Date
July 10, 2025, 6:10 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.423641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3ac/0x4858 [ 19.403468] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x32c/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.300412] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 19.321126] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 93.968490] Internal error: Oops: 0000000096000005 [#1] SMP [ 93.973737] Modules linked in: [ 93.974380] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 93.974887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 93.975080] Hardware name: linux,dummy-virt (DT) [ 93.975437] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 93.975831] pc : kunit_test_null_dereference+0x70/0x170 [ 93.976146] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.976456] sp : ffff800082047d30 [ 93.976687] x29: ffff800082047d90 x28: 0000000000000000 x27: 0000000000000000 [ 93.977122] x26: 1ffe00001880a3a1 x25: 0000000000000000 x24: 0000000000000004 [ 93.977603] x23: fff00000c4051d0c x22: ffff93d695623e38 x21: fff00000c1763e88 [ 93.978019] x20: 1ffff00010408fa6 x19: ffff800080087990 x18: 00000000068b4511 [ 93.978435] x17: 00000000bc6b8f8f x16: 0000000000000100 x15: 000000006bfdfffe [ 93.978989] x14: 00000000cfa3f7c9 x13: 1ffe00001b48a789 x12: fffd80001919e8b4 [ 93.979566] x11: 1ffe00001919e8b3 x10: fffd80001919e8b3 x9 : ffff93d69561b2a0 [ 93.979964] x8 : ffff800082047c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 93.980305] x5 : ffff700010408fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 93.981055] x2 : dfff800000000000 x1 : fff00000c8cf3cc0 x0 : ffff800080087990 [ 93.981850] Call trace: [ 93.982150] kunit_test_null_dereference+0x70/0x170 (P) [ 93.982717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 93.983288] kthread+0x328/0x630 [ 93.983771] ret_from_fork+0x10/0x20 [ 93.984433] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 93.985235] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.783134] ================================================================== [ 49.783207] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 49.783207] [ 49.783297] Use-after-free read at 0x00000000789fd6be (in kfence-#147): [ 49.783365] test_krealloc+0x51c/0x830 [ 49.783410] kunit_try_run_case+0x170/0x3f0 [ 49.783461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.783507] kthread+0x328/0x630 [ 49.783547] ret_from_fork+0x10/0x20 [ 49.783587] [ 49.783612] kfence-#147: 0x00000000789fd6be-0x0000000012c3a69e, size=32, cache=kmalloc-32 [ 49.783612] [ 49.783666] allocated by task 337 on cpu 0 at 49.782424s (0.001238s ago): [ 49.783734] test_alloc+0x29c/0x628 [ 49.783775] test_krealloc+0xc0/0x830 [ 49.783814] kunit_try_run_case+0x170/0x3f0 [ 49.783855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.783901] kthread+0x328/0x630 [ 49.783937] ret_from_fork+0x10/0x20 [ 49.783977] [ 49.784000] freed by task 337 on cpu 0 at 49.782729s (0.001267s ago): [ 49.784060] krealloc_noprof+0x148/0x360 [ 49.784101] test_krealloc+0x1dc/0x830 [ 49.784141] kunit_try_run_case+0x170/0x3f0 [ 49.784182] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.784226] kthread+0x328/0x630 [ 49.784261] ret_from_fork+0x10/0x20 [ 49.784301] [ 49.784359] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 49.784440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.784471] Hardware name: linux,dummy-virt (DT) [ 49.784506] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 49.694621] ================================================================== [ 49.694726] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.694726] [ 49.694835] Use-after-free read at 0x00000000a152bf12 (in kfence-#146): [ 49.694890] test_memcache_typesafe_by_rcu+0x280/0x560 [ 49.694941] kunit_try_run_case+0x170/0x3f0 [ 49.694989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.695036] kthread+0x328/0x630 [ 49.695077] ret_from_fork+0x10/0x20 [ 49.695118] [ 49.695143] kfence-#146: 0x00000000a152bf12-0x0000000083822460, size=32, cache=test [ 49.695143] [ 49.695196] allocated by task 335 on cpu 1 at 49.678594s (0.016598s ago): [ 49.695269] test_alloc+0x230/0x628 [ 49.695309] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 49.695370] kunit_try_run_case+0x170/0x3f0 [ 49.695410] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.695457] kthread+0x328/0x630 [ 49.695495] ret_from_fork+0x10/0x20 [ 49.695534] [ 49.695557] freed by task 335 on cpu 1 at 49.678718s (0.016835s ago): [ 49.695614] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 49.695659] kunit_try_run_case+0x170/0x3f0 [ 49.695700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 49.695744] kthread+0x328/0x630 [ 49.695779] ret_from_fork+0x10/0x20 [ 49.695820] [ 49.695868] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 49.695950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.695981] Hardware name: linux,dummy-virt (DT) [ 49.696018] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.882286] ================================================================== [ 26.882480] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 26.882480] [ 26.882601] Invalid read at 0x00000000e7029eee: [ 26.882674] test_invalid_access+0xdc/0x1f0 [ 26.882730] kunit_try_run_case+0x170/0x3f0 [ 26.882824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.883255] kthread+0x328/0x630 [ 26.883306] ret_from_fork+0x10/0x20 [ 26.883380] [ 26.883441] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.883532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.883568] Hardware name: linux,dummy-virt (DT) [ 26.883608] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.654744] ================================================================== [ 26.654839] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.654839] [ 26.654903] Corrupted memory at 0x00000000f0b2ce30 [ ! . . . . . . . . . . . . . . . ] (in kfence-#142): [ 26.655211] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.655263] kunit_try_run_case+0x170/0x3f0 [ 26.655306] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.655368] kthread+0x328/0x630 [ 26.655406] ret_from_fork+0x10/0x20 [ 26.655451] [ 26.655475] kfence-#142: 0x0000000011a27b96-0x0000000094e9841e, size=73, cache=kmalloc-96 [ 26.655475] [ 26.655531] allocated by task 325 on cpu 1 at 26.654484s (0.001043s ago): [ 26.655594] test_alloc+0x29c/0x628 [ 26.655636] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 26.655680] kunit_try_run_case+0x170/0x3f0 [ 26.655721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.655766] kthread+0x328/0x630 [ 26.655801] ret_from_fork+0x10/0x20 [ 26.655842] [ 26.655865] freed by task 325 on cpu 1 at 26.654653s (0.001209s ago): [ 26.655928] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 26.655973] kunit_try_run_case+0x170/0x3f0 [ 26.656012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.656057] kthread+0x328/0x630 [ 26.656093] ret_from_fork+0x10/0x20 [ 26.656134] [ 26.656177] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.656256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.656286] Hardware name: linux,dummy-virt (DT) [ 26.656317] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 26.550513] ================================================================== [ 26.550584] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.550584] [ 26.550679] Out-of-bounds read at 0x00000000383d6f72 (105B right of kfence-#141): [ 26.550738] test_kmalloc_aligned_oob_read+0x238/0x468 [ 26.550788] kunit_try_run_case+0x170/0x3f0 [ 26.550834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.550881] kthread+0x328/0x630 [ 26.550920] ret_from_fork+0x10/0x20 [ 26.550962] [ 26.550988] kfence-#141: 0x000000006605e287-0x000000006737467a, size=73, cache=kmalloc-96 [ 26.550988] [ 26.551041] allocated by task 323 on cpu 1 at 26.550289s (0.000748s ago): [ 26.551116] test_alloc+0x29c/0x628 [ 26.551158] test_kmalloc_aligned_oob_read+0x100/0x468 [ 26.551203] kunit_try_run_case+0x170/0x3f0 [ 26.551244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 26.551289] kthread+0x328/0x630 [ 26.551326] ret_from_fork+0x10/0x20 [ 26.551380] [ 26.551431] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 26.551514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.551544] Hardware name: linux,dummy-virt (DT) [ 26.551579] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.768118] ================================================================== [ 21.768250] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 21.768250] [ 21.768764] Corrupted memory at 0x000000007b3d4ed0 [ ! . . . . . . . . . . . . . . . ] (in kfence-#95): [ 21.769622] test_corruption+0x278/0x378 [ 21.769703] kunit_try_run_case+0x170/0x3f0 [ 21.769995] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.770435] kthread+0x328/0x630 [ 21.770583] ret_from_fork+0x10/0x20 [ 21.770638] [ 21.770714] kfence-#95: 0x000000004b940e24-0x00000000a7b9e3aa, size=32, cache=kmalloc-32 [ 21.770714] [ 21.770792] allocated by task 311 on cpu 0 at 21.767186s (0.003601s ago): [ 21.770874] test_alloc+0x29c/0x628 [ 21.770917] test_corruption+0xdc/0x378 [ 21.770957] kunit_try_run_case+0x170/0x3f0 [ 21.771009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.771063] kthread+0x328/0x630 [ 21.771109] ret_from_fork+0x10/0x20 [ 21.771159] [ 21.771190] freed by task 311 on cpu 0 at 21.767590s (0.003590s ago): [ 21.771256] test_corruption+0x278/0x378 [ 21.771312] kunit_try_run_case+0x170/0x3f0 [ 21.771370] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.771437] kthread+0x328/0x630 [ 21.771490] ret_from_fork+0x10/0x20 [ 21.771551] [ 21.771599] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.771700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.771730] Hardware name: linux,dummy-virt (DT) [ 21.771772] ================================================================== [ 21.974443] ================================================================== [ 21.974540] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 21.974540] [ 21.974604] Corrupted memory at 0x000000008aeb3c76 [ ! . . . . . . . . . . . . . . . ] (in kfence-#97): [ 21.974910] test_corruption+0x120/0x378 [ 21.974957] kunit_try_run_case+0x170/0x3f0 [ 21.975002] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.975048] kthread+0x328/0x630 [ 21.975088] ret_from_fork+0x10/0x20 [ 21.975129] [ 21.975152] kfence-#97: 0x00000000fbdf1651-0x0000000088c58de6, size=32, cache=test [ 21.975152] [ 21.975207] allocated by task 313 on cpu 0 at 21.974272s (0.000931s ago): [ 21.975268] test_alloc+0x230/0x628 [ 21.975309] test_corruption+0xdc/0x378 [ 21.975361] kunit_try_run_case+0x170/0x3f0 [ 21.975404] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.975452] kthread+0x328/0x630 [ 21.975490] ret_from_fork+0x10/0x20 [ 21.975531] [ 21.975554] freed by task 313 on cpu 0 at 21.974354s (0.001196s ago): [ 21.975617] test_corruption+0x120/0x378 [ 21.975657] kunit_try_run_case+0x170/0x3f0 [ 21.975698] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.975744] kthread+0x328/0x630 [ 21.975781] ret_from_fork+0x10/0x20 [ 21.975820] [ 21.975864] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.975944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.975972] Hardware name: linux,dummy-virt (DT) [ 21.976004] ================================================================== [ 21.871938] ================================================================== [ 21.872095] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 21.872095] [ 21.872178] Corrupted memory at 0x000000006f7dce68 [ ! ] (in kfence-#96): [ 21.872495] test_corruption+0x284/0x378 [ 21.872879] kunit_try_run_case+0x170/0x3f0 [ 21.872985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.873075] kthread+0x328/0x630 [ 21.873116] ret_from_fork+0x10/0x20 [ 21.873441] [ 21.873482] kfence-#96: 0x000000008358cc6b-0x0000000022ff96fd, size=32, cache=kmalloc-32 [ 21.873482] [ 21.873621] allocated by task 311 on cpu 0 at 21.871491s (0.002077s ago): [ 21.873691] test_alloc+0x29c/0x628 [ 21.874075] test_corruption+0x198/0x378 [ 21.874176] kunit_try_run_case+0x170/0x3f0 [ 21.874268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.874426] kthread+0x328/0x630 [ 21.874684] ret_from_fork+0x10/0x20 [ 21.874764] [ 21.874787] freed by task 311 on cpu 0 at 21.871745s (0.003038s ago): [ 21.875019] test_corruption+0x284/0x378 [ 21.875188] kunit_try_run_case+0x170/0x3f0 [ 21.875236] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.875615] kthread+0x328/0x630 [ 21.875664] ret_from_fork+0x10/0x20 [ 21.875705] [ 21.875749] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.875838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.875866] Hardware name: linux,dummy-virt (DT) [ 21.875908] ================================================================== [ 22.390516] ================================================================== [ 22.390618] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 22.390618] [ 22.390681] Corrupted memory at 0x000000005efe6c8f [ ! ] (in kfence-#101): [ 22.390795] test_corruption+0x1d8/0x378 [ 22.390843] kunit_try_run_case+0x170/0x3f0 [ 22.390886] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.390933] kthread+0x328/0x630 [ 22.390972] ret_from_fork+0x10/0x20 [ 22.391012] [ 22.391035] kfence-#101: 0x0000000033ee0035-0x0000000024029213, size=32, cache=test [ 22.391035] [ 22.391089] allocated by task 313 on cpu 0 at 22.390353s (0.000732s ago): [ 22.391149] test_alloc+0x230/0x628 [ 22.391190] test_corruption+0x198/0x378 [ 22.391231] kunit_try_run_case+0x170/0x3f0 [ 22.391270] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.391315] kthread+0x328/0x630 [ 22.391362] ret_from_fork+0x10/0x20 [ 22.391402] [ 22.391431] freed by task 313 on cpu 0 at 22.390416s (0.001011s ago): [ 22.391492] test_corruption+0x1d8/0x378 [ 22.391531] kunit_try_run_case+0x170/0x3f0 [ 22.391571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.391616] kthread+0x328/0x630 [ 22.391651] ret_from_fork+0x10/0x20 [ 22.391690] [ 22.391735] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 22.391813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.391842] Hardware name: linux,dummy-virt (DT) [ 22.391877] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 21.663561] ================================================================== [ 21.663711] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 21.663711] [ 21.663773] Invalid free of 0x0000000004eef4d2 (in kfence-#94): [ 21.663826] test_invalid_addr_free+0xec/0x238 [ 21.664282] kunit_try_run_case+0x170/0x3f0 [ 21.664459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.664514] kthread+0x328/0x630 [ 21.664599] ret_from_fork+0x10/0x20 [ 21.664715] [ 21.664741] kfence-#94: 0x00000000660b8f85-0x00000000eec29c94, size=32, cache=test [ 21.664741] [ 21.665180] allocated by task 309 on cpu 0 at 21.663429s (0.001656s ago): [ 21.665298] test_alloc+0x230/0x628 [ 21.665353] test_invalid_addr_free+0xd4/0x238 [ 21.665488] kunit_try_run_case+0x170/0x3f0 [ 21.665534] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.665597] kthread+0x328/0x630 [ 21.665633] ret_from_fork+0x10/0x20 [ 21.665817] [ 21.666276] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.666470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.666503] Hardware name: linux,dummy-virt (DT) [ 21.666947] ================================================================== [ 21.559379] ================================================================== [ 21.559553] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 21.559553] [ 21.559730] Invalid free of 0x000000006efb832c (in kfence-#93): [ 21.559798] test_invalid_addr_free+0x1ac/0x238 [ 21.559850] kunit_try_run_case+0x170/0x3f0 [ 21.559895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.559940] kthread+0x328/0x630 [ 21.559979] ret_from_fork+0x10/0x20 [ 21.560309] [ 21.560511] kfence-#93: 0x0000000041609585-0x000000007cbc4b2c, size=32, cache=kmalloc-32 [ 21.560511] [ 21.560665] allocated by task 307 on cpu 0 at 21.559211s (0.001416s ago): [ 21.560824] test_alloc+0x29c/0x628 [ 21.560882] test_invalid_addr_free+0xd4/0x238 [ 21.560966] kunit_try_run_case+0x170/0x3f0 [ 21.561210] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.561275] kthread+0x328/0x630 [ 21.561410] ret_from_fork+0x10/0x20 [ 21.561462] [ 21.561674] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.561766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.561805] Hardware name: linux,dummy-virt (DT) [ 21.561838] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 21.455106] ================================================================== [ 21.455204] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 21.455204] [ 21.455278] Invalid free of 0x000000007ec94fce (in kfence-#92): [ 21.455638] test_double_free+0x100/0x238 [ 21.456185] kunit_try_run_case+0x170/0x3f0 [ 21.456257] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.456498] kthread+0x328/0x630 [ 21.456689] ret_from_fork+0x10/0x20 [ 21.456742] [ 21.456822] kfence-#92: 0x000000007ec94fce-0x000000001fd99d9c, size=32, cache=test [ 21.456822] [ 21.456928] allocated by task 305 on cpu 0 at 21.454780s (0.002144s ago): [ 21.457535] test_alloc+0x230/0x628 [ 21.457607] test_double_free+0xd4/0x238 [ 21.457663] kunit_try_run_case+0x170/0x3f0 [ 21.457703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.457749] kthread+0x328/0x630 [ 21.457785] ret_from_fork+0x10/0x20 [ 21.457825] [ 21.457849] freed by task 305 on cpu 0 at 21.454902s (0.002943s ago): [ 21.457938] test_double_free+0xf0/0x238 [ 21.457980] kunit_try_run_case+0x170/0x3f0 [ 21.458023] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.458133] kthread+0x328/0x630 [ 21.458186] ret_from_fork+0x10/0x20 [ 21.458226] [ 21.458280] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.458558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.458606] Hardware name: linux,dummy-virt (DT) [ 21.458656] ================================================================== [ 21.351743] ================================================================== [ 21.351977] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 21.351977] [ 21.352244] Invalid free of 0x00000000103f7890 (in kfence-#91): [ 21.352388] test_double_free+0x1bc/0x238 [ 21.352438] kunit_try_run_case+0x170/0x3f0 [ 21.352484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.352529] kthread+0x328/0x630 [ 21.352569] ret_from_fork+0x10/0x20 [ 21.352615] [ 21.352742] kfence-#91: 0x00000000103f7890-0x00000000f20ed4e9, size=32, cache=kmalloc-32 [ 21.352742] [ 21.352897] allocated by task 303 on cpu 0 at 21.351249s (0.001644s ago): [ 21.353156] test_alloc+0x29c/0x628 [ 21.353281] test_double_free+0xd4/0x238 [ 21.353358] kunit_try_run_case+0x170/0x3f0 [ 21.353400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.353443] kthread+0x328/0x630 [ 21.353479] ret_from_fork+0x10/0x20 [ 21.353518] [ 21.353543] freed by task 303 on cpu 0 at 21.351329s (0.002210s ago): [ 21.353606] test_double_free+0x1ac/0x238 [ 21.353648] kunit_try_run_case+0x170/0x3f0 [ 21.353784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.354224] kthread+0x328/0x630 [ 21.354272] ret_from_fork+0x10/0x20 [ 21.354349] [ 21.354600] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.354885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.354915] Hardware name: linux,dummy-virt (DT) [ 21.355229] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 21.039040] ================================================================== [ 21.039366] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 21.039366] [ 21.039488] Use-after-free read at 0x00000000dd1da1bb (in kfence-#88): [ 21.039567] test_use_after_free_read+0x114/0x248 [ 21.039658] kunit_try_run_case+0x170/0x3f0 [ 21.039723] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.039798] kthread+0x328/0x630 [ 21.039839] ret_from_fork+0x10/0x20 [ 21.039913] [ 21.039938] kfence-#88: 0x00000000dd1da1bb-0x00000000b559433e, size=32, cache=test [ 21.039938] [ 21.040015] allocated by task 297 on cpu 0 at 21.038836s (0.001168s ago): [ 21.040137] test_alloc+0x230/0x628 [ 21.040180] test_use_after_free_read+0xd0/0x248 [ 21.040223] kunit_try_run_case+0x170/0x3f0 [ 21.040283] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.040571] kthread+0x328/0x630 [ 21.040648] ret_from_fork+0x10/0x20 [ 21.040718] [ 21.040836] freed by task 297 on cpu 0 at 21.038904s (0.001891s ago): [ 21.040945] test_use_after_free_read+0xf0/0x248 [ 21.040991] kunit_try_run_case+0x170/0x3f0 [ 21.041043] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.041089] kthread+0x328/0x630 [ 21.041127] ret_from_fork+0x10/0x20 [ 21.041165] [ 21.041222] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.041304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.041331] Hardware name: linux,dummy-virt (DT) [ 21.041373] ================================================================== [ 20.937580] ================================================================== [ 20.937683] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 20.937683] [ 20.938094] Use-after-free read at 0x00000000ec98d562 (in kfence-#87): [ 20.938385] test_use_after_free_read+0x114/0x248 [ 20.938472] kunit_try_run_case+0x170/0x3f0 [ 20.938540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.938593] kthread+0x328/0x630 [ 20.938633] ret_from_fork+0x10/0x20 [ 20.938675] [ 20.938700] kfence-#87: 0x00000000ec98d562-0x00000000733f52d9, size=32, cache=kmalloc-32 [ 20.938700] [ 20.938985] allocated by task 295 on cpu 0 at 20.936617s (0.002336s ago): [ 20.939098] test_alloc+0x29c/0x628 [ 20.939247] test_use_after_free_read+0xd0/0x248 [ 20.939288] kunit_try_run_case+0x170/0x3f0 [ 20.939349] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.939576] kthread+0x328/0x630 [ 20.939612] ret_from_fork+0x10/0x20 [ 20.939652] [ 20.939964] freed by task 295 on cpu 0 at 20.936862s (0.003086s ago): [ 20.940051] test_use_after_free_read+0x1c0/0x248 [ 20.940319] kunit_try_run_case+0x170/0x3f0 [ 20.940411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.940458] kthread+0x328/0x630 [ 20.940495] ret_from_fork+0x10/0x20 [ 20.940560] [ 20.940640] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.940955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.940990] Hardware name: linux,dummy-virt (DT) [ 20.941125] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 20.727108] ================================================================== [ 20.727228] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.727228] [ 20.727375] Out-of-bounds write at 0x00000000c58f8979 (1B left of kfence-#85): [ 20.727453] test_out_of_bounds_write+0x100/0x240 [ 20.727505] kunit_try_run_case+0x170/0x3f0 [ 20.727589] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.727635] kthread+0x328/0x630 [ 20.727694] ret_from_fork+0x10/0x20 [ 20.727759] [ 20.727785] kfence-#85: 0x00000000aba77c94-0x00000000d2241b54, size=32, cache=kmalloc-32 [ 20.727785] [ 20.727990] allocated by task 291 on cpu 0 at 20.726952s (0.001006s ago): [ 20.728215] test_alloc+0x29c/0x628 [ 20.728276] test_out_of_bounds_write+0xc8/0x240 [ 20.728346] kunit_try_run_case+0x170/0x3f0 [ 20.728390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.728435] kthread+0x328/0x630 [ 20.728472] ret_from_fork+0x10/0x20 [ 20.728511] [ 20.728591] CPU: 0 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.728675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.728722] Hardware name: linux,dummy-virt (DT) [ 20.728755] ================================================================== [ 20.833603] ================================================================== [ 20.833703] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 20.833703] [ 20.833991] Out-of-bounds write at 0x0000000009a95332 (1B left of kfence-#86): [ 20.834217] test_out_of_bounds_write+0x100/0x240 [ 20.834271] kunit_try_run_case+0x170/0x3f0 [ 20.834317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.834373] kthread+0x328/0x630 [ 20.834434] ret_from_fork+0x10/0x20 [ 20.834476] [ 20.834500] kfence-#86: 0x0000000075cc165e-0x0000000034241277, size=32, cache=test [ 20.834500] [ 20.834761] allocated by task 293 on cpu 0 at 20.833072s (0.001682s ago): [ 20.834853] test_alloc+0x230/0x628 [ 20.835009] test_out_of_bounds_write+0xc8/0x240 [ 20.835079] kunit_try_run_case+0x170/0x3f0 [ 20.835120] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.835164] kthread+0x328/0x630 [ 20.835201] ret_from_fork+0x10/0x20 [ 20.835253] [ 20.835302] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.835699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.835735] Hardware name: linux,dummy-virt (DT) [ 20.836066] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 20.622969] ================================================================== [ 20.623060] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.623060] [ 20.623199] Out-of-bounds read at 0x00000000c6115c69 (32B right of kfence-#84): [ 20.623273] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.623376] kunit_try_run_case+0x170/0x3f0 [ 20.623428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.623474] kthread+0x328/0x630 [ 20.623512] ret_from_fork+0x10/0x20 [ 20.623553] [ 20.623593] kfence-#84: 0x00000000f28de3cd-0x000000003638c174, size=32, cache=test [ 20.623593] [ 20.623922] allocated by task 289 on cpu 0 at 20.622754s (0.000967s ago): [ 20.624007] test_alloc+0x230/0x628 [ 20.624074] test_out_of_bounds_read+0x198/0x3e0 [ 20.624118] kunit_try_run_case+0x170/0x3f0 [ 20.624175] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.624222] kthread+0x328/0x630 [ 20.624258] ret_from_fork+0x10/0x20 [ 20.624466] [ 20.624521] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.624603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.624650] Hardware name: linux,dummy-virt (DT) [ 20.624685] ================================================================== [ 20.414989] ================================================================== [ 20.415214] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.415214] [ 20.415314] Out-of-bounds read at 0x00000000eace1b5e (1B left of kfence-#82): [ 20.415380] test_out_of_bounds_read+0x114/0x3e0 [ 20.415431] kunit_try_run_case+0x170/0x3f0 [ 20.415570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.415623] kthread+0x328/0x630 [ 20.415703] ret_from_fork+0x10/0x20 [ 20.415781] [ 20.415806] kfence-#82: 0x00000000992ac015-0x000000001b5ade44, size=32, cache=test [ 20.415806] [ 20.415858] allocated by task 289 on cpu 0 at 20.414894s (0.000960s ago): [ 20.416261] test_alloc+0x230/0x628 [ 20.416393] test_out_of_bounds_read+0xdc/0x3e0 [ 20.416505] kunit_try_run_case+0x170/0x3f0 [ 20.416563] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.416618] kthread+0x328/0x630 [ 20.416716] ret_from_fork+0x10/0x20 [ 20.416758] [ 20.416835] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.416924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.416952] Hardware name: linux,dummy-virt (DT) [ 20.416985] ================================================================== [ 20.209739] ================================================================== [ 20.209971] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.209971] [ 20.210421] Out-of-bounds read at 0x00000000c6590041 (1B left of kfence-#80): [ 20.210633] test_out_of_bounds_read+0x114/0x3e0 [ 20.210689] kunit_try_run_case+0x170/0x3f0 [ 20.210736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.211149] kthread+0x328/0x630 [ 20.211328] ret_from_fork+0x10/0x20 [ 20.211394] [ 20.211716] kfence-#80: 0x00000000a2a8e63e-0x000000002688a20d, size=32, cache=kmalloc-32 [ 20.211716] [ 20.211855] allocated by task 287 on cpu 0 at 20.207846s (0.003983s ago): [ 20.212517] test_alloc+0x29c/0x628 [ 20.212744] test_out_of_bounds_read+0xdc/0x3e0 [ 20.212915] kunit_try_run_case+0x170/0x3f0 [ 20.212998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.213233] kthread+0x328/0x630 [ 20.213284] ret_from_fork+0x10/0x20 [ 20.214094] [ 20.214212] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.214324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.214379] Hardware name: linux,dummy-virt (DT) [ 20.214444] ================================================================== [ 20.311155] ================================================================== [ 20.311320] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 20.311320] [ 20.311472] Out-of-bounds read at 0x00000000cf127478 (32B right of kfence-#81): [ 20.311533] test_out_of_bounds_read+0x1c8/0x3e0 [ 20.311582] kunit_try_run_case+0x170/0x3f0 [ 20.311833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.311925] kthread+0x328/0x630 [ 20.311996] ret_from_fork+0x10/0x20 [ 20.312042] [ 20.312069] kfence-#81: 0x000000005cf57f61-0x00000000e89fd894, size=32, cache=kmalloc-32 [ 20.312069] [ 20.312162] allocated by task 287 on cpu 0 at 20.310902s (0.001255s ago): [ 20.312327] test_alloc+0x29c/0x628 [ 20.312382] test_out_of_bounds_read+0x198/0x3e0 [ 20.312426] kunit_try_run_case+0x170/0x3f0 [ 20.312647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.312771] kthread+0x328/0x630 [ 20.312828] ret_from_fork+0x10/0x20 [ 20.312870] [ 20.312914] CPU: 0 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.313002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.313044] Hardware name: linux,dummy-virt (DT) [ 20.313078] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_memset_16
[ 16.937657] ================================================================== [ 16.937727] BUG: KFENCE: memory corruption in kmalloc_oob_memset_16+0x170/0x2f8 [ 16.937727] [ 16.937787] Corrupted memory at 0x00000000fc6e5762 [ ! . . . . . . . . . . . . . . . ] (in kfence-#57): [ 16.951675] kmalloc_oob_memset_16+0x170/0x2f8 [ 16.951843] kunit_try_run_case+0x170/0x3f0 [ 16.951891] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.952270] kthread+0x328/0x630 [ 16.952378] ret_from_fork+0x10/0x20 [ 16.952450] [ 16.952693] kfence-#57: 0x00000000261009f6-0x0000000010d26d92, size=120, cache=kmalloc-128 [ 16.952693] [ 16.952910] allocated by task 178 on cpu 1 at 16.935788s (0.017062s ago): [ 16.953075] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.953152] kunit_try_run_case+0x170/0x3f0 [ 16.953202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.953264] kthread+0x328/0x630 [ 16.953295] ret_from_fork+0x10/0x20 [ 16.953423] [ 16.953565] freed by task 178 on cpu 1 at 16.937108s (0.016354s ago): [ 16.953663] kmalloc_oob_memset_16+0x170/0x2f8 [ 16.953714] kunit_try_run_case+0x170/0x3f0 [ 16.953763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.953807] kthread+0x328/0x630 [ 16.953856] ret_from_fork+0x10/0x20 [ 16.954391] [ 16.954751] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.954843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.955325] Hardware name: linux,dummy-virt (DT) [ 16.955932] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 20.011462] ================================================================== [ 20.011545] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 20.011888] Write of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 20.011967] [ 20.012091] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.012474] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.012552] Hardware name: linux,dummy-virt (DT) [ 20.012804] Call trace: [ 20.012934] show_stack+0x20/0x38 (C) [ 20.013244] dump_stack_lvl+0x8c/0xd0 [ 20.013491] print_report+0x118/0x608 [ 20.013707] kasan_report+0xdc/0x128 [ 20.013840] kasan_check_range+0x100/0x1a8 [ 20.014037] __kasan_check_write+0x20/0x30 [ 20.014142] strncpy_from_user+0x3c/0x2a0 [ 20.014302] copy_user_test_oob+0x5c0/0xec8 [ 20.014383] kunit_try_run_case+0x170/0x3f0 [ 20.014461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.014832] kthread+0x328/0x630 [ 20.015202] ret_from_fork+0x10/0x20 [ 20.015384] [ 20.015426] Allocated by task 285: [ 20.015569] kasan_save_stack+0x3c/0x68 [ 20.015616] kasan_save_track+0x20/0x40 [ 20.015846] kasan_save_alloc_info+0x40/0x58 [ 20.016352] __kasan_kmalloc+0xd4/0xd8 [ 20.016515] __kmalloc_noprof+0x198/0x4c8 [ 20.016561] kunit_kmalloc_array+0x34/0x88 [ 20.016613] copy_user_test_oob+0xac/0xec8 [ 20.016655] kunit_try_run_case+0x170/0x3f0 [ 20.016694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.016743] kthread+0x328/0x630 [ 20.016788] ret_from_fork+0x10/0x20 [ 20.016837] [ 20.016869] The buggy address belongs to the object at fff00000c5a57c00 [ 20.016869] which belongs to the cache kmalloc-128 of size 128 [ 20.016950] The buggy address is located 0 bytes inside of [ 20.016950] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 20.017015] [ 20.017053] The buggy address belongs to the physical page: [ 20.017124] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 20.017212] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.017270] page_type: f5(slab) [ 20.017313] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.017823] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.017891] page dumped because: kasan: bad access detected [ 20.018199] [ 20.018221] Memory state around the buggy address: [ 20.018348] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.018858] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.019036] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.019210] ^ [ 20.019518] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.019826] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.020078] ================================================================== [ 20.022471] ================================================================== [ 20.022604] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 20.023088] Write of size 1 at addr fff00000c5a57c78 by task kunit_try_catch/285 [ 20.023176] [ 20.023211] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.023544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.023787] Hardware name: linux,dummy-virt (DT) [ 20.024056] Call trace: [ 20.024206] show_stack+0x20/0x38 (C) [ 20.024349] dump_stack_lvl+0x8c/0xd0 [ 20.024407] print_report+0x118/0x608 [ 20.024697] kasan_report+0xdc/0x128 [ 20.024913] __asan_report_store1_noabort+0x20/0x30 [ 20.024992] strncpy_from_user+0x270/0x2a0 [ 20.025474] copy_user_test_oob+0x5c0/0xec8 [ 20.025549] kunit_try_run_case+0x170/0x3f0 [ 20.025801] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.026085] kthread+0x328/0x630 [ 20.026170] ret_from_fork+0x10/0x20 [ 20.026330] [ 20.026373] Allocated by task 285: [ 20.026701] kasan_save_stack+0x3c/0x68 [ 20.026769] kasan_save_track+0x20/0x40 [ 20.027021] kasan_save_alloc_info+0x40/0x58 [ 20.027248] __kasan_kmalloc+0xd4/0xd8 [ 20.027321] __kmalloc_noprof+0x198/0x4c8 [ 20.027388] kunit_kmalloc_array+0x34/0x88 [ 20.027434] copy_user_test_oob+0xac/0xec8 [ 20.027550] kunit_try_run_case+0x170/0x3f0 [ 20.027591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.027638] kthread+0x328/0x630 [ 20.027672] ret_from_fork+0x10/0x20 [ 20.027712] [ 20.027746] The buggy address belongs to the object at fff00000c5a57c00 [ 20.027746] which belongs to the cache kmalloc-128 of size 128 [ 20.027812] The buggy address is located 0 bytes to the right of [ 20.027812] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 20.027888] [ 20.027921] The buggy address belongs to the physical page: [ 20.027954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 20.028009] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.028066] page_type: f5(slab) [ 20.028108] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.028162] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.028204] page dumped because: kasan: bad access detected [ 20.028248] [ 20.028277] Memory state around the buggy address: [ 20.028312] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.028367] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.028429] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.028471] ^ [ 20.028514] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.028559] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.028600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.945472] ================================================================== [ 19.945593] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.945673] Write of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 19.945727] [ 19.945770] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.945858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.945888] Hardware name: linux,dummy-virt (DT) [ 19.945962] Call trace: [ 19.945989] show_stack+0x20/0x38 (C) [ 19.946403] dump_stack_lvl+0x8c/0xd0 [ 19.946497] print_report+0x118/0x608 [ 19.946548] kasan_report+0xdc/0x128 [ 19.946597] kasan_check_range+0x100/0x1a8 [ 19.946772] __kasan_check_write+0x20/0x30 [ 19.946906] copy_user_test_oob+0x234/0xec8 [ 19.946979] kunit_try_run_case+0x170/0x3f0 [ 19.947099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.947175] kthread+0x328/0x630 [ 19.947236] ret_from_fork+0x10/0x20 [ 19.947394] [ 19.947489] Allocated by task 285: [ 19.947550] kasan_save_stack+0x3c/0x68 [ 19.947597] kasan_save_track+0x20/0x40 [ 19.947675] kasan_save_alloc_info+0x40/0x58 [ 19.947739] __kasan_kmalloc+0xd4/0xd8 [ 19.947779] __kmalloc_noprof+0x198/0x4c8 [ 19.947822] kunit_kmalloc_array+0x34/0x88 [ 19.948082] copy_user_test_oob+0xac/0xec8 [ 19.948171] kunit_try_run_case+0x170/0x3f0 [ 19.948286] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.948576] kthread+0x328/0x630 [ 19.948665] ret_from_fork+0x10/0x20 [ 19.948776] [ 19.948811] The buggy address belongs to the object at fff00000c5a57c00 [ 19.948811] which belongs to the cache kmalloc-128 of size 128 [ 19.948966] The buggy address is located 0 bytes inside of [ 19.948966] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 19.949164] [ 19.949254] The buggy address belongs to the physical page: [ 19.949329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.949451] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.949541] page_type: f5(slab) [ 19.949583] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.949636] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.949677] page dumped because: kasan: bad access detected [ 19.949712] [ 19.949734] Memory state around the buggy address: [ 19.950071] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.950224] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.950330] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.950686] ^ [ 19.950883] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.950928] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.950970] ================================================================== [ 20.001182] ================================================================== [ 20.001237] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 20.001294] Read of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 20.002029] [ 20.002224] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 20.002631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.003069] Hardware name: linux,dummy-virt (DT) [ 20.003120] Call trace: [ 20.003444] show_stack+0x20/0x38 (C) [ 20.003551] dump_stack_lvl+0x8c/0xd0 [ 20.003760] print_report+0x118/0x608 [ 20.003816] kasan_report+0xdc/0x128 [ 20.003888] kasan_check_range+0x100/0x1a8 [ 20.004225] __kasan_check_read+0x20/0x30 [ 20.004567] copy_user_test_oob+0x4a0/0xec8 [ 20.004958] kunit_try_run_case+0x170/0x3f0 [ 20.005036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.005103] kthread+0x328/0x630 [ 20.005149] ret_from_fork+0x10/0x20 [ 20.005210] [ 20.005241] Allocated by task 285: [ 20.005274] kasan_save_stack+0x3c/0x68 [ 20.005331] kasan_save_track+0x20/0x40 [ 20.005406] kasan_save_alloc_info+0x40/0x58 [ 20.005469] __kasan_kmalloc+0xd4/0xd8 [ 20.005523] __kmalloc_noprof+0x198/0x4c8 [ 20.005565] kunit_kmalloc_array+0x34/0x88 [ 20.005620] copy_user_test_oob+0xac/0xec8 [ 20.005662] kunit_try_run_case+0x170/0x3f0 [ 20.005702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.005749] kthread+0x328/0x630 [ 20.005786] ret_from_fork+0x10/0x20 [ 20.005823] [ 20.005854] The buggy address belongs to the object at fff00000c5a57c00 [ 20.005854] which belongs to the cache kmalloc-128 of size 128 [ 20.006529] The buggy address is located 0 bytes inside of [ 20.006529] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 20.006623] [ 20.006679] The buggy address belongs to the physical page: [ 20.006873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 20.007188] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.007414] page_type: f5(slab) [ 20.007463] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 20.007671] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.007978] page dumped because: kasan: bad access detected [ 20.008155] [ 20.008179] Memory state around the buggy address: [ 20.008262] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.008457] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.008822] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 20.009042] ^ [ 20.009480] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.009966] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.010077] ================================================================== [ 19.974881] ================================================================== [ 19.974957] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.975181] Write of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 19.975384] [ 19.975480] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.975589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.975699] Hardware name: linux,dummy-virt (DT) [ 19.975749] Call trace: [ 19.975775] show_stack+0x20/0x38 (C) [ 19.975840] dump_stack_lvl+0x8c/0xd0 [ 19.976073] print_report+0x118/0x608 [ 19.976144] kasan_report+0xdc/0x128 [ 19.976573] kasan_check_range+0x100/0x1a8 [ 19.976652] __kasan_check_write+0x20/0x30 [ 19.976828] copy_user_test_oob+0x35c/0xec8 [ 19.976900] kunit_try_run_case+0x170/0x3f0 [ 19.977025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.977307] kthread+0x328/0x630 [ 19.977557] ret_from_fork+0x10/0x20 [ 19.977620] [ 19.977660] Allocated by task 285: [ 19.977751] kasan_save_stack+0x3c/0x68 [ 19.977842] kasan_save_track+0x20/0x40 [ 19.977887] kasan_save_alloc_info+0x40/0x58 [ 19.978295] __kasan_kmalloc+0xd4/0xd8 [ 19.978531] __kmalloc_noprof+0x198/0x4c8 [ 19.978583] kunit_kmalloc_array+0x34/0x88 [ 19.978939] copy_user_test_oob+0xac/0xec8 [ 19.979154] kunit_try_run_case+0x170/0x3f0 [ 19.979331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.979439] kthread+0x328/0x630 [ 19.979517] ret_from_fork+0x10/0x20 [ 19.979661] [ 19.979732] The buggy address belongs to the object at fff00000c5a57c00 [ 19.979732] which belongs to the cache kmalloc-128 of size 128 [ 19.980150] The buggy address is located 0 bytes inside of [ 19.980150] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 19.980469] [ 19.980555] The buggy address belongs to the physical page: [ 19.980697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.980793] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.980935] page_type: f5(slab) [ 19.981013] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.981090] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.981312] page dumped because: kasan: bad access detected [ 19.981509] [ 19.981670] Memory state around the buggy address: [ 19.981936] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.982373] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.982463] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.982517] ^ [ 19.982577] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.982633] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.982866] ================================================================== [ 19.990452] ================================================================== [ 19.990603] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.990737] Write of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 19.990949] [ 19.991148] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.991283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.991436] Hardware name: linux,dummy-virt (DT) [ 19.991482] Call trace: [ 19.991878] show_stack+0x20/0x38 (C) [ 19.991967] dump_stack_lvl+0x8c/0xd0 [ 19.992025] print_report+0x118/0x608 [ 19.992084] kasan_report+0xdc/0x128 [ 19.992134] kasan_check_range+0x100/0x1a8 [ 19.992184] __kasan_check_write+0x20/0x30 [ 19.992591] copy_user_test_oob+0x434/0xec8 [ 19.992667] kunit_try_run_case+0x170/0x3f0 [ 19.992856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.992927] kthread+0x328/0x630 [ 19.993203] ret_from_fork+0x10/0x20 [ 19.993276] [ 19.993306] Allocated by task 285: [ 19.993354] kasan_save_stack+0x3c/0x68 [ 19.993400] kasan_save_track+0x20/0x40 [ 19.993925] kasan_save_alloc_info+0x40/0x58 [ 19.993993] __kasan_kmalloc+0xd4/0xd8 [ 19.994379] __kmalloc_noprof+0x198/0x4c8 [ 19.994641] kunit_kmalloc_array+0x34/0x88 [ 19.994820] copy_user_test_oob+0xac/0xec8 [ 19.994902] kunit_try_run_case+0x170/0x3f0 [ 19.994971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.995127] kthread+0x328/0x630 [ 19.995204] ret_from_fork+0x10/0x20 [ 19.995242] [ 19.995287] The buggy address belongs to the object at fff00000c5a57c00 [ 19.995287] which belongs to the cache kmalloc-128 of size 128 [ 19.995560] The buggy address is located 0 bytes inside of [ 19.995560] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 19.995762] [ 19.995797] The buggy address belongs to the physical page: [ 19.996111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.996268] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.996414] page_type: f5(slab) [ 19.998038] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.998323] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.998387] page dumped because: kasan: bad