Date
July 16, 2025, 3:10 p.m.
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.118081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5b4/0x4858
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 18.978479] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 18.936159] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0
Failure - log-parser-boot/bug-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.924987] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0
Failure - log-parser-boot/internal-error-oops-oops-smp
[ 95.745009] Internal error: Oops: 0000000096000005 [#1] SMP [ 95.749977] Modules linked in: [ 95.750389] CPU: 0 UID: 0 PID: 532 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 95.751008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 95.751325] Hardware name: linux,dummy-virt (DT) [ 95.751620] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 95.752046] pc : kunit_test_null_dereference+0x70/0x170 [ 95.752319] lr : kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.752591] sp : ffff800081f97d30 [ 95.752835] x29: ffff800081f97d90 x28: 0000000000000000 x27: 0000000000000000 [ 95.753357] x26: 1ffe0000187dc4a1 x25: 0000000000000000 x24: 0000000000000004 [ 95.753832] x23: fff00000c3ee250c x22: ffff98870e023438 x21: fff00000c1213188 [ 95.754258] x20: 1ffff000103f2fa6 x19: ffff800080087990 x18: 00000000201c8f6e [ 95.754666] x17: 0000000000000000 x16: fff00000c097583c x15: fff00000ff616b08 [ 95.755146] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: fffd800018f0ab3c [ 95.755603] x11: 1ffe000018f0ab3b x10: fffd800018f0ab3b x9 : ffff98870e01a8a0 [ 95.756051] x8 : ffff800081f97c18 x7 : 0000000000000001 x6 : 0000000041b58ab3 [ 95.756514] x5 : ffff7000103f2fa6 x4 : 00000000f1f1f1f1 x3 : 0000000000000003 [ 95.756971] x2 : dfff800000000000 x1 : fff00000c7855100 x0 : ffff800080087990 [ 95.757390] Call trace: [ 95.757587] kunit_test_null_dereference+0x70/0x170 (P) [ 95.757923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 95.758390] kthread+0x328/0x630 [ 95.758616] ret_from_fork+0x10/0x20 [ 95.759086] Code: b90004a3 d5384101 52800063 aa0003f3 (39c00042) [ 95.759637] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.624793] ================================================================== [ 50.624883] BUG: KFENCE: use-after-free read in test_krealloc+0x51c/0x830 [ 50.624883] [ 50.624987] Use-after-free read at 0x00000000b2254015 (in kfence-#155): [ 50.625043] test_krealloc+0x51c/0x830 [ 50.625089] kunit_try_run_case+0x170/0x3f0 [ 50.625134] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.625179] kthread+0x328/0x630 [ 50.625220] ret_from_fork+0x10/0x20 [ 50.625260] [ 50.625283] kfence-#155: 0x00000000b2254015-0x00000000e6133d11, size=32, cache=kmalloc-32 [ 50.625283] [ 50.625338] allocated by task 337 on cpu 0 at 50.624100s (0.001234s ago): [ 50.625409] test_alloc+0x29c/0x628 [ 50.625448] test_krealloc+0xc0/0x830 [ 50.625487] kunit_try_run_case+0x170/0x3f0 [ 50.625528] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.625571] kthread+0x328/0x630 [ 50.625607] ret_from_fork+0x10/0x20 [ 50.625646] [ 50.625671] freed by task 337 on cpu 0 at 50.624346s (0.001320s ago): [ 50.625742] krealloc_noprof+0x148/0x360 [ 50.625783] test_krealloc+0x1dc/0x830 [ 50.625822] kunit_try_run_case+0x170/0x3f0 [ 50.625861] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.625905] kthread+0x328/0x630 [ 50.625941] ret_from_fork+0x10/0x20 [ 50.625979] [ 50.626029] CPU: 0 UID: 0 PID: 337 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.626111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.626142] Hardware name: linux,dummy-virt (DT) [ 50.626177] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.543764] ================================================================== [ 50.543870] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.543870] [ 50.543977] Use-after-free read at 0x000000002de0a5fd (in kfence-#154): [ 50.544034] test_memcache_typesafe_by_rcu+0x280/0x560 [ 50.544084] kunit_try_run_case+0x170/0x3f0 [ 50.544132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.544177] kthread+0x328/0x630 [ 50.544217] ret_from_fork+0x10/0x20 [ 50.544258] [ 50.544282] kfence-#154: 0x000000002de0a5fd-0x00000000cabf2121, size=32, cache=test [ 50.544282] [ 50.544337] allocated by task 335 on cpu 1 at 50.519887s (0.024446s ago): [ 50.544409] test_alloc+0x230/0x628 [ 50.544449] test_memcache_typesafe_by_rcu+0x15c/0x560 [ 50.544491] kunit_try_run_case+0x170/0x3f0 [ 50.544531] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.544573] kthread+0x328/0x630 [ 50.544608] ret_from_fork+0x10/0x20 [ 50.544649] [ 50.544672] freed by task 335 on cpu 1 at 50.520000s (0.024668s ago): [ 50.544745] test_memcache_typesafe_by_rcu+0x1a8/0x560 [ 50.544789] kunit_try_run_case+0x170/0x3f0 [ 50.544831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 50.544878] kthread+0x328/0x630 [ 50.544923] ret_from_fork+0x10/0x20 [ 50.544964] [ 50.545015] CPU: 1 UID: 0 PID: 335 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 50.545095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.545125] Hardware name: linux,dummy-virt (DT) [ 50.545161] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 27.664079] ================================================================== [ 27.664231] BUG: KFENCE: invalid read in test_invalid_access+0xdc/0x1f0 [ 27.664231] [ 27.664340] Invalid read at 0x00000000eaa4eec9: [ 27.664407] test_invalid_access+0xdc/0x1f0 [ 27.664497] kunit_try_run_case+0x170/0x3f0 [ 27.664668] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.664764] kthread+0x328/0x630 [ 27.664845] ret_from_fork+0x10/0x20 [ 27.664900] [ 27.664957] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.665046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.665082] Hardware name: linux,dummy-virt (DT) [ 27.665122] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 27.431935] ================================================================== [ 27.432018] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.432018] [ 27.432083] Corrupted memory at 0x0000000069ec44c2 [ ! . . . . . . . . . . . . . . . ] (in kfence-#150): [ 27.432391] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.432443] kunit_try_run_case+0x170/0x3f0 [ 27.432487] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.432533] kthread+0x328/0x630 [ 27.432571] ret_from_fork+0x10/0x20 [ 27.432610] [ 27.432635] kfence-#150: 0x000000002d8586ae-0x000000001890e905, size=73, cache=kmalloc-96 [ 27.432635] [ 27.432690] allocated by task 325 on cpu 1 at 27.431684s (0.001003s ago): [ 27.432766] test_alloc+0x29c/0x628 [ 27.432808] test_kmalloc_aligned_oob_write+0xbc/0x2c0 [ 27.432852] kunit_try_run_case+0x170/0x3f0 [ 27.432893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.432939] kthread+0x328/0x630 [ 27.432976] ret_from_fork+0x10/0x20 [ 27.433015] [ 27.433038] freed by task 325 on cpu 1 at 27.431846s (0.001188s ago): [ 27.433102] test_kmalloc_aligned_oob_write+0x214/0x2c0 [ 27.433144] kunit_try_run_case+0x170/0x3f0 [ 27.433185] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.433228] kthread+0x328/0x630 [ 27.433263] ret_from_fork+0x10/0x20 [ 27.433302] [ 27.433346] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.433425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.433454] Hardware name: linux,dummy-virt (DT) [ 27.433487] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 27.328008] ================================================================== [ 27.328115] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.328115] [ 27.328221] Out-of-bounds read at 0x00000000ca8c7ed1 (105B right of kfence-#149): [ 27.328286] test_kmalloc_aligned_oob_read+0x238/0x468 [ 27.328336] kunit_try_run_case+0x170/0x3f0 [ 27.328384] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.328430] kthread+0x328/0x630 [ 27.328470] ret_from_fork+0x10/0x20 [ 27.328513] [ 27.328538] kfence-#149: 0x0000000048c34ded-0x000000006223638d, size=73, cache=kmalloc-96 [ 27.328538] [ 27.328594] allocated by task 323 on cpu 1 at 27.327731s (0.000859s ago): [ 27.328666] test_alloc+0x29c/0x628 [ 27.328707] test_kmalloc_aligned_oob_read+0x100/0x468 [ 27.328767] kunit_try_run_case+0x170/0x3f0 [ 27.328809] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.328854] kthread+0x328/0x630 [ 27.328888] ret_from_fork+0x10/0x20 [ 27.328932] [ 27.328983] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 27.329065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.329095] Hardware name: linux,dummy-virt (DT) [ 27.329131] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 22.960013] ================================================================== [ 22.960122] BUG: KFENCE: memory corruption in test_corruption+0x278/0x378 [ 22.960122] [ 22.960192] Corrupted memory at 0x00000000368c956a [ ! . . . . . . . . . . . . . . . ] (in kfence-#107): [ 22.961333] test_corruption+0x278/0x378 [ 22.961385] kunit_try_run_case+0x170/0x3f0 [ 22.961430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.961476] kthread+0x328/0x630 [ 22.961514] ret_from_fork+0x10/0x20 [ 22.961553] [ 22.961578] kfence-#107: 0x00000000ada6684e-0x00000000b7bdb50f, size=32, cache=kmalloc-32 [ 22.961578] [ 22.961636] allocated by task 311 on cpu 0 at 22.959727s (0.001906s ago): [ 22.961699] test_alloc+0x29c/0x628 [ 22.961753] test_corruption+0xdc/0x378 [ 22.961794] kunit_try_run_case+0x170/0x3f0 [ 22.961834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.961878] kthread+0x328/0x630 [ 22.961915] ret_from_fork+0x10/0x20 [ 22.961954] [ 22.961976] freed by task 311 on cpu 0 at 22.959835s (0.002138s ago): [ 22.962038] test_corruption+0x278/0x378 [ 22.962078] kunit_try_run_case+0x170/0x3f0 [ 22.962118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.962160] kthread+0x328/0x630 [ 22.962196] ret_from_fork+0x10/0x20 [ 22.962235] [ 22.962282] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.962362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.962391] Hardware name: linux,dummy-virt (DT) [ 22.962426] ================================================================== [ 23.271992] ================================================================== [ 23.272088] BUG: KFENCE: memory corruption in test_corruption+0x284/0x378 [ 23.272088] [ 23.272151] Corrupted memory at 0x0000000071273f0a [ ! ] (in kfence-#110): [ 23.272280] test_corruption+0x284/0x378 [ 23.272326] kunit_try_run_case+0x170/0x3f0 [ 23.272368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272413] kthread+0x328/0x630 [ 23.272451] ret_from_fork+0x10/0x20 [ 23.272491] [ 23.272515] kfence-#110: 0x00000000012fe90b-0x00000000a734d25f, size=32, cache=kmalloc-32 [ 23.272515] [ 23.272571] allocated by task 311 on cpu 0 at 23.271705s (0.000863s ago): [ 23.272632] test_alloc+0x29c/0x628 [ 23.272672] test_corruption+0x198/0x378 [ 23.272725] kunit_try_run_case+0x170/0x3f0 [ 23.272765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.272806] kthread+0x328/0x630 [ 23.272842] ret_from_fork+0x10/0x20 [ 23.272881] [ 23.272905] freed by task 311 on cpu 0 at 23.271819s (0.001082s ago): [ 23.272970] test_corruption+0x284/0x378 [ 23.273009] kunit_try_run_case+0x170/0x3f0 [ 23.273048] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.273091] kthread+0x328/0x630 [ 23.273125] ret_from_fork+0x10/0x20 [ 23.273163] [ 23.273206] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 23.273282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.273311] Hardware name: linux,dummy-virt (DT) [ 23.273344] ================================================================== [ 23.375927] ================================================================== [ 23.376010] BUG: KFENCE: memory corruption in test_corruption+0x120/0x378 [ 23.376010] [ 23.376071] Corrupted memory at 0x00000000ed6e93ab [ ! . . . . . . . . . . . . . . . ] (in kfence-#111): [ 23.376375] test_corruption+0x120/0x378 [ 23.376421] kunit_try_run_case+0x170/0x3f0 [ 23.376465] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.376510] kthread+0x328/0x630 [ 23.376549] ret_from_fork+0x10/0x20 [ 23.376589] [ 23.376612] kfence-#111: 0x00000000bfe1b940-0x000000006b0c7380, size=32, cache=test [ 23.376612] [ 23.376667] allocated by task 313 on cpu 0 at 23.375685s (0.000979s ago): [ 23.376744] test_alloc+0x230/0x628 [ 23.376784] test_corruption+0xdc/0x378 [ 23.376824] kunit_try_run_case+0x170/0x3f0 [ 23.376863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.376909] kthread+0x328/0x630 [ 23.376948] ret_from_fork+0x10/0x20 [ 23.376987] [ 23.377009] freed by task 313 on cpu 0 at 23.375753s (0.001252s ago): [ 23.377071] test_corruption+0x120/0x378 [ 23.377112] kunit_try_run_case+0x170/0x3f0 [ 23.377153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.377196] kthread+0x328/0x630 [ 23.377233] ret_from_fork+0x10/0x20 [ 23.377272] [ 23.377313] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 23.377392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.377419] Hardware name: linux,dummy-virt (DT) [ 23.377454] ================================================================== [ 23.479830] ================================================================== [ 23.479917] BUG: KFENCE: memory corruption in test_corruption+0x1d8/0x378 [ 23.479917] [ 23.479977] Corrupted memory at 0x00000000ba64b984 [ ! ] (in kfence-#112): [ 23.480093] test_corruption+0x1d8/0x378 [ 23.480138] kunit_try_run_case+0x170/0x3f0 [ 23.480181] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480225] kthread+0x328/0x630 [ 23.480264] ret_from_fork+0x10/0x20 [ 23.480304] [ 23.480328] kfence-#112: 0x00000000627331c3-0x000000005761d949, size=32, cache=test [ 23.480328] [ 23.480382] allocated by task 313 on cpu 0 at 23.479681s (0.000697s ago): [ 23.480442] test_alloc+0x230/0x628 [ 23.480481] test_corruption+0x198/0x378 [ 23.480522] kunit_try_run_case+0x170/0x3f0 [ 23.480560] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480603] kthread+0x328/0x630 [ 23.480639] ret_from_fork+0x10/0x20 [ 23.480677] [ 23.480700] freed by task 313 on cpu 0 at 23.479751s (0.000946s ago): [ 23.480772] test_corruption+0x1d8/0x378 [ 23.480812] kunit_try_run_case+0x170/0x3f0 [ 23.480851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 23.480893] kthread+0x328/0x630 [ 23.480937] ret_from_fork+0x10/0x20 [ 23.480975] [ 23.481014] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 23.481091] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.481120] Hardware name: linux,dummy-virt (DT) [ 23.481152] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 22.855903] ================================================================== [ 22.855999] BUG: KFENCE: invalid free in test_invalid_addr_free+0xec/0x238 [ 22.855999] [ 22.856066] Invalid free of 0x000000003eedb6d4 (in kfence-#106): [ 22.856129] test_invalid_addr_free+0xec/0x238 [ 22.856180] kunit_try_run_case+0x170/0x3f0 [ 22.856225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.856270] kthread+0x328/0x630 [ 22.856308] ret_from_fork+0x10/0x20 [ 22.856347] [ 22.856372] kfence-#106: 0x000000001b44c692-0x000000004cb8a0f0, size=32, cache=test [ 22.856372] [ 22.856428] allocated by task 309 on cpu 0 at 22.855768s (0.000657s ago): [ 22.856489] test_alloc+0x230/0x628 [ 22.856530] test_invalid_addr_free+0xd4/0x238 [ 22.856572] kunit_try_run_case+0x170/0x3f0 [ 22.856612] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.856655] kthread+0x328/0x630 [ 22.856691] ret_from_fork+0x10/0x20 [ 22.856742] [ 22.856788] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.856871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.856900] Hardware name: linux,dummy-virt (DT) [ 22.856938] ================================================================== [ 22.751809] ================================================================== [ 22.751896] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1ac/0x238 [ 22.751896] [ 22.751960] Invalid free of 0x00000000e4350dec (in kfence-#105): [ 22.752018] test_invalid_addr_free+0x1ac/0x238 [ 22.752065] kunit_try_run_case+0x170/0x3f0 [ 22.752112] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.752158] kthread+0x328/0x630 [ 22.752197] ret_from_fork+0x10/0x20 [ 22.752237] [ 22.752261] kfence-#105: 0x00000000bfb94a42-0x0000000057bf7588, size=32, cache=kmalloc-32 [ 22.752261] [ 22.752318] allocated by task 307 on cpu 1 at 22.751645s (0.000669s ago): [ 22.752382] test_alloc+0x29c/0x628 [ 22.752423] test_invalid_addr_free+0xd4/0x238 [ 22.752465] kunit_try_run_case+0x170/0x3f0 [ 22.752505] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.752550] kthread+0x328/0x630 [ 22.752585] ret_from_fork+0x10/0x20 [ 22.752625] [ 22.752671] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.752768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.752798] Hardware name: linux,dummy-virt (DT) [ 22.752833] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 22.647827] ================================================================== [ 22.647921] BUG: KFENCE: invalid free in test_double_free+0x100/0x238 [ 22.647921] [ 22.647991] Invalid free of 0x000000008e35fa1c (in kfence-#104): [ 22.648049] test_double_free+0x100/0x238 [ 22.648094] kunit_try_run_case+0x170/0x3f0 [ 22.648139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648186] kthread+0x328/0x630 [ 22.648224] ret_from_fork+0x10/0x20 [ 22.648263] [ 22.648286] kfence-#104: 0x000000008e35fa1c-0x000000008284c055, size=32, cache=test [ 22.648286] [ 22.648341] allocated by task 305 on cpu 0 at 22.647598s (0.000739s ago): [ 22.648401] test_alloc+0x230/0x628 [ 22.648443] test_double_free+0xd4/0x238 [ 22.648482] kunit_try_run_case+0x170/0x3f0 [ 22.648523] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648567] kthread+0x328/0x630 [ 22.648602] ret_from_fork+0x10/0x20 [ 22.648641] [ 22.648664] freed by task 305 on cpu 0 at 22.647665s (0.000995s ago): [ 22.648738] test_double_free+0xf0/0x238 [ 22.648779] kunit_try_run_case+0x170/0x3f0 [ 22.648817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.648861] kthread+0x328/0x630 [ 22.648898] ret_from_fork+0x10/0x20 [ 22.648941] [ 22.648984] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.649065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.649092] Hardware name: linux,dummy-virt (DT) [ 22.649127] ================================================================== [ 22.544192] ================================================================== [ 22.544312] BUG: KFENCE: invalid free in test_double_free+0x1bc/0x238 [ 22.544312] [ 22.544385] Invalid free of 0x00000000de556656 (in kfence-#103): [ 22.544455] test_double_free+0x1bc/0x238 [ 22.544502] kunit_try_run_case+0x170/0x3f0 [ 22.544547] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.544593] kthread+0x328/0x630 [ 22.544632] ret_from_fork+0x10/0x20 [ 22.544674] [ 22.544697] kfence-#103: 0x00000000de556656-0x00000000c08627fe, size=32, cache=kmalloc-32 [ 22.544697] [ 22.544770] allocated by task 303 on cpu 0 at 22.543631s (0.001135s ago): [ 22.544833] test_alloc+0x29c/0x628 [ 22.544875] test_double_free+0xd4/0x238 [ 22.544915] kunit_try_run_case+0x170/0x3f0 [ 22.544959] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.545002] kthread+0x328/0x630 [ 22.545040] ret_from_fork+0x10/0x20 [ 22.545078] [ 22.545101] freed by task 303 on cpu 0 at 22.543707s (0.001391s ago): [ 22.545164] test_double_free+0x1ac/0x238 [ 22.545204] kunit_try_run_case+0x170/0x3f0 [ 22.545245] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.545289] kthread+0x328/0x630 [ 22.545324] ret_from_fork+0x10/0x20 [ 22.545364] [ 22.545413] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.545496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.545526] Hardware name: linux,dummy-virt (DT) [ 22.545561] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 22.128024] ================================================================== [ 22.128145] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.128145] [ 22.128261] Use-after-free read at 0x0000000000e49ab7 (in kfence-#99): [ 22.128316] test_use_after_free_read+0x114/0x248 [ 22.128365] kunit_try_run_case+0x170/0x3f0 [ 22.128409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128452] kthread+0x328/0x630 [ 22.128494] ret_from_fork+0x10/0x20 [ 22.128534] [ 22.128558] kfence-#99: 0x0000000000e49ab7-0x00000000a77ea623, size=32, cache=kmalloc-32 [ 22.128558] [ 22.128612] allocated by task 295 on cpu 0 at 22.127697s (0.000911s ago): [ 22.128684] test_alloc+0x29c/0x628 [ 22.128742] test_use_after_free_read+0xd0/0x248 [ 22.128784] kunit_try_run_case+0x170/0x3f0 [ 22.128824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.128866] kthread+0x328/0x630 [ 22.128903] ret_from_fork+0x10/0x20 [ 22.128955] [ 22.129080] freed by task 295 on cpu 0 at 22.127788s (0.001214s ago): [ 22.129187] test_use_after_free_read+0x1c0/0x248 [ 22.129228] kunit_try_run_case+0x170/0x3f0 [ 22.129269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.129311] kthread+0x328/0x630 [ 22.129348] ret_from_fork+0x10/0x20 [ 22.129399] [ 22.129451] CPU: 0 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.129532] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.129562] Hardware name: linux,dummy-virt (DT) [ 22.129596] ================================================================== [ 22.231819] ================================================================== [ 22.231913] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x114/0x248 [ 22.231913] [ 22.232001] Use-after-free read at 0x000000009ac1888e (in kfence-#100): [ 22.232055] test_use_after_free_read+0x114/0x248 [ 22.232103] kunit_try_run_case+0x170/0x3f0 [ 22.232147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232192] kthread+0x328/0x630 [ 22.232230] ret_from_fork+0x10/0x20 [ 22.232271] [ 22.232295] kfence-#100: 0x000000009ac1888e-0x00000000a3b6211d, size=32, cache=test [ 22.232295] [ 22.232347] allocated by task 297 on cpu 0 at 22.231617s (0.000726s ago): [ 22.232418] test_alloc+0x230/0x628 [ 22.232459] test_use_after_free_read+0xd0/0x248 [ 22.232501] kunit_try_run_case+0x170/0x3f0 [ 22.232541] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232586] kthread+0x328/0x630 [ 22.232622] ret_from_fork+0x10/0x20 [ 22.232661] [ 22.232686] freed by task 297 on cpu 0 at 22.231677s (0.001005s ago): [ 22.232799] test_use_after_free_read+0xf0/0x248 [ 22.232843] kunit_try_run_case+0x170/0x3f0 [ 22.232883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.232935] kthread+0x328/0x630 [ 22.232970] ret_from_fork+0x10/0x20 [ 22.233009] [ 22.233053] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.233134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.233162] Hardware name: linux,dummy-virt (DT) [ 22.233196] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 22.023730] ================================================================== [ 22.023822] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 22.023822] [ 22.023918] Out-of-bounds write at 0x00000000c313243e (1B left of kfence-#98): [ 22.023978] test_out_of_bounds_write+0x100/0x240 [ 22.024028] kunit_try_run_case+0x170/0x3f0 [ 22.024072] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.024116] kthread+0x328/0x630 [ 22.024156] ret_from_fork+0x10/0x20 [ 22.024197] [ 22.024221] kfence-#98: 0x000000008a6f30bc-0x000000008768534c, size=32, cache=test [ 22.024221] [ 22.024275] allocated by task 293 on cpu 1 at 22.023632s (0.000640s ago): [ 22.024348] test_alloc+0x230/0x628 [ 22.024390] test_out_of_bounds_write+0xc8/0x240 [ 22.024431] kunit_try_run_case+0x170/0x3f0 [ 22.024471] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.024517] kthread+0x328/0x630 [ 22.024552] ret_from_fork+0x10/0x20 [ 22.024593] [ 22.024635] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 22.024731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.024761] Hardware name: linux,dummy-virt (DT) [ 22.024795] ================================================================== [ 21.919906] ================================================================== [ 21.920016] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x100/0x240 [ 21.920016] [ 21.920123] Out-of-bounds write at 0x000000005eba406a (1B left of kfence-#97): [ 21.920185] test_out_of_bounds_write+0x100/0x240 [ 21.920233] kunit_try_run_case+0x170/0x3f0 [ 21.920280] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.920327] kthread+0x328/0x630 [ 21.920367] ret_from_fork+0x10/0x20 [ 21.920408] [ 21.920432] kfence-#97: 0x0000000074d30d27-0x000000008604b5ac, size=32, cache=kmalloc-32 [ 21.920432] [ 21.920491] allocated by task 291 on cpu 1 at 21.919632s (0.000855s ago): [ 21.920565] test_alloc+0x29c/0x628 [ 21.920605] test_out_of_bounds_write+0xc8/0x240 [ 21.920649] kunit_try_run_case+0x170/0x3f0 [ 21.920688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.920751] kthread+0x328/0x630 [ 21.920787] ret_from_fork+0x10/0x20 [ 21.920829] [ 21.920884] CPU: 1 UID: 0 PID: 291 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.921045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.921073] Hardware name: linux,dummy-virt (DT) [ 21.921108] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 21.188201] ================================================================== [ 21.188281] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.188281] [ 21.188380] Out-of-bounds read at 0x00000000f0b60c0e (32B right of kfence-#90): [ 21.188436] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.188483] kunit_try_run_case+0x170/0x3f0 [ 21.188526] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.188571] kthread+0x328/0x630 [ 21.188612] ret_from_fork+0x10/0x20 [ 21.188652] [ 21.188675] kfence-#90: 0x000000004a9bc5b9-0x00000000e7a43fc8, size=32, cache=kmalloc-32 [ 21.188675] [ 21.188744] allocated by task 287 on cpu 1 at 21.187960s (0.000780s ago): [ 21.188815] test_alloc+0x29c/0x628 [ 21.188855] test_out_of_bounds_read+0x198/0x3e0 [ 21.188896] kunit_try_run_case+0x170/0x3f0 [ 21.188938] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.188982] kthread+0x328/0x630 [ 21.189018] ret_from_fork+0x10/0x20 [ 21.189057] [ 21.189102] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.189181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.189211] Hardware name: linux,dummy-virt (DT) [ 21.189245] ================================================================== [ 20.876934] ================================================================== [ 20.877096] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 20.877096] [ 20.877243] Out-of-bounds read at 0x0000000086136d1d (1B left of kfence-#87): [ 20.877496] test_out_of_bounds_read+0x114/0x3e0 [ 20.877551] kunit_try_run_case+0x170/0x3f0 [ 20.877616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.877742] kthread+0x328/0x630 [ 20.877782] ret_from_fork+0x10/0x20 [ 20.877954] [ 20.878128] kfence-#87: 0x0000000069fe6e94-0x000000001ca7744b, size=32, cache=kmalloc-32 [ 20.878128] [ 20.878335] allocated by task 287 on cpu 1 at 20.875933s (0.002310s ago): [ 20.878696] test_alloc+0x29c/0x628 [ 20.878853] test_out_of_bounds_read+0xdc/0x3e0 [ 20.879017] kunit_try_run_case+0x170/0x3f0 [ 20.879122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.879168] kthread+0x328/0x630 [ 20.879203] ret_from_fork+0x10/0x20 [ 20.879339] [ 20.879450] CPU: 1 UID: 0 PID: 287 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 20.879559] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.879617] Hardware name: linux,dummy-virt (DT) [ 20.879735] ================================================================== [ 21.711773] ================================================================== [ 21.711876] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x1c8/0x3e0 [ 21.711876] [ 21.711973] Out-of-bounds read at 0x00000000b0cd49bc (32B right of kfence-#95): [ 21.712036] test_out_of_bounds_read+0x1c8/0x3e0 [ 21.712084] kunit_try_run_case+0x170/0x3f0 [ 21.712128] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.712173] kthread+0x328/0x630 [ 21.712211] ret_from_fork+0x10/0x20 [ 21.712252] [ 21.712276] kfence-#95: 0x00000000303c2538-0x00000000d73406fa, size=32, cache=test [ 21.712276] [ 21.712330] allocated by task 289 on cpu 1 at 21.711673s (0.000653s ago): [ 21.712401] test_alloc+0x230/0x628 [ 21.712444] test_out_of_bounds_read+0x198/0x3e0 [ 21.712488] kunit_try_run_case+0x170/0x3f0 [ 21.712529] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.712573] kthread+0x328/0x630 [ 21.712610] ret_from_fork+0x10/0x20 [ 21.712650] [ 21.712695] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.712791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.712822] Hardware name: linux,dummy-virt (DT) [ 21.712855] ================================================================== [ 21.296476] ================================================================== [ 21.296555] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x114/0x3e0 [ 21.296555] [ 21.296643] Out-of-bounds read at 0x000000003f575a03 (1B left of kfence-#91): [ 21.296959] test_out_of_bounds_read+0x114/0x3e0 [ 21.297054] kunit_try_run_case+0x170/0x3f0 [ 21.297118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.297162] kthread+0x328/0x630 [ 21.297225] ret_from_fork+0x10/0x20 [ 21.297268] [ 21.297298] kfence-#91: 0x00000000211babcb-0x000000000498ff91, size=32, cache=test [ 21.297298] [ 21.297600] allocated by task 289 on cpu 1 at 21.296334s (0.001112s ago): [ 21.297767] test_alloc+0x230/0x628 [ 21.297852] test_out_of_bounds_read+0xdc/0x3e0 [ 21.297915] kunit_try_run_case+0x170/0x3f0 [ 21.297977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.298022] kthread+0x328/0x630 [ 21.298057] ret_from_fork+0x10/0x20 [ 21.298097] [ 21.298242] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 21.298483] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.298528] Hardware name: linux,dummy-virt (DT) [ 21.298584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 19.570297] ================================================================== [ 19.570364] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0 [ 19.570580] Write of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.570854] [ 19.570904] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.571314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.571429] Hardware name: linux,dummy-virt (DT) [ 19.571487] Call trace: [ 19.571511] show_stack+0x20/0x38 (C) [ 19.571583] dump_stack_lvl+0x8c/0xd0 [ 19.571635] print_report+0x118/0x5d0 [ 19.571695] kasan_report+0xdc/0x128 [ 19.571754] kasan_check_range+0x100/0x1a8 [ 19.571805] __kasan_check_write+0x20/0x30 [ 19.571852] strncpy_from_user+0x3c/0x2a0 [ 19.571903] copy_user_test_oob+0x5c0/0xec8 [ 19.571974] kunit_try_run_case+0x170/0x3f0 [ 19.572177] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.572903] kthread+0x328/0x630 [ 19.573322] ret_from_fork+0x10/0x20 [ 19.573557] [ 19.574075] Allocated by task 285: [ 19.574386] kasan_save_stack+0x3c/0x68 [ 19.574437] kasan_save_track+0x20/0x40 [ 19.575108] kasan_save_alloc_info+0x40/0x58 [ 19.575165] __kasan_kmalloc+0xd4/0xd8 [ 19.575205] __kmalloc_noprof+0x198/0x4c8 [ 19.576140] kunit_kmalloc_array+0x34/0x88 [ 19.576865] copy_user_test_oob+0xac/0xec8 [ 19.577325] kunit_try_run_case+0x170/0x3f0 [ 19.577432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.578000] kthread+0x328/0x630 [ 19.578208] ret_from_fork+0x10/0x20 [ 19.578538] [ 19.578570] The buggy address belongs to the object at fff00000c7939000 [ 19.578570] which belongs to the cache kmalloc-128 of size 128 [ 19.578638] The buggy address is located 0 bytes inside of [ 19.578638] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.579770] [ 19.579799] The buggy address belongs to the physical page: [ 19.579833] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.580022] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.580880] page_type: f5(slab) [ 19.581356] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.581869] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.582492] page dumped because: kasan: bad access detected [ 19.582756] [ 19.582780] Memory state around the buggy address: [ 19.583288] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.583345] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.583392] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.583854] ^ [ 19.584196] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.584286] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.585215] ================================================================== [ 19.588944] ================================================================== [ 19.589003] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0 [ 19.589059] Write of size 1 at addr fff00000c7939078 by task kunit_try_catch/285 [ 19.589113] [ 19.589146] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.592115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.592482] Hardware name: linux,dummy-virt (DT) [ 19.593211] Call trace: [ 19.593293] show_stack+0x20/0x38 (C) [ 19.594391] dump_stack_lvl+0x8c/0xd0 [ 19.594795] print_report+0x118/0x5d0 [ 19.594889] kasan_report+0xdc/0x128 [ 19.595814] __asan_report_store1_noabort+0x20/0x30 [ 19.596564] strncpy_from_user+0x270/0x2a0 [ 19.597118] copy_user_test_oob+0x5c0/0xec8 [ 19.597755] kunit_try_run_case+0x170/0x3f0 [ 19.597909] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.597965] kthread+0x328/0x630 [ 19.598010] ret_from_fork+0x10/0x20 [ 19.598060] [ 19.598083] Allocated by task 285: [ 19.598942] kasan_save_stack+0x3c/0x68 [ 19.599003] kasan_save_track+0x20/0x40 [ 19.599414] kasan_save_alloc_info+0x40/0x58 [ 19.600195] __kasan_kmalloc+0xd4/0xd8 [ 19.601125] __kmalloc_noprof+0x198/0x4c8 [ 19.601325] kunit_kmalloc_array+0x34/0x88 [ 19.601368] copy_user_test_oob+0xac/0xec8 [ 19.601411] kunit_try_run_case+0x170/0x3f0 [ 19.601452] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.601499] kthread+0x328/0x630 [ 19.602381] ret_from_fork+0x10/0x20 [ 19.602623] [ 19.602648] The buggy address belongs to the object at fff00000c7939000 [ 19.602648] which belongs to the cache kmalloc-128 of size 128 [ 19.602728] The buggy address is located 0 bytes to the right of [ 19.602728] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.603615] [ 19.603991] The buggy address belongs to the physical page: [ 19.604028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.604645] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.604871] page_type: f5(slab) [ 19.605701] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.605916] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.606668] page dumped because: kasan: bad access detected [ 19.606836] [ 19.606858] Memory state around the buggy address: [ 19.607590] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.607831] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.608382] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.608508] ^ [ 19.609175] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.609316] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.609652] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 19.556161] ================================================================== [ 19.556236] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3c8/0xec8 [ 19.556288] Read of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.556341] [ 19.556379] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.556777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.556887] Hardware name: linux,dummy-virt (DT) [ 19.556935] Call trace: [ 19.556974] show_stack+0x20/0x38 (C) [ 19.557034] dump_stack_lvl+0x8c/0xd0 [ 19.557141] print_report+0x118/0x5d0 [ 19.557217] kasan_report+0xdc/0x128 [ 19.557270] kasan_check_range+0x100/0x1a8 [ 19.557344] __kasan_check_read+0x20/0x30 [ 19.557500] copy_user_test_oob+0x3c8/0xec8 [ 19.557585] kunit_try_run_case+0x170/0x3f0 [ 19.557670] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.557755] kthread+0x328/0x630 [ 19.557804] ret_from_fork+0x10/0x20 [ 19.557855] [ 19.557881] Allocated by task 285: [ 19.557911] kasan_save_stack+0x3c/0x68 [ 19.557952] kasan_save_track+0x20/0x40 [ 19.557993] kasan_save_alloc_info+0x40/0x58 [ 19.558034] __kasan_kmalloc+0xd4/0xd8 [ 19.558074] __kmalloc_noprof+0x198/0x4c8 [ 19.558115] kunit_kmalloc_array+0x34/0x88 [ 19.558154] copy_user_test_oob+0xac/0xec8 [ 19.558200] kunit_try_run_case+0x170/0x3f0 [ 19.558239] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.558287] kthread+0x328/0x630 [ 19.558330] ret_from_fork+0x10/0x20 [ 19.558377] [ 19.558397] The buggy address belongs to the object at fff00000c7939000 [ 19.558397] which belongs to the cache kmalloc-128 of size 128 [ 19.558464] The buggy address is located 0 bytes inside of [ 19.558464] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.558530] [ 19.558550] The buggy address belongs to the physical page: [ 19.558584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.558637] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.558687] page_type: f5(slab) [ 19.559292] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.559386] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.559537] page dumped because: kasan: bad access detected [ 19.559595] [ 19.559651] Memory state around the buggy address: [ 19.559697] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.559752] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.559798] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.560010] ^ [ 19.560089] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.560248] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.560337] ================================================================== [ 19.541217] ================================================================== [ 19.541278] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x728/0xec8 [ 19.541467] Read of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.541558] [ 19.541607] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.541744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.541781] Hardware name: linux,dummy-virt (DT) [ 19.541815] Call trace: [ 19.541837] show_stack+0x20/0x38 (C) [ 19.541887] dump_stack_lvl+0x8c/0xd0 [ 19.541961] print_report+0x118/0x5d0 [ 19.542009] kasan_report+0xdc/0x128 [ 19.542055] kasan_check_range+0x100/0x1a8 [ 19.542105] __kasan_check_read+0x20/0x30 [ 19.542220] copy_user_test_oob+0x728/0xec8 [ 19.542268] kunit_try_run_case+0x170/0x3f0 [ 19.542325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.542380] kthread+0x328/0x630 [ 19.542458] ret_from_fork+0x10/0x20 [ 19.542510] [ 19.542530] Allocated by task 285: [ 19.542583] kasan_save_stack+0x3c/0x68 [ 19.542785] kasan_save_track+0x20/0x40 [ 19.542829] kasan_save_alloc_info+0x40/0x58 [ 19.542939] __kasan_kmalloc+0xd4/0xd8 [ 19.543032] __kmalloc_noprof+0x198/0x4c8 [ 19.543073] kunit_kmalloc_array+0x34/0x88 [ 19.543114] copy_user_test_oob+0xac/0xec8 [ 19.543201] kunit_try_run_case+0x170/0x3f0 [ 19.543590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.543675] kthread+0x328/0x630 [ 19.543774] ret_from_fork+0x10/0x20 [ 19.543979] [ 19.544157] The buggy address belongs to the object at fff00000c7939000 [ 19.544157] which belongs to the cache kmalloc-128 of size 128 [ 19.544267] The buggy address is located 0 bytes inside of [ 19.544267] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.544464] [ 19.544542] The buggy address belongs to the physical page: [ 19.544620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.544760] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.544811] page_type: f5(slab) [ 19.544850] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.544903] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.544953] page dumped because: kasan: bad access detected [ 19.544986] [ 19.545007] Memory state around the buggy address: [ 19.545043] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.545090] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.545138] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.545182] ^ [ 19.545396] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.545443] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.545514] ================================================================== [ 19.565786] ================================================================== [ 19.565840] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4a0/0xec8 [ 19.565889] Read of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.566062] [ 19.566093] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.566206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.566234] Hardware name: linux,dummy-virt (DT) [ 19.566292] Call trace: [ 19.566317] show_stack+0x20/0x38 (C) [ 19.566450] dump_stack_lvl+0x8c/0xd0 [ 19.566535] print_report+0x118/0x5d0 [ 19.566616] kasan_report+0xdc/0x128 [ 19.567265] kasan_check_range+0x100/0x1a8 [ 19.567328] __kasan_check_read+0x20/0x30 [ 19.567373] copy_user_test_oob+0x4a0/0xec8 [ 19.567422] kunit_try_run_case+0x170/0x3f0 [ 19.567469] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.567524] kthread+0x328/0x630 [ 19.567565] ret_from_fork+0x10/0x20 [ 19.567614] [ 19.567634] Allocated by task 285: [ 19.567663] kasan_save_stack+0x3c/0x68 [ 19.567706] kasan_save_track+0x20/0x40 [ 19.567756] kasan_save_alloc_info+0x40/0x58 [ 19.567800] __kasan_kmalloc+0xd4/0xd8 [ 19.567839] __kmalloc_noprof+0x198/0x4c8 [ 19.567879] kunit_kmalloc_array+0x34/0x88 [ 19.567919] copy_user_test_oob+0xac/0xec8 [ 19.567958] kunit_try_run_case+0x170/0x3f0 [ 19.567998] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.568042] kthread+0x328/0x630 [ 19.568077] ret_from_fork+0x10/0x20 [ 19.568116] [ 19.568136] The buggy address belongs to the object at fff00000c7939000 [ 19.568136] which belongs to the cache kmalloc-128 of size 128 [ 19.568196] The buggy address is located 0 bytes inside of [ 19.568196] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.568262] [ 19.568282] The buggy address belongs to the physical page: [ 19.568316] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.568369] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.568419] page_type: f5(slab) [ 19.568456] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.568509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.568554] page dumped because: kasan: bad access detected [ 19.568587] [ 19.568608] Memory state around the buggy address: [ 19.568641] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.568687] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.568740] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.568781] ^ [ 19.568824] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.568869] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.568911] ================================================================== [ 19.560910] ================================================================== [ 19.561042] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x434/0xec8 [ 19.561094] Write of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.561147] [ 19.561182] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.561267] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.561469] Hardware name: linux,dummy-virt (DT) [ 19.561508] Call trace: [ 19.561531] show_stack+0x20/0x38 (C) [ 19.561597] dump_stack_lvl+0x8c/0xd0 [ 19.561674] print_report+0x118/0x5d0 [ 19.561753] kasan_report+0xdc/0x128 [ 19.561820] kasan_check_range+0x100/0x1a8 [ 19.561918] __kasan_check_write+0x20/0x30 [ 19.561985] copy_user_test_oob+0x434/0xec8 [ 19.562035] kunit_try_run_case+0x170/0x3f0 [ 19.562099] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.562285] kthread+0x328/0x630 [ 19.562330] ret_from_fork+0x10/0x20 [ 19.562448] [ 19.562468] Allocated by task 285: [ 19.562558] kasan_save_stack+0x3c/0x68 [ 19.562602] kasan_save_track+0x20/0x40 [ 19.562659] kasan_save_alloc_info+0x40/0x58 [ 19.562704] __kasan_kmalloc+0xd4/0xd8 [ 19.562751] __kmalloc_noprof+0x198/0x4c8 [ 19.562951] kunit_kmalloc_array+0x34/0x88 [ 19.563039] copy_user_test_oob+0xac/0xec8 [ 19.563149] kunit_try_run_case+0x170/0x3f0 [ 19.563208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.563254] kthread+0x328/0x630 [ 19.563301] ret_from_fork+0x10/0x20 [ 19.563379] [ 19.563446] The buggy address belongs to the object at fff00000c7939000 [ 19.563446] which belongs to the cache kmalloc-128 of size 128 [ 19.563616] The buggy address is located 0 bytes inside of [ 19.563616] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.563915] [ 19.563957] The buggy address belongs to the physical page: [ 19.563992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.564046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.564097] page_type: f5(slab) [ 19.564360] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.564416] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.564525] page dumped because: kasan: bad access detected [ 19.564592] [ 19.564642] Memory state around the buggy address: [ 19.564676] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.564740] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.564820] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.564874] ^ [ 19.565018] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.565095] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.565172] ================================================================== [ 19.532974] ================================================================== [ 19.533143] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x234/0xec8 [ 19.533234] Write of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.533339] [ 19.533393] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.533482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.533512] Hardware name: linux,dummy-virt (DT) [ 19.533547] Call trace: [ 19.533575] show_stack+0x20/0x38 (C) [ 19.533760] dump_stack_lvl+0x8c/0xd0 [ 19.533817] print_report+0x118/0x5d0 [ 19.533865] kasan_report+0xdc/0x128 [ 19.533911] kasan_check_range+0x100/0x1a8 [ 19.533959] __kasan_check_write+0x20/0x30 [ 19.534006] copy_user_test_oob+0x234/0xec8 [ 19.534053] kunit_try_run_case+0x170/0x3f0 [ 19.534103] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.534157] kthread+0x328/0x630 [ 19.534201] ret_from_fork+0x10/0x20 [ 19.534250] [ 19.534270] Allocated by task 285: [ 19.534302] kasan_save_stack+0x3c/0x68 [ 19.534347] kasan_save_track+0x20/0x40 [ 19.534387] kasan_save_alloc_info+0x40/0x58 [ 19.534428] __kasan_kmalloc+0xd4/0xd8 [ 19.534467] __kmalloc_noprof+0x198/0x4c8 [ 19.534506] kunit_kmalloc_array+0x34/0x88 [ 19.534546] copy_user_test_oob+0xac/0xec8 [ 19.534584] kunit_try_run_case+0x170/0x3f0 [ 19.534626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.534671] kthread+0x328/0x630 [ 19.534705] ret_from_fork+0x10/0x20 [ 19.534787] [ 19.534835] The buggy address belongs to the object at fff00000c7939000 [ 19.534835] which belongs to the cache kmalloc-128 of size 128 [ 19.534897] The buggy address is located 0 bytes inside of [ 19.534897] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.534977] [ 19.535005] The buggy address belongs to the physical page: [ 19.535040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.535113] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.535204] page_type: f5(slab) [ 19.535247] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.535335] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.535470] page dumped because: kasan: bad access detected [ 19.535559] [ 19.535806] Memory state around the buggy address: [ 19.536031] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.536107] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.536199] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.536353] ^ [ 19.536456] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536529] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.536654] ================================================================== [ 19.549976] ================================================================== [ 19.550099] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x35c/0xec8 [ 19.550184] Write of size 121 at addr fff00000c7939000 by task kunit_try_catch/285 [ 19.550265] [ 19.550457] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.550546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.550575] Hardware name: linux,dummy-virt (DT) [ 19.550609] Call trace: [ 19.550633] show_stack+0x20/0x38 (C) [ 19.550728] dump_stack_lvl+0x8c/0xd0 [ 19.550806] print_report+0x118/0x5d0 [ 19.550898] kasan_report+0xdc/0x128 [ 19.550956] kasan_check_range+0x100/0x1a8 [ 19.551042] __kasan_check_write+0x20/0x30 [ 19.551112] copy_user_test_oob+0x35c/0xec8 [ 19.551235] kunit_try_run_case+0x170/0x3f0 [ 19.551417] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.551616] kthread+0x328/0x630 [ 19.551673] ret_from_fork+0x10/0x20 [ 19.551937] [ 19.552017] Allocated by task 285: [ 19.552108] kasan_save_stack+0x3c/0x68 [ 19.552256] kasan_save_track+0x20/0x40 [ 19.552307] kasan_save_alloc_info+0x40/0x58 [ 19.552349] __kasan_kmalloc+0xd4/0xd8 [ 19.552542] __kmalloc_noprof+0x198/0x4c8 [ 19.552589] kunit_kmalloc_array+0x34/0x88 [ 19.552628] copy_user_test_oob+0xac/0xec8 [ 19.552669] kunit_try_run_case+0x170/0x3f0 [ 19.552717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.552763] kthread+0x328/0x630 [ 19.552798] ret_from_fork+0x10/0x20 [ 19.552839] [ 19.552860] The buggy address belongs to the object at fff00000c7939000 [ 19.552860] which belongs to the cache kmalloc-128 of size 128 [ 19.552992] The buggy address is located 0 bytes inside of [ 19.552992] allocated 120-byte region [fff00000c7939000, fff00000c7939078) [ 19.553097] [ 19.553118] The buggy address belongs to the physical page: [ 19.553161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107939 [ 19.553245] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.553305] page_type: f5(slab) [ 19.553343] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.553449] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.553730] page dumped because: kasan: bad access detected [ 19.553838] [ 19.553917] Memory state around the buggy address: [ 19.554007] fff00000c7938f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.554121] fff00000c7938f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.554197] >fff00000c7939000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.554314] ^ [ 19.554467] fff00000c7939080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.554573] fff00000c7939100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.554672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 19.506613] ================================================================== [ 19.506691] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250 [ 19.507138] Read of size 8 at addr fff00000c5967f78 by task kunit_try_catch/281 [ 19.507203] [ 19.507259] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.507397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.507437] Hardware name: linux,dummy-virt (DT) [ 19.507473] Call trace: [ 19.507544] show_stack+0x20/0x38 (C) [ 19.507610] dump_stack_lvl+0x8c/0xd0 [ 19.507663] print_report+0x118/0x5d0 [ 19.507724] kasan_report+0xdc/0x128 [ 19.507770] __asan_report_load8_noabort+0x20/0x30 [ 19.508022] copy_to_kernel_nofault+0x204/0x250 [ 19.508076] copy_to_kernel_nofault_oob+0x158/0x418 [ 19.508152] kunit_try_run_case+0x170/0x3f0 [ 19.508268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.508372] kthread+0x328/0x630 [ 19.508518] ret_from_fork+0x10/0x20 [ 19.508650] [ 19.508792] Allocated by task 281: [ 19.508890] kasan_save_stack+0x3c/0x68 [ 19.509020] kasan_save_track+0x20/0x40 [ 19.509137] kasan_save_alloc_info+0x40/0x58 [ 19.509218] __kasan_kmalloc+0xd4/0xd8 [ 19.509258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.509442] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.509486] kunit_try_run_case+0x170/0x3f0 [ 19.509527] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.509634] kthread+0x328/0x630 [ 19.509703] ret_from_fork+0x10/0x20 [ 19.509895] [ 19.509974] The buggy address belongs to the object at fff00000c5967f00 [ 19.509974] which belongs to the cache kmalloc-128 of size 128 [ 19.510118] The buggy address is located 0 bytes to the right of [ 19.510118] allocated 120-byte region [fff00000c5967f00, fff00000c5967f78) [ 19.510254] [ 19.510370] The buggy address belongs to the physical page: [ 19.510425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 19.510527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.510668] page_type: f5(slab) [ 19.510739] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.510793] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.510954] page dumped because: kasan: bad access detected [ 19.510988] [ 19.511009] Memory state around the buggy address: [ 19.511084] fff00000c5967e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.511178] fff00000c5967e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511274] >fff00000c5967f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.511395] ^ [ 19.511480] fff00000c5967f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511543] fff00000c5968000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.511745] ================================================================== [ 19.512493] ================================================================== [ 19.512547] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250 [ 19.512598] Write of size 8 at addr fff00000c5967f78 by task kunit_try_catch/281 [ 19.512683] [ 19.512755] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.512841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.512871] Hardware name: linux,dummy-virt (DT) [ 19.512905] Call trace: [ 19.512931] show_stack+0x20/0x38 (C) [ 19.512981] dump_stack_lvl+0x8c/0xd0 [ 19.513200] print_report+0x118/0x5d0 [ 19.513253] kasan_report+0xdc/0x128 [ 19.513300] kasan_check_range+0x100/0x1a8 [ 19.513360] __kasan_check_write+0x20/0x30 [ 19.513446] copy_to_kernel_nofault+0x8c/0x250 [ 19.513505] copy_to_kernel_nofault_oob+0x1bc/0x418 [ 19.513560] kunit_try_run_case+0x170/0x3f0 [ 19.513613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.513667] kthread+0x328/0x630 [ 19.513721] ret_from_fork+0x10/0x20 [ 19.513772] [ 19.513792] Allocated by task 281: [ 19.513822] kasan_save_stack+0x3c/0x68 [ 19.513864] kasan_save_track+0x20/0x40 [ 19.513904] kasan_save_alloc_info+0x40/0x58 [ 19.513946] __kasan_kmalloc+0xd4/0xd8 [ 19.513995] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.514037] copy_to_kernel_nofault_oob+0xc8/0x418 [ 19.514079] kunit_try_run_case+0x170/0x3f0 [ 19.514125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.514177] kthread+0x328/0x630 [ 19.514216] ret_from_fork+0x10/0x20 [ 19.514255] [ 19.514276] The buggy address belongs to the object at fff00000c5967f00 [ 19.514276] which belongs to the cache kmalloc-128 of size 128 [ 19.514338] The buggy address is located 0 bytes to the right of [ 19.514338] allocated 120-byte region [fff00000c5967f00, fff00000c5967f78) [ 19.514406] [ 19.514427] The buggy address belongs to the physical page: [ 19.514461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 19.514517] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.514567] page_type: f5(slab) [ 19.514605] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 19.514658] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.514701] page dumped because: kasan: bad access detected [ 19.514744] [ 19.514763] Memory state around the buggy address: [ 19.514797] fff00000c5967e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.514841] fff00000c5967e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.514888] >fff00000c5967f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.514929] ^ [ 19.514974] fff00000c5967f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.515021] fff00000c5968000: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.515064] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob
[ 19.474798] ================================================================== [ 19.474852] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0 [ 19.475282] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269 [ 19.475383] [ 19.475512] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.475631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.475667] Hardware name: linux,dummy-virt (DT) [ 19.475701] Call trace: [ 19.475734] show_stack+0x20/0x38 (C) [ 19.475786] dump_stack_lvl+0x8c/0xd0 [ 19.475836] print_report+0x310/0x5d0 [ 19.476023] kasan_report+0xdc/0x128 [ 19.476234] __asan_report_load1_noabort+0x20/0x30 [ 19.476336] vmalloc_oob+0x51c/0x5d0 [ 19.476607] kunit_try_run_case+0x170/0x3f0 [ 19.476705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.476880] kthread+0x328/0x630 [ 19.477002] ret_from_fork+0x10/0x20 [ 19.477203] [ 19.477322] The buggy address ffff8000800fe7f8 belongs to a vmalloc virtual mapping [ 19.477390] The buggy address belongs to the physical page: [ 19.477445] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10658c [ 19.477556] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.477641] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.477783] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.477861] page dumped because: kasan: bad access detected [ 19.477982] [ 19.478062] Memory state around the buggy address: [ 19.478157] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.478204] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.478371] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.478419] ^ [ 19.478577] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.478672] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.478865] ================================================================== [ 19.469691] ================================================================== [ 19.470065] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0 [ 19.470139] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269 [ 19.470213] [ 19.470248] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.470584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.470628] Hardware name: linux,dummy-virt (DT) [ 19.470661] Call trace: [ 19.470690] show_stack+0x20/0x38 (C) [ 19.470881] dump_stack_lvl+0x8c/0xd0 [ 19.470988] print_report+0x310/0x5d0 [ 19.471070] kasan_report+0xdc/0x128 [ 19.471181] __asan_report_load1_noabort+0x20/0x30 [ 19.471266] vmalloc_oob+0x578/0x5d0 [ 19.471359] kunit_try_run_case+0x170/0x3f0 [ 19.471450] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.471642] kthread+0x328/0x630 [ 19.471764] ret_from_fork+0x10/0x20 [ 19.471818] [ 19.472059] The buggy address ffff8000800fe7f3 belongs to a vmalloc virtual mapping [ 19.472195] The buggy address belongs to the physical page: [ 19.472270] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10658c [ 19.472440] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.472651] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.472777] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.472877] page dumped because: kasan: bad access detected [ 19.473044] [ 19.473133] Memory state around the buggy address: [ 19.473228] ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.473322] ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.473467] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8 [ 19.473560] ^ [ 19.473612] ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.473656] ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 19.473843] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.430475] ================================================================== [ 19.430529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e10/0x4858 [ 19.430579] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.430631] [ 19.430663] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.434977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.435044] Hardware name: linux,dummy-virt (DT) [ 19.435078] Call trace: [ 19.435102] show_stack+0x20/0x38 (C) [ 19.435159] dump_stack_lvl+0x8c/0xd0 [ 19.435212] print_report+0x118/0x5d0 [ 19.435262] kasan_report+0xdc/0x128 [ 19.435310] __asan_report_load8_noabort+0x20/0x30 [ 19.435362] kasan_atomics_helper+0x3e10/0x4858 [ 19.435413] kasan_atomics+0x198/0x2e0 [ 19.435460] kunit_try_run_case+0x170/0x3f0 [ 19.435508] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.435563] kthread+0x328/0x630 [ 19.435606] ret_from_fork+0x10/0x20 [ 19.435655] [ 19.435674] Allocated by task 265: [ 19.435705] kasan_save_stack+0x3c/0x68 [ 19.436091] kasan_save_track+0x20/0x40 [ 19.436132] kasan_save_alloc_info+0x40/0x58 [ 19.436173] __kasan_kmalloc+0xd4/0xd8 [ 19.436212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.436253] kasan_atomics+0xb8/0x2e0 [ 19.436289] kunit_try_run_case+0x170/0x3f0 [ 19.436330] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.436374] kthread+0x328/0x630 [ 19.436410] ret_from_fork+0x10/0x20 [ 19.436446] [ 19.436467] The buggy address belongs to the object at fff00000c595e380 [ 19.436467] which belongs to the cache kmalloc-64 of size 64 [ 19.436530] The buggy address is located 0 bytes to the right of [ 19.436530] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.436600] [ 19.436622] The buggy address belongs to the physical page: [ 19.436656] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.436725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.436777] page_type: f5(slab) [ 19.436818] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.436871] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.436920] page dumped because: kasan: bad access detected [ 19.436959] [ 19.436978] Memory state around the buggy address: [ 19.437014] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.437060] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.437106] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.437148] ^ [ 19.437183] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.437229] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.437269] ================================================================== [ 19.273596] ================================================================== [ 19.273838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xca0/0x4858 [ 19.273913] Write of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.274060] [ 19.274185] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.274280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.274308] Hardware name: linux,dummy-virt (DT) [ 19.274911] Call trace: [ 19.274957] show_stack+0x20/0x38 (C) [ 19.275019] dump_stack_lvl+0x8c/0xd0 [ 19.275104] print_report+0x118/0x5d0 [ 19.275180] kasan_report+0xdc/0x128 [ 19.275309] kasan_check_range+0x100/0x1a8 [ 19.275409] __kasan_check_write+0x20/0x30 [ 19.275493] kasan_atomics_helper+0xca0/0x4858 [ 19.275604] kasan_atomics+0x198/0x2e0 [ 19.275678] kunit_try_run_case+0x170/0x3f0 [ 19.275740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.276148] kthread+0x328/0x630 [ 19.276848] ret_from_fork+0x10/0x20 [ 19.276949] [ 19.277018] Allocated by task 265: [ 19.277097] kasan_save_stack+0x3c/0x68 [ 19.277275] kasan_save_track+0x20/0x40 [ 19.277317] kasan_save_alloc_info+0x40/0x58 [ 19.277547] __kasan_kmalloc+0xd4/0xd8 [ 19.277608] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.277913] kasan_atomics+0xb8/0x2e0 [ 19.278002] kunit_try_run_case+0x170/0x3f0 [ 19.278045] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.278101] kthread+0x328/0x630 [ 19.278144] ret_from_fork+0x10/0x20 [ 19.278185] [ 19.278213] The buggy address belongs to the object at fff00000c595e380 [ 19.278213] which belongs to the cache kmalloc-64 of size 64 [ 19.278279] The buggy address is located 0 bytes to the right of [ 19.278279] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.278356] [ 19.278380] The buggy address belongs to the physical page: [ 19.278414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.278489] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.278552] page_type: f5(slab) [ 19.278591] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.278654] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.278697] page dumped because: kasan: bad access detected [ 19.278742] [ 19.278761] Memory state around the buggy address: [ 19.278795] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.278840] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.278886] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.278927] ^ [ 19.278960] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279004] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.279157] ================================================================== [ 19.327420] ================================================================== [ 19.327553] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf88/0x4858 [ 19.327602] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.327655] [ 19.327840] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.327974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.328004] Hardware name: linux,dummy-virt (DT) [ 19.328036] Call trace: [ 19.328060] show_stack+0x20/0x38 (C) [ 19.328110] dump_stack_lvl+0x8c/0xd0 [ 19.328158] print_report+0x118/0x5d0 [ 19.328204] kasan_report+0xdc/0x128 [ 19.328251] kasan_check_range+0x100/0x1a8 [ 19.328394] __kasan_check_write+0x20/0x30 [ 19.328440] kasan_atomics_helper+0xf88/0x4858 [ 19.328594] kasan_atomics+0x198/0x2e0 [ 19.328672] kunit_try_run_case+0x170/0x3f0 [ 19.328735] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.328800] kthread+0x328/0x630 [ 19.328970] ret_from_fork+0x10/0x20 [ 19.329108] [ 19.329177] Allocated by task 265: [ 19.329215] kasan_save_stack+0x3c/0x68 [ 19.329279] kasan_save_track+0x20/0x40 [ 19.329330] kasan_save_alloc_info+0x40/0x58 [ 19.329373] __kasan_kmalloc+0xd4/0xd8 [ 19.329430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.329493] kasan_atomics+0xb8/0x2e0 [ 19.329577] kunit_try_run_case+0x170/0x3f0 [ 19.329618] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.329663] kthread+0x328/0x630 [ 19.329698] ret_from_fork+0x10/0x20 [ 19.329765] [ 19.329890] The buggy address belongs to the object at fff00000c595e380 [ 19.329890] which belongs to the cache kmalloc-64 of size 64 [ 19.330110] The buggy address is located 0 bytes to the right of [ 19.330110] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.330212] [ 19.330327] The buggy address belongs to the physical page: [ 19.330370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.330682] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.330755] page_type: f5(slab) [ 19.330839] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.330895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.330939] page dumped because: kasan: bad access detected [ 19.331085] [ 19.331227] Memory state around the buggy address: [ 19.331285] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.331435] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.331585] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.331917] ^ [ 19.331988] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.332093] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.332209] ================================================================== [ 19.333116] ================================================================== [ 19.333198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xff0/0x4858 [ 19.333254] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.333306] [ 19.333493] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.333738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.333778] Hardware name: linux,dummy-virt (DT) [ 19.333810] Call trace: [ 19.333942] show_stack+0x20/0x38 (C) [ 19.334088] dump_stack_lvl+0x8c/0xd0 [ 19.334188] print_report+0x118/0x5d0 [ 19.334375] kasan_report+0xdc/0x128 [ 19.334422] kasan_check_range+0x100/0x1a8 [ 19.334584] __kasan_check_write+0x20/0x30 [ 19.334656] kasan_atomics_helper+0xff0/0x4858 [ 19.334769] kasan_atomics+0x198/0x2e0 [ 19.334844] kunit_try_run_case+0x170/0x3f0 [ 19.334910] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.334977] kthread+0x328/0x630 [ 19.335021] ret_from_fork+0x10/0x20 [ 19.335078] [ 19.335116] Allocated by task 265: [ 19.335148] kasan_save_stack+0x3c/0x68 [ 19.335237] kasan_save_track+0x20/0x40 [ 19.335291] kasan_save_alloc_info+0x40/0x58 [ 19.335333] __kasan_kmalloc+0xd4/0xd8 [ 19.335460] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.335501] kasan_atomics+0xb8/0x2e0 [ 19.335786] kunit_try_run_case+0x170/0x3f0 [ 19.335893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.336019] kthread+0x328/0x630 [ 19.336143] ret_from_fork+0x10/0x20 [ 19.336491] [ 19.336532] The buggy address belongs to the object at fff00000c595e380 [ 19.336532] which belongs to the cache kmalloc-64 of size 64 [ 19.336600] The buggy address is located 0 bytes to the right of [ 19.336600] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.336703] [ 19.336735] The buggy address belongs to the physical page: [ 19.336782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.337118] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.337275] page_type: f5(slab) [ 19.337321] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.337408] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.337537] page dumped because: kasan: bad access detected [ 19.337626] [ 19.338515] Memory state around the buggy address: [ 19.338558] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.338606] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.338652] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.338693] ^ [ 19.338738] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338783] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.338825] ================================================================== [ 19.449557] ================================================================== [ 19.449616] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x17ec/0x4858 [ 19.449786] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.449981] [ 19.450017] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.450112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.450294] Hardware name: linux,dummy-virt (DT) [ 19.450338] Call trace: [ 19.450363] show_stack+0x20/0x38 (C) [ 19.450582] dump_stack_lvl+0x8c/0xd0 [ 19.450667] print_report+0x118/0x5d0 [ 19.450731] kasan_report+0xdc/0x128 [ 19.450852] kasan_check_range+0x100/0x1a8 [ 19.450906] __kasan_check_write+0x20/0x30 [ 19.450976] kasan_atomics_helper+0x17ec/0x4858 [ 19.451339] kasan_atomics+0x198/0x2e0 [ 19.451414] kunit_try_run_case+0x170/0x3f0 [ 19.451577] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.451651] kthread+0x328/0x630 [ 19.451701] ret_from_fork+0x10/0x20 [ 19.451759] [ 19.451779] Allocated by task 265: [ 19.451945] kasan_save_stack+0x3c/0x68 [ 19.452190] kasan_save_track+0x20/0x40 [ 19.452306] kasan_save_alloc_info+0x40/0x58 [ 19.452384] __kasan_kmalloc+0xd4/0xd8 [ 19.452611] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.452656] kasan_atomics+0xb8/0x2e0 [ 19.452748] kunit_try_run_case+0x170/0x3f0 [ 19.452863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.452988] kthread+0x328/0x630 [ 19.453066] ret_from_fork+0x10/0x20 [ 19.453217] [ 19.453239] The buggy address belongs to the object at fff00000c595e380 [ 19.453239] which belongs to the cache kmalloc-64 of size 64 [ 19.453440] The buggy address is located 0 bytes to the right of [ 19.453440] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.453540] [ 19.453561] The buggy address belongs to the physical page: [ 19.453603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.453693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.453992] page_type: f5(slab) [ 19.454074] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.454192] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.454291] page dumped because: kasan: bad access detected [ 19.454377] [ 19.454397] Memory state around the buggy address: [ 19.454432] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.454478] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.454858] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.455048] ^ [ 19.455111] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.455173] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.455318] ================================================================== [ 19.394626] ================================================================== [ 19.394750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x154c/0x4858 [ 19.394815] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.395123] [ 19.395242] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.395441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.395539] Hardware name: linux,dummy-virt (DT) [ 19.395676] Call trace: [ 19.395766] show_stack+0x20/0x38 (C) [ 19.395843] dump_stack_lvl+0x8c/0xd0 [ 19.395892] print_report+0x118/0x5d0 [ 19.395961] kasan_report+0xdc/0x128 [ 19.396009] kasan_check_range+0x100/0x1a8 [ 19.396057] __kasan_check_write+0x20/0x30 [ 19.396253] kasan_atomics_helper+0x154c/0x4858 [ 19.396304] kasan_atomics+0x198/0x2e0 [ 19.396349] kunit_try_run_case+0x170/0x3f0 [ 19.396432] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.396583] kthread+0x328/0x630 [ 19.396765] ret_from_fork+0x10/0x20 [ 19.397063] [ 19.397085] Allocated by task 265: [ 19.397113] kasan_save_stack+0x3c/0x68 [ 19.397164] kasan_save_track+0x20/0x40 [ 19.397270] kasan_save_alloc_info+0x40/0x58 [ 19.397365] __kasan_kmalloc+0xd4/0xd8 [ 19.397523] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.397611] kasan_atomics+0xb8/0x2e0 [ 19.397918] kunit_try_run_case+0x170/0x3f0 [ 19.397963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.398008] kthread+0x328/0x630 [ 19.398043] ret_from_fork+0x10/0x20 [ 19.398081] [ 19.398102] The buggy address belongs to the object at fff00000c595e380 [ 19.398102] which belongs to the cache kmalloc-64 of size 64 [ 19.398164] The buggy address is located 0 bytes to the right of [ 19.398164] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.398231] [ 19.398254] The buggy address belongs to the physical page: [ 19.398287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.398344] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.398394] page_type: f5(slab) [ 19.398433] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.398487] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.398530] page dumped because: kasan: bad access detected [ 19.398565] [ 19.398585] Memory state around the buggy address: [ 19.398618] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.398664] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.398720] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.398761] ^ [ 19.398795] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.398840] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.398880] ================================================================== [ 19.181108] ================================================================== [ 19.181168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x42d8/0x4858 [ 19.181226] Read of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.181279] [ 19.181313] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.182192] kthread+0x328/0x630 [ 19.182864] kasan_save_track+0x20/0x40 [ 19.184738] [ 19.184903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.187567] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.189746] Hardware name: linux,dummy-virt (DT) [ 19.189824] Call trace: [ 19.189850] show_stack+0x20/0x38 (C) [ 19.189937] dump_stack_lvl+0x8c/0xd0 [ 19.190289] print_report+0x118/0x5d0 [ 19.190413] kasan_report+0xdc/0x128 [ 19.190519] kasan_check_range+0x100/0x1a8 [ 19.190608] __kasan_check_write+0x20/0x30 [ 19.190658] kasan_atomics_helper+0x934/0x4858 [ 19.190858] kasan_atomics+0x198/0x2e0 [ 19.190919] kunit_try_run_case+0x170/0x3f0 [ 19.191281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.191388] kthread+0x328/0x630 [ 19.191593] ret_from_fork+0x10/0x20 [ 19.191795] [ 19.191888] Allocated by task 265: [ 19.191967] kasan_save_stack+0x3c/0x68 [ 19.192090] kasan_save_track+0x20/0x40 [ 19.192319] kasan_save_alloc_info+0x40/0x58 [ 19.192518] __kasan_kmalloc+0xd4/0xd8 [ 19.192623] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.192704] kasan_atomics+0xb8/0x2e0 [ 19.192872] kunit_try_run_case+0x170/0x3f0 [ 19.192961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.193152] kthread+0x328/0x630 [ 19.193186] ret_from_fork+0x10/0x20 [ 19.193581] [ 19.193730] The buggy address belongs to the object at fff00000c595e380 [ 19.193730] which belongs to the cache kmalloc-64 of size 64 [ 19.193799] The buggy address is located 0 bytes to the right of [ 19.193799] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.193933] [ 19.193985] The buggy address belongs to the physical page: [ 19.194047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.194121] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.194173] page_type: f5(slab) [ 19.194213] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.194268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.195760] ================================================================== [ 19.263012] ================================================================== [ 19.263076] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3de4/0x4858 [ 19.263129] Read of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.263502] [ 19.263921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.263952] Hardware name: linux,dummy-virt (DT) [ 19.263985] Call trace: [ 19.264018] show_stack+0x20/0x38 (C) [ 19.264224] dump_stack_lvl+0x8c/0xd0 [ 19.264435] print_report+0x118/0x5d0 [ 19.264679] kasan_report+0xdc/0x128 [ 19.265107] __asan_report_load4_noabort+0x20/0x30 [ 19.265276] kasan_atomics_helper+0x3de4/0x4858 [ 19.266030] kthread+0x328/0x630 [ 19.266595] [ 19.267328] kasan_save_alloc_info+0x40/0x58 [ 19.267524] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.268036] kunit_try_run_case+0x170/0x3f0 [ 19.268081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.268128] kthread+0x328/0x630 [ 19.268163] ret_from_fork+0x10/0x20 [ 19.268371] [ 19.268801] The buggy address belongs to the object at fff00000c595e380 [ 19.268801] which belongs to the cache kmalloc-64 of size 64 [ 19.269009] The buggy address is located 0 bytes to the right of [ 19.269009] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.269219] [ 19.269574] The buggy address belongs to the physical page: [ 19.269869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.270046] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.270416] page_type: f5(slab) [ 19.270487] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.270756] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.271052] page dumped because: kasan: bad access detected [ 19.271136] [ 19.271363] Memory state around the buggy address: [ 19.271531] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.271683] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.271803] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.271902] ^ [ 19.272064] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.272111] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.272158] ================================================================== [ 19.374010] ================================================================== [ 19.374146] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1384/0x4858 [ 19.374200] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.374251] [ 19.374303] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.374394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.374422] Hardware name: linux,dummy-virt (DT) [ 19.374454] Call trace: [ 19.374477] show_stack+0x20/0x38 (C) [ 19.374526] dump_stack_lvl+0x8c/0xd0 [ 19.374574] print_report+0x118/0x5d0 [ 19.374622] kasan_report+0xdc/0x128 [ 19.374668] kasan_check_range+0x100/0x1a8 [ 19.374739] __kasan_check_write+0x20/0x30 [ 19.374785] kasan_atomics_helper+0x1384/0x4858 [ 19.374835] kasan_atomics+0x198/0x2e0 [ 19.374881] kunit_try_run_case+0x170/0x3f0 [ 19.374929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.374984] kthread+0x328/0x630 [ 19.375027] ret_from_fork+0x10/0x20 [ 19.375074] [ 19.375102] Allocated by task 265: [ 19.375131] kasan_save_stack+0x3c/0x68 [ 19.375173] kasan_save_track+0x20/0x40 [ 19.375213] kasan_save_alloc_info+0x40/0x58 [ 19.375254] __kasan_kmalloc+0xd4/0xd8 [ 19.375293] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.375334] kasan_atomics+0xb8/0x2e0 [ 19.375382] kunit_try_run_case+0x170/0x3f0 [ 19.375424] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.375476] kthread+0x328/0x630 [ 19.375519] ret_from_fork+0x10/0x20 [ 19.375557] [ 19.375585] The buggy address belongs to the object at fff00000c595e380 [ 19.375585] which belongs to the cache kmalloc-64 of size 64 [ 19.375646] The buggy address is located 0 bytes to the right of [ 19.375646] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.375725] [ 19.375746] The buggy address belongs to the physical page: [ 19.375779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.375834] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.375883] page_type: f5(slab) [ 19.375922] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.375976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.376048] page dumped because: kasan: bad access detected [ 19.376099] [ 19.376118] Memory state around the buggy address: [ 19.376152] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.376368] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.376459] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.376599] ^ [ 19.376829] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.376891] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.376935] ================================================================== [ 19.355415] ================================================================== [ 19.355579] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1190/0x4858 [ 19.355966] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.356025] [ 19.356057] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.356143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.356172] Hardware name: linux,dummy-virt (DT) [ 19.356203] Call trace: [ 19.356225] show_stack+0x20/0x38 (C) [ 19.356277] dump_stack_lvl+0x8c/0xd0 [ 19.356326] print_report+0x118/0x5d0 [ 19.356375] kasan_report+0xdc/0x128 [ 19.356423] kasan_check_range+0x100/0x1a8 [ 19.356471] __kasan_check_write+0x20/0x30 [ 19.356517] kasan_atomics_helper+0x1190/0x4858 [ 19.356567] kasan_atomics+0x198/0x2e0 [ 19.356612] kunit_try_run_case+0x170/0x3f0 [ 19.356661] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.356727] kthread+0x328/0x630 [ 19.356770] ret_from_fork+0x10/0x20 [ 19.356818] [ 19.356984] Allocated by task 265: [ 19.357017] kasan_save_stack+0x3c/0x68 [ 19.357150] kasan_save_track+0x20/0x40 [ 19.357309] kasan_save_alloc_info+0x40/0x58 [ 19.357396] __kasan_kmalloc+0xd4/0xd8 [ 19.357434] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.357476] kasan_atomics+0xb8/0x2e0 [ 19.357680] kunit_try_run_case+0x170/0x3f0 [ 19.357742] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.357799] kthread+0x328/0x630 [ 19.357834] ret_from_fork+0x10/0x20 [ 19.357870] [ 19.357897] The buggy address belongs to the object at fff00000c595e380 [ 19.357897] which belongs to the cache kmalloc-64 of size 64 [ 19.357961] The buggy address is located 0 bytes to the right of [ 19.357961] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.358031] [ 19.358062] The buggy address belongs to the physical page: [ 19.358094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.358150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.358200] page_type: f5(slab) [ 19.358239] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.358293] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.358352] page dumped because: kasan: bad access detected [ 19.358388] [ 19.358407] Memory state around the buggy address: [ 19.358441] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.358496] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.358543] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.358585] ^ [ 19.358620] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.358664] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.359950] ================================================================== [ 19.377114] ================================================================== [ 19.377163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f04/0x4858 [ 19.377210] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.377263] [ 19.377291] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.377536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.377594] Hardware name: linux,dummy-virt (DT) [ 19.377631] Call trace: [ 19.377656] show_stack+0x20/0x38 (C) [ 19.377707] dump_stack_lvl+0x8c/0xd0 [ 19.377814] print_report+0x118/0x5d0 [ 19.377918] kasan_report+0xdc/0x128 [ 19.377968] __asan_report_load8_noabort+0x20/0x30 [ 19.378021] kasan_atomics_helper+0x3f04/0x4858 [ 19.378199] kasan_atomics+0x198/0x2e0 [ 19.378249] kunit_try_run_case+0x170/0x3f0 [ 19.378297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.378377] kthread+0x328/0x630 [ 19.378422] ret_from_fork+0x10/0x20 [ 19.378488] [ 19.378534] Allocated by task 265: [ 19.378599] kasan_save_stack+0x3c/0x68 [ 19.378646] kasan_save_track+0x20/0x40 [ 19.378736] kasan_save_alloc_info+0x40/0x58 [ 19.378807] __kasan_kmalloc+0xd4/0xd8 [ 19.378873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.378941] kasan_atomics+0xb8/0x2e0 [ 19.379036] kunit_try_run_case+0x170/0x3f0 [ 19.379083] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.379147] kthread+0x328/0x630 [ 19.379209] ret_from_fork+0x10/0x20 [ 19.379255] [ 19.379275] The buggy address belongs to the object at fff00000c595e380 [ 19.379275] which belongs to the cache kmalloc-64 of size 64 [ 19.379338] The buggy address is located 0 bytes to the right of [ 19.379338] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.379408] [ 19.379428] The buggy address belongs to the physical page: [ 19.379461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.379518] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.379570] page_type: f5(slab) [ 19.379828] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.379918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.380004] page dumped because: kasan: bad access detected [ 19.380119] [ 19.380201] Memory state around the buggy address: [ 19.380528] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.380633] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.380758] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.380873] ^ [ 19.380909] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.380957] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.381159] ================================================================== [ 19.424301] ================================================================== [ 19.424403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16d0/0x4858 [ 19.424457] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.424727] [ 19.424779] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.424869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.425053] Hardware name: linux,dummy-virt (DT) [ 19.425132] Call trace: [ 19.425157] show_stack+0x20/0x38 (C) [ 19.425269] dump_stack_lvl+0x8c/0xd0 [ 19.425354] print_report+0x118/0x5d0 [ 19.425412] kasan_report+0xdc/0x128 [ 19.425737] kasan_check_range+0x100/0x1a8 [ 19.425812] __kasan_check_write+0x20/0x30 [ 19.426009] kasan_atomics_helper+0x16d0/0x4858 [ 19.426217] kasan_atomics+0x198/0x2e0 [ 19.426288] kunit_try_run_case+0x170/0x3f0 [ 19.426423] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.426486] kthread+0x328/0x630 [ 19.426532] ret_from_fork+0x10/0x20 [ 19.426621] [ 19.426643] Allocated by task 265: [ 19.426672] kasan_save_stack+0x3c/0x68 [ 19.426730] kasan_save_track+0x20/0x40 [ 19.426870] kasan_save_alloc_info+0x40/0x58 [ 19.426926] __kasan_kmalloc+0xd4/0xd8 [ 19.427100] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.427161] kasan_atomics+0xb8/0x2e0 [ 19.427521] kunit_try_run_case+0x170/0x3f0 [ 19.427651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.427725] kthread+0x328/0x630 [ 19.427760] ret_from_fork+0x10/0x20 [ 19.427803] [ 19.427825] The buggy address belongs to the object at fff00000c595e380 [ 19.427825] which belongs to the cache kmalloc-64 of size 64 [ 19.427892] The buggy address is located 0 bytes to the right of [ 19.427892] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.428467] [ 19.428683] The buggy address belongs to the physical page: [ 19.428782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.429076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.429156] page_type: f5(slab) [ 19.429208] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.429276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.429322] page dumped because: kasan: bad access detected [ 19.429368] [ 19.429388] Memory state around the buggy address: [ 19.429839] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.429893] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.429963] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.430015] ^ [ 19.430051] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.430098] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.430141] ================================================================== [ 19.399852] ================================================================== [ 19.399905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b4/0x4858 [ 19.399953] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.400005] [ 19.400036] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.400266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.400313] Hardware name: linux,dummy-virt (DT) [ 19.400366] Call trace: [ 19.400411] show_stack+0x20/0x38 (C) [ 19.400518] dump_stack_lvl+0x8c/0xd0 [ 19.400574] print_report+0x118/0x5d0 [ 19.400659] kasan_report+0xdc/0x128 [ 19.400707] kasan_check_range+0x100/0x1a8 [ 19.400908] __kasan_check_write+0x20/0x30 [ 19.401058] kasan_atomics_helper+0x15b4/0x4858 [ 19.401132] kasan_atomics+0x198/0x2e0 [ 19.401198] kunit_try_run_case+0x170/0x3f0 [ 19.401253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.401375] kthread+0x328/0x630 [ 19.401417] ret_from_fork+0x10/0x20 [ 19.401494] [ 19.401539] Allocated by task 265: [ 19.401577] kasan_save_stack+0x3c/0x68 [ 19.401642] kasan_save_track+0x20/0x40 [ 19.401688] kasan_save_alloc_info+0x40/0x58 [ 19.401742] __kasan_kmalloc+0xd4/0xd8 [ 19.401789] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.401906] kasan_atomics+0xb8/0x2e0 [ 19.401953] kunit_try_run_case+0x170/0x3f0 [ 19.401996] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.402042] kthread+0x328/0x630 [ 19.402077] ret_from_fork+0x10/0x20 [ 19.402115] [ 19.402281] The buggy address belongs to the object at fff00000c595e380 [ 19.402281] which belongs to the cache kmalloc-64 of size 64 [ 19.402345] The buggy address is located 0 bytes to the right of [ 19.402345] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.402512] [ 19.402592] The buggy address belongs to the physical page: [ 19.402627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.402682] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.402754] page_type: f5(slab) [ 19.402794] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.402848] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.402892] page dumped because: kasan: bad access detected [ 19.402927] [ 19.402986] Memory state around the buggy address: [ 19.403137] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.403185] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.403238] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.403280] ^ [ 19.403314] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403359] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.403635] ================================================================== [ 19.415087] ================================================================== [ 19.415147] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df4/0x4858 [ 19.415208] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.415639] [ 19.415772] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.415910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.415993] Hardware name: linux,dummy-virt (DT) [ 19.416076] Call trace: [ 19.416139] show_stack+0x20/0x38 (C) [ 19.416205] dump_stack_lvl+0x8c/0xd0 [ 19.416523] print_report+0x118/0x5d0 [ 19.416903] kasan_report+0xdc/0x128 [ 19.417036] __asan_report_load8_noabort+0x20/0x30 [ 19.417180] kasan_atomics_helper+0x3df4/0x4858 [ 19.417393] kasan_atomics+0x198/0x2e0 [ 19.417656] kunit_try_run_case+0x170/0x3f0 [ 19.417858] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.417949] kthread+0x328/0x630 [ 19.418012] ret_from_fork+0x10/0x20 [ 19.418063] [ 19.418083] Allocated by task 265: [ 19.418115] kasan_save_stack+0x3c/0x68 [ 19.418181] kasan_save_track+0x20/0x40 [ 19.418229] kasan_save_alloc_info+0x40/0x58 [ 19.418273] __kasan_kmalloc+0xd4/0xd8 [ 19.418310] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.418352] kasan_atomics+0xb8/0x2e0 [ 19.418390] kunit_try_run_case+0x170/0x3f0 [ 19.418445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.418492] kthread+0x328/0x630 [ 19.418525] ret_from_fork+0x10/0x20 [ 19.418562] [ 19.418582] The buggy address belongs to the object at fff00000c595e380 [ 19.418582] which belongs to the cache kmalloc-64 of size 64 [ 19.418646] The buggy address is located 0 bytes to the right of [ 19.418646] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.418739] [ 19.419263] The buggy address belongs to the physical page: [ 19.419762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.419836] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.419889] page_type: f5(slab) [ 19.420236] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.420969] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.421051] page dumped because: kasan: bad access detected [ 19.421103] [ 19.421159] Memory state around the buggy address: [ 19.421367] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.421765] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.421823] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.422017] ^ [ 19.422254] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422642] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.422789] ================================================================== [ 19.368888] ================================================================== [ 19.368943] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12d8/0x4858 [ 19.368990] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.369254] [ 19.369303] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.369426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.369492] Hardware name: linux,dummy-virt (DT) [ 19.369534] Call trace: [ 19.369558] show_stack+0x20/0x38 (C) [ 19.369608] dump_stack_lvl+0x8c/0xd0 [ 19.369661] print_report+0x118/0x5d0 [ 19.369840] kasan_report+0xdc/0x128 [ 19.369908] kasan_check_range+0x100/0x1a8 [ 19.369996] __kasan_check_write+0x20/0x30 [ 19.370107] kasan_atomics_helper+0x12d8/0x4858 [ 19.370185] kasan_atomics+0x198/0x2e0 [ 19.370249] kunit_try_run_case+0x170/0x3f0 [ 19.370314] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.370484] kthread+0x328/0x630 [ 19.370564] ret_from_fork+0x10/0x20 [ 19.370638] [ 19.370719] Allocated by task 265: [ 19.370787] kasan_save_stack+0x3c/0x68 [ 19.370829] kasan_save_track+0x20/0x40 [ 19.370924] kasan_save_alloc_info+0x40/0x58 [ 19.370966] __kasan_kmalloc+0xd4/0xd8 [ 19.371045] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.371089] kasan_atomics+0xb8/0x2e0 [ 19.371125] kunit_try_run_case+0x170/0x3f0 [ 19.371166] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.371407] kthread+0x328/0x630 [ 19.371513] ret_from_fork+0x10/0x20 [ 19.371626] [ 19.371765] The buggy address belongs to the object at fff00000c595e380 [ 19.371765] which belongs to the cache kmalloc-64 of size 64 [ 19.371997] The buggy address is located 0 bytes to the right of [ 19.371997] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.372067] [ 19.372088] The buggy address belongs to the physical page: [ 19.372129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.372243] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.372313] page_type: f5(slab) [ 19.372350] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.372404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.372448] page dumped because: kasan: bad access detected [ 19.372483] [ 19.372640] Memory state around the buggy address: [ 19.372674] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.372729] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.372776] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.372899] ^ [ 19.373113] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.373304] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.373348] ================================================================== [ 19.364939] ================================================================== [ 19.364995] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x126c/0x4858 [ 19.365063] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.365141] [ 19.365272] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.365424] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.365453] Hardware name: linux,dummy-virt (DT) [ 19.365499] Call trace: [ 19.365523] show_stack+0x20/0x38 (C) [ 19.365573] dump_stack_lvl+0x8c/0xd0 [ 19.365627] print_report+0x118/0x5d0 [ 19.365821] kasan_report+0xdc/0x128 [ 19.366028] kasan_check_range+0x100/0x1a8 [ 19.366083] __kasan_check_write+0x20/0x30 [ 19.366149] kasan_atomics_helper+0x126c/0x4858 [ 19.366200] kasan_atomics+0x198/0x2e0 [ 19.366385] kunit_try_run_case+0x170/0x3f0 [ 19.366474] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.366546] kthread+0x328/0x630 [ 19.366608] ret_from_fork+0x10/0x20 [ 19.366675] [ 19.366979] Allocated by task 265: [ 19.367034] kasan_save_stack+0x3c/0x68 [ 19.367076] kasan_save_track+0x20/0x40 [ 19.367157] kasan_save_alloc_info+0x40/0x58 [ 19.367200] __kasan_kmalloc+0xd4/0xd8 [ 19.367239] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.367289] kasan_atomics+0xb8/0x2e0 [ 19.367326] kunit_try_run_case+0x170/0x3f0 [ 19.367367] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.367413] kthread+0x328/0x630 [ 19.367446] ret_from_fork+0x10/0x20 [ 19.367484] [ 19.367504] The buggy address belongs to the object at fff00000c595e380 [ 19.367504] which belongs to the cache kmalloc-64 of size 64 [ 19.367567] The buggy address is located 0 bytes to the right of [ 19.367567] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.367800] [ 19.367875] The buggy address belongs to the physical page: [ 19.367955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.368081] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.368172] page_type: f5(slab) [ 19.368212] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.368267] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.368312] page dumped because: kasan: bad access detected [ 19.368363] [ 19.368382] Memory state around the buggy address: [ 19.368416] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.368462] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.368509] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.368551] ^ [ 19.368586] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.368635] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.368693] ================================================================== [ 19.279723] ================================================================== [ 19.279779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3dd8/0x4858 [ 19.279830] Read of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.280086] [ 19.280171] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.280299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.280347] Hardware name: linux,dummy-virt (DT) [ 19.280381] Call trace: [ 19.280431] show_stack+0x20/0x38 (C) [ 19.280483] dump_stack_lvl+0x8c/0xd0 [ 19.280546] print_report+0x118/0x5d0 [ 19.280631] kasan_report+0xdc/0x128 [ 19.280681] __asan_report_load4_noabort+0x20/0x30 [ 19.280810] kasan_atomics_helper+0x3dd8/0x4858 [ 19.280871] kasan_atomics+0x198/0x2e0 [ 19.281024] kunit_try_run_case+0x170/0x3f0 [ 19.281155] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.281219] kthread+0x328/0x630 [ 19.281262] ret_from_fork+0x10/0x20 [ 19.281313] [ 19.281353] Allocated by task 265: [ 19.281410] kasan_save_stack+0x3c/0x68 [ 19.281454] kasan_save_track+0x20/0x40 [ 19.281510] kasan_save_alloc_info+0x40/0x58 [ 19.281567] __kasan_kmalloc+0xd4/0xd8 [ 19.281607] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.281648] kasan_atomics+0xb8/0x2e0 [ 19.281698] kunit_try_run_case+0x170/0x3f0 [ 19.281836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.281882] kthread+0x328/0x630 [ 19.282080] ret_from_fork+0x10/0x20 [ 19.282149] [ 19.282189] The buggy address belongs to the object at fff00000c595e380 [ 19.282189] which belongs to the cache kmalloc-64 of size 64 [ 19.282285] The buggy address is located 0 bytes to the right of [ 19.282285] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.282354] [ 19.282456] The buggy address belongs to the physical page: [ 19.282498] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.282648] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.282791] page_type: f5(slab) [ 19.282845] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.282896] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.283046] page dumped because: kasan: bad access detected [ 19.283089] [ 19.283223] Memory state around the buggy address: [ 19.283328] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.283422] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.283520] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.283725] ^ [ 19.283862] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.283965] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.284045] ================================================================== [ 19.386738] ================================================================== [ 19.386820] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x147c/0x4858 [ 19.386876] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.386957] [ 19.387006] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.387090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.387127] Hardware name: linux,dummy-virt (DT) [ 19.387239] Call trace: [ 19.387303] show_stack+0x20/0x38 (C) [ 19.387442] dump_stack_lvl+0x8c/0xd0 [ 19.387493] print_report+0x118/0x5d0 [ 19.387602] kasan_report+0xdc/0x128 [ 19.387658] kasan_check_range+0x100/0x1a8 [ 19.387707] __kasan_check_write+0x20/0x30 [ 19.387766] kasan_atomics_helper+0x147c/0x4858 [ 19.387817] kasan_atomics+0x198/0x2e0 [ 19.387863] kunit_try_run_case+0x170/0x3f0 [ 19.387923] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.387977] kthread+0x328/0x630 [ 19.388028] ret_from_fork+0x10/0x20 [ 19.388077] [ 19.388320] Allocated by task 265: [ 19.388349] kasan_save_stack+0x3c/0x68 [ 19.388391] kasan_save_track+0x20/0x40 [ 19.388429] kasan_save_alloc_info+0x40/0x58 [ 19.388472] __kasan_kmalloc+0xd4/0xd8 [ 19.388509] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.388551] kasan_atomics+0xb8/0x2e0 [ 19.388589] kunit_try_run_case+0x170/0x3f0 [ 19.388663] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.388785] kthread+0x328/0x630 [ 19.388821] ret_from_fork+0x10/0x20 [ 19.388914] [ 19.389004] The buggy address belongs to the object at fff00000c595e380 [ 19.389004] which belongs to the cache kmalloc-64 of size 64 [ 19.389199] The buggy address is located 0 bytes to the right of [ 19.389199] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.389416] [ 19.389506] The buggy address belongs to the physical page: [ 19.389580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.389674] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.389771] page_type: f5(slab) [ 19.389843] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.389940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.390030] page dumped because: kasan: bad access detected [ 19.390140] [ 19.390220] Memory state around the buggy address: [ 19.390344] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.390497] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.390645] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.390686] ^ [ 19.390729] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390774] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.390813] ================================================================== [ 19.312431] ================================================================== [ 19.312504] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e5c/0x4858 [ 19.312556] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.312743] [ 19.312788] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.312873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.312901] Hardware name: linux,dummy-virt (DT) [ 19.312940] Call trace: [ 19.313085] show_stack+0x20/0x38 (C) [ 19.313168] dump_stack_lvl+0x8c/0xd0 [ 19.313218] print_report+0x118/0x5d0 [ 19.313268] kasan_report+0xdc/0x128 [ 19.313353] __asan_report_store8_noabort+0x20/0x30 [ 19.313436] kasan_atomics_helper+0x3e5c/0x4858 [ 19.313506] kasan_atomics+0x198/0x2e0 [ 19.313559] kunit_try_run_case+0x170/0x3f0 [ 19.313610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.313663] kthread+0x328/0x630 [ 19.313718] ret_from_fork+0x10/0x20 [ 19.313767] [ 19.313922] Allocated by task 265: [ 19.313964] kasan_save_stack+0x3c/0x68 [ 19.314007] kasan_save_track+0x20/0x40 [ 19.314237] kasan_save_alloc_info+0x40/0x58 [ 19.314322] __kasan_kmalloc+0xd4/0xd8 [ 19.314542] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.314614] kasan_atomics+0xb8/0x2e0 [ 19.314654] kunit_try_run_case+0x170/0x3f0 [ 19.314703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.314759] kthread+0x328/0x630 [ 19.314794] ret_from_fork+0x10/0x20 [ 19.314833] [ 19.314853] The buggy address belongs to the object at fff00000c595e380 [ 19.314853] which belongs to the cache kmalloc-64 of size 64 [ 19.314926] The buggy address is located 0 bytes to the right of [ 19.314926] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.314995] [ 19.315017] The buggy address