] [ 22.272501] The buggy address belongs to the object at fff00000c569f300 [ 22.272501] which belongs to the cache kmalloc-64 of size 64 [ 22.272799] The buggy address is located 0 bytes to the right of [ 22.272799] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.272990] [ 22.273158] The buggy address belongs to the physical page: [ 22.273339] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.273937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.274190] page_type: f5(slab) [ 22.274273] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.274346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.274563] page dumped because: kasan: bad access detected [ 22.274830] [ 22.275058] Memory state around the buggy address: [ 22.275323] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.275554] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.275787] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.275982] ^ [ 22.276028] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.276209] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.276311] ================================================================== [ 22.348827] ================================================================== [ 22.348879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 22.349250] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.349517] [ 22.349575] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.349742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.349802] Hardware name: linux,dummy-virt (DT) [ 22.349836] Call trace: [ 22.349866] show_stack+0x20/0x38 (C) [ 22.349919] dump_stack_lvl+0x8c/0xd0 [ 22.349966] print_report+0x118/0x608 [ 22.350252] kasan_report+0xdc/0x128 [ 22.350330] __asan_report_load8_noabort+0x20/0x30 [ 22.350383] kasan_atomics_helper+0x3e10/0x4858 [ 22.350839] kasan_atomics+0x198/0x2e0 [ 22.350997] kunit_try_run_case+0x170/0x3f0 [ 22.351475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.351575] kthread+0x328/0x630 [ 22.351638] ret_from_fork+0x10/0x20 [ 22.351811] [ 22.351834] Allocated by task 265: [ 22.351866] kasan_save_stack+0x3c/0x68 [ 22.351916] kasan_save_track+0x20/0x40 [ 22.351955] kasan_save_alloc_info+0x40/0x58 [ 22.351995] __kasan_kmalloc+0xd4/0xd8 [ 22.352205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.352905] kasan_atomics+0xb8/0x2e0 [ 22.352981] kunit_try_run_case+0x170/0x3f0 [ 22.353156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.353251] kthread+0x328/0x630 [ 22.353478] ret_from_fork+0x10/0x20 [ 22.353660] [ 22.353873] The buggy address belongs to the object at fff00000c569f300 [ 22.353873] which belongs to the cache kmalloc-64 of size 64 [ 22.354162] The buggy address is located 0 bytes to the right of [ 22.354162] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.354303] [ 22.354371] The buggy address belongs to the physical page: [ 22.354499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.354596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.354758] page_type: f5(slab) [ 22.354842] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.354895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.354938] page dumped because: kasan: bad access detected [ 22.355109] [ 22.355554] Memory state around the buggy address: [ 22.355601] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.355649] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.355694] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.356193] ^ [ 22.356514] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.356610] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.356654] ================================================================== [ 22.161410] ================================================================== [ 22.161470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 22.161521] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.161572] [ 22.161625] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.161722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.161750] Hardware name: linux,dummy-virt (DT) [ 22.161783] Call trace: [ 22.161807] show_stack+0x20/0x38 (C) [ 22.161861] dump_stack_lvl+0x8c/0xd0 [ 22.161908] print_report+0x118/0x608 [ 22.161955] kasan_report+0xdc/0x128 [ 22.162000] kasan_check_range+0x100/0x1a8 [ 22.162048] __kasan_check_write+0x20/0x30 [ 22.162092] kasan_atomics_helper+0xe44/0x4858 [ 22.162141] kasan_atomics+0x198/0x2e0 [ 22.162195] kunit_try_run_case+0x170/0x3f0 [ 22.162244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.162296] kthread+0x328/0x630 [ 22.162347] ret_from_fork+0x10/0x20 [ 22.162400] [ 22.162421] Allocated by task 265: [ 22.162452] kasan_save_stack+0x3c/0x68 [ 22.162502] kasan_save_track+0x20/0x40 [ 22.162541] kasan_save_alloc_info+0x40/0x58 [ 22.162583] __kasan_kmalloc+0xd4/0xd8 [ 22.162621] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.162661] kasan_atomics+0xb8/0x2e0 [ 22.162699] kunit_try_run_case+0x170/0x3f0 [ 22.163105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.163170] kthread+0x328/0x630 [ 22.163470] ret_from_fork+0x10/0x20 [ 22.163542] [ 22.163587] The buggy address belongs to the object at fff00000c569f300 [ 22.163587] which belongs to the cache kmalloc-64 of size 64 [ 22.163970] The buggy address is located 0 bytes to the right of [ 22.163970] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.164200] [ 22.164331] The buggy address belongs to the physical page: [ 22.164366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.164751] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.165232] page_type: f5(slab) [ 22.165321] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.165574] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.165793] page dumped because: kasan: bad access detected [ 22.166036] [ 22.166086] Memory state around the buggy address: [ 22.166253] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.166360] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.166416] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.166610] ^ [ 22.166972] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.167219] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.167319] ================================================================== [ 22.119809] ================================================================== [ 22.119861] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 22.120259] Write of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.120408] [ 22.120589] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.120676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.121029] Hardware name: linux,dummy-virt (DT) [ 22.121462] Call trace: [ 22.121514] show_stack+0x20/0x38 (C) [ 22.121609] dump_stack_lvl+0x8c/0xd0 [ 22.121788] print_report+0x118/0x608 [ 22.121876] kasan_report+0xdc/0x128 [ 22.122099] kasan_check_range+0x100/0x1a8 [ 22.122194] __kasan_check_write+0x20/0x30 [ 22.122524] kasan_atomics_helper+0xd3c/0x4858 [ 22.122583] kasan_atomics+0x198/0x2e0 [ 22.123088] kunit_try_run_case+0x170/0x3f0 [ 22.123315] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.123474] kthread+0x328/0x630 [ 22.123553] ret_from_fork+0x10/0x20 [ 22.124024] [ 22.124122] Allocated by task 265: [ 22.124317] kasan_save_stack+0x3c/0x68 [ 22.124545] kasan_save_track+0x20/0x40 [ 22.124887] kasan_save_alloc_info+0x40/0x58 [ 22.125079] __kasan_kmalloc+0xd4/0xd8 [ 22.125167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.125384] kasan_atomics+0xb8/0x2e0 [ 22.125473] kunit_try_run_case+0x170/0x3f0 [ 22.125718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.125982] kthread+0x328/0x630 [ 22.126324] ret_from_fork+0x10/0x20 [ 22.126677] [ 22.126849] The buggy address belongs to the object at fff00000c569f300 [ 22.126849] which belongs to the cache kmalloc-64 of size 64 [ 22.127201] The buggy address is located 0 bytes to the right of [ 22.127201] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.127337] [ 22.127364] The buggy address belongs to the physical page: [ 22.127593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.127851] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.128089] page_type: f5(slab) [ 22.128458] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.128659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.128971] page dumped because: kasan: bad access detected [ 22.129050] [ 22.129302] Memory state around the buggy address: [ 22.129436] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.129679] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.130061] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.130251] ^ [ 22.130367] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.130455] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.130594] ================================================================== [ 22.141917] ================================================================== [ 22.141970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 22.142114] Read of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.142175] [ 22.142216] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.142606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.142895] Hardware name: linux,dummy-virt (DT) [ 22.142976] Call trace: [ 22.143009] show_stack+0x20/0x38 (C) [ 22.143060] dump_stack_lvl+0x8c/0xd0 [ 22.143109] print_report+0x118/0x608 [ 22.143155] kasan_report+0xdc/0x128 [ 22.143221] kasan_check_range+0x100/0x1a8 [ 22.143271] __kasan_check_read+0x20/0x30 [ 22.143339] kasan_atomics_helper+0xdd4/0x4858 [ 22.143395] kasan_atomics+0x198/0x2e0 [ 22.143443] kunit_try_run_case+0x170/0x3f0 [ 22.144131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.144200] kthread+0x328/0x630 [ 22.144243] ret_from_fork+0x10/0x20 [ 22.144305] [ 22.144326] Allocated by task 265: [ 22.144754] kasan_save_stack+0x3c/0x68 [ 22.144956] kasan_save_track+0x20/0x40 [ 22.145012] kasan_save_alloc_info+0x40/0x58 [ 22.145055] __kasan_kmalloc+0xd4/0xd8 [ 22.145532] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.145720] kasan_atomics+0xb8/0x2e0 [ 22.145836] kunit_try_run_case+0x170/0x3f0 [ 22.145927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.145982] kthread+0x328/0x630 [ 22.146023] ret_from_fork+0x10/0x20 [ 22.146210] [ 22.146337] The buggy address belongs to the object at fff00000c569f300 [ 22.146337] which belongs to the cache kmalloc-64 of size 64 [ 22.146784] The buggy address is located 0 bytes to the right of [ 22.146784] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.146867] [ 22.146951] The buggy address belongs to the physical page: [ 22.147498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.147747] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.147837] page_type: f5(slab) [ 22.147881] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.147933] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.148206] page dumped because: kasan: bad access detected [ 22.148493] [ 22.148561] Memory state around the buggy address: [ 22.148894] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.149035] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.149114] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.149155] ^ [ 22.149208] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.149268] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.149307] ================================================================== [ 22.028548] ================================================================== [ 22.028633] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 22.028698] Write of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.028763] [ 22.028796] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.028878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.028907] Hardware name: linux,dummy-virt (DT) [ 22.028949] Call trace: [ 22.028974] show_stack+0x20/0x38 (C) [ 22.029022] dump_stack_lvl+0x8c/0xd0 [ 22.029068] print_report+0x118/0x608 [ 22.029116] kasan_report+0xdc/0x128 [ 22.029161] kasan_check_range+0x100/0x1a8 [ 22.029217] __kasan_check_write+0x20/0x30 [ 22.029265] kasan_atomics_helper+0x99c/0x4858 [ 22.029313] kasan_atomics+0x198/0x2e0 [ 22.029358] kunit_try_run_case+0x170/0x3f0 [ 22.029406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.029457] kthread+0x328/0x630 [ 22.029500] ret_from_fork+0x10/0x20 [ 22.029547] [ 22.029568] Allocated by task 265: [ 22.029598] kasan_save_stack+0x3c/0x68 [ 22.029639] kasan_save_track+0x20/0x40 [ 22.029676] kasan_save_alloc_info+0x40/0x58 [ 22.029728] __kasan_kmalloc+0xd4/0xd8 [ 22.029770] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.029810] kasan_atomics+0xb8/0x2e0 [ 22.029848] kunit_try_run_case+0x170/0x3f0 [ 22.029887] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.029931] kthread+0x328/0x630 [ 22.029966] ret_from_fork+0x10/0x20 [ 22.030002] [ 22.030022] The buggy address belongs to the object at fff00000c569f300 [ 22.030022] which belongs to the cache kmalloc-64 of size 64 [ 22.030089] The buggy address is located 0 bytes to the right of [ 22.030089] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.030156] [ 22.030187] The buggy address belongs to the physical page: [ 22.030219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.030271] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.030319] page_type: f5(slab) [ 22.030357] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.030408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.030467] page dumped because: kasan: bad access detected [ 22.030500] [ 22.030522] Memory state around the buggy address: [ 22.030564] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.030610] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.030654] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.030694] ^ [ 22.031564] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.031631] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.031731] ================================================================== [ 22.312664] ================================================================== [ 22.312806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 22.312860] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.312929] [ 22.313031] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.313129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.313157] Hardware name: linux,dummy-virt (DT) [ 22.313196] Call trace: [ 22.313228] show_stack+0x20/0x38 (C) [ 22.313535] dump_stack_lvl+0x8c/0xd0 [ 22.313611] print_report+0x118/0x608 [ 22.313659] kasan_report+0xdc/0x128 [ 22.314080] kasan_check_range+0x100/0x1a8 [ 22.314309] __kasan_check_write+0x20/0x30 [ 22.314373] kasan_atomics_helper+0x15b4/0x4858 [ 22.314465] kasan_atomics+0x198/0x2e0 [ 22.314626] kunit_try_run_case+0x170/0x3f0 [ 22.314763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.314850] kthread+0x328/0x630 [ 22.314909] ret_from_fork+0x10/0x20 [ 22.314965] [ 22.314988] Allocated by task 265: [ 22.315264] kasan_save_stack+0x3c/0x68 [ 22.315329] kasan_save_track+0x20/0x40 [ 22.315595] kasan_save_alloc_info+0x40/0x58 [ 22.315776] __kasan_kmalloc+0xd4/0xd8 [ 22.315903] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.316082] kasan_atomics+0xb8/0x2e0 [ 22.316238] kunit_try_run_case+0x170/0x3f0 [ 22.316283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.316328] kthread+0x328/0x630 [ 22.316369] ret_from_fork+0x10/0x20 [ 22.316578] [ 22.316746] The buggy address belongs to the object at fff00000c569f300 [ 22.316746] which belongs to the cache kmalloc-64 of size 64 [ 22.317034] The buggy address is located 0 bytes to the right of [ 22.317034] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.317238] [ 22.317283] The buggy address belongs to the physical page: [ 22.317491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.317681] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.317746] page_type: f5(slab) [ 22.318226] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.318332] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.318539] page dumped because: kasan: bad access detected [ 22.318687] [ 22.318760] Memory state around the buggy address: [ 22.319092] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.319216] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.319510] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.319643] ^ [ 22.319690] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.319742] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.319969] ================================================================== [ 22.177512] ================================================================== [ 22.177747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 22.177807] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.177866] [ 22.177899] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.177981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.178008] Hardware name: linux,dummy-virt (DT) [ 22.178040] Call trace: [ 22.178064] show_stack+0x20/0x38 (C) [ 22.178112] dump_stack_lvl+0x8c/0xd0 [ 22.178159] print_report+0x118/0x608 [ 22.178318] kasan_report+0xdc/0x128 [ 22.178377] kasan_check_range+0x100/0x1a8 [ 22.178427] __kasan_check_write+0x20/0x30 [ 22.178472] kasan_atomics_helper+0xeb8/0x4858 [ 22.178519] kasan_atomics+0x198/0x2e0 [ 22.178565] kunit_try_run_case+0x170/0x3f0 [ 22.178611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.178664] kthread+0x328/0x630 [ 22.178705] ret_from_fork+0x10/0x20 [ 22.178769] [ 22.178789] Allocated by task 265: [ 22.178817] kasan_save_stack+0x3c/0x68 [ 22.178860] kasan_save_track+0x20/0x40 [ 22.178898] kasan_save_alloc_info+0x40/0x58 [ 22.178938] __kasan_kmalloc+0xd4/0xd8 [ 22.178976] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.179016] kasan_atomics+0xb8/0x2e0 [ 22.179055] kunit_try_run_case+0x170/0x3f0 [ 22.179094] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.179138] kthread+0x328/0x630 [ 22.179172] ret_from_fork+0x10/0x20 [ 22.179209] [ 22.179229] The buggy address belongs to the object at fff00000c569f300 [ 22.179229] which belongs to the cache kmalloc-64 of size 64 [ 22.179287] The buggy address is located 0 bytes to the right of [ 22.179287] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.179352] [ 22.179373] The buggy address belongs to the physical page: [ 22.179405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.179461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.179508] page_type: f5(slab) [ 22.179547] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.179598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.179640] page dumped because: kasan: bad access detected [ 22.179673] [ 22.179694] Memory state around the buggy address: [ 22.179738] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.179780] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.179823] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.179861] ^ [ 22.179895] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.179938] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.179977] ================================================================== [ 22.234052] ================================================================== [ 22.234119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 22.234274] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.234680] [ 22.234794] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.235002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.235061] Hardware name: linux,dummy-virt (DT) [ 22.235133] Call trace: [ 22.235163] show_stack+0x20/0x38 (C) [ 22.235240] dump_stack_lvl+0x8c/0xd0 [ 22.235465] print_report+0x118/0x608 [ 22.235762] kasan_report+0xdc/0x128 [ 22.235972] kasan_check_range+0x100/0x1a8 [ 22.236300] __kasan_check_write+0x20/0x30 [ 22.236405] kasan_atomics_helper+0x11f8/0x4858 [ 22.236511] kasan_atomics+0x198/0x2e0 [ 22.236607] kunit_try_run_case+0x170/0x3f0 [ 22.236721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.236776] kthread+0x328/0x630 [ 22.236818] ret_from_fork+0x10/0x20 [ 22.237441] [ 22.237697] Allocated by task 265: [ 22.237797] kasan_save_stack+0x3c/0x68 [ 22.237912] kasan_save_track+0x20/0x40 [ 22.237969] kasan_save_alloc_info+0x40/0x58 [ 22.238092] __kasan_kmalloc+0xd4/0xd8 [ 22.238160] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.238337] kasan_atomics+0xb8/0x2e0 [ 22.238397] kunit_try_run_case+0x170/0x3f0 [ 22.238768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.239050] kthread+0x328/0x630 [ 22.239118] ret_from_fork+0x10/0x20 [ 22.239264] [ 22.239326] The buggy address belongs to the object at fff00000c569f300 [ 22.239326] which belongs to the cache kmalloc-64 of size 64 [ 22.239526] The buggy address is located 0 bytes to the right of [ 22.239526] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.239729] [ 22.239922] The buggy address belongs to the physical page: [ 22.239997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.240204] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.240450] page_type: f5(slab) [ 22.240507] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.240560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.240943] page dumped because: kasan: bad access detected [ 22.241169] [ 22.241446] Memory state around the buggy address: [ 22.241529] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.241746] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.241871] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.241981] ^ [ 22.242033] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242077] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242223] ================================================================== [ 22.132342] ================================================================== [ 22.132512] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 22.132724] Read of size 4 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.132800] [ 22.132845] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.133094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.133257] Hardware name: linux,dummy-virt (DT) [ 22.133523] Call trace: [ 22.133568] show_stack+0x20/0x38 (C) [ 22.133622] dump_stack_lvl+0x8c/0xd0 [ 22.133815] print_report+0x118/0x608 [ 22.134022] kasan_report+0xdc/0x128 [ 22.134091] __asan_report_load4_noabort+0x20/0x30 [ 22.134149] kasan_atomics_helper+0x3e04/0x4858 [ 22.134350] kasan_atomics+0x198/0x2e0 [ 22.134543] kunit_try_run_case+0x170/0x3f0 [ 22.134615] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.135019] kthread+0x328/0x630 [ 22.135182] ret_from_fork+0x10/0x20 [ 22.135243] [ 22.135439] Allocated by task 265: [ 22.135549] kasan_save_stack+0x3c/0x68 [ 22.135598] kasan_save_track+0x20/0x40 [ 22.135637] kasan_save_alloc_info+0x40/0x58 [ 22.135679] __kasan_kmalloc+0xd4/0xd8 [ 22.136155] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.136345] kasan_atomics+0xb8/0x2e0 [ 22.136554] kunit_try_run_case+0x170/0x3f0 [ 22.136610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.136832] kthread+0x328/0x630 [ 22.136977] ret_from_fork+0x10/0x20 [ 22.137086] [ 22.137304] The buggy address belongs to the object at fff00000c569f300 [ 22.137304] which belongs to the cache kmalloc-64 of size 64 [ 22.137460] The buggy address is located 0 bytes to the right of [ 22.137460] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.137648] [ 22.137674] The buggy address belongs to the physical page: [ 22.137900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.138119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.138199] page_type: f5(slab) [ 22.138417] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.138813] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.139068] page dumped because: kasan: bad access detected [ 22.139122] [ 22.139535] Memory state around the buggy address: [ 22.139680] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.139742] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.139938] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.140171] ^ [ 22.140269] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.140357] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.140520] ================================================================== [ 22.180090] ================================================================== [ 22.180137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 22.180181] Write of size 8 at addr fff00000c569f330 by task kunit_try_catch/265 [ 22.180231] [ 22.180260] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.180340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.180368] Hardware name: linux,dummy-virt (DT) [ 22.180399] Call trace: [ 22.180421] show_stack+0x20/0x38 (C) [ 22.180467] dump_stack_lvl+0x8c/0xd0 [ 22.180514] print_report+0x118/0x608 [ 22.180561] kasan_report+0xdc/0x128 [ 22.180606] kasan_check_range+0x100/0x1a8 [ 22.180656] __kasan_check_write+0x20/0x30 [ 22.180932] kasan_atomics_helper+0xf20/0x4858 [ 22.180997] kasan_atomics+0x198/0x2e0 [ 22.181043] kunit_try_run_case+0x170/0x3f0 [ 22.181143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.181198] kthread+0x328/0x630 [ 22.181239] ret_from_fork+0x10/0x20 [ 22.181286] [ 22.181308] Allocated by task 265: [ 22.181336] kasan_save_stack+0x3c/0x68 [ 22.181379] kasan_save_track+0x20/0x40 [ 22.181418] kasan_save_alloc_info+0x40/0x58 [ 22.181458] __kasan_kmalloc+0xd4/0xd8 [ 22.181496] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.181537] kasan_atomics+0xb8/0x2e0 [ 22.181572] kunit_try_run_case+0x170/0x3f0 [ 22.181613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.181658] kthread+0x328/0x630 [ 22.181692] ret_from_fork+0x10/0x20 [ 22.181740] [ 22.181761] The buggy address belongs to the object at fff00000c569f300 [ 22.181761] which belongs to the cache kmalloc-64 of size 64 [ 22.181819] The buggy address is located 0 bytes to the right of [ 22.181819] allocated 48-byte region [fff00000c569f300, fff00000c569f330) [ 22.181884] [ 22.181906] The buggy address belongs to the physical page: [ 22.181937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10569f [ 22.181989] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.182038] page_type: f5(slab) [ 22.182074] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 22.182127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.182169] page dumped because: kasan: bad access detected [ 22.182203] [ 22.182223] Memory state around the buggy address: [ 22.182256] fff00000c569f200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.182302] fff00000c569f280: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 22.182344] >fff00000c569f300: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.182383] ^ [ 22.182414] fff00000c569f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.182458] fff00000c569f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.182497] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.692812] ================================================================== [ 21.693175] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.693279] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.693689] [ 21.693750] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.693870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.693901] Hardware name: linux,dummy-virt (DT) [ 21.693933] Call trace: [ 21.694005] show_stack+0x20/0x38 (C) [ 21.694185] dump_stack_lvl+0x8c/0xd0 [ 21.694416] print_report+0x118/0x608 [ 21.694484] kasan_report+0xdc/0x128 [ 21.694531] kasan_check_range+0x100/0x1a8 [ 21.694832] __kasan_check_write+0x20/0x30 [ 21.694902] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.694956] kasan_bitops_generic+0x110/0x1c8 [ 21.695093] kunit_try_run_case+0x170/0x3f0 [ 21.695153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.695476] kthread+0x328/0x630 [ 21.695573] ret_from_fork+0x10/0x20 [ 21.695779] [ 21.695903] Allocated by task 261: [ 21.696126] kasan_save_stack+0x3c/0x68 [ 21.696244] kasan_save_track+0x20/0x40 [ 21.696324] kasan_save_alloc_info+0x40/0x58 [ 21.696555] __kasan_kmalloc+0xd4/0xd8 [ 21.696860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.697007] kasan_bitops_generic+0xa0/0x1c8 [ 21.697117] kunit_try_run_case+0x170/0x3f0 [ 21.697299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.697526] kthread+0x328/0x630 [ 21.697644] ret_from_fork+0x10/0x20 [ 21.697720] [ 21.697964] The buggy address belongs to the object at fff00000c6404060 [ 21.697964] which belongs to the cache kmalloc-16 of size 16 [ 21.698100] The buggy address is located 8 bytes inside of [ 21.698100] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.698317] [ 21.698373] The buggy address belongs to the physical page: [ 21.698423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.698490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.698580] page_type: f5(slab) [ 21.698636] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.698687] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.698741] page dumped because: kasan: bad access detected [ 21.698784] [ 21.698813] Memory state around the buggy address: [ 21.698847] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.698893] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.698942] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.698980] ^ [ 21.699028] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.699077] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.699117] ================================================================== [ 21.684449] ================================================================== [ 21.684512] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.684620] Read of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.684699] [ 21.684790] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.684872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.684901] Hardware name: linux,dummy-virt (DT) [ 21.684934] Call trace: [ 21.685164] show_stack+0x20/0x38 (C) [ 21.685734] dump_stack_lvl+0x8c/0xd0 [ 21.685803] print_report+0x118/0x608 [ 21.686121] kasan_report+0xdc/0x128 [ 21.686184] __asan_report_load8_noabort+0x20/0x30 [ 21.686237] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.686290] kasan_bitops_generic+0x110/0x1c8 [ 21.686339] kunit_try_run_case+0x170/0x3f0 [ 21.686624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.686702] kthread+0x328/0x630 [ 21.686759] ret_from_fork+0x10/0x20 [ 21.686817] [ 21.686838] Allocated by task 261: [ 21.687371] kasan_save_stack+0x3c/0x68 [ 21.687480] kasan_save_track+0x20/0x40 [ 21.687549] kasan_save_alloc_info+0x40/0x58 [ 21.687701] __kasan_kmalloc+0xd4/0xd8 [ 21.687916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.688088] kasan_bitops_generic+0xa0/0x1c8 [ 