access detected [ 19.998591] [ 19.998825] Memory state around the buggy address: [ 19.998909] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.999135] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.999311] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.999639] ^ [ 19.999874] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.999937] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.000281] ================================================================== [ 19.961831] ================================================================== [ 19.961892] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.962068] Read of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 19.962425] [ 19.962497] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.962665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.962804] Hardware name: linux,dummy-virt (DT) [ 19.962862] Call trace: [ 19.962933] show_stack+0x20/0x38 (C) [ 19.963043] dump_stack_lvl+0x8c/0xd0 [ 19.963152] print_report+0x118/0x608 [ 19.963498] kasan_report+0xdc/0x128 [ 19.963567] kasan_check_range+0x100/0x1a8 [ 19.963707] __kasan_check_read+0x20/0x30 [ 19.963815] copy_user_test_oob+0x728/0xec8 [ 19.963865] kunit_try_run_case+0x170/0x3f0 [ 19.963973] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.964030] kthread+0x328/0x630 [ 19.964076] ret_from_fork+0x10/0x20 [ 19.964264] [ 19.964292] Allocated by task 285: [ 19.964324] kasan_save_stack+0x3c/0x68 [ 19.964383] kasan_save_track+0x20/0x40 [ 19.964535] kasan_save_alloc_info+0x40/0x58 [ 19.964627] __kasan_kmalloc+0xd4/0xd8 [ 19.964669] __kmalloc_noprof+0x198/0x4c8 [ 19.964739] kunit_kmalloc_array+0x34/0x88 [ 19.964829] copy_user_test_oob+0xac/0xec8 [ 19.964949] kunit_try_run_case+0x170/0x3f0 [ 19.965054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.965436] kthread+0x328/0x630 [ 19.965490] ret_from_fork+0x10/0x20 [ 19.965531] [ 19.965571] The buggy address belongs to the object at fff00000c5a57c00 [ 19.965571] which belongs to the cache kmalloc-128 of size 128 [ 19.965630] The buggy address is located 0 bytes inside of [ 19.965630] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 19.965702] [ 19.965744] The buggy address belongs to the physical page: [ 19.965777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.965833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.965883] page_type: f5(slab) [ 19.965953] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.966003] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.966045] page dumped because: kasan: bad access detected [ 19.966080] [ 19.966270] Memory state around the buggy address: [ 19.966381] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.966442] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.966517] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.966597] ^ [ 19.966728] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.966808] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.966853] ================================================================== [ 19.983881] ================================================================== [ 19.984048] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.984203] Read of size 121 at addr fff00000c5a57c00 by task kunit_try_catch/285 [ 19.984260] [ 19.984318] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.984827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.984874] Hardware name: linux,dummy-virt (DT) [ 19.985004] Call trace: [ 19.985047] show_stack+0x20/0x38 (C) [ 19.985318] dump_stack_lvl+0x8c/0xd0 [ 19.985490] print_report+0x118/0x608 [ 19.985552] kasan_report+0xdc/0x128 [ 19.985946] kasan_check_range+0x100/0x1a8 [ 19.986021] __kasan_check_read+0x20/0x30 [ 19.986320] copy_user_test_oob+0x3c8/0xec8 [ 19.986623] kunit_try_run_case+0x170/0x3f0 [ 19.986766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.986841] kthread+0x328/0x630 [ 19.987178] ret_from_fork+0x10/0x20 [ 19.987363] [ 19.987423] Allocated by task 285: [ 19.987475] kasan_save_stack+0x3c/0x68 [ 19.987549] kasan_save_track+0x20/0x40 [ 19.987742] kasan_save_alloc_info+0x40/0x58 [ 19.987798] __kasan_kmalloc+0xd4/0xd8 [ 19.987838] __kmalloc_noprof+0x198/0x4c8 [ 19.987879] kunit_kmalloc_array+0x34/0x88 [ 19.988029] copy_user_test_oob+0xac/0xec8 [ 19.988077] kunit_try_run_case+0x170/0x3f0 [ 19.988144] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.988201] kthread+0x328/0x630 [ 19.988238] ret_from_fork+0x10/0x20 [ 19.988276] [ 19.988307] The buggy address belongs to the object at fff00000c5a57c00 [ 19.988307] which belongs to the cache kmalloc-128 of size 128 [ 19.988390] The buggy address is located 0 bytes inside of [ 19.988390] allocated 120-byte region [fff00000c5a57c00, fff00000c5a57c78) [ 19.988454] [ 19.988477] The buggy address belongs to the physical page: [ 19.988508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.988572] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.988622] page_type: f5(slab) [ 19.988690] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.988753] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.988807] page dumped because: kasan: bad access detected [ 19.988851] [ 19.988880] Memory state around the buggy address: [ 19.988930] fff00000c5a57b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.988989] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.989035] >fff00000c5a57c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.989085] ^ [ 19.989129] fff00000c5a57c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.989174] fff00000c5a57d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.989224] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.916668] ================================================================== [ 19.916775] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.916949] Read of size 8 at addr fff00000c5a57b78 by task kunit_try_catch/281 [ 19.917011] [ 19.917090] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.917178] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.917209] Hardware name: linux,dummy-virt (DT) [ 19.917508] Call trace: [ 19.917555] show_stack+0x20/0x38 (C) [ 19.917615] dump_stack_lvl+0x8c/0xd0 [ 19.917668] print_report+0x118/0x608 [ 19.917720] kasan_report+0xdc/0x128 [ 19.917797] __asan_report_load8_noabort+0x20/0x30 [ 19.917852] copy_to_kernel_nofault+0x204/0x250 [ 19.918165] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.918305] kunit_try_run_case+0x170/0x3f0 [ 19.918531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.918606] kthread+0x328/0x630 [ 19.918697] ret_from_fork+0x10/0x20 [ 19.918747] [ 19.918768] Allocated by task 281: [ 19.918800] kasan_save_stack+0x3c/0x68 [ 19.918843] kasan_save_track+0x20/0x40 [ 19.918892] kasan_save_alloc_info+0x40/0x58 [ 19.919098] __kasan_kmalloc+0xd4/0xd8 [ 19.919223] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.919300] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.919378] kunit_try_run_case+0x170/0x3f0 [ 19.919470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.919529] kthread+0x328/0x630 [ 19.919573] ret_from_fork+0x10/0x20 [ 19.919629] [ 19.919651] The buggy address belongs to the object at fff00000c5a57b00 [ 19.919651] which belongs to the cache kmalloc-128 of size 128 [ 19.919850] The buggy address is located 0 bytes to the right of [ 19.919850] allocated 120-byte region [fff00000c5a57b00, fff00000c5a57b78) [ 19.919982] [ 19.920032] The buggy address belongs to the physical page: [ 19.920077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.920164] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.920217] page_type: f5(slab) [ 19.920290] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.920616] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.920691] page dumped because: kasan: bad access detected [ 19.920775] [ 19.920835] Memory state around the buggy address: [ 19.920915] fff00000c5a57a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.920962] fff00000c5a57a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.921014] >fff00000c5a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.921310] ^ [ 19.921388] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.921443] fff00000c5a57c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.921541] ================================================================== [ 19.922994] ================================================================== [ 19.923045] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.923278] Write of size 8 at addr fff00000c5a57b78 by task kunit_try_catch/281 [ 19.923354] [ 19.923388] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.923476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.923524] Hardware name: linux,dummy-virt (DT) [ 19.923558] Call trace: [ 19.923588] show_stack+0x20/0x38 (C) [ 19.923650] dump_stack_lvl+0x8c/0xd0 [ 19.923702] print_report+0x118/0x608 [ 19.923770] kasan_report+0xdc/0x128 [ 19.923818] kasan_check_range+0x100/0x1a8 [ 19.923913] __kasan_check_write+0x20/0x30 [ 19.924056] copy_to_kernel_nofault+0x8c/0x250 [ 19.924117] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.924211] kunit_try_run_case+0x170/0x3f0 [ 19.924265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.924321] kthread+0x328/0x630 [ 19.924376] ret_from_fork+0x10/0x20 [ 19.924555] [ 19.924614] Allocated by task 281: [ 19.924652] kasan_save_stack+0x3c/0x68 [ 19.924707] kasan_save_track+0x20/0x40 [ 19.924749] kasan_save_alloc_info+0x40/0x58 [ 19.924809] __kasan_kmalloc+0xd4/0xd8 [ 19.924852] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.924919] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.925033] kunit_try_run_case+0x170/0x3f0 [ 19.925080] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.925126] kthread+0x328/0x630 [ 19.925160] ret_from_fork+0x10/0x20 [ 19.925198] [ 19.925298] The buggy address belongs to the object at fff00000c5a57b00 [ 19.925298] which belongs to the cache kmalloc-128 of size 128 [ 19.925396] The buggy address is located 0 bytes to the right of [ 19.925396] allocated 120-byte region [fff00000c5a57b00, fff00000c5a57b78) [ 19.925480] [ 19.925505] The buggy address belongs to the physical page: [ 19.925537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.925599] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.925664] page_type: f5(slab) [ 19.925705] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.925765] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.925809] page dumped because: kasan: bad access detected [ 19.925840] [ 19.925859] Memory state around the buggy address: [ 19.925892] fff00000c5a57a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.926117] fff00000c5a57a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.926180] >fff00000c5a57b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.926239] ^ [ 19.926379] fff00000c5a57b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.926448] fff00000c5a57c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.926661] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.874678] ================================================================== [ 19.874733] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.874784] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.874848] [ 19.874905] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.875137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.875439] Hardware name: linux,dummy-virt (DT) [ 19.875479] Call trace: [ 19.875505] show_stack+0x20/0x38 (C) [ 19.875822] dump_stack_lvl+0x8c/0xd0 [ 19.875954] print_report+0x310/0x608 [ 19.876016] kasan_report+0xdc/0x128 [ 19.876170] __asan_report_load1_noabort+0x20/0x30 [ 19.876225] vmalloc_oob+0x51c/0x5d0 [ 19.876276] kunit_try_run_case+0x170/0x3f0 [ 19.876387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.876521] ret_from_fork+0x10/0x20 [ 19.878145] [ 19.878590] The buggy address belongs to the virtual mapping at [ 19.878590] [ffff8000800fe000, ffff800080100000) created by: [ 19.878590] vmalloc_oob+0x98/0x5d0 [ 19.878888] [ 19.879004] The buggy address belongs to the physical page: [ 19.879134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bf1 [ 19.879485] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.879839] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.879910] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.880176] page dumped because: kasan: bad access detected [ 19.880263] [ 19.880393] Memory state around the buggy address: [ 19.880427] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.880482] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.880526] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.880565] ^ [ 19.881174] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.881279] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.881412] ================================================================== [ 19.867427] ================================================================== [ 19.867655] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.868045] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.868102] [ 19.868260] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.868615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.868646] Hardware name: linux,dummy-virt (DT) [ 19.868678] Call trace: [ 19.868707] show_stack+0x20/0x38 (C) [ 19.869121] dump_stack_lvl+0x8c/0xd0 [ 19.869459] print_report+0x310/0x608 [ 19.869796] kasan_report+0xdc/0x128 [ 19.869851] __asan_report_load1_noabort+0x20/0x30 [ 19.869952] vmalloc_oob+0x578/0x5d0 [ 19.870000] kunit_try_run_case+0x170/0x3f0 [ 19.870384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.870480] kthread+0x328/0x630 [ 19.870528] ret_from_fork+0x10/0x20 [ 19.870686] [ 19.870723] The buggy address belongs to the virtual mapping at [ 19.870723] [ffff8000800fe000, ffff800080100000) created by: [ 19.870723] vmalloc_oob+0x98/0x5d0 [ 19.870964] [ 19.870990] The buggy address belongs to the physical page: [ 19.871053] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bf1 [ 19.871379] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.871458] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.871837] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.871902] page dumped because: kasan: bad access detected [ 19.871989] [ 19.872039] Memory state around the buggy address: [ 19.872120] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.872217] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.872263] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.872361] ^ [ 19.872563] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.872667] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.872777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.672836] ================================================================== [ 19.672961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.673015] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.673066] [ 19.673112] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.673330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.673372] Hardware name: linux,dummy-virt (DT) [ 19.673591] Call trace: [ 19.673888] show_stack+0x20/0x38 (C) [ 19.674039] dump_stack_lvl+0x8c/0xd0 [ 19.674090] print_report+0x118/0x608 [ 19.674140] kasan_report+0xdc/0x128 [ 19.674210] kasan_check_range+0x100/0x1a8 [ 19.674263] __kasan_check_write+0x20/0x30 [ 19.674319] kasan_atomics_helper+0x11f8/0x4858 [ 19.674384] kasan_atomics+0x198/0x2e0 [ 19.674432] kunit_try_run_case+0x170/0x3f0 [ 19.674899] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.675015] kthread+0x328/0x630 [ 19.675214] ret_from_fork+0x10/0x20 [ 19.675265] [ 19.675285] Allocated by task 265: [ 19.675363] kasan_save_stack+0x3c/0x68 [ 19.675414] kasan_save_track+0x20/0x40 [ 19.675456] kasan_save_alloc_info+0x40/0x58 [ 19.675545] __kasan_kmalloc+0xd4/0xd8 [ 19.675586] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.675629] kasan_atomics+0xb8/0x2e0 [ 19.675666] kunit_try_run_case+0x170/0x3f0 [ 19.675707] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.675754] kthread+0x328/0x630 [ 19.675833] ret_from_fork+0x10/0x20 [ 19.675971] [ 19.675992] The buggy address belongs to the object at fff00000c5a01980 [ 19.675992] which belongs to the cache kmalloc-64 of size 64 [ 19.676180] The buggy address is located 0 bytes to the right of [ 19.676180] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.676888] [ 19.676991] The buggy address belongs to the physical page: [ 19.677028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.677567] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.677645] page_type: f5(slab) [ 19.677954] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.678116] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.678162] page dumped because: kasan: bad access detected [ 19.678214] [ 19.678234] Memory state around the buggy address: [ 19.678285] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.678332] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.678388] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.678429] ^ [ 19.678466] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.678519] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.678692] ================================================================== [ 19.687363] ================================================================== [ 19.687422] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.687476] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.687643] [ 19.687677] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.687966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.688001] Hardware name: linux,dummy-virt (DT) [ 19.688034] Call trace: [ 19.688058] show_stack+0x20/0x38 (C) [ 19.688111] dump_stack_lvl+0x8c/0xd0 [ 19.688166] print_report+0x118/0x608 [ 19.688430] kasan_report+0xdc/0x128 [ 19.688478] kasan_check_range+0x100/0x1a8 [ 19.688529] __kasan_check_write+0x20/0x30 [ 19.688575] kasan_atomics_helper+0x12d8/0x4858 [ 19.688627] kasan_atomics+0x198/0x2e0 [ 19.688681] kunit_try_run_case+0x170/0x3f0 [ 19.688933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.689229] kthread+0x328/0x630 [ 19.689346] ret_from_fork+0x10/0x20 [ 19.689395] [ 19.689415] Allocated by task 265: [ 19.689445] kasan_save_stack+0x3c/0x68 [ 19.689487] kasan_save_track+0x20/0x40 [ 19.689527] kasan_save_alloc_info+0x40/0x58 [ 19.689569] __kasan_kmalloc+0xd4/0xd8 [ 19.689608] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.690036] kasan_atomics+0xb8/0x2e0 [ 19.690370] kunit_try_run_case+0x170/0x3f0 [ 19.690468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.690516] kthread+0x328/0x630 [ 19.690551] ret_from_fork+0x10/0x20 [ 19.690853] [ 19.690894] The buggy address belongs to the object at fff00000c5a01980 [ 19.690894] which belongs to the cache kmalloc-64 of size 64 [ 19.690964] The buggy address is located 0 bytes to the right of [ 19.690964] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.691030] [ 19.691054] The buggy address belongs to the physical page: [ 19.691113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.691169] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.691321] page_type: f5(slab) [ 19.691372] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.691428] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.691471] page dumped because: kasan: bad access detected [ 19.691506] [ 19.691526] Memory state around the buggy address: [ 19.691634] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.691685] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.691736] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.691986] ^ [ 19.692069] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.692111] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.692225] ================================================================== [ 19.665646] ================================================================== [ 19.665702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.665766] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.666055] [ 19.666279] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.666401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.666431] Hardware name: linux,dummy-virt (DT) [ 19.666462] Call trace: [ 19.666688] show_stack+0x20/0x38 (C) [ 19.666848] dump_stack_lvl+0x8c/0xd0 [ 19.666929] print_report+0x118/0x608 [ 19.666986] kasan_report+0xdc/0x128 [ 19.667236] kasan_check_range+0x100/0x1a8 [ 19.667434] __kasan_check_write+0x20/0x30 [ 19.667538] kasan_atomics_helper+0x1190/0x4858 [ 19.667631] kasan_atomics+0x198/0x2e0 [ 19.667698] kunit_try_run_case+0x170/0x3f0 [ 19.667857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.667946] kthread+0x328/0x630 [ 19.668035] ret_from_fork+0x10/0x20 [ 19.668137] [ 19.668196] Allocated by task 265: [ 19.668226] kasan_save_stack+0x3c/0x68 [ 19.668270] kasan_save_track+0x20/0x40 [ 19.668309] kasan_save_alloc_info+0x40/0x58 [ 19.668364] __kasan_kmalloc+0xd4/0xd8 [ 19.668402] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.668444] kasan_atomics+0xb8/0x2e0 [ 19.668483] kunit_try_run_case+0x170/0x3f0 [ 19.668870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.669262] kthread+0x328/0x630 [ 19.669428] ret_from_fork+0x10/0x20 [ 19.669513] [ 19.669676] The buggy address belongs to the object at fff00000c5a01980 [ 19.669676] which belongs to the cache kmalloc-64 of size 64 [ 19.669807] The buggy address is located 0 bytes to the right of [ 19.669807] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.669874] [ 19.669897] The buggy address belongs to the physical page: [ 19.670196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.670259] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.670330] page_type: f5(slab) [ 19.670387] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.670798] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.670846] page dumped because: kasan: bad access detected [ 19.670881] [ 19.670901] Memory state around the buggy address: [ 19.670936] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.670989] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.671035] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.671076] ^ [ 19.671113] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671156] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671278] ================================================================== [ 19.660375] ================================================================== [ 19.660430] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.660483] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.660535] [ 19.660565] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.660647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.660676] Hardware name: linux,dummy-virt (DT) [ 19.660708] Call trace: [ 19.660733] show_stack+0x20/0x38 (C) [ 19.660783] dump_stack_lvl+0x8c/0xd0 [ 19.660831] print_report+0x118/0x608 [ 19.661243] kasan_report+0xdc/0x128 [ 19.661367] kasan_check_range+0x100/0x1a8 [ 19.661422] __kasan_check_write+0x20/0x30 [ 19.661469] kasan_atomics_helper+0x1128/0x4858 [ 19.661527] kasan_atomics+0x198/0x2e0 [ 19.661764] kunit_try_run_case+0x170/0x3f0 [ 19.661967] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.662024] kthread+0x328/0x630 [ 19.662067] ret_from_fork+0x10/0x20 [ 19.662117] [ 19.662137] Allocated by task 265: [ 19.662168] kasan_save_stack+0x3c/0x68 [ 19.662594] kasan_save_track+0x20/0x40 [ 19.662636] kasan_save_alloc_info+0x40/0x58 [ 19.662797] __kasan_kmalloc+0xd4/0xd8 [ 19.662877] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.662989] kasan_atomics+0xb8/0x2e0 [ 19.663083] kunit_try_run_case+0x170/0x3f0 [ 19.663170] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.663215] kthread+0x328/0x630 [ 19.663252] ret_from_fork+0x10/0x20 [ 19.663469] [ 19.663529] The buggy address belongs to the object at fff00000c5a01980 [ 19.663529] which belongs to the cache kmalloc-64 of size 64 [ 19.663658] The buggy address is located 0 bytes to the right of [ 19.663658] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.663777] [ 19.663853] The buggy address belongs to the physical page: [ 19.663888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.663941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.664266] page_type: f5(slab) [ 19.664362] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.664462] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.664510] page dumped because: kasan: bad access detected [ 19.664544] [ 19.664565] Memory state around the buggy address: [ 19.664658] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.664869] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.664966] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.665008] ^ [ 19.665045] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.665096] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.665171] ================================================================== [ 19.647457] ================================================================== [ 19.647586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.647640] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.647692] [ 19.647737] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.647881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.647910] Hardware name: linux,dummy-virt (DT) [ 19.647943] Call trace: [ 19.647968] show_stack+0x20/0x38 (C) [ 19.648240] dump_stack_lvl+0x8c/0xd0 [ 19.648493] print_report+0x118/0x608 [ 19.648625] kasan_report+0xdc/0x128 [ 19.648675] kasan_check_range+0x100/0x1a8 [ 19.648724] __kasan_check_write+0x20/0x30 [ 19.649102] kasan_atomics_helper+0x1058/0x4858 [ 19.649182] kasan_atomics+0x198/0x2e0 [ 19.649230] kunit_try_run_case+0x170/0x3f0 [ 19.649282] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.649349] kthread+0x328/0x630 [ 19.649394] ret_from_fork+0x10/0x20 [ 19.649442] [ 19.649657] Allocated by task 265: [ 19.649695] kasan_save_stack+0x3c/0x68 [ 19.649892] kasan_save_track+0x20/0x40 [ 19.650178] kasan_save_alloc_info+0x40/0x58 [ 19.650471] __kasan_kmalloc+0xd4/0xd8 [ 19.650513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.650595] kasan_atomics+0xb8/0x2e0 [ 19.650683] kunit_try_run_case+0x170/0x3f0 [ 19.650758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.651021] kthread+0x328/0x630 [ 19.651402] ret_from_fork+0x10/0x20 [ 19.651465] [ 19.651489] The buggy address belongs to the object at fff00000c5a01980 [ 19.651489] which belongs to the cache kmalloc-64 of size 64 [ 19.651585] The buggy address is located 0 bytes to the right of [ 19.651585] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.651672] [ 19.651735] The buggy address belongs to the physical page: [ 19.651769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.651896] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.652008] page_type: f5(slab) [ 19.652053] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.652304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.652365] page dumped because: kasan: bad access detected [ 19.652399] [ 19.652419] Memory state around the buggy address: [ 19.652578] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.652626] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.652706] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.652747] ^ [ 19.652780] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.652858] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.652922] ================================================================== [ 19.475559] ================================================================== [ 19.475611] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7cc/0x4858 [ 19.476809] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.476881] [ 19.476917] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.477002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.477129] Hardware name: linux,dummy-virt (DT) [ 19.477169] Call trace: [ 19.477229] show_stack+0x20/0x38 (C) [ 19.477313] dump_stack_lvl+0x8c/0xd0 [ 19.477391] print_report+0x118/0x608 [ 19.478335] kasan_check_range+0x100/0x1a8 [ 19.478549] kasan_atomics_helper+0x7cc/0x4858 [ 19.478632] kasan_atomics+0x198/0x2e0 [ 19.478959] kunit_try_run_case+0x170/0x3f0 [ 19.479093] kthread+0x328/0x630 [ 19.479776] ret_from_fork+0x10/0x20 [ 19.480109] [ 19.480150] Allocated by task 265: [ 19.480205] kasan_save_stack+0x3c/0x68 [ 19.480396] __kasan_kmalloc+0xd4/0xd8 [ 19.480436] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.480478] kasan_atomics+0xb8/0x2e0 [ 19.480521] kunit_try_run_case+0x170/0x3f0 [ 19.480681] [ 19.480824] [ 19.480848] The buggy address belongs to the physical page: [ 19.481088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.481203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.481815] page_type: f5(slab) [ 19.481859] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.481923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.483358] page dumped because: kasan: bad access detected [ 19.483747] [ 19.483798] Memory state around the buggy address: [ 19.483858] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.484607] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.486475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.486763] kasan_check_range+0x100/0x1a8 [ 19.488841] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.489250] [ 19.489274] The buggy address belongs to the physical page: [ 19.489307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.489371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.489419] page_type: f5(slab) [ 19.489467] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.489729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.489787] page dumped because: kasan: bad access detected [ 19.489953] [ 19.489973] Memory state around the buggy address: [ 19.490009] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.490052] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.490097] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.490137] ^ [ 19.491008] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.491063] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.491104] ================================================================== [ 19.840398] ================================================================== [ 19.840880] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.841415] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.841551] [ 19.841587] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.841716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.841830] Hardware name: linux,dummy-virt (DT) [ 19.841940] Call trace: [ 19.841988] show_stack+0x20/0x38 (C) [ 19.842397] dump_stack_lvl+0x8c/0xd0 [ 19.842563] print_report+0x118/0x608 [ 19.842684] kasan_report+0xdc/0x128 [ 19.842734] kasan_check_range+0x100/0x1a8 [ 19.842787] __kasan_check_write+0x20/0x30 [ 19.842836] kasan_atomics_helper+0x17ec/0x4858 [ 19.842899] kasan_atomics+0x198/0x2e0 [ 19.842945] kunit_try_run_case+0x170/0x3f0 [ 19.843399] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.843517] kthread+0x328/0x630 [ 19.843564] ret_from_fork+0x10/0x20 [ 19.843770] [ 19.843814] Allocated by task 265: [ 19.843910] kasan_save_stack+0x3c/0x68 [ 19.843960] kasan_save_track+0x20/0x40 [ 19.844001] kasan_save_alloc_info+0x40/0x58 [ 19.844091] __kasan_kmalloc+0xd4/0xd8 [ 19.844151] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.844304] kasan_atomics+0xb8/0x2e0 [ 19.844360] kunit_try_run_case+0x170/0x3f0 [ 19.844400] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.844448] kthread+0x328/0x630 [ 19.844482] ret_from_fork+0x10/0x20 [ 19.844648] [ 19.845024] The buggy address belongs to the object at fff00000c5a01980 [ 19.845024] which belongs to the cache kmalloc-64 of size 64 [ 19.845176] The buggy address is located 0 bytes to the right of [ 19.845176] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.845308] [ 19.845571] The buggy address belongs to the physical page: [ 19.845613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.845728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.845779] page_type: f5(slab) [ 19.845951] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.846006] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.846050] page dumped because: kasan: bad access detected [ 19.846334] [ 19.846443] Memory state around the buggy address: [ 19.846484] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.846550] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.846595] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.846759] ^ [ 19.846832] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.847061] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.847102] ================================================================== [ 19.491971] ================================================================== [ 19.492025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.492079] Read of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.492146] [ 19.492286] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.492392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.492473] Hardware name: linux,dummy-virt (DT) [ 19.492508] Call trace: [ 19.492571] show_stack+0x20/0x38 (C) [ 19.492658] dump_stack_lvl+0x8c/0xd0 [ 19.492709] print_report+0x118/0x608 [ 19.492776] kasan_report+0xdc/0x128 [ 19.492826] __asan_report_load4_noabort+0x20/0x30 [ 19.492881] kasan_atomics_helper+0x42d8/0x4858 [ 19.493079] kasan_atomics+0x198/0x2e0 [ 19.493165] kunit_try_run_case+0x170/0x3f0 [ 19.493217] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.493282] kthread+0x328/0x630 [ 19.493363] ret_from_fork+0x10/0x20 [ 19.493416] [ 19.493437] Allocated by task 265: [ 19.493498] kasan_save_stack+0x3c/0x68 [ 19.493599] kasan_save_track+0x20/0x40 [ 19.493641] kasan_save_alloc_info+0x40/0x58 [ 19.493682] __kasan_kmalloc+0xd4/0xd8 [ 19.493732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.493933] kasan_atomics+0xb8/0x2e0 [ 19.494382] kthread+0x328/0x630 [ 19.494875] [ 19.495068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.495259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.495302] page dumped because: kasan: bad access detected [ 19.495335] [ 19.495709] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.496116] ================================================================== [ 19.623982] ================================================================== [ 19.624030] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.624080] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.624130] [ 19.624182] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.624265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.624293] Hardware name: linux,dummy-virt (DT) [ 19.624325] Call trace: [ 19.624365] show_stack+0x20/0x38 (C) [ 19.624629] dump_stack_lvl+0x8c/0xd0 [ 19.624678] print_report+0x118/0x608 [ 19.624728] kasan_report+0xdc/0x128 [ 19.624782] __asan_report_store8_noabort+0x20/0x30 [ 19.625103] kasan_atomics_helper+0x3e5c/0x4858 [ 19.625776] kasan_atomics+0x198/0x2e0 [ 19.625924] kunit_try_run_case+0x170/0x3f0 [ 19.625976] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.626030] kthread+0x328/0x630 [ 19.626075] ret_from_fork+0x10/0x20 [ 19.626124] [ 19.626143] Allocated by task 265: [ 19.626174] kasan_save_stack+0x3c/0x68 [ 19.626216] kasan_save_track+0x20/0x40 [ 19.626255] kasan_save_alloc_info+0x40/0x58 [ 19.626322] __kasan_kmalloc+0xd4/0xd8 [ 19.626376] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.626418] kasan_atomics+0xb8/0x2e0 [ 19.626456] kunit_try_run_case+0x170/0x3f0 [ 19.626508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.626561] kthread+0x328/0x630 [ 19.626597] ret_from_fork+0x10/0x20 [ 19.626635] [ 19.626655] The buggy address belongs to the object at fff00000c5a01980 [ 19.626655] which belongs to the cache kmalloc-64 of size 64 [ 19.626713] The buggy address is located 0 bytes to the right of [ 19.626713] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.626779] [ 19.626802] The buggy address belongs to the physical page: [ 19.626836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.626890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.626939] page_type: f5(slab) [ 19.626979] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.627031] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.627074] page dumped because: kasan: bad access detected [ 19.627106] [ 19.627199] Memory state around the buggy address: [ 19.627235] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.627298] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.627353] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.627392] ^ [ 19.627441] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627485] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627536] ================================================================== [ 19.752614] ================================================================== [ 19.752671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.754025] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.754919] [ 19.755464] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.755822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.756172] Hardware name: linux,dummy-virt (DT) [ 19.756298] Call trace: [ 19.756763] show_stack+0x20/0x38 (C) [ 19.757259] dump_stack_lvl+0x8c/0xd0 [ 19.757696] print_report+0x118/0x608 [ 19.757797] kasan_report+0xdc/0x128 [ 19.757845] kasan_check_range+0x100/0x1a8 [ 19.757897] __kasan_check_write+0x20/0x30 [ 19.757951] kasan_atomics_helper+0x1644/0x4858 [ 19.758003] kasan_atomics+0x198/0x2e0 [ 19.759662] kunit_try_run_case+0x170/0x3f0 [ 19.759737] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.759797] kthread+0x328/0x630 [ 19.759844] ret_from_fork+0x10/0x20 [ 19.760681] [ 19.760870] Allocated by task 265: [ 19.761210] kasan_save_stack+0x3c/0x68 [ 19.761269] kasan_save_track+0x20/0x40 [ 19.761312] kasan_save_alloc_info+0x40/0x58 [ 19.761365] __kasan_kmalloc+0xd4/0xd8 [ 19.762131] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.762678] kasan_atomics+0xb8/0x2e0 [ 19.762725] kunit_try_run_case+0x170/0x3f0 [ 19.763159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.763564] kthread+0x328/0x630 [ 19.763851] ret_from_fork+0x10/0x20 [ 19.764241] [ 19.764267] The buggy address belongs to the object at fff00000c5a01980 [ 19.764267] which belongs to the cache kmalloc-64 of size 64 [ 19.765013] The buggy address is located 0 bytes to the right of [ 19.765013] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.765288] [ 19.765374] The buggy address belongs to the physical page: [ 19.765451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.765684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.766109] page_type: f5(slab) [ 19.766158] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.767120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.767253] page dumped because: kasan: bad access detected [ 19.769323] [ 19.769562] Memory state around the buggy address: [ 19.769604] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.769912] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.770181] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.770559] ^ [ 19.770718] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772282] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772571] ================================================================== [ 19.741313] ================================================================== [ 19.741377] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.742011] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.742275] [ 19.742315] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.742580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.742623] Hardware name: linux,dummy-virt (DT) [ 19.742655] Call trace: [ 19.742679] show_stack+0x20/0x38 (C) [ 19.742733] dump_stack_lvl+0x8c/0xd0 [ 19.742784] print_report+0x118/0x608 [ 19.743068] kasan_report+0xdc/0x128 [ 19.743163] __asan_report_load8_noabort+0x20/0x30 [ 19.743218] kasan_atomics_helper+0x3db0/0x4858 [ 19.743281] kasan_atomics+0x198/0x2e0 [ 19.743331] kunit_try_run_case+0x170/0x3f0 [ 19.743738] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.743800] kthread+0x328/0x630 [ 19.743846] ret_from_fork+0x10/0x20 [ 19.743895] [ 19.743915] Allocated by task 265: [ 19.743946] kasan_save_stack+0x3c/0x68 [ 19.744042] kasan_save_track+0x20/0x40 [ 19.744246] kasan_save_alloc_info+0x40/0x58 [ 19.744773] __kasan_kmalloc+0xd4/0xd8 [ 19.745015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.745161] kasan_atomics+0xb8/0x2e0 [ 19.745200] kunit_try_run_case+0x170/0x3f0 [ 19.745241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.745288] kthread+0x328/0x630 [ 19.745333] ret_from_fork+0x10/0x20 [ 19.745382] [ 19.745403] The buggy address belongs to the object at fff00000c5a01980 [ 19.745403] which belongs to the cache kmalloc-64 of size 64 [ 19.745685] The buggy address is located 0 bytes to the right of [ 19.745685] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.746074] [ 19.746101] The buggy address belongs to the physical page: [ 19.746136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.746194] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.746249] page_type: f5(slab) [ 19.746446] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.746618] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.746665] page dumped because: kasan: bad access detected [ 19.746745] [ 19.746877] Memory state around the buggy address: [ 19.746917] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.747562] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.747892] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.748120] ^ [ 19.748160] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.748413] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.749874] ================================================================== [ 19.817302] ================================================================== [ 19.817814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.818387] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.819179] [ 19.819221] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.819306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.820620] Hardware name: linux,dummy-virt (DT) [ 19.821032] Call trace: [ 19.821136] show_stack+0x20/0x38 (C) [ 19.821666] dump_stack_lvl+0x8c/0xd0 [ 19.822248] print_report+0x118/0x608 [ 19.822636] kasan_report+0xdc/0x128 [ 19.823016] __asan_report_load8_noabort+0x20/0x30 [ 19.823700] kasan_atomics_helper+0x3e20/0x4858 [ 19.824166] kasan_atomics+0x198/0x2e0 [ 19.824217] kunit_try_run_case+0x170/0x3f0 [ 19.824940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.825099] kthread+0x328/0x630 [ 19.825973] ret_from_fork+0x10/0x20 [ 19.826037] [ 19.826228] Allocated by task 265: [ 19.826386] kasan_save_stack+0x3c/0x68 [ 19.826494] kasan_save_track+0x20/0x40 [ 19.826541] kasan_save_alloc_info+0x40/0x58 [ 19.827170] __kasan_kmalloc+0xd4/0xd8 [ 19.827509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.827557] kasan_atomics+0xb8/0x2e0 [ 19.828091] kunit_try_run_case+0x170/0x3f0 [ 19.828229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.828727] kthread+0x328/0x630 [ 19.829350] ret_from_fork+0x10/0x20 [ 19.829491] [ 19.830230] The buggy address belongs to the object at fff00000c5a01980 [ 19.830230] which belongs to the cache kmalloc-64 of size 64 [ 19.830500] The buggy address is located 0 bytes to the right of [ 19.830500] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.830573] [ 19.830598] The buggy address belongs to the physical page: [ 19.831401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.831791] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.832334] page_type: f5(slab) [ 19.832553] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.833132] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.833808] page dumped because: kasan: bad access detected [ 19.834260] [ 19.834285] Memory state around the buggy address: [ 19.834482] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.835481] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.835778] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.835926] ^ [ 19.836130] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.836227] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.836360] ================================================================== [ 19.451179] ================================================================== [ 19.451230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x61c/0x4858 [ 19.451281] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.451331] [ 19.451570] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.451668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.451765] Hardware name: linux,dummy-virt (DT) [ 19.451802] Call trace: [ 19.451828] show_stack+0x20/0x38 (C) [ 19.451880] dump_stack_lvl+0x8c/0xd0 [ 19.451931] print_report+0x118/0x608 [ 19.452219] kasan_check_range+0x100/0x1a8 [ 19.453422] kasan_atomics+0x198/0x2e0 [ 19.453600] kthread+0x328/0x630 [ 19.453851] kasan_save_alloc_info+0x40/0x58 [ 19.453893] __kasan_kmalloc+0xd4/0xd8 [ 19.453936] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.453978] kasan_atomics+0xb8/0x2e0 [ 19.454496] ret_from_fork+0x10/0x20 [ 19.454535] [ 19.454557] The buggy address belongs to the object at fff00000c5a01980 [ 19.454557] which belongs to the cache kmalloc-64 of size 64 [ 19.454900] [ 19.454958] The buggy address belongs to the physical page: [ 19.455046] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.455134] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.455250] page_type: f5(slab) [ 19.455358] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.455423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.455465] page dumped because: kasan: bad