belongs to the physical page: [ 19.315052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.315109] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.315159] page_type: f5(slab) [ 19.315199] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.315252] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.315296] page dumped because: kasan: bad access detected [ 19.315344] [ 19.315364] Memory state around the buggy address: [ 19.315398] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.315444] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.315489] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.315541] ^ [ 19.315577] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.315857] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.315899] ================================================================== [ 19.343214] ================================================================== [ 19.343427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x10c0/0x4858 [ 19.343634] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.343857] [ 19.344066] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.344201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.344329] Hardware name: linux,dummy-virt (DT) [ 19.344399] Call trace: [ 19.344424] show_stack+0x20/0x38 (C) [ 19.344474] dump_stack_lvl+0x8c/0xd0 [ 19.344878] print_report+0x118/0x5d0 [ 19.345044] kasan_report+0xdc/0x128 [ 19.345141] kasan_check_range+0x100/0x1a8 [ 19.345394] __kasan_check_write+0x20/0x30 [ 19.345463] kasan_atomics_helper+0x10c0/0x4858 [ 19.345797] kasan_atomics+0x198/0x2e0 [ 19.345883] kunit_try_run_case+0x170/0x3f0 [ 19.345957] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.346126] kthread+0x328/0x630 [ 19.346214] ret_from_fork+0x10/0x20 [ 19.346385] [ 19.346426] Allocated by task 265: [ 19.346458] kasan_save_stack+0x3c/0x68 [ 19.346535] kasan_save_track+0x20/0x40 [ 19.346913] kasan_save_alloc_info+0x40/0x58 [ 19.347019] __kasan_kmalloc+0xd4/0xd8 [ 19.347235] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.347422] kasan_atomics+0xb8/0x2e0 [ 19.347500] kunit_try_run_case+0x170/0x3f0 [ 19.347644] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.347734] kthread+0x328/0x630 [ 19.347919] ret_from_fork+0x10/0x20 [ 19.348168] [ 19.348356] The buggy address belongs to the object at fff00000c595e380 [ 19.348356] which belongs to the cache kmalloc-64 of size 64 [ 19.348485] The buggy address is located 0 bytes to the right of [ 19.348485] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.348575] [ 19.348596] The buggy address belongs to the physical page: [ 19.348630] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.348795] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.348845] page_type: f5(slab) [ 19.348924] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.348988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.349176] page dumped because: kasan: bad access detected [ 19.349299] [ 19.349358] Memory state around the buggy address: [ 19.349437] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.349522] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.349796] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.349899] ^ [ 19.349965] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.350036] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.350076] ================================================================== [ 19.437511] ================================================================== [ 19.437559] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x175c/0x4858 [ 19.437608] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.437659] [ 19.437691] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.438897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.439242] Hardware name: linux,dummy-virt (DT) [ 19.439353] Call trace: [ 19.440450] show_stack+0x20/0x38 (C) [ 19.440776] dump_stack_lvl+0x8c/0xd0 [ 19.440923] print_report+0x118/0x5d0 [ 19.440986] kasan_report+0xdc/0x128 [ 19.441035] kasan_check_range+0x100/0x1a8 [ 19.441085] __kasan_check_write+0x20/0x30 [ 19.441130] kasan_atomics_helper+0x175c/0x4858 [ 19.441180] kasan_atomics+0x198/0x2e0 [ 19.441228] kunit_try_run_case+0x170/0x3f0 [ 19.441275] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.441335] kthread+0x328/0x630 [ 19.441379] ret_from_fork+0x10/0x20 [ 19.441427] [ 19.441448] Allocated by task 265: [ 19.441495] kasan_save_stack+0x3c/0x68 [ 19.441540] kasan_save_track+0x20/0x40 [ 19.441581] kasan_save_alloc_info+0x40/0x58 [ 19.441622] __kasan_kmalloc+0xd4/0xd8 [ 19.441662] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.441704] kasan_atomics+0xb8/0x2e0 [ 19.441771] kunit_try_run_case+0x170/0x3f0 [ 19.441812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.441866] kthread+0x328/0x630 [ 19.441902] ret_from_fork+0x10/0x20 [ 19.441939] [ 19.441969] The buggy address belongs to the object at fff00000c595e380 [ 19.441969] which belongs to the cache kmalloc-64 of size 64 [ 19.442031] The buggy address is located 0 bytes to the right of [ 19.442031] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.442100] [ 19.442122] The buggy address belongs to the physical page: [ 19.442164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.442220] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.442281] page_type: f5(slab) [ 19.442343] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.442397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.442442] page dumped because: kasan: bad access detected [ 19.442493] [ 19.442513] Memory state around the buggy address: [ 19.442548] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.442603] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.442659] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.442700] ^ [ 19.443213] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.443310] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.443359] ================================================================== [ 19.306854] ================================================================== [ 19.306927] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe44/0x4858 [ 19.307016] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.307079] [ 19.307114] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.307235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.307269] Hardware name: linux,dummy-virt (DT) [ 19.307364] Call trace: [ 19.307396] show_stack+0x20/0x38 (C) [ 19.307560] dump_stack_lvl+0x8c/0xd0 [ 19.307740] print_report+0x118/0x5d0 [ 19.307932] kasan_report+0xdc/0x128 [ 19.308131] kasan_check_range+0x100/0x1a8 [ 19.308309] __kasan_check_write+0x20/0x30 [ 19.308413] kasan_atomics_helper+0xe44/0x4858 [ 19.308492] kasan_atomics+0x198/0x2e0 [ 19.308578] kunit_try_run_case+0x170/0x3f0 [ 19.308678] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.308792] kthread+0x328/0x630 [ 19.308835] ret_from_fork+0x10/0x20 [ 19.309129] [ 19.309157] Allocated by task 265: [ 19.309187] kasan_save_stack+0x3c/0x68 [ 19.309271] kasan_save_track+0x20/0x40 [ 19.309383] kasan_save_alloc_info+0x40/0x58 [ 19.309480] __kasan_kmalloc+0xd4/0xd8 [ 19.309573] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.309648] kasan_atomics+0xb8/0x2e0 [ 19.309697] kunit_try_run_case+0x170/0x3f0 [ 19.309747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.309967] kthread+0x328/0x630 [ 19.310072] ret_from_fork+0x10/0x20 [ 19.310158] [ 19.310216] The buggy address belongs to the object at fff00000c595e380 [ 19.310216] which belongs to the cache kmalloc-64 of size 64 [ 19.310350] The buggy address is located 0 bytes to the right of [ 19.310350] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.310419] [ 19.310458] The buggy address belongs to the physical page: [ 19.310734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.310828] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.310882] page_type: f5(slab) [ 19.310923] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.310987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.311046] page dumped because: kasan: bad access detected [ 19.311082] [ 19.311101] Memory state around the buggy address: [ 19.311134] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.311180] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.311225] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.311267] ^ [ 19.311300] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.311346] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.311388] ================================================================== [ 19.360366] ================================================================== [ 19.360420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x11f8/0x4858 [ 19.360469] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.360521] [ 19.360552] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.360636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.360664] Hardware name: linux,dummy-virt (DT) [ 19.360696] Call trace: [ 19.360734] show_stack+0x20/0x38 (C) [ 19.360813] dump_stack_lvl+0x8c/0xd0 [ 19.360879] print_report+0x118/0x5d0 [ 19.360960] kasan_report+0xdc/0x128 [ 19.361007] kasan_check_range+0x100/0x1a8 [ 19.361072] __kasan_check_write+0x20/0x30 [ 19.361170] kasan_atomics_helper+0x11f8/0x4858 [ 19.361268] kasan_atomics+0x198/0x2e0 [ 19.361337] kunit_try_run_case+0x170/0x3f0 [ 19.361413] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.361501] kthread+0x328/0x630 [ 19.361625] ret_from_fork+0x10/0x20 [ 19.361780] [ 19.361829] Allocated by task 265: [ 19.361888] kasan_save_stack+0x3c/0x68 [ 19.361932] kasan_save_track+0x20/0x40 [ 19.361999] kasan_save_alloc_info+0x40/0x58 [ 19.362042] __kasan_kmalloc+0xd4/0xd8 [ 19.362081] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.362139] kasan_atomics+0xb8/0x2e0 [ 19.362195] kunit_try_run_case+0x170/0x3f0 [ 19.362237] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.362282] kthread+0x328/0x630 [ 19.362316] ret_from_fork+0x10/0x20 [ 19.362394] [ 19.362475] The buggy address belongs to the object at fff00000c595e380 [ 19.362475] which belongs to the cache kmalloc-64 of size 64 [ 19.362559] The buggy address is located 0 bytes to the right of [ 19.362559] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.362628] [ 19.362649] The buggy address belongs to the physical page: [ 19.362683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.362748] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.362799] page_type: f5(slab) [ 19.362836] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.363102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.363149] page dumped because: kasan: bad access detected [ 19.363184] [ 19.363222] Memory state around the buggy address: [ 19.363333] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.363401] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.363502] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.363670] ^ [ 19.363707] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.363760] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.363842] ================================================================== [ 19.443534] ================================================================== [ 19.443581] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e20/0x4858 [ 19.443630] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.443683] [ 19.443732] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.443839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.443869] Hardware name: linux,dummy-virt (DT) [ 19.443902] Call trace: [ 19.443924] show_stack+0x20/0x38 (C) [ 19.443973] dump_stack_lvl+0x8c/0xd0 [ 19.444023] print_report+0x118/0x5d0 [ 19.444072] kasan_report+0xdc/0x128 [ 19.444379] __asan_report_load8_noabort+0x20/0x30 [ 19.444534] kasan_atomics_helper+0x3e20/0x4858 [ 19.444598] kasan_atomics+0x198/0x2e0 [ 19.445007] kunit_try_run_case+0x170/0x3f0 [ 19.445125] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.445210] kthread+0x328/0x630 [ 19.445399] ret_from_fork+0x10/0x20 [ 19.445656] [ 19.445684] Allocated by task 265: [ 19.445782] kasan_save_stack+0x3c/0x68 [ 19.445839] kasan_save_track+0x20/0x40 [ 19.445955] kasan_save_alloc_info+0x40/0x58 [ 19.446061] __kasan_kmalloc+0xd4/0xd8 [ 19.446138] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.446181] kasan_atomics+0xb8/0x2e0 [ 19.446227] kunit_try_run_case+0x170/0x3f0 [ 19.446265] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.446313] kthread+0x328/0x630 [ 19.446346] ret_from_fork+0x10/0x20 [ 19.446616] [ 19.446793] The buggy address belongs to the object at fff00000c595e380 [ 19.446793] which belongs to the cache kmalloc-64 of size 64 [ 19.447020] The buggy address is located 0 bytes to the right of [ 19.447020] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.447100] [ 19.447171] The buggy address belongs to the physical page: [ 19.447240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.447392] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.447472] page_type: f5(slab) [ 19.447695] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.447765] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.447982] page dumped because: kasan: bad access detected [ 19.448025] [ 19.448045] Memory state around the buggy address: [ 19.448138] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.448258] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.448344] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.448651] ^ [ 19.448727] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.448774] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.448974] ================================================================== [ 19.321158] ================================================================== [ 19.321510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf20/0x4858 [ 19.321645] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.321700] [ 19.321765] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.321878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.321935] Hardware name: linux,dummy-virt (DT) [ 19.322003] Call trace: [ 19.322048] show_stack+0x20/0x38 (C) [ 19.322097] dump_stack_lvl+0x8c/0xd0 [ 19.322164] print_report+0x118/0x5d0 [ 19.322220] kasan_report+0xdc/0x128 [ 19.322268] kasan_check_range+0x100/0x1a8 [ 19.322316] __kasan_check_write+0x20/0x30 [ 19.322462] kasan_atomics_helper+0xf20/0x4858 [ 19.322680] kasan_atomics+0x198/0x2e0 [ 19.322751] kunit_try_run_case+0x170/0x3f0 [ 19.322827] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.322890] kthread+0x328/0x630 [ 19.323058] ret_from_fork+0x10/0x20 [ 19.323134] [ 19.323201] Allocated by task 265: [ 19.323319] kasan_save_stack+0x3c/0x68 [ 19.323421] kasan_save_track+0x20/0x40 [ 19.323546] kasan_save_alloc_info+0x40/0x58 [ 19.323669] __kasan_kmalloc+0xd4/0xd8 [ 19.323756] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.323901] kasan_atomics+0xb8/0x2e0 [ 19.323968] kunit_try_run_case+0x170/0x3f0 [ 19.324008] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.324194] kthread+0x328/0x630 [ 19.324230] ret_from_fork+0x10/0x20 [ 19.324268] [ 19.324289] The buggy address belongs to the object at fff00000c595e380 [ 19.324289] which belongs to the cache kmalloc-64 of size 64 [ 19.324489] The buggy address is located 0 bytes to the right of [ 19.324489] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.324596] [ 19.324665] The buggy address belongs to the physical page: [ 19.325087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.325247] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.325333] page_type: f5(slab) [ 19.325376] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.325430] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.325474] page dumped because: kasan: bad access detected [ 19.325850] [ 19.325918] Memory state around the buggy address: [ 19.326030] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.326217] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.326401] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.326524] ^ [ 19.326597] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.326672] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.326723] ================================================================== [ 19.285096] ================================================================== [ 19.285164] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd3c/0x4858 [ 19.285241] Write of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.285294] [ 19.285329] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.285414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.285441] Hardware name: linux,dummy-virt (DT) [ 19.285474] Call trace: [ 19.285497] show_stack+0x20/0x38 (C) [ 19.285545] dump_stack_lvl+0x8c/0xd0 [ 19.285734] print_report+0x118/0x5d0 [ 19.285965] kasan_report+0xdc/0x128 [ 19.286025] kasan_check_range+0x100/0x1a8 [ 19.286076] __kasan_check_write+0x20/0x30 [ 19.286122] kasan_atomics_helper+0xd3c/0x4858 [ 19.286181] kasan_atomics+0x198/0x2e0 [ 19.286227] kunit_try_run_case+0x170/0x3f0 [ 19.286274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.286337] kthread+0x328/0x630 [ 19.286380] ret_from_fork+0x10/0x20 [ 19.286429] [ 19.286459] Allocated by task 265: [ 19.286489] kasan_save_stack+0x3c/0x68 [ 19.286533] kasan_save_track+0x20/0x40 [ 19.286573] kasan_save_alloc_info+0x40/0x58 [ 19.286624] __kasan_kmalloc+0xd4/0xd8 [ 19.286665] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.287009] kasan_atomics+0xb8/0x2e0 [ 19.287330] kunit_try_run_case+0x170/0x3f0 [ 19.287429] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.287515] kthread+0x328/0x630 [ 19.287587] ret_from_fork+0x10/0x20 [ 19.287628] [ 19.287651] The buggy address belongs to the object at fff00000c595e380 [ 19.287651] which belongs to the cache kmalloc-64 of size 64 [ 19.287827] The buggy address is located 0 bytes to the right of [ 19.287827] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.287902] [ 19.287924] The buggy address belongs to the physical page: [ 19.288094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.288187] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.288303] page_type: f5(slab) [ 19.288474] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.288684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.288825] page dumped because: kasan: bad access detected [ 19.288950] [ 19.289019] Memory state around the buggy address: [ 19.289057] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.289104] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.289427] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.289529] ^ [ 19.289595] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.289652] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.289979] ================================================================== [ 19.316037] ================================================================== [ 19.316081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xeb8/0x4858 [ 19.316124] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.316185] [ 19.316217] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.316300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.316328] Hardware name: linux,dummy-virt (DT) [ 19.316371] Call trace: [ 19.316394] show_stack+0x20/0x38 (C) [ 19.316441] dump_stack_lvl+0x8c/0xd0 [ 19.316489] print_report+0x118/0x5d0 [ 19.316545] kasan_report+0xdc/0x128 [ 19.316592] kasan_check_range+0x100/0x1a8 [ 19.316648] __kasan_check_write+0x20/0x30 [ 19.316693] kasan_atomics_helper+0xeb8/0x4858 [ 19.316754] kasan_atomics+0x198/0x2e0 [ 19.316798] kunit_try_run_case+0x170/0x3f0 [ 19.316846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.316900] kthread+0x328/0x630 [ 19.316945] ret_from_fork+0x10/0x20 [ 19.316992] [ 19.317013] Allocated by task 265: [ 19.317041] kasan_save_stack+0x3c/0x68 [ 19.317096] kasan_save_track+0x20/0x40 [ 19.317571] kasan_save_alloc_info+0x40/0x58 [ 19.317628] __kasan_kmalloc+0xd4/0xd8 [ 19.317670] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.317750] kasan_atomics+0xb8/0x2e0 [ 19.317828] kunit_try_run_case+0x170/0x3f0 [ 19.317874] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.317921] kthread+0x328/0x630 [ 19.317957] ret_from_fork+0x10/0x20 [ 19.318097] [ 19.318187] The buggy address belongs to the object at fff00000c595e380 [ 19.318187] which belongs to the cache kmalloc-64 of size 64 [ 19.318329] The buggy address is located 0 bytes to the right of [ 19.318329] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.318443] [ 19.318641] The buggy address belongs to the physical page: [ 19.318962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.319057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.319109] page_type: f5(slab) [ 19.319240] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.319388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.319529] page dumped because: kasan: bad access detected [ 19.319672] [ 19.319739] Memory state around the buggy address: [ 19.319950] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.320023] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.320226] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.320325] ^ [ 19.320364] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320422] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.320469] ================================================================== [ 19.381596] ================================================================== [ 19.381753] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1414/0x4858 [ 19.381808] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.381859] [ 19.381910] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.382031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.382089] Hardware name: linux,dummy-virt (DT) [ 19.382123] Call trace: [ 19.382174] show_stack+0x20/0x38 (C) [ 19.382254] dump_stack_lvl+0x8c/0xd0 [ 19.382320] print_report+0x118/0x5d0 [ 19.382386] kasan_report+0xdc/0x128 [ 19.382449] kasan_check_range+0x100/0x1a8 [ 19.382499] __kasan_check_write+0x20/0x30 [ 19.382544] kasan_atomics_helper+0x1414/0x4858 [ 19.382620] kasan_atomics+0x198/0x2e0 [ 19.382667] kunit_try_run_case+0x170/0x3f0 [ 19.382819] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.382876] kthread+0x328/0x630 [ 19.382919] ret_from_fork+0x10/0x20 [ 19.382993] [ 19.383032] Allocated by task 265: [ 19.383078] kasan_save_stack+0x3c/0x68 [ 19.383121] kasan_save_track+0x20/0x40 [ 19.383180] kasan_save_alloc_info+0x40/0x58 [ 19.383254] __kasan_kmalloc+0xd4/0xd8 [ 19.383350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.383436] kasan_atomics+0xb8/0x2e0 [ 19.383558] kunit_try_run_case+0x170/0x3f0 [ 19.383637] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.383832] kthread+0x328/0x630 [ 19.383895] ret_from_fork+0x10/0x20 [ 19.383934] [ 19.383966] The buggy address belongs to the object at fff00000c595e380 [ 19.383966] which belongs to the cache kmalloc-64 of size 64 [ 19.384034] The buggy address is located 0 bytes to the right of [ 19.384034] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.384103] [ 19.384124] The buggy address belongs to the physical page: [ 19.384157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.384213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.384445] page_type: f5(slab) [ 19.384534] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.384644] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.384838] page dumped because: kasan: bad access detected [ 19.384906] [ 19.385005] Memory state around the buggy address: [ 19.385307] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.385400] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.385519] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.385673] ^ [ 19.385797] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.385861] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.385900] ================================================================== [ 19.351200] ================================================================== [ 19.351305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1128/0x4858 [ 19.351406] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.351550] [ 19.351617] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.351758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.351810] Hardware name: linux,dummy-virt (DT) [ 19.351843] Call trace: [ 19.351868] show_stack+0x20/0x38 (C) [ 19.351925] dump_stack_lvl+0x8c/0xd0 [ 19.351973] print_report+0x118/0x5d0 [ 19.352340] kasan_report+0xdc/0x128 [ 19.352445] kasan_check_range+0x100/0x1a8 [ 19.352544] __kasan_check_write+0x20/0x30 [ 19.352653] kasan_atomics_helper+0x1128/0x4858 [ 19.352938] kasan_atomics+0x198/0x2e0 [ 19.353054] kunit_try_run_case+0x170/0x3f0 [ 19.353142] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.353250] kthread+0x328/0x630 [ 19.353352] ret_from_fork+0x10/0x20 [ 19.353504] [ 19.353568] Allocated by task 265: [ 19.353599] kasan_save_stack+0x3c/0x68 [ 19.353640] kasan_save_track+0x20/0x40 [ 19.353680] kasan_save_alloc_info+0x40/0x58 [ 19.353738] __kasan_kmalloc+0xd4/0xd8 [ 19.353777] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.353824] kasan_atomics+0xb8/0x2e0 [ 19.353881] kunit_try_run_case+0x170/0x3f0 [ 19.353921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.353967] kthread+0x328/0x630 [ 19.354004] ret_from_fork+0x10/0x20 [ 19.354042] [ 19.354071] The buggy address belongs to the object at fff00000c595e380 [ 19.354071] which belongs to the cache kmalloc-64 of size 64 [ 19.354142] The buggy address is located 0 bytes to the right of [ 19.354142] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.354219] [ 19.354249] The buggy address belongs to the physical page: [ 19.354284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.354349] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.354408] page_type: f5(slab) [ 19.354457] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.354510] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.354556] page dumped because: kasan: bad access detected [ 19.354591] [ 19.354611] Memory state around the buggy address: [ 19.354644] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.354699] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.354756] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.354798] ^ [ 19.354833] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.354878] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.354919] ================================================================== [ 19.290684] ================================================================== [ 19.290827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e04/0x4858 [ 19.291066] Read of size 4 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.291134] [ 19.291183] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.291271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.291580] Hardware name: linux,dummy-virt (DT) [ 19.291677] Call trace: [ 19.291757] show_stack+0x20/0x38 (C) [ 19.291829] dump_stack_lvl+0x8c/0xd0 [ 19.291949] print_report+0x118/0x5d0 [ 19.292112] kasan_report+0xdc/0x128 [ 19.292208] __asan_report_load4_noabort+0x20/0x30 [ 19.292310] kasan_atomics_helper+0x3e04/0x4858 [ 19.292391] kasan_atomics+0x198/0x2e0 [ 19.292447] kunit_try_run_case+0x170/0x3f0 [ 19.292503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.292813] kthread+0x328/0x630 [ 19.292905] ret_from_fork+0x10/0x20 [ 19.293062] [ 19.293121] Allocated by task 265: [ 19.293197] kasan_save_stack+0x3c/0x68 [ 19.293342] kasan_save_track+0x20/0x40 [ 19.293529] kasan_save_alloc_info+0x40/0x58 [ 19.293646] __kasan_kmalloc+0xd4/0xd8 [ 19.293783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.293829] kasan_atomics+0xb8/0x2e0 [ 19.293878] kunit_try_run_case+0x170/0x3f0 [ 19.293941] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.293987] kthread+0x328/0x630 [ 19.294032] ret_from_fork+0x10/0x20 [ 19.294078] [ 19.294114] The buggy address belongs to the object at fff00000c595e380 [ 19.294114] which belongs to the cache kmalloc-64 of size 64 [ 19.294179] The buggy address is located 0 bytes to the right of [ 19.294179] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.294248] [ 19.294270] The buggy address belongs to the physical page: [ 19.294305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.294361] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.294413] page_type: f5(slab) [ 19.294452] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.294518] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.294562] page dumped because: kasan: bad access detected [ 19.294595] [ 19.294614] Memory state around the buggy address: [ 19.294646] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.294692] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.294749] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.294791] ^ [ 19.294826] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.294871] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.294912] ================================================================== [ 19.295736] ================================================================== [ 19.295818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xdd4/0x4858 [ 19.296051] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.296147] [ 19.296183] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.296269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.296298] Hardware name: linux,dummy-virt (DT) [ 19.296331] Call trace: [ 19.296353] show_stack+0x20/0x38 (C) [ 19.296402] dump_stack_lvl+0x8c/0xd0 [ 19.296450] print_report+0x118/0x5d0 [ 19.296498] kasan_report+0xdc/0x128 [ 19.296762] kasan_check_range+0x100/0x1a8 [ 19.296824] __kasan_check_read+0x20/0x30 [ 19.296885] kasan_atomics_helper+0xdd4/0x4858 [ 19.296968] kasan_atomics+0x198/0x2e0 [ 19.297016] kunit_try_run_case+0x170/0x3f0 [ 19.297079] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.297164] kthread+0x328/0x630 [ 19.297271] ret_from_fork+0x10/0x20 [ 19.297501] [ 19.297590] Allocated by task 265: [ 19.297625] kasan_save_stack+0x3c/0x68 [ 19.297672] kasan_save_track+0x20/0x40 [ 19.297763] kasan_save_alloc_info+0x40/0x58 [ 19.297808] __kasan_kmalloc+0xd4/0xd8 [ 19.297875] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.297939] kasan_atomics+0xb8/0x2e0 [ 19.297977] kunit_try_run_case+0x170/0x3f0 [ 19.298036] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.298112] kthread+0x328/0x630 [ 19.298148] ret_from_fork+0x10/0x20 [ 19.298187] [ 19.298207] The buggy address belongs to the object at fff00000c595e380 [ 19.298207] which belongs to the cache kmalloc-64 of size 64 [ 19.298450] The buggy address is located 0 bytes to the right of [ 19.298450] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.298529] [ 19.298550] The buggy address belongs to the physical page: [ 19.298585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.298833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.299275] page_type: f5(slab) [ 19.299447] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.299557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.299602] page dumped because: kasan: bad access detected [ 19.299637] [ 19.299657] Memory state around the buggy address: [ 19.299758] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.299806] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.299852] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.299893] ^ [ 19.299928] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.299972] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.300013] ================================================================== [ 19.300362] ================================================================== [ 19.300414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3f58/0x4858 [ 19.300464] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.300515] [ 19.300546] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.300627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.300656] Hardware name: linux,dummy-virt (DT) [ 19.300689] Call trace: [ 19.300726] show_stack+0x20/0x38 (C) [ 19.300775] dump_stack_lvl+0x8c/0xd0 [ 19.300828] print_report+0x118/0x5d0 [ 19.300876] kasan_report+0xdc/0x128 [ 19.300928] __asan_report_load8_noabort+0x20/0x30 [ 19.301107] kasan_atomics_helper+0x3f58/0x4858 [ 19.301235] kasan_atomics+0x198/0x2e0 [ 19.301321] kunit_try_run_case+0x170/0x3f0 [ 19.301770] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.301901] kthread+0x328/0x630 [ 19.301996] ret_from_fork+0x10/0x20 [ 19.302259] [ 19.302388] Allocated by task 265: [ 19.302577] kasan_save_stack+0x3c/0x68 [ 19.302665] kasan_save_track+0x20/0x40 [ 19.302811] kasan_save_alloc_info+0x40/0x58 [ 19.302891] __kasan_kmalloc+0xd4/0xd8 [ 19.302930] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.302972] kasan_atomics+0xb8/0x2e0 [ 19.303346] kunit_try_run_case+0x170/0x3f0 [ 19.303784] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.303985] kthread+0x328/0x630 [ 19.304065] ret_from_fork+0x10/0x20 [ 19.304251] [ 19.304291] The buggy address belongs to the object at fff00000c595e380 [ 19.304291] which belongs to the cache kmalloc-64 of size 64 [ 19.304371] The buggy address is located 0 bytes to the right of [ 19.304371] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.304447] [ 19.304470] The buggy address belongs to the physical page: [ 19.304560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.304635] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.304730] page_type: f5(slab) [ 19.304772] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.304840] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.304896] page dumped because: kasan: bad access detected [ 19.305113] [ 19.305209] Memory state around the buggy address: [ 19.305296] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305344] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.305390] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.305431] ^ [ 19.305466] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305510] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.305695] ================================================================== [ 19.404184] ================================================================== [ 19.404276] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3db0/0x4858 [ 19.404454] Read of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.404509] [ 19.404539] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.404620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.404650] Hardware name: linux,dummy-virt (DT) [ 19.404680] Call trace: [ 19.404704] show_stack+0x20/0x38 (C) [ 19.404765] dump_stack_lvl+0x8c/0xd0 [ 19.404814] print_report+0x118/0x5d0 [ 19.405046] kasan_report+0xdc/0x128 [ 19.405133] __asan_report_load8_noabort+0x20/0x30 [ 19.405217] kasan_atomics_helper+0x3db0/0x4858 [ 19.405268] kasan_atomics+0x198/0x2e0 [ 19.405362] kunit_try_run_case+0x170/0x3f0 [ 19.405411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.405466] kthread+0x328/0x630 [ 19.405510] ret_from_fork+0x10/0x20 [ 19.405558] [ 19.405578] Allocated by task 265: [ 19.405617] kasan_save_stack+0x3c/0x68 [ 19.405659] kasan_save_track+0x20/0x40 [ 19.405703] kasan_save_alloc_info+0x40/0x58 [ 19.405756] __kasan_kmalloc+0xd4/0xd8 [ 19.405795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.405836] kasan_atomics+0xb8/0x2e0 [ 19.405873] kunit_try_run_case+0x170/0x3f0 [ 19.405913] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.405959] kthread+0x328/0x630 [ 19.405992] ret_from_fork+0x10/0x20 [ 19.406029] [ 19.406049] The buggy address belongs to the object at fff00000c595e380 [ 19.406049] which belongs to the cache kmalloc-64 of size 64 [ 19.406110] The buggy address is located 0 bytes to the right of [ 19.406110] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.406179] [ 19.406210] The buggy address belongs to the physical page: [ 19.406242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.406308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.406361] page_type: f5(slab) [ 19.406407] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.406467] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.406512] page dumped because: kasan: bad access detected [ 19.406550] [ 19.406569] Memory state around the buggy address: [ 19.406602] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406652] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.406698] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.406749] ^ [ 19.406784] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406827] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.406867] ================================================================== [ 19.339017] ================================================================== [ 19.339066] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1058/0x4858 [ 19.339114] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.339165] [ 19.339197] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.339755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.339788] Hardware name: linux,dummy-virt (DT) [ 19.339821] Call trace: [ 19.339846] show_stack+0x20/0x38 (C) [ 19.339896] dump_stack_lvl+0x8c/0xd0 [ 19.339946] print_report+0x118/0x5d0 [ 19.339992] kasan_report+0xdc/0x128 [ 19.340041] kasan_check_range+0x100/0x1a8 [ 19.340091] __kasan_check_write+0x20/0x30 [ 19.340137] kasan_atomics_helper+0x1058/0x4858 [ 19.340187] kasan_atomics+0x198/0x2e0 [ 19.340232] kunit_try_run_case+0x170/0x3f0 [ 19.340281] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.340335] kthread+0x328/0x630 [ 19.340376] ret_from_fork+0x10/0x20 [ 19.340424] [ 19.340445] Allocated by task 265: [ 19.340473] kasan_save_stack+0x3c/0x68 [ 19.340516] kasan_save_track+0x20/0x40 [ 19.340556] kasan_save_alloc_info+0x40/0x58 [ 19.340597] __kasan_kmalloc+0xd4/0xd8 [ 19.340639] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.340683] kasan_atomics+0xb8/0x2e0 [ 19.340732] kunit_try_run_case+0x170/0x3f0 [ 19.341140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.341200] kthread+0x328/0x630 [ 19.341393] ret_from_fork+0x10/0x20 [ 19.341504] [ 19.341527] The buggy address belongs to the object at fff00000c595e380 [ 19.341527] which belongs to the cache kmalloc-64 of size 64 [ 19.341592] The buggy address is located 0 bytes to the right of [ 19.341592] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.341660] [ 19.341696] The buggy address belongs to the physical page: [ 19.341738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.341808] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.341868] page_type: f5(slab) [ 19.341921] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.341976] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.342020] page dumped because: kasan: bad access detected [ 19.342076] [ 19.342105] Memory state around the buggy address: [ 19.342147] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.342194] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.342240] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.342282] ^ [ 19.342325] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342385] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342425] ================================================================== [ 19.406987] ================================================================== [ 19.407029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1644/0x4858 [ 19.407408] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.407463] [ 19.407507] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.407601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.407629] Hardware name: linux,dummy-virt (DT) [ 19.407662] Call trace: [ 19.407685] show_stack+0x20/0x38 (C) [ 19.407765] dump_stack_lvl+0x8c/0xd0 [ 19.407922] print_report+0x118/0x5d0 [ 19.408261] kasan_report+0xdc/0x128 [ 19.408400] kasan_check_range+0x100/0x1a8 [ 19.408508] __kasan_check_write+0x20/0x30 [ 19.408615] kasan_atomics_helper+0x1644/0x4858 [ 19.408742] kasan_atomics+0x198/0x2e0 [ 19.408895] kunit_try_run_case+0x170/0x3f0 [ 19.408986] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.409128] kthread+0x328/0x630 [ 19.409237] ret_from_fork+0x10/0x20 [ 19.409413] [ 19.409480] Allocated by task 265: [ 19.409520] kasan_save_stack+0x3c/0x68 [ 19.409561] kasan_save_track+0x20/0x40 [ 19.410226] kasan_save_alloc_info+0x40/0x58 [ 19.410276] __kasan_kmalloc+0xd4/0xd8 [ 19.410317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.410359] kasan_atomics+0xb8/0x2e0 [ 19.410395] kunit_try_run_case+0x170/0x3f0 [ 19.410436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.410482] kthread+0x328/0x630 [ 19.410515] ret_from_fork+0x10/0x20 [ 19.410553] [ 19.410574] The buggy address belongs to the object at fff00000c595e380 [ 19.410574] which belongs to the cache kmalloc-64 of size 64 [ 19.410636] The buggy address is located 0 bytes to the right of [ 19.410636] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.410705] [ 19.410763] The buggy address belongs to the physical page: [ 19.410837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.410945] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.410997] page_type: f5(slab) [ 19.411042] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.412089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.412648] page dumped because: kasan: bad access detected [ 19.412977] [ 19.413028] Memory state around the buggy address: [ 19.413069] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.413118] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.413172] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.413231] ^ [ 19.413277] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.413332] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.413374] ================================================================== [ 19.391703] ================================================================== [ 19.392009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x14e4/0x4858 [ 19.392059] Write of size 8 at addr fff00000c595e3b0 by task kunit_try_catch/265 [ 19.392345] [ 19.392381] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 19.392493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.392523] Hardware name: linux,dummy-virt (DT) [ 19.392566] Call trace: [ 19.392592] show_stack+0x20/0x38 (C) [ 19.392649] dump_stack_lvl+0x8c/0xd0 [ 19.392700] print_report+0x118/0x5d0 [ 19.392758] kasan_report+0xdc/0x128 [ 19.392805] kasan_check_range+0x100/0x1a8 [ 19.392861] __kasan_check_write+0x20/0x30 [ 19.392909] kasan_atomics_helper+0x14e4/0x4858 [ 19.392963] kasan_atomics+0x198/0x2e0 [ 19.393009] kunit_try_run_case+0x170/0x3f0 [ 19.393057] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393112] kthread+0x328/0x630 [ 19.393154] ret_from_fork+0x10/0x20 [ 19.393212] [ 19.393241] Allocated by task 265: [ 19.393278] kasan_save_stack+0x3c/0x68 [ 19.393336] kasan_save_track+0x20/0x40 [ 19.393376] kasan_save_alloc_info+0x40/0x58 [ 19.393420] __kasan_kmalloc+0xd4/0xd8 [ 19.393458] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.393500] kasan_atomics+0xb8/0x2e0 [ 19.393538] kunit_try_run_case+0x170/0x3f0 [ 19.393578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.393623] kthread+0x328/0x630 [ 19.393663] ret_from_fork+0x10/0x20 [ 19.393702] [ 19.393731] The buggy address belongs to the object at fff00000c595e380 [ 19.393731] which belongs to the cache kmalloc-64 of size 64 [ 19.393792] The buggy address is located 0 bytes to the right of [ 19.393792] allocated 48-byte region [fff00000c595e380, fff00000c595e3b0) [ 19.393860] [ 19.393882] The buggy address belongs to the physical page: [ 19.393916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595e [ 19.393971] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.394020] page_type: f5(slab) [ 19.394059] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.394136] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.394182] page dumped because: kasan: bad access detected [ 19.394216] [ 19.394235] Memory state around the buggy address: [ 19.394269] fff00000c595e280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.394316] fff00000c595e300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.394362] >fff00000c595e380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.394404] ^ [ 19.394438] fff00000c595e400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.394484] fff00000c595e480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.394522] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 18.884026] ================================================================== [ 18.884082] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.884136] Write of size 8 at addr fff00000c3eef5c8 by task kunit_try_catch/261 [ 18.884190] [ 18.884630] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.884842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.884878] Hardware name: linux,dummy-virt (DT) [ 18.884966] Call trace: [ 18.884993] show_stack+0x20/0x38 (C) [ 18.885048] dump_stack_lvl+0x8c/0xd0 [ 18.885272] print_report+0x118/0x5d0 [ 18.885489] kasan_report+0xdc/0x128 [ 18.885580] kasan_check_range+0x100/0x1a8 [ 18.885640] __kasan_check_write+0x20/0x30 [ 18.885687] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.885760] kasan_bitops_generic+0x110/0x1c8 [ 18.885809] kunit_try_run_case+0x170/0x3f0 [ 18.885857] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.885910] kthread+0x328/0x630 [ 18.885954] ret_from_fork+0x10/0x20 [ 18.886002] [ 18.886023] Allocated by task 261: [ 18.886064] kasan_save_stack+0x3c/0x68 [ 18.886109] kasan_save_track+0x20/0x40 [ 18.886152] kasan_save_alloc_info+0x40/0x58 [ 18.886195] __kasan_kmalloc+0xd4/0xd8 [ 18.886232] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.886274] kasan_bitops_generic+0xa0/0x1c8 [ 18.886314] kunit_try_run_case+0x170/0x3f0 [ 18.886362] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.886415] kthread+0x328/0x630 [ 18.886569] The buggy address is located 8 bytes inside of [ 18.886569] allocated 9-byte region [fff00000c3eef5c0, fff00000c3eef5c9) [ 18.888145] [ 18.888733] ^ [ 18.888793] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.890117] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 18.892005] __asan_report_load8_noabort+0x20/0x30 [ 18.893581] kasan_save_stack+0x3c/0x68 [ 18.894942] ret_from_fork+0x10/0x20 [ 18.895871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.896875] [ 18.897585] ^ [ 18.897629] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.899633] Write of size 8 at addr fff00000c3eef5c8 by task kunit_try_catch/261 [ 18.900194] Call trace: [ 18.901267] kasan_report+0xdc/0x128 [ 18.902037] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.902895] kasan_save_stack+0x3c/0x68 [ 18.903241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.903480] The buggy address is located 8 bytes inside of [ 18.903480] allocated 9-byte region [fff00000c3eef5c0, fff00000c3eef5c9) [ 18.905333] >fff00000c3eef580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.905527] ^ [ 18.906868] ================================================================== [ 18.875343] ================================================================== [ 18.875775] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.875976] Read of size 8 at addr fff00000c3eef5c8 by task kunit_try_catch/261 [ 18.876043] [ 18.876079] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.876491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.876537] Hardware name: linux,dummy-virt (DT) [ 18.876589] Call trace: [ 18.876616] show_stack+0x20/0x38 (C) [ 18.876804] dump_stack_lvl+0x8c/0xd0 [ 18.876981] print_report+0x118/0x5d0 [ 18.877379] kasan_report+0xdc/0x128 [ 18.877476] __asan_report_load8_noabort+0x20/0x30 [ 18.877623] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.877772] kasan_bitops_generic+0x110/0x1c8 [ 18.877877] kunit_try_run_case+0x170/0x3f0 [ 18.877933] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.878114] kthread+0x328/0x630 [ 18.878401] ret_from_fork+0x10/0x20 [ 18.878518] [ 18.878556] Allocated by task 261: [ 18.878624] kasan_save_stack+0x3c/0x68 [ 18.878670] kasan_save_track+0x20/0x40 [ 18.878884] kasan_save_alloc_info+0x40/0x58 [ 18.878936] __kasan_kmalloc+0xd4/0xd8 [ 18.879098] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.879151] kasan_bitops_generic+0xa0/0x1c8 [ 18.879291] kunit_try_run_case+0x170/0x3f0 [ 18.879448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.879635] kthread+0x328/0x630 [ 18.879675] ret_from_fork+0x10/0x20 [ 18.880038] [ 18.880134] The buggy address belongs to the object at fff00000c3eef5c0 [ 18.880134] which belongs to the cache kmalloc-16 of size 16 [ 18.880269] The buggy address is located 8 bytes inside of [ 18.880269] allocated 9-byte region [fff00000c3eef5c0, fff00000c3eef5c9) [ 18.880446] [ 18.880525] The buggy address belongs to the physical page: [ 18.880738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 18.881057] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.881137] page_type: f5(slab) [ 18.881281] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.881481] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.881576] page dumped because: kasan: bad access detected [ 18.881637] [ 18.881797] Memory state around the buggy address: [ 18.881989] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.882067] fff00000c3eef500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.882148] >fff00000c3eef580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.882191] ^ [ 18.882231] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.882278] fff00000c3eef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.882320] ================================================================== [ 18.862238] ================================================================== [ 18.862303] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.862361] Write of size 8 at addr fff00000c3eef5c8 by task kunit_try_catch/261 [ 18.862414] [ 18.862448] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.862534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.862562] Hardware name: linux,dummy-virt (DT) [ 18.862595] Call trace: [ 18.862622] show_stack+0x20/0x38 (C) [ 18.862682] dump_stack_lvl+0x8c/0xd0 [ 18.863957] print_report+0x118/0x5d0 [ 18.864067] kasan_report+0xdc/0x128 [ 18.864178] kasan_check_range+0x100/0x1a8 [ 18.864388] __kasan_check_write+0x20/0x30 [ 18.864733] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.864850] kasan_bitops_generic+0x110/0x1c8 [ 18.864969] kunit_try_run_case+0x170/0x3f0 [ 18.865364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.865456] kthread+0x328/0x630 [ 18.865596] ret_from_fork+0x10/0x20 [ 18.865940] [ 18.865981] Allocated by task 261: [ 18.866244] kasan_save_stack+0x3c/0x68 [ 18.866354] kasan_save_track+0x20/0x40 [ 18.866474] kasan_save_alloc_info+0x40/0x58 [ 18.866539] __kasan_kmalloc+0xd4/0xd8 [ 18.866928] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.866988] kasan_bitops_generic+0xa0/0x1c8 [ 18.867271] kunit_try_run_case+0x170/0x3f0 [ 18.867765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.867946] kthread+0x328/0x630 [ 18.868053] ret_from_fork+0x10/0x20 [ 18.868151] [ 18.868174] The buggy address belongs to the object at fff00000c3eef5c0 [ 18.868174] which belongs to the cache kmalloc-16 of size 16 [ 18.868357] The buggy address is located 8 bytes inside of [ 18.868357] allocated 9-byte region [fff00000c3eef5c0, fff00000c3eef5c9) [ 18.868555] [ 18.868607] The buggy address belongs to the physical page: [ 18.868775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 18.868975] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.869086] page_type: f5(slab) [ 18.869254] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.869470] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.869692] page dumped because: kasan: bad access detected [ 18.869779] [ 18.869874] Memory state around the buggy address: [ 18.869916] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 18.870140] fff00000c3eef500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.870282] >fff00000c3eef580: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.870425] ^ [ 18.870508] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.870572] fff00000c3eef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.870770] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 18.844216] ================================================================== [ 18.844542] BUG: KASAN: slab-use-after-free in strnlen+0x80/0x88 [ 18.844606] Read of size 1 at addr fff00000c595c710 by task kunit_try_catch/259 [ 18.844787] [ 18.844832] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.844926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.845152] Hardware name: linux,dummy-virt (DT) [ 18.845387] Call trace: [ 18.845528] show_stack+0x20/0x38 (C) [ 18.845594] dump_stack_lvl+0x8c/0xd0 [ 18.846050] print_report+0x118/0x5d0 [ 18.846131] kasan_report+0xdc/0x128 [ 18.846182] __asan_report_load1_noabort+0x20/0x30 [ 18.846235] strnlen+0x80/0x88 [ 18.846695] kasan_strings+0x478/0xb00 [ 18.846786] kunit_try_run_case+0x170/0x3f0 [ 18.846843] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.846952] kthread+0x328/0x630 [ 18.847096] ret_from_fork+0x10/0x20 [ 18.847158] [ 18.847178] Allocated by task 259: [ 18.847243] kasan_save_stack+0x3c/0x68 [ 18.847355] kasan_save_track+0x20/0x40 [ 18.847676] kasan_save_alloc_info+0x40/0x58 [ 18.847939] __kasan_kmalloc+0xd4/0xd8 [ 18.848033] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.848176] kasan_strings+0xc8/0xb00 [ 18.848537] kunit_try_run_case+0x170/0x3f0 [ 18.848658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.848822] kthread+0x328/0x630 [ 18.848933] ret_from_fork+0x10/0x20 [ 18.849014] [ 18.849164] Freed by task 259: [ 18.849229] kasan_save_stack+0x3c/0x68 [ 18.849279] kasan_save_track+0x20/0x40 [ 18.849468] kasan_save_free_info+0x4c/0x78 [ 18.849678] __kasan_slab_free+0x6c/0x98 [ 18.849850] kfree+0x214/0x3c8 [ 18.849952] kasan_strings+0x24c/0xb00 [ 18.850065] kunit_try_run_case+0x170/0x3f0 [ 18.850414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850507] kthread+0x328/0x630 [ 18.850623] ret_from_fork+0x10/0x20 [ 18.850763] [ 18.850834] The buggy address belongs to the object at fff00000c595c700 [ 18.850834] which belongs to the cache kmalloc-32 of size 32 [ 18.850937] The buggy address is located 16 bytes inside of [ 18.850937] freed 32-byte region [fff00000c595c700, fff00000c595c720) [ 18.851094] [ 18.851137] The buggy address belongs to the physical page: [ 18.851427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 18.851689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.851790] page_type: f5(slab) [ 18.851952] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.852034] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.852212] page dumped because: kasan: bad access detected [ 18.852255] [ 18.852419] Memory state around the buggy address: [ 18.852600] fff00000c595c600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.852782] fff00000c595c680: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.852910] >fff00000c595c700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.853235] ^ [ 18.853321] fff00000c595c780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.853400] fff00000c595c800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.853605] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 18.835826] ================================================================== [ 18.835883] BUG: KASAN: slab-use-after-free in strlen+0xa8/0xb0 [ 18.836091] Read of size 1 at addr fff00000c595c710 by task kunit_try_catch/259 [ 18.836172] [ 18.836525] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.836897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.836951] Hardware name: linux,dummy-virt (DT) [ 18.837132] Call trace: [ 18.837247] show_stack+0x20/0x38 (C) [ 18.837308] dump_stack_lvl+0x8c/0xd0 [ 18.837360] print_report+0x118/0x5d0 [ 18.837614] kasan_report+0xdc/0x128 [ 18.838449] __asan_report_load1_noabort+0x20/0x30 [ 18.838534] strlen+0xa8/0xb0 [ 18.838603] kasan_strings+0x418/0xb00 [ 18.838654] kunit_try_run_case+0x170/0x3f0 [ 18.838747] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.838872] kthread+0x328/0x630 [ 18.838937] ret_from_fork+0x10/0x20 [ 18.839065] [ 18.839087] Allocated by task 259: [ 18.839116] kasan_save_stack+0x3c/0x68 [ 18.839188] kasan_save_track+0x20/0x40 [ 18.839411] kasan_save_alloc_info+0x40/0x58 [ 18.839640] __kasan_kmalloc+0xd4/0xd8 [ 18.839847] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.840030] kasan_strings+0xc8/0xb00 [ 18.840067] kunit_try_run_case+0x170/0x3f0 [ 18.840108] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.840154] kthread+0x328/0x630 [ 18.840187] ret_from_fork+0x10/0x20 [ 18.840227] [ 18.840317] Freed by task 259: [ 18.840356] kasan_save_stack+0x3c/0x68 [ 18.840397] kasan_save_track+0x20/0x40 [ 18.840437] kasan_save_free_info+0x4c/0x78 [ 18.840486] __kasan_slab_free+0x6c/0x98 [ 18.840527] kfree+0x214/0x3c8 [ 18.840571] kasan_strings+0x24c/0xb00 [ 18.840610] kunit_try_run_case+0x170/0x3f0 [ 18.840648] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.840700] kthread+0x328/0x630 [ 18.840747] ret_from_fork+0x10/0x20 [ 18.840784] [ 18.840814] The buggy address belongs to the object at fff00000c595c700 [ 18.840814] which belongs to the cache kmalloc-32 of size 32 [ 18.840879] The buggy address is located 16 bytes inside of [ 18.840879] freed 32-byte region [fff00000c595c700, fff00000c595c720) [ 18.840948] [ 18.840989] The buggy address belongs to the physical page: [ 18.841038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 18.841096] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.841149] page_type: f5(slab) [ 18.841197] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.841266] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.841309] page dumped because: kasan: bad access detected [ 18.841344] [ 18.841371] Memory state around the buggy address: [ 18.841404] fff00000c595c600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.841467] fff00000c595c680: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.841514] >fff00000c595c700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.841556] ^ [ 18.841587] fff00000c595c780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.841633] fff00000c595c800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.841682] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 18.826480] ================================================================== [ 18.826583] BUG: KASAN: slab-use-after-free in kasan_strings+0x95c/0xb00 [ 18.826687] Read of size 1 at addr fff00000c595c710 by task kunit_try_catch/259 [ 18.826769] [ 18.826857] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.827259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.827301] Hardware name: linux,dummy-virt (DT) [ 18.827344] Call trace: [ 18.827465] show_stack+0x20/0x38 (C) [ 18.827561] dump_stack_lvl+0x8c/0xd0 [ 18.827748] print_report+0x118/0x5d0 [ 18.827837] kasan_report+0xdc/0x128 [ 18.828023] __asan_report_load1_noabort+0x20/0x30 [ 18.828078] kasan_strings+0x95c/0xb00 [ 18.828485] kunit_try_run_case+0x170/0x3f0 [ 18.828675] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.828748] kthread+0x328/0x630 [ 18.828932] ret_from_fork+0x10/0x20 [ 18.829244] [ 18.829350] Allocated by task 259: [ 18.829446] kasan_save_stack+0x3c/0x68 [ 18.829612] kasan_save_track+0x20/0x40 [ 18.829659] kasan_save_alloc_info+0x40/0x58 [ 18.829814] __kasan_kmalloc+0xd4/0xd8 [ 18.830043] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.830136] kasan_strings+0xc8/0xb00 [ 18.830324] kunit_try_run_case+0x170/0x3f0 [ 18.830422] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.830475] kthread+0x328/0x630 [ 18.830558] ret_from_fork+0x10/0x20 [ 18.830599] [ 18.830621] Freed by task 259: [ 18.830650] kasan_save_stack+0x3c/0x68 [ 18.830699] kasan_save_track+0x20/0x40 [ 18.830760] kasan_save_free_info+0x4c/0x78 [ 18.830811] __kasan_slab_free+0x6c/0x98 [ 18.830858] kfree+0x214/0x3c8 [ 18.830898] kasan_strings+0x24c/0xb00 [ 18.830937] kunit_try_run_case+0x170/0x3f0 [ 18.830977] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.831023] kthread+0x328/0x630 [ 18.831066] ret_from_fork+0x10/0x20 [ 18.831123] [ 18.831160] The buggy address belongs to the object at fff00000c595c700 [ 18.831160] which belongs to the cache kmalloc-32 of size 32 [ 18.831224] The buggy address is located 16 bytes inside of [ 18.831224] freed 32-byte region [fff00000c595c700, fff00000c595c720) [ 18.831516] [ 18.831784] The buggy address belongs to the physical page: [ 18.831859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 18.831991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.832065] page_type: f5(slab) [ 18.832122] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.832181] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.832361] page dumped because: kasan: bad access detected [ 18.832616] [ 18.832831] Memory state around the buggy address: [ 18.832962] fff00000c595c600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.833055] fff00000c595c680: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.833120] >fff00000c595c700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.833463] ^ [ 18.833619] fff00000c595c780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.833764] fff00000c595c800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.833918] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.814984] ================================================================== [ 18.815040] BUG: KASAN: slab-use-after-free in strcmp+0xc0/0xc8 [ 18.815099] Read of size 1 at addr fff00000c595c710 by task kunit_try_catch/259 [ 18.815153] [ 18.815211] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.816223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.816406] Hardware name: linux,dummy-virt (DT) [ 18.816599] Call trace: [ 18.816883] show_stack+0x20/0x38 (C) [ 18.816983] dump_stack_lvl+0x8c/0xd0 [ 18.817081] print_report+0x118/0x5d0 [ 18.817218] kasan_report+0xdc/0x128 [ 18.817290] __asan_report_load1_noabort+0x20/0x30 [ 18.817649] strcmp+0xc0/0xc8 [ 18.817791] kasan_strings+0x340/0xb00 [ 18.817886] kunit_try_run_case+0x170/0x3f0 [ 18.818029] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.818145] kthread+0x328/0x630 [ 18.818297] ret_from_fork+0x10/0x20 [ 18.818680] [ 18.818741] Allocated by task 259: [ 18.818828] kasan_save_stack+0x3c/0x68 [ 18.818954] kasan_save_track+0x20/0x40 [ 18.819163] kasan_save_alloc_info+0x40/0x58 [ 18.819236] __kasan_kmalloc+0xd4/0xd8 [ 18.819323] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.819380] kasan_strings+0xc8/0xb00 [ 18.819423] kunit_try_run_case+0x170/0x3f0 [ 18.819624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.819846] kthread+0x328/0x630 [ 18.819956] ret_from_fork+0x10/0x20 [ 18.820122] [ 18.820172] Freed by task 259: [ 18.820291] kasan_save_stack+0x3c/0x68 [ 18.820347] kasan_save_track+0x20/0x40 [ 18.820441] kasan_save_free_info+0x4c/0x78 [ 18.820630] __kasan_slab_free+0x6c/0x98 [ 18.820790] kfree+0x214/0x3c8 [ 18.820833] kasan_strings+0x24c/0xb00 [ 18.821210] kunit_try_run_case+0x170/0x3f0 [ 18.821346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.821510] kthread+0x328/0x630 [ 18.821599] ret_from_fork+0x10/0x20 [ 18.821751] [ 18.821777] The buggy address belongs to the object at fff00000c595c700 [ 18.821777] which belongs to the cache kmalloc-32 of size 32 [ 18.822425] The buggy address is located 16 bytes inside of [ 18.822425] freed 32-byte region [fff00000c595c700, fff00000c595c720) [ 18.822581] [ 18.822638] The buggy address belongs to the physical page: [ 18.822743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 18.822817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.823159] page_type: f5(slab) [ 18.823315] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.823475] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.823572] page dumped because: kasan: bad access detected [ 18.823651] [ 18.823805] Memory state around the buggy address: [ 18.823844] fff00000c595c600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.823897] fff00000c595c680: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.823943] >fff00000c595c700: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.824343] ^ [ 18.824441] fff00000c595c780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.824594] fff00000c595c800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.824693] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.791150] ================================================================== [ 18.791214] BUG: KASAN: slab-out-of-bounds in memcmp+0x198/0x1d8 [ 18.791273] Read of size 1 at addr fff00000c595c558 by task kunit_try_catch/257 [ 18.791867] [ 18.791971] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.792147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.792277] Hardware name: linux,dummy-virt (DT) [ 18.792314] Call trace: [ 18.792338] show_stack+0x20/0x38 (C) [ 18.792393] dump_stack_lvl+0x8c/0xd0 [ 18.792454] print_report+0x118/0x5d0 [ 18.792980] kasan_report+0xdc/0x128 [ 18.793143] __asan_report_load1_noabort+0x20/0x30 [ 18.793300] memcmp+0x198/0x1d8 [ 18.793389] kasan_memcmp+0x16c/0x300 [ 18.793750] kunit_try_run_case+0x170/0x3f0 [ 18.793917] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.794053] kthread+0x328/0x630 [ 18.794130] ret_from_fork+0x10/0x20 [ 18.794299] [ 18.794378] Allocated by task 257: [ 18.794639] kasan_save_stack+0x3c/0x68 [ 18.794922] kasan_save_track+0x20/0x40 [ 18.795038] kasan_save_alloc_info+0x40/0x58 [ 18.795213] __kasan_kmalloc+0xd4/0xd8 [ 18.795455] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.795530] kasan_memcmp+0xbc/0x300 [ 18.795776] kunit_try_run_case+0x170/0x3f0 [ 18.795916] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.795976] kthread+0x328/0x630 [ 18.796067] ret_from_fork+0x10/0x20 [ 18.796237] [ 18.796261] The buggy address belongs to the object at fff00000c595c540 [ 18.796261] which belongs to the cache kmalloc-32 of size 32 [ 18.796479] The buggy address is located 0 bytes to the right of [ 18.796479] allocated 24-byte region [fff00000c595c540, fff00000c595c558) [ 18.796643] [ 18.796687] The buggy address belongs to the physical page: [ 18.797084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595c [ 18.797209] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.797388] page_type: f5(slab) [ 18.797474] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 18.797654] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.797727] page dumped because: kasan: bad access detected [ 18.798080] [ 18.798275] Memory state around the buggy address: [ 18.798400] fff00000c595c400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.798816] fff00000c595c480: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.798996] >fff00000c595c500: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.799108] ^ [ 18.799155] fff00000c595c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.799201] fff00000c595c600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.799381] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.767261] ================================================================== [ 18.767498] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x2dc/0x340 [ 18.767609] Read of size 1 at addr ffff800080a37b4a by task kunit_try_catch/253 [ 18.767737] [ 18.767811] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.767940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.767971] Hardware name: linux,dummy-virt (DT) [ 18.768327] Call trace: [ 18.768975] show_stack+0x20/0x38 (C) [ 18.769045] dump_stack_lvl+0x8c/0xd0 [ 18.769117] print_report+0x310/0x5d0 [ 18.769521] kasan_report+0xdc/0x128 [ 18.769732] __asan_report_load1_noabort+0x20/0x30 [ 18.770018] kasan_alloca_oob_right+0x2dc/0x340 [ 18.770203] kunit_try_run_case+0x170/0x3f0 [ 18.770310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.770744] kthread+0x328/0x630 [ 18.771104] ret_from_fork+0x10/0x20 [ 18.771244] [ 18.771345] The buggy address belongs to stack of task kunit_try_catch/253 [ 18.771462] [ 18.771532] The buggy address ffff800080a37b4a belongs to a vmalloc virtual mapping [ 18.771635] The buggy address belongs to the physical page: [ 18.771691] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107842 [ 18.771967] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.772045] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.772406] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.772563] page dumped because: kasan: bad access detected [ 18.772696] [ 18.772841] Memory state around the buggy address: [ 18.772898] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.773042] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.773130] >ffff800080a37b00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.773182] ^ [ 18.773407] ffff800080a37b80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.773612] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.773726] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.753745] ================================================================== [ 18.753834] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x2b8/0x310 [ 18.753893] Read of size 1 at addr ffff800080a37b5f by task kunit_try_catch/251 [ 18.754313] [ 18.754383] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.754798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.754841] Hardware name: linux,dummy-virt (DT) [ 18.754964] Call trace: [ 18.755012] show_stack+0x20/0x38 (C) [ 18.755086] dump_stack_lvl+0x8c/0xd0 [ 18.755396] print_report+0x310/0x5d0 [ 18.755511] kasan_report+0xdc/0x128 [ 18.755606] __asan_report_load1_noabort+0x20/0x30 [ 18.756043] kasan_alloca_oob_left+0x2b8/0x310 [ 18.756138] kunit_try_run_case+0x170/0x3f0 [ 18.756509] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.756643] kthread+0x328/0x630 [ 18.756956] ret_from_fork+0x10/0x20 [ 18.757146] [ 18.757409] The buggy address belongs to stack of task kunit_try_catch/251 [ 18.757578] [ 18.757647] The buggy address ffff800080a37b5f belongs to a vmalloc virtual mapping [ 18.757802] The buggy address belongs to the physical page: [ 18.757963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107842 [ 18.758131] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.758462] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.758682] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.758798] page dumped because: kasan: bad access detected [ 18.758925] [ 18.759081] Memory state around the buggy address: [ 18.759128] ffff800080a37a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.759540] ffff800080a37a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.759676] >ffff800080a37b00: 00 00 00 00 00 00 00 00 ca ca ca ca 00 02 cb cb [ 18.759836] ^ [ 18.759901] ffff800080a37b80: cb cb cb cb 00 00 00 00 f1 f1 f1 f1 01 