21.688244] kunit_try_run_case+0x170/0x3f0 [ 21.688567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.688707] kthread+0x328/0x630 [ 21.688815] ret_from_fork+0x10/0x20 [ 21.688951] [ 21.689038] The buggy address belongs to the object at fff00000c6404060 [ 21.689038] which belongs to the cache kmalloc-16 of size 16 [ 21.689162] The buggy address is located 8 bytes inside of [ 21.689162] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.689311] [ 21.689378] The buggy address belongs to the physical page: [ 21.689701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.689921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.690019] page_type: f5(slab) [ 21.690385] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.690631] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.690846] page dumped because: kasan: bad access detected [ 21.690911] [ 21.690955] Memory state around the buggy address: [ 21.691016] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.691158] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691213] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.691255] ^ [ 21.691308] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691353] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691409] ================================================================== [ 21.674883] ================================================================== [ 21.675062] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.675123] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.675339] [ 21.675394] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.675524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.675592] Hardware name: linux,dummy-virt (DT) [ 21.675640] Call trace: [ 21.675667] show_stack+0x20/0x38 (C) [ 21.675999] dump_stack_lvl+0x8c/0xd0 [ 21.676108] print_report+0x118/0x608 [ 21.676277] kasan_report+0xdc/0x128 [ 21.676382] kasan_check_range+0x100/0x1a8 [ 21.676539] __kasan_check_write+0x20/0x30 [ 21.676667] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.677040] kasan_bitops_generic+0x110/0x1c8 [ 21.677176] kunit_try_run_case+0x170/0x3f0 [ 21.677318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.677433] kthread+0x328/0x630 [ 21.677506] ret_from_fork+0x10/0x20 [ 21.677795] [ 21.677825] Allocated by task 261: [ 21.678192] kasan_save_stack+0x3c/0x68 [ 21.678276] kasan_save_track+0x20/0x40 [ 21.678414] kasan_save_alloc_info+0x40/0x58 [ 21.678545] __kasan_kmalloc+0xd4/0xd8 [ 21.678937] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.679129] kasan_bitops_generic+0xa0/0x1c8 [ 21.679295] kunit_try_run_case+0x170/0x3f0 [ 21.679359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.679422] kthread+0x328/0x630 [ 21.679831] ret_from_fork+0x10/0x20 [ 21.680021] [ 21.680125] The buggy address belongs to the object at fff00000c6404060 [ 21.680125] which belongs to the cache kmalloc-16 of size 16 [ 21.680293] The buggy address is located 8 bytes inside of [ 21.680293] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.680356] [ 21.680390] The buggy address belongs to the physical page: [ 21.680586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.680697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.680876] page_type: f5(slab) [ 21.680999] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.681095] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.681259] page dumped because: kasan: bad access detected [ 21.681343] [ 21.681366] Memory state around the buggy address: [ 21.681420] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.681475] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.681684] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.681898] ^ [ 21.682268] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682380] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682490] ================================================================== [ 21.659227] ================================================================== [ 21.659294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.659351] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.659404] [ 21.659439] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.659735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.659765] Hardware name: linux,dummy-virt (DT) [ 21.660089] Call trace: [ 21.660304] show_stack+0x20/0x38 (C) [ 21.660380] dump_stack_lvl+0x8c/0xd0 [ 21.660579] print_report+0x118/0x608 [ 21.660737] kasan_report+0xdc/0x128 [ 21.661097] kasan_check_range+0x100/0x1a8 [ 21.661222] __kasan_check_write+0x20/0x30 [ 21.661337] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.661671] kasan_bitops_generic+0x110/0x1c8 [ 21.662107] kunit_try_run_case+0x170/0x3f0 [ 21.662216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.662450] kthread+0x328/0x630 [ 21.662693] ret_from_fork+0x10/0x20 [ 21.662763] [ 21.662944] Allocated by task 261: [ 21.663208] kasan_save_stack+0x3c/0x68 [ 21.663303] kasan_save_track+0x20/0x40 [ 21.663344] kasan_save_alloc_info+0x40/0x58 [ 21.663387] __kasan_kmalloc+0xd4/0xd8 [ 21.663567] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.663917] kasan_bitops_generic+0xa0/0x1c8 [ 21.664125] kunit_try_run_case+0x170/0x3f0 [ 21.664229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.664346] kthread+0x328/0x630 [ 21.664454] ret_from_fork+0x10/0x20 [ 21.664517] [ 21.664579] The buggy address belongs to the object at fff00000c6404060 [ 21.664579] which belongs to the cache kmalloc-16 of size 16 [ 21.664793] The buggy address is located 8 bytes inside of [ 21.664793] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.665007] [ 21.665047] The buggy address belongs to the physical page: [ 21.665099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.665229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.665330] page_type: f5(slab) [ 21.665571] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.665674] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.666016] page dumped because: kasan: bad access detected [ 21.666070] [ 21.666125] Memory state around the buggy address: [ 21.666167] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.666215] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666259] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.666323] ^ [ 21.666369] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666427] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666475] ================================================================== [ 21.669007] ================================================================== [ 21.669506] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.669578] Read of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.669900] [ 21.670022] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.670122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.670152] Hardware name: linux,dummy-virt (DT) [ 21.670305] Call trace: [ 21.670363] show_stack+0x20/0x38 (C) [ 21.670544] dump_stack_lvl+0x8c/0xd0 [ 21.670610] print_report+0x118/0x608 [ 21.670688] kasan_report+0xdc/0x128 [ 21.670938] __asan_report_load8_noabort+0x20/0x30 [ 21.671008] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.671062] kasan_bitops_generic+0x110/0x1c8 [ 21.671557] kunit_try_run_case+0x170/0x3f0 [ 21.671635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.671964] kthread+0x328/0x630 [ 21.672122] ret_from_fork+0x10/0x20 [ 21.672207] [ 21.672302] Allocated by task 261: [ 21.672392] kasan_save_stack+0x3c/0x68 [ 21.672581] kasan_save_track+0x20/0x40 [ 21.672669] kasan_save_alloc_info+0x40/0x58 [ 21.672723] __kasan_kmalloc+0xd4/0xd8 [ 21.672762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.672811] kasan_bitops_generic+0xa0/0x1c8 [ 21.672861] kunit_try_run_case+0x170/0x3f0 [ 21.672900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.672945] kthread+0x328/0x630 [ 21.672990] ret_from_fork+0x10/0x20 [ 21.673027] [ 21.673049] The buggy address belongs to the object at fff00000c6404060 [ 21.673049] which belongs to the cache kmalloc-16 of size 16 [ 21.673111] The buggy address is located 8 bytes inside of [ 21.673111] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.673174] [ 21.673205] The buggy address belongs to the physical page: [ 21.673254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.673308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.673365] page_type: f5(slab) [ 21.673409] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.673466] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.673508] page dumped because: kasan: bad access detected [ 21.673552] [ 21.673582] Memory state around the buggy address: [ 21.673615] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.673668] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673734] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.673775] ^ [ 21.673813] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673856] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673897] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 21.639241] ================================================================== [ 21.639576] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 21.639794] Read of size 1 at addr fff00000c56a2110 by task kunit_try_catch/259 [ 21.639909] [ 21.640094] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.640680] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.640916] Hardware name: linux,dummy-virt (DT) [ 21.640960] Call trace: [ 21.641036] show_stack+0x20/0x38 (C) [ 21.641120] dump_stack_lvl+0x8c/0xd0 [ 21.641204] print_report+0x118/0x608 [ 21.641409] kasan_report+0xdc/0x128 [ 21.641572] __asan_report_load1_noabort+0x20/0x30 [ 21.641872] strnlen+0x80/0x88 [ 21.641934] kasan_strings+0x478/0xb00 [ 21.642099] kunit_try_run_case+0x170/0x3f0 [ 21.642163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.642484] kthread+0x328/0x630 [ 21.642772] ret_from_fork+0x10/0x20 [ 21.642885] [ 21.643024] Allocated by task 259: [ 21.643132] kasan_save_stack+0x3c/0x68 [ 21.643326] kasan_save_track+0x20/0x40 [ 21.643555] kasan_save_alloc_info+0x40/0x58 [ 21.643650] __kasan_kmalloc+0xd4/0xd8 [ 21.643798] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.643981] kasan_strings+0xc8/0xb00 [ 21.644113] kunit_try_run_case+0x170/0x3f0 [ 21.644171] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.644218] kthread+0x328/0x630 [ 21.644287] ret_from_fork+0x10/0x20 [ 21.644326] [ 21.644485] Freed by task 259: [ 21.644618] kasan_save_stack+0x3c/0x68 [ 21.644883] kasan_save_track+0x20/0x40 [ 21.644950] kasan_save_free_info+0x4c/0x78 [ 21.645084] __kasan_slab_free+0x6c/0x98 [ 21.645228] kfree+0x214/0x3c8 [ 21.645419] kasan_strings+0x24c/0xb00 [ 21.645609] kunit_try_run_case+0x170/0x3f0 [ 21.645680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.645843] kthread+0x328/0x630 [ 21.645915] ret_from_fork+0x10/0x20 [ 21.646060] [ 21.646082] The buggy address belongs to the object at fff00000c56a2100 [ 21.646082] which belongs to the cache kmalloc-32 of size 32 [ 21.646188] The buggy address is located 16 bytes inside of [ 21.646188] freed 32-byte region [fff00000c56a2100, fff00000c56a2120) [ 21.646433] [ 21.646728] The buggy address belongs to the physical page: [ 21.646837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056a2 [ 21.646945] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.647157] page_type: f5(slab) [ 21.647228] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.647325] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.647583] page dumped because: kasan: bad access detected [ 21.647649] [ 21.647846] Memory state around the buggy address: [ 21.647941] fff00000c56a2000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.647988] fff00000c56a2080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.648031] >fff00000c56a2100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.648471] ^ [ 21.648617] fff00000c56a2180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.648728] fff00000c56a2200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.648840] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 21.630615] ================================================================== [ 21.630910] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 21.631302] Read of size 1 at addr fff00000c56a2110 by task kunit_try_catch/259 [ 21.631374] [ 21.631409] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.631722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.631756] Hardware name: linux,dummy-virt (DT) [ 21.632125] Call trace: [ 21.632454] show_stack+0x20/0x38 (C) [ 21.632642] dump_stack_lvl+0x8c/0xd0 [ 21.632895] print_report+0x118/0x608 [ 21.633083] kasan_report+0xdc/0x128 [ 21.633242] __asan_report_load1_noabort+0x20/0x30 [ 21.633355] strlen+0xa8/0xb0 [ 21.633537] kasan_strings+0x418/0xb00 [ 21.633860] kunit_try_run_case+0x170/0x3f0 [ 21.634106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.634274] kthread+0x328/0x630 [ 21.634359] ret_from_fork+0x10/0x20 [ 21.634742] [ 21.634787] Allocated by task 259: [ 21.634922] kasan_save_stack+0x3c/0x68 [ 21.635049] kasan_save_track+0x20/0x40 [ 21.635327] kasan_save_alloc_info+0x40/0x58 [ 21.635482] __kasan_kmalloc+0xd4/0xd8 [ 21.635730] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.635837] kasan_strings+0xc8/0xb00 [ 21.635976] kunit_try_run_case+0x170/0x3f0 [ 21.636023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.636069] kthread+0x328/0x630 [ 21.636107] ret_from_fork+0x10/0x20 [ 21.636178] [ 21.636201] Freed by task 259: [ 21.636243] kasan_save_stack+0x3c/0x68 [ 21.636284] kasan_save_track+0x20/0x40 [ 21.636332] kasan_save_free_info+0x4c/0x78 [ 21.636374] __kasan_slab_free+0x6c/0x98 [ 21.636421] kfree+0x214/0x3c8 [ 21.636456] kasan_strings+0x24c/0xb00 [ 21.636494] kunit_try_run_case+0x170/0x3f0 [ 21.636533] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.636579] kthread+0x328/0x630 [ 21.636621] ret_from_fork+0x10/0x20 [ 21.636657] [ 21.636678] The buggy address belongs to the object at fff00000c56a2100 [ 21.636678] which belongs to the cache kmalloc-32 of size 32 [ 21.636750] The buggy address is located 16 bytes inside of [ 21.636750] freed 32-byte region [fff00000c56a2100, fff00000c56a2120) [ 21.636824] [ 21.636857] The buggy address belongs to the physical page: [ 21.636889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056a2 [ 21.636942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.636992] page_type: f5(slab) [ 21.637039] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.637094] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.637148] page dumped because: kasan: bad access detected [ 21.637190] [ 21.637209] Memory state around the buggy address: [ 21.637251] fff00000c56a2000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.637296] fff00000c56a2080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.637350] >fff00000c56a2100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.637389] ^ [ 21.637422] fff00000c56a2180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.637475] fff00000c56a2200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.637517] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 21.620928] ================================================================== [ 21.620983] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 21.621046] Read of size 1 at addr fff00000c56a2110 by task kunit_try_catch/259 [ 21.621319] [ 21.621406] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.621501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.621530] Hardware name: linux,dummy-virt (DT) [ 21.621747] Call trace: [ 21.621910] show_stack+0x20/0x38 (C) [ 21.622022] dump_stack_lvl+0x8c/0xd0 [ 21.622097] print_report+0x118/0x608 [ 21.622163] kasan_report+0xdc/0x128 [ 21.622276] __asan_report_load1_noabort+0x20/0x30 [ 21.622329] kasan_strings+0x95c/0xb00 [ 21.622386] kunit_try_run_case+0x170/0x3f0 [ 21.622686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.622765] kthread+0x328/0x630 [ 21.622810] ret_from_fork+0x10/0x20 [ 21.622861] [ 21.622883] Allocated by task 259: [ 21.623294] kasan_save_stack+0x3c/0x68 [ 21.623475] kasan_save_track+0x20/0x40 [ 21.623533] kasan_save_alloc_info+0x40/0x58 [ 21.623677] __kasan_kmalloc+0xd4/0xd8 [ 21.623783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.623823] kasan_strings+0xc8/0xb00 [ 21.623882] kunit_try_run_case+0x170/0x3f0 [ 21.624206] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.624380] kthread+0x328/0x630 [ 21.624477] ret_from_fork+0x10/0x20 [ 21.624623] [ 21.624693] Freed by task 259: [ 21.624839] kasan_save_stack+0x3c/0x68 [ 21.624884] kasan_save_track+0x20/0x40 [ 21.624924] kasan_save_free_info+0x4c/0x78 [ 21.625157] __kasan_slab_free+0x6c/0x98 [ 21.625327] kfree+0x214/0x3c8 [ 21.625397] kasan_strings+0x24c/0xb00 [ 21.625521] kunit_try_run_case+0x170/0x3f0 [ 21.625652] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.625809] kthread+0x328/0x630 [ 21.625900] ret_from_fork+0x10/0x20 [ 21.626175] [ 21.626363] The buggy address belongs to the object at fff00000c56a2100 [ 21.626363] which belongs to the cache kmalloc-32 of size 32 [ 21.626759] The buggy address is located 16 bytes inside of [ 21.626759] freed 32-byte region [fff00000c56a2100, fff00000c56a2120) [ 21.627334] [ 21.627444] The buggy address belongs to the physical page: [ 21.627483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056a2 [ 21.627682] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.627930] page_type: f5(slab) [ 21.628010] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.628148] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.628604] page dumped because: kasan: bad access detected [ 21.628754] [ 21.628881] Memory state around the buggy address: [ 21.628940] fff00000c56a2000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.629005] fff00000c56a2080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.629057] >fff00000c56a2100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.629095] ^ [ 21.629128] fff00000c56a2180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.629174] fff00000c56a2200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.629231] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 21.611368] ================================================================== [ 21.611452] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 21.611576] Read of size 1 at addr fff00000c56a2110 by task kunit_try_catch/259 [ 21.611718] [ 21.611825] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.611948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.612267] Hardware name: linux,dummy-virt (DT) [ 21.612466] Call trace: [ 21.612637] show_stack+0x20/0x38 (C) [ 21.612724] dump_stack_lvl+0x8c/0xd0 [ 21.612909] print_report+0x118/0x608 [ 21.613182] kasan_report+0xdc/0x128 [ 21.613364] __asan_report_load1_noabort+0x20/0x30 [ 21.613506] strcmp+0xc0/0xc8 [ 21.613593] kasan_strings+0x340/0xb00 [ 21.613640] kunit_try_run_case+0x170/0x3f0 [ 21.613854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.614065] kthread+0x328/0x630 [ 21.614144] ret_from_fork+0x10/0x20 [ 21.614313] [ 21.614371] Allocated by task 259: [ 21.614497] kasan_save_stack+0x3c/0x68 [ 21.614574] kasan_save_track+0x20/0x40 [ 21.614782] kasan_save_alloc_info+0x40/0x58 [ 21.615145] __kasan_kmalloc+0xd4/0xd8 [ 21.615307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.615416] kasan_strings+0xc8/0xb00 [ 21.615524] kunit_try_run_case+0x170/0x3f0 [ 21.615614] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.615665] kthread+0x328/0x630 [ 21.615700] ret_from_fork+0x10/0x20 [ 21.615748] [ 21.615937] Freed by task 259: [ 21.616165] kasan_save_stack+0x3c/0x68 [ 21.616317] kasan_save_track+0x20/0x40 [ 21.616395] kasan_save_free_info+0x4c/0x78 [ 21.616547] __kasan_slab_free+0x6c/0x98 [ 21.616637] kfree+0x214/0x3c8 [ 21.616956] kasan_strings+0x24c/0xb00 [ 21.617163] kunit_try_run_case+0x170/0x3f0 [ 21.617326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.617424] kthread+0x328/0x630 [ 21.617562] ret_from_fork+0x10/0x20 [ 21.617661] [ 21.617724] The buggy address belongs to the object at fff00000c56a2100 [ 21.617724] which belongs to the cache kmalloc-32 of size 32 [ 21.617953] The buggy address is located 16 bytes inside of [ 21.617953] freed 32-byte region [fff00000c56a2100, fff00000c56a2120) [ 21.618113] [ 21.618190] The buggy address belongs to the physical page: [ 21.618256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056a2 [ 21.618446] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.618512] page_type: f5(slab) [ 21.618554] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.618608] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.618660] page dumped because: kasan: bad access detected [ 21.618693] [ 21.618726] Memory state around the buggy address: [ 21.618779] fff00000c56a2000: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.618826] fff00000c56a2080: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 21.618871] >fff00000c56a2100: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.618911] ^ [ 21.618941] fff00000c56a2180: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.618984] fff00000c56a2200: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 21.619034] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 21.585626] ================================================================== [ 21.585951] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 21.586047] Read of size 1 at addr fff00000c571ef58 by task kunit_try_catch/257 [ 21.586109] [ 21.586145] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.586520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.586611] Hardware name: linux,dummy-virt (DT) [ 21.586674] Call trace: [ 21.586702] show_stack+0x20/0x38 (C) [ 21.586897] dump_stack_lvl+0x8c/0xd0 [ 21.586953] print_report+0x118/0x608 [ 21.587025] kasan_report+0xdc/0x128 [ 21.587233] __asan_report_load1_noabort+0x20/0x30 [ 21.587424] memcmp+0x198/0x1d8 [ 21.587479] kasan_memcmp+0x16c/0x300 [ 21.587664] kunit_try_run_case+0x170/0x3f0 [ 21.587775] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.588006] kthread+0x328/0x630 [ 21.588261] ret_from_fork+0x10/0x20 [ 21.588462] [ 21.588585] Allocated by task 257: [ 21.588677] kasan_save_stack+0x3c/0x68 [ 21.588766] kasan_save_track+0x20/0x40 [ 21.589011] kasan_save_alloc_info+0x40/0x58 [ 21.589182] __kasan_kmalloc+0xd4/0xd8 [ 21.589369] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.589601] kasan_memcmp+0xbc/0x300 [ 21.589646] kunit_try_run_case+0x170/0x3f0 [ 21.589902] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.590210] kthread+0x328/0x630 [ 21.590385] ret_from_fork+0x10/0x20 [ 21.590477] [ 21.590608] The buggy address belongs to the object at fff00000c571ef40 [ 21.590608] which belongs to the cache kmalloc-32 of size 32 [ 21.590996] The buggy address is located 0 bytes to the right of [ 21.590996] allocated 24-byte region [fff00000c571ef40, fff00000c571ef58) [ 21.591236] [ 21.591364] The buggy address belongs to the physical page: [ 21.591494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10571e [ 21.591588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.591640] page_type: f5(slab) [ 21.592005] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 21.592274] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 21.592412] page dumped because: kasan: bad access detected [ 21.592470] [ 21.592604] Memory state around the buggy address: [ 21.592663] fff00000c571ee00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.593143] fff00000c571ee80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 21.593307] >fff00000c571ef00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 21.593529] ^ [ 21.593885] fff00000c571ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.594071] fff00000c571f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.594116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 21.557083] ================================================================== [ 21.557143] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 21.557197] Read of size 1 at addr ffff800080a57b4a by task kunit_try_catch/253 [ 21.557248] [ 21.557278] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.557360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.557387] Hardware name: linux,dummy-virt (DT) [ 21.557419] Call trace: [ 21.557443] show_stack+0x20/0x38 (C) [ 21.557491] dump_stack_lvl+0x8c/0xd0 [ 21.557538] print_report+0x310/0x608 [ 21.557586] kasan_report+0xdc/0x128 [ 21.557630] __asan_report_load1_noabort+0x20/0x30 [ 21.557683] kasan_alloca_oob_right+0x2dc/0x340 [ 21.557857] kunit_try_run_case+0x170/0x3f0 [ 21.557915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.559337] kthread+0x328/0x630 [ 21.559526] ret_from_fork+0x10/0x20 [ 21.559683] [ 21.559740] The buggy address belongs to stack of task kunit_try_catch/253 [ 21.559820] [ 21.559847] The buggy address belongs to the virtual mapping at [ 21.559847] [ffff800080a50000, ffff800080a59000) created by: [ 21.559847] kernel_clone+0x150/0x7a8 [ 21.560342] [ 21.560379] The buggy address belongs to the physical page: [ 21.560656] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c6481948 pfn:0x106481 [ 21.560961] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.561366] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.561461] raw: fff00000c6481948 0000000000000000 00000001ffffffff 0000000000000000 [ 21.561562] page dumped because: kasan: bad access detected [ 21.561687] [ 21.561707] Memory state around the buggy address: [ 21.562418] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.562522] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.562649] >ffff800080a57b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 21.562766] ^ [ 21.562840] ffff800080a57b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.562947] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.563123] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 21.548461] ================================================================== [ 21.548671] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 21.548754] Read of size 1 at addr ffff800080a57b5f by task kunit_try_catch/251 [ 21.548808] [ 21.548908] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.548998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.549051] Hardware name: linux,dummy-virt (DT) [ 21.549086] Call trace: [ 21.549120] show_stack+0x20/0x38 (C) [ 21.549174] dump_stack_lvl+0x8c/0xd0 [ 21.549232] print_report+0x310/0x608 [ 21.549281] kasan_report+0xdc/0x128 [ 21.549328] __asan_report_load1_noabort+0x20/0x30 [ 21.549382] kasan_alloca_oob_left+0x2b8/0x310 [ 21.549430] kunit_try_run_case+0x170/0x3f0 [ 21.549489] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.549545] kthread+0x328/0x630 [ 21.549588] ret_from_fork+0x10/0x20 [ 21.549645] [ 21.549669] The buggy address belongs to stack of task kunit_try_catch/251 [ 21.549753] [ 21.549779] The buggy address belongs to the virtual mapping at [ 21.549779] [ffff800080a50000, ffff800080a59000) created by: [ 21.549779] kernel_clone+0x150/0x7a8 [ 21.549857] [ 21.549879] The buggy address belongs to the physical page: [ 21.549912] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c6481948 pfn:0x106481 [ 21.549990] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.550071] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.550128] raw: fff00000c6481948 0000000000000000 00000001ffffffff 0000000000000000 [ 21.550170] page dumped because: kasan: bad access detected [ 21.550201] [ 21.550220] Memory state around the buggy address: [ 21.550255] ffff800080a57a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.550299] ffff800080a57a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.550342] >ffff800080a57b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 21.550381] ^ [ 21.550420] ffff800080a57b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 21.550464] ffff800080a57c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.550506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 21.528292] ================================================================== [ 21.528698] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 21.528904] Read of size 1 at addr ffff800080a57c2a by task kunit_try_catch/249 [ 21.528957] [ 21.529125] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.529212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.529316] Hardware name: linux,dummy-virt (DT) [ 21.529364] Call trace: [ 21.529434] show_stack+0x20/0x38 (C) [ 21.529486] dump_stack_lvl+0x8c/0xd0 [ 21.529683] print_report+0x310/0x608 [ 21.529917] kasan_report+0xdc/0x128 [ 21.529990] __asan_report_load1_noabort+0x20/0x30 [ 21.530041] kasan_stack_oob+0x238/0x270 [ 21.530180] kunit_try_run_case+0x170/0x3f0 [ 21.530264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.530318] kthread+0x328/0x630 [ 21.530412] ret_from_fork+0x10/0x20 [ 21.530670] [ 21.530765] The buggy address belongs to stack of task kunit_try_catch/249 [ 21.530876] and is located at offset 138 in frame: [ 21.531244] kasan_stack_oob+0x0/0x270 [ 21.531604] [ 21.531769] This frame has 4 objects: [ 21.532448] [48, 49) '__assertion' [ 21.532787] [64, 72) 'array' [ 21.533172] [96, 112) '__assertion' [ 21.533446] [128, 138) 'stack_array' [ 21.533638] [ 21.533767] The buggy address belongs to the virtual mapping at [ 21.533767] [ffff800080a50000, ffff800080a59000) created by: [ 21.533767] kernel_clone+0x150/0x7a8 [ 21.533893] [ 21.533956] The buggy address belongs to the physical page: [ 21.534129] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xfff00000c6481948 pfn:0x106481 [ 21.534196] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.534304] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.534449] raw: fff00000c6481948 0000000000000000 00000001ffffffff 0000000000000000 [ 21.534545] page dumped because: kasan: bad access detected [ 21.534723] [ 21.534754] Memory state around the buggy address: [ 21.534818] ffff800080a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.534871] ffff800080a57b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 21.534916] >ffff800080a57c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 21.534956] ^ [ 21.534991] ffff800080a57c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 21.535053] ffff800080a57d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 21.535094] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 21.499468] ================================================================== [ 21.499531] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 21.499932] Read of size 1 at addr ffff9d16efb4f58d by task kunit_try_catch/245 [ 