access detected [ 19.455499] [ 19.455666] Memory state around the buggy address: [ 19.455759] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.455808] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.455860] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.457556] ^ [ 19.457620] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.457667] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.458238] ================================================================== [ 19.729479] ================================================================== [ 19.729541] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.729820] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.729936] [ 19.729967] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.730050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.730126] Hardware name: linux,dummy-virt (DT) [ 19.730162] Call trace: [ 19.730187] show_stack+0x20/0x38 (C) [ 19.730240] dump_stack_lvl+0x8c/0xd0 [ 19.730290] print_report+0x118/0x608 [ 19.730350] kasan_report+0xdc/0x128 [ 19.730898] kasan_check_range+0x100/0x1a8 [ 19.731280] __kasan_check_write+0x20/0x30 [ 19.731349] kasan_atomics_helper+0x154c/0x4858 [ 19.731403] kasan_atomics+0x198/0x2e0 [ 19.731457] kunit_try_run_case+0x170/0x3f0 [ 19.731591] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.731822] kthread+0x328/0x630 [ 19.731932] ret_from_fork+0x10/0x20 [ 19.732057] [ 19.732117] Allocated by task 265: [ 19.732432] kasan_save_stack+0x3c/0x68 [ 19.732497] kasan_save_track+0x20/0x40 [ 19.732536] kasan_save_alloc_info+0x40/0x58 [ 19.732599] __kasan_kmalloc+0xd4/0xd8 [ 19.732735] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.732778] kasan_atomics+0xb8/0x2e0 [ 19.732901] kunit_try_run_case+0x170/0x3f0 [ 19.732942] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.733020] kthread+0x328/0x630 [ 19.733057] ret_from_fork+0x10/0x20 [ 19.733095] [ 19.733117] The buggy address belongs to the object at fff00000c5a01980 [ 19.733117] which belongs to the cache kmalloc-64 of size 64 [ 19.733178] The buggy address is located 0 bytes to the right of [ 19.733178] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.733295] [ 19.733320] The buggy address belongs to the physical page: [ 19.733364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.733419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.733468] page_type: f5(slab) [ 19.733508] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.733561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.733717] page dumped because: kasan: bad access detected [ 19.733835] [ 19.733855] Memory state around the buggy address: [ 19.733892] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.734091] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.734144] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.734185] ^ [ 19.734802] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.735079] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.735181] ================================================================== [ 19.653233] ================================================================== [ 19.653279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.653330] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.653394] [ 19.653424] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.653506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.653533] Hardware name: linux,dummy-virt (DT) [ 19.653566] Call trace: [ 19.653589] show_stack+0x20/0x38 (C) [ 19.653683] dump_stack_lvl+0x8c/0xd0 [ 19.653893] print_report+0x118/0x608 [ 19.654243] kasan_report+0xdc/0x128 [ 19.654813] kasan_check_range+0x100/0x1a8 [ 19.655062] __kasan_check_write+0x20/0x30 [ 19.655303] kasan_atomics_helper+0x10c0/0x4858 [ 19.655369] kasan_atomics+0x198/0x2e0 [ 19.655463] kunit_try_run_case+0x170/0x3f0 [ 19.655566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.655709] kthread+0x328/0x630 [ 19.655754] ret_from_fork+0x10/0x20 [ 19.655802] [ 19.655823] Allocated by task 265: [ 19.655853] kasan_save_stack+0x3c/0x68 [ 19.656053] kasan_save_track+0x20/0x40 [ 19.656129] kasan_save_alloc_info+0x40/0x58 [ 19.656172] __kasan_kmalloc+0xd4/0xd8 [ 19.656230] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.656271] kasan_atomics+0xb8/0x2e0 [ 19.656312] kunit_try_run_case+0x170/0x3f0 [ 19.656570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.656639] kthread+0x328/0x630 [ 19.656675] ret_from_fork+0x10/0x20 [ 19.656714] [ 19.656787] The buggy address belongs to the object at fff00000c5a01980 [ 19.656787] which belongs to the cache kmalloc-64 of size 64 [ 19.656898] The buggy address is located 0 bytes to the right of [ 19.656898] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.657103] [ 19.657160] The buggy address belongs to the physical page: [ 19.657248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.657766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.657834] page_type: f5(slab) [ 19.657896] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.658239] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.658287] page dumped because: kasan: bad access detected [ 19.658516] [ 19.658590] Memory state around the buggy address: [ 19.658626] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.658831] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.658892] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.659060] ^ [ 19.659105] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.659202] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.659318] ================================================================== [ 19.628043] ================================================================== [ 19.628095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.628157] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.628209] [ 19.628260] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.628559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.628613] Hardware name: linux,dummy-virt (DT) [ 19.628750] Call trace: [ 19.628822] show_stack+0x20/0x38 (C) [ 19.628872] dump_stack_lvl+0x8c/0xd0 [ 19.628928] print_report+0x118/0x608 [ 19.628985] kasan_report+0xdc/0x128 [ 19.629042] kasan_check_range+0x100/0x1a8 [ 19.629093] __kasan_check_write+0x20/0x30 [ 19.629228] kasan_atomics_helper+0xeb8/0x4858 [ 19.629280] kasan_atomics+0x198/0x2e0 [ 19.629333] kunit_try_run_case+0x170/0x3f0 [ 19.629599] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.629797] kthread+0x328/0x630 [ 19.629840] ret_from_fork+0x10/0x20 [ 19.629958] [ 19.629980] Allocated by task 265: [ 19.630009] kasan_save_stack+0x3c/0x68 [ 19.630053] kasan_save_track+0x20/0x40 [ 19.630094] kasan_save_alloc_info+0x40/0x58 [ 19.630147] __kasan_kmalloc+0xd4/0xd8 [ 19.630198] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.630241] kasan_atomics+0xb8/0x2e0 [ 19.630279] kunit_try_run_case+0x170/0x3f0 [ 19.630322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.630377] kthread+0x328/0x630 [ 19.630415] ret_from_fork+0x10/0x20 [ 19.630463] [ 19.630485] The buggy address belongs to the object at fff00000c5a01980 [ 19.630485] which belongs to the cache kmalloc-64 of size 64 [ 19.630544] The buggy address is located 0 bytes to the right of [ 19.630544] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.630618] [ 19.630651] The buggy address belongs to the physical page: [ 19.630779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.630834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.630884] page_type: f5(slab) [ 19.630927] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.630981] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.631034] page dumped because: kasan: bad access detected [ 19.631187] [ 19.631209] Memory state around the buggy address: [ 19.631249] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.631294] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.631371] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.631414] ^ [ 19.631450] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.631503] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.631542] ================================================================== [ 19.706971] ================================================================== [ 19.707026] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.707079] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.707130] [ 19.707163] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.707246] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.707274] Hardware name: linux,dummy-virt (DT) [ 19.707306] Call trace: [ 19.707329] show_stack+0x20/0x38 (C) [ 19.707392] dump_stack_lvl+0x8c/0xd0 [ 19.707445] print_report+0x118/0x608 [ 19.707506] kasan_report+0xdc/0x128 [ 19.707555] kasan_check_range+0x100/0x1a8 [ 19.707678] __kasan_check_write+0x20/0x30 [ 19.707933] kasan_atomics_helper+0x1414/0x4858 [ 19.708602] kasan_atomics+0x198/0x2e0 [ 19.708738] kunit_try_run_case+0x170/0x3f0 [ 19.710298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.710568] kthread+0x328/0x630 [ 19.710966] ret_from_fork+0x10/0x20 [ 19.711023] [ 19.711043] Allocated by task 265: [ 19.711074] kasan_save_stack+0x3c/0x68 [ 19.711120] kasan_save_track+0x20/0x40 [ 19.711653] kasan_save_alloc_info+0x40/0x58 [ 19.712112] __kasan_kmalloc+0xd4/0xd8 [ 19.712178] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.712221] kasan_atomics+0xb8/0x2e0 [ 19.712259] kunit_try_run_case+0x170/0x3f0 [ 19.712300] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.712722] kthread+0x328/0x630 [ 19.712776] ret_from_fork+0x10/0x20 [ 19.712818] [ 19.712842] The buggy address belongs to the object at fff00000c5a01980 [ 19.712842] which belongs to the cache kmalloc-64 of size 64 [ 19.712960] The buggy address is located 0 bytes to the right of [ 19.712960] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.713257] [ 19.713279] The buggy address belongs to the physical page: [ 19.713313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.713638] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.714139] page_type: f5(slab) [ 19.714245] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.714309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.714364] page dumped because: kasan: bad access detected [ 19.714399] [ 19.714526] Memory state around the buggy address: [ 19.714570] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.714617] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.714677] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.714880] ^ [ 19.714923] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.715039] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.715078] ================================================================== [ 19.795930] ================================================================== [ 19.796176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.796725] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.796815] [ 19.797459] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.798442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.798484] Hardware name: linux,dummy-virt (DT) [ 19.798655] Call trace: [ 19.799030] show_stack+0x20/0x38 (C) [ 19.799182] dump_stack_lvl+0x8c/0xd0 [ 19.799881] print_report+0x118/0x608 [ 19.799982] kasan_report+0xdc/0x128 [ 19.800032] kasan_check_range+0x100/0x1a8 [ 19.800082] __kasan_check_write+0x20/0x30 [ 19.800431] kasan_atomics_helper+0x16d0/0x4858 [ 19.801223] kasan_atomics+0x198/0x2e0 [ 19.801745] kunit_try_run_case+0x170/0x3f0 [ 19.802208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.802691] kthread+0x328/0x630 [ 19.803084] ret_from_fork+0x10/0x20 [ 19.803283] [ 19.803323] Allocated by task 265: [ 19.803442] kasan_save_stack+0x3c/0x68 [ 19.803876] kasan_save_track+0x20/0x40 [ 19.804460] kasan_save_alloc_info+0x40/0x58 [ 19.805101] __kasan_kmalloc+0xd4/0xd8 [ 19.805565] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.805633] kasan_atomics+0xb8/0x2e0 [ 19.805674] kunit_try_run_case+0x170/0x3f0 [ 19.805715] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.805764] kthread+0x328/0x630 [ 19.806506] ret_from_fork+0x10/0x20 [ 19.806637] [ 19.806661] The buggy address belongs to the object at fff00000c5a01980 [ 19.806661] which belongs to the cache kmalloc-64 of size 64 [ 19.806723] The buggy address is located 0 bytes to the right of [ 19.806723] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.806790] [ 19.806813] The buggy address belongs to the physical page: [ 19.808491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.808553] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.808615] page_type: f5(slab) [ 19.808657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.808709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.808752] page dumped because: kasan: bad access detected [ 19.808787] [ 19.808807] Memory state around the buggy address: [ 19.808843] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808890] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.808937] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.808977] ^ [ 19.809013] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.809059] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.809099] ================================================================== [ 19.601960] ================================================================== [ 19.602405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.602544] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.602619] [ 19.602655] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.602739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.603096] Hardware name: linux,dummy-virt (DT) [ 19.603136] Call trace: [ 19.603200] show_stack+0x20/0x38 (C) [ 19.603405] dump_stack_lvl+0x8c/0xd0 [ 19.603462] print_report+0x118/0x608 [ 19.603569] kasan_report+0xdc/0x128 [ 19.603621] kasan_check_range+0x100/0x1a8 [ 19.603672] __kasan_check_read+0x20/0x30 [ 19.603722] kasan_atomics_helper+0xdd4/0x4858 [ 19.603772] kasan_atomics+0x198/0x2e0 [ 19.603855] kunit_try_run_case+0x170/0x3f0 [ 19.603914] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.604109] kthread+0x328/0x630 [ 19.604156] ret_from_fork+0x10/0x20 [ 19.604264] [ 19.604314] Allocated by task 265: [ 19.604392] kasan_save_stack+0x3c/0x68 [ 19.604438] kasan_save_track+0x20/0x40 [ 19.604479] kasan_save_alloc_info+0x40/0x58 [ 19.605680] __kasan_kmalloc+0xd4/0xd8 [ 19.605736] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.606044] kasan_atomics+0xb8/0x2e0 [ 19.606092] kunit_try_run_case+0x170/0x3f0 [ 19.606138] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.606636] kthread+0x328/0x630 [ 19.606780] ret_from_fork+0x10/0x20 [ 19.606822] [ 19.606845] The buggy address belongs to the object at fff00000c5a01980 [ 19.606845] which belongs to the cache kmalloc-64 of size 64 [ 19.606908] The buggy address is located 0 bytes to the right of [ 19.606908] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.606976] [ 19.607000] The buggy address belongs to the physical page: [ 19.607035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.607088] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.607803] page_type: f5(slab) [ 19.608075] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.608226] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.608276] page dumped because: kasan: bad access detected [ 19.608409] [ 19.608436] Memory state around the buggy address: [ 19.608473] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.608604] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.608699] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.608810] ^ [ 19.608846] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608891] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.608932] ================================================================== [ 19.446714] ================================================================== [ 19.446766] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858 [ 19.446819] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.446870] [ 19.446903] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.446987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.447014] Hardware name: linux,dummy-virt (DT) [ 19.447047] Call trace: [ 19.447071] show_stack+0x20/0x38 (C) [ 19.447121] dump_stack_lvl+0x8c/0xd0 [ 19.447219] print_report+0x118/0x608 [ 19.447272] kasan_report+0xdc/0x128 [ 19.447320] kasan_check_range+0x100/0x1a8 [ 19.447382] __kasan_check_write+0x20/0x30 [ 19.447435] kasan_atomics_helper+0x5b4/0x4858 [ 19.447484] kasan_atomics+0x198/0x2e0 [ 19.447532] kunit_try_run_case+0x170/0x3f0 [ 19.447582] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.447752] [ 19.447852] Allocated by task 265: [ 19.448012] kasan_save_stack+0x3c/0x68 [ 19.448057] kasan_save_track+0x20/0x40 [ 19.448104] kasan_save_alloc_info+0x40/0x58 [ 19.448288] __kasan_kmalloc+0xd4/0xd8 [ 19.448334] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.448392] kasan_atomics+0xb8/0x2e0 [ 19.448431] kunit_try_run_case+0x170/0x3f0 [ 19.448611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.448721] kthread+0x328/0x630 [ 19.448802] ret_from_fork+0x10/0x20 [ 19.448873] [ 19.448960] The buggy address is located 0 bytes to the right of [ 19.448960] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.449149] [ 19.449197] The buggy address belongs to the physical page: [ 19.449295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.449356] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.449405] page_type: f5(slab) [ 19.449445] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.449497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.449539] page dumped because: kasan: bad access detected [ 19.449572] [ 19.449592] Memory state around the buggy address: [ 19.449625] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.449670] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.449713] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.449753] ^ [ 19.449785] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450418] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.450469] ================================================================== [ 19.503615] ================================================================== [ 19.503694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x99c/0x4858 [ 19.503750] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.503802] [ 19.504019] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.504130] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.504161] Hardware name: linux,dummy-virt (DT) [ 19.504195] Call trace: [ 19.504218] show_stack+0x20/0x38 (C) [ 19.504503] dump_stack_lvl+0x8c/0xd0 [ 19.504662] print_report+0x118/0x608 [ 19.504711] kasan_report+0xdc/0x128 [ 19.504760] kasan_check_range+0x100/0x1a8 [ 19.504922] __kasan_check_write+0x20/0x30 [ 19.505565] kthread+0x328/0x630 [ 19.505770] kasan_save_track+0x20/0x40 [ 19.506883] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.509307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512609] ret_from_fork+0x10/0x20 [ 19.512720] [ 19.512780] Allocated by task 265: [ 19.512816] kasan_save_stack+0x3c/0x68 [ 19.512893] kasan_save_track+0x20/0x40 [ 19.512936] kasan_save_alloc_info+0x40/0x58 [ 19.512978] __kasan_kmalloc+0xd4/0xd8 [ 19.513056] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.513170] kasan_atomics+0xb8/0x2e0 [ 19.513264] kunit_try_run_case+0x170/0x3f0 [ 19.513305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513361] kthread+0x328/0x630 [ 19.513435] ret_from_fork+0x10/0x20 [ 19.513569] [ 19.513590] The buggy address belongs to the object at fff00000c5a01980 [ 19.513590] which belongs to the cache kmalloc-64 of size 64 [ 19.514669] The buggy address is located 0 bytes to the right of [ 19.514669] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.514748] [ 19.514782] The buggy address belongs to the physical page: [ 19.514818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.514874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.514924] page_type: f5(slab) [ 19.514965] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.515016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.515059] page dumped because: kasan: bad access detected [ 19.515148] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.516401] show_stack+0x20/0x38 (C) [ 19.517130] kasan_save_track+0x20/0x40 [ 19.517170] kasan_save_alloc_info+0x40/0x58 [ 19.517213] __kasan_kmalloc+0xd4/0xd8 [ 19.517254] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.517297] kasan_atomics+0xb8/0x2e0 [ 19.517334] kunit_try_run_case+0x170/0x3f0 [ 19.517869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.517995] kthread+0x328/0x630 [ 19.518225] ret_from_fork+0x10/0x20 [ 19.518335] [ 19.518410] The buggy address belongs to the object at fff00000c5a01980 [ 19.518410] which belongs to the cache kmalloc-64 of size 64 [ 19.518622] The buggy address is located 0 bytes to the right of [ 19.518622] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.519023] page dumped because: kasan: bad access detected [ 19.519794] ================================================================== [ 19.564220] ================================================================== [ 19.564297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.564378] Read of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.564431] [ 19.564470] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.564576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.564627] Hardware name: linux,dummy-virt (DT) [ 19.564662] Call trace: [ 19.565309] show_stack+0x20/0x38 (C) [ 19.565438] dump_stack_lvl+0x8c/0xd0 [ 19.565533] print_report+0x118/0x608 [ 19.565599] kasan_report+0xdc/0x128 [ 19.565676] __asan_report_load4_noabort+0x20/0x30 [ 19.565758] kasan_atomics_helper+0x3dd8/0x4858 [ 19.565812] kasan_atomics+0x198/0x2e0 [ 19.565883] kunit_try_run_case+0x170/0x3f0 [ 19.565991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.566059] kthread+0x328/0x630 [ 19.566103] ret_from_fork+0x10/0x20 [ 19.566384] [ 19.566408] Allocated by task 265: [ 19.566496] kasan_save_stack+0x3c/0x68 [ 19.566592] kasan_save_track+0x20/0x40 [ 19.566702] kasan_save_alloc_info+0x40/0x58 [ 19.566863] __kasan_kmalloc+0xd4/0xd8 [ 19.566939] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.567199] kasan_atomics+0xb8/0x2e0 [ 19.567294] kunit_try_run_case+0x170/0x3f0 [ 19.567428] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567502] kthread+0x328/0x630 [ 19.567538] ret_from_fork+0x10/0x20 [ 19.567577] [ 19.569057] The buggy address belongs to the object at fff00000c5a01980 [ 19.569057] which belongs to the cache kmalloc-64 of size 64 [ 19.569131] The buggy address is located 0 bytes to the right of [ 19.569131] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.569197] [ 19.569221] The buggy address belongs to the physical page: [ 19.569268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.570185] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.570277] page_type: f5(slab) [ 19.570350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.570422] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.570678] page dumped because: kasan: bad access detected [ 19.570759] [ 19.570848] Memory state around the buggy address: [ 19.570889] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.571491] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.571553] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.571616] ^ [ 19.571738] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.571803] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.571845] ================================================================== [ 19.716214] ================================================================== [ 19.716410] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.716486] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.716594] [ 19.716626] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.716708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.716743] Hardware name: linux,dummy-virt (DT) [ 19.716873] Call trace: [ 19.716898] show_stack+0x20/0x38 (C) [ 19.717090] dump_stack_lvl+0x8c/0xd0 [ 19.717141] print_report+0x118/0x608 [ 19.717190] kasan_report+0xdc/0x128 [ 19.717240] kasan_check_range+0x100/0x1a8 [ 19.717290] __kasan_check_write+0x20/0x30 [ 19.717347] kasan_atomics_helper+0x147c/0x4858 [ 19.717398] kasan_atomics+0x198/0x2e0 [ 19.717445] kunit_try_run_case+0x170/0x3f0 [ 19.717495] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.717550] kthread+0x328/0x630 [ 19.717769] ret_from_fork+0x10/0x20 [ 19.717841] [ 19.717861] Allocated by task 265: [ 19.717889] kasan_save_stack+0x3c/0x68 [ 19.717942] kasan_save_track+0x20/0x40 [ 19.717981] kasan_save_alloc_info+0x40/0x58 [ 19.718766] __kasan_kmalloc+0xd4/0xd8 [ 19.719205] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.719481] kasan_atomics+0xb8/0x2e0 [ 19.719529] kunit_try_run_case+0x170/0x3f0 [ 19.719571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.719617] kthread+0x328/0x630 [ 19.719653] ret_from_fork+0x10/0x20 [ 19.719692] [ 19.720154] The buggy address belongs to the object at fff00000c5a01980 [ 19.720154] which belongs to the cache kmalloc-64 of size 64 [ 19.720327] The buggy address is located 0 bytes to the right of [ 19.720327] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.720443] [ 19.720549] The buggy address belongs to the physical page: [ 19.720617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.720715] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.720895] page_type: f5(slab) [ 19.720954] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.721008] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.721074] page dumped because: kasan: bad access detected [ 19.721116] [ 19.721143] Memory state around the buggy address: [ 19.721183] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.721229] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.721275] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.721351] ^ [ 19.721386] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.721430] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.721468] ================================================================== [ 19.631860] ================================================================== [ 19.631983] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.632118] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.632168] [ 19.632215] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.632403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.632440] Hardware name: linux,dummy-virt (DT) [ 19.632471] Call trace: [ 19.632495] show_stack+0x20/0x38 (C) [ 19.632546] dump_stack_lvl+0x8c/0xd0 [ 19.632602] print_report+0x118/0x608 [ 19.632838] kasan_report+0xdc/0x128 [ 19.632888] kasan_check_range+0x100/0x1a8 [ 19.633033] __kasan_check_write+0x20/0x30 [ 19.633176] kasan_atomics_helper+0xf20/0x4858 [ 19.633228] kasan_atomics+0x198/0x2e0 [ 19.633275] kunit_try_run_case+0x170/0x3f0 [ 19.633326] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.633390] kthread+0x328/0x630 [ 19.633435] ret_from_fork+0x10/0x20 [ 19.633482] [ 19.633502] Allocated by task 265: [ 19.633548] kasan_save_stack+0x3c/0x68 [ 19.633591] kasan_save_track+0x20/0x40 [ 19.633644] kasan_save_alloc_info+0x40/0x58 [ 19.633686] __kasan_kmalloc+0xd4/0xd8 [ 19.633751] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.633995] kasan_atomics+0xb8/0x2e0 [ 19.634067] kunit_try_run_case+0x170/0x3f0 [ 19.634137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.634185] kthread+0x328/0x630 [ 19.634236] ret_from_fork+0x10/0x20 [ 19.634275] [ 19.634296] The buggy address belongs to the object at fff00000c5a01980 [ 19.634296] which belongs to the cache kmalloc-64 of size 64 [ 19.634365] The buggy address is located 0 bytes to the right of [ 19.634365] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.634439] [ 19.634462] The buggy address belongs to the physical page: [ 19.634506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.634559] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.634608] page_type: f5(slab) [ 19.634685] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.634804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.634854] page dumped because: kasan: bad access detected [ 19.634896] [ 19.634916] Memory state around the buggy address: [ 19.634949] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.635006] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.635050] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.635110] ^ [ 19.635256] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635358] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.635400] ================================================================== [ 19.610465] ================================================================== [ 19.610527] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.612288] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.612592] [ 19.612778] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.612921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.612951] Hardware name: linux,dummy-virt (DT) [ 19.612984] Call trace: [ 19.613007] show_stack+0x20/0x38 (C) [ 19.613742] dump_stack_lvl+0x8c/0xd0 [ 19.613806] print_report+0x118/0x608 [ 19.614443] kasan_report+0xdc/0x128 [ 19.615054] __asan_report_load8_noabort+0x20/0x30 [ 19.615115] kasan_atomics_helper+0x3f58/0x4858 [ 19.615190] kasan_atomics+0x198/0x2e0 [ 19.615363] kunit_try_run_case+0x170/0x3f0 [ 19.615603] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.615784] kthread+0x328/0x630 [ 19.615989] ret_from_fork+0x10/0x20 [ 19.616078] [ 19.616110] Allocated by task 265: [ 19.616185] kasan_save_stack+0x3c/0x68 [ 19.616269] kasan_save_track+0x20/0x40 [ 19.616348] kasan_save_alloc_info+0x40/0x58 [ 19.616394] __kasan_kmalloc+0xd4/0xd8 [ 19.616434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.616477] kasan_atomics+0xb8/0x2e0 [ 19.616537] kunit_try_run_case+0x170/0x3f0 [ 19.616683] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.616731] kthread+0x328/0x630 [ 19.616884] ret_from_fork+0x10/0x20 [ 19.616955] [ 19.617050] The buggy address belongs to the object at fff00000c5a01980 [ 19.617050] which belongs to the cache kmalloc-64 of size 64 [ 19.617109] The buggy address is located 0 bytes to the right of [ 19.617109] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.617183] [ 19.617209] The buggy address belongs to the physical page: [ 19.617242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.617304] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.617689] page_type: f5(slab) [ 19.617967] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.618026] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.618475] page dumped because: kasan: bad access detected [ 19.618753] [ 19.618776] Memory state around the buggy address: [ 19.618811] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.618900] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.619054] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.619097] ^ [ 19.619133] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619178] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.619247] ================================================================== [ 19.693533] ================================================================== [ 19.693590] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.693885] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.694065] [ 19.694100] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.694185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.694238] Hardware name: linux,dummy-virt (DT) [ 19.694272] Call trace: [ 19.694295] show_stack+0x20/0x38 (C) [ 19.694376] dump_stack_lvl+0x8c/0xd0 [ 19.694645] print_report+0x118/0x608 [ 19.694755] kasan_report+0xdc/0x128 [ 19.694859] kasan_check_range+0x100/0x1a8 [ 19.695000] __kasan_check_write+0x20/0x30 [ 19.695096] kasan_atomics_helper+0x1384/0x4858 [ 19.695168] kasan_atomics+0x198/0x2e0 [ 19.695450] kunit_try_run_case+0x170/0x3f0 [ 19.695502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.695558] kthread+0x328/0x630 [ 19.695605] ret_from_fork+0x10/0x20 [ 19.695659] [ 19.695771] Allocated by task 265: [ 19.695926] kasan_save_stack+0x3c/0x68 [ 19.696113] kasan_save_track+0x20/0x40 [ 19.696155] kasan_save_alloc_info+0x40/0x58 [ 19.696216] __kasan_kmalloc+0xd4/0xd8 [ 19.696982] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.697357] kasan_atomics+0xb8/0x2e0 [ 19.697401] kunit_try_run_case+0x170/0x3f0 [ 19.697443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.697688] kthread+0x328/0x630 [ 19.697782] ret_from_fork+0x10/0x20 [ 19.697840] [ 19.697862] The buggy address belongs to the object at fff00000c5a01980 [ 19.697862] which belongs to the cache kmalloc-64 of size 64 [ 19.698033] The buggy address is located 0 bytes to the right of [ 19.698033] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.698110] [ 19.698164] The buggy address belongs to the physical page: [ 19.698206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.698261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.698311] page_type: f5(slab) [ 19.698360] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.698414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.698457] page dumped because: kasan: bad access detected [ 19.698491] [ 19.698511] Memory state around the buggy address: [ 19.698901] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.699051] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.699098] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.699140] ^ [ 19.699543] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.699593] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.699632] ================================================================== [ 19.641063] ================================================================== [ 19.641112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.641177] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.641239] [ 19.641269] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.641363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.641392] Hardware name: linux,dummy-virt (DT) [ 19.641423] Call trace: [ 19.641446] show_stack+0x20/0x38 (C) [ 19.641589] dump_stack_lvl+0x8c/0xd0 [ 19.641695] print_report+0x118/0x608 [ 19.641745] kasan_report+0xdc/0x128 [ 19.641798] kasan_check_range+0x100/0x1a8 [ 19.642028] __kasan_check_write+0x20/0x30 [ 19.642290] kasan_atomics_helper+0xff0/0x4858 [ 19.642352] kasan_atomics+0x198/0x2e0 [ 19.642401] kunit_try_run_case+0x170/0x3f0 [ 19.642453] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.642507] kthread+0x328/0x630 [ 19.642552] ret_from_fork+0x10/0x20 [ 19.642601] [ 19.642621] Allocated by task 265: [ 19.642997] kasan_save_stack+0x3c/0x68 [ 19.643082] kasan_save_track+0x20/0x40 [ 19.643210] kasan_save_alloc_info+0x40/0x58 [ 19.643252] __kasan_kmalloc+0xd4/0xd8 [ 19.643294] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.643392] kasan_atomics+0xb8/0x2e0 [ 19.643581] kunit_try_run_case+0x170/0x3f0 [ 19.643654] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.643741] kthread+0x328/0x630 [ 19.643884] ret_from_fork+0x10/0x20 [ 19.643923] [ 19.643990] The buggy address belongs to the object at fff00000c5a01980 [ 19.643990] which belongs to the cache kmalloc-64 of size 64 [ 19.644175] The buggy address is located 0 bytes to the right of [ 19.644175] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.644257] [ 19.644279] The buggy address belongs to the physical page: [ 19.644313] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.644402] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.644557] page_type: f5(slab) [ 19.644603] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.644827] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.644903] page dumped because: kasan: bad access detected [ 19.644949] [ 19.644971] Memory state around the buggy address: [ 19.645005] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.645112] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.645212] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.645332] ^ [ 19.645375] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.645419] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.645460] ================================================================== [ 19.809605] ================================================================== [ 19.809658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.809722] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.809774] [ 19.809808] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.809891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.809927] Hardware name: linux,dummy-virt (DT) [ 19.809958] Call trace: [ 19.809982] show_stack+0x20/0x38 (C) [ 19.810033] dump_stack_lvl+0x8c/0xd0 [ 19.810084] print_report+0x118/0x608 [ 19.810133] kasan_report+0xdc/0x128 [ 19.810182] __asan_report_load8_noabort+0x20/0x30 [ 19.810235] kasan_atomics_helper+0x3e10/0x4858 [ 19.810286] kasan_atomics+0x198/0x2e0 [ 19.810335] kunit_try_run_case+0x170/0x3f0 [ 19.810501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.810559] kthread+0x328/0x630 [ 19.810604] ret_from_fork+0x10/0x20 [ 19.810653] [ 19.810673] Allocated by task 265: [ 19.810703] kasan_save_stack+0x3c/0x68 [ 19.810745] kasan_save_track+0x20/0x40 [ 19.810786] kasan_save_alloc_info+0x40/0x58 [ 19.810827] __kasan_kmalloc+0xd4/0xd8 [ 19.810866] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.811035] kasan_atomics+0xb8/0x2e0 [ 19.811093] kunit_try_run_case+0x170/0x3f0 [ 19.811298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.811374] kthread+0x328/0x630 [ 19.811418] ret_from_fork+0x10/0x20 [ 19.811456] [ 19.811480] The buggy address belongs to the object at fff00000c5a01980 [ 19.811480] which belongs to the cache kmalloc-64 of size 64 [ 19.811539] The buggy address is located 0 bytes to the right of [ 19.811539] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.811607] [ 19.811629] The buggy address belongs to the physical page: [ 19.811663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.812407] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.813365] page_type: f5(slab) [ 19.813412] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.813465] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.813510] page dumped because: kasan: bad access detected [ 19.813545] [ 19.813565] Memory state around the buggy address: [ 19.813602] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.813648] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.813694] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.813736] ^ [ 19.813772] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813818] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.813857] ================================================================== [ 19.459573] ================================================================== [ 19.459625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x684/0x4858 [ 19.459679] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.459732] [ 19.459764] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.460153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.460184] Hardware name: linux,dummy-virt (DT) [ 19.460217] Call trace: [ 19.460242] show_stack+0x20/0x38 (C) [ 19.460292] dump_stack_lvl+0x8c/0xd0 [ 19.460474] print_report+0x118/0x608 [ 19.460526] kasan_report+0xdc/0x128 [ 19.460597] kasan_check_range+0x100/0x1a8 [ 19.460650] __kasan_check_write+0x20/0x30 [ 19.460707] kasan_atomics_helper+0x684/0x4858 [ 19.464913] __kasan_check_write+0x20/0x30 [ 19.464982] kasan_atomics_helper+0x6ec/0x4858 [ 19.472713] [ 19.472763] The buggy address belongs to the physical page: [ 19.472940] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.473151] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.473192] page dumped because: kasan: bad access detected [ 19.474022] [ 19.474109] Memory state around the buggy address: [ 19.474217] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.474270] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.474329] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.474541] ^ [ 19.474720] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.474829] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.474913] ================================================================== [ 19.583766] ================================================================== [ 19.585950] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.586022] Read of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.587628] [ 19.587666] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.588217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.588306] Hardware name: linux,dummy-virt (DT) [ 19.588810] Call trace: [ 19.590133] show_stack+0x20/0x38 (C) [ 19.590194] dump_stack_lvl+0x8c/0xd0 [ 19.590353] print_report+0x118/0x608 [ 19.590461] kasan_report+0xdc/0x128 [ 19.590538] __asan_report_load4_noabort+0x20/0x30 [ 19.591051] kasan_atomics_helper+0x3e04/0x4858 [ 19.591306] kasan_atomics+0x198/0x2e0 [ 19.591370] kunit_try_run_case+0x170/0x3f0 [ 19.591457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.591514] kthread+0x328/0x630 [ 19.591560] ret_from_fork+0x10/0x20 [ 19.591613] [ 19.591633] Allocated by task 265: [ 19.591664] kasan_save_stack+0x3c/0x68 [ 19.591709] kasan_save_track+0x20/0x40 [ 19.592439] kasan_save_alloc_info+0x40/0x58 [ 19.592544] __kasan_kmalloc+0xd4/0xd8 [ 19.592913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.593018] kasan_atomics+0xb8/0x2e0 [ 19.593676] kunit_try_run_case+0x170/0x3f0 [ 19.593854] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.594118] kthread+0x328/0x630 [ 19.595388] ret_from_fork+0x10/0x20 [ 19.595441] [ 19.595787] The buggy address belongs to the object at fff00000c5a01980 [ 19.595787] which belongs to the cache kmalloc-64 of size 64 [ 19.596060] The buggy address is located 0 bytes to the right of [ 19.596060] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.596134] [ 19.596195] The buggy address belongs to the physical page: [ 19.596293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.596456] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.596615] page_type: f5(slab) [ 19.596657] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.596712] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.596754] page dumped because: kasan: bad access detected [ 19.596788] [ 19.596849] Memory state around the buggy address: [ 19.596960] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.597007] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.597071] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.597113] ^ [ 19.597211] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.597293] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.598100] ================================================================== [ 19.574053] ================================================================== [ 19.574182] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.574245] Write of size 4 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.574314] [ 19.574624] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.574960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.575070] Hardware name: linux,dummy-virt (DT) [ 19.575173] Call trace: [ 19.575296] show_stack+0x20/0x38 (C) [ 19.575511] dump_stack_lvl+0x8c/0xd0 [ 19.575676] print_report+0x118/0x608 [ 19.575731] kasan_report+0xdc/0x128 [ 19.576012] kasan_check_range+0x100/0x1a8 [ 19.576216] __kasan_check_write+0x20/0x30 [ 19.576286] kasan_atomics_helper+0xd3c/0x4858 [ 19.576478] kasan_atomics+0x198/0x2e0 [ 19.576614] kunit_try_run_case+0x170/0x3f0 [ 19.576784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.576889] kthread+0x328/0x630 [ 19.576962] ret_from_fork+0x10/0x20 [ 19.577066] [ 19.577360] Allocated by task 265: [ 19.577400] kasan_save_stack+0x3c/0x68 [ 19.577450] kasan_save_track+0x20/0x40 [ 19.577491] kasan_save_alloc_info+0x40/0x58 [ 19.577535] __kasan_kmalloc+0xd4/0xd8 [ 19.577622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.577667] kasan_atomics+0xb8/0x2e0 [ 19.577726] kunit_try_run_case+0x170/0x3f0 [ 19.577780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.577833] kthread+0x328/0x630 [ 19.577868] ret_from_fork+0x10/0x20 [ 19.578377] [ 19.578439] The buggy address belongs to the object at fff00000c5a01980 [ 19.578439] which belongs to the cache kmalloc-64 of size 64 [ 19.578504] The buggy address is located 0 bytes to the right of [ 19.578504] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.578572] [ 19.578595] The buggy address belongs to the physical page: [ 19.578630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.579114] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.580517] page_type: f5(slab) [ 19.580580] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.580634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.580722] page dumped because: kasan: bad access detected [ 19.580756] [ 19.580777] Memory state around the buggy address: [ 19.580825] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.580930] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.580985] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.581026] ^ [ 19.581517] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.581774] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.581939] ================================================================== [ 19.679672] ================================================================== [ 19.679728] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.679792] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.679993] [ 