f2 04 f2 [ 18.759955] ffff800080a37c00: 00 f2 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.760077] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.734014] ================================================================== [ 18.734095] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x238/0x270 [ 18.734153] Read of size 1 at addr ffff800080a67c2a by task kunit_try_catch/249 [ 18.734204] [ 18.734239] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.734324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.734351] Hardware name: linux,dummy-virt (DT) [ 18.734416] Call trace: [ 18.734439] show_stack+0x20/0x38 (C) [ 18.734500] dump_stack_lvl+0x8c/0xd0 [ 18.734779] print_report+0x310/0x5d0 [ 18.734832] kasan_report+0xdc/0x128 [ 18.734878] __asan_report_load1_noabort+0x20/0x30 [ 18.734930] kasan_stack_oob+0x238/0x270 [ 18.735236] kunit_try_run_case+0x170/0x3f0 [ 18.735929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.736049] kthread+0x328/0x630 [ 18.736266] ret_from_fork+0x10/0x20 [ 18.736403] [ 18.736605] The buggy address belongs to stack of task kunit_try_catch/249 [ 18.737200] and is located at offset 138 in frame: [ 18.737548] kasan_stack_oob+0x0/0x270 [ 18.738257] [ 18.738441] This frame has 4 objects: [ 18.739111] [48, 49) '__assertion' [ 18.739189] [64, 72) 'array' [ 18.739458] [96, 112) '__assertion' [ 18.739669] [128, 138) 'stack_array' [ 18.739937] [ 18.740136] The buggy address ffff800080a67c2a belongs to a vmalloc virtual mapping [ 18.740193] The buggy address belongs to the physical page: [ 18.740236] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106587 [ 18.740421] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.740900] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.741033] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.741149] page dumped because: kasan: bad access detected [ 18.741506] [ 18.741552] Memory state around the buggy address: [ 18.741624] ffff800080a67b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.741803] ffff800080a67b80: 00 00 00 00 f1 f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 [ 18.741856] >ffff800080a67c00: 00 00 f2 f2 00 02 f3 f3 00 00 00 00 00 00 00 00 [ 18.742092] ^ [ 18.742145] ffff800080a67c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 [ 18.742191] ffff800080a67d00: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00 [ 18.742234] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.707404] ================================================================== [ 18.707471] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x230/0x270 [ 18.707545] Read of size 1 at addr ffff98871494f58d by task kunit_try_catch/245 [ 18.707597] [ 18.707635] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.708026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.708170] Hardware name: linux,dummy-virt (DT) [ 18.708214] Call trace: [ 18.708240] show_stack+0x20/0x38 (C) [ 18.708295] dump_stack_lvl+0x8c/0xd0 [ 18.708345] print_report+0x310/0x5d0 [ 18.708394] kasan_report+0xdc/0x128 [ 18.708999] __asan_report_load1_noabort+0x20/0x30 [ 18.709102] kasan_global_oob_right+0x230/0x270 [ 18.709334] kunit_try_run_case+0x170/0x3f0 [ 18.709625] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.709880] kthread+0x328/0x630 [ 18.710055] ret_from_fork+0x10/0x20 [ 18.710200] [ 18.710435] The buggy address belongs to the variable: [ 18.710645] global_array+0xd/0x40 [ 18.710859] [ 18.711103] The buggy address ffff98871494f58d belongs to a vmalloc virtual mapping [ 18.711486] The buggy address belongs to the physical page: [ 18.711995] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x47d4f [ 18.712072] flags: 0x3fffe0000002000(reserved|node=0|zone=0|lastcpupid=0x1ffff) [ 18.712226] raw: 03fffe0000002000 ffffc1ffc01f53c8 ffffc1ffc01f53c8 0000000000000000 [ 18.712368] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.712517] page dumped because: kasan: bad access detected [ 18.712791] [ 18.712969] Memory state around the buggy address: [ 18.713114] ffff98871494f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.713181] ffff98871494f500: 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9 [ 18.713293] >ffff98871494f580: 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 18.713380] ^ [ 18.713470] ffff98871494f600: 00 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 18.713580] ffff98871494f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.713672] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.688892] ================================================================== [ 18.688956] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.689196] Free of addr fff00000c796c001 by task kunit_try_catch/243 [ 18.689592] [ 18.689644] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.690040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.690137] Hardware name: linux,dummy-virt (DT) [ 18.690214] Call trace: [ 18.690240] show_stack+0x20/0x38 (C) [ 18.690337] dump_stack_lvl+0x8c/0xd0 [ 18.690388] print_report+0x118/0x5d0 [ 18.690435] kasan_report_invalid_free+0xc0/0xe8 [ 18.690486] __kasan_mempool_poison_object+0xfc/0x150 [ 18.690538] mempool_free+0x28c/0x328 [ 18.690583] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.690989] mempool_kmalloc_large_invalid_free+0xc0/0x118 [ 18.691276] kunit_try_run_case+0x170/0x3f0 [ 18.691411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.691570] kthread+0x328/0x630 [ 18.691662] ret_from_fork+0x10/0x20 [ 18.691837] [ 18.691863] The buggy address belongs to the physical page: [ 18.691900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10796c [ 18.692186] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.692304] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.692683] page_type: f8(unknown) [ 18.692860] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.692937] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.693174] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.694000] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.694248] head: 0bfffe0000000002 ffffc1ffc31e5b01 00000000ffffffff 00000000ffffffff [ 18.694344] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.694389] page dumped because: kasan: bad access detected [ 18.694502] [ 18.694530] Memory state around the buggy address: [ 18.694563] fff00000c796bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.694607] fff00000c796bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.694658] >fff00000c796c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.694705] ^ [ 18.694753] fff00000c796c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.694812] fff00000c796c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.694850] ================================================================== [ 18.669560] ================================================================== [ 18.669626] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.669685] Free of addr fff00000c5967b01 by task kunit_try_catch/241 [ 18.669745] [ 18.669776] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.669859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.669904] Hardware name: linux,dummy-virt (DT) [ 18.669936] Call trace: [ 18.669957] show_stack+0x20/0x38 (C) [ 18.670008] dump_stack_lvl+0x8c/0xd0 [ 18.670057] print_report+0x118/0x5d0 [ 18.670117] kasan_report_invalid_free+0xc0/0xe8 [ 18.670167] check_slab_allocation+0xfc/0x108 [ 18.670224] __kasan_mempool_poison_object+0x78/0x150 [ 18.670274] mempool_free+0x28c/0x328 [ 18.670321] mempool_kmalloc_invalid_free_helper+0x118/0x2a8 [ 18.670372] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.670421] kunit_try_run_case+0x170/0x3f0 [ 18.670470] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.670532] kthread+0x328/0x630 [ 18.670585] ret_from_fork+0x10/0x20 [ 18.670642] [ 18.670666] Allocated by task 241: [ 18.670703] kasan_save_stack+0x3c/0x68 [ 18.671056] kasan_save_track+0x20/0x40 [ 18.671205] kasan_save_alloc_info+0x40/0x58 [ 18.671703] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.671776] remove_element+0x130/0x1f8 [ 18.671815] mempool_alloc_preallocated+0x58/0xc0 [ 18.671853] mempool_kmalloc_invalid_free_helper+0x94/0x2a8 [ 18.672312] mempool_kmalloc_invalid_free+0xc0/0x118 [ 18.672688] kunit_try_run_case+0x170/0x3f0 [ 18.672752] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.672795] kthread+0x328/0x630 [ 18.673214] ret_from_fork+0x10/0x20 [ 18.673689] [ 18.673724] The buggy address belongs to the object at fff00000c5967b00 [ 18.673724] which belongs to the cache kmalloc-128 of size 128 [ 18.674485] The buggy address is located 1 bytes inside of [ 18.674485] 128-byte region [fff00000c5967b00, fff00000c5967b80) [ 18.675118] [ 18.675200] The buggy address belongs to the physical page: [ 18.675235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 18.675354] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.675507] page_type: f5(slab) [ 18.675582] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.675706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.675799] page dumped because: kasan: bad access detected [ 18.675895] [ 18.675984] Memory state around the buggy address: [ 18.676142] fff00000c5967a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.676202] fff00000c5967a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.676417] >fff00000c5967b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.676555] ^ [ 18.676643] fff00000c5967b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.676899] fff00000c5967c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.677056] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.650281] ================================================================== [ 18.650885] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.650965] Free of addr fff00000c7968000 by task kunit_try_catch/239 [ 18.651010] [ 18.651337] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.651522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.651551] Hardware name: linux,dummy-virt (DT) [ 18.651583] Call trace: [ 18.651871] show_stack+0x20/0x38 (C) [ 18.652024] dump_stack_lvl+0x8c/0xd0 [ 18.652128] print_report+0x118/0x5d0 [ 18.652528] kasan_report_invalid_free+0xc0/0xe8 [ 18.652691] __kasan_mempool_poison_pages+0xe0/0xe8 [ 18.653195] mempool_free+0x24c/0x328 [ 18.653783] mempool_double_free_helper+0x150/0x2e8 [ 18.653850] mempool_page_alloc_double_free+0xbc/0x118 [ 18.654757] kunit_try_run_case+0x170/0x3f0 [ 18.654824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.654880] kthread+0x328/0x630 [ 18.654923] ret_from_fork+0x10/0x20 [ 18.654971] [ 18.654993] The buggy address belongs to the physical page: [ 18.655028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 18.655084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.655150] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.655201] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.655262] page dumped because: kasan: bad access detected [ 18.655294] [ 18.655311] Memory state around the buggy address: [ 18.655344] fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.655388] fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.655431] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.655470] ^ [ 18.655496] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.655539] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.655577] ================================================================== [ 18.617050] ================================================================== [ 18.617466] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.617705] Free of addr fff00000c5967700 by task kunit_try_catch/235 [ 18.617785] [ 18.617819] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.617901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.617928] Hardware name: linux,dummy-virt (DT) [ 18.618382] Call trace: [ 18.618460] show_stack+0x20/0x38 (C) [ 18.618589] dump_stack_lvl+0x8c/0xd0 [ 18.618672] print_report+0x118/0x5d0 [ 18.618748] kasan_report_invalid_free+0xc0/0xe8 [ 18.618949] check_slab_allocation+0xd4/0x108 [ 18.619107] __kasan_mempool_poison_object+0x78/0x150 [ 18.619175] mempool_free+0x28c/0x328 [ 18.619225] mempool_double_free_helper+0x150/0x2e8 [ 18.619988] mempool_kmalloc_double_free+0xc0/0x118 [ 18.620150] kunit_try_run_case+0x170/0x3f0 [ 18.620406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.620487] kthread+0x328/0x630 [ 18.621020] ret_from_fork+0x10/0x20 [ 18.621182] [ 18.621204] Allocated by task 235: [ 18.621268] kasan_save_stack+0x3c/0x68 [ 18.621695] kasan_save_track+0x20/0x40 [ 18.622064] kasan_save_alloc_info+0x40/0x58 [ 18.622219] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.622352] remove_element+0x130/0x1f8 [ 18.622402] mempool_alloc_preallocated+0x58/0xc0 [ 18.622451] mempool_double_free_helper+0x94/0x2e8 [ 18.622500] mempool_kmalloc_double_free+0xc0/0x118 [ 18.622575] kunit_try_run_case+0x170/0x3f0 [ 18.622623] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.622667] kthread+0x328/0x630 [ 18.622700] ret_from_fork+0x10/0x20 [ 18.622757] [ 18.622786] Freed by task 235: [ 18.622814] kasan_save_stack+0x3c/0x68 [ 18.622852] kasan_save_track+0x20/0x40 [ 18.622889] kasan_save_free_info+0x4c/0x78 [ 18.622928] __kasan_mempool_poison_object+0xc0/0x150 [ 18.622984] mempool_free+0x28c/0x328 [ 18.623021] mempool_double_free_helper+0x100/0x2e8 [ 18.623069] mempool_kmalloc_double_free+0xc0/0x118 [ 18.623118] kunit_try_run_case+0x170/0x3f0 [ 18.623156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.623200] kthread+0x328/0x630 [ 18.623772] ret_from_fork+0x10/0x20 [ 18.623841] [ 18.623862] The buggy address belongs to the object at fff00000c5967700 [ 18.623862] which belongs to the cache kmalloc-128 of size 128 [ 18.623939] The buggy address is located 0 bytes inside of [ 18.623939] 128-byte region [fff00000c5967700, fff00000c5967780) [ 18.624175] [ 18.624330] The buggy address belongs to the physical page: [ 18.624410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 18.624470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.624699] page_type: f5(slab) [ 18.624930] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.625243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.625349] page dumped because: kasan: bad access detected [ 18.625426] [ 18.625461] Memory state around the buggy address: [ 18.625511] fff00000c5967600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.625768] fff00000c5967680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.625983] >fff00000c5967700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.626072] ^ [ 18.626172] fff00000c5967780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.626497] fff00000c5967800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.626730] ================================================================== [ 18.636778] ================================================================== [ 18.636839] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8 [ 18.637091] Free of addr fff00000c7968000 by task kunit_try_catch/237 [ 18.637402] [ 18.637441] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.637831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.637877] Hardware name: linux,dummy-virt (DT) [ 18.637952] Call trace: [ 18.638064] show_stack+0x20/0x38 (C) [ 18.638158] dump_stack_lvl+0x8c/0xd0 [ 18.638274] print_report+0x118/0x5d0 [ 18.638328] kasan_report_invalid_free+0xc0/0xe8 [ 18.638406] __kasan_mempool_poison_object+0x14c/0x150 [ 18.638468] mempool_free+0x28c/0x328 [ 18.638513] mempool_double_free_helper+0x150/0x2e8 [ 18.638702] mempool_kmalloc_large_double_free+0xc0/0x118 [ 18.638958] kunit_try_run_case+0x170/0x3f0 [ 18.639092] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.639160] kthread+0x328/0x630 [ 18.639346] ret_from_fork+0x10/0x20 [ 18.639667] [ 18.639817] The buggy address belongs to the physical page: [ 18.639918] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 18.639979] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.640037] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.640448] page_type: f8(unknown) [ 18.640543] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.640720] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.640832] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.640910] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.641038] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff [ 18.641089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.641130] page dumped because: kasan: bad access detected [ 18.641163] [ 18.641180] Memory state around the buggy address: [ 18.641231] fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.641277] fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.641331] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.641369] ^ [ 18.641395] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.641438] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.641479] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.528176] ================================================================== [ 18.528235] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.528289] Read of size 1 at addr fff00000c7968000 by task kunit_try_catch/229 [ 18.528340] [ 18.528371] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.528453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.528479] Hardware name: linux,dummy-virt (DT) [ 18.528510] Call trace: [ 18.528533] show_stack+0x20/0x38 (C) [ 18.528581] dump_stack_lvl+0x8c/0xd0 [ 18.528629] print_report+0x118/0x5d0 [ 18.528675] kasan_report+0xdc/0x128 [ 18.528735] __asan_report_load1_noabort+0x20/0x30 [ 18.528786] mempool_uaf_helper+0x314/0x340 [ 18.528832] mempool_kmalloc_large_uaf+0xc4/0x120 [ 18.528879] kunit_try_run_case+0x170/0x3f0 [ 18.528931] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.528984] kthread+0x328/0x630 [ 18.529025] ret_from_fork+0x10/0x20 [ 18.529073] [ 18.529092] The buggy address belongs to the physical page: [ 18.529126] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 18.529181] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.529229] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.529284] page_type: f8(unknown) [ 18.529323] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.529374] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.529426] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.529474] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.529524] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff [ 18.529574] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.529614] page dumped because: kasan: bad access detected [ 18.529645] [ 18.529662] Memory state around the buggy address: [ 18.529693] fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.529749] fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.529794] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.529832] ^ [ 18.529859] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.529901] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.529941] ================================================================== [ 18.597721] ================================================================== [ 18.597793] BUG: KASAN: use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.598344] Read of size 1 at addr fff00000c7968000 by task kunit_try_catch/233 [ 18.598415] [ 18.598458] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.598635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.598682] Hardware name: linux,dummy-virt (DT) [ 18.598807] Call trace: [ 18.598833] show_stack+0x20/0x38 (C) [ 18.598886] dump_stack_lvl+0x8c/0xd0 [ 18.599192] print_report+0x118/0x5d0 [ 18.599305] kasan_report+0xdc/0x128 [ 18.599453] __asan_report_load1_noabort+0x20/0x30 [ 18.599612] mempool_uaf_helper+0x314/0x340 [ 18.599697] mempool_page_alloc_uaf+0xc0/0x118 [ 18.599761] kunit_try_run_case+0x170/0x3f0 [ 18.599812] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.599863] kthread+0x328/0x630 [ 18.599908] ret_from_fork+0x10/0x20 [ 18.600293] [ 18.600340] The buggy address belongs to the physical page: [ 18.600690] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968 [ 18.600932] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.601035] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.601197] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.601261] page dumped because: kasan: bad access detected [ 18.601336] [ 18.601632] Memory state around the buggy address: [ 18.601861] fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.602029] fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.602133] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.602173] ^ [ 18.602657] fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.602870] fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.602979] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.538049] ================================================================== [ 18.538110] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.538162] Read of size 1 at addr fff00000c5975240 by task kunit_try_catch/231 [ 18.538212] [ 18.538243] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.538325] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.538352] Hardware name: linux,dummy-virt (DT) [ 18.538400] Call trace: [ 18.538483] show_stack+0x20/0x38 (C) [ 18.538560] dump_stack_lvl+0x8c/0xd0 [ 18.538641] print_report+0x118/0x5d0 [ 18.538695] kasan_report+0xdc/0x128 [ 18.538750] __asan_report_load1_noabort+0x20/0x30 [ 18.539062] mempool_uaf_helper+0x314/0x340 [ 18.539107] mempool_slab_uaf+0xc0/0x118 [ 18.539152] kunit_try_run_case+0x170/0x3f0 [ 18.539209] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539262] kthread+0x328/0x630 [ 18.539324] ret_from_fork+0x10/0x20 [ 18.539388] [ 18.539405] Allocated by task 231: [ 18.539434] kasan_save_stack+0x3c/0x68 [ 18.539473] kasan_save_track+0x20/0x40 [ 18.539509] kasan_save_alloc_info+0x40/0x58 [ 18.539550] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.539593] remove_element+0x16c/0x1f8 [ 18.539629] mempool_alloc_preallocated+0x58/0xc0 [ 18.539669] mempool_uaf_helper+0xa4/0x340 [ 18.539706] mempool_slab_uaf+0xc0/0x118 [ 18.539753] kunit_try_run_case+0x170/0x3f0 [ 18.539791] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.539835] kthread+0x328/0x630 [ 18.539866] ret_from_fork+0x10/0x20 [ 18.539902] [ 18.539921] Freed by task 231: [ 18.540017] kasan_save_stack+0x3c/0x68 [ 18.540146] kasan_save_track+0x20/0x40 [ 18.540201] kasan_save_free_info+0x4c/0x78 [ 18.540241] __kasan_mempool_poison_object+0xc0/0x150 [ 18.540528] mempool_free+0x28c/0x328 [ 18.540687] mempool_uaf_helper+0x104/0x340 [ 18.540798] mempool_slab_uaf+0xc0/0x118 [ 18.540884] kunit_try_run_case+0x170/0x3f0 [ 18.540937] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.540982] kthread+0x328/0x630 [ 18.541014] ret_from_fork+0x10/0x20 [ 18.541051] [ 18.541071] The buggy address belongs to the object at fff00000c5975240 [ 18.541071] which belongs to the cache test_cache of size 123 [ 18.541131] The buggy address is located 0 bytes inside of [ 18.541131] freed 123-byte region [fff00000c5975240, fff00000c59752bb) [ 18.541194] [ 18.541219] The buggy address belongs to the physical page: [ 18.541253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105975 [ 18.541311] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.541360] page_type: f5(slab) [ 18.541405] raw: 0bfffe0000000000 fff00000c6ae2000 dead000000000122 0000000000000000 [ 18.541457] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.541498] page dumped because: kasan: bad access detected [ 18.541540] [ 18.541557] Memory state around the buggy address: [ 18.541596] fff00000c5975100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.541639] fff00000c5975180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.541681] >fff00000c5975200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.541730] ^ [ 18.541764] fff00000c5975280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.541807] fff00000c5975300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.541845] ================================================================== [ 18.514486] ================================================================== [ 18.514552] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x314/0x340 [ 18.514618] Read of size 1 at addr fff00000c5967300 by task kunit_try_catch/227 [ 18.514694] [ 18.514745] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.514835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.514861] Hardware name: linux,dummy-virt (DT) [ 18.514893] Call trace: [ 18.514917] show_stack+0x20/0x38 (C) [ 18.514969] dump_stack_lvl+0x8c/0xd0 [ 18.515018] print_report+0x118/0x5d0 [ 18.515066] kasan_report+0xdc/0x128 [ 18.515111] __asan_report_load1_noabort+0x20/0x30 [ 18.515161] mempool_uaf_helper+0x314/0x340 [ 18.515207] mempool_kmalloc_uaf+0xc4/0x120 [ 18.515281] kunit_try_run_case+0x170/0x3f0 [ 18.515333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.515386] kthread+0x328/0x630 [ 18.515428] ret_from_fork+0x10/0x20 [ 18.515510] [ 18.515572] Allocated by task 227: [ 18.515622] kasan_save_stack+0x3c/0x68 [ 18.515761] kasan_save_track+0x20/0x40 [ 18.515815] kasan_save_alloc_info+0x40/0x58 [ 18.515875] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.516048] remove_element+0x130/0x1f8 [ 18.516158] mempool_alloc_preallocated+0x58/0xc0 [ 18.516315] mempool_uaf_helper+0xa4/0x340 [ 18.516384] mempool_kmalloc_uaf+0xc4/0x120 [ 18.516421] kunit_try_run_case+0x170/0x3f0 [ 18.516461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.516505] kthread+0x328/0x630 [ 18.516536] ret_from_fork+0x10/0x20 [ 18.516573] [ 18.516593] Freed by task 227: [ 18.516620] kasan_save_stack+0x3c/0x68 [ 18.516657] kasan_save_track+0x20/0x40 [ 18.516693] kasan_save_free_info+0x4c/0x78 [ 18.516785] __kasan_mempool_poison_object+0xc0/0x150 [ 18.516829] mempool_free+0x28c/0x328 [ 18.516886] mempool_uaf_helper+0x104/0x340 [ 18.516928] mempool_kmalloc_uaf+0xc4/0x120 [ 18.516966] kunit_try_run_case+0x170/0x3f0 [ 18.517049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.517135] kthread+0x328/0x630 [ 18.517242] ret_from_fork+0x10/0x20 [ 18.517331] [ 18.517372] The buggy address belongs to the object at fff00000c5967300 [ 18.517372] which belongs to the cache kmalloc-128 of size 128 [ 18.517482] The buggy address is located 0 bytes inside of [ 18.517482] freed 128-byte region [fff00000c5967300, fff00000c5967380) [ 18.517644] [ 18.517681] The buggy address belongs to the physical page: [ 18.517733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 18.517817] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.517885] page_type: f5(slab) [ 18.517926] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.518061] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.518115] page dumped because: kasan: bad access detected [ 18.518149] [ 18.518166] Memory state around the buggy address: [ 18.518198] fff00000c5967200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.518241] fff00000c5967280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.518284] >fff00000c5967300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.518324] ^ [ 18.518350] fff00000c5967380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.518394] fff00000c5967400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.518433] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.446503] ================================================================== [ 18.446630] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.446723] Read of size 1 at addr fff00000c780a001 by task kunit_try_catch/223 [ 18.446778] [ 18.446821] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.448725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.449294] Hardware name: linux,dummy-virt (DT) [ 18.449451] Call trace: [ 18.449487] show_stack+0x20/0x38 (C) [ 18.449556] dump_stack_lvl+0x8c/0xd0 [ 18.449610] print_report+0x118/0x5d0 [ 18.450291] kasan_report+0xdc/0x128 [ 18.450348] __asan_report_load1_noabort+0x20/0x30 [ 18.451026] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.451499] mempool_kmalloc_large_oob_right+0xc4/0x120 [ 18.451575] kunit_try_run_case+0x170/0x3f0 [ 18.451626] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.451679] kthread+0x328/0x630 [ 18.452884] ret_from_fork+0x10/0x20 [ 18.453292] [ 18.453815] The buggy address belongs to the physical page: [ 18.454157] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107808 [ 18.454616] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.454826] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 18.454891] page_type: f8(unknown) [ 18.454939] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.454991] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.455042] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.455092] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.456563] head: 0bfffe0000000002 ffffc1ffc31e0201 00000000ffffffff 00000000ffffffff [ 18.456748] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.456796] page dumped because: kasan: bad access detected [ 18.457404] [ 18.457725] Memory state around the buggy address: [ 18.458380] fff00000c7809f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.458470] fff00000c7809f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.458665] >fff00000c780a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.459313] ^ [ 18.459558] fff00000c780a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.459742] fff00000c780a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.459785] ================================================================== [ 18.418356] ================================================================== [ 18.418434] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.418510] Read of size 1 at addr fff00000c46f7f73 by task kunit_try_catch/221 [ 18.418563] [ 18.418605] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.418695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.418739] Hardware name: linux,dummy-virt (DT) [ 18.418774] Call trace: [ 18.418800] show_stack+0x20/0x38 (C) [ 18.418852] dump_stack_lvl+0x8c/0xd0 [ 18.418903] print_report+0x118/0x5d0 [ 18.418949] kasan_report+0xdc/0x128 [ 18.418994] __asan_report_load1_noabort+0x20/0x30 [ 18.419044] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.419092] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.419140] kunit_try_run_case+0x170/0x3f0 [ 18.419191] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.419521] kthread+0x328/0x630 [ 18.419575] ret_from_fork+0x10/0x20 [ 18.419628] [ 18.419695] Allocated by task 221: [ 18.419737] kasan_save_stack+0x3c/0x68 [ 18.419781] kasan_save_track+0x20/0x40 [ 18.419819] kasan_save_alloc_info+0x40/0x58 [ 18.419862] __kasan_mempool_unpoison_object+0x11c/0x180 [ 18.419905] remove_element+0x130/0x1f8 [ 18.419945] mempool_alloc_preallocated+0x58/0xc0 [ 18.419984] mempool_oob_right_helper+0x98/0x2f0 [ 18.420023] mempool_kmalloc_oob_right+0xc4/0x120 [ 18.420064] kunit_try_run_case+0x170/0x3f0 [ 18.420105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.420150] kthread+0x328/0x630 [ 18.420182] ret_from_fork+0x10/0x20 [ 18.420219] [ 18.420239] The buggy address belongs to the object at fff00000c46f7f00 [ 18.420239] which belongs to the cache kmalloc-128 of size 128 [ 18.420301] The buggy address is located 0 bytes to the right of [ 18.420301] allocated 115-byte region [fff00000c46f7f00, fff00000c46f7f73) [ 18.420366] [ 18.420389] The buggy address belongs to the physical page: [ 18.420424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1046f7 [ 18.420482] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.420537] page_type: f5(slab) [ 18.420580] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 18.420632] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 18.420674] page dumped because: kasan: bad access detected [ 18.420718] [ 18.420736] Memory state around the buggy address: [ 18.420769] fff00000c46f7e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.420814] fff00000c46f7e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420858] >fff00000c46f7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.420898] ^ [ 18.420944] fff00000c46f7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420988] fff00000c46f8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.421028] ================================================================== [ 18.478948] ================================================================== [ 18.479038] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0 [ 18.479114] Read of size 1 at addr fff00000c65822bb by task kunit_try_catch/225 [ 18.479166] [ 18.479210] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 18.479358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.479385] Hardware name: linux,dummy-virt (DT) [ 18.479419] Call trace: [ 18.479445] show_stack+0x20/0x38 (C) [ 18.479497] dump_stack_lvl+0x8c/0xd0 [ 18.479549] print_report+0x118/0x5d0 [ 18.479596] kasan_report+0xdc/0x128 [ 18.479641] __asan_report_load1_noabort+0x20/0x30 [ 18.479692] mempool_oob_right_helper+0x2ac/0x2f0 [ 18.479751] mempool_slab_oob_right+0xc0/0x118 [ 18.479799] kunit_try_run_case+0x170/0x3f0 [ 18.479851] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.479903] kthread+0x328/0x630 [ 18.479946] ret_from_fork+0x10/0x20 [ 18.479994] [ 18.480012] Allocated by task 225: [ 18.480042] kasan_save_stack+0x3c/0x68 [ 18.480085] kasan_save_track+0x20/0x40 [ 18.480123] kasan_save_alloc_info+0x40/0x58 [ 18.480163] __kasan_mempool_unpoison_object+0xbc/0x180 [ 18.480207] remove_element+0x16c/0x1f8 [ 18.480246] mempool_alloc_preallocated+0x58/0xc0 [ 18.480287] mempool_oob_right_helper+0x98/0x2f0 [ 18.480325] mempool_slab_oob_right+0xc0/0x118 [ 18.480363] kunit_try_run_case+0x170/0x3f0 [ 18.480401] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.480443] kthread+0x328/0x630 [ 18.480475] ret_from_fork+0x10/0x20 [ 18.480512] [ 18.480531] The buggy address belongs to the object at fff00000c6582240 [ 18.480531] which belongs to the cache test_cache of size 123 [ 18.480590] The buggy address is located 0 bytes to the right of [ 18.480590] allocated 123-byte region [fff00000c6582240, fff00000c65822bb) [ 18.480654] [ 18.480675] The buggy address belongs to the physical page: [ 18.480720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106582 [ 18.480776] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.480827] page_type: f5(slab) [ 18.480865] raw: 0bfffe0000000000 fff00000c3e3edc0 dead000000000122 0000000000000000 [ 18.480919] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.480960] page dumped because: kasan: bad access detected [ 18.480992] [ 18.481009] Memory state around the buggy address: [ 18.481041] fff00000c6582180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.481085] fff00000c6582200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.481129] >fff00000c6582280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.481167] ^ [ 18.481198] fff00000c6582300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.481241] fff00000c6582380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.481281] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.858410] ================================================================== [ 17.858624] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x174/0x300 [ 17.858771] Read of size 1 at addr fff00000c782d140 by task kunit_try_catch/215 [ 17.858845] [ 