21.500186] [ 21.500295] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.500477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.500506] Hardware name: linux,dummy-virt (DT) [ 21.500567] Call trace: [ 21.500590] show_stack+0x20/0x38 (C) [ 21.500780] dump_stack_lvl+0x8c/0xd0 [ 21.500969] print_report+0x310/0x608 [ 21.501021] kasan_report+0xdc/0x128 [ 21.501504] __asan_report_load1_noabort+0x20/0x30 [ 21.501631] kasan_global_oob_right+0x230/0x270 [ 21.501855] kunit_try_run_case+0x170/0x3f0 [ 21.501932] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.502160] kthread+0x328/0x630 [ 21.502349] ret_from_fork+0x10/0x20 [ 21.502461] [ 21.502720] The buggy address belongs to the variable: [ 21.502963] global_array+0xd/0x40 [ 21.503206] [ 21.503986] The buggy address belongs to the virtual mapping at [ 21.503986] [ffff9d16edd00000, ffff9d16efc01000) created by: [ 21.503986] paging_init+0x66c/0x7d0 [ 21.504208] [ 21.505144] The buggy address belongs to the physical page: [ 21.505229] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 21.505304] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 21.505380] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 21.505573] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.505660] page dumped because: kasan: bad access detected [ 21.506216] [ 21.506241] Memory state around the buggy address: [ 21.506425] ffff9d16efb4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.506687] ffff9d16efb4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 21.507040] >ffff9d16efb4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 21.507100] ^ [ 21.507379] ffff9d16efb4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 21.507483] ffff9d16efb4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.507533] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.457514] ================================================================== [ 21.457599] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.457834] Free of addr fff00000c5713a01 by task kunit_try_catch/241 [ 21.458063] [ 21.458110] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.458351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.458408] Hardware name: linux,dummy-virt (DT) [ 21.458521] Call trace: [ 21.458550] show_stack+0x20/0x38 (C) [ 21.458621] dump_stack_lvl+0x8c/0xd0 [ 21.458688] print_report+0x118/0x608 [ 21.458746] kasan_report_invalid_free+0xc0/0xe8 [ 21.459141] check_slab_allocation+0xfc/0x108 [ 21.459215] __kasan_mempool_poison_object+0x78/0x150 [ 21.459269] mempool_free+0x28c/0x328 [ 21.459762] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.459896] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.459971] kunit_try_run_case+0x170/0x3f0 [ 21.460023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.460075] kthread+0x328/0x630 [ 21.460467] ret_from_fork+0x10/0x20 [ 21.460598] [ 21.460637] Allocated by task 241: [ 21.460665] kasan_save_stack+0x3c/0x68 [ 21.460720] kasan_save_track+0x20/0x40 [ 21.460772] kasan_save_alloc_info+0x40/0x58 [ 21.460813] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.460855] remove_element+0x130/0x1f8 [ 21.460894] mempool_alloc_preallocated+0x58/0xc0 [ 21.460936] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 21.460992] mempool_kmalloc_invalid_free+0xc0/0x118 [ 21.461034] kunit_try_run_case+0x170/0x3f0 [ 21.461084] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.461125] kthread+0x328/0x630 [ 21.461178] ret_from_fork+0x10/0x20 [ 21.461242] [ 21.461261] The buggy address belongs to the object at fff00000c5713a00 [ 21.461261] which belongs to the cache kmalloc-128 of size 128 [ 21.461414] The buggy address is located 1 bytes inside of [ 21.461414] 128-byte region [fff00000c5713a00, fff00000c5713a80) [ 21.461918] [ 21.462001] The buggy address belongs to the physical page: [ 21.462082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 21.462256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.462394] page_type: f5(slab) [ 21.462436] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.462508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.463323] page dumped because: kasan: bad access detected [ 21.463816] [ 21.463890] Memory state around the buggy address: [ 21.463991] fff00000c5713900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.464135] fff00000c5713980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.464202] >fff00000c5713a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.464396] ^ [ 21.464439] fff00000c5713a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.464662] fff00000c5713b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.464851] ================================================================== [ 21.480865] ================================================================== [ 21.480928] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.480983] Free of addr fff00000c78dc001 by task kunit_try_catch/243 [ 21.481320] [ 21.481366] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.481571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.481608] Hardware name: linux,dummy-virt (DT) [ 21.481765] Call trace: [ 21.481992] show_stack+0x20/0x38 (C) [ 21.482089] dump_stack_lvl+0x8c/0xd0 [ 21.482448] print_report+0x118/0x608 [ 21.482516] kasan_report_invalid_free+0xc0/0xe8 [ 21.482567] __kasan_mempool_poison_object+0xfc/0x150 [ 21.482763] mempool_free+0x28c/0x328 [ 21.482943] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 21.483004] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 21.483232] kunit_try_run_case+0x170/0x3f0 [ 21.483304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.483357] kthread+0x328/0x630 [ 21.483541] ret_from_fork+0x10/0x20 [ 21.483995] [ 21.484037] The buggy address belongs to the physical page: [ 21.484081] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 21.484564] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.484693] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.484824] page_type: f8(unknown) [ 21.485191] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.485277] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.485426] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.485514] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.485879] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 21.486058] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.486103] page dumped because: kasan: bad access detected [ 21.486314] [ 21.486436] Memory state around the buggy address: [ 21.486728] fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.486783] fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.487229] >fff00000c78dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.487323] ^ [ 21.487353] fff00000c78dc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.487417] fff00000c78dc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.487820] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.438546] ================================================================== [ 21.438611] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.439497] Free of addr fff00000c78dc000 by task kunit_try_catch/239 [ 21.439631] [ 21.439678] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.440127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.440179] Hardware name: linux,dummy-virt (DT) [ 21.440421] Call trace: [ 21.440498] show_stack+0x20/0x38 (C) [ 21.440671] dump_stack_lvl+0x8c/0xd0 [ 21.441321] print_report+0x118/0x608 [ 21.441579] kasan_report_invalid_free+0xc0/0xe8 [ 21.441765] __kasan_mempool_poison_pages+0xe0/0xe8 [ 21.441890] mempool_free+0x24c/0x328 [ 21.441943] mempool_double_free_helper+0x150/0x2e8 [ 21.442388] mempool_page_alloc_double_free+0xbc/0x118 [ 21.442454] kunit_try_run_case+0x170/0x3f0 [ 21.442669] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.443006] kthread+0x328/0x630 [ 21.443060] ret_from_fork+0x10/0x20 [ 21.443460] [ 21.443730] The buggy address belongs to the physical page: [ 21.443931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 21.444191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.444415] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.444522] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.444784] page dumped because: kasan: bad access detected [ 21.444981] [ 21.445003] Memory state around the buggy address: [ 21.445084] fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.445467] fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.445858] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.445929] ^ [ 21.446081] fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.446164] fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.446367] ================================================================== [ 21.404972] ================================================================== [ 21.405034] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.405086] Free of addr fff00000c5713600 by task kunit_try_catch/235 [ 21.405128] [ 21.405452] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.406043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.406323] Hardware name: linux,dummy-virt (DT) [ 21.406421] Call trace: [ 21.406547] show_stack+0x20/0x38 (C) [ 21.406677] dump_stack_lvl+0x8c/0xd0 [ 21.406914] print_report+0x118/0x608 [ 21.407367] kasan_report_invalid_free+0xc0/0xe8 [ 21.407423] check_slab_allocation+0xd4/0x108 [ 21.407497] __kasan_mempool_poison_object+0x78/0x150 [ 21.407549] mempool_free+0x28c/0x328 [ 21.407603] mempool_double_free_helper+0x150/0x2e8 [ 21.407799] mempool_kmalloc_double_free+0xc0/0x118 [ 21.407872] kunit_try_run_case+0x170/0x3f0 [ 21.407922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.407976] kthread+0x328/0x630 [ 21.408015] ret_from_fork+0x10/0x20 [ 21.408064] [ 21.408082] Allocated by task 235: [ 21.408119] kasan_save_stack+0x3c/0x68 [ 21.408172] kasan_save_track+0x20/0x40 [ 21.408210] kasan_save_alloc_info+0x40/0x58 [ 21.408555] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.408602] remove_element+0x130/0x1f8 [ 21.408638] mempool_alloc_preallocated+0x58/0xc0 [ 21.408674] mempool_double_free_helper+0x94/0x2e8 [ 21.409026] mempool_kmalloc_double_free+0xc0/0x118 [ 21.409134] kunit_try_run_case+0x170/0x3f0 [ 21.409212] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.409303] kthread+0x328/0x630 [ 21.409336] ret_from_fork+0x10/0x20 [ 21.409372] [ 21.409390] Freed by task 235: [ 21.409462] kasan_save_stack+0x3c/0x68 [ 21.409519] kasan_save_track+0x20/0x40 [ 21.409588] kasan_save_free_info+0x4c/0x78 [ 21.409671] __kasan_mempool_poison_object+0xc0/0x150 [ 21.409731] mempool_free+0x28c/0x328 [ 21.409765] mempool_double_free_helper+0x100/0x2e8 [ 21.409804] mempool_kmalloc_double_free+0xc0/0x118 [ 21.409842] kunit_try_run_case+0x170/0x3f0 [ 21.410088] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.410139] kthread+0x328/0x630 [ 21.410242] ret_from_fork+0x10/0x20 [ 21.410280] [ 21.410299] The buggy address belongs to the object at fff00000c5713600 [ 21.410299] which belongs to the cache kmalloc-128 of size 128 [ 21.410593] The buggy address is located 0 bytes inside of [ 21.410593] 128-byte region [fff00000c5713600, fff00000c5713680) [ 21.410666] [ 21.410684] The buggy address belongs to the physical page: [ 21.410735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 21.410788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.410984] page_type: f5(slab) [ 21.411186] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.411306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.411393] page dumped because: kasan: bad access detected [ 21.411483] [ 21.411705] Memory state around the buggy address: [ 21.411755] fff00000c5713500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.411800] fff00000c5713580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.411844] >fff00000c5713600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.412692] ^ [ 21.413068] fff00000c5713680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.413328] fff00000c5713700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.413448] ================================================================== [ 21.422133] ================================================================== [ 21.422424] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 21.422524] Free of addr fff00000c78dc000 by task kunit_try_catch/237 [ 21.422568] [ 21.422790] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.423020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.423054] Hardware name: linux,dummy-virt (DT) [ 21.423112] Call trace: [ 21.423137] show_stack+0x20/0x38 (C) [ 21.423188] dump_stack_lvl+0x8c/0xd0 [ 21.423500] print_report+0x118/0x608 [ 21.423578] kasan_report_invalid_free+0xc0/0xe8 [ 21.423627] __kasan_mempool_poison_object+0x14c/0x150 [ 21.423695] mempool_free+0x28c/0x328 [ 21.423979] mempool_double_free_helper+0x150/0x2e8 [ 21.424141] mempool_kmalloc_large_double_free+0xc0/0x118 [ 21.424238] kunit_try_run_case+0x170/0x3f0 [ 21.424472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.424532] kthread+0x328/0x630 [ 21.424572] ret_from_fork+0x10/0x20 [ 21.424772] [ 21.425014] The buggy address belongs to the physical page: [ 21.425093] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc [ 21.425149] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.425196] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.425250] page_type: f8(unknown) [ 21.425825] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.426076] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.427255] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.427466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.427622] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff [ 21.427912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.427981] page dumped because: kasan: bad access detected [ 21.428012] [ 21.428031] Memory state around the buggy address: [ 21.428259] fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.428341] fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.428662] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.428861] ^ [ 21.428896] fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.429133] fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.429201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.344583] ================================================================== [ 21.344651] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.344769] Read of size 1 at addr fff00000c78d8000 by task kunit_try_catch/229 [ 21.344824] [ 21.344906] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.345114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.345142] Hardware name: linux,dummy-virt (DT) [ 21.345172] Call trace: [ 21.345194] show_stack+0x20/0x38 (C) [ 21.345241] dump_stack_lvl+0x8c/0xd0 [ 21.345287] print_report+0x118/0x608 [ 21.345337] kasan_report+0xdc/0x128 [ 21.345569] __asan_report_load1_noabort+0x20/0x30 [ 21.345727] mempool_uaf_helper+0x314/0x340 [ 21.345905] mempool_kmalloc_large_uaf+0xc4/0x120 [ 21.346060] kunit_try_run_case+0x170/0x3f0 [ 21.346116] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.346181] kthread+0x328/0x630 [ 21.346226] ret_from_fork+0x10/0x20 [ 21.346451] [ 21.346471] The buggy address belongs to the physical page: [ 21.346508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 21.346568] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.347151] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.347222] page_type: f8(unknown) [ 21.347263] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.347762] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.347819] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.347867] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.347916] head: 0bfffe0000000002 ffffc1ffc31e3601 00000000ffffffff 00000000ffffffff [ 21.348377] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.348734] page dumped because: kasan: bad access detected [ 21.348954] [ 21.349047] Memory state around the buggy address: [ 21.349090] fff00000c78d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.349141] fff00000c78d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.349556] >fff00000c78d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.349616] ^ [ 21.349646] fff00000c78d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.349688] fff00000c78d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.349748] ================================================================== [ 21.393145] ================================================================== [ 21.393208] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.393279] Read of size 1 at addr fff00000c78d8000 by task kunit_try_catch/233 [ 21.393498] [ 21.393557] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.393648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.393822] Hardware name: linux,dummy-virt (DT) [ 21.393976] Call trace: [ 21.393999] show_stack+0x20/0x38 (C) [ 21.394054] dump_stack_lvl+0x8c/0xd0 [ 21.394142] print_report+0x118/0x608 [ 21.394341] kasan_report+0xdc/0x128 [ 21.394385] __asan_report_load1_noabort+0x20/0x30 [ 21.394436] mempool_uaf_helper+0x314/0x340 [ 21.394481] mempool_page_alloc_uaf+0xc0/0x118 [ 21.394526] kunit_try_run_case+0x170/0x3f0 [ 21.394573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.394623] kthread+0x328/0x630 [ 21.394672] ret_from_fork+0x10/0x20 [ 21.394755] [ 21.394776] The buggy address belongs to the physical page: [ 21.394809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8 [ 21.394862] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.394925] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.394974] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.395014] page dumped because: kasan: bad access detected [ 21.395043] [ 21.395117] Memory state around the buggy address: [ 21.395226] fff00000c78d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.395630] fff00000c78d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.395752] >fff00000c78d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.395944] ^ [ 21.395976] fff00000c78d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.396017] fff00000c78d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.396055] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.360833] ================================================================== [ 21.361228] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.361281] Read of size 1 at addr fff00000c571e240 by task kunit_try_catch/231 [ 21.361332] [ 21.361363] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.361445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.361471] Hardware name: linux,dummy-virt (DT) [ 21.361501] Call trace: [ 21.361524] show_stack+0x20/0x38 (C) [ 21.361571] dump_stack_lvl+0x8c/0xd0 [ 21.361617] print_report+0x118/0x608 [ 21.361660] kasan_report+0xdc/0x128 [ 21.361703] __asan_report_load1_noabort+0x20/0x30 [ 21.361765] mempool_uaf_helper+0x314/0x340 [ 21.361820] mempool_slab_uaf+0xc0/0x118 [ 21.361865] kunit_try_run_case+0x170/0x3f0 [ 21.361914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.362381] kthread+0x328/0x630 [ 21.362450] ret_from_fork+0x10/0x20 [ 21.362540] [ 21.362621] Allocated by task 231: [ 21.362648] kasan_save_stack+0x3c/0x68 [ 21.362829] kasan_save_track+0x20/0x40 [ 21.362994] kasan_save_alloc_info+0x40/0x58 [ 21.363089] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.363416] remove_element+0x16c/0x1f8 [ 21.363565] mempool_alloc_preallocated+0x58/0xc0 [ 21.363603] mempool_uaf_helper+0xa4/0x340 [ 21.363663] mempool_slab_uaf+0xc0/0x118 [ 21.363698] kunit_try_run_case+0x170/0x3f0 [ 21.363746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.363804] kthread+0x328/0x630 [ 21.363837] ret_from_fork+0x10/0x20 [ 21.364165] [ 21.364187] Freed by task 231: [ 21.364242] kasan_save_stack+0x3c/0x68 [ 21.364320] kasan_save_track+0x20/0x40 [ 21.364428] kasan_save_free_info+0x4c/0x78 [ 21.364469] __kasan_mempool_poison_object+0xc0/0x150 [ 21.364539] mempool_free+0x28c/0x328 [ 21.364609] mempool_uaf_helper+0x104/0x340 [ 21.364645] mempool_slab_uaf+0xc0/0x118 [ 21.364868] kunit_try_run_case+0x170/0x3f0 [ 21.364905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.364987] kthread+0x328/0x630 [ 21.365069] ret_from_fork+0x10/0x20 [ 21.365159] [ 21.365241] The buggy address belongs to the object at fff00000c571e240 [ 21.365241] which belongs to the cache test_cache of size 123 [ 21.365324] The buggy address is located 0 bytes inside of [ 21.365324] freed 123-byte region [fff00000c571e240, fff00000c571e2bb) [ 21.365545] [ 21.365587] The buggy address belongs to the physical page: [ 21.365685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10571e [ 21.365746] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.365793] page_type: f5(slab) [ 21.365831] raw: 0bfffe0000000000 fff00000c5cfe8c0 dead000000000122 0000000000000000 [ 21.365880] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.365920] page dumped because: kasan: bad access detected [ 21.365951] [ 21.366109] Memory state around the buggy address: [ 21.366144] fff00000c571e100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.366608] fff00000c571e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.366666] >fff00000c571e200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.366704] ^ [ 21.366750] fff00000c571e280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.366791] fff00000c571e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.366840] ================================================================== [ 21.328679] ================================================================== [ 21.328771] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 21.328839] Read of size 1 at addr fff00000c5713200 by task kunit_try_catch/227 [ 21.328888] [ 21.328927] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.329010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.329038] Hardware name: linux,dummy-virt (DT) [ 21.329069] Call trace: [ 21.329094] show_stack+0x20/0x38 (C) [ 21.329145] dump_stack_lvl+0x8c/0xd0 [ 21.329193] print_report+0x118/0x608 [ 21.329240] kasan_report+0xdc/0x128 [ 21.329283] __asan_report_load1_noabort+0x20/0x30 [ 21.329333] mempool_uaf_helper+0x314/0x340 [ 21.329377] mempool_kmalloc_uaf+0xc4/0x120 [ 21.329423] kunit_try_run_case+0x170/0x3f0 [ 21.329469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.329521] kthread+0x328/0x630 [ 21.329562] ret_from_fork+0x10/0x20 [ 21.329610] [ 21.329629] Allocated by task 227: [ 21.329658] kasan_save_stack+0x3c/0x68 [ 21.329698] kasan_save_track+0x20/0x40 [ 21.329748] kasan_save_alloc_info+0x40/0x58 [ 21.329787] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.329830] remove_element+0x130/0x1f8 [ 21.329867] mempool_alloc_preallocated+0x58/0xc0 [ 21.329904] mempool_uaf_helper+0xa4/0x340 [ 21.329942] mempool_kmalloc_uaf+0xc4/0x120 [ 21.329977] kunit_try_run_case+0x170/0x3f0 [ 21.330015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.330058] kthread+0x328/0x630 [ 21.330090] ret_from_fork+0x10/0x20 [ 21.330126] [ 21.330144] Freed by task 227: [ 21.330169] kasan_save_stack+0x3c/0x68 [ 21.330207] kasan_save_track+0x20/0x40 [ 21.330243] kasan_save_free_info+0x4c/0x78 [ 21.330283] __kasan_mempool_poison_object+0xc0/0x150 [ 21.330326] mempool_free+0x28c/0x328 [ 21.330358] mempool_uaf_helper+0x104/0x340 [ 21.330395] mempool_kmalloc_uaf+0xc4/0x120 [ 21.330432] kunit_try_run_case+0x170/0x3f0 [ 21.330470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.330512] kthread+0x328/0x630 [ 21.330543] ret_from_fork+0x10/0x20 [ 21.330579] [ 21.330598] The buggy address belongs to the object at fff00000c5713200 [ 21.330598] which belongs to the cache kmalloc-128 of size 128 [ 21.330659] The buggy address is located 0 bytes inside of [ 21.330659] freed 128-byte region [fff00000c5713200, fff00000c5713280) [ 21.330729] [ 21.330750] The buggy address belongs to the physical page: [ 21.330781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 21.330836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.330886] page_type: f5(slab) [ 21.330926] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.330977] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.331018] page dumped because: kasan: bad access detected [ 21.331050] [ 21.331068] Memory state around the buggy address: [ 21.331101] fff00000c5713100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.331144] fff00000c5713180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.331187] >fff00000c5713200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.331225] ^ [ 21.331253] fff00000c5713280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.331295] fff00000c5713300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.331332] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.238651] ================================================================== [ 21.238750] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.238828] Read of size 1 at addr fff00000c5ff5e73 by task kunit_try_catch/221 [ 21.238879] [ 21.238922] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.239011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.239037] Hardware name: linux,dummy-virt (DT) [ 21.239072] Call trace: [ 21.239096] show_stack+0x20/0x38 (C) [ 21.239148] dump_stack_lvl+0x8c/0xd0 [ 21.239199] print_report+0x118/0x608 [ 21.239245] kasan_report+0xdc/0x128 [ 21.239288] __asan_report_load1_noabort+0x20/0x30 [ 21.239340] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.239387] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.239435] kunit_try_run_case+0x170/0x3f0 [ 21.239581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.239634] kthread+0x328/0x630 [ 21.239678] ret_from_fork+0x10/0x20 [ 21.239745] [ 21.239764] Allocated by task 221: [ 21.239795] kasan_save_stack+0x3c/0x68 [ 21.239838] kasan_save_track+0x20/0x40 [ 21.239877] kasan_save_alloc_info+0x40/0x58 [ 21.239916] __kasan_mempool_unpoison_object+0x11c/0x180 [ 21.239961] remove_element+0x130/0x1f8 [ 21.239999] mempool_alloc_preallocated+0x58/0xc0 [ 21.240039] mempool_oob_right_helper+0x98/0x2f0 [ 21.240079] mempool_kmalloc_oob_right+0xc4/0x120 [ 21.240125] kunit_try_run_case+0x170/0x3f0 [ 21.240164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.240208] kthread+0x328/0x630 [ 21.240241] ret_from_fork+0x10/0x20 [ 21.240277] [ 21.240297] The buggy address belongs to the object at fff00000c5ff5e00 [ 21.240297] which belongs to the cache kmalloc-128 of size 128 [ 21.240358] The buggy address is located 0 bytes to the right of [ 21.240358] allocated 115-byte region [fff00000c5ff5e00, fff00000c5ff5e73) [ 21.240423] [ 21.240444] The buggy address belongs to the physical page: [ 21.240478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff5 [ 21.240531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.240585] page_type: f5(slab) [ 21.240627] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 21.240678] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.240729] page dumped because: kasan: bad access detected [ 21.240762] [ 21.240780] Memory state around the buggy address: [ 21.240817] fff00000c5ff5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.240860] fff00000c5ff5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.240902] >fff00000c5ff5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.240938] ^ [ 21.240977] fff00000c5ff5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.241019] fff00000c5ff5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.241057] ================================================================== [ 21.279553] ================================================================== [ 21.279629] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.279683] Read of size 1 at addr fff00000c57132bb by task kunit_try_catch/225 [ 21.279745] [ 21.279779] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.279861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.279886] Hardware name: linux,dummy-virt (DT) [ 21.279917] Call trace: [ 21.279938] show_stack+0x20/0x38 (C) [ 21.279986] dump_stack_lvl+0x8c/0xd0 [ 21.280177] print_report+0x118/0x608 [ 21.280504] kasan_report+0xdc/0x128 [ 21.280969] __asan_report_load1_noabort+0x20/0x30 [ 21.281318] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.281413] mempool_slab_oob_right+0xc0/0x118 [ 21.281477] kunit_try_run_case+0x170/0x3f0 [ 21.282036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.282141] kthread+0x328/0x630 [ 21.282323] ret_from_fork+0x10/0x20 [ 21.282737] [ 21.282820] Allocated by task 225: [ 21.283204] kasan_save_stack+0x3c/0x68 [ 21.283309] kasan_save_track+0x20/0x40 [ 21.283345] kasan_save_alloc_info+0x40/0x58 [ 21.283385] __kasan_mempool_unpoison_object+0xbc/0x180 [ 21.283427] remove_element+0x16c/0x1f8 [ 21.284181] mempool_alloc_preallocated+0x58/0xc0 [ 21.284740] mempool_oob_right_helper+0x98/0x2f0 [ 21.284791] mempool_slab_oob_right+0xc0/0x118 [ 21.284831] kunit_try_run_case+0x170/0x3f0 [ 21.284869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.284911] kthread+0x328/0x630 [ 21.285663] ret_from_fork+0x10/0x20 [ 21.286510] [ 21.286538] The buggy address belongs to the object at fff00000c5713240 [ 21.286538] which belongs to the cache test_cache of size 123 [ 21.286601] The buggy address is located 0 bytes to the right of [ 21.286601] allocated 123-byte region [fff00000c5713240, fff00000c57132bb) [ 21.287161] [ 21.287370] The buggy address belongs to the physical page: [ 21.287784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713 [ 21.287974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.288031] page_type: f5(slab) [ 21.288499] raw: 0bfffe0000000000 fff00000c5cfe780 dead000000000122 0000000000000000 [ 21.288556] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.288598] page dumped because: kasan: bad access detected [ 21.288631] [ 21.288650] Memory state around the buggy address: [ 21.288683] fff00000c5713180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.288738] fff00000c5713200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.288780] >fff00000c5713280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.290016] ^ [ 21.290573] fff00000c5713300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.290647] fff00000c5713380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.290688] ================================================================== [ 21.252536] ================================================================== [ 21.252851] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 21.252926] Read of size 1 at addr fff00000c77ba001 by task kunit_try_catch/223 [ 21.253146] [ 