19.680029] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.680311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.680462] Hardware name: linux,dummy-virt (DT) [ 19.680630] Call trace: [ 19.680756] show_stack+0x20/0x38 (C) [ 19.680942] dump_stack_lvl+0x8c/0xd0 [ 19.681061] print_report+0x118/0x608 [ 19.681298] kasan_report+0xdc/0x128 [ 19.681682] kasan_check_range+0x100/0x1a8 [ 19.681815] __kasan_check_write+0x20/0x30 [ 19.682253] kasan_atomics_helper+0x126c/0x4858 [ 19.682320] kasan_atomics+0x198/0x2e0 [ 19.682660] kunit_try_run_case+0x170/0x3f0 [ 19.682717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.682775] kthread+0x328/0x630 [ 19.683092] ret_from_fork+0x10/0x20 [ 19.683154] [ 19.683175] Allocated by task 265: [ 19.683206] kasan_save_stack+0x3c/0x68 [ 19.683250] kasan_save_track+0x20/0x40 [ 19.683291] kasan_save_alloc_info+0x40/0x58 [ 19.683332] __kasan_kmalloc+0xd4/0xd8 [ 19.683384] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.683431] kasan_atomics+0xb8/0x2e0 [ 19.683468] kunit_try_run_case+0x170/0x3f0 [ 19.683510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.683568] kthread+0x328/0x630 [ 19.683602] ret_from_fork+0x10/0x20 [ 19.683641] [ 19.683662] The buggy address belongs to the object at fff00000c5a01980 [ 19.683662] which belongs to the cache kmalloc-64 of size 64 [ 19.683932] The buggy address is located 0 bytes to the right of [ 19.683932] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.684039] [ 19.684062] The buggy address belongs to the physical page: [ 19.684096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.684150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.684355] page_type: f5(slab) [ 19.684500] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.684638] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.684700] page dumped because: kasan: bad access detected [ 19.684787] [ 19.684840] Memory state around the buggy address: [ 19.684885] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.684931] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.684977] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.685979] ^ [ 19.686020] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686064] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.686104] ================================================================== [ 19.619890] ================================================================== [ 19.619942] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.619995] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.620047] [ 19.620080] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.620405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.620439] Hardware name: linux,dummy-virt (DT) [ 19.620477] Call trace: [ 19.620515] show_stack+0x20/0x38 (C) [ 19.620566] dump_stack_lvl+0x8c/0xd0 [ 19.620616] print_report+0x118/0x608 [ 19.620663] kasan_report+0xdc/0x128 [ 19.620712] kasan_check_range+0x100/0x1a8 [ 19.620761] __kasan_check_write+0x20/0x30 [ 19.620809] kasan_atomics_helper+0xe44/0x4858 [ 19.620858] kasan_atomics+0x198/0x2e0 [ 19.621960] kunit_try_run_case+0x170/0x3f0 [ 19.622015] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.622071] kthread+0x328/0x630 [ 19.622115] ret_from_fork+0x10/0x20 [ 19.622177] [ 19.622197] Allocated by task 265: [ 19.622237] kasan_save_stack+0x3c/0x68 [ 19.622282] kasan_save_track+0x20/0x40 [ 19.622321] kasan_save_alloc_info+0x40/0x58 [ 19.622372] __kasan_kmalloc+0xd4/0xd8 [ 19.622413] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.622455] kasan_atomics+0xb8/0x2e0 [ 19.622503] kunit_try_run_case+0x170/0x3f0 [ 19.622544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.622602] kthread+0x328/0x630 [ 19.622652] ret_from_fork+0x10/0x20 [ 19.622690] [ 19.622714] The buggy address belongs to the object at fff00000c5a01980 [ 19.622714] which belongs to the cache kmalloc-64 of size 64 [ 19.622796] The buggy address is located 0 bytes to the right of [ 19.622796] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.622862] [ 19.622884] The buggy address belongs to the physical page: [ 19.622918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.622980] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.623039] page_type: f5(slab) [ 19.623084] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.623161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.623204] page dumped because: kasan: bad access detected [ 19.623238] [ 19.623258] Memory state around the buggy address: [ 19.623290] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.623375] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.623430] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.623541] ^ [ 19.623580] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.623696] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.623736] ================================================================== [ 19.773820] ================================================================== [ 19.773877] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.776036] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.776130] [ 19.776171] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.776257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.776285] Hardware name: linux,dummy-virt (DT) [ 19.777304] Call trace: [ 19.777713] show_stack+0x20/0x38 (C) [ 19.777779] dump_stack_lvl+0x8c/0xd0 [ 19.777833] print_report+0x118/0x608 [ 19.778913] kasan_report+0xdc/0x128 [ 19.779003] __asan_report_load8_noabort+0x20/0x30 [ 19.779427] kasan_atomics_helper+0x3df4/0x4858 [ 19.779861] kasan_atomics+0x198/0x2e0 [ 19.780115] kunit_try_run_case+0x170/0x3f0 [ 19.780298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.780494] kthread+0x328/0x630 [ 19.780706] ret_from_fork+0x10/0x20 [ 19.781278] [ 19.781302] Allocated by task 265: [ 19.781333] kasan_save_stack+0x3c/0x68 [ 19.781392] kasan_save_track+0x20/0x40 [ 19.781432] kasan_save_alloc_info+0x40/0x58 [ 19.781475] __kasan_kmalloc+0xd4/0xd8 [ 19.781973] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.782849] kasan_atomics+0xb8/0x2e0 [ 19.783024] kunit_try_run_case+0x170/0x3f0 [ 19.783265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.783319] kthread+0x328/0x630 [ 19.784005] ret_from_fork+0x10/0x20 [ 19.785155] [ 19.785354] The buggy address belongs to the object at fff00000c5a01980 [ 19.785354] which belongs to the cache kmalloc-64 of size 64 [ 19.785896] The buggy address is located 0 bytes to the right of [ 19.785896] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.786054] [ 19.786079] The buggy address belongs to the physical page: [ 19.786516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.786763] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.786835] page_type: f5(slab) [ 19.787253] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.787543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.787591] page dumped because: kasan: bad access detected [ 19.787628] [ 19.788625] Memory state around the buggy address: [ 19.789028] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.789488] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.789542] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.789584] ^ [ 19.790270] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.790724] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.791258] ================================================================== [ 19.814331] ================================================================== [ 19.814396] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.814450] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.814501] [ 19.814535] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.814619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.814646] Hardware name: linux,dummy-virt (DT) [ 19.814679] Call trace: [ 19.814702] show_stack+0x20/0x38 (C) [ 19.814751] dump_stack_lvl+0x8c/0xd0 [ 19.814801] print_report+0x118/0x608 [ 19.814851] kasan_report+0xdc/0x128 [ 19.814913] kasan_check_range+0x100/0x1a8 [ 19.814964] __kasan_check_write+0x20/0x30 [ 19.815012] kasan_atomics_helper+0x175c/0x4858 [ 19.815064] kasan_atomics+0x198/0x2e0 [ 19.815114] kunit_try_run_case+0x170/0x3f0 [ 19.815163] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.815218] kthread+0x328/0x630 [ 19.815263] ret_from_fork+0x10/0x20 [ 19.815311] [ 19.815331] Allocated by task 265: [ 19.815415] kasan_save_stack+0x3c/0x68 [ 19.815458] kasan_save_track+0x20/0x40 [ 19.815499] kasan_save_alloc_info+0x40/0x58 [ 19.815540] __kasan_kmalloc+0xd4/0xd8 [ 19.815580] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.815624] kasan_atomics+0xb8/0x2e0 [ 19.815661] kunit_try_run_case+0x170/0x3f0 [ 19.815702] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.815747] kthread+0x328/0x630 [ 19.815783] ret_from_fork+0x10/0x20 [ 19.815820] [ 19.815841] The buggy address belongs to the object at fff00000c5a01980 [ 19.815841] which belongs to the cache kmalloc-64 of size 64 [ 19.815900] The buggy address is located 0 bytes to the right of [ 19.815900] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.815965] [ 19.815987] The buggy address belongs to the physical page: [ 19.816021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.816073] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.816123] page_type: f5(slab) [ 19.816162] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.816213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.816257] page dumped because: kasan: bad access detected [ 19.816291] [ 19.816310] Memory state around the buggy address: [ 19.816355] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.816400] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.816444] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.816484] ^ [ 19.816951] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817009] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817049] ================================================================== [ 19.721662] ================================================================== [ 19.721709] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.721759] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.722327] [ 19.722443] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.722861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.722894] Hardware name: linux,dummy-virt (DT) [ 19.722926] Call trace: [ 19.723053] show_stack+0x20/0x38 (C) [ 19.723237] dump_stack_lvl+0x8c/0xd0 [ 19.723888] print_report+0x118/0x608 [ 19.724022] kasan_report+0xdc/0x128 [ 19.724103] kasan_check_range+0x100/0x1a8 [ 19.724331] __kasan_check_write+0x20/0x30 [ 19.724581] kasan_atomics_helper+0x14e4/0x4858 [ 19.724819] kasan_atomics+0x198/0x2e0 [ 19.724884] kunit_try_run_case+0x170/0x3f0 [ 19.724936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.725125] kthread+0x328/0x630 [ 19.725169] ret_from_fork+0x10/0x20 [ 19.725220] [ 19.725301] Allocated by task 265: [ 19.725349] kasan_save_stack+0x3c/0x68 [ 19.725394] kasan_save_track+0x20/0x40 [ 19.725433] kasan_save_alloc_info+0x40/0x58 [ 19.725476] __kasan_kmalloc+0xd4/0xd8 [ 19.725514] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.725556] kasan_atomics+0xb8/0x2e0 [ 19.726048] kunit_try_run_case+0x170/0x3f0 [ 19.726095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.726141] kthread+0x328/0x630 [ 19.726176] ret_from_fork+0x10/0x20 [ 19.726216] [ 19.726238] The buggy address belongs to the object at fff00000c5a01980 [ 19.726238] which belongs to the cache kmalloc-64 of size 64 [ 19.726298] The buggy address is located 0 bytes to the right of [ 19.726298] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.726843] [ 19.726873] The buggy address belongs to the physical page: [ 19.726908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.727189] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.727242] page_type: f5(slab) [ 19.727283] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.727358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.727597] page dumped because: kasan: bad access detected [ 19.727641] [ 19.727689] Memory state around the buggy address: [ 19.727727] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.727773] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.727818] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.727859] ^ [ 19.727894] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.727938] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.728022] ================================================================== [ 19.735925] ================================================================== [ 19.735977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.736028] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.736382] [ 19.736426] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.736725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.736773] Hardware name: linux,dummy-virt (DT) [ 19.736999] Call trace: [ 19.737098] show_stack+0x20/0x38 (C) [ 19.737160] dump_stack_lvl+0x8c/0xd0 [ 19.737216] print_report+0x118/0x608 [ 19.737331] kasan_report+0xdc/0x128 [ 19.737483] kasan_check_range+0x100/0x1a8 [ 19.737578] __kasan_check_write+0x20/0x30 [ 19.737678] kasan_atomics_helper+0x15b4/0x4858 [ 19.737729] kasan_atomics+0x198/0x2e0 [ 19.737776] kunit_try_run_case+0x170/0x3f0 [ 19.737827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.738407] kthread+0x328/0x630 [ 19.738489] ret_from_fork+0x10/0x20 [ 19.738588] [ 19.738622] Allocated by task 265: [ 19.738650] kasan_save_stack+0x3c/0x68 [ 19.738696] kasan_save_track+0x20/0x40 [ 19.738755] kasan_save_alloc_info+0x40/0x58 [ 19.738864] __kasan_kmalloc+0xd4/0xd8 [ 19.738902] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.738966] kasan_atomics+0xb8/0x2e0 [ 19.739012] kunit_try_run_case+0x170/0x3f0 [ 19.739053] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.739108] kthread+0x328/0x630 [ 19.739150] ret_from_fork+0x10/0x20 [ 19.739189] [ 19.739211] The buggy address belongs to the object at fff00000c5a01980 [ 19.739211] which belongs to the cache kmalloc-64 of size 64 [ 19.739271] The buggy address is located 0 bytes to the right of [ 19.739271] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.739638] [ 19.739973] The buggy address belongs to the physical page: [ 19.740011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.740098] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.740147] page_type: f5(slab) [ 19.740193] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.740400] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.740469] page dumped because: kasan: bad access detected [ 19.740553] [ 19.740573] Memory state around the buggy address: [ 19.740627] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.740673] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.740720] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.740762] ^ [ 19.740797] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.740877] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.741052] ================================================================== [ 19.636163] ================================================================== [ 19.636367] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.636417] Write of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.636467] [ 19.636499] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.636594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.636634] Hardware name: linux,dummy-virt (DT) [ 19.636665] Call trace: [ 19.636689] show_stack+0x20/0x38 (C) [ 19.636738] dump_stack_lvl+0x8c/0xd0 [ 19.636812] print_report+0x118/0x608 [ 19.636866] kasan_report+0xdc/0x128 [ 19.636959] kasan_check_range+0x100/0x1a8 [ 19.637009] __kasan_check_write+0x20/0x30 [ 19.637056] kasan_atomics_helper+0xf88/0x4858 [ 19.637106] kasan_atomics+0x198/0x2e0 [ 19.637153] kunit_try_run_case+0x170/0x3f0 [ 19.637203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.637258] kthread+0x328/0x630 [ 19.637301] ret_from_fork+0x10/0x20 [ 19.637361] [ 19.638711] Allocated by task 265: [ 19.638756] kasan_save_stack+0x3c/0x68 [ 19.638828] kasan_save_track+0x20/0x40 [ 19.638939] kasan_save_alloc_info+0x40/0x58 [ 19.639004] __kasan_kmalloc+0xd4/0xd8 [ 19.639066] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.639108] kasan_atomics+0xb8/0x2e0 [ 19.639147] kunit_try_run_case+0x170/0x3f0 [ 19.639199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.639258] kthread+0x328/0x630 [ 19.639294] ret_from_fork+0x10/0x20 [ 19.639333] [ 19.639364] The buggy address belongs to the object at fff00000c5a01980 [ 19.639364] which belongs to the cache kmalloc-64 of size 64 [ 19.639426] The buggy address is located 0 bytes to the right of [ 19.639426] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.639501] [ 19.639536] The buggy address belongs to the physical page: [ 19.639569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.639659] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.639709] page_type: f5(slab) [ 19.639754] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.640007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.640110] page dumped because: kasan: bad access detected [ 19.640145] [ 19.640173] Memory state around the buggy address: [ 19.640319] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.640377] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.640459] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.640639] ^ [ 19.640675] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.640780] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.640839] ================================================================== [ 19.700762] ================================================================== [ 19.700815] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.700868] Read of size 8 at addr fff00000c5a019b0 by task kunit_try_catch/265 [ 19.700927] [ 19.701001] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.701202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.701589] Hardware name: linux,dummy-virt (DT) [ 19.701862] Call trace: [ 19.701890] show_stack+0x20/0x38 (C) [ 19.702142] dump_stack_lvl+0x8c/0xd0 [ 19.702194] print_report+0x118/0x608 [ 19.702243] kasan_report+0xdc/0x128 [ 19.702400] __asan_report_load8_noabort+0x20/0x30 [ 19.702474] kasan_atomics_helper+0x3f04/0x4858 [ 19.702528] kasan_atomics+0x198/0x2e0 [ 19.702588] kunit_try_run_case+0x170/0x3f0 [ 19.702721] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.702778] kthread+0x328/0x630 [ 19.702878] ret_from_fork+0x10/0x20 [ 19.703094] [ 19.703133] Allocated by task 265: [ 19.703249] kasan_save_stack+0x3c/0x68 [ 19.703304] kasan_save_track+0x20/0x40 [ 19.703354] kasan_save_alloc_info+0x40/0x58 [ 19.703396] __kasan_kmalloc+0xd4/0xd8 [ 19.703441] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.703483] kasan_atomics+0xb8/0x2e0 [ 19.703520] kunit_try_run_case+0x170/0x3f0 [ 19.703562] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.703608] kthread+0x328/0x630 [ 19.703663] ret_from_fork+0x10/0x20 [ 19.703863] [ 19.703968] The buggy address belongs to the object at fff00000c5a01980 [ 19.703968] which belongs to the cache kmalloc-64 of size 64 [ 19.704189] The buggy address is located 0 bytes to the right of [ 19.704189] allocated 48-byte region [fff00000c5a01980, fff00000c5a019b0) [ 19.704312] [ 19.704350] The buggy address belongs to the physical page: [ 19.704384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a01 [ 19.704440] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.704489] page_type: f5(slab) [ 19.704527] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.704705] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.704755] page dumped because: kasan: bad access detected [ 19.704793] [ 19.704813] Memory state around the buggy address: [ 19.704847] fff00000c5a01880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.704894] fff00000c5a01900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.705365] >fff00000c5a01980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.705419] ^ [ 19.705459] fff00000c5a01a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705503] fff00000c5a01a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.705543] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.284116] ================================================================== [ 19.284172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.284228] Write of size 8 at addr fff00000c3eb2548 by task kunit_try_catch/261 [ 19.284279] [ 19.284313] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.284413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.284440] Hardware name: linux,dummy-virt (DT) [ 19.284473] Call trace: [ 19.284497] show_stack+0x20/0x38 (C) [ 19.284547] dump_stack_lvl+0x8c/0xd0 [ 19.284597] print_report+0x118/0x608 [ 19.284647] kasan_report+0xdc/0x128 [ 19.284696] kasan_check_range+0x100/0x1a8 [ 19.284749] __kasan_check_write+0x20/0x30 [ 19.284797] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 19.284851] kasan_bitops_generic+0x110/0x1c8 [ 19.284902] kunit_try_run_case+0x170/0x3f0 [ 19.284952] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.285008] kthread+0x328/0x630 [ 19.285052] ret_from_fork+0x10/0x20 [ 19.285102] [ 19.285122] Allocated by task 261: [ 19.285151] kasan_save_stack+0x3c/0x68 [ 19.285194] kasan_save_track+0x20/0x40 [ 19.285236] kasan_save_alloc_info+0x40/0x58 [ 19.286723] kunit_try_run_case+0x170/0x3f0 [ 19.288279] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.289018] [ 19.289039] Memory state around the buggy address: [ 19.289072] fff00000c3eb2400: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 19.289565] fff00000c3eb2480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.289611] >fff00000c3eb2500: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.289652] ^ [ 19.289691] fff00000c3eb2580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.289773] ================================================================== [ 19.210757] ================================================================== [ 19.211004] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.211121] Write of size 8 at addr fff00000c3eb2548 by task kunit_try_catch/261 [ 19.211183] [ 19.211219] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.213106] kasan_check_range+0x100/0x1a8 [ 19.216185] __kasan_kmalloc+0xd4/0xd8 [ 19.217779] The buggy address belongs to the physical page: [ 19.219701] fff00000c3eb2580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.222416] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.225555] kasan_save_alloc_info+0x40/0x58 [ 19.228132] [ 19.234715] dump_stack_lvl+0x8c/0xd0 [ 19.236838] kasan_save_stack+0x3c/0x68 [ 19.239182] [ 19.240163] page_type: f5(slab) [ 19.241784] ^ [ 19.244620] kunit_try_run_case+0x170/0x3f0 [ 19.245162] kunit_try_run_case+0x170/0x3f0 [ 19.247171] page_type: f5(slab) [ 19.248246] [ 19.248370] Memory state around the buggy address: [ 19.253558] kthread+0x328/0x630 [ 19.253999] kasan_save_track+0x20/0x40 [ 19.254352] kasan_save_alloc_info+0x40/0x58 [ 19.254419] __kasan_kmalloc+0xd4/0xd8 [ 19.254466] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.254509] kasan_bitops_generic+0xa0/0x1c8 [ 19.254550] kunit_try_run_case+0x170/0x3f0 [ 19.254590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.254637] kthread+0x328/0x630 [ 19.254672] ret_from_fork+0x10/0x20 [ 19.254712] [ 19.254735] The buggy address belongs to the object at fff00000c3eb2540 [ 19.254735] which belongs to the cache kmalloc-16 of size 16 [ 19.254794] The buggy address is located 8 bytes inside of [ 19.254794] allocated 9-byte region [fff00000c3eb2540, fff00000c3eb2549) [ 19.255334] >fff00000c3eb2500: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 19.256609] ^ [ 19.258092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.192261] ================================================================== [ 19.192436] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 19.192500] Read of size 1 at addr fff00000c5a4d450 by task kunit_try_catch/259 [ 19.192553] [ 19.192677] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.192768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.192950] Hardware name: linux,dummy-virt (DT) [ 19.192986] Call trace: [ 19.193011] show_stack+0x20/0x38 (C) [ 19.193066] dump_stack_lvl+0x8c/0xd0 [ 19.193264] print_report+0x118/0x608 [ 19.193332] kasan_report+0xdc/0x128 [ 19.193403] __asan_report_load1_noabort+0x20/0x30 [ 19.193461] strnlen+0x80/0x88 [ 19.193505] kasan_strings+0x478/0xb00 [ 19.193554] kunit_try_run_case+0x170/0x3f0 [ 19.193606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.193671] kthread+0x328/0x630 [ 19.193717] ret_from_fork+0x10/0x20 [ 19.193768] [ 19.193791] Allocated by task 259: [ 19.193830] kasan_save_stack+0x3c/0x68 [ 19.193877] kasan_save_track+0x20/0x40 [ 19.194274] kasan_save_alloc_info+0x40/0x58 [ 19.194732] __kasan_kmalloc+0xd4/0xd8 [ 19.194858] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.194932] kasan_strings+0xc8/0xb00 [ 19.195089] kunit_try_run_case+0x170/0x3f0 [ 19.195146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.195540] kthread+0x328/0x630 [ 19.195661] ret_from_fork+0x10/0x20 [ 19.195830] [ 19.195955] Freed by task 259: [ 19.196082] kasan_save_stack+0x3c/0x68 [ 19.196165] kasan_save_track+0x20/0x40 [ 19.196400] kasan_save_free_info+0x4c/0x78 [ 19.196555] __kasan_slab_free+0x6c/0x98 [ 19.196708] kfree+0x214/0x3c8 [ 19.196881] kasan_strings+0x24c/0xb00 [ 19.196968] kunit_try_run_case+0x170/0x3f0 [ 19.197040] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.197244] kthread+0x328/0x630 [ 19.197353] ret_from_fork+0x10/0x20 [ 19.197994] [ 19.198256] The buggy address belongs to the object at fff00000c5a4d440 [ 19.198256] which belongs to the cache kmalloc-32 of size 32 [ 19.198463] The buggy address is located 16 bytes inside of [ 19.198463] freed 32-byte region [fff00000c5a4d440, fff00000c5a4d460) [ 19.198558] [ 19.198583] The buggy address belongs to the physical page: [ 19.199001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 19.199085] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.199230] page_type: f5(slab) [ 19.199328] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.199554] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.199823] page dumped because: kasan: bad access detected [ 19.199877] [ 19.199989] Memory state around the buggy address: [ 19.200087] fff00000c5a4d300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.200352] fff00000c5a4d380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.200426] >fff00000c5a4d400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.200665] ^ [ 19.200993] fff00000c5a4d480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.201188] fff00000c5a4d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.201309] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.180790] ================================================================== [ 19.180852] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 19.180904] Read of size 1 at addr fff00000c5a4d450 by task kunit_try_catch/259 [ 19.181108] [ 19.181191] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.181283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.181480] Hardware name: linux,dummy-virt (DT) [ 19.181643] Call trace: [ 19.181675] show_stack+0x20/0x38 (C) [ 19.181731] dump_stack_lvl+0x8c/0xd0 [ 19.182214] print_report+0x118/0x608 [ 19.182458] kasan_report+0xdc/0x128 [ 19.182523] __asan_report_load1_noabort+0x20/0x30 [ 19.182779] strlen+0xa8/0xb0 [ 19.182971] kasan_strings+0x418/0xb00 [ 19.183183] kunit_try_run_case+0x170/0x3f0 [ 19.183540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.183746] kthread+0x328/0x630 [ 19.183850] ret_from_fork+0x10/0x20 [ 19.184041] [ 19.184356] Allocated by task 259: [ 19.184624] kasan_save_stack+0x3c/0x68 [ 19.184785] kasan_save_track+0x20/0x40 [ 19.184874] kasan_save_alloc_info+0x40/0x58 [ 19.185172] __kasan_kmalloc+0xd4/0xd8 [ 19.185228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.185569] kasan_strings+0xc8/0xb00 [ 19.186029] kunit_try_run_case+0x170/0x3f0 [ 19.186150] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.186242] kthread+0x328/0x630 [ 19.186280] ret_from_fork+0x10/0x20 [ 19.186359] [ 19.186382] Freed by task 259: [ 19.186684] kasan_save_stack+0x3c/0x68 [ 19.186784] kasan_save_track+0x20/0x40 [ 19.186872] kasan_save_free_info+0x4c/0x78 [ 19.187023] __kasan_slab_free+0x6c/0x98 [ 19.187117] kfree+0x214/0x3c8 [ 19.187241] kasan_strings+0x24c/0xb00 [ 19.187487] kunit_try_run_case+0x170/0x3f0 [ 19.187712] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.187854] kthread+0x328/0x630 [ 19.188014] ret_from_fork+0x10/0x20 [ 19.188112] [ 19.188239] The buggy address belongs to the object at fff00000c5a4d440 [ 19.188239] which belongs to the cache kmalloc-32 of size 32 [ 19.188334] The buggy address is located 16 bytes inside of [ 19.188334] freed 32-byte region [fff00000c5a4d440, fff00000c5a4d460) [ 19.188529] [ 19.188564] The buggy address belongs to the physical page: [ 19.188835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 19.188987] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.189148] page_type: f5(slab) [ 19.189257] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.189330] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.189656] page dumped because: kasan: bad access detected [ 19.189773] [ 19.189807] Memory state around the buggy address: [ 19.189850] fff00000c5a4d300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.189897] fff00000c5a4d380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.189995] >fff00000c5a4d400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.190039] ^ [ 19.190079] fff00000c5a4d480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.190440] fff00000c5a4d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.190592] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.170279] ================================================================== [ 19.171058] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 19.171151] Read of size 1 at addr fff00000c5a4d450 by task kunit_try_catch/259 [ 19.171222] [ 19.171282] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.171537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.171767] Hardware name: linux,dummy-virt (DT) [ 19.171866] Call trace: [ 19.171904] show_stack+0x20/0x38 (C) [ 19.172114] dump_stack_lvl+0x8c/0xd0 [ 19.172385] print_report+0x118/0x608 [ 19.172628] kasan_report+0xdc/0x128 [ 19.172718] __asan_report_load1_noabort+0x20/0x30 [ 19.172871] kasan_strings+0x95c/0xb00 [ 19.173274] kunit_try_run_case+0x170/0x3f0 [ 19.173482] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.173649] kthread+0x328/0x630 [ 19.173747] ret_from_fork+0x10/0x20 [ 19.174248] [ 19.174401] Allocated by task 259: [ 19.174477] kasan_save_stack+0x3c/0x68 [ 19.174605] kasan_save_track+0x20/0x40 [ 19.174777] kasan_save_alloc_info+0x40/0x58 [ 19.174950] __kasan_kmalloc+0xd4/0xd8 [ 19.175117] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.175223] kasan_strings+0xc8/0xb00 [ 19.175332] kunit_try_run_case+0x170/0x3f0 [ 19.175657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.175805] kthread+0x328/0x630 [ 19.175882] ret_from_fork+0x10/0x20 [ 19.175928] [ 19.175978] Freed by task 259: [ 19.176141] kasan_save_stack+0x3c/0x68 [ 19.176370] kasan_save_track+0x20/0x40 [ 19.176465] kasan_save_free_info+0x4c/0x78 [ 19.176527] __kasan_slab_free+0x6c/0x98 [ 19.176686] kfree+0x214/0x3c8 [ 19.176847] kasan_strings+0x24c/0xb00 [ 19.176966] kunit_try_run_case+0x170/0x3f0 [ 19.177036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.177087] kthread+0x328/0x630 [ 19.177124] ret_from_fork+0x10/0x20 [ 19.177179] [ 19.177213] The buggy address belongs to the object at fff00000c5a4d440 [ 19.177213] which belongs to the cache kmalloc-32 of size 32 [ 19.177286] The buggy address is located 16 bytes inside of [ 19.177286] freed 32-byte region [fff00000c5a4d440, fff00000c5a4d460) [ 19.177372] [ 19.177398] The buggy address belongs to the physical page: [ 19.177447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 19.177511] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.177562] page_type: f5(slab) [ 19.177603] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.177656] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.177700] page dumped because: kasan: bad access detected [ 19.177742] [ 19.177769] Memory state around the buggy address: [ 19.177812] fff00000c5a4d300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.177867] fff00000c5a4d380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.178236] >fff00000c5a4d400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.178564] ^ [ 19.178658] fff00000c5a4d480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.179174] fff00000c5a4d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.179393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 19.157975] ================================================================== [ 19.158349] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 19.158818] Read of size 1 at addr fff00000c5a4d450 by task kunit_try_catch/259 [ 19.158981] [ 19.159077] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.159250] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.159330] Hardware name: linux,dummy-virt (DT) [ 19.159377] Call trace: [ 19.159707] show_stack+0x20/0x38 (C) [ 19.159880] dump_stack_lvl+0x8c/0xd0 [ 19.160006] print_report+0x118/0x608 [ 19.160138] kasan_report+0xdc/0x128 [ 19.160317] __asan_report_load1_noabort+0x20/0x30 [ 19.160633] strcmp+0xc0/0xc8 [ 19.160781] kasan_strings+0x340/0xb00 [ 19.160939] kunit_try_run_case+0x170/0x3f0 [ 19.161092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.161276] kthread+0x328/0x630 [ 19.161595] ret_from_fork+0x10/0x20 [ 19.161839] [ 19.161963] Allocated by task 259: [ 19.162042] kasan_save_stack+0x3c/0x68 [ 19.162130] kasan_save_track+0x20/0x40 [ 19.162254] kasan_save_alloc_info+0x40/0x58 [ 19.162360] __kasan_kmalloc+0xd4/0xd8 [ 19.162404] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.162759] kasan_strings+0xc8/0xb00 [ 19.162895] kunit_try_run_case+0x170/0x3f0 [ 19.163055] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.163183] kthread+0x328/0x630 [ 19.163393] ret_from_fork+0x10/0x20 [ 19.163457] [ 19.163973] Freed by task 259: [ 19.164024] kasan_save_stack+0x3c/0x68 [ 19.164348] kasan_save_track+0x20/0x40 [ 19.164595] kasan_save_free_info+0x4c/0x78 [ 19.164741] __kasan_slab_free+0x6c/0x98 [ 19.164890] kfree+0x214/0x3c8 [ 19.165046] kasan_strings+0x24c/0xb00 [ 19.165211] kunit_try_run_case+0x170/0x3f0 [ 19.165425] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.165557] kthread+0x328/0x630 [ 19.165644] ret_from_fork+0x10/0x20 [ 19.165799] [ 19.165864] The buggy address belongs to the object at fff00000c5a4d440 [ 19.165864] which belongs to the cache kmalloc-32 of size 32 [ 19.166104] The buggy address is located 16 bytes inside of [ 19.166104] freed 32-byte region [fff00000c5a4d440, fff00000c5a4d460) [ 19.166332] [ 19.166404] The buggy address belongs to the physical page: [ 19.166573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 19.166743] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.166855] page_type: f5(slab) [ 19.166976] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.167051] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.167420] page dumped because: kasan: bad access detected [ 19.167465] [ 19.167738] Memory state around the buggy address: [ 19.167849] fff00000c5a4d300: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.167975] fff00000c5a4d380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.168155] >fff00000c5a4d400: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.168244] ^ [ 19.168328] fff00000c5a4d480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.168677] fff00000c5a4d500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.168808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 19.136962] ================================================================== [ 19.137040] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 19.137105] Read of size 1 at addr fff00000c5a4d298 by task kunit_try_catch/257 [ 19.137238] [ 19.137282] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.137656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.137802] Hardware name: linux,dummy-virt (DT) [ 19.137858] Call trace: [ 19.137922] show_stack+0x20/0x38 (C) [ 19.138124] dump_stack_lvl+0x8c/0xd0 [ 19.138235] print_report+0x118/0x608 [ 19.138563] kasan_report+0xdc/0x128 [ 19.138773] __asan_report_load1_noabort+0x20/0x30 [ 19.138946] memcmp+0x198/0x1d8 [ 19.139050] kasan_memcmp+0x16c/0x300 [ 19.139101] kunit_try_run_case+0x170/0x3f0 [ 19.139159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.139217] kthread+0x328/0x630 [ 19.139264] ret_from_fork+0x10/0x20 [ 19.139325] [ 19.139381] Allocated by task 257: [ 19.139449] kasan_save_stack+0x3c/0x68 [ 19.139496] kasan_save_track+0x20/0x40 [ 19.139549] kasan_save_alloc_info+0x40/0x58 [ 19.139592] __kasan_kmalloc+0xd4/0xd8 [ 19.139639] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.139698] kasan_memcmp+0xbc/0x300 [ 19.139736] kunit_try_run_case+0x170/0x3f0 [ 19.139776] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.139824] kthread+0x328/0x630 [ 19.139868] ret_from_fork+0x10/0x20 [ 19.139906] [ 19.139933] The buggy address belongs to the object at fff00000c5a4d280 [ 19.139933] which belongs to the cache kmalloc-32 of size 32 [ 19.140000] The buggy address is located 0 bytes to the right of [ 19.140000] allocated 24-byte region [fff00000c5a4d280, fff00000c5a4d298) [ 19.140082] [ 19.140105] The buggy address belongs to the physical page: [ 19.140163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a4d [ 19.140222] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.140277] page_type: f5(slab) [ 19.140329] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 19.141226] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.141306] page dumped because: kasan: bad access detected [ 19.141378] [ 19.141772] Memory state around the buggy address: [ 19.142217] fff00000c5a4d180: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 19.142297] fff00000c5a4d200: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 19.142359] >fff00000c5a4d280: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.142517] ^ [ 19.142686] fff00000c5a4d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.143356] fff00000c5a4d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.143501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 19.098743] ================================================================== [ 19.098942] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 19.099156] Read of size 1 at addr ffff800080947b4a by task kunit_try_catch/253 [ 19.099396] [ 19.099465] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.099768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.099889] Hardware name: linux,dummy-virt (DT) [ 19.100080] Call trace: [ 19.100114] show_stack+0x20/0x38 (C) [ 19.100369] dump_stack_lvl+0x8c/0xd0 [ 19.100571] print_report+0x310/0x608 [ 19.100650] kasan_report+0xdc/0x128 [ 19.100702] __asan_report_load1_noabort+0x20/0x30 [ 19.100760] kasan_alloca_oob_right+0x2dc/0x340 [ 19.100830] kunit_try_run_case+0x170/0x3f0 [ 19.100893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.100959] kthread+0x328/0x630 [ 19.101013] ret_from_fork+0x10/0x20 [ 19.101084] [ 19.101129] The buggy address belongs to stack of task kunit_try_catch/253 [ 19.101195] [ 19.101223] The buggy address belongs to the virtual mapping at [ 19.101223] [ffff800080940000, ffff800080949000) created by: [ 19.101223] kernel_clone+0x150/0x7a8 [ 19.101320] [ 19.101513] The buggy address belongs to the physical page: [ 19.101674] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107004 [ 19.101955] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.102070] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.102141] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.102502] page dumped because: kasan: bad access detected [ 19.102612] [ 19.102634] Memory state around the buggy address: [ 19.102939] ffff800080947a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.103104] ffff800080947a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.103265] >ffff800080947b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 19.103467] ^ [ 19.103553] ffff800080947b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.103600] ffff800080947c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.103802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.076280] ================================================================== [ 19.076676] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 19.077163] Read of size 1 at addr ffff800080947b5f by task kunit_try_catch/251 [ 19.077255] [ 19.077298] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.077396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.077734] Hardware name: linux,dummy-virt (DT) [ 19.077787] Call trace: [ 19.077815] show_stack+0x20/0x38 (C) [ 19.078012] dump_stack_lvl+0x8c/0xd0 [ 19.078351] print_report+0x310/0x608 [ 19.078509] kasan_report+0xdc/0x128 [ 19.078842] __asan_report_load1_noabort+0x20/0x30 [ 19.079094] kasan_alloca_oob_left+0x2b8/0x310 [ 19.079324] kunit_try_run_case+0x170/0x3f0 [ 19.079478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.079656] kthread+0x328/0x630 [ 19.079733] ret_from_fork+0x10/0x20 [ 19.080128] [ 19.080198] The buggy address belongs to stack of task kunit_try_catch/251 [ 19.080414] [ 19.080564] The buggy address belongs to the virtual mapping at [ 19.080564] [ffff800080940000, ffff800080949000) created by: [ 19.080564] kernel_clone+0x150/0x7a8 [ 19.080655] [ 19.080716] The buggy address belongs to the physical page: [ 19.080965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107004 [ 19.081164] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.081432] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.081573] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.081833] page dumped because: kasan: bad access detected [ 19.081919] [ 19.082072] Memory state around the buggy address: [ 19.082111] ffff800080947a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.082158] ffff800080947a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.082205] >ffff800080947b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 19.082562] ^ [ 19.083029] ffff800080947b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 19.083336] ffff800080947c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.083430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.058078] ================================================================== [ 19.058167] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 19.058224] Read of size 1 at addr ffff800080947c2a by task kunit_try_catch/249 [ 19.058270] [ 19.058533] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.058682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.058808] Hardware name: linux,dummy-virt (DT) [ 19.058859] Call trace: [ 19.058883] show_stack+0x20/0x38 (C) [ 19.058937] dump_stack_lvl+0x8c/0xd0 [ 19.059154] print_report+0x310/0x608 [ 19.059254] kasan_report+0xdc/0x128 [ 19.059353] __asan_report_load1_noabort+0x20/0x30 [ 19.059478] kasan_stack_oob+0x238/0x270 [ 19.059622] kunit_try_run_case+0x170/0x3f0 [ 19.059769] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.059844] kthread+0x328/0x630 [ 19.059886] ret_from_fork+0x10/0x20 [ 19.059935] [ 19.060282] The buggy address belongs to stack of task kunit_try_catch/249 [ 19.060536] and is located at offset 138 in frame: [ 19.060622] kasan_stack_oob+0x0/0x270 [ 19.060832] [ 19.060865] This frame has 4 objects: [ 19.061376] [48, 49) '__assertion' [ 19.061425] [64, 72) 'array' [ 19.061457] [96, 112) '__assertion' [ 19.061952] [128, 138) 'stack_array' [ 19.062094] [ 19.062249] The buggy address belongs to the virtual mapping at [ 19.062249] [ffff800080940000, ffff800080949000) created by: [ 19.062249] kernel_clone+0x150/0x7a8 [ 19.062370] [ 19.062397] The buggy address belongs to the physical page: [ 19.062434] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107004 [ 19.062722] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.062854] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.062957] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.063100] page dumped because: kasan: bad access detected [ 19.063167] [ 19.063233] Memory state around the buggy address: [ 19.063268] ffff800080947b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.063660] ffff800080947b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 19.063734] >ffff800080947c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 19.063832] ^ [ 19.063908] ffff800080947c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 19.064121] ffff800080947d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 19.064408] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.044045] ================================================================== [ 19.044138] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 19.044202] Read of size 1 at addr ffff93d69bf4f58d by task kunit_try_catch/245 [ 19.044251] [ 19.044330] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.044447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.044474] Hardware name: linux,dummy-virt (DT) [ 19.044520] Call trace: [ 19.044544] show_stack+0x20/0x38 (C) [ 19.044642] dump_stack_lvl+0x8c/0xd0 [ 19.044696] print_report+0x310/0x608 [ 19.044743] kasan_report+0xdc/0x128 [ 19.044790] __asan_report_load1_noabort+0x20/0x30 [ 19.044841] kasan_global_oob_right+0x230/0x270 [ 19.044890] kunit_try_run_case+0x170/0x3f0 [ 19.044939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.045233] kthread+0x328/0x630 [ 19.045383] ret_from_fork+0x10/0x20 [ 19.045446] [ 19.045498] The buggy address belongs to the variable: [ 19.045529] global_array+0xd/0x40 [ 19.045580] [ 19.045665] The buggy address belongs to the virtual mapping at [ 19.045665] [ffff93d69a100000, ffff93d69c001000) created by: [ 19.045665] paging_init+0x66c/0x7d0 [ 19.045757] [ 19.045816] The buggy address belongs to the physical page: [ 19.045849] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 19.045936] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 19.046006] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 19.046206] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.046369] page dumped because: kasan: bad access detected [ 19.046442] [ 19.046480] Memory state around the buggy address: [ 19.046514] ffff93d69bf4f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.046584] ffff93d69bf4f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 19.046628] >ffff93d69bf4f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 19.046666] ^ [ 19.046740] ffff93d69bf4f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 19.046911] ffff93d69bf4f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.047113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.017309] ================================================================== [ 19.017653] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.017716] Free of addr fff00000c5a57701 by task kunit_try_catch/241 [ 19.017757] [ 19.017795] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.017986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.018022] Hardware name: linux,dummy-virt (DT) [ 19.018055] Call trace: [ 19.018077] show_stack+0x20/0x38 (C) [ 19.018132] dump_stack_lvl+0x8c/0xd0 [ 19.018653] print_report+0x118/0x608 [ 19.018747] kasan_report_invalid_free+0xc0/0xe8 [ 19.018801] check_slab_allocation+0xfc/0x108 [ 19.018905] __kasan_mempool_poison_object+0x78/0x150 [ 19.019100] mempool_free+0x28c/0x328 [ 19.019194] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.019352] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.019450] kunit_try_run_case+0x170/0x3f0 [ 19.019500] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.019555] kthread+0x328/0x630 [ 19.019597] ret_from_fork+0x10/0x20 [ 19.019655] [ 19.019674] Allocated by task 241: [ 19.019707] kasan_save_stack+0x3c/0x68 [ 19.020181] kasan_save_track+0x20/0x40 [ 19.020568] kasan_save_alloc_info+0x40/0x58 [ 19.020629] __kasan_mempool_unpoison_object+0x11c/0x180 [ 19.020673] remove_element+0x130/0x1f8 [ 19.020712] mempool_alloc_preallocated+0x58/0xc0 [ 19.021135] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 19.021219] mempool_kmalloc_invalid_free+0xc0/0x118 [ 19.021661] kunit_try_run_case+0x170/0x3f0 [ 19.021760] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.021804] kthread+0x328/0x630 [ 19.021901] ret_from_fork+0x10/0x20 [ 19.021985] [ 19.022004] The buggy address belongs to the object at fff00000c5a57700 [ 19.022004] which belongs to the cache kmalloc-128 of size 128 [ 19.022327] The buggy address is located 1 bytes inside of [ 19.022327] 128-byte region [fff00000c5a57700, fff00000c5a57780) [ 19.022408] [ 19.022432] The buggy address belongs to the physical page: [ 19.022464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 19.022644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.023677] page_type: f5(slab) [ 19.023736] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.023795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.023889] page dumped because: kasan: bad access detected [ 19.023982] [ 19.024000] Memory state around the buggy address: [ 19.024105] fff00000c5a57600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.024209] fff00000c5a57680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.024319] >fff00000c5a57700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.024368] ^ [ 19.024397] fff00000c5a57780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.024438] fff00000c5a57800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.024474] ================================================================== [ 19.031563] ================================================================== [ 19.031630] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.031696] Free of addr fff00000c795c001 by task kunit_try_catch/243 [ 19.031737] [ 19.031775] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.031858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.031883] Hardware name: linux,dummy-virt (DT) [ 19.031915] Call trace: [ 19.031938] show_stack+0x20/0x38 (C) [ 19.031989] dump_stack_lvl+0x8c/0xd0 [ 19.032038] print_report+0x118/0x608 [ 19.032087] kasan_report_invalid_free+0xc0/0xe8 [ 19.032138] __kasan_mempool_poison_object+0xfc/0x150 [ 19.032189] mempool_free+0x28c/0x328 [ 19.032235] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 19.032288] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 19.032356] kunit_try_run_case+0x170/0x3f0 [ 19.032407] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.032462] kthread+0x328/0x630 [ 19.032506] ret_from_fork+0x10/0x20 [ 19.032554] [ 19.032575] The buggy address belongs to the physical page: [ 19.032608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10795c [ 19.032662] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.032709] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 19.032763] page_type: f8(unknown) [ 19.032803] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.032852] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.032902] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.032951] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.033000] head: 0bfffe0000000002 ffffc1ffc31e5701 00000000ffffffff 00000000ffffffff [ 19.033050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.033089] page dumped because: kasan: bad access detected [ 19.033121] [ 19.033138] Memory state around the buggy address: [ 19.033170] fff00000c795bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.033214] fff00000c795bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.033258] >fff00000c795c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.033295] ^ [ 19.033323] fff00000c795c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.034455] fff00000c795c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.035032] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.002933] ================================================================== [ 19.003153] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 19.003346] Free of addr fff00000c7958000 by task kunit_try_catch/239 [ 19.003454] [ 19.003622] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 19.003843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.003972] Hardware name: linux,dummy-virt (DT) [ 19.004128] Call trace: [ 19.004154] show_stack+0x20/0x38 (C) [ 19.004348] dump_stack_lvl+0x8c/0xd0 [ 19.004552] print_report+0x118/0x608 [ 19.004645] kasan_report_invalid_free+0xc0/0xe8 [ 19.004896] __kasan_mempool_poison_pages+0xe0/0xe8 [ 19.005039] mempool_free+0x24c/0x328 [ 19.005220] mempool_double_free_helper+0x150/0x2e8 [ 19.005373] mempool_page_alloc_double_free+0xbc/0x118 [ 19.005424] kunit_try_run_case+0x170/0x3f0 [ 19.005474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.005528] kthread+0x328/0x630 [ 19.005569] ret_from_fork+0x10/0x20 [ 19.005619] [ 19.005639] The buggy address belongs to the physical page: [ 19.005671] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 19.005768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.005833] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.005936] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.005979] page dumped because: kasan: bad access detected [ 19.006022] [ 19.006039] Memory state around the buggy address: [ 19.006073] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.006127] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.006181] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.006220] ^ [ 19.006260] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.006326] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.006373] ================================================================== [ 18.987086] ================================================================== [ 18.987152] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.987216] Free of addr fff00000c7958000 by task kunit_try_catch/237 [ 18.987257] [ 18.987292] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.987387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.987419] Hardware name: linux,dummy-virt (DT) [ 18.987458] Call trace: [ 18.987588] show_stack+0x20/0x38 (C) [ 18.987852] dump_stack_lvl+0x8c/0xd0 [ 18.987969] print_report+0x118/0x608 [ 18.988170] kasan_report_invalid_free+0xc0/0xe8 [ 18.988370] __kasan_mempool_poison_object+0x14c/0x150 [ 18.988424] mempool_free+0x28c/0x328 [ 18.988497] mempool_double_free_helper+0x150/0x2e8 [ 18.988935] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.989444] kunit_try_run_case+0x170/0x3f0 [ 18.989936] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.990287] kthread+0x328/0x630 [ 18.990576] ret_from_fork+0x10/0x20 [ 18.990635] [ 18.990656] The buggy address belongs to the physical page: [ 18.990692] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 18.990750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.990804] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.990859] page_type: f8(unknown) [ 18.990900] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.990976] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.991026] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.991567] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.991625] head: 0bfffe0000000002 ffffc1ffc31e5601 00000000ffffffff 00000000ffffffff [ 18.991674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.991716] page dumped because: kasan: bad access detected [ 18.991760] [ 18.991782] Memory state around the buggy address: [ 18.991816] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.992176] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.992368] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.992412] ^ [ 18.992441] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.992485] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.992524] ================================================================== [ 18.957570] ================================================================== [ 18.957778] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.957838] Free of addr fff00000c5a57300 by task kunit_try_catch/235 [ 18.957881] [ 18.957951] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.958140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.958171] Hardware name: linux,dummy-virt (DT) [ 18.958203] Call trace: [ 18.958459] show_stack+0x20/0x38 (C) [ 18.958540] dump_stack_lvl+0x8c/0xd0 [ 18.958592] print_report+0x118/0x608 [ 18.958641] kasan_report_invalid_free+0xc0/0xe8 [ 18.958703] check_slab_allocation+0xd4/0x108 [ 18.958753] __kasan_mempool_poison_object+0x78/0x150 [ 18.959146] mempool_free+0x28c/0x328 [ 18.959207] mempool_double_free_helper+0x150/0x2e8 [ 18.959476] mempool_kmalloc_double_free+0xc0/0x118 [ 18.959756] kunit_try_run_case+0x170/0x3f0 [ 18.960064] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.960149] kthread+0x328/0x630 [ 18.960441] ret_from_fork+0x10/0x20 [ 18.960692] [ 18.960712] Allocated by task 235: [ 18.960746] kasan_save_stack+0x3c/0x68 [ 18.960792] kasan_save_track+0x20/0x40 [ 18.960831] kasan_save_alloc_info+0x40/0x58 [ 18.960871] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.960926] remove_element+0x130/0x1f8 [ 18.960964] mempool_alloc_preallocated+0x58/0xc0 [ 18.961170] mempool_double_free_helper+0x94/0x2e8 [ 18.961370] mempool_kmalloc_double_free+0xc0/0x118 [ 18.961951] kunit_try_run_case+0x170/0x3f0 [ 18.962081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.962180] kthread+0x328/0x630 [ 18.962220] ret_from_fork+0x10/0x20 [ 18.962257] [ 18.962275] Freed by task 235: [ 18.962325] kasan_save_stack+0x3c/0x68 [ 18.962376] kasan_save_track+0x20/0x40 [ 18.962414] kasan_save_free_info+0x4c/0x78 [ 18.962456] __kasan_mempool_poison_object+0xc0/0x150 [ 18.962552] mempool_free+0x28c/0x328 [ 18.962743] mempool_double_free_helper+0x100/0x2e8 [ 18.962916] mempool_kmalloc_double_free+0xc0/0x118 [ 18.962974] kunit_try_run_case+0x170/0x3f0 [ 18.963060] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.963106] kthread+0x328/0x630 [ 18.963138] ret_from_fork+0x10/0x20 [ 18.963175] [ 18.963194] The buggy address belongs to the object at fff00000c5a57300 [ 18.963194] which belongs to the cache kmalloc-128 of size 128 [ 18.963306] The buggy address is located 0 bytes inside of [ 18.963306] 128-byte region [fff00000c5a57300, fff00000c5a57380) [ 18.963615] [ 18.963721] The buggy address belongs to the physical page: [ 18.963803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57 [ 18.963874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.963921] page_type: f5(slab) [ 18.964025] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.964076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.964118] page dumped because: kasan: bad access detected [ 18.964151] [ 18.964168] Memory state around the buggy address: [ 18.964206] fff00000c5a57200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.964362] fff00000c5a57280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.964405] >fff00000c5a57300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.964443] ^ [ 18.964511] fff00000c5a57380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.964912] fff00000c5a57400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.965131] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.936715] ================================================================== [ 18.937018] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.937202] Read of size 1 at addr fff00000c7958000 by task kunit_try_catch/233 [ 18.937398] [ 18.937600] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.937976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.938002] Hardware name: linux,dummy-virt (DT) [ 18.938483] Call trace: [ 18.938602] show_stack+0x20/0x38 (C) [ 18.938681] dump_stack_lvl+0x8c/0xd0 [ 18.938755] print_report+0x118/0x608 [ 18.938876] kasan_report+0xdc/0x128 [ 18.938925] __asan_report_load1_noabort+0x20/0x30 [ 18.939367] mempool_uaf_helper+0x314/0x340 [ 18.939470] mempool_page_alloc_uaf+0xc0/0x118 [ 18.939519] kunit_try_run_case+0x170/0x3f0 [ 18.939583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.939635] kthread+0x328/0x630 [ 18.939919] ret_from_fork+0x10/0x20 [ 18.940300] [ 18.940325] The buggy address belongs to the physical page: [ 18.940370] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958 [ 18.940732] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.940809] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.940860] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.940902] page dumped because: kasan: bad access detected [ 18.940943] [ 18.940962] Memory state around the buggy address: [ 18.940993] fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.941352] fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.941399] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.941712] ^ [ 18.941833] fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.941876] fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.942233] ================================================================== [ 18.875701] ================================================================== [ 18.875919] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.876102] Read of size 1 at addr fff00000c7954000 by task kunit_try_catch/229 [ 18.876273] [ 18.876617] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.877424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.877658] Hardware name: linux,dummy-virt (DT) [ 18.877848] Call trace: [ 18.877896] show_stack+0x20/0x38 (C) [ 18.878575] dump_stack_lvl+0x8c/0xd0 [ 18.878668] print_report+0x118/0x608 [ 18.878786] kasan_report+0xdc/0x128 [ 18.879142] __asan_report_load1_noabort+0x20/0x30 [ 18.879314] mempool_uaf_helper+0x314/0x340 [ 18.879373] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.879424] kunit_try_run_case+0x170/0x3f0 [ 18.879786] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.879876] kthread+0x328/0x630 [ 18.879938] ret_from_fork+0x10/0x20 [ 18.880019] [ 18.880042] The buggy address belongs to the physical page: [ 18.880310] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107954 [ 18.880384] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.880442] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.880496] page_type: f8(unknown) [ 18.880753] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.880955] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.881072] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.881389] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.881459] head: 0bfffe0000000002 ffffc1ffc31e5501 00000000ffffffff 00000000ffffffff [ 18.881545] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.881588] page dumped because: kasan: bad access detected [ 18.881620] [ 18.881660] Memory state around the buggy address: [ 18.881790] fff00000c7953f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.881833] fff00000c7953f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.881951] >fff00000c7954000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.881991] ^ [ 18.882020] fff00000c7954080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.882063] fff00000c7954100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.882367] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.895868] ================================================================== [ 18.896513] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.896666] Read of size 1 at addr fff00000c5a53240 by task kunit_try_catch/231 [ 18.896806] [ 18.896954] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.897254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.897282] Hardware name: linux,dummy-virt (DT) [ 18.897313] Call trace: [ 18.897335] show_stack+0x20/0x38 (C) [ 18.897397] dump_stack_lvl+0x8c/0xd0 [ 18.897445] print_report+0x118/0x608 [ 18.898122] kasan_report+0xdc/0x128 [ 18.898310] __asan_report_load1_noabort+0x20/0x30 [ 18.898404] mempool_uaf_helper+0x314/0x340 [ 18.898479] mempool_slab_uaf+0xc0/0x118 [ 18.898527] kunit_try_run_case+0x170/0x3f0 [ 18.898577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.898654] kthread+0x328/0x630 [ 18.899028] ret_from_fork+0x10/0x20 [ 18.899153] [ 18.899172] Allocated by task 231: [ 18.899209] kasan_save_stack+0x3c/0x68 [ 18.899311] kasan_save_track+0x20/0x40 [ 18.899359] kasan_save_alloc_info+0x40/0x58 [ 18.899400] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.899448] remove_element+0x16c/0x1f8 [ 18.899486] mempool_alloc_preallocated+0x58/0xc0 [ 18.899763] mempool_uaf_helper+0xa4/0x340 [ 18.899809] mempool_slab_uaf+0xc0/0x118 [ 18.899847] kunit_try_run_case+0x170/0x3f0 [ 18.899897] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.899943] kthread+0x328/0x630 [ 18.900131] ret_from_fork+0x10/0x20 [ 18.900324] [ 18.900356] Freed by task 231: [ 18.900586] kasan_save_stack+0x3c/0x68 [ 18.900641] kasan_save_track+0x20/0x40 [ 18.900767] kasan_save_free_info+0x4c/0x78 [ 18.900808] __kasan_mempool_poison_object+0xc0/0x150 [ 18.900852] mempool_free+0x28c/0x328 [ 18.900904] mempool_uaf_helper+0x104/0x340 [ 18.901033] mempool_slab_uaf+0xc0/0x118 [ 18.901071] kunit_try_run_case+0x170/0x3f0 [ 18.901108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.901153] kthread+0x328/0x630 [ 18.901191] ret_from_fork+0x10/0x20 [ 18.901374] [ 18.901394] The buggy address belongs to the object at fff00000c5a53240 [ 18.901394] which belongs to the cache test_cache of size 123 [ 18.901458] The buggy address is located 0 bytes inside of [ 18.901458] freed 123-byte region [fff00000c5a53240, fff00000c5a532bb) [ 18.901545] [ 18.901658] The buggy address belongs to the physical page: [ 18.901792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a53 [ 18.901846] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.901897] page_type: f5(slab) [ 18.901943] raw: 0bfffe0000000000 fff00000c3e02b40 dead000000000122 0000000000000000 [ 18.901993] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.902068] page dumped because: kasan: bad access detected [ 18.902101] [ 18.902118] Memory state around the buggy address: [ 18.902151] fff00000c5a53100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.902225] fff00000c5a53180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.902268] >fff00000c5a53200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.902775] ^ [ 18.902817] fff00000c5a53280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.902861] fff00000c5a53300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.902903] ================================================================== [ 18.858542] ================================================================== [ 18.858619] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.858830] Read of size 1 at addr fff00000c401ef00 by task kunit_try_catch/227 [ 18.859016] [ 18.859057] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.859144] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.859518] Hardware name: linux,dummy-virt (DT) [ 18.859646] Call trace: [ 18.859672] show_stack+0x20/0x38 (C) [ 18.859728] dump_stack_lvl+0x8c/0xd0 [ 18.859781] print_report+0x118/0x608 [ 18.859828] kasan_report+0xdc/0x128 [ 18.859873] __asan_report_load1_noabort+0x20/0x30 [ 18.859926] mempool_uaf_helper+0x314/0x340 [ 18.859974] mempool_kmalloc_uaf+0xc4/0x120 [ 18.860022] kunit_try_run_case+0x170/0x3f0 [ 18.860072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.860125] kthread+0x328/0x630 [ 18.860169] ret_from_fork+0x10/0x20 [ 18.860221] [ 18.860239] Allocated by task 227: [ 18.860276] kasan_save_stack+0x3c/0x68 [ 18.860584] kasan_save_track+0x20/0x40 [ 18.860680] kasan_save_alloc_info+0x40/0x58 [ 18.860720] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.860765] remove_element+0x130/0x1f8 [ 18.861182] mempool_alloc_preallocated+0x58/0xc0 [ 18.861544] mempool_uaf_helper+0xa4/0x340 [ 18.861587] mempool_kmalloc_uaf+0xc4/0x120 [ 18.861624] kunit_try_run_case+0x170/0x3f0 [ 18.861670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.861836] kthread+0x328/0x630 [ 18.862269] ret_from_fork+0x10/0x20 [ 18.862375] [ 18.862453] Freed by task 227: [ 18.862481] kasan_save_stack+0x3c/0x68 [ 18.862598] kasan_save_track+0x20/0x40 [ 18.862636] kasan_save_free_info+0x4c/0x78 [ 18.862698] __kasan_mempool_poison_object+0xc0/0x150 [ 18.862743] mempool_free+0x28c/0x328 [ 18.862779] mempool_uaf_helper+0x104/0x340 [ 18.862846] mempool_kmalloc_uaf+0xc4/0x120 [ 18.863059] kunit_try_run_case+0x170/0x3f0 [ 18.863106] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.863151] kthread+0x328/0x630 [ 18.863261] ret_from_fork+0x10/0x20 [ 18.863401] [ 18.863425] The buggy address belongs to the object at fff00000c401ef00 [ 18.863425] which belongs to the cache kmalloc-128 of size 128 [ 18.863496] The buggy address is located 0 bytes inside of [ 18.863496] freed 128-byte region [fff00000c401ef00, fff00000c401ef80) [ 18.863588] [ 18.863609] The buggy address belongs to the physical page: [ 18.863696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10401e [ 18.863807] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.863861] page_type: f5(slab) [ 18.864077] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.864355] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 18.864582] page dumped because: kasan: bad access detected [ 18.864687] [ 18.864705] Memory state around the buggy address: [ 18.864797] fff00000c401ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.864885] fff00000c401ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.864995] >fff00000c401ef00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.865081] ^ [ 18.865349] fff00000c401ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.865472] fff00000c401f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.865571] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.806154] ================================================================== [ 18.806226] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.806290] Read of size 1 at addr fff00000c7952001 by task kunit_try_catch/223 [ 18.806409] [ 18.806450] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.806535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.806563] Hardware name: linux,dummy-virt (DT) [ 18.806592] Call trace: [ 18.806616] show_stack+0x20/0x38 (C) [ 18.806670] dump_stack_lvl+0x8c/0xd0 [ 18.806719] print_report+0x118/0x608 [ 18.806767] kasan_report+0xdc/0x128 [ 18.806814] __asan_report_load1_noabort+0x20/0x30 [ 18.806867] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.806918] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.806971] kunit_try_run_case+0x170/0x3f0 [ 18.807022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.807076] kthread+0x328/0x630 [ 18.807121] ret_from_fork+0x10/0x20 [ 18.807169] [ 18.807192] The buggy address belongs to the physical page: [ 18.807227] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107950 [ 18.807283] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.807332] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.807404] page_type: f8(unknown) [ 18.807452] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.807503] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.807554] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.807604] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.807654] head: 0bfffe0000000002 ffffc1ffc31e5401 00000000ffffffff 00000000ffffffff [ 18.807703] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.807741] page dumped because: kasan: bad access detected [ 18.807773] [ 18.807791] Memory state around the buggy address: [ 18.807824] fff00000c7951f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.807867] fff00000c7951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.807908] >fff00000c7952000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.807947] ^ [ 18.807975] fff00000c7952080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.808017] fff00000c7952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.808054] ================================================================== [ 18.775390] ================================================================== [ 18.775469] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.775546] Read of size 1 at addr fff00000c401eb73 by task kunit_try_catch/221 [ 18.775594] [ 18.775638] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.775727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.775755] Hardware name: linux,dummy-virt (DT) [ 18.775789] Call trace: [ 18.775815] show_stack+0x20/0x38 (C) [ 18.775869] dump_stack_lvl+0x8c/0xd0 [ 18.775922] print_report+0x118/0x608 [ 18.775971] kasan_report+0xdc/0x128 [ 18.776016] __asan_report_load1_noabort+0x20/0x30 [ 18.776069] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.776119] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.776170] kunit_try_run_case+0x170/0x3f0 [ 18.776224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.776281] kthread+0x328/0x630 [ 18.776327] ret_from_fork+0x10/0x20 [ 18.776391] [ 18.776409] Allocated by task 221: [ 18.776440] kasan_save_stack+0x3c/0x68 [ 18.776483] kasan_save_track+0x20/0x40 [ 18.776522] kasan_save_alloc_info+0x40/0x58 [ 18.776563] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.776609] remove_element+0x130/0x1f8 [ 18.776647] mempool_alloc_preallocated+0x58/0xc0 [ 18.776687] mempool_oob_right_helper+0x98/0x2f0 [ 18.776728] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.776769] kunit_try_run_case+0x170/0x3f0 [ 18.776808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.776852] kthread+0x328/0x630 [ 18.776885] ret_from_fork+0x10/0x20 [ 18.776921] [ 18.776941] The buggy address belongs to the object at fff00000c401eb00 [ 18.776941] which belongs to the cache kmalloc-128 of size 128 [ 18.776999] The buggy address is located 0 bytes to the right of [ 18.776999] allocated 115-byte region [fff00000c401eb00, fff00000c401eb73) [ 18.777063] [ 18.777084] The buggy address belongs to the physical page: [ 18.777119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10401e [ 18.777173] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.777227] page_type: f5(slab) [ 18.777269] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.777319] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.777371] page dumped because: kasan: bad access detected [ 18.777402] [ 18.777420] Memory state around the buggy address: [ 18.777454] fff00000c401ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.777497] fff00000c401ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.777539] >fff00000c401eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.777580] ^ [ 18.777619] fff00000c401eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.777660] fff00000c401ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.777698] ================================================================== [ 18.820284] ================================================================== [ 18.820630] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.821027] Read of size 1 at addr fff00000c6bf02bb by task kunit_try_catch/225 [ 18.821295] [ 18.821561] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.821967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.822002] Hardware name: linux,dummy-virt (DT) [ 18.822035] Call trace: [ 18.822059] show_stack+0x20/0x38 (C) [ 18.822112] dump_stack_lvl+0x8c/0xd0 [ 18.822163] print_report+0x118/0x608 [ 18.822235] kasan_report+0xdc/0x128 [ 18.822285] __asan_report_load1_noabort+0x20/0x30 [ 18.822583] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.822894] mempool_slab_oob_right+0xc0/0x118 [ 18.822947] kunit_try_run_case+0x170/0x3f0 [ 18.823005] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.823084] kthread+0x328/0x630 [ 18.823127] ret_from_fork+0x10/0x20 [ 18.823174] [ 18.823194] Allocated by task 225: [ 18.823437] kasan_save_stack+0x3c/0x68 [ 18.823678] kasan_save_track+0x20/0x40 [ 18.823740] kasan_save_alloc_info+0x40/0x58 [ 18.823781] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.823853] remove_element+0x16c/0x1f8 [ 18.823906] mempool_alloc_preallocated+0x58/0xc0 [ 18.823945] mempool_oob_right_helper+0x98/0x2f0 [ 18.823984] mempool_slab_oob_right+0xc0/0x118 [ 18.824027] kunit_try_run_case+0x170/0x3f0 [ 18.824077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824123] kthread+0x328/0x630 [ 18.824157] ret_from_fork+0x10/0x20 [ 18.824467] [ 18.824488] The buggy address belongs to the object at fff00000c6bf0240 [ 18.824488] which belongs to the cache test_cache of size 123 [ 18.824848] The buggy address is located 0 bytes to the right of [ 18.824848] allocated 123-byte region [fff00000c6bf0240, fff00000c6bf02bb) [ 18.824989] [ 18.825011] The buggy address belongs to the physical page: [ 18.825148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106bf0 [ 18.825215] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.825402] page_type: f5(slab) [ 18.825443] raw: 0bfffe0000000000 fff00000c3e02a00 dead000000000122 0000000000000000 [ 18.825551] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.825749] page dumped because: kasan: bad access detected [ 18.825780] [ 18.825800] Memory state around the buggy address: [ 18.825898] fff00000c6bf0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.825994] fff00000c6bf0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.826036] >fff00000c6bf0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.826301] ^ [ 18.826353] fff00000c6bf0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.826398] fff00000c6bf0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.826436] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.216621] ================================================================== [ 18.216705] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 18.216782] Read of size 1 at addr fff00000c3e02780 by task kunit_try_catch/215 [ 18.216833] [ 18.216878] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.216966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.216993] Hardware name: linux,dummy-virt (DT) [ 18.217026] Call trace: [ 18.217051] show_stack+0x20/0x38 (C) [ 18.217106] dump_stack_lvl+0x8c/0xd0 [ 18.217157] print_report+0x118/0x608 [ 18.217204] kasan_report+0xdc/0x128 [ 18.217250] __kasan_check_byte+0x54/0x70 [ 18.217299] kmem_cache_destroy+0x34/0x218 [ 18.217364] kmem_cache_double_destroy+0x174/0x300 [ 18.217414] kunit_try_run_case+0x170/0x3f0 [ 18.217466] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.217521] kthread+0x328/0x630 [ 18.217565] ret_from_fork+0x10/0x20 [ 18.217615] [ 18.217634] Allocated by task 215: [ 18.217665] kasan_save_stack+0x3c/0x68 [ 18.217708] kasan_save_track+0x20/0x40 [ 18.217747] kasan_save_alloc_info+0x40/0x58 [ 18.217788] __kasan_slab_alloc+0xa8/0xb0 [ 18.217827] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.217871] __kmem_cache_create_args+0x178/0x280 [ 18.217912] kmem_cache_double_destroy+0xc0/0x300 [ 18.217955] kunit_try_run_case+0x170/0x3f0 [ 18.217994] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218040] kthread+0x328/0x630 [ 18.218075] ret_from_fork+0x10/0x20 [ 18.218113] [ 18.218131] Freed by task 215: [ 18.218158] kasan_save_stack+0x3c/0x68 [ 18.218197] kasan_save_track+0x20/0x40 [ 18.218235] kasan_save_free_info+0x4c/0x78 [ 18.218275] __kasan_slab_free+0x6c/0x98 [ 18.218314] kmem_cache_free+0x260/0x468 [ 18.218364] slab_kmem_cache_release+0x38/0x50 [ 18.218403] kmem_cache_release+0x1c/0x30 [ 18.218440] kobject_put+0x17c/0x420 [ 18.218477] sysfs_slab_release+0x1c/0x30 [ 18.218514] kmem_cache_destroy+0x118/0x218 [ 18.218552] kmem_cache_double_destroy+0x128/0x300 [ 18.218593] kunit_try_run_case+0x170/0x3f0 [ 18.218631] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.218676] kthread+0x328/0x630 [ 18.218708] ret_from_fork+0x10/0x20 [ 18.218745] [ 18.218764] The buggy address belongs to the object at fff00000c3e02780 [ 18.218764] which belongs to the cache kmem_cache of size 208 [ 18.218820] The buggy address is located 0 bytes inside of [ 18.218820] freed 208-byte region [fff00000c3e02780, fff00000c3e02850) [ 18.218880] [ 18.218903] The buggy address belongs to the physical page: [ 18.218936] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103e02 [ 18.218991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.219044] page_type: f5(slab) [ 18.219086] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 18.219135] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.219176] page dumped because: kasan: bad access detected [ 18.219207] [ 18.219227] Memory state around the buggy address: [ 18.219260] fff00000c3e02680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.219303] fff00000c3e02700: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.219359] >fff00000c3e02780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.219397] ^ [ 18.219430] fff00000c3e02800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.219473] fff00000c3e02880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.219511] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.126487] ================================================================== [ 18.126606] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 18.126692] Read of size 1 at addr fff00000c5a3f000 by task kunit_try_catch/213 [ 18.126745] [ 18.126791] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.126878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.126904] Hardware name: linux,dummy-virt (DT) [ 18.126939] Call trace: [ 18.126963] show_stack+0x20/0x38 (C) [ 18.127019] dump_stack_lvl+0x8c/0xd0 [ 18.127073] print_report+0x118/0x608 [ 18.127121] kasan_report+0xdc/0x128 [ 18.127168] __asan_report_load1_noabort+0x20/0x30 [ 18.127219] kmem_cache_rcu_uaf+0x388/0x468 [ 18.127267] kunit_try_run_case+0x170/0x3f0 [ 18.127318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127386] kthread+0x328/0x630 [ 18.127435] ret_from_fork+0x10/0x20 [ 18.127486] [ 18.127504] Allocated by task 213: [ 18.127535] kasan_save_stack+0x3c/0x68 [ 18.127576] kasan_save_track+0x20/0x40 [ 18.127614] kasan_save_alloc_info+0x40/0x58 [ 18.127655] __kasan_slab_alloc+0xa8/0xb0 [ 18.127696] kmem_cache_alloc_noprof+0x10c/0x398 [ 18.127739] kmem_cache_rcu_uaf+0x12c/0x468 [ 18.127778] kunit_try_run_case+0x170/0x3f0 [ 18.127817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.127860] kthread+0x328/0x630 [ 18.127894] ret_from_fork+0x10/0x20 [ 18.127929] [ 18.127947] Freed by task 0: [ 18.127976] kasan_save_stack+0x3c/0x68 [ 18.128015] kasan_save_track+0x20/0x40 [ 18.128051] kasan_save_free_info+0x4c/0x78 [ 18.128092] __kasan_slab_free+0x6c/0x98 [ 18.128130] slab_free_after_rcu_debug+0xd4/0x2f8 [ 18.128171] rcu_core+0x9f4/0x1e20 [ 18.128211] rcu_core_si+0x18/0x30 [ 18.128245] handle_softirqs+0x374/0xb28 [ 18.128284] __do_softirq+0x1c/0x28 [ 18.128318] [ 18.128347] Last potentially related work creation: [ 18.128375] kasan_save_stack+0x3c/0x68 [ 18.128414] kasan_record_aux_stack+0xb4/0xc8 [ 18.128454] kmem_cache_free+0x120/0x468 [ 18.128493] kmem_cache_rcu_uaf+0x16c/0x468 [ 18.128530] kunit_try_run_case+0x170/0x3f0 [ 18.128570] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.128613] kthread+0x328/0x630 [ 18.128646] ret_from_fork+0x10/0x20 [ 18.128681] [ 18.128701] The buggy address belongs to the object at fff00000c5a3f000 [ 18.128701] which belongs to the cache test_cache of size 200 [ 18.128761] The buggy address is located 0 bytes inside of [ 18.128761] freed 200-byte region [fff00000c5a3f000, fff00000c5a3f0c8) [ 18.128823] [ 18.128845] The buggy address belongs to the physical page: [ 18.128879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a3f [ 18.128937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.128991] page_type: f5(slab) [ 18.129034] raw: 0bfffe0000000000 fff00000c5973640 dead000000000122 0000000000000000 [ 18.129084] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.129125] page dumped because: kasan: bad access detected [ 18.129156] [ 18.129175] Memory state around the buggy address: [ 18.129207] fff00000c5a3ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.129251] fff00000c5a3ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.129294] >fff00000c5a3f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.129333] ^ [ 18.129373] fff00000c5a3f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.129415] fff00000c5a3f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.129453] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.771411] ================================================================== [ 17.771481] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.771549] Free of addr fff00000c5a3b001 by task kunit_try_catch/211 [ 17.771591] [ 17.771630] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.771716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.771742] Hardware name: linux,dummy-virt (DT) [ 17.771774] Call trace: [ 17.771799] show_stack+0x20/0x38 (C) [ 17.771852] dump_stack_lvl+0x8c/0xd0 [ 17.771904] print_report+0x118/0x608 [ 17.771953] kasan_report_invalid_free+0xc0/0xe8 [ 17.772004] check_slab_allocation+0xfc/0x108 [ 17.772054] __kasan_slab_pre_free+0x2c/0x48 [ 17.772102] kmem_cache_free+0xf0/0x468 [ 17.772151] kmem_cache_invalid_free+0x184/0x3c8 [ 17.772211] kunit_try_run_case+0x170/0x3f0 [ 17.772870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.772945] kthread+0x328/0x630 [ 17.773281] ret_from_fork+0x10/0x20 [ 17.773351] [ 17.773369] Allocated by task 211: [ 17.773401] kasan_save_stack+0x3c/0x68 [ 17.773451] kasan_save_track+0x20/0x40 [ 17.773593] kasan_save_alloc_info+0x40/0x58 [ 17.773714] __kasan_slab_alloc+0xa8/0xb0 [ 17.773755] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.773794] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.773833] kunit_try_run_case+0x170/0x3f0 [ 17.773871] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.774025] kthread+0x328/0x630 [ 17.774154] ret_from_fork+0x10/0x20 [ 17.774191] [ 17.774216] The buggy address belongs to the object at fff00000c5a3b000 [ 17.774216] which belongs to the cache test_cache of size 200 [ 17.774401] The buggy address is located 1 bytes inside of [ 17.774401] 200-byte region [fff00000c5a3b000, fff00000c5a3b0c8) [ 17.774462] [ 17.774486] The buggy address belongs to the physical page: [ 17.774518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a3b [ 17.774574] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.774635] page_type: f5(slab) [ 17.774674] raw: 0bfffe0000000000 fff00000c5973500 dead000000000122 0000000000000000 [ 17.774911] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.775122] page dumped because: kasan: bad access detected [ 17.775187] [ 17.775205] Memory state around the buggy address: [ 17.775307] fff00000c5a3af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775359] fff00000c5a3af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775403] >fff00000c5a3b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.775446] ^ [ 17.775473] fff00000c5a3b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.775540] fff00000c5a3b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775579] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.744777] ================================================================== [ 17.744848] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.744925] Free of addr fff00000c5a3a000 by task kunit_try_catch/209 [ 17.744969] [ 17.745265] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.745373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.745400] Hardware name: linux,dummy-virt (DT) [ 17.745433] Call trace: [ 17.745465] show_stack+0x20/0x38 (C) [ 17.745562] dump_stack_lvl+0x8c/0xd0 [ 17.745793] print_report+0x118/0x608 [ 17.746026] kasan_report_invalid_free+0xc0/0xe8 [ 17.746092] check_slab_allocation+0xd4/0x108 [ 17.746144] __kasan_slab_pre_free+0x2c/0x48 [ 17.746250] kmem_cache_free+0xf0/0x468 [ 17.746312] kmem_cache_double_free+0x190/0x3c8 [ 17.746371] kunit_try_run_case+0x170/0x3f0 [ 17.746424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.746540] kthread+0x328/0x630 [ 17.746649] ret_from_fork+0x10/0x20 [ 17.746788] [ 17.746807] Allocated by task 209: [ 17.746839] kasan_save_stack+0x3c/0x68 [ 17.746881] kasan_save_track+0x20/0x40 [ 17.746920] kasan_save_alloc_info+0x40/0x58 [ 17.746961] __kasan_slab_alloc+0xa8/0xb0 [ 17.747000] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.747041] kmem_cache_double_free+0x12c/0x3c8 [ 17.747190] kunit_try_run_case+0x170/0x3f0 [ 17.747247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.747293] kthread+0x328/0x630 [ 17.747355] ret_from_fork+0x10/0x20 [ 17.747393] [ 17.747414] Freed by task 209: [ 17.747492] kasan_save_stack+0x3c/0x68 [ 17.747542] kasan_save_track+0x20/0x40 [ 17.747580] kasan_save_free_info+0x4c/0x78 [ 17.747620] __kasan_slab_free+0x6c/0x98 [ 17.747658] kmem_cache_free+0x260/0x468 [ 17.747735] kmem_cache_double_free+0x140/0x3c8 [ 17.747815] kunit_try_run_case+0x170/0x3f0 [ 17.747878] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.747922] kthread+0x328/0x630 [ 17.747999] ret_from_fork+0x10/0x20 [ 17.748134] [ 17.748205] The buggy address belongs to the object at fff00000c5a3a000 [ 17.748205] which belongs to the cache test_cache of size 200 [ 17.748270] The buggy address is located 0 bytes inside of [ 17.748270] 200-byte region [fff00000c5a3a000, fff00000c5a3a0c8) [ 17.748528] [ 17.748551] The buggy address belongs to the physical page: [ 17.748584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a3a [ 17.748647] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.748789] page_type: f5(slab) [ 17.748846] raw: 0bfffe0000000000 fff00000c59733c0 dead000000000122 0000000000000000 [ 17.749017] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.749070] page dumped because: kasan: bad access detected [ 17.749101] [ 17.749131] Memory state around the buggy address: [ 17.749165] fff00000c5a39f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.749208] fff00000c5a39f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.749287] >fff00000c5a3a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.749374] ^ [ 17.749401] fff00000c5a3a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.749443] fff00000c5a3a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.749483] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.479946] ================================================================== [ 17.480024] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 17.480373] Read of size 1 at addr fff00000c5a380c8 by task kunit_try_catch/207 [ 17.480699] [ 17.480824] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.480916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.480944] Hardware name: linux,dummy-virt (DT) [ 17.480976] Call trace: [ 17.480999] show_stack+0x20/0x38 (C) [ 17.481054] dump_stack_lvl+0x8c/0xd0 [ 17.481104] print_report+0x118/0x608 [ 17.481153] kasan_report+0xdc/0x128 [ 17.481200] __asan_report_load1_noabort+0x20/0x30 [ 17.481492] kmem_cache_oob+0x344/0x430 [ 17.481691] kunit_try_run_case+0x170/0x3f0 [ 17.481744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.482245] kthread+0x328/0x630 [ 17.482526] ret_from_fork+0x10/0x20 [ 17.482607] [ 17.482902] Allocated by task 207: [ 17.482936] kasan_save_stack+0x3c/0x68 [ 17.482982] kasan_save_track+0x20/0x40 [ 17.483153] kasan_save_alloc_info+0x40/0x58 [ 17.483234] __kasan_slab_alloc+0xa8/0xb0 [ 