17.858889] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.859009] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.859036] Hardware name: linux,dummy-virt (DT) [ 17.859071] Call trace: [ 17.859108] show_stack+0x20/0x38 (C) [ 17.859328] dump_stack_lvl+0x8c/0xd0 [ 17.859437] print_report+0x118/0x5d0 [ 17.859549] kasan_report+0xdc/0x128 [ 17.859595] __kasan_check_byte+0x54/0x70 [ 17.859642] kmem_cache_destroy+0x34/0x218 [ 17.859691] kmem_cache_double_destroy+0x174/0x300 [ 17.859945] kunit_try_run_case+0x170/0x3f0 [ 17.860100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.860336] kthread+0x328/0x630 [ 17.860458] ret_from_fork+0x10/0x20 [ 17.860556] [ 17.860662] Allocated by task 215: [ 17.860788] kasan_save_stack+0x3c/0x68 [ 17.860976] kasan_save_track+0x20/0x40 [ 17.861097] kasan_save_alloc_info+0x40/0x58 [ 17.861158] __kasan_slab_alloc+0xa8/0xb0 [ 17.861349] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.861429] __kmem_cache_create_args+0x178/0x280 [ 17.861551] kmem_cache_double_destroy+0xc0/0x300 [ 17.861771] kunit_try_run_case+0x170/0x3f0 [ 17.861876] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.862003] kthread+0x328/0x630 [ 17.862130] ret_from_fork+0x10/0x20 [ 17.862326] [ 17.862363] Freed by task 215: [ 17.862391] kasan_save_stack+0x3c/0x68 [ 17.862681] kasan_save_track+0x20/0x40 [ 17.862911] kasan_save_free_info+0x4c/0x78 [ 17.863075] __kasan_slab_free+0x6c/0x98 [ 17.863124] kmem_cache_free+0x260/0x468 [ 17.863160] slab_kmem_cache_release+0x38/0x50 [ 17.863362] kmem_cache_release+0x1c/0x30 [ 17.863422] kobject_put+0x17c/0x420 [ 17.863508] sysfs_slab_release+0x1c/0x30 [ 17.863782] kmem_cache_destroy+0x118/0x218 [ 17.863861] kmem_cache_double_destroy+0x128/0x300 [ 17.863988] kunit_try_run_case+0x170/0x3f0 [ 17.864149] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.864314] kthread+0x328/0x630 [ 17.864401] ret_from_fork+0x10/0x20 [ 17.864535] [ 17.864574] The buggy address belongs to the object at fff00000c782d140 [ 17.864574] which belongs to the cache kmem_cache of size 208 [ 17.864647] The buggy address is located 0 bytes inside of [ 17.864647] freed 208-byte region [fff00000c782d140, fff00000c782d210) [ 17.864721] [ 17.864880] The buggy address belongs to the physical page: [ 17.865026] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10782d [ 17.865274] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.865379] page_type: f5(slab) [ 17.865432] raw: 0bfffe0000000000 fff00000c0001000 dead000000000122 0000000000000000 [ 17.865615] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.866005] page dumped because: kasan: bad access detected [ 17.866115] [ 17.866211] Memory state around the buggy address: [ 17.866302] fff00000c782d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.866365] fff00000c782d080: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.866409] >fff00000c782d100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.866448] ^ [ 17.866484] fff00000c782d180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.866527] fff00000c782d200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.867386] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.583176] ================================================================== [ 17.583287] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x388/0x468 [ 17.583373] Read of size 1 at addr fff00000c594f000 by task kunit_try_catch/213 [ 17.583428] [ 17.583475] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.583565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.583591] Hardware name: linux,dummy-virt (DT) [ 17.585327] Call trace: [ 17.585654] show_stack+0x20/0x38 (C) [ 17.586076] dump_stack_lvl+0x8c/0xd0 [ 17.586133] print_report+0x118/0x5d0 [ 17.586180] kasan_report+0xdc/0x128 [ 17.586225] __asan_report_load1_noabort+0x20/0x30 [ 17.586278] kmem_cache_rcu_uaf+0x388/0x468 [ 17.586324] kunit_try_run_case+0x170/0x3f0 [ 17.586375] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.588411] kthread+0x328/0x630 [ 17.588951] ret_from_fork+0x10/0x20 [ 17.589424] [ 17.589442] Allocated by task 213: [ 17.589477] kasan_save_stack+0x3c/0x68 [ 17.590317] kasan_save_track+0x20/0x40 [ 17.590492] kasan_save_alloc_info+0x40/0x58 [ 17.590535] __kasan_slab_alloc+0xa8/0xb0 [ 17.591000] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.591753] kmem_cache_rcu_uaf+0x12c/0x468 [ 17.592204] kunit_try_run_case+0x170/0x3f0 [ 17.592378] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.592462] kthread+0x328/0x630 [ 17.592912] ret_from_fork+0x10/0x20 [ 17.593487] [ 17.593510] Freed by task 0: [ 17.593641] kasan_save_stack+0x3c/0x68 [ 17.593871] kasan_save_track+0x20/0x40 [ 17.593967] kasan_save_free_info+0x4c/0x78 [ 17.594724] __kasan_slab_free+0x6c/0x98 [ 17.594848] slab_free_after_rcu_debug+0xd4/0x2f8 [ 17.594985] rcu_core+0x9f4/0x1e20 [ 17.595464] rcu_core_si+0x18/0x30 [ 17.595743] handle_softirqs+0x374/0xb28 [ 17.595794] __do_softirq+0x1c/0x28 [ 17.595831] [ 17.596271] Last potentially related work creation: [ 17.596860] kasan_save_stack+0x3c/0x68 [ 17.597336] kasan_record_aux_stack+0xb4/0xc8 [ 17.597377] kmem_cache_free+0x120/0x468 [ 17.597415] kmem_cache_rcu_uaf+0x16c/0x468 [ 17.597453] kunit_try_run_case+0x170/0x3f0 [ 17.597491] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.597534] kthread+0x328/0x630 [ 17.597565] ret_from_fork+0x10/0x20 [ 17.598479] [ 17.598502] The buggy address belongs to the object at fff00000c594f000 [ 17.598502] which belongs to the cache test_cache of size 200 [ 17.599316] The buggy address is located 0 bytes inside of [ 17.599316] freed 200-byte region [fff00000c594f000, fff00000c594f0c8) [ 17.599671] [ 17.600159] The buggy address belongs to the physical page: [ 17.600201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10594f [ 17.600371] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.600642] page_type: f5(slab) [ 17.600690] raw: 0bfffe0000000000 fff00000c782d000 dead000000000122 0000000000000000 [ 17.601650] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.602099] page dumped because: kasan: bad access detected [ 17.602141] [ 17.602276] Memory state around the buggy address: [ 17.602394] fff00000c594ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.602441] fff00000c594ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.602760] >fff00000c594f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.602923] ^ [ 17.603263] fff00000c594f080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.603310] fff00000c594f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.603357] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.155099] ================================================================== [ 17.155315] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x184/0x3c8 [ 17.155571] Free of addr fff00000c7923001 by task kunit_try_catch/211 [ 17.155699] [ 17.155802] CPU: 1 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.155947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.155975] Hardware name: linux,dummy-virt (DT) [ 17.156290] Call trace: [ 17.156328] show_stack+0x20/0x38 (C) [ 17.156401] dump_stack_lvl+0x8c/0xd0 [ 17.156539] print_report+0x118/0x5d0 [ 17.156644] kasan_report_invalid_free+0xc0/0xe8 [ 17.156870] check_slab_allocation+0xfc/0x108 [ 17.156961] __kasan_slab_pre_free+0x2c/0x48 [ 17.157094] kmem_cache_free+0xf0/0x468 [ 17.157148] kmem_cache_invalid_free+0x184/0x3c8 [ 17.157465] kunit_try_run_case+0x170/0x3f0 [ 17.157608] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.157706] kthread+0x328/0x630 [ 17.157881] ret_from_fork+0x10/0x20 [ 17.157977] [ 17.158105] Allocated by task 211: [ 17.158175] kasan_save_stack+0x3c/0x68 [ 17.158245] kasan_save_track+0x20/0x40 [ 17.158566] kasan_save_alloc_info+0x40/0x58 [ 17.158747] __kasan_slab_alloc+0xa8/0xb0 [ 17.158903] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.158991] kmem_cache_invalid_free+0x12c/0x3c8 [ 17.159089] kunit_try_run_case+0x170/0x3f0 [ 17.159240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.159286] kthread+0x328/0x630 [ 17.159562] ret_from_fork+0x10/0x20 [ 17.159643] [ 17.159753] The buggy address belongs to the object at fff00000c7923000 [ 17.159753] which belongs to the cache test_cache of size 200 [ 17.159829] The buggy address is located 1 bytes inside of [ 17.159829] 200-byte region [fff00000c7923000, fff00000c79230c8) [ 17.159898] [ 17.159954] The buggy address belongs to the physical page: [ 17.159991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107923 [ 17.160052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.160223] page_type: f5(slab) [ 17.160475] raw: 0bfffe0000000000 fff00000ffe78000 dead000000000122 0000000000000000 [ 17.160560] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.160696] page dumped because: kasan: bad access detected [ 17.160815] [ 17.160878] Memory state around the buggy address: [ 17.160971] fff00000c7922f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161016] fff00000c7922f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161309] >fff00000c7923000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.161370] ^ [ 17.161515] fff00000c7923080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.161601] fff00000c7923100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.161767] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.085919] ================================================================== [ 17.087517] BUG: KASAN: double-free in kmem_cache_double_free+0x190/0x3c8 [ 17.087653] Free of addr fff00000c7921000 by task kunit_try_catch/209 [ 17.087701] [ 17.088499] CPU: 1 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.088597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.088625] Hardware name: linux,dummy-virt (DT) [ 17.088660] Call trace: [ 17.088683] show_stack+0x20/0x38 (C) [ 17.088754] dump_stack_lvl+0x8c/0xd0 [ 17.088807] print_report+0x118/0x5d0 [ 17.088857] kasan_report_invalid_free+0xc0/0xe8 [ 17.088909] check_slab_allocation+0xd4/0x108 [ 17.089463] __kasan_slab_pre_free+0x2c/0x48 [ 17.089971] kmem_cache_free+0xf0/0x468 [ 17.090173] kmem_cache_double_free+0x190/0x3c8 [ 17.090761] kunit_try_run_case+0x170/0x3f0 [ 17.090836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.090892] kthread+0x328/0x630 [ 17.090938] ret_from_fork+0x10/0x20 [ 17.090990] [ 17.091008] Allocated by task 209: [ 17.091038] kasan_save_stack+0x3c/0x68 [ 17.091081] kasan_save_track+0x20/0x40 [ 17.091118] kasan_save_alloc_info+0x40/0x58 [ 17.091158] __kasan_slab_alloc+0xa8/0xb0 [ 17.091195] kmem_cache_alloc_noprof+0x10c/0x398 [ 17.091242] kmem_cache_double_free+0x12c/0x3c8 [ 17.091279] kunit_try_run_case+0x170/0x3f0 [ 17.091317] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.091359] kthread+0x328/0x630 [ 17.091391] ret_from_fork+0x10/0x20 [ 17.091426] [ 17.091443] Freed by task 209: [ 17.091471] kasan_save_stack+0x3c/0x68 [ 17.091626] kasan_save_track+0x20/0x40 [ 17.091664] kasan_save_free_info+0x4c/0x78 [ 17.091704] __kasan_slab_free+0x6c/0x98 [ 17.091755] kmem_cache_free+0x260/0x468 [ 17.091792] kmem_cache_double_free+0x140/0x3c8 [ 17.091829] kunit_try_run_case+0x170/0x3f0 [ 17.091867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.091911] kthread+0x328/0x630 [ 17.091943] ret_from_fork+0x10/0x20 [ 17.092026] [ 17.092045] The buggy address belongs to the object at fff00000c7921000 [ 17.092045] which belongs to the cache test_cache of size 200 [ 17.092106] The buggy address is located 0 bytes inside of [ 17.092106] 200-byte region [fff00000c7921000, fff00000c79210c8) [ 17.092168] [ 17.092189] The buggy address belongs to the physical page: [ 17.092246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107921 [ 17.092352] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.092694] page_type: f5(slab) [ 17.092757] raw: 0bfffe0000000000 fff00000c3e3eb40 dead000000000122 0000000000000000 [ 17.092810] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.092852] page dumped because: kasan: bad access detected [ 17.092885] [ 17.092902] Memory state around the buggy address: [ 17.092940] fff00000c7920f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.092985] fff00000c7920f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.093029] >fff00000c7921000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.093069] ^ [ 17.093097] fff00000c7921080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.093141] fff00000c7921100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.093180] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 16.928291] ================================================================== [ 16.928355] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x344/0x430 [ 16.928412] Read of size 1 at addr fff00000c59600c8 by task kunit_try_catch/207 [ 16.928474] [ 16.928619] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.928907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.929061] Hardware name: linux,dummy-virt (DT) [ 16.929242] Call trace: [ 16.929265] show_stack+0x20/0x38 (C) [ 16.929324] dump_stack_lvl+0x8c/0xd0 [ 16.929589] print_report+0x118/0x5d0 [ 16.929649] kasan_report+0xdc/0x128 [ 16.929695] __asan_report_load1_noabort+0x20/0x30 [ 16.929759] kmem_cache_oob+0x344/0x430 [ 16.929804] kunit_try_run_case+0x170/0x3f0 [ 16.929924] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.930018] kthread+0x328/0x630 [ 16.930061] ret_from_fork+0x10/0x20 [ 16.930108] [ 16.930125] Allocated by task 207: [ 16.930154] kasan_save_stack+0x3c/0x68 [ 16.930194] kasan_save_track+0x20/0x40 [ 16.930233] kasan_save_alloc_info+0x40/0x58 [ 16.930354] __kasan_slab_alloc+0xa8/0xb0 [ 16.930427] kmem_cache_alloc_noprof+0x10c/0x398 [ 16.930466] kmem_cache_oob+0x12c/0x430 [ 16.930502] kunit_try_run_case+0x170/0x3f0 [ 16.930540] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.930634] kthread+0x328/0x630 [ 16.930678] ret_from_fork+0x10/0x20 [ 16.930795] [ 16.930889] The buggy address belongs to the object at fff00000c5960000 [ 16.930889] which belongs to the cache test_cache of size 200 [ 16.931005] The buggy address is located 0 bytes to the right of [ 16.931005] allocated 200-byte region [fff00000c5960000, fff00000c59600c8) [ 16.931215] [ 16.931348] The buggy address belongs to the physical page: [ 16.931443] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105960 [ 16.931507] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.931609] page_type: f5(slab) [ 16.931648] raw: 0bfffe0000000000 fff00000c3e3ea00 dead000000000122 0000000000000000 [ 16.931728] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 16.931771] page dumped because: kasan: bad access detected [ 16.931803] [ 16.931858] Memory state around the buggy address: [ 16.931893] fff00000c595ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.931948] fff00000c5960000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.931991] >fff00000c5960080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 16.932029] ^ [ 16.932076] fff00000c5960100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.932327] fff00000c5960180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.932393] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 16.901546] ================================================================== [ 16.901616] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x480/0x4a8 [ 16.901928] Read of size 8 at addr fff00000c5968440 by task kunit_try_catch/200 [ 16.902008] [ 16.902062] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.902397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.902466] Hardware name: linux,dummy-virt (DT) [ 16.902500] Call trace: [ 16.902599] show_stack+0x20/0x38 (C) [ 16.902674] dump_stack_lvl+0x8c/0xd0 [ 16.902955] print_report+0x118/0x5d0 [ 16.903062] kasan_report+0xdc/0x128 [ 16.903374] __asan_report_load8_noabort+0x20/0x30 [ 16.903473] workqueue_uaf+0x480/0x4a8 [ 16.903520] kunit_try_run_case+0x170/0x3f0 [ 16.903572] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.903626] kthread+0x328/0x630 [ 16.903669] ret_from_fork+0x10/0x20 [ 16.903728] [ 16.903746] Allocated by task 200: [ 16.903776] kasan_save_stack+0x3c/0x68 [ 16.903819] kasan_save_track+0x20/0x40 [ 16.904204] kasan_save_alloc_info+0x40/0x58 [ 16.904331] __kasan_kmalloc+0xd4/0xd8 [ 16.904411] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.905738] workqueue_uaf+0x13c/0x4a8 [ 16.905820] kunit_try_run_case+0x170/0x3f0 [ 16.905896] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.906072] kthread+0x328/0x630 [ 16.906206] ret_from_fork+0x10/0x20 [ 16.906245] [ 16.906289] Freed by task 24: [ 16.906317] kasan_save_stack+0x3c/0x68 [ 16.906469] kasan_save_track+0x20/0x40 [ 16.906528] kasan_save_free_info+0x4c/0x78 [ 16.906669] __kasan_slab_free+0x6c/0x98 [ 16.906725] kfree+0x214/0x3c8 [ 16.906758] workqueue_uaf_work+0x18/0x30 [ 16.906793] process_one_work+0x530/0xf98 [ 16.906831] worker_thread+0x618/0xf38 [ 16.906866] kthread+0x328/0x630 [ 16.906897] ret_from_fork+0x10/0x20 [ 16.906934] [ 16.906954] Last potentially related work creation: [ 16.906981] kasan_save_stack+0x3c/0x68 [ 16.907018] kasan_record_aux_stack+0xb4/0xc8 [ 16.907169] __queue_work+0x65c/0x1008 [ 16.907209] queue_work_on+0xbc/0xf8 [ 16.907266] workqueue_uaf+0x210/0x4a8 [ 16.907303] kunit_try_run_case+0x170/0x3f0 [ 16.907340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.907384] kthread+0x328/0x630 [ 16.907452] ret_from_fork+0x10/0x20 [ 16.907489] [ 16.907508] The buggy address belongs to the object at fff00000c5968440 [ 16.907508] which belongs to the cache kmalloc-32 of size 32 [ 16.907571] The buggy address is located 0 bytes inside of [ 16.907571] freed 32-byte region [fff00000c5968440, fff00000c5968460) [ 16.907632] [ 16.907654] The buggy address belongs to the physical page: [ 16.907685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105968 [ 16.907750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.907801] page_type: f5(slab) [ 16.907840] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.908025] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.908068] page dumped because: kasan: bad access detected [ 16.908100] [ 16.908117] Memory state around the buggy address: [ 16.908150] fff00000c5968300: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 16.908193] fff00000c5968380: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.908238] >fff00000c5968400: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 16.908275] ^ [ 16.908309] fff00000c5968480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.908514] fff00000c5968500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.908557] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 16.876191] ================================================================== [ 16.876704] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x64/0x70 [ 16.876826] Read of size 4 at addr fff00000c5968200 by task swapper/1/0 [ 16.876991] [ 16.877035] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.877129] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.877343] Hardware name: linux,dummy-virt (DT) [ 16.877392] Call trace: [ 16.877597] show_stack+0x20/0x38 (C) [ 16.877683] dump_stack_lvl+0x8c/0xd0 [ 16.877993] print_report+0x118/0x5d0 [ 16.878043] kasan_report+0xdc/0x128 [ 16.878091] __asan_report_load4_noabort+0x20/0x30 [ 16.878141] rcu_uaf_reclaim+0x64/0x70 [ 16.878187] rcu_core+0x9f4/0x1e20 [ 16.878234] rcu_core_si+0x18/0x30 [ 16.878278] handle_softirqs+0x374/0xb28 [ 16.878327] __do_softirq+0x1c/0x28 [ 16.878368] ____do_softirq+0x18/0x30 [ 16.878413] call_on_irq_stack+0x24/0x30 [ 16.878457] do_softirq_own_stack+0x24/0x38 [ 16.878525] __irq_exit_rcu+0x1fc/0x318 [ 16.878569] irq_exit_rcu+0x1c/0x80 [ 16.878620] el1_interrupt+0x38/0x58 [ 16.878668] el1h_64_irq_handler+0x18/0x28 [ 16.878726] el1h_64_irq+0x6c/0x70 [ 16.879012] arch_local_irq_enable+0x4/0x8 (P) [ 16.879081] do_idle+0x384/0x4e8 [ 16.879126] cpu_startup_entry+0x68/0x80 [ 16.879180] secondary_start_kernel+0x288/0x340 [ 16.879473] __secondary_switched+0xc0/0xc8 [ 16.879612] [ 16.879726] Allocated by task 198: [ 16.879758] kasan_save_stack+0x3c/0x68 [ 16.879803] kasan_save_track+0x20/0x40 [ 16.879842] kasan_save_alloc_info+0x40/0x58 [ 16.880112] __kasan_kmalloc+0xd4/0xd8 [ 16.880273] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.880436] rcu_uaf+0xb0/0x2d8 [ 16.880554] kunit_try_run_case+0x170/0x3f0 [ 16.880632] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.880804] kthread+0x328/0x630 [ 16.880869] ret_from_fork+0x10/0x20 [ 16.881058] [ 16.881252] Freed by task 0: [ 16.881319] kasan_save_stack+0x3c/0x68 [ 16.881457] kasan_save_track+0x20/0x40 [ 16.881574] kasan_save_free_info+0x4c/0x78 [ 16.881689] __kasan_slab_free+0x6c/0x98 [ 16.881801] kfree+0x214/0x3c8 [ 16.881839] rcu_uaf_reclaim+0x28/0x70 [ 16.881875] rcu_core+0x9f4/0x1e20 [ 16.881911] rcu_core_si+0x18/0x30 [ 16.881945] handle_softirqs+0x374/0xb28 [ 16.882026] __do_softirq+0x1c/0x28 [ 16.882063] [ 16.882105] Last potentially related work creation: [ 16.882153] kasan_save_stack+0x3c/0x68 [ 16.882194] kasan_record_aux_stack+0xb4/0xc8 [ 16.882235] __call_rcu_common.constprop.0+0x74/0x8c8 [ 16.882287] call_rcu+0x18/0x30 [ 16.882321] rcu_uaf+0x14c/0x2d8 [ 16.882361] kunit_try_run_case+0x170/0x3f0 [ 16.882409] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.882461] kthread+0x328/0x630 [ 16.882494] ret_from_fork+0x10/0x20 [ 16.882545] [ 16.882577] The buggy address belongs to the object at fff00000c5968200 [ 16.882577] which belongs to the cache kmalloc-32 of size 32 [ 16.882641] The buggy address is located 0 bytes inside of [ 16.882641] freed 32-byte region [fff00000c5968200, fff00000c5968220) [ 16.882702] [ 16.883141] The buggy address belongs to the physical page: [ 16.883219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105968 [ 16.883301] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.883663] page_type: f5(slab) [ 16.883807] raw: 0bfffe0000000000 fff00000c0001780 dead000000000122 0000000000000000 [ 16.883860] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 16.883922] page dumped because: kasan: bad access detected [ 16.884260] [ 16.884308] Memory state around the buggy address: [ 16.884413] fff00000c5968100: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.884583] fff00000c5968180: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 16.884765] >fff00000c5968200: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 16.884862] ^ [ 16.884891] fff00000c5968280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885249] fff00000c5968300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.885355] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 16.837746] ================================================================== [ 16.837837] BUG: KASAN: slab-use-after-free in ksize_uaf+0x598/0x5f8 [ 16.837893] Read of size 1 at addr fff00000c5967000 by task kunit_try_catch/196 [ 16.837945] [ 16.837998] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.838079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.838106] Hardware name: linux,dummy-virt (DT) [ 16.838159] Call trace: [ 16.838197] show_stack+0x20/0x38 (C) [ 16.838245] dump_stack_lvl+0x8c/0xd0 [ 16.838311] print_report+0x118/0x5d0 [ 16.838376] kasan_report+0xdc/0x128 [ 16.838439] __asan_report_load1_noabort+0x20/0x30 [ 16.838500] ksize_uaf+0x598/0x5f8 [ 16.838557] kunit_try_run_case+0x170/0x3f0 [ 16.838606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.838656] kthread+0x328/0x630 [ 16.838913] ret_from_fork+0x10/0x20 [ 16.838999] [ 16.839030] Allocated by task 196: [ 16.839078] kasan_save_stack+0x3c/0x68 [ 16.839135] kasan_save_track+0x20/0x40 [ 16.839197] kasan_save_alloc_info+0x40/0x58 [ 16.839245] __kasan_kmalloc+0xd4/0xd8 [ 16.839361] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.839485] ksize_uaf+0xb8/0x5f8 [ 16.839578] kunit_try_run_case+0x170/0x3f0 [ 16.839639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.839682] kthread+0x328/0x630 [ 16.839735] ret_from_fork+0x10/0x20 [ 16.839965] [ 16.839986] Freed by task 196: [ 16.840014] kasan_save_stack+0x3c/0x68 [ 16.840052] kasan_save_track+0x20/0x40 [ 16.840090] kasan_save_free_info+0x4c/0x78 [ 16.840128] __kasan_slab_free+0x6c/0x98 [ 16.840166] kfree+0x214/0x3c8 [ 16.840200] ksize_uaf+0x11c/0x5f8 [ 16.840233] kunit_try_run_case+0x170/0x3f0 [ 16.840338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.840405] kthread+0x328/0x630 [ 16.840450] ret_from_fork+0x10/0x20 [ 16.840485] [ 16.840540] The buggy address belongs to the object at fff00000c5967000 [ 16.840540] which belongs to the cache kmalloc-128 of size 128 [ 16.840606] The buggy address is located 0 bytes inside of [ 16.840606] freed 128-byte region [fff00000c5967000, fff00000c5967080) [ 16.840681] [ 16.840702] The buggy address belongs to the physical page: [ 16.840748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 16.840802] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.840951] page_type: f5(slab) [ 16.840992] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.841095] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.841176] page dumped because: kasan: bad access detected [ 16.841263] [ 16.841352] Memory state around the buggy address: [ 16.841512] fff00000c5966f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.841576] fff00000c5966f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.841643] >fff00000c5967000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.842741] ^ [ 16.842774] fff00000c5967080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842819] fff00000c5967100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842859] ================================================================== [ 16.821596] ================================================================== [ 16.821657] BUG: KASAN: slab-use-after-free in ksize_uaf+0x168/0x5f8 [ 16.822264] Read of size 1 at addr fff00000c5967000 by task kunit_try_catch/196 [ 16.822332] [ 16.822367] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.822459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.822504] Hardware name: linux,dummy-virt (DT) [ 16.822553] Call trace: [ 16.822602] show_stack+0x20/0x38 (C) [ 16.822654] dump_stack_lvl+0x8c/0xd0 [ 16.822752] print_report+0x118/0x5d0 [ 16.822801] kasan_report+0xdc/0x128 [ 16.822847] __kasan_check_byte+0x54/0x70 [ 16.822894] ksize+0x30/0x88 [ 16.822935] ksize_uaf+0x168/0x5f8 [ 16.822976] kunit_try_run_case+0x170/0x3f0 [ 16.823154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.823272] kthread+0x328/0x630 [ 16.823392] ret_from_fork+0x10/0x20 [ 16.823525] [ 16.823602] Allocated by task 196: [ 16.823631] kasan_save_stack+0x3c/0x68 [ 16.823720] kasan_save_track+0x20/0x40 [ 16.823792] kasan_save_alloc_info+0x40/0x58 [ 16.823856] __kasan_kmalloc+0xd4/0xd8 [ 16.823956] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.824100] ksize_uaf+0xb8/0x5f8 [ 16.824382] kunit_try_run_case+0x170/0x3f0 [ 16.824492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.824581] kthread+0x328/0x630 [ 16.824645] ret_from_fork+0x10/0x20 [ 16.824705] [ 16.824813] Freed by task 196: [ 16.824840] kasan_save_stack+0x3c/0x68 [ 16.824890] kasan_save_track+0x20/0x40 [ 16.825313] kasan_save_free_info+0x4c/0x78 [ 16.825378] __kasan_slab_free+0x6c/0x98 [ 16.826257] kfree+0x214/0x3c8 [ 16.826484] ksize_uaf+0x11c/0x5f8 [ 16.827479] kunit_try_run_case+0x170/0x3f0 [ 16.828907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.830085] kthread+0x328/0x630 [ 16.831320] ret_from_fork+0x10/0x20 [ 16.831765] [ 16.831795] The buggy address belongs to the object at fff00000c5967000 [ 16.831795] which belongs to the cache kmalloc-128 of size 128 [ 16.832740] The buggy address is located 0 bytes inside of [ 16.832740] freed 128-byte region [fff00000c5967000, fff00000c5967080) [ 16.832815] [ 16.832837] The buggy address belongs to the physical page: [ 16.833593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 16.833689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.835294] page_type: f5(slab) [ 16.835408] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.835614] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.835848] page dumped because: kasan: bad access detected [ 16.835888] [ 16.835906] Memory state around the buggy address: [ 16.835962] fff00000c5966f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.836008] fff00000c5966f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.836052] >fff00000c5967000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.836091] ^ [ 16.836121] fff00000c5967080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836165] fff00000c5967100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.836313] ================================================================== [ 16.845451] ================================================================== [ 16.845510] BUG: KASAN: slab-use-after-free in ksize_uaf+0x544/0x5f8 [ 16.845560] Read of size 1 at addr fff00000c5967078 by task kunit_try_catch/196 [ 16.845612] [ 16.845658] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.846134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.846170] Hardware name: linux,dummy-virt (DT) [ 16.846227] Call trace: [ 16.846301] show_stack+0x20/0x38 (C) [ 16.846398] dump_stack_lvl+0x8c/0xd0 [ 16.846447] print_report+0x118/0x5d0 [ 16.846495] kasan_report+0xdc/0x128 [ 16.846539] __asan_report_load1_noabort+0x20/0x30 [ 16.846597] ksize_uaf+0x544/0x5f8 [ 16.846642] kunit_try_run_case+0x170/0x3f0 [ 16.846687] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.846751] kthread+0x328/0x630 [ 16.846793] ret_from_fork+0x10/0x20 [ 16.846838] [ 16.846855] Allocated by task 196: [ 16.846988] kasan_save_stack+0x3c/0x68 [ 16.847074] kasan_save_track+0x20/0x40 [ 16.847156] kasan_save_alloc_info+0x40/0x58 [ 16.847232] __kasan_kmalloc+0xd4/0xd8 [ 16.847298] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.847340] ksize_uaf+0xb8/0x5f8 [ 16.847443] kunit_try_run_case+0x170/0x3f0 [ 16.847606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.847673] kthread+0x328/0x630 [ 16.847784] ret_from_fork+0x10/0x20 [ 16.847916] [ 16.847936] Freed by task 196: [ 16.847962] kasan_save_stack+0x3c/0x68 [ 16.848040] kasan_save_track+0x20/0x40 [ 16.848105] kasan_save_free_info+0x4c/0x78 [ 16.848145] __kasan_slab_free+0x6c/0x98 [ 16.848182] kfree+0x214/0x3c8 [ 16.848217] ksize_uaf+0x11c/0x5f8 [ 16.848251] kunit_try_run_case+0x170/0x3f0 [ 16.848287] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.848331] kthread+0x328/0x630 [ 16.848364] ret_from_fork+0x10/0x20 [ 16.848401] [ 16.848420] The buggy address belongs to the object at fff00000c5967000 [ 16.848420] which belongs to the cache kmalloc-128 of size 128 [ 16.848483] The buggy address is located 120 bytes inside of [ 16.848483] freed 128-byte region [fff00000c5967000, fff00000c5967080) [ 16.848547] [ 16.848568] The buggy address belongs to the physical page: [ 16.848600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967 [ 16.848654] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.849129] page_type: f5(slab) [ 16.849234] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.849334] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.849444] page dumped because: kasan: bad access detected [ 16.849556] [ 16.849648] Memory state around the buggy address: [ 16.849734] fff00000c5966f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.849831] fff00000c5966f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.849910] >fff00000c5967000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.849985] ^ [ 16.850026] fff00000c5967080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.850303] fff00000c5967100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.850417] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 16.802329] ================================================================== [ 16.802625] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x628/0x740 [ 16.802684] Read of size 1 at addr fff00000c6554f73 by task kunit_try_catch/194 [ 16.802770] [ 16.802802] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.802913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.802974] Hardware name: linux,dummy-virt (DT) [ 16.803011] Call trace: [ 16.803040] show_stack+0x20/0x38 (C) [ 16.803090] dump_stack_lvl+0x8c/0xd0 [ 16.803139] print_report+0x118/0x5d0 [ 16.803186] kasan_report+0xdc/0x128 [ 16.803231] __asan_report_load1_noabort+0x20/0x30 [ 16.803326] ksize_unpoisons_memory+0x628/0x740 [ 16.803468] kunit_try_run_case+0x170/0x3f0 [ 16.803590] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.803684] kthread+0x328/0x630 [ 16.803769] ret_from_fork+0x10/0x20 [ 16.803891] [ 16.803948] Allocated by task 194: [ 16.803976] kasan_save_stack+0x3c/0x68 [ 16.804019] kasan_save_track+0x20/0x40 [ 16.804057] kasan_save_alloc_info+0x40/0x58 [ 16.804097] __kasan_kmalloc+0xd4/0xd8 [ 16.804134] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.804259] ksize_unpoisons_memory+0xc0/0x740 [ 16.804308] kunit_try_run_case+0x170/0x3f0 [ 16.804347] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.804447] kthread+0x328/0x630 [ 16.804528] ret_from_fork+0x10/0x20 [ 16.804628] [ 16.804721] The buggy address belongs to the object at fff00000c6554f00 [ 16.804721] which belongs to the cache kmalloc-128 of size 128 [ 16.804784] The buggy address is located 0 bytes to the right of [ 16.804784] allocated 115-byte region [fff00000c6554f00, fff00000c6554f73) [ 16.805095] [ 16.805123] The buggy address belongs to the physical page: [ 16.805210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.805272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.805372] page_type: f5(slab) [ 16.805449] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.805513] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.805554] page dumped because: kasan: bad access detected [ 16.805620] [ 16.805638] Memory state around the buggy address: [ 16.805667] fff00000c6554e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.805722] fff00000c6554e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.805766] >fff00000c6554f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.805936] ^ [ 16.806069] fff00000c6554f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.806141] fff00000c6555000: 07 fc fc fc 00 fc fc fc 00 fc fc fc 03 fc fc fc [ 16.806191] ================================================================== [ 16.811444] ================================================================== [ 16.811487] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x690/0x740 [ 16.811532] Read of size 1 at addr fff00000c6554f7f by task kunit_try_catch/194 [ 16.811581] [ 16.811609] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.811689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.811729] Hardware name: linux,dummy-virt (DT) [ 16.811760] Call trace: [ 16.811779] show_stack+0x20/0x38 (C) [ 16.811827] dump_stack_lvl+0x8c/0xd0 [ 16.811874] print_report+0x118/0x5d0 [ 16.811934] kasan_report+0xdc/0x128 [ 16.812169] __asan_report_load1_noabort+0x20/0x30 [ 16.812237] ksize_unpoisons_memory+0x690/0x740 [ 16.812285] kunit_try_run_case+0x170/0x3f0 [ 16.812333] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.812384] kthread+0x328/0x630 [ 16.812597] ret_from_fork+0x10/0x20 [ 16.812673] [ 16.812690] Allocated by task 194: [ 16.812728] kasan_save_stack+0x3c/0x68 [ 16.812768] kasan_save_track+0x20/0x40 [ 16.812804] kasan_save_alloc_info+0x40/0x58 [ 16.812845] __kasan_kmalloc+0xd4/0xd8 [ 16.812971] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.813057] ksize_unpoisons_memory+0xc0/0x740 [ 