21.253180] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.253269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.253294] Hardware name: linux,dummy-virt (DT) [ 21.253324] Call trace: [ 21.253346] show_stack+0x20/0x38 (C) [ 21.253395] dump_stack_lvl+0x8c/0xd0 [ 21.253440] print_report+0x118/0x608 [ 21.253485] kasan_report+0xdc/0x128 [ 21.253529] __asan_report_load1_noabort+0x20/0x30 [ 21.253891] mempool_oob_right_helper+0x2ac/0x2f0 [ 21.253972] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 21.254414] kunit_try_run_case+0x170/0x3f0 [ 21.254604] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.254791] kthread+0x328/0x630 [ 21.254832] ret_from_fork+0x10/0x20 [ 21.254878] [ 21.254900] The buggy address belongs to the physical page: [ 21.254932] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b8 [ 21.254986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.255416] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 21.255789] page_type: f8(unknown) [ 21.255950] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.256018] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.256074] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.256129] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.256178] head: 0bfffe0000000002 ffffc1ffc31dee01 00000000ffffffff 00000000ffffffff [ 21.256227] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.256670] page dumped because: kasan: bad access detected [ 21.256812] [ 21.256834] Memory state around the buggy address: [ 21.256868] fff00000c77b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.257374] fff00000c77b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.257430] >fff00000c77ba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.257467] ^ [ 21.257621] fff00000c77ba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.257663] fff00000c77ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.257912] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 20.686236] ================================================================== [ 20.686322] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 20.686394] Read of size 1 at addr fff00000c563c780 by task kunit_try_catch/215 [ 20.686445] [ 20.686484] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.686571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.686597] Hardware name: linux,dummy-virt (DT) [ 20.686631] Call trace: [ 20.686654] show_stack+0x20/0x38 (C) [ 20.686705] dump_stack_lvl+0x8c/0xd0 [ 20.686771] print_report+0x118/0x608 [ 20.686818] kasan_report+0xdc/0x128 [ 20.686863] __kasan_check_byte+0x54/0x70 [ 20.686908] kmem_cache_destroy+0x34/0x218 [ 20.686957] kmem_cache_double_destroy+0x174/0x300 [ 20.687006] kunit_try_run_case+0x170/0x3f0 [ 20.687053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.687106] kthread+0x328/0x630 [ 20.687147] ret_from_fork+0x10/0x20 [ 20.687194] [ 20.687213] Allocated by task 215: [ 20.687242] kasan_save_stack+0x3c/0x68 [ 20.687283] kasan_save_track+0x20/0x40 [ 20.687321] kasan_save_alloc_info+0x40/0x58 [ 20.687363] __kasan_slab_alloc+0xa8/0xb0 [ 20.687401] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.687442] __kmem_cache_create_args+0x178/0x280 [ 20.687495] kmem_cache_double_destroy+0xc0/0x300 [ 20.687535] kunit_try_run_case+0x170/0x3f0 [ 20.687573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.687616] kthread+0x328/0x630 [ 20.687650] ret_from_fork+0x10/0x20 [ 20.687685] [ 20.687703] Freed by task 215: [ 20.687740] kasan_save_stack+0x3c/0x68 [ 20.687777] kasan_save_track+0x20/0x40 [ 20.687815] kasan_save_free_info+0x4c/0x78 [ 20.687855] __kasan_slab_free+0x6c/0x98 [ 20.687892] kmem_cache_free+0x260/0x468 [ 20.687930] slab_kmem_cache_release+0x38/0x50 [ 20.687970] kmem_cache_release+0x1c/0x30 [ 20.688006] kobject_put+0x17c/0x420 [ 20.688043] sysfs_slab_release+0x1c/0x30 [ 20.688080] kmem_cache_destroy+0x118/0x218 [ 20.688122] kmem_cache_double_destroy+0x128/0x300 [ 20.688162] kunit_try_run_case+0x170/0x3f0 [ 20.688199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.688244] kthread+0x328/0x630 [ 20.688277] ret_from_fork+0x10/0x20 [ 20.688311] [ 20.688330] The buggy address belongs to the object at fff00000c563c780 [ 20.688330] which belongs to the cache kmem_cache of size 208 [ 20.688387] The buggy address is located 0 bytes inside of [ 20.688387] freed 208-byte region [fff00000c563c780, fff00000c563c850) [ 20.688448] [ 20.688470] The buggy address belongs to the physical page: [ 20.688501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10563c [ 20.688557] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.688607] page_type: f5(slab) [ 20.688650] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 20.688700] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 20.688749] page dumped because: kasan: bad access detected [ 20.688781] [ 20.688799] Memory state around the buggy address: [ 20.688833] fff00000c563c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.688876] fff00000c563c700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.688919] >fff00000c563c780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.688955] ^ [ 20.688983] fff00000c563c800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 20.689026] fff00000c563c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.689065] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 20.436049] ================================================================== [ 20.436158] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 20.436232] Read of size 1 at addr fff00000c6470000 by task kunit_try_catch/213 [ 20.436284] [ 20.436325] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.436410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.436437] Hardware name: linux,dummy-virt (DT) [ 20.436472] Call trace: [ 20.436495] show_stack+0x20/0x38 (C) [ 20.436547] dump_stack_lvl+0x8c/0xd0 [ 20.436599] print_report+0x118/0x608 [ 20.436645] kasan_report+0xdc/0x128 [ 20.436690] __asan_report_load1_noabort+0x20/0x30 [ 20.436752] kmem_cache_rcu_uaf+0x388/0x468 [ 20.436811] kunit_try_run_case+0x170/0x3f0 [ 20.436860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.436912] kthread+0x328/0x630 [ 20.436955] ret_from_fork+0x10/0x20 [ 20.437004] [ 20.437022] Allocated by task 213: [ 20.437049] kasan_save_stack+0x3c/0x68 [ 20.437090] kasan_save_track+0x20/0x40 [ 20.437126] kasan_save_alloc_info+0x40/0x58 [ 20.437164] __kasan_slab_alloc+0xa8/0xb0 [ 20.437200] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.437377] kmem_cache_rcu_uaf+0x12c/0x468 [ 20.440583] kunit_try_run_case+0x170/0x3f0 [ 20.440638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.440681] kthread+0x328/0x630 [ 20.440728] ret_from_fork+0x10/0x20 [ 20.440763] [ 20.440781] Freed by task 0: [ 20.440809] kasan_save_stack+0x3c/0x68 [ 20.440845] kasan_save_track+0x20/0x40 [ 20.440882] kasan_save_free_info+0x4c/0x78 [ 20.440922] __kasan_slab_free+0x6c/0x98 [ 20.440957] slab_free_after_rcu_debug+0xd4/0x2f8 [ 20.440996] rcu_core+0x9f4/0x1e20 [ 20.441031] rcu_core_si+0x18/0x30 [ 20.441065] handle_softirqs+0x374/0xb28 [ 20.441101] __do_softirq+0x1c/0x28 [ 20.441135] [ 20.441152] Last potentially related work creation: [ 20.441179] kasan_save_stack+0x3c/0x68 [ 20.441217] kasan_record_aux_stack+0xb4/0xc8 [ 20.441255] kmem_cache_free+0x120/0x468 [ 20.441291] kmem_cache_rcu_uaf+0x16c/0x468 [ 20.441326] kunit_try_run_case+0x170/0x3f0 [ 20.441363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.441406] kthread+0x328/0x630 [ 20.441436] ret_from_fork+0x10/0x20 [ 20.441471] [ 20.441489] The buggy address belongs to the object at fff00000c6470000 [ 20.441489] which belongs to the cache test_cache of size 200 [ 20.441547] The buggy address is located 0 bytes inside of [ 20.441547] freed 200-byte region [fff00000c6470000, fff00000c64700c8) [ 20.441607] [ 20.441628] The buggy address belongs to the physical page: [ 20.441661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106470 [ 20.441729] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.441796] page_type: f5(slab) [ 20.441838] raw: 0bfffe0000000000 fff00000c563c640 dead000000000122 0000000000000000 [ 20.441890] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.441929] page dumped because: kasan: bad access detected [ 20.441961] [ 20.441987] Memory state around the buggy address: [ 20.442030] fff00000c646ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.442074] fff00000c646ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.442125] >fff00000c6470000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.442171] ^ [ 20.442206] fff00000c6470080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.442264] fff00000c6470100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.442311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.070802] ================================================================== [ 20.070862] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 20.070918] Free of addr fff00000c6473001 by task kunit_try_catch/211 [ 20.070962] [ 20.071006] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.071106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.071133] Hardware name: linux,dummy-virt (DT) [ 20.071166] Call trace: [ 20.071187] show_stack+0x20/0x38 (C) [ 20.071237] dump_stack_lvl+0x8c/0xd0 [ 20.071289] print_report+0x118/0x608 [ 20.071336] kasan_report_invalid_free+0xc0/0xe8 [ 20.071384] check_slab_allocation+0xfc/0x108 [ 20.071433] __kasan_slab_pre_free+0x2c/0x48 [ 20.071479] kmem_cache_free+0xf0/0x468 [ 20.071523] kmem_cache_invalid_free+0x184/0x3c8 [ 20.071570] kunit_try_run_case+0x170/0x3f0 [ 20.071618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.071671] kthread+0x328/0x630 [ 20.071725] ret_from_fork+0x10/0x20 [ 20.071773] [ 20.072217] Allocated by task 211: [ 20.072323] kasan_save_stack+0x3c/0x68 [ 20.072379] kasan_save_track+0x20/0x40 [ 20.072416] kasan_save_alloc_info+0x40/0x58 [ 20.072465] __kasan_slab_alloc+0xa8/0xb0 [ 20.072502] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.072540] kmem_cache_invalid_free+0x12c/0x3c8 [ 20.072601] kunit_try_run_case+0x170/0x3f0 [ 20.072680] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.072744] kthread+0x328/0x630 [ 20.072789] ret_from_fork+0x10/0x20 [ 20.072857] [ 20.072902] The buggy address belongs to the object at fff00000c6473000 [ 20.072902] which belongs to the cache test_cache of size 200 [ 20.072985] The buggy address is located 1 bytes inside of [ 20.072985] 200-byte region [fff00000c6473000, fff00000c64730c8) [ 20.073058] [ 20.073081] The buggy address belongs to the physical page: [ 20.073113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106473 [ 20.073280] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.073338] page_type: f5(slab) [ 20.073395] raw: 0bfffe0000000000 fff00000c563c500 dead000000000122 0000000000000000 [ 20.073490] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.073533] page dumped because: kasan: bad access detected [ 20.073601] [ 20.073650] Memory state around the buggy address: [ 20.073727] fff00000c6472f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.073803] fff00000c6472f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.073845] >fff00000c6473000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.074109] ^ [ 20.074196] fff00000c6473080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.074273] fff00000c6473100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.074361] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.049213] ================================================================== [ 20.049301] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 20.049370] Free of addr fff00000c6461000 by task kunit_try_catch/209 [ 20.049560] [ 20.049605] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.049692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.049761] Hardware name: linux,dummy-virt (DT) [ 20.049796] Call trace: [ 20.049848] show_stack+0x20/0x38 (C) [ 20.049953] dump_stack_lvl+0x8c/0xd0 [ 20.050005] print_report+0x118/0x608 [ 20.050052] kasan_report_invalid_free+0xc0/0xe8 [ 20.050101] check_slab_allocation+0xd4/0x108 [ 20.050158] __kasan_slab_pre_free+0x2c/0x48 [ 20.050213] kmem_cache_free+0xf0/0x468 [ 20.050259] kmem_cache_double_free+0x190/0x3c8 [ 20.050365] kunit_try_run_case+0x170/0x3f0 [ 20.050432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.050483] kthread+0x328/0x630 [ 20.050527] ret_from_fork+0x10/0x20 [ 20.050575] [ 20.050733] Allocated by task 209: [ 20.050784] kasan_save_stack+0x3c/0x68 [ 20.050827] kasan_save_track+0x20/0x40 [ 20.050864] kasan_save_alloc_info+0x40/0x58 [ 20.050912] __kasan_slab_alloc+0xa8/0xb0 [ 20.050950] kmem_cache_alloc_noprof+0x10c/0x398 [ 20.050990] kmem_cache_double_free+0x12c/0x3c8 [ 20.051036] kunit_try_run_case+0x170/0x3f0 [ 20.051081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.051152] kthread+0x328/0x630 [ 20.051185] ret_from_fork+0x10/0x20 [ 20.051236] [ 20.051263] Freed by task 209: [ 20.051342] kasan_save_stack+0x3c/0x68 [ 20.051379] kasan_save_track+0x20/0x40 [ 20.051424] kasan_save_free_info+0x4c/0x78 [ 20.051475] __kasan_slab_free+0x6c/0x98 [ 20.051531] kmem_cache_free+0x260/0x468 [ 20.051578] kmem_cache_double_free+0x140/0x3c8 [ 20.051617] kunit_try_run_case+0x170/0x3f0 [ 20.051895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.051947] kthread+0x328/0x630 [ 20.051979] ret_from_fork+0x10/0x20 [ 20.052168] [ 20.052218] The buggy address belongs to the object at fff00000c6461000 [ 20.052218] which belongs to the cache test_cache of size 200 [ 20.052362] The buggy address is located 0 bytes inside of [ 20.052362] 200-byte region [fff00000c6461000, fff00000c64610c8) [ 20.052479] [ 20.052573] The buggy address belongs to the physical page: [ 20.052605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106461 [ 20.052662] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.052724] page_type: f5(slab) [ 20.052792] raw: 0bfffe0000000000 fff00000ffe78f00 dead000000000122 0000000000000000 [ 20.052876] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.052979] page dumped because: kasan: bad access detected [ 20.053049] [ 20.053393] Memory state around the buggy address: [ 20.053471] fff00000c6460f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.053535] fff00000c6460f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.053578] >fff00000c6461000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.053639] ^ [ 20.053698] fff00000c6461080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.053751] fff00000c6461100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.053815] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 19.836440] ================================================================== [ 19.836510] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 19.836696] Read of size 1 at addr fff00000c64640c8 by task kunit_try_catch/207 [ 19.836782] [ 19.836830] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.836912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.836951] Hardware name: linux,dummy-virt (DT) [ 19.836984] Call trace: [ 19.837005] show_stack+0x20/0x38 (C) [ 19.837078] dump_stack_lvl+0x8c/0xd0 [ 19.837130] print_report+0x118/0x608 [ 19.837200] kasan_report+0xdc/0x128 [ 19.837246] __asan_report_load1_noabort+0x20/0x30 [ 19.837603] kmem_cache_oob+0x344/0x430 [ 19.837671] kunit_try_run_case+0x170/0x3f0 [ 19.837760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.837836] kthread+0x328/0x630 [ 19.837881] ret_from_fork+0x10/0x20 [ 19.837957] [ 19.837975] Allocated by task 207: [ 19.839460] kasan_save_stack+0x3c/0x68 [ 19.839516] kasan_save_track+0x20/0x40 [ 19.839553] kasan_save_alloc_info+0x40/0x58 [ 19.839593] __kasan_slab_alloc+0xa8/0xb0 [ 19.839628] kmem_cache_alloc_noprof+0x10c/0x398 [ 19.839669] kmem_cache_oob+0x12c/0x430 [ 19.839704] kunit_try_run_case+0x170/0x3f0 [ 19.839752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.839795] kthread+0x328/0x630 [ 19.839827] ret_from_fork+0x10/0x20 [ 19.839863] [ 19.839882] The buggy address belongs to the object at fff00000c6464000 [ 19.839882] which belongs to the cache test_cache of size 200 [ 19.839940] The buggy address is located 0 bytes to the right of [ 19.839940] allocated 200-byte region [fff00000c6464000, fff00000c64640c8) [ 19.840007] [ 19.840028] The buggy address belongs to the physical page: [ 19.840059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106464 [ 19.840119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.840167] page_type: f5(slab) [ 19.840205] raw: 0bfffe0000000000 fff00000c563c3c0 dead000000000122 0000000000000000 [ 19.840261] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 19.840305] page dumped because: kasan: bad access detected [ 19.840337] [ 19.840354] Memory state around the buggy address: [ 19.840387] fff00000c6463f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.840430] fff00000c6464000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.840472] >fff00000c6464080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 19.840508] ^ [ 19.840542] fff00000c6464100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.840583] fff00000c6464180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.840620] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 19.806239] ================================================================== [ 19.806374] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 19.806681] Read of size 8 at addr fff00000c5707f40 by task kunit_try_catch/200 [ 19.806804] [ 19.806839] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.806930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.806975] Hardware name: linux,dummy-virt (DT) [ 19.807104] Call trace: [ 19.807260] show_stack+0x20/0x38 (C) [ 19.807332] dump_stack_lvl+0x8c/0xd0 [ 19.807381] print_report+0x118/0x608 [ 19.807424] kasan_report+0xdc/0x128 [ 19.807525] __asan_report_load8_noabort+0x20/0x30 [ 19.807573] workqueue_uaf+0x480/0x4a8 [ 19.807617] kunit_try_run_case+0x170/0x3f0 [ 19.807664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.807732] kthread+0x328/0x630 [ 19.807772] ret_from_fork+0x10/0x20 [ 19.808197] [ 19.808290] Allocated by task 200: [ 19.808382] kasan_save_stack+0x3c/0x68 [ 19.808455] kasan_save_track+0x20/0x40 [ 19.808547] kasan_save_alloc_info+0x40/0x58 [ 19.808604] __kasan_kmalloc+0xd4/0xd8 [ 19.808672] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.808782] workqueue_uaf+0x13c/0x4a8 [ 19.808880] kunit_try_run_case+0x170/0x3f0 [ 19.808945] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.809192] kthread+0x328/0x630 [ 19.809325] ret_from_fork+0x10/0x20 [ 19.809444] [ 19.809506] Freed by task 47: [ 19.809551] kasan_save_stack+0x3c/0x68 [ 19.809632] kasan_save_track+0x20/0x40 [ 19.809745] kasan_save_free_info+0x4c/0x78 [ 19.809785] __kasan_slab_free+0x6c/0x98 [ 19.809822] kfree+0x214/0x3c8 [ 19.809886] workqueue_uaf_work+0x18/0x30 [ 19.809925] process_one_work+0x530/0xf98 [ 19.809961] worker_thread+0x618/0xf38 [ 19.809996] kthread+0x328/0x630 [ 19.810029] ret_from_fork+0x10/0x20 [ 19.810285] [ 19.810347] Last potentially related work creation: [ 19.810386] kasan_save_stack+0x3c/0x68 [ 19.810463] kasan_record_aux_stack+0xb4/0xc8 [ 19.810550] __queue_work+0x65c/0x1008 [ 19.810608] queue_work_on+0xbc/0xf8 [ 19.810681] workqueue_uaf+0x210/0x4a8 [ 19.810793] kunit_try_run_case+0x170/0x3f0 [ 19.810869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.810932] kthread+0x328/0x630 [ 19.811240] ret_from_fork+0x10/0x20 [ 19.811382] [ 19.811431] The buggy address belongs to the object at fff00000c5707f40 [ 19.811431] which belongs to the cache kmalloc-32 of size 32 [ 19.811559] The buggy address is located 0 bytes inside of [ 19.811559] freed 32-byte region [fff00000c5707f40, fff00000c5707f60) [ 19.811660] [ 19.811681] The buggy address belongs to the physical page: [ 19.811732] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105707 [ 19.811793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.811840] page_type: f5(slab) [ 19.811897] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.811948] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.812002] page dumped because: kasan: bad access detected [ 19.812034] [ 19.812052] Memory state around the buggy address: [ 19.812093] fff00000c5707e00: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.812150] fff00000c5707e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.812192] >fff00000c5707f00: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.812235] ^ [ 19.813520] fff00000c5707f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813607] fff00000c5708000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.813645] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 19.774044] ================================================================== [ 19.774179] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 19.777502] Read of size 4 at addr fff00000c5707d00 by task rcu_preempt/16 [ 19.777570] [ 19.777613] CPU: 1 UID: 0 PID: 16 Comm: rcu_preempt Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.777699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.777737] Hardware name: linux,dummy-virt (DT) [ 19.777769] Call trace: [ 19.777793] show_stack+0x20/0x38 (C) [ 19.777857] dump_stack_lvl+0x8c/0xd0 [ 19.777917] print_report+0x118/0x608 [ 19.777962] kasan_report+0xdc/0x128 [ 19.778006] __asan_report_load4_noabort+0x20/0x30 [ 19.778204] rcu_uaf_reclaim+0x64/0x70 [ 19.778276] rcu_core+0x9f4/0x1e20 [ 19.778334] rcu_core_si+0x18/0x30 [ 19.778387] handle_softirqs+0x374/0xb28 [ 19.778443] __do_softirq+0x1c/0x28 [ 19.778486] ____do_softirq+0x18/0x30 [ 19.778557] call_on_irq_stack+0x24/0x30 [ 19.778603] do_softirq_own_stack+0x24/0x38 [ 19.778648] __irq_exit_rcu+0x1fc/0x318 [ 19.778692] irq_exit_rcu+0x1c/0x80 [ 19.778744] el1_interrupt+0x38/0x58 [ 19.778967] el1h_64_irq_handler+0x18/0x28 [ 19.779037] el1h_64_irq+0x6c/0x70 [ 19.779404] preempt_count_sub+0x50/0x148 (P) [ 19.779525] _raw_spin_unlock_irq+0x38/0x90 [ 19.779598] rcu_gp_cleanup+0x2a8/0xe28 [ 19.779683] rcu_gp_kthread+0x434/0x590 [ 19.779874] kthread+0x328/0x630 [ 19.779926] ret_from_fork+0x10/0x20 [ 19.780014] [ 19.780079] Allocated by task 198: [ 19.780208] kasan_save_stack+0x3c/0x68 [ 19.780274] kasan_save_track+0x20/0x40 [ 19.780388] kasan_save_alloc_info+0x40/0x58 [ 19.780469] __kasan_kmalloc+0xd4/0xd8 [ 19.780605] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.780664] rcu_uaf+0xb0/0x2d8 [ 19.780803] kunit_try_run_case+0x170/0x3f0 [ 19.780873] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.780937] kthread+0x328/0x630 [ 19.780971] ret_from_fork+0x10/0x20 [ 19.781269] [ 19.781328] Freed by task 16: [ 19.781385] kasan_save_stack+0x3c/0x68 [ 19.781509] kasan_save_track+0x20/0x40 [ 19.781962] kasan_save_free_info+0x4c/0x78 [ 19.783222] __kasan_slab_free+0x6c/0x98 [ 19.783296] kfree+0x214/0x3c8 [ 19.783340] rcu_uaf_reclaim+0x28/0x70 [ 19.783396] rcu_core+0x9f4/0x1e20 [ 19.783431] rcu_core_si+0x18/0x30 [ 19.783493] handle_softirqs+0x374/0xb28 [ 19.783529] __do_softirq+0x1c/0x28 [ 19.783564] [ 19.783600] Last potentially related work creation: [ 19.783880] kasan_save_stack+0x3c/0x68 [ 19.784003] kasan_record_aux_stack+0xb4/0xc8 [ 19.784062] __call_rcu_common.constprop.0+0x74/0x8c8 [ 19.784108] call_rcu+0x18/0x30 [ 19.784352] rcu_uaf+0x14c/0x2d8 [ 19.784410] kunit_try_run_case+0x170/0x3f0 [ 19.784483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.784529] kthread+0x328/0x630 [ 19.784565] ret_from_fork+0x10/0x20 [ 19.784612] [ 19.784641] The buggy address belongs to the object at fff00000c5707d00 [ 19.784641] which belongs to the cache kmalloc-32 of size 32 [ 19.784702] The buggy address is located 0 bytes inside of [ 19.784702] freed 32-byte region [fff00000c5707d00, fff00000c5707d20) [ 19.784777] [ 19.784799] The buggy address belongs to the physical page: [ 19.784829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105707 [ 19.784890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.784942] page_type: f5(slab) [ 19.784983] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.785033] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.785074] page dumped because: kasan: bad access detected [ 19.785110] [ 19.785127] Memory state around the buggy address: [ 19.785163] fff00000c5707c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.785206] fff00000c5707c80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 19.785249] >fff00000c5707d00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.785287] ^ [ 19.785317] fff00000c5707d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785361] fff00000c5707e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.785441] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 19.523160] ================================================================== [ 19.523366] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 19.523431] Read of size 1 at addr fff00000c5708400 by task kunit_try_catch/196 [ 19.523509] [ 19.523547] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.523744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.523934] Hardware name: linux,dummy-virt (DT) [ 19.523968] Call trace: [ 19.523989] show_stack+0x20/0x38 (C) [ 19.524400] dump_stack_lvl+0x8c/0xd0 [ 19.524582] print_report+0x118/0x608 [ 19.524698] kasan_report+0xdc/0x128 [ 19.524908] __asan_report_load1_noabort+0x20/0x30 [ 19.524962] ksize_uaf+0x598/0x5f8 [ 19.525496] kunit_try_run_case+0x170/0x3f0 [ 19.525613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.525764] kthread+0x328/0x630 [ 19.525809] ret_from_fork+0x10/0x20 [ 19.525902] [ 19.526185] Allocated by task 196: [ 19.526278] kasan_save_stack+0x3c/0x68 [ 19.526350] kasan_save_track+0x20/0x40 [ 19.526486] kasan_save_alloc_info+0x40/0x58 [ 19.526597] __kasan_kmalloc+0xd4/0xd8 [ 19.526811] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.527026] ksize_uaf+0xb8/0x5f8 [ 19.527093] kunit_try_run_case+0x170/0x3f0 [ 19.527256] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.527360] kthread+0x328/0x630 [ 19.527476] ret_from_fork+0x10/0x20 [ 19.527563] [ 19.527778] Freed by task 196: [ 19.527812] kasan_save_stack+0x3c/0x68 [ 19.527853] kasan_save_track+0x20/0x40 [ 19.527896] kasan_save_free_info+0x4c/0x78 [ 19.528128] __kasan_slab_free+0x6c/0x98 [ 19.528246] kfree+0x214/0x3c8 [ 19.528304] ksize_uaf+0x11c/0x5f8 [ 19.528425] kunit_try_run_case+0x170/0x3f0 [ 19.528528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.528687] kthread+0x328/0x630 [ 19.528816] ret_from_fork+0x10/0x20 [ 19.528855] [ 19.529040] The buggy address belongs to the object at fff00000c5708400 [ 19.529040] which belongs to the cache kmalloc-128 of size 128 [ 19.529232] The buggy address is located 0 bytes inside of [ 19.529232] freed 128-byte region [fff00000c5708400, fff00000c5708480) [ 19.529409] [ 19.529479] The buggy address belongs to the physical page: [ 19.530307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.530387] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.530471] page_type: f5(slab) [ 19.530592] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.531167] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.531238] page dumped because: kasan: bad access detected [ 19.531303] [ 19.531431] Memory state around the buggy address: [ 19.531555] fff00000c5708300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.531630] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.531765] >fff00000c5708400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.531805] ^ [ 19.531833] fff00000c5708480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.531876] fff00000c5708500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.531913] ================================================================== [ 19.516245] ================================================================== [ 19.516438] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 19.516492] Read of size 1 at addr fff00000c5708400 by task kunit_try_catch/196 [ 19.516599] [ 19.516636] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.516798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.516827] Hardware name: linux,dummy-virt (DT) [ 19.516858] Call trace: [ 19.516879] show_stack+0x20/0x38 (C) [ 19.517238] dump_stack_lvl+0x8c/0xd0 [ 19.517326] print_report+0x118/0x608 [ 19.517437] kasan_report+0xdc/0x128 [ 19.517552] __kasan_check_byte+0x54/0x70 [ 19.517616] ksize+0x30/0x88 [ 19.517758] ksize_uaf+0x168/0x5f8 [ 19.517811] kunit_try_run_case+0x170/0x3f0 [ 19.517859] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.518307] kthread+0x328/0x630 [ 19.518449] ret_from_fork+0x10/0x20 [ 19.518597] [ 19.518635] Allocated by task 196: [ 19.518702] kasan_save_stack+0x3c/0x68 [ 19.518822] kasan_save_track+0x20/0x40 [ 19.518863] kasan_save_alloc_info+0x40/0x58 [ 19.519093] __kasan_kmalloc+0xd4/0xd8 [ 19.519145] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.519350] ksize_uaf+0xb8/0x5f8 [ 19.519398] kunit_try_run_case+0x170/0x3f0 [ 19.519436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.519619] kthread+0x328/0x630 [ 19.519688] ret_from_fork+0x10/0x20 [ 19.519837] [ 19.519857] Freed by task 196: [ 19.519884] kasan_save_stack+0x3c/0x68 [ 19.519945] kasan_save_track+0x20/0x40 [ 19.519983] kasan_save_free_info+0x4c/0x78 [ 19.520023] __kasan_slab_free+0x6c/0x98 [ 19.520060] kfree+0x214/0x3c8 [ 19.520093] ksize_uaf+0x11c/0x5f8 [ 19.520130] kunit_try_run_case+0x170/0x3f0 [ 19.520169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.520214] kthread+0x328/0x630 [ 19.520782] ret_from_fork+0x10/0x20 [ 19.520845] [ 19.520868] The buggy address belongs to the object at fff00000c5708400 [ 19.520868] which belongs to the cache kmalloc-128 of size 128 [ 19.520928] The buggy address is located 0 bytes inside of [ 19.520928] freed 128-byte region [fff00000c5708400, fff00000c5708480) [ 19.520988] [ 19.521007] The buggy address belongs to the physical page: [ 19.521044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.521106] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.521152] page_type: f5(slab) [ 19.521208] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.521266] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.521305] page dumped because: kasan: bad access detected [ 19.521336] [ 19.521353] Memory state around the buggy address: [ 19.521384] fff00000c5708300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.521439] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.521482] >fff00000c5708400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.521521] ^ [ 