17.483296] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.483464] kmem_cache_oob+0x12c/0x430 [ 17.483618] kunit_try_run_case+0x170/0x3f0 [ 17.483732] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.483810] kthread+0x328/0x630 [ 17.484234] ret_from_fork+0x10/0x20 [ 17.484599] [ 17.484643] The buggy address belongs to the object at fff00000c5a38000 [ 17.484643] which belongs to the cache test_cache of size 200 [ 17.484756] The buggy address is located 0 bytes to the right of [ 17.484756] allocated 200-byte region [fff00000c5a38000, fff00000c5a380c8) [ 17.484877] [ 17.484963] The buggy address belongs to the physical page: [ 17.485026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a38 [ 17.485084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.485183] page_type: f5(slab) [ 17.485389] raw: 0bfffe0000000000 fff00000c5973280 dead000000000122 0000000000000000 [ 17.485455] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.485595] page dumped because: kasan: bad access detected [ 17.485627] [ 17.485644] Memory state around the buggy address: [ 17.485699] fff00000c5a37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.485786] fff00000c5a38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.485963] >fff00000c5a38080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.486001] ^ [ 17.486036] fff00000c5a38100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.486078] fff00000c5a38180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.486116] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.425089] ================================================================== [ 17.425947] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 17.426036] Read of size 8 at addr fff00000c5a2dd80 by task kunit_try_catch/200 [ 17.426086] [ 17.426125] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.426212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.426240] Hardware name: linux,dummy-virt (DT) [ 17.426271] Call trace: [ 17.426295] show_stack+0x20/0x38 (C) [ 17.426359] dump_stack_lvl+0x8c/0xd0 [ 17.426408] print_report+0x118/0x608 [ 17.426456] kasan_report+0xdc/0x128 [ 17.426501] __asan_report_load8_noabort+0x20/0x30 [ 17.426554] workqueue_uaf+0x480/0x4a8 [ 17.426600] kunit_try_run_case+0x170/0x3f0 [ 17.426650] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.426709] kthread+0x328/0x630 [ 17.426754] ret_from_fork+0x10/0x20 [ 17.426802] [ 17.426820] Allocated by task 200: [ 17.426852] kasan_save_stack+0x3c/0x68 [ 17.426897] kasan_save_track+0x20/0x40 [ 17.426937] kasan_save_alloc_info+0x40/0x58 [ 17.426976] __kasan_kmalloc+0xd4/0xd8 [ 17.427013] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.427053] workqueue_uaf+0x13c/0x4a8 [ 17.427089] kunit_try_run_case+0x170/0x3f0 [ 17.427127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.427170] kthread+0x328/0x630 [ 17.427203] ret_from_fork+0x10/0x20 [ 17.427239] [ 17.427257] Freed by task 48: [ 17.427284] kasan_save_stack+0x3c/0x68 [ 17.427320] kasan_save_track+0x20/0x40 [ 17.427368] kasan_save_free_info+0x4c/0x78 [ 17.427412] __kasan_slab_free+0x6c/0x98 [ 17.427449] kfree+0x214/0x3c8 [ 17.427483] workqueue_uaf_work+0x18/0x30 [ 17.427519] process_one_work+0x530/0xf98 [ 17.427557] worker_thread+0x618/0xf38 [ 17.427595] kthread+0x328/0x630 [ 17.427628] ret_from_fork+0x10/0x20 [ 17.427665] [ 17.427685] Last potentially related work creation: [ 17.427711] kasan_save_stack+0x3c/0x68 [ 17.427750] kasan_record_aux_stack+0xb4/0xc8 [ 17.427791] __queue_work+0x65c/0x1008 [ 17.427828] queue_work_on+0xbc/0xf8 [ 17.427863] workqueue_uaf+0x210/0x4a8 [ 17.427899] kunit_try_run_case+0x170/0x3f0 [ 17.427938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.427983] kthread+0x328/0x630 [ 17.428016] ret_from_fork+0x10/0x20 [ 17.428054] [ 17.428072] The buggy address belongs to the object at fff00000c5a2dd80 [ 17.428072] which belongs to the cache kmalloc-32 of size 32 [ 17.428130] The buggy address is located 0 bytes inside of [ 17.428130] freed 32-byte region [fff00000c5a2dd80, fff00000c5a2dda0) [ 17.428189] [ 17.428212] The buggy address belongs to the physical page: [ 17.428245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2d [ 17.428300] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.428424] page_type: f5(slab) [ 17.428483] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.428997] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.429044] page dumped because: kasan: bad access detected [ 17.429078] [ 17.429097] Memory state around the buggy address: [ 17.429132] fff00000c5a2dc80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.429175] fff00000c5a2dd00: 00 00 00 fc fc fc fc fc 00 00 00 07 fc fc fc fc [ 17.429435] >fff00000c5a2dd80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.429888] ^ [ 17.430422] fff00000c5a2de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430469] fff00000c5a2de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.430508] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.383717] ================================================================== [ 17.383855] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 17.383929] Read of size 4 at addr fff00000c5a2db80 by task swapper/1/0 [ 17.383978] [ 17.384565] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.385413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.385462] Hardware name: linux,dummy-virt (DT) [ 17.385495] Call trace: [ 17.385605] show_stack+0x20/0x38 (C) [ 17.386009] dump_stack_lvl+0x8c/0xd0 [ 17.386073] print_report+0x118/0x608 [ 17.386140] kasan_report+0xdc/0x128 [ 17.386222] __asan_report_load4_noabort+0x20/0x30 [ 17.386491] rcu_uaf_reclaim+0x64/0x70 [ 17.386748] rcu_core+0x9f4/0x1e20 [ 17.386813] rcu_core_si+0x18/0x30 [ 17.387123] handle_softirqs+0x374/0xb28 [ 17.387303] __do_softirq+0x1c/0x28 [ 17.387368] ____do_softirq+0x18/0x30 [ 17.387419] call_on_irq_stack+0x24/0x30 [ 17.387932] do_softirq_own_stack+0x24/0x38 [ 17.388035] __irq_exit_rcu+0x1fc/0x318 [ 17.388187] irq_exit_rcu+0x1c/0x80 [ 17.388233] el1_interrupt+0x38/0x58 [ 17.388567] el1h_64_irq_handler+0x18/0x28 [ 17.388947] el1h_64_irq+0x6c/0x70 [ 17.389469] arch_local_irq_enable+0x4/0x8 (P) [ 17.389539] do_idle+0x384/0x4e8 [ 17.389766] cpu_startup_entry+0x68/0x80 [ 17.389816] secondary_start_kernel+0x288/0x340 [ 17.390100] __secondary_switched+0xc0/0xc8 [ 17.390187] [ 17.390411] Allocated by task 198: [ 17.390679] kasan_save_stack+0x3c/0x68 [ 17.391060] kasan_save_track+0x20/0x40 [ 17.391236] kasan_save_alloc_info+0x40/0x58 [ 17.391301] __kasan_kmalloc+0xd4/0xd8 [ 17.391628] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.391675] rcu_uaf+0xb0/0x2d8 [ 17.391710] kunit_try_run_case+0x170/0x3f0 [ 17.391753] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.391798] kthread+0x328/0x630 [ 17.391831] ret_from_fork+0x10/0x20 [ 17.391868] [ 17.391887] Freed by task 0: [ 17.391915] kasan_save_stack+0x3c/0x68 [ 17.392395] kasan_save_track+0x20/0x40 [ 17.392444] kasan_save_free_info+0x4c/0x78 [ 17.392493] __kasan_slab_free+0x6c/0x98 [ 17.392597] kfree+0x214/0x3c8 [ 17.392633] rcu_uaf_reclaim+0x28/0x70 [ 17.392670] rcu_core+0x9f4/0x1e20 [ 17.392853] rcu_core_si+0x18/0x30 [ 17.393122] handle_softirqs+0x374/0xb28 [ 17.393165] __do_softirq+0x1c/0x28 [ 17.393442] [ 17.393585] Last potentially related work creation: [ 17.393824] kasan_save_stack+0x3c/0x68 [ 17.394104] kasan_record_aux_stack+0xb4/0xc8 [ 17.394160] __call_rcu_common.constprop.0+0x74/0x8c8 [ 17.394414] call_rcu+0x18/0x30 [ 17.394609] rcu_uaf+0x14c/0x2d8 [ 17.394650] kunit_try_run_case+0x170/0x3f0 [ 17.394703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.394772] kthread+0x328/0x630 [ 17.394961] ret_from_fork+0x10/0x20 [ 17.395295] [ 17.395580] The buggy address belongs to the object at fff00000c5a2db80 [ 17.395580] which belongs to the cache kmalloc-32 of size 32 [ 17.395904] The buggy address is located 0 bytes inside of [ 17.395904] freed 32-byte region [fff00000c5a2db80, fff00000c5a2dba0) [ 17.395973] [ 17.396080] The buggy address belongs to the physical page: [ 17.396115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a2d [ 17.396435] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.396489] page_type: f5(slab) [ 17.396530] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 17.397026] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.397127] page dumped because: kasan: bad access detected [ 17.397277] [ 17.397570] Memory state around the buggy address: [ 17.397932] fff00000c5a2da80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 17.397990] fff00000c5a2db00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 17.398032] >fff00000c5a2db80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398072] ^ [ 17.398312] fff00000c5a2dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398661] fff00000c5a2dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.398704] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.165588] ================================================================== [ 17.165659] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 17.165711] Read of size 1 at addr fff00000c5a20400 by task kunit_try_catch/196 [ 17.165761] [ 17.165798] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.165879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.166231] Hardware name: linux,dummy-virt (DT) [ 17.166451] Call trace: [ 17.166484] show_stack+0x20/0x38 (C) [ 17.166856] dump_stack_lvl+0x8c/0xd0 [ 17.167181] print_report+0x118/0x608 [ 17.167447] kasan_report+0xdc/0x128 [ 17.167522] __asan_report_load1_noabort+0x20/0x30 [ 17.167732] ksize_uaf+0x598/0x5f8 [ 17.167990] kunit_try_run_case+0x170/0x3f0 [ 17.168075] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.168236] kthread+0x328/0x630 [ 17.168406] ret_from_fork+0x10/0x20 [ 17.168511] [ 17.168529] Allocated by task 196: [ 17.168714] kasan_save_stack+0x3c/0x68 [ 17.168935] kasan_save_track+0x20/0x40 [ 17.169099] kasan_save_alloc_info+0x40/0x58 [ 17.169368] __kasan_kmalloc+0xd4/0xd8 [ 17.169456] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.169497] ksize_uaf+0xb8/0x5f8 [ 17.169566] kunit_try_run_case+0x170/0x3f0 [ 17.169864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.170096] kthread+0x328/0x630 [ 17.170214] ret_from_fork+0x10/0x20 [ 17.170414] [ 17.170440] Freed by task 196: [ 17.170469] kasan_save_stack+0x3c/0x68 [ 17.170541] kasan_save_track+0x20/0x40 [ 17.170736] kasan_save_free_info+0x4c/0x78 [ 17.170922] __kasan_slab_free+0x6c/0x98 [ 17.171027] kfree+0x214/0x3c8 [ 17.171091] ksize_uaf+0x11c/0x5f8 [ 17.171224] kunit_try_run_case+0x170/0x3f0 [ 17.171264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.171502] kthread+0x328/0x630 [ 17.171670] ret_from_fork+0x10/0x20 [ 17.171876] [ 17.172234] The buggy address belongs to the object at fff00000c5a20400 [ 17.172234] which belongs to the cache kmalloc-128 of size 128 [ 17.172610] The buggy address is located 0 bytes inside of [ 17.172610] freed 128-byte region [fff00000c5a20400, fff00000c5a20480) [ 17.172791] [ 17.172932] The buggy address belongs to the physical page: [ 17.172975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.173205] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.173368] page_type: f5(slab) [ 17.173520] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.173629] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.173748] page dumped because: kasan: bad access detected [ 17.173852] [ 17.173870] Memory state around the buggy address: [ 17.174131] fff00000c5a20300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.174237] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.174463] >fff00000c5a20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.174570] ^ [ 17.174704] fff00000c5a20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.174845] fff00000c5a20500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.174887] ================================================================== [ 17.176234] ================================================================== [ 17.176289] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 17.176357] Read of size 1 at addr fff00000c5a20478 by task kunit_try_catch/196 [ 17.176409] [ 17.176440] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.176524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.176550] Hardware name: linux,dummy-virt (DT) [ 17.176580] Call trace: [ 17.176601] show_stack+0x20/0x38 (C) [ 17.176648] dump_stack_lvl+0x8c/0xd0 [ 17.176697] print_report+0x118/0x608 [ 17.176743] kasan_report+0xdc/0x128 [ 17.176790] __asan_report_load1_noabort+0x20/0x30 [ 17.176843] ksize_uaf+0x544/0x5f8 [ 17.176887] kunit_try_run_case+0x170/0x3f0 [ 17.176940] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.176994] kthread+0x328/0x630 [ 17.177038] ret_from_fork+0x10/0x20 [ 17.177085] [ 17.177102] Allocated by task 196: [ 17.177130] kasan_save_stack+0x3c/0x68 [ 17.177172] kasan_save_track+0x20/0x40 [ 17.177211] kasan_save_alloc_info+0x40/0x58 [ 17.177252] __kasan_kmalloc+0xd4/0xd8 [ 17.177289] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.177331] ksize_uaf+0xb8/0x5f8 [ 17.177403] kunit_try_run_case+0x170/0x3f0 [ 17.177451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.177534] kthread+0x328/0x630 [ 17.177569] ret_from_fork+0x10/0x20 [ 17.177604] [ 17.177624] Freed by task 196: [ 17.177650] kasan_save_stack+0x3c/0x68 [ 17.177718] kasan_save_track+0x20/0x40 [ 17.177784] kasan_save_free_info+0x4c/0x78 [ 17.177902] __kasan_slab_free+0x6c/0x98 [ 17.177987] kfree+0x214/0x3c8 [ 17.178021] ksize_uaf+0x11c/0x5f8 [ 17.178070] kunit_try_run_case+0x170/0x3f0 [ 17.178108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.178422] kthread+0x328/0x630 [ 17.178611] ret_from_fork+0x10/0x20 [ 17.178729] [ 17.178875] The buggy address belongs to the object at fff00000c5a20400 [ 17.178875] which belongs to the cache kmalloc-128 of size 128 [ 17.179000] The buggy address is located 120 bytes inside of [ 17.179000] freed 128-byte region [fff00000c5a20400, fff00000c5a20480) [ 17.179151] [ 17.179218] The buggy address belongs to the physical page: [ 17.179305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.179408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.179454] page_type: f5(slab) [ 17.179547] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.179854] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.180002] page dumped because: kasan: bad access detected [ 17.180120] [ 17.180199] Memory state around the buggy address: [ 17.180371] fff00000c5a20300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180489] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180665] >fff00000c5a20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180742] ^ [ 17.180906] fff00000c5a20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180986] fff00000c5a20500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.181032] ================================================================== [ 17.152564] ================================================================== [ 17.152627] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 17.152683] Read of size 1 at addr fff00000c5a20400 by task kunit_try_catch/196 [ 17.153465] [ 17.153518] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.154113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.154210] Hardware name: linux,dummy-virt (DT) [ 17.154406] Call trace: [ 17.154680] show_stack+0x20/0x38 (C) [ 17.154754] dump_stack_lvl+0x8c/0xd0 [ 17.154976] print_report+0x118/0x608 [ 17.155313] kasan_report+0xdc/0x128 [ 17.155409] __kasan_check_byte+0x54/0x70 [ 17.155535] ksize+0x30/0x88 [ 17.156031] ksize_uaf+0x168/0x5f8 [ 17.156459] kunit_try_run_case+0x170/0x3f0 [ 17.156697] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.157016] kthread+0x328/0x630 [ 17.157269] ret_from_fork+0x10/0x20 [ 17.157328] [ 17.157357] Allocated by task 196: [ 17.157734] kasan_save_stack+0x3c/0x68 [ 17.157808] kasan_save_track+0x20/0x40 [ 17.157937] kasan_save_alloc_info+0x40/0x58 [ 17.158005] __kasan_kmalloc+0xd4/0xd8 [ 17.158309] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.158399] ksize_uaf+0xb8/0x5f8 [ 17.158437] kunit_try_run_case+0x170/0x3f0 [ 17.158836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.159052] kthread+0x328/0x630 [ 17.159119] ret_from_fork+0x10/0x20 [ 17.159503] [ 17.159617] Freed by task 196: [ 17.159742] kasan_save_stack+0x3c/0x68 [ 17.159956] kasan_save_track+0x20/0x40 [ 17.160182] kasan_save_free_info+0x4c/0x78 [ 17.160311] __kasan_slab_free+0x6c/0x98 [ 17.160650] kfree+0x214/0x3c8 [ 17.160855] ksize_uaf+0x11c/0x5f8 [ 17.160896] kunit_try_run_case+0x170/0x3f0 [ 17.161203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.161260] kthread+0x328/0x630 [ 17.161386] ret_from_fork+0x10/0x20 [ 17.161428] [ 17.161458] The buggy address belongs to the object at fff00000c5a20400 [ 17.161458] which belongs to the cache kmalloc-128 of size 128 [ 17.161536] The buggy address is located 0 bytes inside of [ 17.161536] freed 128-byte region [fff00000c5a20400, fff00000c5a20480) [ 17.161608] [ 17.161631] The buggy address belongs to the physical page: [ 17.161661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.161728] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.161780] page_type: f5(slab) [ 17.161830] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.161881] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.162397] page dumped because: kasan: bad access detected [ 17.162455] [ 17.162515] Memory state around the buggy address: [ 17.162656] fff00000c5a20300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.162843] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.163141] >fff00000c5a20400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.163397] ^ [ 17.163537] fff00000c5a20480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.163689] fff00000c5a20500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.163942] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.119199] ================================================================== [ 17.119850] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 17.119930] Read of size 1 at addr fff00000c5a20373 by task kunit_try_catch/194 [ 17.119980] [ 17.120016] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.120099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.120125] Hardware name: linux,dummy-virt (DT) [ 17.120196] Call trace: [ 17.120222] show_stack+0x20/0x38 (C) [ 17.120274] dump_stack_lvl+0x8c/0xd0 [ 17.120324] print_report+0x118/0x608 [ 17.120387] kasan_report+0xdc/0x128 [ 17.120433] __asan_report_load1_noabort+0x20/0x30 [ 17.120498] ksize_unpoisons_memory+0x628/0x740 [ 17.120548] kunit_try_run_case+0x170/0x3f0 [ 17.120597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.120651] kthread+0x328/0x630 [ 17.120695] ret_from_fork+0x10/0x20 [ 17.120743] [ 17.120761] Allocated by task 194: [ 17.120790] kasan_save_stack+0x3c/0x68 [ 17.120839] kasan_save_track+0x20/0x40 [ 17.120877] kasan_save_alloc_info+0x40/0x58 [ 17.120918] __kasan_kmalloc+0xd4/0xd8 [ 17.120965] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.121006] ksize_unpoisons_memory+0xc0/0x740 [ 17.121046] kunit_try_run_case+0x170/0x3f0 [ 17.121090] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.121135] kthread+0x328/0x630 [ 17.121168] ret_from_fork+0x10/0x20 [ 17.121204] [ 17.121224] The buggy address belongs to the object at fff00000c5a20300 [ 17.121224] which belongs to the cache kmalloc-128 of size 128 [ 17.121286] The buggy address is located 0 bytes to the right of [ 17.121286] allocated 115-byte region [fff00000c5a20300, fff00000c5a20373) [ 17.121882] [ 17.122196] The buggy address belongs to the physical page: [ 17.122334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.122436] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.123204] page_type: f5(slab) [ 17.123392] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.123928] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.123990] page dumped because: kasan: bad access detected [ 17.124315] [ 17.124431] Memory state around the buggy address: [ 17.124594] fff00000c5a20200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.124833] fff00000c5a20280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.124995] >fff00000c5a20300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.125201] ^ [ 17.125296] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.125812] fff00000c5a20400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.126089] ================================================================== [ 17.138870] ================================================================== [ 17.139135] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 17.139282] Read of size 1 at addr fff00000c5a2037f by task kunit_try_catch/194 [ 17.139385] [ 17.139473] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.139558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.139586] Hardware name: linux,dummy-virt (DT) [ 17.139625] Call trace: [ 17.139649] show_stack+0x20/0x38 (C) [ 17.139701] dump_stack_lvl+0x8c/0xd0 [ 17.139759] print_report+0x118/0x608 [ 17.139813] kasan_report+0xdc/0x128 [ 17.139862] __asan_report_load1_noabort+0x20/0x30 [ 17.139920] ksize_unpoisons_memory+0x690/0x740 [ 17.139970] kunit_try_run_case+0x170/0x3f0 [ 17.140018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.140073] kthread+0x328/0x630 [ 17.140115] ret_from_fork+0x10/0x20 [ 17.140164] [ 17.140182] Allocated by task 194: [ 17.140210] kasan_save_stack+0x3c/0x68 [ 17.140251] kasan_save_track+0x20/0x40 [ 17.140299] kasan_save_alloc_info+0x40/0x58 [ 17.140361] __kasan_kmalloc+0xd4/0xd8 [ 17.140399] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.140439] ksize_unpoisons_memory+0xc0/0x740 [ 17.140477] kunit_try_run_case+0x170/0x3f0 [ 17.140516] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.140569] kthread+0x328/0x630 [ 17.140601] ret_from_fork+0x10/0x20 [ 17.140644] [ 17.140663] The buggy address belongs to the object at fff00000c5a20300 [ 17.140663] which belongs to the cache kmalloc-128 of size 128 [ 17.140720] The buggy address is located 12 bytes to the right of [ 17.140720] allocated 115-byte region [fff00000c5a20300, fff00000c5a20373) [ 17.140783] [ 17.140803] The buggy address belongs to the physical page: [ 17.140831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.140882] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.140928] page_type: f5(slab) [ 17.140965] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.141023] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.141065] page dumped because: kasan: bad access detected [ 17.141096] [ 17.141117] Memory state around the buggy address: [ 17.141149] fff00000c5a20200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.141193] fff00000c5a20280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141234] >fff00000c5a20300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.141271] ^ [ 17.141318] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141371] fff00000c5a20400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.141713] ================================================================== [ 17.127917] ================================================================== [ 17.128008] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 17.128219] Read of size 1 at addr fff00000c5a20378 by task kunit_try_catch/194 [ 17.128470] [ 17.128574] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.128965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.129170] Hardware name: linux,dummy-virt (DT) [ 17.129215] Call trace: [ 17.129287] show_stack+0x20/0x38 (C) [ 17.129586] dump_stack_lvl+0x8c/0xd0 [ 17.129677] print_report+0x118/0x608 [ 17.130070] kasan_report+0xdc/0x128 [ 17.130396] __asan_report_load1_noabort+0x20/0x30 [ 17.130517] ksize_unpoisons_memory+0x618/0x740 [ 17.130594] kunit_try_run_case+0x170/0x3f0 [ 17.130651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.130708] kthread+0x328/0x630 [ 17.131197] ret_from_fork+0x10/0x20 [ 17.131313] [ 17.131465] Allocated by task 194: [ 17.131689] kasan_save_stack+0x3c/0x68 [ 17.131781] kasan_save_track+0x20/0x40 [ 17.132355] kasan_save_alloc_info+0x40/0x58 [ 17.132494] __kasan_kmalloc+0xd4/0xd8 [ 17.132535] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.132779] ksize_unpoisons_memory+0xc0/0x740 [ 17.133040] kunit_try_run_case+0x170/0x3f0 [ 17.133195] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.133427] kthread+0x328/0x630 [ 17.133609] ret_from_fork+0x10/0x20 [ 17.133844] [ 17.133925] The buggy address belongs to the object at fff00000c5a20300 [ 17.133925] which belongs to the cache kmalloc-128 of size 128 [ 17.134197] The buggy address is located 5 bytes to the right of [ 17.134197] allocated 115-byte region [fff00000c5a20300, fff00000c5a20373) [ 17.134448] [ 17.134741] The buggy address belongs to the physical page: [ 17.134853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 17.135012] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.135398] page_type: f5(slab) [ 17.135659] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 17.135791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.135919] page dumped because: kasan: bad access detected [ 17.136115] [ 17.136135] Memory state around the buggy address: [ 17.136169] fff00000c5a20200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.136544] fff00000c5a20280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.136746] >fff00000c5a20300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.136977] ^ [ 17.137147] fff00000c5a20380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.137221] fff00000c5a20400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.137448] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.101697] ================================================================== [ 17.101766] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 17.102521] Free of addr fff00000c4498e80 by task kunit_try_catch/192 [ 17.102583] [ 17.102809] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.103020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.103049] Hardware name: linux,dummy-virt (DT) [ 17.103286] Call trace: [ 17.103447] show_stack+0x20/0x38 (C) [ 17.103638] dump_stack_lvl+0x8c/0xd0 [ 17.103920] print_report+0x118/0x608 [ 17.104038] kasan_report_invalid_free+0xc0/0xe8 [ 17.104251] check_slab_allocation+0xd4/0x108 [ 17.104429] __kasan_slab_pre_free+0x2c/0x48 [ 17.104616] kfree+0xe8/0x3c8 [ 17.104794] kfree_sensitive+0x3c/0xb0 [ 17.105282] kmalloc_double_kzfree+0x168/0x308 [ 17.105372] kunit_try_run_case+0x170/0x3f0 [ 17.105890] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.106001] kthread+0x328/0x630 [ 17.106053] ret_from_fork+0x10/0x20 [ 17.106160] [ 17.106180] Allocated by task 192: [ 17.106231] kasan_save_stack+0x3c/0x68 [ 17.106301] kasan_save_track+0x20/0x40 [ 17.106352] kasan_save_alloc_info+0x40/0x58 [ 17.106403] __kasan_kmalloc+0xd4/0xd8 [ 17.106441] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.106481] kmalloc_double_kzfree+0xb8/0x308 [ 17.106519] kunit_try_run_case+0x170/0x3f0 [ 17.106566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.106611] kthread+0x328/0x630 [ 17.106654] ret_from_fork+0x10/0x20 [ 17.106691] [ 17.106709] Freed by task 192: [ 17.106733] kasan_save_stack+0x3c/0x68 [ 17.106770] kasan_save_track+0x20/0x40 [ 17.106808] kasan_save_free_info+0x4c/0x78 [ 17.106848] __kasan_slab_free+0x6c/0x98 [ 17.106887] kfree+0x214/0x3c8 [ 17.106919] kfree_sensitive+0x80/0xb0 [ 17.106957] kmalloc_double_kzfree+0x11c/0x308 [ 17.107004] kunit_try_run_case+0x170/0x3f0 [ 17.107058] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.107102] kthread+0x328/0x630 [ 17.107140] ret_from_fork+0x10/0x20 [ 17.107176] [ 17.107194] The buggy address belongs to the object at fff00000c4498e80 [ 17.107194] which belongs to the cache kmalloc-16 of size 16 [ 17.107251] The buggy address is located 0 bytes inside of [ 17.107251] 16-byte region [fff00000c4498e80, fff00000c4498e90) [ 17.107309] [ 17.107358] The buggy address belongs to the physical page: [ 17.107410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 17.107469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.107514] page_type: f5(slab) [ 17.107566] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.107630] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.107679] page dumped because: kasan: bad access detected [ 17.107710] [ 17.107729] Memory state around the buggy address: [ 17.107759] fff00000c4498d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.107803] fff00000c4498e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.107844] >fff00000c4498e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.107883] ^ [ 17.107912] fff00000c4498f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.107953] fff00000c4498f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.108001] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.088078] ================================================================== [ 17.088258] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 17.088325] Read of size 1 at addr fff00000c4498e80 by task kunit_try_catch/192 [ 17.088831] [ 17.088998] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.089152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.089185] Hardware name: linux,dummy-virt (DT) [ 17.089215] Call trace: [ 17.089241] show_stack+0x20/0x38 (C) [ 17.089636] dump_stack_lvl+0x8c/0xd0 [ 17.089838] print_report+0x118/0x608 [ 17.089943] kasan_report+0xdc/0x128 [ 17.090036] __kasan_check_byte+0x54/0x70 [ 17.090085] kfree_sensitive+0x30/0xb0 [ 17.090201] kmalloc_double_kzfree+0x168/0x308 [ 17.090253] kunit_try_run_case+0x170/0x3f0 [ 17.090588] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.090835] kthread+0x328/0x630 [ 17.091014] ret_from_fork+0x10/0x20 [ 17.091163] [ 17.091188] Allocated by task 192: [ 17.091361] kasan_save_stack+0x3c/0x68 [ 17.091597] kasan_save_track+0x20/0x40 [ 17.091666] kasan_save_alloc_info+0x40/0x58 [ 17.091808] __kasan_kmalloc+0xd4/0xd8 [ 17.091959] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.092053] kmalloc_double_kzfree+0xb8/0x308 [ 17.092095] kunit_try_run_case+0x170/0x3f0 [ 17.092392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.092732] kthread+0x328/0x630 [ 17.092902] ret_from_fork+0x10/0x20 [ 17.093372] [ 17.093586] Freed by task 192: [ 17.093736] kasan_save_stack+0x3c/0x68 [ 17.094148] kasan_save_track+0x20/0x40 [ 17.094281] kasan_save_free_info+0x4c/0x78 [ 17.094468] __kasan_slab_free+0x6c/0x98 [ 17.094658] kfree+0x214/0x3c8 [ 17.094739] kfree_sensitive+0x80/0xb0 [ 17.095142] kmalloc_double_kzfree+0x11c/0x308 [ 17.095221] kunit_try_run_case+0x170/0x3f0 [ 17.095377] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.095496] kthread+0x328/0x630 [ 17.095653] ret_from_fork+0x10/0x20 [ 17.095779] [ 17.095799] The buggy address belongs to the object at fff00000c4498e80 [ 17.095799] which belongs to the cache kmalloc-16 of size 16 [ 17.096869] The buggy address is located 0 bytes inside of [ 17.096869] freed 16-byte region [fff00000c4498e80, fff00000c4498e90) [ 17.096990] [ 17.097057] The buggy address belongs to the physical page: [ 17.097540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 17.097871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.097974] page_type: f5(slab) [ 17.098329] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.098409] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.098837] page dumped because: kasan: bad access detected [ 17.098935] [ 17.099003] Memory state around the buggy address: [ 17.099229] fff00000c4498d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.099448] fff00000c4498e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.099570] >fff00000c4498e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.099765] ^ [ 17.099979] fff00000c4498f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.100028] fff00000c4498f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.100280] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.055363] ================================================================== [ 17.055430] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 17.055486] Read of size 1 at addr fff00000c5a1df28 by task kunit_try_catch/188 [ 17.055955] [ 17.056008] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.056168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.056194] Hardware name: linux,dummy-virt (DT) [ 17.056311] Call trace: [ 17.056336] show_stack+0x20/0x38 (C) [ 17.056749] dump_stack_lvl+0x8c/0xd0 [ 17.056824] print_report+0x118/0x608 [ 17.056927] kasan_report+0xdc/0x128 [ 17.057011] __asan_report_load1_noabort+0x20/0x30 [ 17.057248] kmalloc_uaf2+0x3f4/0x468 [ 17.057300] kunit_try_run_case+0x170/0x3f0 [ 17.057690] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.057920] kthread+0x328/0x630 [ 17.058254] ret_from_fork+0x10/0x20 [ 17.058316] [ 17.058334] Allocated by task 188: [ 17.058372] kasan_save_stack+0x3c/0x68 [ 17.058613] kasan_save_track+0x20/0x40 [ 17.058850] kasan_save_alloc_info+0x40/0x58 [ 17.059058] __kasan_kmalloc+0xd4/0xd8 [ 17.059125] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.059335] kmalloc_uaf2+0xc4/0x468 [ 17.059397] kunit_try_run_case+0x170/0x3f0 [ 17.059787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.060279] kthread+0x328/0x630 [ 17.060347] ret_from_fork+0x10/0x20 [ 17.060755] [ 17.060864] Freed by task 188: [ 17.061089] kasan_save_stack+0x3c/0x68 [ 17.061417] kasan_save_track+0x20/0x40 [ 17.061567] kasan_save_free_info+0x4c/0x78 [ 17.061714] __kasan_slab_free+0x6c/0x98 [ 17.061807] kfree+0x214/0x3c8 [ 17.061845] kmalloc_uaf2+0x134/0x468 [ 17.062124] kunit_try_run_case+0x170/0x3f0 [ 17.062507] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.062720] kthread+0x328/0x630 [ 17.063087] ret_from_fork+0x10/0x20 [ 17.063157] [ 17.063205] The buggy address belongs to the object at fff00000c5a1df00 [ 17.063205] which belongs to the cache kmalloc-64 of size 64 [ 17.063487] The buggy address is located 40 bytes inside of [ 17.063487] freed 64-byte region [fff00000c5a1df00, fff00000c5a1df40) [ 17.063714] [ 17.063736] The buggy address belongs to the physical page: [ 17.063784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1d [ 17.064110] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.064431] page_type: f5(slab) [ 17.064588] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.064643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.065265] page dumped because: kasan: bad access detected [ 17.065495] [ 17.065700] Memory state around the buggy address: [ 17.065988] fff00000c5a1de00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066120] fff00000c5a1de80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066279] >fff00000c5a1df00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.066409] ^ [ 17.066513] fff00000c5a1df80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.066558] fff00000c5a1e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.067008] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.037448] ================================================================== [ 17.037519] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 17.037627] Write of size 33 at addr fff00000c5a1de00 by task kunit_try_catch/186 [ 17.037682] [ 17.037716] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.037928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.038220] Hardware name: linux,dummy-virt (DT) [ 17.038291] Call trace: [ 17.038318] show_stack+0x20/0x38 (C) [ 17.038686] dump_stack_lvl+0x8c/0xd0 [ 17.038924] print_report+0x118/0x608 [ 17.039020] kasan_report+0xdc/0x128 [ 17.039207] kasan_check_range+0x100/0x1a8 [ 17.039438] __asan_memset+0x34/0x78 [ 17.039551] kmalloc_uaf_memset+0x170/0x310 [ 17.039908] kunit_try_run_case+0x170/0x3f0 [ 17.040025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.040207] kthread+0x328/0x630 [ 17.040254] ret_from_fork+0x10/0x20 [ 17.040497] [ 17.040680] Allocated by task 186: [ 17.040718] kasan_save_stack+0x3c/0x68 [ 17.040981] kasan_save_track+0x20/0x40 [ 17.041161] kasan_save_alloc_info+0x40/0x58 [ 17.041275] __kasan_kmalloc+0xd4/0xd8 [ 17.041319] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.041391] kmalloc_uaf_memset+0xb8/0x310 [ 17.041429] kunit_try_run_case+0x170/0x3f0 [ 17.041476] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.041530] kthread+0x328/0x630 [ 17.041562] ret_from_fork+0x10/0x20 [ 17.041604] [ 17.041645] Freed by task 186: [ 17.041686] kasan_save_stack+0x3c/0x68 [ 17.041739] kasan_save_track+0x20/0x40 [ 17.041777] kasan_save_free_info+0x4c/0x78 [ 17.041817] __kasan_slab_free+0x6c/0x98 [ 17.041853] kfree+0x214/0x3c8 [ 17.041888] kmalloc_uaf_memset+0x11c/0x310 [ 17.042222] kunit_try_run_case+0x170/0x3f0 [ 17.042265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.042310] kthread+0x328/0x630 [ 17.042355] ret_from_fork+0x10/0x20 [ 17.042392] [ 17.042914] The buggy address belongs to the object at fff00000c5a1de00 [ 17.042914] which belongs to the cache kmalloc-64 of size 64 [ 17.043355] The buggy address is located 0 bytes inside of [ 17.043355] freed 64-byte region [fff00000c5a1de00, fff00000c5a1de40) [ 17.043434] [ 17.043455] The buggy address belongs to the physical page: [ 17.043868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1d [ 17.043935] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.044157] page_type: f5(slab) [ 17.044267] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.044498] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.044553] page dumped because: kasan: bad access detected [ 17.045021] [ 17.045062] Memory state around the buggy address: [ 17.045098] fff00000c5a1dd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.045141] fff00000c5a1dd80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.045362] >fff00000c5a1de00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.045545] ^ [ 17.045601] fff00000c5a1de80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.045667] fff00000c5a1df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.045723] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.017817] ================================================================== [ 17.018044] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 17.018145] Read of size 1 at addr fff00000c4498e68 by task kunit_try_catch/184 [ 17.018637] [ 17.018700] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 17.018929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.019164] Hardware name: linux,dummy-virt (DT) [ 17.019214] Call trace: [ 17.019237] show_stack+0x20/0x38 (C) [ 17.019449] dump_stack_lvl+0x8c/0xd0 [ 17.019668] print_report+0x118/0x608 [ 17.019724] kasan_report+0xdc/0x128 [ 17.019771] __asan_report_load1_noabort+0x20/0x30 [ 17.019822] kmalloc_uaf+0x300/0x338 [ 17.019917] kunit_try_run_case+0x170/0x3f0 [ 17.019985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.020040] kthread+0x328/0x630 [ 17.020092] ret_from_fork+0x10/0x20 [ 17.020149] [ 17.020180] Allocated by task 184: [ 17.020208] kasan_save_stack+0x3c/0x68 [ 17.020250] kasan_save_track+0x20/0x40 [ 17.020298] kasan_save_alloc_info+0x40/0x58 [ 17.020351] __kasan_kmalloc+0xd4/0xd8 [ 17.020388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.020440] kmalloc_uaf+0xb8/0x338 [ 17.020481] kunit_try_run_case+0x170/0x3f0 [ 17.020546] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.020592] kthread+0x328/0x630 [ 17.020631] ret_from_fork+0x10/0x20 [ 17.020666] [ 17.020699] Freed by task 184: [ 17.020739] kasan_save_stack+0x3c/0x68 [ 17.020778] kasan_save_track+0x20/0x40 [ 17.020813] kasan_save_free_info+0x4c/0x78 [ 17.020859] __kasan_slab_free+0x6c/0x98 [ 17.020905] kfree+0x214/0x3c8 [ 17.020947] kmalloc_uaf+0x11c/0x338 [ 17.020981] kunit_try_run_case+0x170/0x3f0 [ 17.021029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.021077] kthread+0x328/0x630 [ 17.021109] ret_from_fork+0x10/0x20 [ 17.021145] [ 17.021176] The buggy address belongs to the object at fff00000c4498e60 [ 17.021176] which belongs to the cache kmalloc-16 of size 16 [ 17.021240] The buggy address is located 8 bytes inside of [ 17.021240] freed 16-byte region [fff00000c4498e60, fff00000c4498e70) [ 17.021300] [ 17.021481] The buggy address belongs to the physical page: [ 17.021649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 17.022140] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.022442] page_type: f5(slab) [ 17.022498] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.022805] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.023046] page dumped because: kasan: bad access detected [ 17.023092] [ 17.023139] Memory state around the buggy address: [ 17.023490] fff00000c4498d00: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 17.023694] fff00000c4498d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.023879] >fff00000c4498e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.023964] ^ [ 17.024149] fff00000c4498e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.024389] fff00000c4498f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.024471] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.995593] ================================================================== [ 16.996132] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.996460] Read of size 64 at addr fff00000c5a1db04 by task kunit_try_catch/182 [ 16.996787] [ 16.996842] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.996987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.997044] Hardware name: linux,dummy-virt (DT) [ 16.997086] Call trace: [ 16.997110] show_stack+0x20/0x38 (C) [ 16.997170] dump_stack_lvl+0x8c/0xd0 [ 16.997219] print_report+0x118/0x608 [ 16.997286] kasan_report+0xdc/0x128 [ 16.997335] kasan_check_range+0x100/0x1a8 [ 16.997396] __asan_memmove+0x3c/0x98 [ 16.997449] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.997501] kunit_try_run_case+0x170/0x3f0 [ 16.997566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.997621] kthread+0x328/0x630 [ 16.997664] ret_from_fork+0x10/0x20 [ 16.997713] [ 16.997731] Allocated by task 182: [ 16.997760] kasan_save_stack+0x3c/0x68 [ 16.997801] kasan_save_track+0x20/0x40 [ 16.997849] kasan_save_alloc_info+0x40/0x58 [ 16.997889] __kasan_kmalloc+0xd4/0xd8 [ 16.998299] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.998356] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.998549] kunit_try_run_case+0x170/0x3f0 [ 16.998618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.998669] kthread+0x328/0x630 [ 16.998703] ret_from_fork+0x10/0x20 [ 16.998754] [ 16.998774] The buggy address belongs to the object at fff00000c5a1db00 [ 16.998774] which belongs to the cache kmalloc-64 of size 64 [ 16.998844] The buggy address is located 4 bytes inside of [ 16.998844] allocated 64-byte region [fff00000c5a1db00, fff00000c5a1db40) [ 16.998904] [ 16.998926] The buggy address belongs to the physical page: [ 16.998956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1d [ 16.999018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.999076] page_type: f5(slab) [ 16.999123] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.999187] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.999228] page dumped because: kasan: bad access detected [ 16.999259] [ 16.999277] Memory state around the buggy address: [ 16.999318] fff00000c5a1da00: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.999389] fff00000c5a1da80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.999452] >fff00000c5a1db00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.999490] ^ [ 16.999523] fff00000c5a1db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.999572] fff00000c5a1dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.999623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.972480] ================================================================== [ 16.972548] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.972606] Read of size 18446744073709551614 at addr fff00000c5a1d904 by task kunit_try_catch/180 [ 16.972682] [ 16.972715] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.972797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.972822] Hardware name: linux,dummy-virt (DT) [ 16.972851] Call trace: [ 16.972893] show_stack+0x20/0x38 (C) [ 16.972944] dump_stack_lvl+0x8c/0xd0 [ 16.973003] print_report+0x118/0x608 [ 16.973056] kasan_report+0xdc/0x128 [ 16.973101] kasan_check_range+0x100/0x1a8 [ 16.973155] __asan_memmove+0x3c/0x98 [ 16.973199] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.973256] kunit_try_run_case+0x170/0x3f0 [ 16.973314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.974250] kthread+0x328/0x630 [ 16.974351] ret_from_fork+0x10/0x20 [ 16.974459] [ 16.974539] Allocated by task 180: [ 16.974880] kasan_save_stack+0x3c/0x68 [ 16.974963] kasan_save_track+0x20/0x40 [ 16.975006] kasan_save_alloc_info+0x40/0x58 [ 16.975047] __kasan_kmalloc+0xd4/0xd8 [ 16.975083] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.975304] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.975505] kunit_try_run_case+0x170/0x3f0 [ 16.975735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.975930] kthread+0x328/0x630 [ 16.976126] ret_from_fork+0x10/0x20 [ 16.976371] [ 16.976426] The buggy address belongs to the object at fff00000c5a1d900 [ 16.976426] which belongs to the cache kmalloc-64 of size 64 [ 16.976670] The buggy address is located 4 bytes inside of [ 16.976670] 64-byte region [fff00000c5a1d900, fff00000c5a1d940) [ 16.976818] [ 16.976987] The buggy address belongs to the physical page: [ 16.977018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a1d [ 16.977504] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.977628] page_type: f5(slab) [ 16.977856] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.978412] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.980055] page