19.521554] fff00000c5708480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.521606] fff00000c5708500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.521643] ================================================================== [ 19.535220] ================================================================== [ 19.535340] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 19.535783] Read of size 1 at addr fff00000c5708478 by task kunit_try_catch/196 [ 19.535988] [ 19.536034] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.536358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.536454] Hardware name: linux,dummy-virt (DT) [ 19.536523] Call trace: [ 19.536638] show_stack+0x20/0x38 (C) [ 19.536730] dump_stack_lvl+0x8c/0xd0 [ 19.536782] print_report+0x118/0x608 [ 19.537128] kasan_report+0xdc/0x128 [ 19.537271] __asan_report_load1_noabort+0x20/0x30 [ 19.537704] ksize_uaf+0x544/0x5f8 [ 19.537882] kunit_try_run_case+0x170/0x3f0 [ 19.538228] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.538353] kthread+0x328/0x630 [ 19.538465] ret_from_fork+0x10/0x20 [ 19.538564] [ 19.538637] Allocated by task 196: [ 19.538730] kasan_save_stack+0x3c/0x68 [ 19.539069] kasan_save_track+0x20/0x40 [ 19.539205] kasan_save_alloc_info+0x40/0x58 [ 19.539282] __kasan_kmalloc+0xd4/0xd8 [ 19.539638] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.539821] ksize_uaf+0xb8/0x5f8 [ 19.539906] kunit_try_run_case+0x170/0x3f0 [ 19.539958] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.540004] kthread+0x328/0x630 [ 19.540037] ret_from_fork+0x10/0x20 [ 19.540073] [ 19.540227] Freed by task 196: [ 19.540370] kasan_save_stack+0x3c/0x68 [ 19.540498] kasan_save_track+0x20/0x40 [ 19.540736] kasan_save_free_info+0x4c/0x78 [ 19.540879] __kasan_slab_free+0x6c/0x98 [ 19.541207] kfree+0x214/0x3c8 [ 19.541328] ksize_uaf+0x11c/0x5f8 [ 19.541364] kunit_try_run_case+0x170/0x3f0 [ 19.541771] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.541879] kthread+0x328/0x630 [ 19.541915] ret_from_fork+0x10/0x20 [ 19.541953] [ 19.542392] The buggy address belongs to the object at fff00000c5708400 [ 19.542392] which belongs to the cache kmalloc-128 of size 128 [ 19.542853] The buggy address is located 120 bytes inside of [ 19.542853] freed 128-byte region [fff00000c5708400, fff00000c5708480) [ 19.542965] [ 19.542993] The buggy address belongs to the physical page: [ 19.543089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.543145] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.543625] page_type: f5(slab) [ 19.543742] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.543795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.544089] page dumped because: kasan: bad access detected [ 19.544200] [ 19.544298] Memory state around the buggy address: [ 19.544394] fff00000c5708300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.544459] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544813] >fff00000c5708400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.544962] ^ [ 19.545029] fff00000c5708480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.545105] fff00000c5708500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.545573] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.493249] ================================================================== [ 19.493325] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 19.493649] Read of size 1 at addr fff00000c5708378 by task kunit_try_catch/194 [ 19.494111] [ 19.494193] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.494317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.494616] Hardware name: linux,dummy-virt (DT) [ 19.494683] Call trace: [ 19.494707] show_stack+0x20/0x38 (C) [ 19.494768] dump_stack_lvl+0x8c/0xd0 [ 19.494947] print_report+0x118/0x608 [ 19.495138] kasan_report+0xdc/0x128 [ 19.495247] __asan_report_load1_noabort+0x20/0x30 [ 19.495300] ksize_unpoisons_memory+0x618/0x740 [ 19.495346] kunit_try_run_case+0x170/0x3f0 [ 19.495390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.495676] kthread+0x328/0x630 [ 19.495739] ret_from_fork+0x10/0x20 [ 19.495938] [ 19.495962] Allocated by task 194: [ 19.495991] kasan_save_stack+0x3c/0x68 [ 19.496181] kasan_save_track+0x20/0x40 [ 19.496287] kasan_save_alloc_info+0x40/0x58 [ 19.496454] __kasan_kmalloc+0xd4/0xd8 [ 19.496524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.496630] ksize_unpoisons_memory+0xc0/0x740 [ 19.497050] kunit_try_run_case+0x170/0x3f0 [ 19.497123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.497242] kthread+0x328/0x630 [ 19.497306] ret_from_fork+0x10/0x20 [ 19.497341] [ 19.497393] The buggy address belongs to the object at fff00000c5708300 [ 19.497393] which belongs to the cache kmalloc-128 of size 128 [ 19.497609] The buggy address is located 5 bytes to the right of [ 19.497609] allocated 115-byte region [fff00000c5708300, fff00000c5708373) [ 19.497827] [ 19.497868] The buggy address belongs to the physical page: [ 19.497898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.498299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.498370] page_type: f5(slab) [ 19.498490] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.498724] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.498945] page dumped because: kasan: bad access detected [ 19.499025] [ 19.499094] Memory state around the buggy address: [ 19.499228] fff00000c5708200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.499522] fff00000c5708280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.499718] >fff00000c5708300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.499767] ^ [ 19.500065] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.500160] fff00000c5708400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.500306] ================================================================== [ 19.486369] ================================================================== [ 19.486440] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 19.486514] Read of size 1 at addr fff00000c5708373 by task kunit_try_catch/194 [ 19.486629] [ 19.486722] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.486858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.486895] Hardware name: linux,dummy-virt (DT) [ 19.486927] Call trace: [ 19.486949] show_stack+0x20/0x38 (C) [ 19.487233] dump_stack_lvl+0x8c/0xd0 [ 19.487393] print_report+0x118/0x608 [ 19.487540] kasan_report+0xdc/0x128 [ 19.487722] __asan_report_load1_noabort+0x20/0x30 [ 19.487827] ksize_unpoisons_memory+0x628/0x740 [ 19.487892] kunit_try_run_case+0x170/0x3f0 [ 19.487939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.487990] kthread+0x328/0x630 [ 19.488418] ret_from_fork+0x10/0x20 [ 19.488553] [ 19.488632] Allocated by task 194: [ 19.488787] kasan_save_stack+0x3c/0x68 [ 19.488884] kasan_save_track+0x20/0x40 [ 19.488950] kasan_save_alloc_info+0x40/0x58 [ 19.489560] __kasan_kmalloc+0xd4/0xd8 [ 19.489621] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.490047] ksize_unpoisons_memory+0xc0/0x740 [ 19.490243] kunit_try_run_case+0x170/0x3f0 [ 19.490320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.490374] kthread+0x328/0x630 [ 19.490413] ret_from_fork+0x10/0x20 [ 19.490458] [ 19.490502] The buggy address belongs to the object at fff00000c5708300 [ 19.490502] which belongs to the cache kmalloc-128 of size 128 [ 19.490586] The buggy address is located 0 bytes to the right of [ 19.490586] allocated 115-byte region [fff00000c5708300, fff00000c5708373) [ 19.490661] [ 19.490682] The buggy address belongs to the physical page: [ 19.490723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.490786] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.490849] page_type: f5(slab) [ 19.490894] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.490945] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.490994] page dumped because: kasan: bad access detected [ 19.491030] [ 19.491049] Memory state around the buggy address: [ 19.491080] fff00000c5708200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.491153] fff00000c5708280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.491211] >fff00000c5708300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.491249] ^ [ 19.491297] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.491340] fff00000c5708400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.491379] ================================================================== [ 19.501742] ================================================================== [ 19.501832] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 19.502069] Read of size 1 at addr fff00000c570837f by task kunit_try_catch/194 [ 19.502253] [ 19.502299] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.502381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.502424] Hardware name: linux,dummy-virt (DT) [ 19.502801] Call trace: [ 19.502843] show_stack+0x20/0x38 (C) [ 19.502925] dump_stack_lvl+0x8c/0xd0 [ 19.502975] print_report+0x118/0x608 [ 19.503021] kasan_report+0xdc/0x128 [ 19.503064] __asan_report_load1_noabort+0x20/0x30 [ 19.503273] ksize_unpoisons_memory+0x690/0x740 [ 19.503466] kunit_try_run_case+0x170/0x3f0 [ 19.503517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.503570] kthread+0x328/0x630 [ 19.503642] ret_from_fork+0x10/0x20 [ 19.503821] [ 19.503981] Allocated by task 194: [ 19.504057] kasan_save_stack+0x3c/0x68 [ 19.504269] kasan_save_track+0x20/0x40 [ 19.504467] kasan_save_alloc_info+0x40/0x58 [ 19.504538] __kasan_kmalloc+0xd4/0xd8 [ 19.504694] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.504797] ksize_unpoisons_memory+0xc0/0x740 [ 19.504842] kunit_try_run_case+0x170/0x3f0 [ 19.504880] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.504923] kthread+0x328/0x630 [ 19.504983] ret_from_fork+0x10/0x20 [ 19.505033] [ 19.505062] The buggy address belongs to the object at fff00000c5708300 [ 19.505062] which belongs to the cache kmalloc-128 of size 128 [ 19.505122] The buggy address is located 12 bytes to the right of [ 19.505122] allocated 115-byte region [fff00000c5708300, fff00000c5708373) [ 19.505188] [ 19.505208] The buggy address belongs to the physical page: [ 19.505247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.505309] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.505355] page_type: f5(slab) [ 19.505402] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.505461] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.505510] page dumped because: kasan: bad access detected [ 19.505548] [ 19.505573] Memory state around the buggy address: [ 19.505620] fff00000c5708200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.505662] fff00000c5708280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.505704] >fff00000c5708300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.506585] ^ [ 19.507142] fff00000c5708380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.507191] fff00000c5708400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.507582] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.469512] ================================================================== [ 19.469846] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 19.470049] Free of addr fff00000c564f380 by task kunit_try_catch/192 [ 19.470104] [ 19.470151] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.470308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.470366] Hardware name: linux,dummy-virt (DT) [ 19.470404] Call trace: [ 19.470442] show_stack+0x20/0x38 (C) [ 19.470656] dump_stack_lvl+0x8c/0xd0 [ 19.470904] print_report+0x118/0x608 [ 19.471127] kasan_report_invalid_free+0xc0/0xe8 [ 19.471285] check_slab_allocation+0xd4/0x108 [ 19.471337] __kasan_slab_pre_free+0x2c/0x48 [ 19.471383] kfree+0xe8/0x3c8 [ 19.471482] kfree_sensitive+0x3c/0xb0 [ 19.471635] kmalloc_double_kzfree+0x168/0x308 [ 19.471697] kunit_try_run_case+0x170/0x3f0 [ 19.471757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.471930] kthread+0x328/0x630 [ 19.472047] ret_from_fork+0x10/0x20 [ 19.472210] [ 19.472354] Allocated by task 192: [ 19.472412] kasan_save_stack+0x3c/0x68 [ 19.472630] kasan_save_track+0x20/0x40 [ 19.473036] kasan_save_alloc_info+0x40/0x58 [ 19.473267] __kasan_kmalloc+0xd4/0xd8 [ 19.473347] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.473471] kmalloc_double_kzfree+0xb8/0x308 [ 19.473561] kunit_try_run_case+0x170/0x3f0 [ 19.473728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.473787] kthread+0x328/0x630 [ 19.474103] ret_from_fork+0x10/0x20 [ 19.474217] [ 19.474319] Freed by task 192: [ 19.474407] kasan_save_stack+0x3c/0x68 [ 19.474516] kasan_save_track+0x20/0x40 [ 19.474584] kasan_save_free_info+0x4c/0x78 [ 19.474792] __kasan_slab_free+0x6c/0x98 [ 19.475027] kfree+0x214/0x3c8 [ 19.475094] kfree_sensitive+0x80/0xb0 [ 19.475196] kmalloc_double_kzfree+0x11c/0x308 [ 19.475271] kunit_try_run_case+0x170/0x3f0 [ 19.475532] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.475694] kthread+0x328/0x630 [ 19.475799] ret_from_fork+0x10/0x20 [ 19.475895] [ 19.475952] The buggy address belongs to the object at fff00000c564f380 [ 19.475952] which belongs to the cache kmalloc-16 of size 16 [ 19.476078] The buggy address is located 0 bytes inside of [ 19.476078] 16-byte region [fff00000c564f380, fff00000c564f390) [ 19.476197] [ 19.476217] The buggy address belongs to the physical page: [ 19.476677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 19.476823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.477013] page_type: f5(slab) [ 19.477163] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.477247] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.477326] page dumped because: kasan: bad access detected [ 19.477691] [ 19.477742] Memory state around the buggy address: [ 19.477838] fff00000c564f280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.477911] fff00000c564f300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.477966] >fff00000c564f380: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.478072] ^ [ 19.478139] fff00000c564f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.478239] fff00000c564f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.478351] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.459239] ================================================================== [ 19.459301] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 19.459746] Read of size 1 at addr fff00000c564f380 by task kunit_try_catch/192 [ 19.459865] [ 19.460010] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.460118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.460497] Hardware name: linux,dummy-virt (DT) [ 19.460553] Call trace: [ 19.460623] show_stack+0x20/0x38 (C) [ 19.460765] dump_stack_lvl+0x8c/0xd0 [ 19.460835] print_report+0x118/0x608 [ 19.461021] kasan_report+0xdc/0x128 [ 19.461399] __kasan_check_byte+0x54/0x70 [ 19.461467] kfree_sensitive+0x30/0xb0 [ 19.461922] kmalloc_double_kzfree+0x168/0x308 [ 19.462197] kunit_try_run_case+0x170/0x3f0 [ 19.462367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.462479] kthread+0x328/0x630 [ 19.462722] ret_from_fork+0x10/0x20 [ 19.462928] [ 19.462995] Allocated by task 192: [ 19.463037] kasan_save_stack+0x3c/0x68 [ 19.463287] kasan_save_track+0x20/0x40 [ 19.463511] kasan_save_alloc_info+0x40/0x58 [ 19.463609] __kasan_kmalloc+0xd4/0xd8 [ 19.463645] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.463685] kmalloc_double_kzfree+0xb8/0x308 [ 19.463985] kunit_try_run_case+0x170/0x3f0 [ 19.464145] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.464216] kthread+0x328/0x630 [ 19.464468] ret_from_fork+0x10/0x20 [ 19.464674] [ 19.464749] Freed by task 192: [ 19.464853] kasan_save_stack+0x3c/0x68 [ 19.464914] kasan_save_track+0x20/0x40 [ 19.465122] kasan_save_free_info+0x4c/0x78 [ 19.465183] __kasan_slab_free+0x6c/0x98 [ 19.465224] kfree+0x214/0x3c8 [ 19.465256] kfree_sensitive+0x80/0xb0 [ 19.465305] kmalloc_double_kzfree+0x11c/0x308 [ 19.465375] kunit_try_run_case+0x170/0x3f0 [ 19.465412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.465465] kthread+0x328/0x630 [ 19.465501] ret_from_fork+0x10/0x20 [ 19.465538] [ 19.465557] The buggy address belongs to the object at fff00000c564f380 [ 19.465557] which belongs to the cache kmalloc-16 of size 16 [ 19.465630] The buggy address is located 0 bytes inside of [ 19.465630] freed 16-byte region [fff00000c564f380, fff00000c564f390) [ 19.465691] [ 19.465727] The buggy address belongs to the physical page: [ 19.465772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 19.465823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.465872] page_type: f5(slab) [ 19.465910] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.465960] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.466010] page dumped because: kasan: bad access detected [ 19.466052] [ 19.466086] Memory state around the buggy address: [ 19.466134] fff00000c564f280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.466175] fff00000c564f300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.466218] >fff00000c564f380: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466256] ^ [ 19.466288] fff00000c564f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466340] fff00000c564f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.466385] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.436627] ================================================================== [ 19.436706] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 19.436771] Read of size 1 at addr fff00000c5709c28 by task kunit_try_catch/188 [ 19.436820] [ 19.436849] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.436935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.436962] Hardware name: linux,dummy-virt (DT) [ 19.437003] Call trace: [ 19.437026] show_stack+0x20/0x38 (C) [ 19.437083] dump_stack_lvl+0x8c/0xd0 [ 19.437129] print_report+0x118/0x608 [ 19.437179] kasan_report+0xdc/0x128 [ 19.437224] __asan_report_load1_noabort+0x20/0x30 [ 19.437273] kmalloc_uaf2+0x3f4/0x468 [ 19.437316] kunit_try_run_case+0x170/0x3f0 [ 19.437363] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.437422] kthread+0x328/0x630 [ 19.437464] ret_from_fork+0x10/0x20 [ 19.437518] [ 19.437536] Allocated by task 188: [ 19.437565] kasan_save_stack+0x3c/0x68 [ 19.437602] kasan_save_track+0x20/0x40 [ 19.437639] kasan_save_alloc_info+0x40/0x58 [ 19.437677] __kasan_kmalloc+0xd4/0xd8 [ 19.437724] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.437983] kmalloc_uaf2+0xc4/0x468 [ 19.438035] kunit_try_run_case+0x170/0x3f0 [ 19.438546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.438615] kthread+0x328/0x630 [ 19.438843] ret_from_fork+0x10/0x20 [ 19.438952] [ 19.438971] Freed by task 188: [ 19.438999] kasan_save_stack+0x3c/0x68 [ 19.439056] kasan_save_track+0x20/0x40 [ 19.439243] kasan_save_free_info+0x4c/0x78 [ 19.439434] __kasan_slab_free+0x6c/0x98 [ 19.439605] kfree+0x214/0x3c8 [ 19.439751] kmalloc_uaf2+0x134/0x468 [ 19.439925] kunit_try_run_case+0x170/0x3f0 [ 19.439976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.440028] kthread+0x328/0x630 [ 19.440076] ret_from_fork+0x10/0x20 [ 19.440117] [ 19.440136] The buggy address belongs to the object at fff00000c5709c00 [ 19.440136] which belongs to the cache kmalloc-64 of size 64 [ 19.440539] The buggy address is located 40 bytes inside of [ 19.440539] freed 64-byte region [fff00000c5709c00, fff00000c5709c40) [ 19.440653] [ 19.440797] The buggy address belongs to the physical page: [ 19.440881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 19.440976] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.441116] page_type: f5(slab) [ 19.441155] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.441232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.441416] page dumped because: kasan: bad access detected [ 19.441533] [ 19.441759] Memory state around the buggy address: [ 19.441838] fff00000c5709b00: 00 00 00 00 02 fc fc fc fc fc fc fc fc fc fc fc [ 19.441884] fff00000c5709b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.441970] >fff00000c5709c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.442226] ^ [ 19.442339] fff00000c5709c80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.442600] fff00000c5709d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.442785] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.394882] ================================================================== [ 19.395001] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 19.395139] Read of size 1 at addr fff00000c564f368 by task kunit_try_catch/184 [ 19.395202] [ 19.395533] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.395867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.395901] Hardware name: linux,dummy-virt (DT) [ 19.396217] Call trace: [ 19.396349] show_stack+0x20/0x38 (C) [ 19.396487] dump_stack_lvl+0x8c/0xd0 [ 19.396545] print_report+0x118/0x608 [ 19.396644] kasan_report+0xdc/0x128 [ 19.396784] __asan_report_load1_noabort+0x20/0x30 [ 19.397300] kmalloc_uaf+0x300/0x338 [ 19.397454] kunit_try_run_case+0x170/0x3f0 [ 19.397559] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.397752] kthread+0x328/0x630 [ 19.397905] ret_from_fork+0x10/0x20 [ 19.398204] [ 19.398288] Allocated by task 184: [ 19.398320] kasan_save_stack+0x3c/0x68 [ 19.398384] kasan_save_track+0x20/0x40 [ 19.398422] kasan_save_alloc_info+0x40/0x58 [ 19.398467] __kasan_kmalloc+0xd4/0xd8 [ 19.398516] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.398553] kmalloc_uaf+0xb8/0x338 [ 19.398586] kunit_try_run_case+0x170/0x3f0 [ 19.398622] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.398665] kthread+0x328/0x630 [ 19.398697] ret_from_fork+0x10/0x20 [ 19.398750] [ 19.398770] Freed by task 184: [ 19.398804] kasan_save_stack+0x3c/0x68 [ 19.398841] kasan_save_track+0x20/0x40 [ 19.398892] kasan_save_free_info+0x4c/0x78 [ 19.398931] __kasan_slab_free+0x6c/0x98 [ 19.398968] kfree+0x214/0x3c8 [ 19.399020] kmalloc_uaf+0x11c/0x338 [ 19.399064] kunit_try_run_case+0x170/0x3f0 [ 19.399101] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.399169] kthread+0x328/0x630 [ 19.399230] ret_from_fork+0x10/0x20 [ 19.399275] [ 19.399301] The buggy address belongs to the object at fff00000c564f360 [ 19.399301] which belongs to the cache kmalloc-16 of size 16 [ 19.399358] The buggy address is located 8 bytes inside of [ 19.399358] freed 16-byte region [fff00000c564f360, fff00000c564f370) [ 19.399418] [ 19.399438] The buggy address belongs to the physical page: [ 19.399469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 19.399695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.400365] page_type: f5(slab) [ 19.400495] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.400626] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.400694] page dumped because: kasan: bad access detected [ 19.400848] [ 19.400899] Memory state around the buggy address: [ 19.401288] fff00000c564f200: fa fb fc fc fa fb fc fc 00 01 fc fc fa fb fc fc [ 19.401456] fff00000c564f280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.401538] >fff00000c564f300: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.401697] ^ [ 19.401760] fff00000c564f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.401802] fff00000c564f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.401998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.381589] ================================================================== [ 19.381689] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.381752] Read of size 64 at addr fff00000c5709684 by task kunit_try_catch/182 [ 19.381802] [ 19.381832] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.381914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.381940] Hardware name: linux,dummy-virt (DT) [ 19.382208] Call trace: [ 19.382345] show_stack+0x20/0x38 (C) [ 19.382398] dump_stack_lvl+0x8c/0xd0 [ 19.382669] print_report+0x118/0x608 [ 19.382783] kasan_report+0xdc/0x128 [ 19.382888] kasan_check_range+0x100/0x1a8 [ 19.382975] __asan_memmove+0x3c/0x98 [ 19.383092] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 19.383364] kunit_try_run_case+0x170/0x3f0 [ 19.383488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383694] kthread+0x328/0x630 [ 19.383781] ret_from_fork+0x10/0x20 [ 19.383834] [ 19.383852] Allocated by task 182: [ 19.383880] kasan_save_stack+0x3c/0x68 [ 19.383921] kasan_save_track+0x20/0x40 [ 19.383959] kasan_save_alloc_info+0x40/0x58 [ 19.383998] __kasan_kmalloc+0xd4/0xd8 [ 19.384394] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.384492] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 19.384652] kunit_try_run_case+0x170/0x3f0 [ 19.384690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.384975] kthread+0x328/0x630 [ 19.385127] ret_from_fork+0x10/0x20 [ 19.385222] [ 19.385260] The buggy address belongs to the object at fff00000c5709680 [ 19.385260] which belongs to the cache kmalloc-64 of size 64 [ 19.385451] The buggy address is located 4 bytes inside of [ 19.385451] allocated 64-byte region [fff00000c5709680, fff00000c57096c0) [ 19.385533] [ 19.385788] The buggy address belongs to the physical page: [ 19.385858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 19.386004] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.386073] page_type: f5(slab) [ 19.386321] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.386396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.386520] page dumped because: kasan: bad access detected [ 19.386852] [ 19.386971] Memory state around the buggy address: [ 19.387052] fff00000c5709580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.387121] fff00000c5709600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.387300] >fff00000c5709680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.387343] ^ [ 19.387379] fff00000c5709700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.387544] fff00000c5709780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.387691] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.365942] ================================================================== [ 19.366025] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.366089] Read of size 18446744073709551614 at addr fff00000c5709404 by task kunit_try_catch/180 [ 19.366181] [ 19.366216] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.366296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.366330] Hardware name: linux,dummy-virt (DT) [ 19.366369] Call trace: [ 19.366392] show_stack+0x20/0x38 (C) [ 19.366446] dump_stack_lvl+0x8c/0xd0 [ 19.366492] print_report+0x118/0x608 [ 19.366536] kasan_report+0xdc/0x128 [ 19.366588] kasan_check_range+0x100/0x1a8 [ 19.366634] __asan_memmove+0x3c/0x98 [ 19.366682] kmalloc_memmove_negative_size+0x154/0x2e0 [ 19.366867] kunit_try_run_case+0x170/0x3f0 [ 19.366920] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.367353] kthread+0x328/0x630 [ 19.369542] ret_from_fork+0x10/0x20 [ 19.369889] [ 19.369944] Allocated by task 180: [ 19.370080] kasan_save_stack+0x3c/0x68 [ 19.370194] kasan_save_track+0x20/0x40 [ 19.370336] kasan_save_alloc_info+0x40/0x58 [ 19.370462] __kasan_kmalloc+0xd4/0xd8 [ 19.370537] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.370683] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 19.370813] kunit_try_run_case+0x170/0x3f0 [ 19.371059] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371269] kthread+0x328/0x630 [ 19.371334] ret_from_fork+0x10/0x20 [ 19.371456] [ 19.371566] The buggy address belongs to the object at fff00000c5709400 [ 19.371566] which belongs to the cache kmalloc-64 of size 64 [ 19.371767] The buggy address is located 4 bytes inside of [ 19.371767] 64-byte region [fff00000c5709400, fff00000c5709440) [ 19.371936] [ 19.372015] The buggy address belongs to the physical page: [ 19.372124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105709 [ 19.372182] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.372233] page_type: f5(slab) [ 19.372384] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.372632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.372745] page dumped because: kasan: bad access detected [ 19.372845] [ 19.372865] Memory state around the buggy address: [ 19.372916] fff00000c5709300: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 19.373253] fff00000c5709380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.373342] >fff00000c5709400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.373492] ^ [ 19.373521] fff00000c5709480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.374039] fff00000c5709500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.374112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.350217] ================================================================== [ 19.350423] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 19.350482] Write of size 16 at addr fff00000c5708169 by task kunit_try_catch/178 [ 19.350658] [ 19.350858] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.351035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.351082] Hardware name: linux,dummy-virt (DT) [ 19.351146] Call trace: [ 19.351522] show_stack+0x20/0x38 (C) [ 19.351618] dump_stack_lvl+0x8c/0xd0 [ 19.351689] print_report+0x118/0x608 [ 19.351881] kasan_report+0xdc/0x128 [ 19.352063] kasan_check_range+0x100/0x1a8 [ 19.352209] __asan_memset+0x34/0x78 [ 19.352252] kmalloc_oob_memset_16+0x150/0x2f8 [ 19.352314] kunit_try_run_case+0x170/0x3f0 [ 19.352365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.352414] kthread+0x328/0x630 [ 19.352730] ret_from_fork+0x10/0x20 [ 19.352926] [ 19.353024] Allocated by task 178: [ 19.353205] kasan_save_stack+0x3c/0x68 [ 19.353291] kasan_save_track+0x20/0x40 [ 19.353328] kasan_save_alloc_info+0x40/0x58 [ 19.353654] __kasan_kmalloc+0xd4/0xd8 [ 19.353847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.354019] kmalloc_oob_memset_16+0xb0/0x2f8 [ 19.354140] kunit_try_run_case+0x170/0x3f0 [ 19.354316] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.354471] kthread+0x328/0x630 [ 19.354602] ret_from_fork+0x10/0x20 [ 19.354767] [ 19.354819] The buggy address belongs to the object at fff00000c5708100 [ 19.354819] which belongs to the cache kmalloc-128 of size 128 [ 19.355345] The buggy address is located 105 bytes inside of [ 19.355345] allocated 120-byte region [fff00000c5708100, fff00000c5708178) [ 19.355576] [ 19.355698] The buggy address belongs to the physical page: [ 19.355776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.355918] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.355964] page_type: f5(slab) [ 19.356128] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.356360] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.356488] page dumped because: kasan: bad access detected [ 19.356565] [ 19.356693] Memory state around the buggy address: [ 19.356858] fff00000c5708000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.356952] fff00000c5708080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357214] >fff00000c5708100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.357531] ^ [ 19.357682] fff00000c5708180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357788] fff00000c5708200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.357864] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.336491] ================================================================== [ 19.336675] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 19.336768] Write of size 8 at addr fff00000c5708071 by task kunit_try_catch/176 [ 19.336941] [ 19.337123] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.337228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.337253] Hardware name: linux,dummy-virt (DT) [ 19.337282] Call trace: [ 19.337338] show_stack+0x20/0x38 (C) [ 19.337391] dump_stack_lvl+0x8c/0xd0 [ 19.337435] print_report+0x118/0x608 [ 19.337615] kasan_report+0xdc/0x128 [ 19.337800] kasan_check_range+0x100/0x1a8 [ 19.337915] __asan_memset+0x34/0x78 [ 19.337961] kmalloc_oob_memset_8+0x150/0x2f8 [ 19.338005] kunit_try_run_case+0x170/0x3f0 [ 19.338260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.338332] kthread+0x328/0x630 [ 19.338383] ret_from_fork+0x10/0x20 [ 19.338429] [ 19.338447] Allocated by task 176: [ 19.338767] kasan_save_stack+0x3c/0x68 [ 19.338886] kasan_save_track+0x20/0x40 [ 19.338942] kasan_save_alloc_info+0x40/0x58 [ 19.339047] __kasan_kmalloc+0xd4/0xd8 [ 19.339223] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.339268] kmalloc_oob_memset_8+0xb0/0x2f8 [ 19.339304] kunit_try_run_case+0x170/0x3f0 [ 19.339340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.339680] kthread+0x328/0x630 [ 19.339908] ret_from_fork+0x10/0x20 [ 19.340113] [ 19.340182] The buggy address belongs to the object at fff00000c5708000 [ 19.340182] which belongs to the cache kmalloc-128 of size 128 [ 19.340336] The buggy address is located 113 bytes inside of [ 19.340336] allocated 120-byte region [fff00000c5708000, fff00000c5708078) [ 19.340543] [ 19.340754] The buggy address belongs to the physical page: [ 19.340810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105708 [ 19.341081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.341233] page_type: f5(slab) [ 19.341343] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.342072] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.342135] page dumped because: kasan: bad access detected [ 19.342235] [ 19.342338] Memory state around the buggy address: [ 19.342404] fff00000c5707f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.342570] fff00000c5707f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.342808] >fff00000c5708000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.342907] ^ [ 19.342960] fff00000c5708080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.343051] fff00000c5708100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.343352] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.319150] ================================================================== [ 19.319288] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 19.319339] Write of size 4 at addr fff00000c1d5ff75 by task kunit_try_catch/174 [ 19.319455] [ 19.319513] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.319593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.319625] Hardware name: linux,dummy-virt (DT) [ 19.319814] Call trace: [ 19.320114] show_stack+0x20/0x38 (C) [ 19.320256] dump_stack_lvl+0x8c/0xd0 [ 19.320373] print_report+0x118/0x608 [ 19.320513] kasan_report+0xdc/0x128 [ 19.320645] kasan_check_range+0x100/0x1a8 [ 19.321013] __asan_memset+0x34/0x78 [ 19.321176] kmalloc_oob_memset_4+0x150/0x300 [ 19.321309] kunit_try_run_case+0x170/0x3f0 [ 19.321461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.321528] kthread+0x328/0x630 [ 19.321840] ret_from_fork+0x10/0x20 [ 19.322056] [ 19.322107] Allocated by task 174: [ 19.322274] kasan_save_stack+0x3c/0x68 [ 19.322423] kasan_save_track+0x20/0x40 [ 19.322591] kasan_save_alloc_info+0x40/0x58 [ 19.322698] __kasan_kmalloc+0xd4/0xd8 [ 19.322915] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.323039] kmalloc_oob_memset_4+0xb0/0x300 [ 19.323231] kunit_try_run_case+0x170/0x3f0 [ 19.323683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.323810] kthread+0x328/0x630 [ 19.323954] ret_from_fork+0x10/0x20 [ 19.324113] [ 19.324204] The buggy address belongs to the object at fff00000c1d5ff00 [ 19.324204] which belongs to the cache kmalloc-128 of size 128 [ 19.324427] The buggy address is located 117 bytes inside of [ 19.324427] allocated 120-byte region [fff00000c1d5ff00, fff00000c1d5ff78) [ 19.324646] [ 19.324766] The buggy address belongs to the physical page: [ 19.324875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 19.324954] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.325152] page_type: f5(slab) [ 19.325277] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.325397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.325464] page dumped because: kasan: bad access detected [ 19.325838] [ 19.325993] Memory state around the buggy address: [ 19.326206] fff00000c1d5fe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.326276] fff00000c1d5fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.326326] >fff00000c1d5ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.326462] ^ [ 19.326546] fff00000c1d5ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.326690] fff00000c1d60000: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc 00 [ 19.326793] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.300475] ================================================================== [ 19.300925] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 19.300987] Write of size 2 at addr fff00000c1d5fe77 by task kunit_try_catch/172 [ 19.301447] [ 19.301539] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.301765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.301845] Hardware name: linux,dummy-virt (DT) [ 19.301883] Call trace: [ 19.301931] show_stack+0x20/0x38 (C) [ 19.302037] dump_stack_lvl+0x8c/0xd0 [ 19.302093] print_report+0x118/0x608 [ 19.302137] kasan_report+0xdc/0x128 [ 19.302407] kasan_check_range+0x100/0x1a8 [ 19.302553] __asan_memset+0x34/0x78 [ 19.302757] kmalloc_oob_memset_2+0x150/0x2f8 [ 19.302819] kunit_try_run_case+0x170/0x3f0 [ 19.302864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.303211] kthread+0x328/0x630 [ 19.303273] ret_from_fork+0x10/0x20 [ 19.303495] [ 19.303803] Allocated by task 172: [ 19.303838] kasan_save_stack+0x3c/0x68 [ 19.303907] kasan_save_track+0x20/0x40 [ 19.303952] kasan_save_alloc_info+0x40/0x58 [ 19.303990] __kasan_kmalloc+0xd4/0xd8 [ 19.304025] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.304063] kmalloc_oob_memset_2+0xb0/0x2f8 [ 19.304466] kunit_try_run_case+0x170/0x3f0 [ 19.304608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.304855] kthread+0x328/0x630 [ 19.304985] ret_from_fork+0x10/0x20 [ 19.305220] [ 19.305352] The buggy address belongs to the object at fff00000c1d5fe00 [ 19.305352] which belongs to the cache kmalloc-128 of size 128 [ 19.305554] The buggy address is located 119 bytes inside of [ 19.305554] allocated 120-byte region [fff00000c1d5fe00, fff00000c1d5fe78) [ 19.305885] [ 19.305912] The buggy address belongs to the physical page: [ 19.305942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 19.306121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.306285] page_type: f5(slab) [ 19.306574] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.306822] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.307155] page dumped because: kasan: bad access detected [ 19.307219] [ 19.307255] Memory state around the buggy address: [ 19.307704] fff00000c1d5fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.307788] fff00000c1d5fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.308011] >fff00000c1d5fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.308140] ^ [ 19.308200] fff00000c1d5fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.308246] fff00000c1d5ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.308379] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.288929] ================================================================== [ 19.289033] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 19.289101] Write of size 128 at addr fff00000c1d5fd00 by task kunit_try_catch/170 [ 19.289257] [ 19.289293] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.289629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.289681] Hardware name: linux,dummy-virt (DT) [ 19.290007] Call trace: [ 19.290098] show_stack+0x20/0x38 (C) [ 19.290153] dump_stack_lvl+0x8c/0xd0 [ 19.290196] print_report+0x118/0x608 [ 19.290240] kasan_report+0xdc/0x128 [ 19.290322] kasan_check_range+0x100/0x1a8 [ 19.290375] __asan_memset+0x34/0x78 [ 19.290462] kmalloc_oob_in_memset+0x144/0x2d0 [ 19.290549] kunit_try_run_case+0x170/0x3f0 [ 19.290595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.290657] kthread+0x328/0x630 [ 19.290698] ret_from_fork+0x10/0x20 [ 19.290753] [ 19.290771] Allocated by task 170: [ 19.290946] kasan_save_stack+0x3c/0x68 [ 19.291001] kasan_save_track+0x20/0x40 [ 19.291182] kasan_save_alloc_info+0x40/0x58 [ 19.291235] __kasan_kmalloc+0xd4/0xd8 [ 19.291270] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.291307] kmalloc_oob_in_memset+0xb0/0x2d0 [ 19.291350] kunit_try_run_case+0x170/0x3f0 [ 19.291386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.291461] kthread+0x328/0x630 [ 19.291551] ret_from_fork+0x10/0x20 [ 19.291752] [ 19.291785] The buggy address belongs to the object at fff00000c1d5fd00 [ 19.291785] which belongs to the cache kmalloc-128 of size 128 [ 19.291843] The buggy address is located 0 bytes inside of [ 19.291843] allocated 120-byte region [fff00000c1d5fd00, fff00000c1d5fd78) [ 19.291903] [ 19.291922] The buggy address belongs to the physical page: [ 19.292187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 19.292288] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.292498] page_type: f5(slab) [ 19.292605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.292785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.292903] page dumped because: kasan: bad access detected [ 19.292945] [ 19.292963] Memory state around the buggy address: [ 19.293008] fff00000c1d5fc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.293056] fff00000c1d5fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.293122] >fff00000c1d5fd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.293158] ^ [ 19.293204] fff00000c1d5fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.293253] fff00000c1d5fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.293311] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.269867] ================================================================== [ 19.269922] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 19.269970] Read of size 16 at addr fff00000c564f340 by task kunit_try_catch/168 [ 19.270019] [ 19.270048] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.270125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.270151] Hardware name: linux,dummy-virt (DT) [ 19.270179] Call trace: [ 19.270200] show_stack+0x20/0x38 (C) [ 19.270246] dump_stack_lvl+0x8c/0xd0 [ 19.270304] print_report+0x118/0x608 [ 19.270348] kasan_report+0xdc/0x128 [ 19.270413] __asan_report_load16_noabort+0x20/0x30 [ 19.270464] kmalloc_uaf_16+0x3bc/0x438 [ 19.270506] kunit_try_run_case+0x170/0x3f0 [ 19.270552] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270602] kthread+0x328/0x630 [ 19.270641] ret_from_fork+0x10/0x20 [ 19.270695] [ 19.271481] Allocated by task 168: [ 19.271558] kasan_save_stack+0x3c/0x68 [ 19.271602] kasan_save_track+0x20/0x40 [ 19.271637] kasan_save_alloc_info+0x40/0x58 [ 19.271756] __kasan_kmalloc+0xd4/0xd8 [ 19.272788] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.272951] kmalloc_uaf_16+0x140/0x438 [ 19.273120] kunit_try_run_case+0x170/0x3f0 [ 19.273196] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.273239] kthread+0x328/0x630 [ 19.273669] ret_from_fork+0x10/0x20 [ 19.274367] [ 19.274497] Freed by task 168: [ 19.274575] kasan_save_stack+0x3c/0x68 [ 19.274739] kasan_save_track+0x20/0x40 [ 19.274896] kasan_save_free_info+0x4c/0x78 [ 19.274946] __kasan_slab_free+0x6c/0x98 [ 19.275120] kfree+0x214/0x3c8 [ 19.275564] kmalloc_uaf_16+0x190/0x438 [ 19.275648] kunit_try_run_case+0x170/0x3f0 [ 19.275754] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.275860] kthread+0x328/0x630 [ 19.275986] ret_from_fork+0x10/0x20 [ 19.276111] [ 19.276184] The buggy address belongs to the object at fff00000c564f340 [ 19.276184] which belongs to the cache kmalloc-16 of size 16 [ 19.276385] The buggy address is located 0 bytes inside of [ 19.276385] freed 16-byte region [fff00000c564f340, fff00000c564f350) [ 19.276471] [ 19.276490] The buggy address belongs to the physical page: [ 19.276845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 19.276953] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.277069] page_type: f5(slab) [ 19.277129] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.277197] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.277544] page dumped because: kasan: bad access detected [ 19.277604] [ 19.277639] Memory state around the buggy address: [ 19.277777] fff00000c564f200: fa fb fc fc fa fb fc fc 00 01 fc fc fa fb fc fc [ 19.277930] fff00000c564f280: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.278165] >fff00000c564f300: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 19.278205] ^ [ 19.278574] fff00000c564f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278702] fff00000c564f400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278752] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.257124] ================================================================== [ 19.257259] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 19.257312] Write of size 16 at addr fff00000c564f2e0 by task kunit_try_catch/166 [ 19.257361] [ 19.257743] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.257838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.257881] Hardware name: linux,dummy-virt (DT) [ 19.258026] Call trace: [ 19.258276] show_stack+0x20/0x38 (C) [ 19.258344] dump_stack_lvl+0x8c/0xd0 [ 19.258390] print_report+0x118/0x608 [ 19.258434] kasan_report+0xdc/0x128 [ 19.258482] __asan_report_store16_noabort+0x20/0x30 [ 19.258535] kmalloc_oob_16+0x3a0/0x3f8 [ 19.258577] kunit_try_run_case+0x170/0x3f0 [ 19.258623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.259241] kthread+0x328/0x630 [ 19.259347] ret_from_fork+0x10/0x20 [ 19.259400] [ 19.259418] Allocated by task 166: [ 19.259449] kasan_save_stack+0x3c/0x68 [ 19.259538] kasan_save_track+0x20/0x40 [ 19.259641] kasan_save_alloc_info+0x40/0x58 [ 19.259679] __kasan_kmalloc+0xd4/0xd8 [ 19.260024] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.260134] kmalloc_oob_16+0xb4/0x3f8 [ 19.260252] kunit_try_run_case+0x170/0x3f0 [ 19.260348] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.260492] kthread+0x328/0x630 [ 19.260544] ret_from_fork+0x10/0x20 [ 19.260794] [ 19.260941] The buggy address belongs to the object at fff00000c564f2e0 [ 19.260941] which belongs to the cache kmalloc-16 of size 16 [ 19.261368] The buggy address is located 0 bytes inside of [ 19.261368] allocated 13-byte region [fff00000c564f2e0, fff00000c564f2ed) [ 19.261529] [ 19.261551] The buggy address belongs to the physical page: [ 19.261617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 19.261823] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.262368] page_type: f5(slab) [ 19.262459] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.262565] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.262615] page dumped because: kasan: bad access detected [ 19.262655] [ 19.262688] Memory state around the buggy address: [ 19.262731] fff00000c564f180: 00 05 fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 19.262772] fff00000c564f200: fa fb fc fc fa fb fc fc 00 01 fc fc fa fb fc fc [ 19.262813] >fff00000c564f280: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 19.262850] ^ [ 19.262887] fff00000c564f300: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.262954] fff00000c564f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.262992] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.240586] ================================================================== [ 19.240799] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 19.240859] Read of size 1 at addr fff00000c1b1ba00 by task kunit_try_catch/164 [ 19.240907] [ 19.240938] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.241025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.241053] Hardware name: linux,dummy-virt (DT) [ 19.241081] Call trace: [ 19.241109] show_stack+0x20/0x38 (C) [ 19.241155] dump_stack_lvl+0x8c/0xd0 [ 19.241199] print_report+0x118/0x608 [ 19.241243] kasan_report+0xdc/0x128 [ 19.241286] __asan_report_load1_noabort+0x20/0x30 [ 19.241344] krealloc_uaf+0x4c8/0x520 [ 19.241387] kunit_try_run_case+0x170/0x3f0 [ 19.241431] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241482] kthread+0x328/0x630 [ 19.241521] ret_from_fork+0x10/0x20 [ 19.241567] [ 19.241593] Allocated by task 164: [ 19.241620] kasan_save_stack+0x3c/0x68 [ 19.241659] kasan_save_track+0x20/0x40 [ 19.241694] kasan_save_alloc_info+0x40/0x58 [ 19.241750] __kasan_kmalloc+0xd4/0xd8 [ 19.241791] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.241837] krealloc_uaf+0xc8/0x520 [ 19.241871] kunit_try_run_case+0x170/0x3f0 [ 19.241906] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241949] kthread+0x328/0x630 [ 19.241980] ret_from_fork+0x10/0x20 [ 19.242014] [ 19.242031] Freed by task 164: [ 19.242055] kasan_save_stack+0x3c/0x68 [ 19.242091] kasan_save_track+0x20/0x40 [ 19.242125] kasan_save_free_info+0x4c/0x78 [ 19.242162] __kasan_slab_free+0x6c/0x98 [ 19.242198] kfree+0x214/0x3c8 [ 19.242228] krealloc_uaf+0x12c/0x520 [ 19.242261] kunit_try_run_case+0x170/0x3f0 [ 19.242297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.242339] kthread+0x328/0x630 [ 19.242369] ret_from_fork+0x10/0x20 [ 19.242402] [ 19.242425] The buggy address belongs to the object at fff00000c1b1ba00 [ 19.242425] which belongs to the cache kmalloc-256 of size 256 [ 19.242480] The buggy address is located 0 bytes inside of [ 19.242480] freed 256-byte region [fff00000c1b1ba00, fff00000c1b1bb00) [ 19.242545] [ 19.242564] The buggy address belongs to the physical page: [ 19.242593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.242643] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.242688] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.243453] page_type: f5(slab) [ 19.243514] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.243571] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.243633] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.244020] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.244083] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.244299] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.244490] page dumped because: kasan: bad access detected [ 19.244570] [ 19.244608] Memory state around the buggy address: [ 19.244893] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.244983] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.245050] >fff00000c1b1ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.245136] ^ [ 19.245247] fff00000c1b1ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.245371] fff00000c1b1bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.245529] ================================================================== [ 19.228669] ================================================================== [ 19.229125] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 19.229245] Read of size 1 at addr fff00000c1b1ba00 by task kunit_try_catch/164 [ 19.229462] [ 19.229597] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.229695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229773] Hardware name: linux,dummy-virt (DT) [ 19.229861] Call trace: [ 19.229884] show_stack+0x20/0x38 (C) [ 19.230205] dump_stack_lvl+0x8c/0xd0 [ 19.230356] print_report+0x118/0x608 [ 19.230450] kasan_report+0xdc/0x128 [ 19.230495] __kasan_check_byte+0x54/0x70 [ 19.230689] krealloc_noprof+0x44/0x360 [ 19.230753] krealloc_uaf+0x180/0x520 [ 19.230909] kunit_try_run_case+0x170/0x3f0 [ 19.231014] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.231287] kthread+0x328/0x630 [ 19.231473] ret_from_fork+0x10/0x20 [ 19.231584] [ 19.231703] Allocated by task 164: [ 19.231799] kasan_save_stack+0x3c/0x68 [ 19.231849] kasan_save_track+0x20/0x40 [ 19.231885] kasan_save_alloc_info+0x40/0x58 [ 19.232196] __kasan_kmalloc+0xd4/0xd8 [ 19.232409] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.232755] krealloc_uaf+0xc8/0x520 [ 19.232922] kunit_try_run_case+0x170/0x3f0 [ 19.233036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233082] kthread+0x328/0x630 [ 19.233149] ret_from_fork+0x10/0x20 [ 19.233298] [ 19.233562] Freed by task 164: [ 19.233699] kasan_save_stack+0x3c/0x68 [ 19.233797] kasan_save_track+0x20/0x40 [ 19.233937] kasan_save_free_info+0x4c/0x78 [ 19.234361] __kasan_slab_free+0x6c/0x98 [ 19.234426] kfree+0x214/0x3c8 [ 19.234555] krealloc_uaf+0x12c/0x520 [ 19.234716] kunit_try_run_case+0x170/0x3f0 [ 19.234815] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.234940] kthread+0x328/0x630 [ 19.234973] ret_from_fork+0x10/0x20 [ 19.235024] [ 19.235045] The buggy address belongs to the object at fff00000c1b1ba00 [ 19.235045] which belongs to the cache kmalloc-256 of size 256 [ 19.235181] The buggy address is located 0 bytes inside of [ 19.235181] freed 256-byte region [fff00000c1b1ba00, fff00000c1b1bb00) [ 19.235265] [ 19.235295] The buggy address belongs to the physical page: [ 19.235333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.235385] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.235439] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.235629] page_type: f5(slab) [ 19.235998] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.236118] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.236213] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.236405] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.236500] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.236625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.236666] page dumped because: kasan: bad access detected [ 19.237166] [ 19.237192] Memory state around the buggy address: [ 19.237528] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237653] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237852] >fff00000c1b1ba00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.238057] ^ [ 19.238144] fff00000c1b1ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.238327] fff00000c1b1bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.238551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 19.216357] ================================================================== [ 19.216422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.216530] Write of size 1 at addr fff00000c781a0eb by task kunit_try_catch/162 [ 19.216614] [ 19.216731] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.216841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.216867] Hardware name: linux,dummy-virt (DT) [ 19.216902] Call trace: [ 19.217077] show_stack+0x20/0x38 (C) [ 19.217244] dump_stack_lvl+0x8c/0xd0 [ 19.217299] print_report+0x118/0x608 [ 19.217343] kasan_report+0xdc/0x128 [ 19.217386] __asan_report_store1_noabort+0x20/0x30 [ 19.217489] krealloc_less_oob_helper+0xa58/0xc50 [ 19.217574] krealloc_large_less_oob+0x20/0x38 [ 19.217621] kunit_try_run_case+0x170/0x3f0 [ 19.217861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.217964] kthread+0x328/0x630 [ 19.218017] ret_from_fork+0x10/0x20 [ 19.218062] [ 19.218262] The buggy address belongs to the physical page: [ 19.218357] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.218463] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.218600] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.218827] page_type: f8(unknown) [ 19.218929] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.218981] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.219058] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.219275] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.219341] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.219480] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.219668] page dumped because: kasan: bad access detected [ 19.219853] [ 19.219920] Memory state around the buggy address: [ 19.219955] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.220023] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.220064] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.220503] ^ [ 19.220607] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.220768] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.220849] ================================================================== [ 19.132817] ================================================================== [ 19.132986] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.133041] Write of size 1 at addr fff00000c1b1b8d0 by task kunit_try_catch/158 [ 19.133194] [ 19.133420] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.133510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.133535] Hardware name: linux,dummy-virt (DT) [ 19.133563] Call trace: [ 19.133641] show_stack+0x20/0x38 (C) [ 19.133694] dump_stack_lvl+0x8c/0xd0 [ 19.133790] print_report+0x118/0x608 [ 19.133834] kasan_report+0xdc/0x128 [ 19.134048] __asan_report_store1_noabort+0x20/0x30 [ 19.134117] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.134165] krealloc_less_oob+0x20/0x38 [ 19.134217] kunit_try_run_case+0x170/0x3f0 [ 19.134262] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.134474] kthread+0x328/0x630 [ 19.134528] ret_from_fork+0x10/0x20 [ 19.134574] [ 19.134592] Allocated by task 158: [ 19.134757] kasan_save_stack+0x3c/0x68 [ 19.134810] kasan_save_track+0x20/0x40 [ 19.134867] kasan_save_alloc_info+0x40/0x58 [ 19.135025] __kasan_krealloc+0x118/0x178 [ 19.135083] krealloc_noprof+0x128/0x360 [ 19.135119] krealloc_less_oob_helper+0x168/0xc50 [ 19.135495] krealloc_less_oob+0x20/0x38 [ 19.135602] kunit_try_run_case+0x170/0x3f0 [ 19.135648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.135689] kthread+0x328/0x630 [ 19.135730] ret_from_fork+0x10/0x20 [ 19.136074] [ 19.136215] The buggy address belongs to the object at fff00000c1b1b800 [ 19.136215] which belongs to the cache kmalloc-256 of size 256 [ 19.136414] The buggy address is located 7 bytes to the right of [ 19.136414] allocated 201-byte region [fff00000c1b1b800, fff00000c1b1b8c9) [ 19.136535] [ 19.136565] The buggy address belongs to the physical page: [ 19.136638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.137101] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.137215] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.137358] page_type: f5(slab) [ 19.137448] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.137632] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.137701] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.138108] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.138194] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.138687] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.138782] page dumped because: kasan: bad access detected [ 19.138871] [ 19.139022] Memory state around the buggy address: [ 19.139109] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139160] fff00000c1b1b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.139485] >fff00000c1b1b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.139556] ^ [ 19.139703] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139910] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.140007] ================================================================== [ 19.210378] ================================================================== [ 19.210422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.210468] Write of size 1 at addr fff00000c781a0ea by task kunit_try_catch/162 [ 19.210573] [ 19.210601] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.210852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.210887] Hardware name: linux,dummy-virt (DT) [ 19.211093] Call trace: [ 19.211137] show_stack+0x20/0x38 (C) [ 19.211245] dump_stack_lvl+0x8c/0xd0 [ 19.211291] print_report+0x118/0x608 [ 19.211335] kasan_report+0xdc/0x128 [ 19.211378] __asan_report_store1_noabort+0x20/0x30 [ 19.211535] krealloc_less_oob_helper+0xae4/0xc50 [ 19.211986] krealloc_large_less_oob+0x20/0x38 [ 19.212091] kunit_try_run_case+0x170/0x3f0 [ 19.212243] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.212348] kthread+0x328/0x630 [ 19.212493] ret_from_fork+0x10/0x20 [ 19.212749] [ 19.212846] The buggy address belongs to the physical page: [ 19.212985] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.213097] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.213158] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.213211] page_type: f8(unknown) [ 19.213254] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.213303] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.213361] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.213423] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.213471] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.213517] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.213556] page dumped because: kasan: bad access detected [ 19.213595] [ 19.213612] Memory state around the buggy address: [ 19.213642] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.213682] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.213757] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.213903] ^ [ 19.214507] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.214575] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.215150] ================================================================== [ 19.158003] ================================================================== [ 19.158050] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 