dumped because: kasan: bad access detected [ 16.980296] [ 16.980374] Memory state around the buggy address: [ 16.980409] fff00000c5a1d800: 00 00 00 00 05 fc fc fc fc fc fc fc fc fc fc fc [ 16.980679] fff00000c5a1d880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.980926] >fff00000c5a1d900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.981105] ^ [ 16.981255] fff00000c5a1d980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.981349] fff00000c5a1da00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.981735] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.915725] ================================================================== [ 16.916163] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.916524] Write of size 8 at addr fff00000c5a20271 by task kunit_try_catch/176 [ 16.916584] [ 16.916620] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.916701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.916735] Hardware name: linux,dummy-virt (DT) [ 16.916774] Call trace: [ 16.916799] show_stack+0x20/0x38 (C) [ 16.916974] dump_stack_lvl+0x8c/0xd0 [ 16.917052] print_report+0x118/0x608 [ 16.917245] kasan_report+0xdc/0x128 [ 16.917550] kasan_check_range+0x100/0x1a8 [ 16.917622] __asan_memset+0x34/0x78 [ 16.917893] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.918118] kunit_try_run_case+0x170/0x3f0 [ 16.918213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.918266] kthread+0x328/0x630 [ 16.918554] ret_from_fork+0x10/0x20 [ 16.918753] [ 16.918951] Allocated by task 176: [ 16.919060] kasan_save_stack+0x3c/0x68 [ 16.919245] kasan_save_track+0x20/0x40 [ 16.919390] kasan_save_alloc_info+0x40/0x58 [ 16.919632] __kasan_kmalloc+0xd4/0xd8 [ 16.919870] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.920071] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.920250] kunit_try_run_case+0x170/0x3f0 [ 16.920625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.920708] kthread+0x328/0x630 [ 16.920852] ret_from_fork+0x10/0x20 [ 16.920971] [ 16.920994] The buggy address belongs to the object at fff00000c5a20200 [ 16.920994] which belongs to the cache kmalloc-128 of size 128 [ 16.921093] The buggy address is located 113 bytes inside of [ 16.921093] allocated 120-byte region [fff00000c5a20200, fff00000c5a20278) [ 16.921454] [ 16.921725] The buggy address belongs to the physical page: [ 16.921799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 16.921871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.921923] page_type: f5(slab) [ 16.922299] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.922551] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.922736] page dumped because: kasan: bad access detected [ 16.922791] [ 16.922873] Memory state around the buggy address: [ 16.922971] fff00000c5a20100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.923361] fff00000c5a20180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.923460] >fff00000c5a20200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.923547] ^ [ 16.923618] fff00000c5a20280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.923925] fff00000c5a20300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.924093] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.903545] ================================================================== [ 16.903601] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.903652] Write of size 4 at addr fff00000c5a20175 by task kunit_try_catch/174 [ 16.903718] [ 16.903751] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.903839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.903875] Hardware name: linux,dummy-virt (DT) [ 16.903904] Call trace: [ 16.903935] show_stack+0x20/0x38 (C) [ 16.903988] dump_stack_lvl+0x8c/0xd0 [ 16.904044] print_report+0x118/0x608 [ 16.904090] kasan_report+0xdc/0x128 [ 16.904144] kasan_check_range+0x100/0x1a8 [ 16.904199] __asan_memset+0x34/0x78 [ 16.904241] kmalloc_oob_memset_4+0x150/0x300 [ 16.904287] kunit_try_run_case+0x170/0x3f0 [ 16.904334] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.904399] kthread+0x328/0x630 [ 16.904449] ret_from_fork+0x10/0x20 [ 16.904496] [ 16.904514] Allocated by task 174: [ 16.904548] kasan_save_stack+0x3c/0x68 [ 16.904603] kasan_save_track+0x20/0x40 [ 16.904640] kasan_save_alloc_info+0x40/0x58 [ 16.904679] __kasan_kmalloc+0xd4/0xd8 [ 16.904715] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.904754] kmalloc_oob_memset_4+0xb0/0x300 [ 16.904791] kunit_try_run_case+0x170/0x3f0 [ 16.904828] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.904871] kthread+0x328/0x630 [ 16.904902] ret_from_fork+0x10/0x20 [ 16.904936] [ 16.904955] The buggy address belongs to the object at fff00000c5a20100 [ 16.904955] which belongs to the cache kmalloc-128 of size 128 [ 16.905008] The buggy address is located 117 bytes inside of [ 16.905008] allocated 120-byte region [fff00000c5a20100, fff00000c5a20178) [ 16.905066] [ 16.905085] The buggy address belongs to the physical page: [ 16.905113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 16.905162] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.905213] page_type: f5(slab) [ 16.905250] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.905297] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.905334] page dumped because: kasan: bad access detected [ 16.905619] [ 16.905645] Memory state around the buggy address: [ 16.905781] fff00000c5a20000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.906416] fff00000c5a20080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.906479] >fff00000c5a20100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.906517] ^ [ 16.906558] fff00000c5a20180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.906621] fff00000c5a20200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.907078] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.886996] ================================================================== [ 16.887085] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.887139] Write of size 2 at addr fff00000c5a20077 by task kunit_try_catch/172 [ 16.887213] [ 16.887383] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.887475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.887502] Hardware name: linux,dummy-virt (DT) [ 16.887539] Call trace: [ 16.887825] show_stack+0x20/0x38 (C) [ 16.888445] dump_stack_lvl+0x8c/0xd0 [ 16.888524] print_report+0x118/0x608 [ 16.888961] kasan_report+0xdc/0x128 [ 16.889032] kasan_check_range+0x100/0x1a8 [ 16.889194] __asan_memset+0x34/0x78 [ 16.889250] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.889296] kunit_try_run_case+0x170/0x3f0 [ 16.889360] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.889413] kthread+0x328/0x630 [ 16.889455] ret_from_fork+0x10/0x20 [ 16.889994] [ 16.890103] Allocated by task 172: [ 16.890164] kasan_save_stack+0x3c/0x68 [ 16.890209] kasan_save_track+0x20/0x40 [ 16.890530] kasan_save_alloc_info+0x40/0x58 [ 16.890610] __kasan_kmalloc+0xd4/0xd8 [ 16.890860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.890934] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.891308] kunit_try_run_case+0x170/0x3f0 [ 16.891641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.891770] kthread+0x328/0x630 [ 16.891819] ret_from_fork+0x10/0x20 [ 16.891855] [ 16.891875] The buggy address belongs to the object at fff00000c5a20000 [ 16.891875] which belongs to the cache kmalloc-128 of size 128 [ 16.891939] The buggy address is located 119 bytes inside of [ 16.891939] allocated 120-byte region [fff00000c5a20000, fff00000c5a20078) [ 16.892008] [ 16.892029] The buggy address belongs to the physical page: [ 16.892065] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a20 [ 16.892117] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.892162] page_type: f5(slab) [ 16.892205] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.892263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.892307] page dumped because: kasan: bad access detected [ 16.892364] [ 16.892382] Memory state around the buggy address: [ 16.892412] fff00000c5a1ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892452] fff00000c5a1ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892498] >fff00000c5a20000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.892534] ^ [ 16.892572] fff00000c5a20080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892613] fff00000c5a20100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892665] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.871477] ================================================================== [ 16.871580] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.871633] Write of size 128 at addr fff00000c46ebf00 by task kunit_try_catch/170 [ 16.871708] [ 16.871740] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.871858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.871884] Hardware name: linux,dummy-virt (DT) [ 16.871912] Call trace: [ 16.871984] show_stack+0x20/0x38 (C) [ 16.872049] dump_stack_lvl+0x8c/0xd0 [ 16.872229] print_report+0x118/0x608 [ 16.872280] kasan_report+0xdc/0x128 [ 16.872435] kasan_check_range+0x100/0x1a8 [ 16.872483] __asan_memset+0x34/0x78 [ 16.872524] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.872570] kunit_try_run_case+0x170/0x3f0 [ 16.872619] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.872671] kthread+0x328/0x630 [ 16.872712] ret_from_fork+0x10/0x20 [ 16.872758] [ 16.872776] Allocated by task 170: [ 16.872802] kasan_save_stack+0x3c/0x68 [ 16.872841] kasan_save_track+0x20/0x40 [ 16.872878] kasan_save_alloc_info+0x40/0x58 [ 16.872918] __kasan_kmalloc+0xd4/0xd8 [ 16.872953] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.872993] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.873447] kunit_try_run_case+0x170/0x3f0 [ 16.873508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.873553] kthread+0x328/0x630 [ 16.873701] ret_from_fork+0x10/0x20 [ 16.873785] [ 16.873877] The buggy address belongs to the object at fff00000c46ebf00 [ 16.873877] which belongs to the cache kmalloc-128 of size 128 [ 16.874019] The buggy address is located 0 bytes inside of [ 16.874019] allocated 120-byte region [fff00000c46ebf00, fff00000c46ebf78) [ 16.874100] [ 16.874120] The buggy address belongs to the physical page: [ 16.874149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.874206] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.874481] page_type: f5(slab) [ 16.874726] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.874876] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.875006] page dumped because: kasan: bad access detected [ 16.875271] [ 16.875498] Memory state around the buggy address: [ 16.875559] fff00000c46ebe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.875665] fff00000c46ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875783] >fff00000c46ebf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.875889] ^ [ 16.876223] fff00000c46ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876428] fff00000c46ec000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.876649] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.861815] ================================================================== [ 16.861873] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.861926] Read of size 16 at addr fff00000c4498e40 by task kunit_try_catch/168 [ 16.861984] [ 16.862016] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.862239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.862391] Hardware name: linux,dummy-virt (DT) [ 16.862443] Call trace: [ 16.862580] show_stack+0x20/0x38 (C) [ 16.862636] dump_stack_lvl+0x8c/0xd0 [ 16.863035] print_report+0x118/0x608 [ 16.863141] kasan_report+0xdc/0x128 [ 16.863310] __asan_report_load16_noabort+0x20/0x30 [ 16.863397] kmalloc_uaf_16+0x3bc/0x438 [ 16.863468] kunit_try_run_case+0x170/0x3f0 [ 16.863519] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.863580] kthread+0x328/0x630 [ 16.863636] ret_from_fork+0x10/0x20 [ 16.863683] [ 16.863701] Allocated by task 168: [ 16.863728] kasan_save_stack+0x3c/0x68 [ 16.863777] kasan_save_track+0x20/0x40 [ 16.863814] kasan_save_alloc_info+0x40/0x58 [ 16.863862] __kasan_kmalloc+0xd4/0xd8 [ 16.863913] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.863963] kmalloc_uaf_16+0x140/0x438 [ 16.864000] kunit_try_run_case+0x170/0x3f0 [ 16.864037] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.864080] kthread+0x328/0x630 [ 16.864112] ret_from_fork+0x10/0x20 [ 16.864152] [ 16.864178] Freed by task 168: [ 16.864202] kasan_save_stack+0x3c/0x68 [ 16.864248] kasan_save_track+0x20/0x40 [ 16.864284] kasan_save_free_info+0x4c/0x78 [ 16.864322] __kasan_slab_free+0x6c/0x98 [ 16.864367] kfree+0x214/0x3c8 [ 16.864399] kmalloc_uaf_16+0x190/0x438 [ 16.864433] kunit_try_run_case+0x170/0x3f0 [ 16.864470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.864512] kthread+0x328/0x630 [ 16.864811] ret_from_fork+0x10/0x20 [ 16.864898] [ 16.864917] The buggy address belongs to the object at fff00000c4498e40 [ 16.864917] which belongs to the cache kmalloc-16 of size 16 [ 16.865011] The buggy address is located 0 bytes inside of [ 16.865011] freed 16-byte region [fff00000c4498e40, fff00000c4498e50) [ 16.865100] [ 16.865119] The buggy address belongs to the physical page: [ 16.865159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 16.865243] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.865290] page_type: f5(slab) [ 16.865328] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.865419] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.865458] page dumped because: kasan: bad access detected [ 16.865487] [ 16.865505] Memory state around the buggy address: [ 16.865535] fff00000c4498d00: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 16.865577] fff00000c4498d80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.865835] >fff00000c4498e00: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 16.866007] ^ [ 16.866089] fff00000c4498e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.866141] fff00000c4498f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.866201] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.849774] ================================================================== [ 16.849851] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.849951] Write of size 16 at addr fff00000c4498de0 by task kunit_try_catch/166 [ 16.850003] [ 16.850037] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.850116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850143] Hardware name: linux,dummy-virt (DT) [ 16.850172] Call trace: [ 16.850194] show_stack+0x20/0x38 (C) [ 16.850757] dump_stack_lvl+0x8c/0xd0 [ 16.850822] print_report+0x118/0x608 [ 16.850869] kasan_report+0xdc/0x128 [ 16.850915] __asan_report_store16_noabort+0x20/0x30 [ 16.850964] kmalloc_oob_16+0x3a0/0x3f8 [ 16.851008] kunit_try_run_case+0x170/0x3f0 [ 16.851056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.851109] kthread+0x328/0x630 [ 16.851151] ret_from_fork+0x10/0x20 [ 16.851198] [ 16.851216] Allocated by task 166: [ 16.851243] kasan_save_stack+0x3c/0x68 [ 16.851283] kasan_save_track+0x20/0x40 [ 16.851320] kasan_save_alloc_info+0x40/0x58 [ 16.851413] __kasan_kmalloc+0xd4/0xd8 [ 16.851503] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.851635] kmalloc_oob_16+0xb4/0x3f8 [ 16.851742] kunit_try_run_case+0x170/0x3f0 [ 16.851780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.852239] kthread+0x328/0x630 [ 16.852322] ret_from_fork+0x10/0x20 [ 16.852400] [ 16.852419] The buggy address belongs to the object at fff00000c4498de0 [ 16.852419] which belongs to the cache kmalloc-16 of size 16 [ 16.852673] The buggy address is located 0 bytes inside of [ 16.852673] allocated 13-byte region [fff00000c4498de0, fff00000c4498ded) [ 16.852868] [ 16.852947] The buggy address belongs to the physical page: [ 16.853010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 16.853089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.853137] page_type: f5(slab) [ 16.853237] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.853445] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.853484] page dumped because: kasan: bad access detected [ 16.853526] [ 16.853544] Memory state around the buggy address: [ 16.853573] fff00000c4498c80: 00 06 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.853713] fff00000c4498d00: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 16.853795] >fff00000c4498d80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 16.853844] ^ [ 16.853882] fff00000c4498e00: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.853922] fff00000c4498e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.853958] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.836151] ================================================================== [ 16.836243] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.836293] Read of size 1 at addr fff00000c1d25000 by task kunit_try_catch/164 [ 16.836377] [ 16.836441] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.836521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.836546] Hardware name: linux,dummy-virt (DT) [ 16.836591] Call trace: [ 16.836637] show_stack+0x20/0x38 (C) [ 16.836933] dump_stack_lvl+0x8c/0xd0 [ 16.837046] print_report+0x118/0x608 [ 16.837101] kasan_report+0xdc/0x128 [ 16.837148] __asan_report_load1_noabort+0x20/0x30 [ 16.837200] krealloc_uaf+0x4c8/0x520 [ 16.837331] kunit_try_run_case+0x170/0x3f0 [ 16.837424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.837569] kthread+0x328/0x630 [ 16.837664] ret_from_fork+0x10/0x20 [ 16.837747] [ 16.837766] Allocated by task 164: [ 16.837792] kasan_save_stack+0x3c/0x68 [ 16.837936] kasan_save_track+0x20/0x40 [ 16.838085] kasan_save_alloc_info+0x40/0x58 [ 16.838198] __kasan_kmalloc+0xd4/0xd8 [ 16.838257] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.838406] krealloc_uaf+0xc8/0x520 [ 16.838444] kunit_try_run_case+0x170/0x3f0 [ 16.838483] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838526] kthread+0x328/0x630 [ 16.838580] ret_from_fork+0x10/0x20 [ 16.838615] [ 16.838634] Freed by task 164: [ 16.838663] kasan_save_stack+0x3c/0x68 [ 16.838702] kasan_save_track+0x20/0x40 [ 16.838860] kasan_save_free_info+0x4c/0x78 [ 16.838980] __kasan_slab_free+0x6c/0x98 [ 16.839077] kfree+0x214/0x3c8 [ 16.839213] krealloc_uaf+0x12c/0x520 [ 16.839322] kunit_try_run_case+0x170/0x3f0 [ 16.839432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.839516] kthread+0x328/0x630 [ 16.839834] ret_from_fork+0x10/0x20 [ 16.840016] [ 16.840174] The buggy address belongs to the object at fff00000c1d25000 [ 16.840174] which belongs to the cache kmalloc-256 of size 256 [ 16.840253] The buggy address is located 0 bytes inside of [ 16.840253] freed 256-byte region [fff00000c1d25000, fff00000c1d25100) [ 16.840484] [ 16.840742] The buggy address belongs to the physical page: [ 16.840779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.840901] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.840947] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.841231] page_type: f5(slab) [ 16.841335] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.841430] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.841528] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.841632] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.841680] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.842047] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.842137] page dumped because: kasan: bad access detected [ 16.842255] [ 16.842316] Memory state around the buggy address: [ 16.842419] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842526] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842567] >fff00000c1d25000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.842603] ^ [ 16.842629] fff00000c1d25080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.842685] fff00000c1d25100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842721] ================================================================== [ 16.828096] ================================================================== [ 16.828179] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.828238] Read of size 1 at addr fff00000c1d25000 by task kunit_try_catch/164 [ 16.828286] [ 16.828321] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.828416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.828442] Hardware name: linux,dummy-virt (DT) [ 16.828472] Call trace: [ 16.828752] show_stack+0x20/0x38 (C) [ 16.828818] dump_stack_lvl+0x8c/0xd0 [ 16.828867] print_report+0x118/0x608 [ 16.828913] kasan_report+0xdc/0x128 [ 16.828958] __kasan_check_byte+0x54/0x70 [ 16.829004] krealloc_noprof+0x44/0x360 [ 16.829051] krealloc_uaf+0x180/0x520 [ 16.829530] kunit_try_run_case+0x170/0x3f0 [ 16.829708] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.829771] kthread+0x328/0x630 [ 16.829813] ret_from_fork+0x10/0x20 [ 16.829886] [ 16.829974] Allocated by task 164: [ 16.830037] kasan_save_stack+0x3c/0x68 [ 16.830079] kasan_save_track+0x20/0x40 [ 16.830116] kasan_save_alloc_info+0x40/0x58 [ 16.830155] __kasan_kmalloc+0xd4/0xd8 [ 16.830191] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.830421] krealloc_uaf+0xc8/0x520 [ 16.830693] kunit_try_run_case+0x170/0x3f0 [ 16.830733] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.830913] kthread+0x328/0x630 [ 16.831009] ret_from_fork+0x10/0x20 [ 16.831125] [ 16.831145] Freed by task 164: [ 16.831227] kasan_save_stack+0x3c/0x68 [ 16.831307] kasan_save_track+0x20/0x40 [ 16.831394] kasan_save_free_info+0x4c/0x78 [ 16.831519] __kasan_slab_free+0x6c/0x98 [ 16.831627] kfree+0x214/0x3c8 [ 16.831745] krealloc_uaf+0x12c/0x520 [ 16.831792] kunit_try_run_case+0x170/0x3f0 [ 16.831829] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.831873] kthread+0x328/0x630 [ 16.831905] ret_from_fork+0x10/0x20 [ 16.831940] [ 16.832100] The buggy address belongs to the object at fff00000c1d25000 [ 16.832100] which belongs to the cache kmalloc-256 of size 256 [ 16.832323] The buggy address is located 0 bytes inside of [ 16.832323] freed 256-byte region [fff00000c1d25000, fff00000c1d25100) [ 16.832554] [ 16.832633] The buggy address belongs to the physical page: [ 16.832755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.832822] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.832931] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.833021] page_type: f5(slab) [ 16.833128] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.833240] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.833365] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.833482] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.833612] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.833677] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.833715] page dumped because: kasan: bad access detected [ 16.833744] [ 16.833762] Memory state around the buggy address: [ 16.834035] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.834161] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.834308] >fff00000c1d25000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.834405] ^ [ 16.834433] fff00000c1d25080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.834473] fff00000c1d25100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.834558] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.775872] ================================================================== [ 16.775922] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.776088] Write of size 1 at addr fff00000c1d24eeb by task kunit_try_catch/158 [ 16.776152] [ 16.776183] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.776288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.776314] Hardware name: linux,dummy-virt (DT) [ 16.776355] Call trace: [ 16.776377] show_stack+0x20/0x38 (C) [ 16.776559] dump_stack_lvl+0x8c/0xd0 [ 16.776609] print_report+0x118/0x608 [ 16.776655] kasan_report+0xdc/0x128 [ 16.776700] __asan_report_store1_noabort+0x20/0x30 [ 16.776804] krealloc_less_oob_helper+0xa58/0xc50 [ 16.776880] krealloc_less_oob+0x20/0x38 [ 16.776954] kunit_try_run_case+0x170/0x3f0 [ 16.777011] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.777065] kthread+0x328/0x630 [ 16.777138] ret_from_fork+0x10/0x20 [ 16.777214] [ 16.777232] Allocated by task 158: [ 16.777267] kasan_save_stack+0x3c/0x68 [ 16.777308] kasan_save_track+0x20/0x40 [ 16.777357] kasan_save_alloc_info+0x40/0x58 [ 16.777585] __kasan_krealloc+0x118/0x178 [ 16.777653] krealloc_noprof+0x128/0x360 [ 16.777709] krealloc_less_oob_helper+0x168/0xc50 [ 16.777767] krealloc_less_oob+0x20/0x38 [ 16.777803] kunit_try_run_case+0x170/0x3f0 [ 16.777860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.778063] kthread+0x328/0x630 [ 16.778138] ret_from_fork+0x10/0x20 [ 16.778267] [ 16.778290] The buggy address belongs to the object at fff00000c1d24e00 [ 16.778290] which belongs to the cache kmalloc-256 of size 256 [ 16.778411] The buggy address is located 34 bytes to the right of [ 16.778411] allocated 201-byte region [fff00000c1d24e00, fff00000c1d24ec9) [ 16.778483] [ 16.778503] The buggy address belongs to the physical page: [ 16.778532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.778583] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.778630] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.778678] page_type: f5(slab) [ 16.778714] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.778764] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.778813] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.779047] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.779192] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.779287] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.779445] page dumped because: kasan: bad access detected [ 16.779563] [ 16.779668] Memory state around the buggy address: [ 16.779748] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.779842] fff00000c1d24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.779884] >fff00000c1d24e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.780124] ^ [ 16.780181] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780754] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780805] ================================================================== [ 16.802568] ================================================================== [ 16.802623] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.802851] Write of size 1 at addr fff00000c78aa0c9 by task kunit_try_catch/162 [ 16.802925] [ 16.802962] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.803040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.803065] Hardware name: linux,dummy-virt (DT) [ 16.803095] Call trace: [ 16.803117] show_stack+0x20/0x38 (C) [ 16.803167] dump_stack_lvl+0x8c/0xd0 [ 16.803389] print_report+0x118/0x608 [ 16.803504] kasan_report+0xdc/0x128 [ 16.803589] __asan_report_store1_noabort+0x20/0x30 [ 16.803642] krealloc_less_oob_helper+0xa48/0xc50 [ 16.803716] krealloc_large_less_oob+0x20/0x38 [ 16.803788] kunit_try_run_case+0x170/0x3f0 [ 16.803866] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.803950] kthread+0x328/0x630 [ 16.804004] ret_from_fork+0x10/0x20 [ 16.804070] [ 16.804118] The buggy address belongs to the physical page: [ 16.804355] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.804522] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.804574] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.804670] page_type: f8(unknown) [ 16.804736] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.804809] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.804894] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.804949] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.805004] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.805052] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.805090] page dumped because: kasan: bad access detected [ 16.805119] [ 16.805136] Memory state around the buggy address: [ 16.805171] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.805363] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.805478] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.805557] ^ [ 16.805619] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.805686] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.805724] ================================================================== [ 16.769776] ================================================================== [ 16.769846] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.770166] Write of size 1 at addr fff00000c1d24eea by task kunit_try_catch/158 [ 16.770330] [ 16.770464] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.770607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.770656] Hardware name: linux,dummy-virt (DT) [ 16.770766] Call trace: [ 16.770805] show_stack+0x20/0x38 (C) [ 16.770855] dump_stack_lvl+0x8c/0xd0 [ 16.770901] print_report+0x118/0x608 [ 16.770947] kasan_report+0xdc/0x128 [ 16.771122] __asan_report_store1_noabort+0x20/0x30 [ 16.771442] krealloc_less_oob_helper+0xae4/0xc50 [ 16.771642] krealloc_less_oob+0x20/0x38 [ 16.771811] kunit_try_run_case+0x170/0x3f0 [ 16.771898] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.771976] kthread+0x328/0x630 [ 16.772212] ret_from_fork+0x10/0x20 [ 16.772319] [ 16.772346] Allocated by task 158: [ 16.772373] kasan_save_stack+0x3c/0x68 [ 16.772621] kasan_save_track+0x20/0x40 [ 16.772717] kasan_save_alloc_info+0x40/0x58 [ 16.772835] __kasan_krealloc+0x118/0x178 [ 16.772970] krealloc_noprof+0x128/0x360 [ 16.773057] krealloc_less_oob_helper+0x168/0xc50 [ 16.773167] krealloc_less_oob+0x20/0x38 [ 16.773203] kunit_try_run_case+0x170/0x3f0 [ 16.773276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.773623] kthread+0x328/0x630 [ 16.773794] ret_from_fork+0x10/0x20 [ 16.773907] [ 16.774040] The buggy address belongs to the object at fff00000c1d24e00 [ 16.774040] which belongs to the cache kmalloc-256 of size 256 [ 16.774110] The buggy address is located 33 bytes to the right of [ 16.774110] allocated 201-byte region [fff00000c1d24e00, fff00000c1d24ec9) [ 16.774171] [ 16.774190] The buggy address belongs to the physical page: [ 16.774225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.774286] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.774330] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.774401] page_type: f5(slab) [ 16.774449] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.774497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.774545] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.774602] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.774649] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.774706] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.774745] page dumped because: kasan: bad access detected [ 16.774774] [ 16.774791] Memory state around the buggy address: [ 16.774829] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.774870] fff00000c1d24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.774919] >fff00000c1d24e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.774970] ^ [ 16.775006] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775074] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775119] ================================================================== [ 16.813982] ================================================================== [ 16.814016] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.814059] Write of size 1 at addr fff00000c78aa0ea by task kunit_try_catch/162 [ 16.814105] [ 16.814133] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.814208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.814257] Hardware name: linux,dummy-virt (DT) [ 16.814288] Call trace: [ 16.814308] show_stack+0x20/0x38 (C) [ 16.814368] dump_stack_lvl+0x8c/0xd0 [ 16.814414] print_report+0x118/0x608 [ 16.814606] kasan_report+0xdc/0x128 [ 16.814796] __asan_report_store1_noabort+0x20/0x30 [ 16.814879] krealloc_less_oob_helper+0xae4/0xc50 [ 16.814968] krealloc_large_less_oob+0x20/0x38 [ 16.815054] kunit_try_run_case+0x170/0x3f0 [ 16.815164] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.815283] kthread+0x328/0x630 [ 16.815432] ret_from_fork+0x10/0x20 [ 16.815499] [ 16.815518] The buggy address belongs to the physical page: [ 16.815546] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.815596] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.815641] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.815909] page_type: f8(unknown) [ 16.816018] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.816066] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.816157] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.816225] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.816298] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.816449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.816556] page dumped because: kasan: bad access detected [ 16.816691] [ 16.816741] Memory state around the buggy address: [ 16.816793] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.816834] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.816903] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.816959] ^ [ 16.816996] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.817039] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.817074] ================================================================== [ 16.811468] ================================================================== [ 16.811541] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.811613] Write of size 1 at addr fff00000c78aa0da by task kunit_try_catch/162 [ 16.811688] [ 16.811717] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.811795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812051] Hardware name: linux,dummy-virt (DT) [ 16.812092] Call trace: [ 16.812194] show_stack+0x20/0x38 (C) [ 16.812248] dump_stack_lvl+0x8c/0xd0 [ 16.812304] print_report+0x118/0x608 [ 16.812363] kasan_report+0xdc/0x128 [ 16.812619] __asan_report_store1_noabort+0x20/0x30 [ 16.812717] krealloc_less_oob_helper+0xa80/0xc50 [ 16.812821] krealloc_large_less_oob+0x20/0x38 [ 16.812894] kunit_try_run_case+0x170/0x3f0 [ 16.812944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.812996] kthread+0x328/0x630 [ 16.813038] ret_from_fork+0x10/0x20 [ 16.813084] [ 16.813103] The buggy address belongs to the physical page: [ 16.813151] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.813202] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.813246] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.813294] page_type: f8(unknown) [ 16.813331] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.813399] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.813447] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.813493] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.813540] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.813587] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.813625] page dumped because: kasan: bad access detected [ 16.813653] [ 16.813672] Memory state around the buggy address: [ 16.813701] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.813741] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.813781] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.813816] ^ [ 16.813851] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.813891] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.813933] ================================================================== [ 16.760586] ================================================================== [ 16.760661] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.760710] Write of size 1 at addr fff00000c1d24ed0 by task kunit_try_catch/158 [ 16.760758] [ 16.760788] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.760866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.760896] Hardware name: linux,dummy-virt (DT) [ 16.760936] Call trace: [ 16.760958] show_stack+0x20/0x38 (C) [ 16.761006] dump_stack_lvl+0x8c/0xd0 [ 16.761053] print_report+0x118/0x608 [ 16.761099] kasan_report+0xdc/0x128 [ 16.761150] __asan_report_store1_noabort+0x20/0x30 [ 16.761202] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.761258] krealloc_less_oob+0x20/0x38 [ 16.761311] kunit_try_run_case+0x170/0x3f0 [ 16.761380] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.761442] kthread+0x328/0x630 [ 16.761483] ret_from_fork+0x10/0x20 [ 16.761529] [ 16.761552] Allocated by task 158: [ 16.761578] kasan_save_stack+0x3c/0x68 [ 16.761617] kasan_save_track+0x20/0x40 [ 16.761653] kasan_save_alloc_info+0x40/0x58 [ 16.761692] __kasan_krealloc+0x118/0x178 [ 16.761729] krealloc_noprof+0x128/0x360 [ 16.761770] krealloc_less_oob_helper+0x168/0xc50 [ 16.761810] krealloc_less_oob+0x20/0x38 [ 16.761851] kunit_try_run_case+0x170/0x3f0 [ 16.761888] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.761961] kthread+0x328/0x630 [ 16.761993] ret_from_fork+0x10/0x20 [ 16.762027] [ 16.762045] The buggy address belongs to the object at fff00000c1d24e00 [ 16.762045] which belongs to the cache kmalloc-256 of size 256 [ 16.762099] The buggy address is located 7 bytes to the right of [ 16.762099] allocated 201-byte region [fff00000c1d24e00, fff00000c1d24ec9) [ 16.762159] [ 16.762204] The buggy address belongs to the physical page: [ 16.762235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.762285] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.762358] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.762409] page_type: f5(slab) [ 16.762444] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.762492] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.762539] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.762586] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.762633] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.762680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.762717] page dumped because: kasan: bad access detected [ 16.762747] [ 16.762764] Memory state around the buggy address: [ 16.762793] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.762864] fff00000c1d24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.762953] >fff00000c1d24e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.763012] ^ [ 16.763064] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763144] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763256] ================================================================== [ 16.805852] ================================================================== [ 16.805940] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.806479] Write of size 1 at addr fff00000c78aa0d0 by task kunit_try_catch/162 [ 16.806554] [ 16.806597] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.806693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.806727] Hardware name: linux,dummy-virt (DT) [ 16.806755] Call trace: [ 16.806775] show_stack+0x20/0x38 (C) [ 16.806824] dump_stack_lvl+0x8c/0xd0 [ 16.806890] print_report+0x118/0x608 [ 16.806938] kasan_report+0xdc/0x128 [ 16.806983] __asan_report_store1_noabort+0x20/0x30 [ 16.807160] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.807217] krealloc_large_less_oob+0x20/0x38 [ 16.807265] kunit_try_run_case+0x170/0x3f0 [ 16.807490] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.807658] kthread+0x328/0x630 [ 16.807804] ret_from_fork+0x10/0x20 [ 16.807913] [ 16.808030] The buggy address belongs to the physical page: [ 16.808085] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.808135] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.808196] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.808542] page_type: f8(unknown) [ 16.808685] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.808802] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.808914] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.808994] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.809128] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.809256] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.809397] page dumped because: kasan: bad access detected [ 16.809428] [ 16.809445] Memory state around the buggy address: [ 16.809533] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.809856] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.810113] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.810206] ^ [ 16.810313] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.810378] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.810416] ================================================================== [ 16.754555] ================================================================== [ 16.754733] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.754811] Write of size 1 at addr fff00000c1d24ec9 by task kunit_try_catch/158 [ 16.754883] [ 16.754923] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.755007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.755033] Hardware name: linux,dummy-virt (DT) [ 16.755201] Call trace: [ 16.755317] show_stack+0x20/0x38 (C) [ 16.755526] dump_stack_lvl+0x8c/0xd0 [ 16.755620] print_report+0x118/0x608 [ 16.755742] kasan_report+0xdc/0x128 [ 16.755836] __asan_report_store1_noabort+0x20/0x30 [ 16.755889] krealloc_less_oob_helper+0xa48/0xc50 [ 16.756248] krealloc_less_oob+0x20/0x38 [ 16.756411] kunit_try_run_case+0x170/0x3f0 [ 16.756579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.756635] kthread+0x328/0x630 [ 16.756678] ret_from_fork+0x10/0x20 [ 16.756728] [ 16.756746] Allocated by task 158: [ 16.756773] kasan_save_stack+0x3c/0x68 [ 16.756963] kasan_save_track+0x20/0x40 [ 16.757042] kasan_save_alloc_info+0x40/0x58 [ 16.757156] __kasan_krealloc+0x118/0x178 [ 16.757204] krealloc_noprof+0x128/0x360 [ 16.757241] krealloc_less_oob_helper+0x168/0xc50 [ 16.757280] krealloc_less_oob+0x20/0x38 [ 16.757315] kunit_try_run_case+0x170/0x3f0 [ 16.757499] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.757603] kthread+0x328/0x630 [ 16.757683] ret_from_fork+0x10/0x20 [ 16.757731] [ 16.757750] The buggy address belongs to the object at fff00000c1d24e00 [ 16.757750] which belongs to the cache kmalloc-256 of size 256 [ 16.757807] The buggy address is located 0 bytes to the right of [ 16.757807] allocated 201-byte region [fff00000c1d24e00, fff00000c1d24ec9) [ 16.757868] [ 16.757891] The buggy address belongs to the physical page: [ 16.757952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.758009] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.758173] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.758290] page_type: f5(slab) [ 16.758365] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.758436] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.758486] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.758533] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.758580] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.758743] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.758809] page dumped because: kasan: bad access detected [ 16.758918] [ 16.759021] Memory state around the buggy address: [ 16.759063] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759143] fff00000c1d24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.759214] >fff00000c1d24e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.759251] ^ [ 16.759285] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759363] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.759556] ================================================================== [ 16.817534] ================================================================== [ 16.817578] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.817693] Write of size 1 at addr fff00000c78aa0eb by task kunit_try_catch/162 [ 16.817779] [ 16.817817] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.817927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.818061] Hardware name: linux,dummy-virt (DT) [ 16.818169] Call trace: [ 16.818315] show_stack+0x20/0x38 (C) [ 16.818390] dump_stack_lvl+0x8c/0xd0 [ 16.818537] print_report+0x118/0x608 [ 16.818753] kasan_report+0xdc/0x128 [ 16.818949] __asan_report_store1_noabort+0x20/0x30 [ 16.819036] krealloc_less_oob_helper+0xa58/0xc50 [ 16.819130] krealloc_large_less_oob+0x20/0x38 [ 16.819252] kunit_try_run_case+0x170/0x3f0 [ 16.819443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.819529] kthread+0x328/0x630 [ 16.819641] ret_from_fork+0x10/0x20 [ 16.819901] [ 16.819924] The buggy address belongs to the physical page: [ 16.819954] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.820415] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.820578] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.820663] page_type: f8(unknown) [ 16.820716] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.820869] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.821201] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.821272] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.821416] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.821552] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.821707] page dumped because: kasan: bad access detected [ 16.821797] [ 16.821947] Memory state around the buggy address: [ 16.821990] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.822031] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.822072] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.822108] ^ [ 16.822146] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.822186] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.822625] ================================================================== [ 16.764211] ================================================================== [ 16.764405] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.764461] Write of size 1 at addr fff00000c1d24eda by task kunit_try_catch/158 [ 16.764605] [ 16.764664] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.764743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.764786] Hardware name: linux,dummy-virt (DT) [ 16.764815] Call trace: [ 16.764836] show_stack+0x20/0x38 (C) [ 16.764901] dump_stack_lvl+0x8c/0xd0 [ 16.764948] print_report+0x118/0x608 [ 16.764993] kasan_report+0xdc/0x128 [ 16.765234] __asan_report_store1_noabort+0x20/0x30 [ 16.765298] krealloc_less_oob_helper+0xa80/0xc50 [ 16.765379] krealloc_less_oob+0x20/0x38 [ 16.765444] kunit_try_run_case+0x170/0x3f0 [ 16.765510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.765569] kthread+0x328/0x630 [ 16.765637] ret_from_fork+0x10/0x20 [ 16.765731] [ 16.765779] Allocated by task 158: [ 16.765807] kasan_save_stack+0x3c/0x68 [ 16.765873] kasan_save_track+0x20/0x40 [ 16.766026] kasan_save_alloc_info+0x40/0x58 [ 16.766136] __kasan_krealloc+0x118/0x178 [ 16.766175] krealloc_noprof+0x128/0x360 [ 16.766211] krealloc_less_oob_helper+0x168/0xc50 [ 16.766250] krealloc_less_oob+0x20/0x38 [ 16.766285] kunit_try_run_case+0x170/0x3f0 [ 16.766322] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.766431] kthread+0x328/0x630 [ 16.766474] ret_from_fork+0x10/0x20 [ 16.766509] [ 16.766527] The buggy address belongs to the object at fff00000c1d24e00 [ 16.766527] which belongs to the cache kmalloc-256 of size 256 [ 16.766589] The buggy address is located 17 bytes to the right of [ 16.766589] allocated 201-byte region [fff00000c1d24e00, fff00000c1d24ec9) [ 16.766691] [ 16.766769] The buggy address belongs to the physical page: [ 16.766824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.766921] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.766998] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.767085] page_type: f5(slab) [ 16.767202] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.767328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.767455] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.767567] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.767617] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.767936] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.768073] page dumped because: kasan: bad access detected [ 16.768151] [ 16.768189] Memory state around the buggy address: [ 16.768218] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.768383] fff00000c1d24e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.768646] >fff00000c1d24e80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.768724] ^ [ 16.768807] fff00000c1d24f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.768893] fff00000c1d24f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.768940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.787815] ================================================================== [ 16.787874] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.787970] Write of size 1 at addr fff00000c78aa0eb by task kunit_try_catch/160 [ 16.788019] [ 16.788076] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.788164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.788459] Hardware name: linux,dummy-virt (DT) [ 16.788560] Call trace: [ 16.788598] show_stack+0x20/0x38 (C) [ 16.788709] dump_stack_lvl+0x8c/0xd0 [ 16.788759] print_report+0x118/0x608 [ 16.788806] kasan_report+0xdc/0x128 [ 16.788851] __asan_report_store1_noabort+0x20/0x30 [ 16.789062] krealloc_more_oob_helper+0x60c/0x678 [ 16.789155] krealloc_large_more_oob+0x20/0x38 [ 16.789205] kunit_try_run_case+0x170/0x3f0 [ 16.789260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.789313] kthread+0x328/0x630 [ 16.789367] ret_from_fork+0x10/0x20 [ 16.789415] [ 16.789436] The buggy address belongs to the physical page: [ 16.789466] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.789647] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.789714] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.789767] page_type: f8(unknown) [ 16.790005] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.790065] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.790114] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.790161] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.790498] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.790654] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.790751] page dumped because: kasan: bad access detected [ 16.790915] [ 16.790974] Memory state around the buggy address: [ 16.791007] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.791330] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.791444] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.791535] ^ [ 16.791680] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.791780] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.791817] ================================================================== [ 16.792908] ================================================================== [ 16.792953] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.793028] Write of size 1 at addr fff00000c78aa0f0 by task kunit_try_catch/160 [ 16.793112] [ 16.793159] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.793237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.793262] Hardware name: linux,dummy-virt (DT) [ 16.793500] Call trace: [ 16.793529] show_stack+0x20/0x38 (C) [ 16.793578] dump_stack_lvl+0x8c/0xd0 [ 16.793625] print_report+0x118/0x608 [ 16.793671] kasan_report+0xdc/0x128 [ 16.793716] __asan_report_store1_noabort+0x20/0x30 [ 16.793767] krealloc_more_oob_helper+0x5c0/0x678 [ 16.793815] krealloc_large_more_oob+0x20/0x38 [ 16.793863] kunit_try_run_case+0x170/0x3f0 [ 16.793918] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.794063] kthread+0x328/0x630 [ 16.794115] ret_from_fork+0x10/0x20 [ 16.794164] [ 16.794183] The buggy address belongs to the physical page: [ 16.794475] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a8 [ 16.794573] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.794663] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.794714] page_type: f8(unknown) [ 16.794750] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.794991] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.795091] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.795196] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.795243] head: 0bfffe0000000002 ffffc1ffc31e2a01 00000000ffffffff 00000000ffffffff [ 16.795571] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.795735] page dumped because: kasan: bad access detected [ 16.795826] [ 16.795871] Memory state around the buggy address: [ 16.795902] fff00000c78a9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.795980] fff00000c78aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.796320] >fff00000c78aa080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.796424] ^ [ 16.796512] fff00000c78aa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.796578] fff00000c78aa180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.796871] ================================================================== [ 16.683465] ================================================================== [ 16.683529] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.683726] Write of size 1 at addr fff00000c1d24ceb by task kunit_try_catch/156 [ 16.683783] [ 16.683824] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.683906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.683932] Hardware name: linux,dummy-virt (DT) [ 16.683963] Call trace: [ 16.683986] show_stack+0x20/0x38 (C) [ 16.684037] dump_stack_lvl+0x8c/0xd0 [ 16.684087] print_report+0x118/0x608 [ 16.684133] kasan_report+0xdc/0x128 [ 16.684178] __asan_report_store1_noabort+0x20/0x30 [ 16.684368] krealloc_more_oob_helper+0x60c/0x678 [ 16.684689] krealloc_more_oob+0x20/0x38 [ 16.685067] kunit_try_run_case+0x170/0x3f0 [ 16.685118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.685948] kthread+0x328/0x630 [ 16.686062] ret_from_fork+0x10/0x20 [ 16.686199] [ 16.686284] Allocated by task 156: [ 16.686319] kasan_save_stack+0x3c/0x68 [ 16.687175] kasan_save_track+0x20/0x40 [ 16.687224] kasan_save_alloc_info+0x40/0x58 [ 16.687263] __kasan_krealloc+0x118/0x178 [ 16.687303] krealloc_noprof+0x128/0x360 [ 16.687361] krealloc_more_oob_helper+0x168/0x678 [ 16.687405] krealloc_more_oob+0x20/0x38 [ 16.687442] kunit_try_run_case+0x170/0x3f0 [ 16.687480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.687522] kthread+0x328/0x630 [ 16.687554] ret_from_fork+0x10/0x20 [ 16.687589] [ 16.687609] The buggy address belongs to the object at fff00000c1d24c00 [ 16.687609] which belongs to the cache kmalloc-256 of size 256 [ 16.687665] The buggy address is located 0 bytes to the right of [ 16.687665] allocated 235-byte region [fff00000c1d24c00, fff00000c1d24ceb) [ 16.687726] [ 16.688631] The buggy address belongs to the physical page: [ 16.688717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.689471] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.689813] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.689874] page_type: f5(slab) [ 16.690537] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.690759] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.691549] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.692038] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.692248] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.692835] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.693525] page dumped because: kasan: bad access detected [ 16.693918] [ 16.694174] Memory state around the buggy address: [ 16.694327] fff00000c1d24b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.694387] fff00000c1d24c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.694428] >fff00000c1d24c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.694464] ^ [ 16.695051] fff00000c1d24d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.695112] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.695934] ================================================================== [ 16.697376] ================================================================== [ 16.699207] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.699747] Write of size 1 at addr fff00000c1d24cf0 by task kunit_try_catch/156 [ 16.699865] [ 16.699900] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.700836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.700925] Hardware name: linux,dummy-virt (DT) [ 16.701799] Call trace: [ 16.702047] show_stack+0x20/0x38 (C) [ 16.702106] dump_stack_lvl+0x8c/0xd0 [ 16.702158] print_report+0x118/0x608 [ 16.702205] kasan_report+0xdc/0x128 [ 16.702251] __asan_report_store1_noabort+0x20/0x30 [ 16.702302] krealloc_more_oob_helper+0x5c0/0x678 [ 16.702362] krealloc_more_oob+0x20/0x38 [ 16.702408] kunit_try_run_case+0x170/0x3f0 [ 16.702457] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.702510] kthread+0x328/0x630 [ 16.702552] ret_from_fork+0x10/0x20 [ 16.702599] [ 16.702617] Allocated by task 156: [ 16.704411] kasan_save_stack+0x3c/0x68 [ 16.705313] kasan_save_track+0x20/0x40 [ 16.706059] kasan_save_alloc_info+0x40/0x58 [ 16.706609] __kasan_krealloc+0x118/0x178 [ 16.706649] krealloc_noprof+0x128/0x360 [ 16.707362] krealloc_more_oob_helper+0x168/0x678 [ 16.707478] krealloc_more_oob+0x20/0x38 [ 16.707538] kunit_try_run_case+0x170/0x3f0 [ 16.707576] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.707622] kthread+0x328/0x630 [ 16.707655] ret_from_fork+0x10/0x20 [ 16.707690] [ 16.707709] The buggy address belongs to the object at fff00000c1d24c00 [ 16.707709] which belongs to the cache kmalloc-256 of size 256 [ 16.707765] The buggy address is located 5 bytes to the right of [ 16.707765] allocated 235-byte region [fff00000c1d24c00, fff00000c1d24ceb) [ 16.708932] [ 16.709701] The buggy address belongs to the physical page: [ 16.710001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d24 [ 16.710257] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.710325] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.710864] page_type: f5(slab) [ 16.710956] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.711017] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.711272] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.711324] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.711382] head: 0bfffe0000000001 ffffc1ffc3074901 00000000ffffffff 00000000ffffffff [ 16.711433] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.712293] page dumped because: kasan: bad access detected [ 16.712633] [ 16.712993] Memory state around the buggy address: [ 16.713716] fff00000c1d24b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.713814] fff00000c1d24c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.714286] >fff00000c1d24c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.714367] ^ [ 16.714409] fff00000c1d24d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715351] fff00000c1d24d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.656116] ================================================================== [ 16.656176] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.656241] Read of size 1 at addr fff00000c78c0000 by task kunit_try_catch/154 [ 16.656291] [ 16.656331] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.656427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.656453] Hardware name: linux,dummy-virt (DT) [ 16.656487] Call trace: [ 16.656511] show_stack+0x20/0x38 (C) [ 16.656563] dump_stack_lvl+0x8c/0xd0 [ 16.656613] print_report+0x118/0x608 [ 16.656660] kasan_report+0xdc/0x128 [ 16.657731] __asan_report_load1_noabort+0x20/0x30 [ 16.658698] page_alloc_uaf+0x328/0x350 [ 16.658771] kunit_try_run_case+0x170/0x3f0 [ 16.658826] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.658952] kthread+0x328/0x630 [ 16.658998] ret_from_fork+0x10/0x20 [ 16.659144] [ 16.659167] The buggy address belongs to the physical page: [ 16.659428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0 [ 16.659685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.659741] page_type: f0(buddy) [ 16.659782] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 16.660496] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 16.660574] page dumped because: kasan: bad access detected [ 16.660605] [ 16.660624] Memory state around the buggy address: [ 16.660710] fff00000c78bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.660796] fff00000c78bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.661012] >fff00000c78c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.661050] ^ [ 16.661079] fff00000c78c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.661413] fff00000c78c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.661713] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.613581] ================================================================== [ 16.613865] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.614291] Free of addr fff00000c78a0001 by task kunit_try_catch/150 [ 16.614945] [ 16.615063] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.615152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.615178] Hardware name: linux,dummy-virt (DT) [ 16.615209] Call trace: [ 16.615232] show_stack+0x20/0x38 (C) [ 16.615285] dump_stack_lvl+0x8c/0xd0 [ 16.615332] print_report+0x118/0x608 [ 16.615390] kasan_report_invalid_free+0xc0/0xe8 [ 16.615443] __kasan_kfree_large+0x5c/0xa8 [ 16.615489] free_large_kmalloc+0x64/0x190 [ 16.615534] kfree+0x270/0x3c8 [ 16.615575] kmalloc_large_invalid_free+0x108/0x270 [ 16.615623] kunit_try_run_case+0x170/0x3f0 [ 16.615671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.615723] kthread+0x328/0x630 [ 16.615765] ret_from_fork+0x10/0x20 [ 16.615811] [ 16.615832] The buggy address belongs to the physical page: [ 16.615864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 16.616488] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.617211] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.617514] page_type: f8(unknown) [ 16.617564] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618001] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618277] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618366] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618416] head: 0bfffe0000000002 ffffc1ffc31e2801 00000000ffffffff 00000000ffffffff [ 16.618463] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.619119] page dumped because: kasan: bad access detected [ 16.619233] [ 16.619528] Memory state around the buggy address: [ 16.619597] fff00000c789ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.619889] fff00000c789ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.620119] >fff00000c78a0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.620237] ^ [ 16.620268] fff00000c78a0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.620474] fff00000c78a0100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.620956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.589454] ================================================================== [ 16.589883] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.590261] Read of size 1 at addr fff00000c78a0000 by task kunit_try_catch/148 [ 16.590325] [ 16.590375] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.590457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.590484] Hardware name: linux,dummy-virt (DT) [ 16.590514] Call trace: [ 16.590538] show_stack+0x20/0x38 (C) [ 16.590588] dump_stack_lvl+0x8c/0xd0 [ 16.590636] print_report+0x118/0x608 [ 16.590682] kasan_report+0xdc/0x128 [ 16.590727] __asan_report_load1_noabort+0x20/0x30 [ 16.590777] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.590822] kunit_try_run_case+0x170/0x3f0 [ 16.590870] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.590923] kthread+0x328/0x630 [ 16.590965] ret_from_fork+0x10/0x20 [ 16.591367] [ 16.591799] The buggy address belongs to the physical page: [ 16.591837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 16.592448] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.592815] raw: 0bfffe0000000000 ffffc1ffc31e2908 fff00000da479c40 0000000000000000 [ 16.593057] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.593324] page dumped because: kasan: bad access detected [ 16.593569] [ 16.593588] Memory state around the buggy address: [ 16.593852] fff00000c789ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.593939] fff00000c789ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.593981] >fff00000c78a0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.594170] ^ [ 16.594359] fff00000c78a0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.594563] fff00000c78a0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.594618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.568862] ================================================================== [ 16.568946] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.569170] Write of size 1 at addr fff00000c78a200a by task kunit_try_catch/146 [ 16.569231] [ 16.569284] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.569737] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.569764] Hardware name: linux,dummy-virt (DT) [ 16.569796] Call trace: [ 16.569820] show_stack+0x20/0x38 (C) [ 16.570104] dump_stack_lvl+0x8c/0xd0 [ 16.570188] print_report+0x118/0x608 [ 16.570244] kasan_report+0xdc/0x128 [ 16.570291] __asan_report_store1_noabort+0x20/0x30 [ 16.570880] kmalloc_large_oob_right+0x278/0x2b8 [ 16.571008] kunit_try_run_case+0x170/0x3f0 [ 16.571247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.571370] kthread+0x328/0x630 [ 16.571661] ret_from_fork+0x10/0x20 [ 16.571744] [ 16.571935] The buggy address belongs to the physical page: [ 16.571970] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078a0 [ 16.572432] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.572485] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.572552] page_type: f8(unknown) [ 16.572828] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.572978] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.573278] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.573456] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.573633] head: 0bfffe0000000002 ffffc1ffc31e2801 00000000ffffffff 00000000ffffffff [ 16.573963] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.574004] page dumped because: kasan: bad access detected [ 16.574034] [ 16.574052] Memory state around the buggy address: [ 16.574235] fff00000c78a1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.574288] fff00000c78a1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.574515] >fff00000c78a2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.574578] ^ [ 16.574607] fff00000c78a2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.574989] fff00000c78a2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.575223] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.533820] ================================================================== [ 16.533881] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.534682] Write of size 1 at addr fff00000c65adf00 by task kunit_try_catch/144 [ 16.534734] [ 16.534769] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.534850] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.534876] Hardware name: linux,dummy-virt (DT) [ 16.534905] Call trace: [ 16.534927] show_stack+0x20/0x38 (C) [ 16.535857] dump_stack_lvl+0x8c/0xd0 [ 16.536270] print_report+0x118/0x608 [ 16.536677] kasan_report+0xdc/0x128 [ 16.536799] __asan_report_store1_noabort+0x20/0x30 [ 16.537252] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.537460] kunit_try_run_case+0x170/0x3f0 [ 16.537574] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.537853] kthread+0x328/0x630 [ 16.538109] ret_from_fork+0x10/0x20 [ 16.538423] [ 16.538448] Allocated by task 144: [ 16.538486] kasan_save_stack+0x3c/0x68 [ 16.538529] kasan_save_track+0x20/0x40 [ 16.538566] kasan_save_alloc_info+0x40/0x58 [ 16.539238] __kasan_kmalloc+0xd4/0xd8 [ 16.539661] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.539942] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.539990] kunit_try_run_case+0x170/0x3f0 [ 16.540028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.540416] kthread+0x328/0x630 [ 16.540458] ret_from_fork+0x10/0x20 [ 16.540530] [ 16.540636] The buggy address belongs to the object at fff00000c65ac000 [ 16.540636] which belongs to the cache kmalloc-8k of size 8192 [ 16.541050] The buggy address is located 0 bytes to the right of [ 16.541050] allocated 7936-byte region [fff00000c65ac000, fff00000c65adf00) [ 16.541515] [ 16.541560] The buggy address belongs to the physical page: [ 16.541592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065a8 [ 16.541816] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.542004] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.542057] page_type: f5(slab) [ 16.542095] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.542519] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.542571] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.543080] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.543464] head: 0bfffe0000000003 ffffc1ffc3196a01 00000000ffffffff 00000000ffffffff [ 16.543539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.543586] page dumped because: kasan: bad access detected [ 16.544007] [ 16.544075] Memory state around the buggy address: [ 16.544109] fff00000c65ade00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.544150] fff00000c65ade80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.544192] >fff00000c65adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.544804] ^ [ 16.545022] fff00000c65adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.545163] fff00000c65ae000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.545446] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.496762] ================================================================== [ 16.496818] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.498023] Write of size 1 at addr fff00000c46ebd78 by task kunit_try_catch/142 [ 16.498591] [ 16.498729] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.499099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.499248] Hardware name: linux,dummy-virt (DT) [ 16.499466] Call trace: [ 16.499638] show_stack+0x20/0x38 (C) [ 16.499821] dump_stack_lvl+0x8c/0xd0 [ 16.500401] print_report+0x118/0x608 [ 16.500470] kasan_report+0xdc/0x128 [ 16.500701] __asan_report_store1_noabort+0x20/0x30 [ 16.501029] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.501166] kunit_try_run_case+0x170/0x3f0 [ 16.501221] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.501756] kthread+0x328/0x630 [ 16.501838] ret_from_fork+0x10/0x20 [ 16.502038] [ 16.502347] Allocated by task 142: [ 16.502529] kasan_save_stack+0x3c/0x68 [ 16.502619] kasan_save_track+0x20/0x40 [ 16.502660] kasan_save_alloc_info+0x40/0x58 [ 16.502703] __kasan_kmalloc+0xd4/0xd8 [ 16.502741] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.503440] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.503599] kunit_try_run_case+0x170/0x3f0 [ 16.503648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.503723] kthread+0x328/0x630 [ 16.504265] ret_from_fork+0x10/0x20 [ 16.504314] [ 16.504334] The buggy address belongs to the object at fff00000c46ebd00 [ 16.504334] which belongs to the cache kmalloc-128 of size 128 [ 16.504405] The buggy address is located 0 bytes to the right of [ 16.504405] allocated 120-byte region [fff00000c46ebd00, fff00000c46ebd78) [ 16.504466] [ 16.504641] The buggy address belongs to the physical page: [ 16.504933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.505317] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.505580] page_type: f5(slab) [ 16.505767] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.505919] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.506140] page dumped because: kasan: bad access detected [ 16.506333] [ 16.506372] Memory state around the buggy address: [ 16.506424] fff00000c46ebc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.506474] fff00000c46ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506515] >fff00000c46ebd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.506551] ^ [ 16.506654] fff00000c46ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506695] fff00000c46ebe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.506732] ================================================================== [ 16.508199] ================================================================== [ 16.508244] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.508296] Write of size 1 at addr fff00000c46ebe78 by task kunit_try_catch/142 [ 16.508359] [ 16.510246] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.510435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.510464] Hardware name: linux,dummy-virt (DT) [ 16.510493] Call trace: [ 16.510653] show_stack+0x20/0x38 (C) [ 16.510710] dump_stack_lvl+0x8c/0xd0 [ 16.510973] print_report+0x118/0x608 [ 16.511324] kasan_report+0xdc/0x128 [ 16.511645] __asan_report_store1_noabort+0x20/0x30 [ 16.512113] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.512800] kunit_try_run_case+0x170/0x3f0 [ 16.512862] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.512917] kthread+0x328/0x630 [ 16.512960] ret_from_fork+0x10/0x20 [ 16.513603] [ 16.513635] Allocated by task 142: [ 16.513666] kasan_save_stack+0x3c/0x68 [ 16.513895] kasan_save_track+0x20/0x40 [ 16.513953] kasan_save_alloc_info+0x40/0x58 [ 16.513994] __kasan_kmalloc+0xd4/0xd8 [ 16.514032] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.514531] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.514586] kunit_try_run_case+0x170/0x3f0 [ 16.514625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.514669] kthread+0x328/0x630 [ 16.514807] ret_from_fork+0x10/0x20 [ 16.514873] [ 16.515263] The buggy address belongs to the object at fff00000c46ebe00 [ 16.515263] which belongs to the cache kmalloc-128 of size 128 [ 16.515333] The buggy address is located 0 bytes to the right of [ 16.515333] allocated 120-byte region [fff00000c46ebe00, fff00000c46ebe78) [ 16.515410] [ 16.515430] The buggy address belongs to the physical page: [ 16.515991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.516335] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.516646] page_type: f5(slab) [ 16.516717] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.516890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.517162] page dumped because: kasan: bad access detected [ 16.517200] [ 16.517444] Memory state around the buggy address: [ 16.517480] fff00000c46ebd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.517522] fff00000c46ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517564] >fff00000c46ebe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.517601] ^ [ 16.517639] fff00000c46ebe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.517680] fff00000c46ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.518156] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.471613] ================================================================== [ 16.472002] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.472067] Read of size 1 at addr fff00000c6593000 by task kunit_try_catch/140 [ 16.472115] [ 16.472403] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.472492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.472624] Hardware name: linux,dummy-virt (DT) [ 16.472863] Call trace: [ 16.472887] show_stack+0x20/0x38 (C) [ 16.473120] dump_stack_lvl+0x8c/0xd0 [ 16.473172] print_report+0x118/0x608 [ 16.473499] kasan_report+0xdc/0x128 [ 16.473547] __asan_report_load1_noabort+0x20/0x30 [ 16.473598] kmalloc_node_oob_right+0x2f4/0x330 [ 16.473645] kunit_try_run_case+0x170/0x3f0 [ 16.473695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.474017] kthread+0x328/0x630 [ 16.474075] ret_from_fork+0x10/0x20 [ 16.474127] [ 16.474414] Allocated by task 140: [ 16.474449] kasan_save_stack+0x3c/0x68 [ 16.474492] kasan_save_track+0x20/0x40 [ 16.474528] kasan_save_alloc_info+0x40/0x58 [ 16.474630] __kasan_kmalloc+0xd4/0xd8 [ 16.474670] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.474710] kmalloc_node_oob_right+0xbc/0x330 [ 16.474748] kunit_try_run_case+0x170/0x3f0 [ 16.474934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.475008] kthread+0x328/0x630 [ 16.475232] ret_from_fork+0x10/0x20 [ 16.475287] [ 16.475307] The buggy address belongs to the object at fff00000c6592000 [ 16.475307] which belongs to the cache kmalloc-4k of size 4096 [ 16.475492] The buggy address is located 0 bytes to the right of [ 16.475492] allocated 4096-byte region [fff00000c6592000, fff00000c6593000) [ 16.475958] [ 16.476094] The buggy address belongs to the physical page: [ 16.476310] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106590 [ 16.477023] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.477176] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.477250] page_type: f5(slab) [ 16.477635] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.477906] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.477968] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.478130] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.478406] head: 0bfffe0000000003 ffffc1ffc3196401 00000000ffffffff 00000000ffffffff [ 16.478625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.478678] page dumped because: kasan: bad access detected [ 16.478708] [ 16.478725] Memory state around the buggy address: [ 16.478763] fff00000c6592f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.478805] fff00000c6592f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.478845] >fff00000c6593000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479320] ^ [ 16.479429] fff00000c6593080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479665] fff00000c6593100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.457304] ================================================================== [ 16.457493] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.457545] Read of size 1 at addr fff00000c4498dbf by task kunit_try_catch/138 [ 16.457592] [ 16.457623] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.457700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.457726] Hardware name: linux,dummy-virt (DT) [ 16.457755] Call trace: [ 16.457776] show_stack+0x20/0x38 (C) [ 16.457940] dump_stack_lvl+0x8c/0xd0 [ 16.457991] print_report+0x118/0x608 [ 16.458036] kasan_report+0xdc/0x128 [ 16.458082] __asan_report_load1_noabort+0x20/0x30 [ 16.458133] kmalloc_oob_left+0x2ec/0x320 [ 16.458178] kunit_try_run_case+0x170/0x3f0 [ 16.458226] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.458282] kthread+0x328/0x630 [ 16.458324] ret_from_fork+0x10/0x20 [ 16.458395] [ 16.458413] Allocated by task 26: [ 16.458441] kasan_save_stack+0x3c/0x68 [ 16.458480] kasan_save_track+0x20/0x40 [ 16.458516] kasan_save_alloc_info+0x40/0x58 [ 16.458555] __kasan_kmalloc+0xd4/0xd8 [ 16.458593] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.458637] kstrdup+0x54/0xc8 [ 16.458731] devtmpfs_work_loop+0x6f8/0xa58 [ 16.458871] devtmpfsd+0x50/0x58 [ 16.458945] kthread+0x328/0x630 [ 16.459051] ret_from_fork+0x10/0x20 [ 16.459087] [ 16.459117] Freed by task 26: [ 16.459443] kasan_save_stack+0x3c/0x68 [ 16.459519] kasan_save_track+0x20/0x40 [ 16.459557] kasan_save_free_info+0x4c/0x78 [ 16.459596] __kasan_slab_free+0x6c/0x98 [ 16.459634] kfree+0x214/0x3c8 [ 16.459677] devtmpfs_work_loop+0x804/0xa58 [ 16.459737] devtmpfsd+0x50/0x58 [ 16.459769] kthread+0x328/0x630 [ 16.460098] ret_from_fork+0x10/0x20 [ 16.460195] [ 16.460302] The buggy address belongs to the object at fff00000c4498da0 [ 16.460302] which belongs to the cache kmalloc-16 of size 16 [ 16.460411] The buggy address is located 15 bytes to the right of [ 16.460411] allocated 16-byte region [fff00000c4498da0, fff00000c4498db0) [ 16.460495] [ 16.460559] The buggy address belongs to the physical page: [ 16.460618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104498 [ 16.460668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.460749] page_type: f5(slab) [ 16.460785] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.461005] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.461185] page dumped because: kasan: bad access detected [ 16.461215] [ 16.461258] Memory state around the buggy address: [ 16.461293] fff00000c4498c80: 00 06 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.461484] fff00000c4498d00: fa fb fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 16.461526] >fff00000c4498d80: fa fb fc fc fa fb fc fc 00 07 fc fc fc fc fc fc [ 16.461561] ^ [ 16.461598] fff00000c4498e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.461789] fff00000c4498e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.462244] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.447804] ================================================================== [ 16.447865] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.447997] Read of size 1 at addr fff00000c46ebc80 by task kunit_try_catch/136 [ 16.448043] [ 16.448082] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.448160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.448185] Hardware name: linux,dummy-virt (DT) [ 16.448214] Call trace: [ 16.448234] show_stack+0x20/0x38 (C) [ 16.448281] dump_stack_lvl+0x8c/0xd0 [ 16.448389] print_report+0x118/0x608 [ 16.448499] kasan_report+0xdc/0x128 [ 16.448658] __asan_report_load1_noabort+0x20/0x30 [ 16.448771] kmalloc_oob_right+0x5d0/0x660 [ 16.448817] kunit_try_run_case+0x170/0x3f0 [ 16.448864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.448926] kthread+0x328/0x630 [ 16.449088] ret_from_fork+0x10/0x20 [ 16.449193] [ 16.449210] Allocated by task 136: [ 16.449236] kasan_save_stack+0x3c/0x68 [ 16.449280] kasan_save_track+0x20/0x40 [ 16.449317] kasan_save_alloc_info+0x40/0x58 [ 16.449365] __kasan_kmalloc+0xd4/0xd8 [ 16.449400] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.449438] kmalloc_oob_right+0xb0/0x660 [ 16.449473] kunit_try_run_case+0x170/0x3f0 [ 16.449510] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.449648] kthread+0x328/0x630 [ 16.449686] ret_from_fork+0x10/0x20 [ 16.449818] [ 16.449836] The buggy address belongs to the object at fff00000c46ebc00 [ 16.449836] which belongs to the cache kmalloc-128 of size 128 [ 16.449905] The buggy address is located 13 bytes to the right of [ 16.449905] allocated 115-byte region [fff00000c46ebc00, fff00000c46ebc73) [ 16.449978] [ 16.449997] The buggy address belongs to the physical page: [ 16.450024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.450072] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.450117] page_type: f5(slab) [ 16.450191] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.450239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.450287] page dumped because: kasan: bad access detected [ 16.450409] [ 16.450532] Memory state around the buggy address: [ 16.450607] fff00000c46ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450649] fff00000c46ebc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.450928] >fff00000c46ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450969] ^ [ 16.450996] fff00000c46ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.451046] fff00000c46ebd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.451084] ================================================================== [ 16.444623] ================================================================== [ 16.444661] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.444708] Write of size 1 at addr fff00000c46ebc78 by task kunit_try_catch/136 [ 16.444764] [ 16.444913] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 16.445252] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.445278] Hardware name: linux,dummy-virt (DT) [ 16.445369] Call trace: [ 16.445477] show_stack+0x20/0x38 (C) [ 16.445709] dump_stack_lvl+0x8c/0xd0 [ 16.445912] print_report+0x118/0x608 [ 16.445959] kasan_report+0xdc/0x128 [ 16.446004] __asan_report_store1_noabort+0x20/0x30 [ 16.446057] kmalloc_oob_right+0x538/0x660 [ 16.446104] kunit_try_run_case+0x170/0x3f0 [ 16.446165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.446218] kthread+0x328/0x630 [ 16.446259] ret_from_fork+0x10/0x20 [ 16.446306] [ 16.446323] Allocated by task 136: [ 16.446361] kasan_save_stack+0x3c/0x68 [ 16.446402] kasan_save_track+0x20/0x40 [ 16.446439] kasan_save_alloc_info+0x40/0x58 [ 16.446478] __kasan_kmalloc+0xd4/0xd8 [ 16.446513] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.446551] kmalloc_oob_right+0xb0/0x660 [ 16.446587] kunit_try_run_case+0x170/0x3f0 [ 16.446623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.446666] kthread+0x328/0x630 [ 16.446698] ret_from_fork+0x10/0x20 [ 16.446732] [ 16.446750] The buggy address belongs to the object at fff00000c46ebc00 [ 16.446750] which belongs to the cache kmalloc-128 of size 128 [ 16.446805] The buggy address is located 5 bytes to the right of [ 16.446805] allocated 115-byte region [fff00000c46ebc00, fff00000c46ebc73) [ 16.446865] [ 16.446884] The buggy address belongs to the physical page: [ 16.446912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.446984] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.447030] page_type: f5(slab) [ 16.447066] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.447126] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.447165] page dumped because: kasan: bad access detected [ 16.447194] [ 16.447211] Memory state around the buggy address: [ 16.447240] fff00000c46ebb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.447280] fff00000c46ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447321] >fff00000c46ebc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.447365] ^ [ 16.447406] fff00000c46ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447447] fff00000c46ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447482] ================================================================== [ 16.437522] ================================================================== [ 16.437858] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.438786] Write of size 1 at addr fff00000c46ebc73 by task kunit_try_catch/136 [ 16.438893] [ 16.439659] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc5 #1 PREEMPT [ 16.439803] Tainted: [N]=TEST [ 16.439834] Hardware name: linux,dummy-virt (DT) [ 16.440050] Call trace: [ 16.440226] show_stack+0x20/0x38 (C) [ 16.440376] dump_stack_lvl+0x8c/0xd0 [ 16.440442] print_report+0x118/0x608 [ 16.440491] kasan_report+0xdc/0x128 [ 16.440537] __asan_report_store1_noabort+0x20/0x30 [ 16.440589] kmalloc_oob_right+0x5a4/0x660 [ 16.440635] kunit_try_run_case+0x170/0x3f0 [ 16.440686] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.440739] kthread+0x328/0x630 [ 16.440783] ret_from_fork+0x10/0x20 [ 16.440941] [ 16.440978] Allocated by task 136: [ 16.441088] kasan_save_stack+0x3c/0x68 [ 16.441151] kasan_save_track+0x20/0x40 [ 16.441188] kasan_save_alloc_info+0x40/0x58 [ 16.441228] __kasan_kmalloc+0xd4/0xd8 [ 16.441264] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.441305] kmalloc_oob_right+0xb0/0x660 [ 16.441352] kunit_try_run_case+0x170/0x3f0 [ 16.441390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.441433] kthread+0x328/0x630 [ 16.441466] ret_from_fork+0x10/0x20 [ 16.441520] [ 16.441578] The buggy address belongs to the object at fff00000c46ebc00 [ 16.441578] which belongs to the cache kmalloc-128 of size 128 [ 16.441670] The buggy address is located 0 bytes to the right of [ 16.441670] allocated 115-byte region [fff00000c46ebc00, fff00000c46ebc73) [ 16.441737] [ 16.441821] The buggy address belongs to the physical page: [ 16.442035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046eb [ 16.442305] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.442623] page_type: f5(slab) [ 16.442914] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.442978] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.443080] page dumped because: kasan: bad access detected [ 16.443119] [ 16.443143] Memory state around the buggy address: [ 16.443376] fff00000c46ebb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.443448] fff00000c46ebb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443499] >fff00000c46ebc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.443551] ^ [ 16.443631] fff00000c46ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443674] fff00000c46ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443734] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 94.900151] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 94.901595] Modules linked in: [ 94.901821] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc5 #1 PREEMPT [ 94.902847] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 94.903288] Hardware name: linux,dummy-virt (DT) [ 94.903616] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.903931] pc : intlog10+0x38/0x48 [ 94.904172] lr : intlog10_test+0xe4/0x200 [ 94.904453] sp : ffff800082307c10 [ 94.904644] x29: ffff800082307c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.905363] x26: 1ffe00001943df21 x25: 0000000000000000 x24: ffff800082307ce0 [ 94.905870] x23: ffff800082307d00 x22: 0000000000000000 x21: 1ffff00010460f82 [ 94.906530] x20: ffff93d698089e80 x19: ffff800080087990 x18: 00000000244abb1d [ 94.907054] x17: 0000000074109f5a x16: fff00000c097583c x15: 00000000745a5c73 [ 94.907719] x14: 00000000f1f1f1f1 x13: 1ffe00001b48ebcd x12: ffff727ad37e3379 [ 94.908543] x11: 1ffff27ad37e3378 x10: ffff727ad37e3378 x9 : ffff93d69563685c [ 94.909373] x8 : ffff93d69bf19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.910263] x5 : ffff700010460f82 x4 : 1ffff00010010f3a x3 : 1ffff27ad30113d0 [ 94.911450] x2 : 1ffff27ad30113d0 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.912276] Call trace: [ 94.912655] intlog10+0x38/0x48 (P) [ 94.913118] kunit_try_run_case+0x170/0x3f0 [ 94.913647] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.914392] kthread+0x328/0x630 [ 94.914809] ret_from_fork+0x10/0x20 [ 94.915012] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 94.844963] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 94.845786] Modules linked in: [ 94.846743] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc5 #1 PREEMPT [ 94.847818] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 94.848448] Hardware name: linux,dummy-virt (DT) [ 94.849060] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 94.849875] pc : intlog2+0xd8/0xf8 [ 94.850450] lr : intlog2_test+0xe4/0x200 [ 94.850903] sp : ffff8000822a7c10 [ 94.851293] x29: ffff8000822a7c90 x28: 0000000000000000 x27: 0000000000000000 [ 94.851678] x26: 1ffe000018f78b81 x25: 0000000000000000 x24: ffff8000822a7ce0 [ 94.852024] x23: ffff8000822a7d00 x22: 0000000000000000 x21: 1ffff00010454f82 [ 94.852409] x20: ffff93d698089d80 x19: ffff800080087990 x18: 00000000d1834b51 [ 94.853156] x17: 000000006992b3ae x16: 000000009bc0314e x15: 00000000e24d9d91 [ 94.853894] x14: 000000002c6da7ee x13: 1ffe00001b48a789 x12: ffff727ad37e3379 [ 94.854777] x11: 1ffff27ad37e3378 x10: ffff727ad37e3378 x9 : ffff93d695636a5c [ 94.855668] x8 : ffff93d69bf19bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 94.856435] x5 : ffff700010454f82 x4 : 1ffff00010010f3a x3 : 1ffff27ad30113b0 [ 94.857154] x2 : 1ffff27ad30113b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 94.857880] Call trace: [ 94.858159] intlog2+0xd8/0xf8 (P) [ 94.858548] kunit_try_run_case+0x170/0x3f0 [ 94.859025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 94.859548] kthread+0x328/0x630 [ 94.859735] ret_from_fork+0x10/0x20 [ 94.859947] ---[ end trace 0000000000000000 ]---