19.158507] Write of size 1 at addr fff00000c1b1b8eb by task kunit_try_catch/158 [ 19.158576] [ 19.158700] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.158919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.158953] Hardware name: linux,dummy-virt (DT) [ 19.158999] Call trace: [ 19.159021] show_stack+0x20/0x38 (C) [ 19.159351] dump_stack_lvl+0x8c/0xd0 [ 19.159504] print_report+0x118/0x608 [ 19.159552] kasan_report+0xdc/0x128 [ 19.159595] __asan_report_store1_noabort+0x20/0x30 [ 19.159911] krealloc_less_oob_helper+0xa58/0xc50 [ 19.159987] krealloc_less_oob+0x20/0x38 [ 19.160086] kunit_try_run_case+0x170/0x3f0 [ 19.160139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.160371] kthread+0x328/0x630 [ 19.160556] ret_from_fork+0x10/0x20 [ 19.160829] [ 19.160921] Allocated by task 158: [ 19.160950] kasan_save_stack+0x3c/0x68 [ 19.161127] kasan_save_track+0x20/0x40 [ 19.161316] kasan_save_alloc_info+0x40/0x58 [ 19.161398] __kasan_krealloc+0x118/0x178 [ 19.161449] krealloc_noprof+0x128/0x360 [ 19.161605] krealloc_less_oob_helper+0x168/0xc50 [ 19.161866] krealloc_less_oob+0x20/0x38 [ 19.161963] kunit_try_run_case+0x170/0x3f0 [ 19.162015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.162198] kthread+0x328/0x630 [ 19.162387] ret_from_fork+0x10/0x20 [ 19.162464] [ 19.162593] The buggy address belongs to the object at fff00000c1b1b800 [ 19.162593] which belongs to the cache kmalloc-256 of size 256 [ 19.162686] The buggy address is located 34 bytes to the right of [ 19.162686] allocated 201-byte region [fff00000c1b1b800, fff00000c1b1b8c9) [ 19.162893] [ 19.163098] The buggy address belongs to the physical page: [ 19.163160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.163339] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.163391] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.163457] page_type: f5(slab) [ 19.163515] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.163564] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.163622] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.163678] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.163738] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.164285] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.164424] page dumped because: kasan: bad access detected [ 19.164510] [ 19.164654] Memory state around the buggy address: [ 19.164812] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.164885] fff00000c1b1b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.164926] >fff00000c1b1b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.165120] ^ [ 19.165165] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.165470] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.165580] ================================================================== [ 19.197113] ================================================================== [ 19.197188] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 19.197240] Write of size 1 at addr fff00000c781a0d0 by task kunit_try_catch/162 [ 19.197288] [ 19.197575] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.197819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.197856] Hardware name: linux,dummy-virt (DT) [ 19.197886] Call trace: [ 19.197945] show_stack+0x20/0x38 (C) [ 19.198285] dump_stack_lvl+0x8c/0xd0 [ 19.198359] print_report+0x118/0x608 [ 19.198405] kasan_report+0xdc/0x128 [ 19.198448] __asan_report_store1_noabort+0x20/0x30 [ 19.198817] krealloc_less_oob_helper+0xb9c/0xc50 [ 19.198937] krealloc_large_less_oob+0x20/0x38 [ 19.198989] kunit_try_run_case+0x170/0x3f0 [ 19.199033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.199219] kthread+0x328/0x630 [ 19.199274] ret_from_fork+0x10/0x20 [ 19.199320] [ 19.199470] The buggy address belongs to the physical page: [ 19.199679] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.199748] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.199800] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.200135] page_type: f8(unknown) [ 19.200209] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.200315] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.200365] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.200586] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.200641] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.201014] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.201153] page dumped because: kasan: bad access detected [ 19.201223] [ 19.201360] Memory state around the buggy address: [ 19.201435] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.201911] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.201995] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.202139] ^ [ 19.202215] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.202274] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.202787] ================================================================== [ 19.141260] ================================================================== [ 19.141382] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.141553] Write of size 1 at addr fff00000c1b1b8da by task kunit_try_catch/158 [ 19.141820] [ 19.141896] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.141985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.142141] Hardware name: linux,dummy-virt (DT) [ 19.142324] Call trace: [ 19.142376] show_stack+0x20/0x38 (C) [ 19.142427] dump_stack_lvl+0x8c/0xd0 [ 19.142538] print_report+0x118/0x608 [ 19.142624] kasan_report+0xdc/0x128 [ 19.142668] __asan_report_store1_noabort+0x20/0x30 [ 19.142815] krealloc_less_oob_helper+0xa80/0xc50 [ 19.142886] krealloc_less_oob+0x20/0x38 [ 19.143064] kunit_try_run_case+0x170/0x3f0 [ 19.143280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.143356] kthread+0x328/0x630 [ 19.143471] ret_from_fork+0x10/0x20 [ 19.143610] [ 19.143737] Allocated by task 158: [ 19.143786] kasan_save_stack+0x3c/0x68 [ 19.143860] kasan_save_track+0x20/0x40 [ 19.143899] kasan_save_alloc_info+0x40/0x58 [ 19.144296] __kasan_krealloc+0x118/0x178 [ 19.144407] krealloc_noprof+0x128/0x360 [ 19.144495] krealloc_less_oob_helper+0x168/0xc50 [ 19.144636] krealloc_less_oob+0x20/0x38 [ 19.144694] kunit_try_run_case+0x170/0x3f0 [ 19.144824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.144884] kthread+0x328/0x630 [ 19.144948] ret_from_fork+0x10/0x20 [ 19.145113] [ 19.145312] The buggy address belongs to the object at fff00000c1b1b800 [ 19.145312] which belongs to the cache kmalloc-256 of size 256 [ 19.145411] The buggy address is located 17 bytes to the right of [ 19.145411] allocated 201-byte region [fff00000c1b1b800, fff00000c1b1b8c9) [ 19.145586] [ 19.145625] The buggy address belongs to the physical page: [ 19.145739] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.145792] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.146175] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.146282] page_type: f5(slab) [ 19.146360] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.146507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.146605] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.147066] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.147173] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.147270] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.147412] page dumped because: kasan: bad access detected [ 19.147499] [ 19.147550] Memory state around the buggy address: [ 19.147656] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.147698] fff00000c1b1b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.147762] >fff00000c1b1b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.147798] ^ [ 19.148140] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.148252] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.148361] ================================================================== [ 19.149672] ================================================================== [ 19.149736] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 19.149783] Write of size 1 at addr fff00000c1b1b8ea by task kunit_try_catch/158 [ 19.149856] [ 19.149886] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.149963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.149998] Hardware name: linux,dummy-virt (DT) [ 19.150033] Call trace: [ 19.150064] show_stack+0x20/0x38 (C) [ 19.150110] dump_stack_lvl+0x8c/0xd0 [ 19.150163] print_report+0x118/0x608 [ 19.150215] kasan_report+0xdc/0x128 [ 19.150260] __asan_report_store1_noabort+0x20/0x30 [ 19.150317] krealloc_less_oob_helper+0xae4/0xc50 [ 19.150364] krealloc_less_oob+0x20/0x38 [ 19.150414] kunit_try_run_case+0x170/0x3f0 [ 19.150467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.150518] kthread+0x328/0x630 [ 19.150557] ret_from_fork+0x10/0x20 [ 19.150610] [ 19.150628] Allocated by task 158: [ 19.150654] kasan_save_stack+0x3c/0x68 [ 19.150693] kasan_save_track+0x20/0x40 [ 19.150739] kasan_save_alloc_info+0x40/0x58 [ 19.150777] __kasan_krealloc+0x118/0x178 [ 19.150986] krealloc_noprof+0x128/0x360 [ 19.151057] krealloc_less_oob_helper+0x168/0xc50 [ 19.151492] krealloc_less_oob+0x20/0x38 [ 19.151564] kunit_try_run_case+0x170/0x3f0 [ 19.151718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.152150] kthread+0x328/0x630 [ 19.152208] ret_from_fork+0x10/0x20 [ 19.152861] [ 19.152897] The buggy address belongs to the object at fff00000c1b1b800 [ 19.152897] which belongs to the cache kmalloc-256 of size 256 [ 19.153098] The buggy address is located 33 bytes to the right of [ 19.153098] allocated 201-byte region [fff00000c1b1b800, fff00000c1b1b8c9) [ 19.153366] [ 19.153432] The buggy address belongs to the physical page: [ 19.153498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.153576] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.154303] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.154419] page_type: f5(slab) [ 19.154906] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.155011] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.155452] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.155615] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.155706] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.155763] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.155801] page dumped because: kasan: bad access detected [ 19.156149] [ 19.156231] Memory state around the buggy address: [ 19.156626] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.156789] fff00000c1b1b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.156872] >fff00000c1b1b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.156979] ^ [ 19.157055] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.157122] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.157266] ================================================================== [ 19.128498] ================================================================== [ 19.128785] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.128847] Write of size 1 at addr fff00000c1b1b8c9 by task kunit_try_catch/158 [ 19.128895] [ 19.128930] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.129008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.129038] Hardware name: linux,dummy-virt (DT) [ 19.129067] Call trace: [ 19.129087] show_stack+0x20/0x38 (C) [ 19.129133] dump_stack_lvl+0x8c/0xd0 [ 19.129177] print_report+0x118/0x608 [ 19.129231] kasan_report+0xdc/0x128 [ 19.129275] __asan_report_store1_noabort+0x20/0x30 [ 19.129332] krealloc_less_oob_helper+0xa48/0xc50 [ 19.129379] krealloc_less_oob+0x20/0x38 [ 19.129422] kunit_try_run_case+0x170/0x3f0 [ 19.129476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.129526] kthread+0x328/0x630 [ 19.129566] ret_from_fork+0x10/0x20 [ 19.129613] [ 19.129631] Allocated by task 158: [ 19.129663] kasan_save_stack+0x3c/0x68 [ 19.129720] kasan_save_track+0x20/0x40 [ 19.129756] kasan_save_alloc_info+0x40/0x58 [ 19.129799] __kasan_krealloc+0x118/0x178 [ 19.129835] krealloc_noprof+0x128/0x360 [ 19.129870] krealloc_less_oob_helper+0x168/0xc50 [ 19.129907] krealloc_less_oob+0x20/0x38 [ 19.129950] kunit_try_run_case+0x170/0x3f0 [ 19.129986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.130027] kthread+0x328/0x630 [ 19.130057] ret_from_fork+0x10/0x20 [ 19.130099] [ 19.130117] The buggy address belongs to the object at fff00000c1b1b800 [ 19.130117] which belongs to the cache kmalloc-256 of size 256 [ 19.130171] The buggy address is located 0 bytes to the right of [ 19.130171] allocated 201-byte region [fff00000c1b1b800, fff00000c1b1b8c9) [ 19.130232] [ 19.130251] The buggy address belongs to the physical page: [ 19.130288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.130340] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.130386] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.130434] page_type: f5(slab) [ 19.130469] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.130526] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.130576] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.130624] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.130678] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.131556] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.131629] page dumped because: kasan: bad access detected [ 19.131685] [ 19.131735] Memory state around the buggy address: [ 19.131800] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.131868] fff00000c1b1b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.131917] >fff00000c1b1b880: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 19.131969] ^ [ 19.132023] fff00000c1b1b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.132235] fff00000c1b1b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.132453] ================================================================== [ 19.204486] ================================================================== [ 19.204535] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 19.204591] Write of size 1 at addr fff00000c781a0da by task kunit_try_catch/162 [ 19.204913] [ 19.205042] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.205177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.205202] Hardware name: linux,dummy-virt (DT) [ 19.205231] Call trace: [ 19.205251] show_stack+0x20/0x38 (C) [ 19.205413] dump_stack_lvl+0x8c/0xd0 [ 19.205505] print_report+0x118/0x608 [ 19.205721] kasan_report+0xdc/0x128 [ 19.205774] __asan_report_store1_noabort+0x20/0x30 [ 19.205923] krealloc_less_oob_helper+0xa80/0xc50 [ 19.205974] krealloc_large_less_oob+0x20/0x38 [ 19.206019] kunit_try_run_case+0x170/0x3f0 [ 19.206063] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.206128] kthread+0x328/0x630 [ 19.206184] ret_from_fork+0x10/0x20 [ 19.206230] [ 19.206249] The buggy address belongs to the physical page: [ 19.206610] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.206752] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.206837] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.206946] page_type: f8(unknown) [ 19.207014] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.207068] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.207134] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.207181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.207350] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.207409] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.207554] page dumped because: kasan: bad access detected [ 19.207600] [ 19.207784] Memory state around the buggy address: [ 19.207881] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.208050] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.208091] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.208134] ^ [ 19.208490] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.208547] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.208660] ================================================================== [ 19.190269] ================================================================== [ 19.190334] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 19.190383] Write of size 1 at addr fff00000c781a0c9 by task kunit_try_catch/162 [ 19.190431] [ 19.190462] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.190550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.190575] Hardware name: linux,dummy-virt (DT) [ 19.190604] Call trace: [ 19.190630] show_stack+0x20/0x38 (C) [ 19.190675] dump_stack_lvl+0x8c/0xd0 [ 19.190936] print_report+0x118/0x608 [ 19.190991] kasan_report+0xdc/0x128 [ 19.191036] __asan_report_store1_noabort+0x20/0x30 [ 19.191925] krealloc_less_oob_helper+0xa48/0xc50 [ 19.192250] krealloc_large_less_oob+0x20/0x38 [ 19.192302] kunit_try_run_case+0x170/0x3f0 [ 19.192365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.192756] kthread+0x328/0x630 [ 19.192814] ret_from_fork+0x10/0x20 [ 19.193099] [ 19.193273] The buggy address belongs to the physical page: [ 19.193325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.193531] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.193896] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.194093] page_type: f8(unknown) [ 19.194259] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.194357] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.194503] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.194623] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.194724] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.195122] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.195170] page dumped because: kasan: bad access detected [ 19.195218] [ 19.195292] Memory state around the buggy address: [ 19.195575] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.195660] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.195802] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 19.195840] ^ [ 19.195874] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.195914] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.195961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 19.102420] ================================================================== [ 19.102704] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.102951] Write of size 1 at addr fff00000c1b1b6eb by task kunit_try_catch/156 [ 19.103057] [ 19.103095] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.103226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.103286] Hardware name: linux,dummy-virt (DT) [ 19.103364] Call trace: [ 19.103385] show_stack+0x20/0x38 (C) [ 19.103764] dump_stack_lvl+0x8c/0xd0 [ 19.103989] print_report+0x118/0x608 [ 19.104152] kasan_report+0xdc/0x128 [ 19.104249] __asan_report_store1_noabort+0x20/0x30 [ 19.104349] krealloc_more_oob_helper+0x60c/0x678 [ 19.104411] krealloc_more_oob+0x20/0x38 [ 19.104454] kunit_try_run_case+0x170/0x3f0 [ 19.104499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.104688] kthread+0x328/0x630 [ 19.104939] ret_from_fork+0x10/0x20 [ 19.105106] [ 19.105140] Allocated by task 156: [ 19.105248] kasan_save_stack+0x3c/0x68 [ 19.105291] kasan_save_track+0x20/0x40 [ 19.105326] kasan_save_alloc_info+0x40/0x58 [ 19.105363] __kasan_krealloc+0x118/0x178 [ 19.105400] krealloc_noprof+0x128/0x360 [ 19.105450] krealloc_more_oob_helper+0x168/0x678 [ 19.105496] krealloc_more_oob+0x20/0x38 [ 19.105537] kunit_try_run_case+0x170/0x3f0 [ 19.105588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.105629] kthread+0x328/0x630 [ 19.105669] ret_from_fork+0x10/0x20 [ 19.105747] [ 19.105875] The buggy address belongs to the object at fff00000c1b1b600 [ 19.105875] which belongs to the cache kmalloc-256 of size 256 [ 19.106203] The buggy address is located 0 bytes to the right of [ 19.106203] allocated 235-byte region [fff00000c1b1b600, fff00000c1b1b6eb) [ 19.106382] [ 19.106471] The buggy address belongs to the physical page: [ 19.106591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.106674] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.106840] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.107089] page_type: f5(slab) [ 19.107308] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.107427] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.107560] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.107704] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.108145] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.108329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.108663] page dumped because: kasan: bad access detected [ 19.108802] [ 19.108820] Memory state around the buggy address: [ 19.108899] fff00000c1b1b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.109272] fff00000c1b1b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.109328] >fff00000c1b1b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.109488] ^ [ 19.109586] fff00000c1b1b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.109744] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.109888] ================================================================== [ 19.180259] ================================================================== [ 19.180317] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.180428] Write of size 1 at addr fff00000c781a0f0 by task kunit_try_catch/160 [ 19.180493] [ 19.180550] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.180738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.180795] Hardware name: linux,dummy-virt (DT) [ 19.180850] Call trace: [ 19.180935] show_stack+0x20/0x38 (C) [ 19.180984] dump_stack_lvl+0x8c/0xd0 [ 19.181027] print_report+0x118/0x608 [ 19.181199] kasan_report+0xdc/0x128 [ 19.181259] __asan_report_store1_noabort+0x20/0x30 [ 19.181459] krealloc_more_oob_helper+0x5c0/0x678 [ 19.181520] krealloc_large_more_oob+0x20/0x38 [ 19.181565] kunit_try_run_case+0x170/0x3f0 [ 19.181619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.181752] kthread+0x328/0x630 [ 19.181828] ret_from_fork+0x10/0x20 [ 19.181882] [ 19.181902] The buggy address belongs to the physical page: [ 19.182195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.182379] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.182473] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.182624] page_type: f8(unknown) [ 19.182744] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.182797] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.183022] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.183175] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.183234] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.183640] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.184047] page dumped because: kasan: bad access detected [ 19.184117] [ 19.184154] Memory state around the buggy address: [ 19.184256] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.184371] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.184414] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.184476] ^ [ 19.184536] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.184848] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.184918] ================================================================== [ 19.173349] ================================================================== [ 19.173466] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 19.173517] Write of size 1 at addr fff00000c781a0eb by task kunit_try_catch/160 [ 19.173673] [ 19.173816] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.173902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.174138] Hardware name: linux,dummy-virt (DT) [ 19.174299] Call trace: [ 19.174377] show_stack+0x20/0x38 (C) [ 19.174430] dump_stack_lvl+0x8c/0xd0 [ 19.174474] print_report+0x118/0x608 [ 19.174608] kasan_report+0xdc/0x128 [ 19.174667] __asan_report_store1_noabort+0x20/0x30 [ 19.174755] krealloc_more_oob_helper+0x60c/0x678 [ 19.175061] krealloc_large_more_oob+0x20/0x38 [ 19.175420] kunit_try_run_case+0x170/0x3f0 [ 19.175547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.175661] kthread+0x328/0x630 [ 19.175826] ret_from_fork+0x10/0x20 [ 19.175871] [ 19.175891] The buggy address belongs to the physical page: [ 19.176195] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818 [ 19.176362] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.176459] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.176638] page_type: f8(unknown) [ 19.176776] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.176884] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.176942] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.177352] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.177500] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff [ 19.177762] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.177909] page dumped because: kasan: bad access detected [ 19.177941] [ 19.177997] Memory state around the buggy address: [ 19.178069] fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.178420] fff00000c781a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.178585] >fff00000c781a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 19.178732] ^ [ 19.178847] fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.178892] fff00000c781a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.179111] ================================================================== [ 19.112781] ================================================================== [ 19.112865] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 19.112918] Write of size 1 at addr fff00000c1b1b6f0 by task kunit_try_catch/156 [ 19.112974] [ 19.113146] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.113235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.113299] Hardware name: linux,dummy-virt (DT) [ 19.113537] Call trace: [ 19.113572] show_stack+0x20/0x38 (C) [ 19.113744] dump_stack_lvl+0x8c/0xd0 [ 19.113799] print_report+0x118/0x608 [ 19.114011] kasan_report+0xdc/0x128 [ 19.114086] __asan_report_store1_noabort+0x20/0x30 [ 19.114137] krealloc_more_oob_helper+0x5c0/0x678 [ 19.114184] krealloc_more_oob+0x20/0x38 [ 19.114226] kunit_try_run_case+0x170/0x3f0 [ 19.114272] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.114332] kthread+0x328/0x630 [ 19.114372] ret_from_fork+0x10/0x20 [ 19.114427] [ 19.114445] Allocated by task 156: [ 19.114472] kasan_save_stack+0x3c/0x68 [ 19.114511] kasan_save_track+0x20/0x40 [ 19.114546] kasan_save_alloc_info+0x40/0x58 [ 19.114586] __kasan_krealloc+0x118/0x178 [ 19.114621] krealloc_noprof+0x128/0x360 [ 19.114656] krealloc_more_oob_helper+0x168/0x678 [ 19.114693] krealloc_more_oob+0x20/0x38 [ 19.114738] kunit_try_run_case+0x170/0x3f0 [ 19.114782] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.114824] kthread+0x328/0x630 [ 19.114863] ret_from_fork+0x10/0x20 [ 19.114898] [ 19.114916] The buggy address belongs to the object at fff00000c1b1b600 [ 19.114916] which belongs to the cache kmalloc-256 of size 256 [ 19.114970] The buggy address is located 5 bytes to the right of [ 19.114970] allocated 235-byte region [fff00000c1b1b600, fff00000c1b1b6eb) [ 19.115032] [ 19.115050] The buggy address belongs to the physical page: [ 19.115079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1a [ 19.115131] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.115176] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.115225] page_type: f5(slab) [ 19.115261] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.115308] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.115363] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 19.115421] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.115581] head: 0bfffe0000000001 ffffc1ffc306c681 00000000ffffffff 00000000ffffffff [ 19.115861] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.115905] page dumped because: kasan: bad access detected [ 19.116658] [ 19.117427] Memory state around the buggy address: [ 19.117501] fff00000c1b1b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.117570] fff00000c1b1b600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.117620] >fff00000c1b1b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 19.117672] ^ [ 19.117770] fff00000c1b1b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.117827] fff00000c1b1b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.118022] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 19.086736] ================================================================== [ 19.086808] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 19.087110] Read of size 1 at addr fff00000c7840000 by task kunit_try_catch/154 [ 19.087277] [ 19.087314] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.087400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.087426] Hardware name: linux,dummy-virt (DT) [ 19.087806] Call trace: [ 19.087891] show_stack+0x20/0x38 (C) [ 19.087949] dump_stack_lvl+0x8c/0xd0 [ 19.087993] print_report+0x118/0x608 [ 19.088037] kasan_report+0xdc/0x128 [ 19.088081] __asan_report_load1_noabort+0x20/0x30 [ 19.088134] page_alloc_uaf+0x328/0x350 [ 19.088507] kunit_try_run_case+0x170/0x3f0 [ 19.088638] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.088972] kthread+0x328/0x630 [ 19.089060] ret_from_fork+0x10/0x20 [ 19.089263] [ 19.089674] The buggy address belongs to the physical page: [ 19.089772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107840 [ 19.089942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.089998] page_type: f0(buddy) [ 19.090286] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 19.090393] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 19.090475] page dumped because: kasan: bad access detected [ 19.090596] [ 19.090614] Memory state around the buggy address: [ 19.090653] fff00000c783ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.091096] fff00000c783ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.091162] >fff00000c7840000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.091202] ^ [ 19.091229] fff00000c7840080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.091566] fff00000c7840100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.091627] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 19.067030] ================================================================== [ 19.067220] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 19.067343] Free of addr fff00000c7814001 by task kunit_try_catch/150 [ 19.067427] [ 19.067472] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.067761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.067940] Hardware name: linux,dummy-virt (DT) [ 19.067975] Call trace: [ 19.067997] show_stack+0x20/0x38 (C) [ 19.068046] dump_stack_lvl+0x8c/0xd0 [ 19.068260] print_report+0x118/0x608 [ 19.068481] kasan_report_invalid_free+0xc0/0xe8 [ 19.068629] __kasan_kfree_large+0x5c/0xa8 [ 19.068755] free_large_kmalloc+0x64/0x190 [ 19.068808] kfree+0x270/0x3c8 [ 19.068847] kmalloc_large_invalid_free+0x108/0x270 [ 19.068902] kunit_try_run_case+0x170/0x3f0 [ 19.068955] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.069010] kthread+0x328/0x630 [ 19.069054] ret_from_fork+0x10/0x20 [ 19.069101] [ 19.069135] The buggy address belongs to the physical page: [ 19.069166] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107814 [ 19.069217] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.069271] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.069328] page_type: f8(unknown) [ 19.069365] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.069422] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.069486] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.069533] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.069579] head: 0bfffe0000000002 ffffc1ffc31e0501 00000000ffffffff 00000000ffffffff [ 19.069626] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.069665] page dumped because: kasan: bad access detected [ 19.069694] [ 19.069721] Memory state around the buggy address: [ 19.069972] fff00000c7813f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.070392] fff00000c7813f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.070857] >fff00000c7814000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.070995] ^ [ 19.071104] fff00000c7814080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.071267] fff00000c7814100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.071384] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 19.050875] ================================================================== [ 19.051111] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 19.051212] Read of size 1 at addr fff00000c7814000 by task kunit_try_catch/148 [ 19.051569] [ 19.051691] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.051807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.051832] Hardware name: linux,dummy-virt (DT) [ 19.051993] Call trace: [ 19.052054] show_stack+0x20/0x38 (C) [ 19.052219] dump_stack_lvl+0x8c/0xd0 [ 19.052384] print_report+0x118/0x608 [ 19.052610] kasan_report+0xdc/0x128 [ 19.052931] __asan_report_load1_noabort+0x20/0x30 [ 19.053190] kmalloc_large_uaf+0x2cc/0x2f8 [ 19.053511] kunit_try_run_case+0x170/0x3f0 [ 19.053572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.054027] kthread+0x328/0x630 [ 19.054114] ret_from_fork+0x10/0x20 [ 19.054197] [ 19.054375] The buggy address belongs to the physical page: [ 19.054413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107814 [ 19.054814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.055010] raw: 0bfffe0000000000 ffffc1ffc31e0608 fff00000da479c40 0000000000000000 [ 19.055301] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.055374] page dumped because: kasan: bad access detected [ 19.055404] [ 19.055454] Memory state around the buggy address: [ 19.055822] fff00000c7813f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.055944] fff00000c7813f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.055988] >fff00000c7814000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.056166] ^ [ 19.056514] fff00000c7814080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.056588] fff00000c7814100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.056694] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 19.035284] ================================================================== [ 19.035534] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 19.035597] Write of size 1 at addr fff00000c781600a by task kunit_try_catch/146 [ 19.035890] [ 19.036125] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.036241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.036378] Hardware name: linux,dummy-virt (DT) [ 19.036552] Call trace: [ 19.036611] show_stack+0x20/0x38 (C) [ 19.036729] dump_stack_lvl+0x8c/0xd0 [ 19.036775] print_report+0x118/0x608 [ 19.037119] kasan_report+0xdc/0x128 [ 19.037336] __asan_report_store1_noabort+0x20/0x30 [ 19.037637] kmalloc_large_oob_right+0x278/0x2b8 [ 19.038017] kunit_try_run_case+0x170/0x3f0 [ 19.038730] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.038843] kthread+0x328/0x630 [ 19.038920] ret_from_fork+0x10/0x20 [ 19.039339] [ 19.039753] The buggy address belongs to the physical page: [ 19.039800] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107814 [ 19.039917] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.040002] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.040319] page_type: f8(unknown) [ 19.040365] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.040427] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.040483] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.040723] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.041138] head: 0bfffe0000000002 ffffc1ffc31e0501 00000000ffffffff 00000000ffffffff [ 19.041238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.041367] page dumped because: kasan: bad access detected [ 19.041458] [ 19.041510] Memory state around the buggy address: [ 19.041637] fff00000c7815f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.041731] fff00000c7815f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.041777] >fff00000c7816000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.041813] ^ [ 19.041841] fff00000c7816080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.041884] fff00000c7816100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.041921] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 19.020199] ================================================================== [ 19.020260] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.020768] Write of size 1 at addr fff00000c7801f00 by task kunit_try_catch/144 [ 19.020837] [ 19.020871] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.021045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.021073] Hardware name: linux,dummy-virt (DT) [ 19.021103] Call trace: [ 19.021125] show_stack+0x20/0x38 (C) [ 19.021173] dump_stack_lvl+0x8c/0xd0 [ 19.021216] print_report+0x118/0x608 [ 19.021259] kasan_report+0xdc/0x128 [ 19.021761] __asan_report_store1_noabort+0x20/0x30 [ 19.021915] kmalloc_big_oob_right+0x2a4/0x2f0 [ 19.021967] kunit_try_run_case+0x170/0x3f0 [ 19.022012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.022063] kthread+0x328/0x630 [ 19.022402] ret_from_fork+0x10/0x20 [ 19.022471] [ 19.022655] Allocated by task 144: [ 19.022691] kasan_save_stack+0x3c/0x68 [ 19.022748] kasan_save_track+0x20/0x40 [ 19.022784] kasan_save_alloc_info+0x40/0x58 [ 19.022821] __kasan_kmalloc+0xd4/0xd8 [ 19.022856] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.022893] kmalloc_big_oob_right+0xb8/0x2f0 [ 19.022928] kunit_try_run_case+0x170/0x3f0 [ 19.022965] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.023007] kthread+0x328/0x630 [ 19.023455] ret_from_fork+0x10/0x20 [ 19.023684] [ 19.023850] The buggy address belongs to the object at fff00000c7800000 [ 19.023850] which belongs to the cache kmalloc-8k of size 8192 [ 19.023941] The buggy address is located 0 bytes to the right of [ 19.023941] allocated 7936-byte region [fff00000c7800000, fff00000c7801f00) [ 19.024152] [ 19.024183] The buggy address belongs to the physical page: [ 19.024299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800 [ 19.024481] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.024896] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.025026] page_type: f5(slab) [ 19.025137] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.025527] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.025687] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 19.025813] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 19.025929] head: 0bfffe0000000003 ffffc1ffc31e0001 00000000ffffffff 00000000ffffffff [ 19.026026] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 19.026170] page dumped because: kasan: bad access detected [ 19.026237] [ 19.026255] Memory state around the buggy address: [ 19.026294] fff00000c7801e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.026664] fff00000c7801e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.026771] >fff00000c7801f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.026831] ^ [ 19.026859] fff00000c7801f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.026917] fff00000c7802000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.026959] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 19.001384] ================================================================== [ 19.001437] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 19.001876] Write of size 1 at addr fff00000c1d5fc78 by task kunit_try_catch/142 [ 19.001999] [ 19.002067] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.002327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.002375] Hardware name: linux,dummy-virt (DT) [ 19.002612] Call trace: [ 19.002646] show_stack+0x20/0x38 (C) [ 19.002773] dump_stack_lvl+0x8c/0xd0 [ 19.002850] print_report+0x118/0x608 [ 19.002895] kasan_report+0xdc/0x128 [ 19.002967] __asan_report_store1_noabort+0x20/0x30 [ 19.003399] kmalloc_track_caller_oob_right+0x418/0x488 [ 19.003478] kunit_try_run_case+0x170/0x3f0 [ 19.003668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.003937] kthread+0x328/0x630 [ 19.004047] ret_from_fork+0x10/0x20 [ 19.004095] [ 19.004117] Allocated by task 142: [ 19.004339] kasan_save_stack+0x3c/0x68 [ 19.004827] kasan_save_track+0x20/0x40 [ 19.004914] kasan_save_alloc_info+0x40/0x58 [ 19.004954] __kasan_kmalloc+0xd4/0xd8 [ 19.004988] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 19.005257] kmalloc_track_caller_oob_right+0x184/0x488 [ 19.005327] kunit_try_run_case+0x170/0x3f0 [ 19.005389] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.006136] kthread+0x328/0x630 [ 19.006227] ret_from_fork+0x10/0x20 [ 19.006280] [ 19.006329] The buggy address belongs to the object at fff00000c1d5fc00 [ 19.006329] which belongs to the cache kmalloc-128 of size 128 [ 19.006538] The buggy address is located 0 bytes to the right of [ 19.006538] allocated 120-byte region [fff00000c1d5fc00, fff00000c1d5fc78) [ 19.006683] [ 19.006701] The buggy address belongs to the physical page: [ 19.006758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 19.006811] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.006879] page_type: f5(slab) [ 19.006916] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.006966] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.007015] page dumped because: kasan: bad access detected [ 19.007049] [ 19.007066] Memory state around the buggy address: [ 19.007097] fff00000c1d5fb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.007137] fff00000c1d5fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007178] >fff00000c1d5fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.007223] ^ [ 19.007270] fff00000c1d5fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007318] fff00000c1d5fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.007364] ================================================================== [ 18.993752] ================================================================== [ 18.993834] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.993894] Write of size 1 at addr fff00000c1d5fb78 by task kunit_try_catch/142 [ 18.994017] [ 18.994092] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.994353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.994388] Hardware name: linux,dummy-virt (DT) [ 18.994417] Call trace: [ 18.994438] show_stack+0x20/0x38 (C) [ 18.994487] dump_stack_lvl+0x8c/0xd0 [ 18.994549] print_report+0x118/0x608 [ 18.994595] kasan_report+0xdc/0x128 [ 18.994638] __asan_report_store1_noabort+0x20/0x30 [ 18.994686] kmalloc_track_caller_oob_right+0x40c/0x488 [ 18.994747] kunit_try_run_case+0x170/0x3f0 [ 18.994792] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.994842] kthread+0x328/0x630 [ 18.994913] ret_from_fork+0x10/0x20 [ 18.994960] [ 18.994978] Allocated by task 142: [ 18.995006] kasan_save_stack+0x3c/0x68 [ 18.995061] kasan_save_track+0x20/0x40 [ 18.995097] kasan_save_alloc_info+0x40/0x58 [ 18.995135] __kasan_kmalloc+0xd4/0xd8 [ 18.995170] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.995219] kmalloc_track_caller_oob_right+0xa8/0x488 [ 18.995258] kunit_try_run_case+0x170/0x3f0 [ 18.995306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.995350] kthread+0x328/0x630 [ 18.995390] ret_from_fork+0x10/0x20 [ 18.995424] [ 18.995442] The buggy address belongs to the object at fff00000c1d5fb00 [ 18.995442] which belongs to the cache kmalloc-128 of size 128 [ 18.996166] The buggy address is located 0 bytes to the right of [ 18.996166] allocated 120-byte region [fff00000c1d5fb00, fff00000c1d5fb78) [ 18.996231] [ 18.996250] The buggy address belongs to the physical page: [ 18.997030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 18.997161] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.997337] page_type: f5(slab) [ 18.997375] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.997443] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.997906] page dumped because: kasan: bad access detected [ 18.997962] [ 18.998035] Memory state around the buggy address: [ 18.998102] fff00000c1d5fa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.998230] fff00000c1d5fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.998286] >fff00000c1d5fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.998330] ^ [ 18.998510] fff00000c1d5fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.998730] fff00000c1d5fc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.998799] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 18.976317] ================================================================== [ 18.976418] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 18.976785] Read of size 1 at addr fff00000c5be5000 by task kunit_try_catch/140 [ 18.976915] [ 18.976979] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.977296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.977365] Hardware name: linux,dummy-virt (DT) [ 18.977406] Call trace: [ 18.977459] show_stack+0x20/0x38 (C) [ 18.977512] dump_stack_lvl+0x8c/0xd0 [ 18.977556] print_report+0x118/0x608 [ 18.977600] kasan_report+0xdc/0x128 [ 18.977885] __asan_report_load1_noabort+0x20/0x30 [ 18.978226] kmalloc_node_oob_right+0x2f4/0x330 [ 18.978318] kunit_try_run_case+0x170/0x3f0 [ 18.978429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.978533] kthread+0x328/0x630 [ 18.978623] ret_from_fork+0x10/0x20 [ 18.978700] [ 18.978836] Allocated by task 140: [ 18.978901] kasan_save_stack+0x3c/0x68 [ 18.979079] kasan_save_track+0x20/0x40 [ 18.979137] kasan_save_alloc_info+0x40/0x58 [ 18.979435] __kasan_kmalloc+0xd4/0xd8 [ 18.979627] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 18.979769] kmalloc_node_oob_right+0xbc/0x330 [ 18.979853] kunit_try_run_case+0x170/0x3f0 [ 18.979889] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.979958] kthread+0x328/0x630 [ 18.980105] ret_from_fork+0x10/0x20 [ 18.980149] [ 18.980168] The buggy address belongs to the object at fff00000c5be4000 [ 18.980168] which belongs to the cache kmalloc-4k of size 4096 [ 18.980401] The buggy address is located 0 bytes to the right of [ 18.980401] allocated 4096-byte region [fff00000c5be4000, fff00000c5be5000) [ 18.980514] [ 18.980536] The buggy address belongs to the physical page: [ 18.980624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105be0 [ 18.980838] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.980900] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.980972] page_type: f5(slab) [ 18.981010] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.981070] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.981148] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 18.981202] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 18.981250] head: 0bfffe0000000003 ffffc1ffc316f801 00000000ffffffff 00000000ffffffff [ 18.981308] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 18.981351] page dumped because: kasan: bad access detected [ 18.981389] [ 18.981411] Memory state around the buggy address: [ 18.981455] fff00000c5be4f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.981496] fff00000c5be4f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.981538] >fff00000c5be5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.981574] ^ [ 18.981600] fff00000c5be5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.981656] fff00000c5be5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.981717] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 18.961437] ================================================================== [ 18.961542] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 18.961603] Read of size 1 at addr fff00000c564f2bf by task kunit_try_catch/138 [ 18.961769] [ 18.961835] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.961969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.962176] Hardware name: linux,dummy-virt (DT) [ 18.962221] Call trace: [ 18.962406] show_stack+0x20/0x38 (C) [ 18.962467] dump_stack_lvl+0x8c/0xd0 [ 18.962512] print_report+0x118/0x608 [ 18.962556] kasan_report+0xdc/0x128 [ 18.962599] __asan_report_load1_noabort+0x20/0x30 [ 18.962667] kmalloc_oob_left+0x2ec/0x320 [ 18.962731] kunit_try_run_case+0x170/0x3f0 [ 18.963207] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.963285] kthread+0x328/0x630 [ 18.963328] ret_from_fork+0x10/0x20 [ 18.963453] [ 18.963514] Allocated by task 26: [ 18.963566] kasan_save_stack+0x3c/0x68 [ 18.963769] kasan_save_track+0x20/0x40 [ 18.963813] kasan_save_alloc_info+0x40/0x58 [ 18.963894] __kasan_kmalloc+0xd4/0xd8 [ 18.964134] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 18.964197] kstrdup+0x54/0xc8 [ 18.964232] devtmpfs_work_loop+0x6f8/0xa58 [ 18.964278] devtmpfsd+0x50/0x58 [ 18.964312] kthread+0x328/0x630 [ 18.964344] ret_from_fork+0x10/0x20 [ 18.964378] [ 18.964462] Freed by task 26: [ 18.964532] kasan_save_stack+0x3c/0x68 [ 18.964582] kasan_save_track+0x20/0x40 [ 18.964617] kasan_save_free_info+0x4c/0x78 [ 18.964655] __kasan_slab_free+0x6c/0x98 [ 18.964695] kfree+0x214/0x3c8 [ 18.964741] devtmpfs_work_loop+0x804/0xa58 [ 18.964781] devtmpfsd+0x50/0x58 [ 18.964830] kthread+0x328/0x630 [ 18.964864] ret_from_fork+0x10/0x20 [ 18.964909] [ 18.964931] The buggy address belongs to the object at fff00000c564f2a0 [ 18.964931] which belongs to the cache kmalloc-16 of size 16 [ 18.964986] The buggy address is located 15 bytes to the right of [ 18.964986] allocated 16-byte region [fff00000c564f2a0, fff00000c564f2b0) [ 18.965064] [ 18.965092] The buggy address belongs to the physical page: [ 18.965129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10564f [ 18.965181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.965228] page_type: f5(slab) [ 18.965265] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.965323] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.965362] page dumped because: kasan: bad access detected [ 18.965391] [ 18.965409] Memory state around the buggy address: [ 18.965454] fff00000c564f180: 00 05 fc fc fa fb fc fc fa fb fc fc 00 02 fc fc [ 18.965496] fff00000c564f200: fa fb fc fc fa fb fc fc 00 01 fc fc fa fb fc fc [ 18.965553] >fff00000c564f280: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 18.965596] ^ [ 18.965635] fff00000c564f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.965688] fff00000c564f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.965999] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 18.945181] ================================================================== [ 18.945233] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 18.945281] Read of size 1 at addr fff00000c1d5fa80 by task kunit_try_catch/136 [ 18.945728] [ 18.945819] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.945930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.946170] Hardware name: linux,dummy-virt (DT) [ 18.946215] Call trace: [ 18.946383] show_stack+0x20/0x38 (C) [ 18.946444] dump_stack_lvl+0x8c/0xd0 [ 18.946624] print_report+0x118/0x608 [ 18.946830] kasan_report+0xdc/0x128 [ 18.946957] __asan_report_load1_noabort+0x20/0x30 [ 18.947044] kmalloc_oob_right+0x5d0/0x660 [ 18.947089] kunit_try_run_case+0x170/0x3f0 [ 18.947292] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.947461] kthread+0x328/0x630 [ 18.947522] ret_from_fork+0x10/0x20 [ 18.947656] [ 18.947704] Allocated by task 136: [ 18.947744] kasan_save_stack+0x3c/0x68 [ 18.947792] kasan_save_track+0x20/0x40 [ 18.947829] kasan_save_alloc_info+0x40/0x58 [ 18.947867] __kasan_kmalloc+0xd4/0xd8 [ 18.947901] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.947937] kmalloc_oob_right+0xb0/0x660 [ 18.947971] kunit_try_run_case+0x170/0x3f0 [ 18.948006] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.948047] kthread+0x328/0x630 [ 18.948078] ret_from_fork+0x10/0x20 [ 18.948116] [ 18.948134] The buggy address belongs to the object at fff00000c1d5fa00 [ 18.948134] which belongs to the cache kmalloc-128 of size 128 [ 18.948188] The buggy address is located 13 bytes to the right of [ 18.948188] allocated 115-byte region [fff00000c1d5fa00, fff00000c1d5fa73) [ 18.948250] [ 18.948268] The buggy address belongs to the physical page: [ 18.948296] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 18.948345] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.948390] page_type: f5(slab) [ 18.948426] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.948474] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.948513] page dumped because: kasan: bad access detected [ 18.948542] [ 18.948559] Memory state around the buggy address: [ 18.948588] fff00000c1d5f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.948629] fff00000c1d5fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.948669] >fff00000c1d5fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.948706] ^ [ 18.948742] fff00000c1d5fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.949058] fff00000c1d5fb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.949294] ================================================================== [ 18.937348] ================================================================== [ 18.937388] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 18.937434] Write of size 1 at addr fff00000c1d5fa78 by task kunit_try_catch/136 [ 18.937481] [ 18.937510] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.937586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.937744] Hardware name: linux,dummy-virt (DT) [ 18.937805] Call trace: [ 18.937827] show_stack+0x20/0x38 (C) [ 18.937884] dump_stack_lvl+0x8c/0xd0 [ 18.937929] print_report+0x118/0x608 [ 18.937982] kasan_report+0xdc/0x128 [ 18.938034] __asan_report_store1_noabort+0x20/0x30 [ 18.938084] kmalloc_oob_right+0x538/0x660 [ 18.938127] kunit_try_run_case+0x170/0x3f0 [ 18.938179] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.938235] kthread+0x328/0x630 [ 18.938275] ret_from_fork+0x10/0x20 [ 18.938319] [ 18.938336] Allocated by task 136: [ 18.938363] kasan_save_stack+0x3c/0x68 [ 18.938401] kasan_save_track+0x20/0x40 [ 18.938445] kasan_save_alloc_info+0x40/0x58 [ 18.938489] __kasan_kmalloc+0xd4/0xd8 [ 18.938523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.938559] kmalloc_oob_right+0xb0/0x660 [ 18.938593] kunit_try_run_case+0x170/0x3f0 [ 18.938630] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.938672] kthread+0x328/0x630 [ 18.938703] ret_from_fork+0x10/0x20 [ 18.939698] [ 18.939729] The buggy address belongs to the object at fff00000c1d5fa00 [ 18.939729] which belongs to the cache kmalloc-128 of size 128 [ 18.939785] The buggy address is located 5 bytes to the right of [ 18.939785] allocated 115-byte region [fff00000c1d5fa00, fff00000c1d5fa73) [ 18.940276] [ 18.940305] The buggy address belongs to the physical page: [ 18.940356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 18.940824] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.941109] page_type: f5(slab) [ 18.941475] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.942243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.942420] page dumped because: kasan: bad access detected [ 18.942530] [ 18.942600] Memory state around the buggy address: [ 18.942986] fff00000c1d5f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.943113] fff00000c1d5f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.943297] >fff00000c1d5fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.943336] ^ [ 18.943767] fff00000c1d5fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.943883] fff00000c1d5fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.943965] ================================================================== [ 18.928124] ================================================================== [ 18.928463] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 18.929286] Write of size 1 at addr fff00000c1d5fa73 by task kunit_try_catch/136 [ 18.929392] [ 18.930169] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 18.930312] Tainted: [N]=TEST [ 18.930345] Hardware name: linux,dummy-virt (DT) [ 18.930561] Call trace: [ 18.930737] show_stack+0x20/0x38 (C) [ 18.930871] dump_stack_lvl+0x8c/0xd0 [ 18.930930] print_report+0x118/0x608 [ 18.930977] kasan_report+0xdc/0x128 [ 18.931021] __asan_report_store1_noabort+0x20/0x30 [ 18.931071] kmalloc_oob_right+0x5a4/0x660 [ 18.931115] kunit_try_run_case+0x170/0x3f0 [ 18.931165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.931216] kthread+0x328/0x630 [ 18.931259] ret_from_fork+0x10/0x20 [ 18.931409] [ 18.931863] Allocated by task 136: [ 18.932012] kasan_save_stack+0x3c/0x68 [ 18.932081] kasan_save_track+0x20/0x40 [ 18.932124] kasan_save_alloc_info+0x40/0x58 [ 18.932163] __kasan_kmalloc+0xd4/0xd8 [ 18.932197] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.932237] kmalloc_oob_right+0xb0/0x660 [ 18.932272] kunit_try_run_case+0x170/0x3f0 [ 18.932308] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.932349] kthread+0x328/0x630 [ 18.932380] ret_from_fork+0x10/0x20 [ 18.932435] [ 18.932494] The buggy address belongs to the object at fff00000c1d5fa00 [ 18.932494] which belongs to the cache kmalloc-128 of size 128 [ 18.932586] The buggy address is located 0 bytes to the right of [ 18.932586] allocated 115-byte region [fff00000c1d5fa00, fff00000c1d5fa73) [ 18.932651] [ 18.932746] The buggy address belongs to the physical page: [ 18.932924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d5f [ 18.933187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.933473] page_type: f5(slab) [ 18.933783] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.933848] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.933951] page dumped because: kasan: bad access detected [ 18.933990] [ 18.934015] Memory state around the buggy address: [ 18.934231] fff00000c1d5f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.934295] fff00000c1d5f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934349] >fff00000c1d5fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.934401] ^ [ 18.934479] fff00000c1d5fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934520] fff00000c1d5fb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934580] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 100.040435] WARNING: CPU: 1 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 100.041430] Modules linked in: [ 100.041676] CPU: 1 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 100.043189] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 100.044037] Hardware name: linux,dummy-virt (DT) [ 100.044665] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 100.045057] pc : intlog10+0x38/0x48 [ 100.045302] lr : intlog10_test+0xe4/0x200 [ 100.045566] sp : ffff800082057c10 [ 100.045840] x29: ffff800082057c90 x28: 0000000000000000 x27: 0000000000000000 [ 100.046339] x26: 1ffe000019296221 x25: 0000000000000000 x24: ffff800082057ce0 [ 100.046788] x23: ffff800082057d00 x22: 0000000000000000 x21: 1ffff0001040af82 [ 100.047262] x20: ffff9d16ebc89e80 x19: ffff800080087990 x18: 000000000bb39937 [ 100.047789] x17: 00000000a863ebaf x16: fff00000c097583c x15: fff00000ff616b08 [ 100.048389] x14: 0000000000018fff x13: 1ffe00001b48a7cd x12: ffff73a2ddf63379 [ 100.048830] x11: 1ffff3a2ddf63378 x10: ffff73a2ddf63378 x9 : ffff9d16e9235fdc [ 100.049241] x8 : ffff9d16efb19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 100.049697] x5 : ffff70001040af82 x4 : 1ffff00010010f3a x3 : 1ffff3a2dd7913d0 [ 100.050143] x2 : 1ffff3a2dd7913d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 100.050579] Call trace: [ 100.050761] intlog10+0x38/0x48 (P) [ 100.050999] kunit_try_run_case+0x170/0x3f0 [ 100.051267] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 100.051598] kthread+0x328/0x630 [ 100.051879] ret_from_fork+0x10/0x20 [ 100.052234] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 99.999239] WARNING: CPU: 1 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 100.000733] Modules linked in: [ 100.000981] CPU: 1 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 100.001826] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 100.002167] Hardware name: linux,dummy-virt (DT) [ 100.002438] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 100.002864] pc : intlog2+0xd8/0xf8 [ 100.003127] lr : intlog2_test+0xe4/0x200 [ 100.003357] sp : ffff800081fd7c10 [ 100.003689] x29: ffff800081fd7c90 x28: 0000000000000000 x27: 0000000000000000 [ 100.004220] x26: 1ffe000019294781 x25: 0000000000000000 x24: ffff800081fd7ce0 [ 100.004683] x23: ffff800081fd7d00 x22: 0000000000000000 x21: 1ffff000103faf82 [ 100.005142] x20: ffff9d16ebc89d80 x19: ffff800080087990 x18: 0000000082d165aa [ 100.005614] x17: 00000000c3dec91a x16: fff00000c097583c x15: fff00000ff616b08 [ 100.006067] x14: 0000000000018fff x13: 1ffe00001b48eb89 x12: ffff73a2ddf63379 [ 100.006539] x11: 1ffff3a2ddf63378 x10: ffff73a2ddf63378 x9 : ffff9d16e92361dc [ 100.007014] x8 : ffff9d16efb19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 100.007541] x5 : ffff7000103faf82 x4 : 1ffff00010010f3a x3 : 1ffff3a2dd7913b0 [ 100.007983] x2 : 1ffff3a2dd7913b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 100.008428] Call trace: [ 100.008591] intlog2+0xd8/0xf8 (P) [ 100.008824] kunit_try_run_case+0x170/0x3f0 [ 100.009086] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 100.009414] kthread+0x328/0x630 [ 100.009607] ret_from_fork+0x10/0x20 [ 100.009901] ---[ end trace 0000000000000000 ]---