16.813154] kunit_try_run_case+0x170/0x3f0 [ 16.813269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.813377] kthread+0x328/0x630 [ 16.813420] ret_from_fork+0x10/0x20 [ 16.813457] [ 16.813721] The buggy address belongs to the object at fff00000c6554f00 [ 16.813721] which belongs to the cache kmalloc-128 of size 128 [ 16.813818] The buggy address is located 12 bytes to the right of [ 16.813818] allocated 115-byte region [fff00000c6554f00, fff00000c6554f73) [ 16.813944] [ 16.814032] The buggy address belongs to the physical page: [ 16.814121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.814175] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.814230] page_type: f5(slab) [ 16.814507] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.814616] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.814719] page dumped because: kasan: bad access detected [ 16.814804] [ 16.814890] Memory state around the buggy address: [ 16.814922] fff00000c6554e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.815219] fff00000c6554e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.815266] >fff00000c6554f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.815353] ^ [ 16.815488] fff00000c6554f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.815571] fff00000c6555000: 07 fc fc fc 00 fc fc fc 00 fc fc fc 03 fc fc fc [ 16.815692] ================================================================== [ 16.808276] ================================================================== [ 16.808370] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x618/0x740 [ 16.808423] Read of size 1 at addr fff00000c6554f78 by task kunit_try_catch/194 [ 16.808489] [ 16.808542] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.808643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.808696] Hardware name: linux,dummy-virt (DT) [ 16.808741] Call trace: [ 16.808788] show_stack+0x20/0x38 (C) [ 16.808841] dump_stack_lvl+0x8c/0xd0 [ 16.808906] print_report+0x118/0x5d0 [ 16.809156] kasan_report+0xdc/0x128 [ 16.809237] __asan_report_load1_noabort+0x20/0x30 [ 16.809311] ksize_unpoisons_memory+0x618/0x740 [ 16.809386] kunit_try_run_case+0x170/0x3f0 [ 16.809451] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.809506] kthread+0x328/0x630 [ 16.809586] ret_from_fork+0x10/0x20 [ 16.809635] [ 16.809652] Allocated by task 194: [ 16.809680] kasan_save_stack+0x3c/0x68 [ 16.809740] kasan_save_track+0x20/0x40 [ 16.809846] kasan_save_alloc_info+0x40/0x58 [ 16.809967] __kasan_kmalloc+0xd4/0xd8 [ 16.810028] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.810072] ksize_unpoisons_memory+0xc0/0x740 [ 16.810118] kunit_try_run_case+0x170/0x3f0 [ 16.810160] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.810212] kthread+0x328/0x630 [ 16.810251] ret_from_fork+0x10/0x20 [ 16.810286] [ 16.810312] The buggy address belongs to the object at fff00000c6554f00 [ 16.810312] which belongs to the cache kmalloc-128 of size 128 [ 16.810373] The buggy address is located 5 bytes to the right of [ 16.810373] allocated 115-byte region [fff00000c6554f00, fff00000c6554f73) [ 16.810575] [ 16.810600] The buggy address belongs to the physical page: [ 16.810638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.810750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.810801] page_type: f5(slab) [ 16.810839] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.810891] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.810932] page dumped because: kasan: bad access detected [ 16.810975] [ 16.810993] Memory state around the buggy address: [ 16.811025] fff00000c6554e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.811084] fff00000c6554e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811137] >fff00000c6554f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.811185] ^ [ 16.811236] fff00000c6554f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811280] fff00000c6555000: 07 fc fc fc 00 fc fc fc 00 fc fc fc 03 fc fc fc [ 16.811319] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 16.794083] ================================================================== [ 16.794154] BUG: KASAN: double-free in kfree_sensitive+0x3c/0xb0 [ 16.794204] Free of addr fff00000c3eef5a0 by task kunit_try_catch/192 [ 16.794245] [ 16.794276] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.794360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.794386] Hardware name: linux,dummy-virt (DT) [ 16.794417] Call trace: [ 16.794438] show_stack+0x20/0x38 (C) [ 16.794484] dump_stack_lvl+0x8c/0xd0 [ 16.794532] print_report+0x118/0x5d0 [ 16.794579] kasan_report_invalid_free+0xc0/0xe8 [ 16.794627] check_slab_allocation+0xd4/0x108 [ 16.794674] __kasan_slab_pre_free+0x2c/0x48 [ 16.794734] kfree+0xe8/0x3c8 [ 16.794806] kfree_sensitive+0x3c/0xb0 [ 16.794851] kmalloc_double_kzfree+0x168/0x308 [ 16.794917] kunit_try_run_case+0x170/0x3f0 [ 16.794989] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.795047] kthread+0x328/0x630 [ 16.795093] ret_from_fork+0x10/0x20 [ 16.795140] [ 16.795158] Allocated by task 192: [ 16.795194] kasan_save_stack+0x3c/0x68 [ 16.795235] kasan_save_track+0x20/0x40 [ 16.795272] kasan_save_alloc_info+0x40/0x58 [ 16.795317] __kasan_kmalloc+0xd4/0xd8 [ 16.795365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.795406] kmalloc_double_kzfree+0xb8/0x308 [ 16.795444] kunit_try_run_case+0x170/0x3f0 [ 16.795484] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.795528] kthread+0x328/0x630 [ 16.795570] ret_from_fork+0x10/0x20 [ 16.795608] [ 16.795625] Freed by task 192: [ 16.795654] kasan_save_stack+0x3c/0x68 [ 16.795701] kasan_save_track+0x20/0x40 [ 16.795747] kasan_save_free_info+0x4c/0x78 [ 16.795789] __kasan_slab_free+0x6c/0x98 [ 16.795831] kfree+0x214/0x3c8 [ 16.795865] kfree_sensitive+0x80/0xb0 [ 16.795901] kmalloc_double_kzfree+0x11c/0x308 [ 16.795940] kunit_try_run_case+0x170/0x3f0 [ 16.795979] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.796027] kthread+0x328/0x630 [ 16.796059] ret_from_fork+0x10/0x20 [ 16.796095] [ 16.796118] The buggy address belongs to the object at fff00000c3eef5a0 [ 16.796118] which belongs to the cache kmalloc-16 of size 16 [ 16.796177] The buggy address is located 0 bytes inside of [ 16.796177] 16-byte region [fff00000c3eef5a0, fff00000c3eef5b0) [ 16.796237] [ 16.796262] The buggy address belongs to the physical page: [ 16.796294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.796347] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.796394] page_type: f5(slab) [ 16.796430] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.796480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.796526] page dumped because: kasan: bad access detected [ 16.796558] [ 16.796577] Memory state around the buggy address: [ 16.796609] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.796661] fff00000c3eef500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.796705] >fff00000c3eef580: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.797230] ^ [ 16.797287] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797332] fff00000c3eef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.797372] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.786526] ================================================================== [ 16.786589] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x168/0x308 [ 16.786643] Read of size 1 at addr fff00000c3eef5a0 by task kunit_try_catch/192 [ 16.786743] [ 16.786778] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.786907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.786980] Hardware name: linux,dummy-virt (DT) [ 16.787017] Call trace: [ 16.787075] show_stack+0x20/0x38 (C) [ 16.787125] dump_stack_lvl+0x8c/0xd0 [ 16.787175] print_report+0x118/0x5d0 [ 16.787253] kasan_report+0xdc/0x128 [ 16.787314] __kasan_check_byte+0x54/0x70 [ 16.787361] kfree_sensitive+0x30/0xb0 [ 16.787408] kmalloc_double_kzfree+0x168/0x308 [ 16.787454] kunit_try_run_case+0x170/0x3f0 [ 16.787757] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.787835] kthread+0x328/0x630 [ 16.787913] ret_from_fork+0x10/0x20 [ 16.787974] [ 16.788001] Allocated by task 192: [ 16.788029] kasan_save_stack+0x3c/0x68 [ 16.788078] kasan_save_track+0x20/0x40 [ 16.788125] kasan_save_alloc_info+0x40/0x58 [ 16.788174] __kasan_kmalloc+0xd4/0xd8 [ 16.788212] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.788257] kmalloc_double_kzfree+0xb8/0x308 [ 16.788302] kunit_try_run_case+0x170/0x3f0 [ 16.788340] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.788390] kthread+0x328/0x630 [ 16.788422] ret_from_fork+0x10/0x20 [ 16.788459] [ 16.788477] Freed by task 192: [ 16.788513] kasan_save_stack+0x3c/0x68 [ 16.788551] kasan_save_track+0x20/0x40 [ 16.788595] kasan_save_free_info+0x4c/0x78 [ 16.788643] __kasan_slab_free+0x6c/0x98 [ 16.788681] kfree+0x214/0x3c8 [ 16.788723] kfree_sensitive+0x80/0xb0 [ 16.788758] kmalloc_double_kzfree+0x11c/0x308 [ 16.788797] kunit_try_run_case+0x170/0x3f0 [ 16.788833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.788877] kthread+0x328/0x630 [ 16.788908] ret_from_fork+0x10/0x20 [ 16.789101] [ 16.789145] The buggy address belongs to the object at fff00000c3eef5a0 [ 16.789145] which belongs to the cache kmalloc-16 of size 16 [ 16.789207] The buggy address is located 0 bytes inside of [ 16.789207] freed 16-byte region [fff00000c3eef5a0, fff00000c3eef5b0) [ 16.789270] [ 16.789289] The buggy address belongs to the physical page: [ 16.789322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.789513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.789578] page_type: f5(slab) [ 16.789622] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.789791] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.789966] page dumped because: kasan: bad access detected [ 16.790054] [ 16.790271] Memory state around the buggy address: [ 16.790313] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.790376] fff00000c3eef500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.790463] >fff00000c3eef580: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.790563] ^ [ 16.790592] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.790671] fff00000c3eef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.790779] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.770269] ================================================================== [ 16.770569] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x3f4/0x468 [ 16.770629] Read of size 1 at addr fff00000c6adf928 by task kunit_try_catch/188 [ 16.770686] [ 16.770945] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.771046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.771074] Hardware name: linux,dummy-virt (DT) [ 16.771125] Call trace: [ 16.771164] show_stack+0x20/0x38 (C) [ 16.771216] dump_stack_lvl+0x8c/0xd0 [ 16.771308] print_report+0x118/0x5d0 [ 16.771420] kasan_report+0xdc/0x128 [ 16.771548] __asan_report_load1_noabort+0x20/0x30 [ 16.771650] kmalloc_uaf2+0x3f4/0x468 [ 16.771727] kunit_try_run_case+0x170/0x3f0 [ 16.771800] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.771927] kthread+0x328/0x630 [ 16.772015] ret_from_fork+0x10/0x20 [ 16.772136] [ 16.772175] Allocated by task 188: [ 16.772201] kasan_save_stack+0x3c/0x68 [ 16.772242] kasan_save_track+0x20/0x40 [ 16.772279] kasan_save_alloc_info+0x40/0x58 [ 16.772320] __kasan_kmalloc+0xd4/0xd8 [ 16.772356] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.772466] kmalloc_uaf2+0xc4/0x468 [ 16.772509] kunit_try_run_case+0x170/0x3f0 [ 16.772548] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.772592] kthread+0x328/0x630 [ 16.772695] ret_from_fork+0x10/0x20 [ 16.772780] [ 16.772798] Freed by task 188: [ 16.772858] kasan_save_stack+0x3c/0x68 [ 16.773003] kasan_save_track+0x20/0x40 [ 16.773145] kasan_save_free_info+0x4c/0x78 [ 16.773211] __kasan_slab_free+0x6c/0x98 [ 16.773250] kfree+0x214/0x3c8 [ 16.773299] kmalloc_uaf2+0x134/0x468 [ 16.773334] kunit_try_run_case+0x170/0x3f0 [ 16.773371] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.773413] kthread+0x328/0x630 [ 16.773578] ret_from_fork+0x10/0x20 [ 16.773669] [ 16.773698] The buggy address belongs to the object at fff00000c6adf900 [ 16.773698] which belongs to the cache kmalloc-64 of size 64 [ 16.773815] The buggy address is located 40 bytes inside of [ 16.773815] freed 64-byte region [fff00000c6adf900, fff00000c6adf940) [ 16.773928] [ 16.773997] The buggy address belongs to the physical page: [ 16.774088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106adf [ 16.774154] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.774485] page_type: f5(slab) [ 16.774596] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.774669] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.774722] page dumped because: kasan: bad access detected [ 16.774753] [ 16.774772] Memory state around the buggy address: [ 16.774802] fff00000c6adf800: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.774846] fff00000c6adf880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.775027] >fff00000c6adf900: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.775098] ^ [ 16.775189] fff00000c6adf980: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 16.775322] fff00000c6adfa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.775435] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.760903] ================================================================== [ 16.760966] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x170/0x310 [ 16.761017] Write of size 33 at addr fff00000c6adf700 by task kunit_try_catch/186 [ 16.761070] [ 16.761100] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.761185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.761212] Hardware name: linux,dummy-virt (DT) [ 16.761243] Call trace: [ 16.761264] show_stack+0x20/0x38 (C) [ 16.761313] dump_stack_lvl+0x8c/0xd0 [ 16.761362] print_report+0x118/0x5d0 [ 16.761410] kasan_report+0xdc/0x128 [ 16.761457] kasan_check_range+0x100/0x1a8 [ 16.761506] __asan_memset+0x34/0x78 [ 16.761548] kmalloc_uaf_memset+0x170/0x310 [ 16.761594] kunit_try_run_case+0x170/0x3f0 [ 16.761642] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.761694] kthread+0x328/0x630 [ 16.761977] ret_from_fork+0x10/0x20 [ 16.762029] [ 16.762046] Allocated by task 186: [ 16.762074] kasan_save_stack+0x3c/0x68 [ 16.762117] kasan_save_track+0x20/0x40 [ 16.762154] kasan_save_alloc_info+0x40/0x58 [ 16.762195] __kasan_kmalloc+0xd4/0xd8 [ 16.762271] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.762312] kmalloc_uaf_memset+0xb8/0x310 [ 16.762349] kunit_try_run_case+0x170/0x3f0 [ 16.762386] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.762440] kthread+0x328/0x630 [ 16.762472] ret_from_fork+0x10/0x20 [ 16.762515] [ 16.762533] Freed by task 186: [ 16.762561] kasan_save_stack+0x3c/0x68 [ 16.762597] kasan_save_track+0x20/0x40 [ 16.762634] kasan_save_free_info+0x4c/0x78 [ 16.762675] __kasan_slab_free+0x6c/0x98 [ 16.762733] kfree+0x214/0x3c8 [ 16.762773] kmalloc_uaf_memset+0x11c/0x310 [ 16.762809] kunit_try_run_case+0x170/0x3f0 [ 16.762846] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.762891] kthread+0x328/0x630 [ 16.762932] ret_from_fork+0x10/0x20 [ 16.762983] [ 16.763001] The buggy address belongs to the object at fff00000c6adf700 [ 16.763001] which belongs to the cache kmalloc-64 of size 64 [ 16.763069] The buggy address is located 0 bytes inside of [ 16.763069] freed 64-byte region [fff00000c6adf700, fff00000c6adf740) [ 16.763132] [ 16.763150] The buggy address belongs to the physical page: [ 16.763204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106adf [ 16.763260] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.763311] page_type: f5(slab) [ 16.763358] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.763423] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.763466] page dumped because: kasan: bad access detected [ 16.763498] [ 16.763517] Memory state around the buggy address: [ 16.763561] fff00000c6adf600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.763610] fff00000c6adf680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.763659] >fff00000c6adf700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.763697] ^ [ 16.763734] fff00000c6adf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763776] fff00000c6adf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.763814] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.748659] ================================================================== [ 16.748745] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x300/0x338 [ 16.748800] Read of size 1 at addr fff00000c3eef588 by task kunit_try_catch/184 [ 16.748850] [ 16.748883] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.748971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.749005] Hardware name: linux,dummy-virt (DT) [ 16.749054] Call trace: [ 16.749076] show_stack+0x20/0x38 (C) [ 16.749123] dump_stack_lvl+0x8c/0xd0 [ 16.749180] print_report+0x118/0x5d0 [ 16.749227] kasan_report+0xdc/0x128 [ 16.749276] __asan_report_load1_noabort+0x20/0x30 [ 16.749337] kmalloc_uaf+0x300/0x338 [ 16.749379] kunit_try_run_case+0x170/0x3f0 [ 16.749436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.749489] kthread+0x328/0x630 [ 16.749532] ret_from_fork+0x10/0x20 [ 16.749578] [ 16.749601] Allocated by task 184: [ 16.749646] kasan_save_stack+0x3c/0x68 [ 16.749692] kasan_save_track+0x20/0x40 [ 16.750097] kasan_save_alloc_info+0x40/0x58 [ 16.750363] __kasan_kmalloc+0xd4/0xd8 [ 16.750438] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.750481] kmalloc_uaf+0xb8/0x338 [ 16.750540] kunit_try_run_case+0x170/0x3f0 [ 16.750579] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.750643] kthread+0x328/0x630 [ 16.750786] ret_from_fork+0x10/0x20 [ 16.750825] [ 16.750875] Freed by task 184: [ 16.750916] kasan_save_stack+0x3c/0x68 [ 16.751052] kasan_save_track+0x20/0x40 [ 16.751163] kasan_save_free_info+0x4c/0x78 [ 16.751219] __kasan_slab_free+0x6c/0x98 [ 16.751258] kfree+0x214/0x3c8 [ 16.751347] kmalloc_uaf+0x11c/0x338 [ 16.751417] kunit_try_run_case+0x170/0x3f0 [ 16.751485] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.751562] kthread+0x328/0x630 [ 16.751699] ret_from_fork+0x10/0x20 [ 16.751851] [ 16.751930] The buggy address belongs to the object at fff00000c3eef580 [ 16.751930] which belongs to the cache kmalloc-16 of size 16 [ 16.751993] The buggy address is located 8 bytes inside of [ 16.751993] freed 16-byte region [fff00000c3eef580, fff00000c3eef590) [ 16.752054] [ 16.752076] The buggy address belongs to the physical page: [ 16.752297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.752386] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.752488] page_type: f5(slab) [ 16.752572] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.752687] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.752813] page dumped because: kasan: bad access detected [ 16.752946] [ 16.752996] Memory state around the buggy address: [ 16.753121] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.753211] fff00000c3eef500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.753336] >fff00000c3eef580: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753384] ^ [ 16.753413] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753490] fff00000c3eef680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753799] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.737685] ================================================================== [ 16.737770] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.737825] Read of size 64 at addr fff00000c6adf404 by task kunit_try_catch/182 [ 16.737877] [ 16.737907] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.738060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.738088] Hardware name: linux,dummy-virt (DT) [ 16.738280] Call trace: [ 16.738336] show_stack+0x20/0x38 (C) [ 16.738388] dump_stack_lvl+0x8c/0xd0 [ 16.738456] print_report+0x118/0x5d0 [ 16.738539] kasan_report+0xdc/0x128 [ 16.738584] kasan_check_range+0x100/0x1a8 [ 16.738632] __asan_memmove+0x3c/0x98 [ 16.738697] kmalloc_memmove_invalid_size+0x154/0x2e0 [ 16.738820] kunit_try_run_case+0x170/0x3f0 [ 16.738867] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.738934] kthread+0x328/0x630 [ 16.739103] ret_from_fork+0x10/0x20 [ 16.739222] [ 16.739244] Allocated by task 182: [ 16.739275] kasan_save_stack+0x3c/0x68 [ 16.739319] kasan_save_track+0x20/0x40 [ 16.739358] kasan_save_alloc_info+0x40/0x58 [ 16.739399] __kasan_kmalloc+0xd4/0xd8 [ 16.739435] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.739476] kmalloc_memmove_invalid_size+0xb0/0x2e0 [ 16.739614] kunit_try_run_case+0x170/0x3f0 [ 16.739779] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.739904] kthread+0x328/0x630 [ 16.739973] ret_from_fork+0x10/0x20 [ 16.740069] [ 16.740157] The buggy address belongs to the object at fff00000c6adf400 [ 16.740157] which belongs to the cache kmalloc-64 of size 64 [ 16.740239] The buggy address is located 4 bytes inside of [ 16.740239] allocated 64-byte region [fff00000c6adf400, fff00000c6adf440) [ 16.740416] [ 16.740464] The buggy address belongs to the physical page: [ 16.740806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106adf [ 16.740914] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.741004] page_type: f5(slab) [ 16.741077] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.741150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.741194] page dumped because: kasan: bad access detected [ 16.741261] [ 16.741630] Memory state around the buggy address: [ 16.741779] fff00000c6adf300: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.741913] fff00000c6adf380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.742001] >fff00000c6adf400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.742087] ^ [ 16.742121] fff00000c6adf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.742410] fff00000c6adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.742513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.727138] ================================================================== [ 16.727204] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.728977] Read of size 18446744073709551614 at addr fff00000c6adf204 by task kunit_try_catch/180 [ 16.729078] [ 16.729110] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.729192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.729218] Hardware name: linux,dummy-virt (DT) [ 16.729247] Call trace: [ 16.729269] show_stack+0x20/0x38 (C) [ 16.729319] dump_stack_lvl+0x8c/0xd0 [ 16.729365] print_report+0x118/0x5d0 [ 16.729410] kasan_report+0xdc/0x128 [ 16.729454] kasan_check_range+0x100/0x1a8 [ 16.729501] __asan_memmove+0x3c/0x98 [ 16.729542] kmalloc_memmove_negative_size+0x154/0x2e0 [ 16.729591] kunit_try_run_case+0x170/0x3f0 [ 16.729636] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.729688] kthread+0x328/0x630 [ 16.729816] ret_from_fork+0x10/0x20 [ 16.729876] [ 16.729910] Allocated by task 180: [ 16.729947] kasan_save_stack+0x3c/0x68 [ 16.729988] kasan_save_track+0x20/0x40 [ 16.730025] kasan_save_alloc_info+0x40/0x58 [ 16.730079] __kasan_kmalloc+0xd4/0xd8 [ 16.730115] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.730412] kmalloc_memmove_negative_size+0xb0/0x2e0 [ 16.730462] kunit_try_run_case+0x170/0x3f0 [ 16.730501] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.730543] kthread+0x328/0x630 [ 16.730575] ret_from_fork+0x10/0x20 [ 16.730627] [ 16.730657] The buggy address belongs to the object at fff00000c6adf200 [ 16.730657] which belongs to the cache kmalloc-64 of size 64 [ 16.730748] The buggy address is located 4 bytes inside of [ 16.730748] 64-byte region [fff00000c6adf200, fff00000c6adf240) [ 16.730819] [ 16.730839] The buggy address belongs to the physical page: [ 16.730888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106adf [ 16.730943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.730991] page_type: f5(slab) [ 16.731040] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 16.731091] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.731132] page dumped because: kasan: bad access detected [ 16.731165] [ 16.731182] Memory state around the buggy address: [ 16.731224] fff00000c6adf100: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.731267] fff00000c6adf180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.731319] >fff00000c6adf200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.731356] ^ [ 16.731384] fff00000c6adf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731433] fff00000c6adf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731473] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.717619] ================================================================== [ 16.717700] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x150/0x2f8 [ 16.717998] Write of size 16 at addr fff00000c6554e69 by task kunit_try_catch/178 [ 16.718048] [ 16.718083] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.718165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.718190] Hardware name: linux,dummy-virt (DT) [ 16.718219] Call trace: [ 16.718240] show_stack+0x20/0x38 (C) [ 16.718286] dump_stack_lvl+0x8c/0xd0 [ 16.718332] print_report+0x118/0x5d0 [ 16.718377] kasan_report+0xdc/0x128 [ 16.718446] kasan_check_range+0x100/0x1a8 [ 16.718587] __asan_memset+0x34/0x78 [ 16.718826] kmalloc_oob_memset_16+0x150/0x2f8 [ 16.718920] kunit_try_run_case+0x170/0x3f0 [ 16.718969] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.719020] kthread+0x328/0x630 [ 16.719197] ret_from_fork+0x10/0x20 [ 16.719249] [ 16.719313] Allocated by task 178: [ 16.719379] kasan_save_stack+0x3c/0x68 [ 16.719421] kasan_save_track+0x20/0x40 [ 16.719480] kasan_save_alloc_info+0x40/0x58 [ 16.719520] __kasan_kmalloc+0xd4/0xd8 [ 16.719555] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.719747] kmalloc_oob_memset_16+0xb0/0x2f8 [ 16.719835] kunit_try_run_case+0x170/0x3f0 [ 16.719905] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.719954] kthread+0x328/0x630 [ 16.719986] ret_from_fork+0x10/0x20 [ 16.720035] [ 16.720064] The buggy address belongs to the object at fff00000c6554e00 [ 16.720064] which belongs to the cache kmalloc-128 of size 128 [ 16.720123] The buggy address is located 105 bytes inside of [ 16.720123] allocated 120-byte region [fff00000c6554e00, fff00000c6554e78) [ 16.720200] [ 16.720221] The buggy address belongs to the physical page: [ 16.720259] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.720335] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.720389] page_type: f5(slab) [ 16.720435] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.720494] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.720533] page dumped because: kasan: bad access detected [ 16.720563] [ 16.720602] Memory state around the buggy address: [ 16.720632] fff00000c6554d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.720683] fff00000c6554d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720736] >fff00000c6554e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.720773] ^ [ 16.720811] fff00000c6554e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720852] fff00000c6554f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.721078] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.708175] ================================================================== [ 16.708250] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x150/0x2f8 [ 16.708321] Write of size 8 at addr fff00000c6554d71 by task kunit_try_catch/176 [ 16.708387] [ 16.708420] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.708590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.708624] Hardware name: linux,dummy-virt (DT) [ 16.708837] Call trace: [ 16.708871] show_stack+0x20/0x38 (C) [ 16.708961] dump_stack_lvl+0x8c/0xd0 [ 16.709027] print_report+0x118/0x5d0 [ 16.709092] kasan_report+0xdc/0x128 [ 16.709142] kasan_check_range+0x100/0x1a8 [ 16.709292] __asan_memset+0x34/0x78 [ 16.709333] kmalloc_oob_memset_8+0x150/0x2f8 [ 16.709378] kunit_try_run_case+0x170/0x3f0 [ 16.709634] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.709718] kthread+0x328/0x630 [ 16.709765] ret_from_fork+0x10/0x20 [ 16.709812] [ 16.709830] Allocated by task 176: [ 16.709857] kasan_save_stack+0x3c/0x68 [ 16.709897] kasan_save_track+0x20/0x40 [ 16.709934] kasan_save_alloc_info+0x40/0x58 [ 16.710063] __kasan_kmalloc+0xd4/0xd8 [ 16.710244] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.710298] kmalloc_oob_memset_8+0xb0/0x2f8 [ 16.710335] kunit_try_run_case+0x170/0x3f0 [ 16.710411] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.710473] kthread+0x328/0x630 [ 16.710544] ret_from_fork+0x10/0x20 [ 16.710580] [ 16.710619] The buggy address belongs to the object at fff00000c6554d00 [ 16.710619] which belongs to the cache kmalloc-128 of size 128 [ 16.710678] The buggy address is located 113 bytes inside of [ 16.710678] allocated 120-byte region [fff00000c6554d00, fff00000c6554d78) [ 16.710750] [ 16.710797] The buggy address belongs to the physical page: [ 16.710828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.710980] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.711027] page_type: f5(slab) [ 16.711064] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.711119] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.711176] page dumped because: kasan: bad access detected [ 16.711217] [ 16.711290] Memory state around the buggy address: [ 16.711497] fff00000c6554c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.711559] fff00000c6554c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.711606] >fff00000c6554d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.711912] ^ [ 16.712062] fff00000c6554d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712120] fff00000c6554e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712178] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.695827] ================================================================== [ 16.695895] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x150/0x300 [ 16.695947] Write of size 4 at addr fff00000c6554c75 by task kunit_try_catch/174 [ 16.695995] [ 16.696035] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.696118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.696153] Hardware name: linux,dummy-virt (DT) [ 16.696183] Call trace: [ 16.696208] show_stack+0x20/0x38 (C) [ 16.696264] dump_stack_lvl+0x8c/0xd0 [ 16.696316] print_report+0x118/0x5d0 [ 16.696362] kasan_report+0xdc/0x128 [ 16.696406] kasan_check_range+0x100/0x1a8 [ 16.696451] __asan_memset+0x34/0x78 [ 16.696492] kmalloc_oob_memset_4+0x150/0x300 [ 16.696537] kunit_try_run_case+0x170/0x3f0 [ 16.696583] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.696634] kthread+0x328/0x630 [ 16.696675] ret_from_fork+0x10/0x20 [ 16.696733] [ 16.696750] Allocated by task 174: [ 16.696777] kasan_save_stack+0x3c/0x68 [ 16.696816] kasan_save_track+0x20/0x40 [ 16.696853] kasan_save_alloc_info+0x40/0x58 [ 16.696892] __kasan_kmalloc+0xd4/0xd8 [ 16.696935] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.696973] kmalloc_oob_memset_4+0xb0/0x300 [ 16.697649] kunit_try_run_case+0x170/0x3f0 [ 16.697766] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.697864] kthread+0x328/0x630 [ 16.697897] ret_from_fork+0x10/0x20 [ 16.697935] [ 16.697954] The buggy address belongs to the object at fff00000c6554c00 [ 16.697954] which belongs to the cache kmalloc-128 of size 128 [ 16.698015] The buggy address is located 117 bytes inside of [ 16.698015] allocated 120-byte region [fff00000c6554c00, fff00000c6554c78) [ 16.698223] [ 16.698246] The buggy address belongs to the physical page: [ 16.698283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.698357] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.698466] page_type: f5(slab) [ 16.698556] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.698628] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.699024] page dumped because: kasan: bad access detected [ 16.699101] [ 16.699173] Memory state around the buggy address: [ 16.699280] fff00000c6554b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.699335] fff00000c6554b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699377] >fff00000c6554c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.699515] ^ [ 16.699555] fff00000c6554c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699740] fff00000c6554d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.699956] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.472680] ================================================================== [ 16.472752] BUG: KASAN: use-after-free in page_alloc_uaf+0x328/0x350 [ 16.473003] Read of size 1 at addr fff00000c78c0000 by task kunit_try_catch/154 [ 16.473386] [ 16.473516] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.473603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.473629] Hardware name: linux,dummy-virt (DT) [ 16.473659] Call trace: [ 16.473680] show_stack+0x20/0x38 (C) [ 16.473753] dump_stack_lvl+0x8c/0xd0 [ 16.473801] print_report+0x118/0x5d0 [ 16.474313] kasan_report+0xdc/0x128 [ 16.474563] __asan_report_load1_noabort+0x20/0x30 [ 16.474617] page_alloc_uaf+0x328/0x350 [ 16.474662] kunit_try_run_case+0x170/0x3f0 [ 16.474720] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.474773] kthread+0x328/0x630 [ 16.474814] ret_from_fork+0x10/0x20 [ 16.474861] [ 16.474888] The buggy address belongs to the physical page: [ 16.475048] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c0 [ 16.475104] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.475158] page_type: f0(buddy) [ 16.475272] raw: 0bfffe0000000000 fff00000ff616170 fff00000ff616170 0000000000000000 [ 16.475322] raw: 0000000000000000 0000000000000006 00000000f0000000 0000000000000000 [ 16.475361] page dumped because: kasan: bad access detected [ 16.475391] [ 16.475408] Memory state around the buggy address: [ 16.475439] fff00000c78bff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.475608] fff00000c78bff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.475852] >fff00000c78c0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.476477] ^ [ 16.476528] fff00000c78c0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.476572] fff00000c78c0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.476610] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.683935] ================================================================== [ 16.684007] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x150/0x2f8 [ 16.684060] Write of size 2 at addr fff00000c6554b77 by task kunit_try_catch/172 [ 16.684124] [ 16.684154] CPU: 1 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.684236] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.684261] Hardware name: linux,dummy-virt (DT) [ 16.684290] Call trace: [ 16.684312] show_stack+0x20/0x38 (C) [ 16.684358] dump_stack_lvl+0x8c/0xd0 [ 16.684580] print_report+0x118/0x5d0 [ 16.684739] kasan_report+0xdc/0x128 [ 16.684808] kasan_check_range+0x100/0x1a8 [ 16.684958] __asan_memset+0x34/0x78 [ 16.685056] kmalloc_oob_memset_2+0x150/0x2f8 [ 16.685154] kunit_try_run_case+0x170/0x3f0 [ 16.685269] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.685380] kthread+0x328/0x630 [ 16.685448] ret_from_fork+0x10/0x20 [ 16.685634] [ 16.685671] Allocated by task 172: [ 16.685699] kasan_save_stack+0x3c/0x68 [ 16.685985] kasan_save_track+0x20/0x40 [ 16.686096] kasan_save_alloc_info+0x40/0x58 [ 16.686229] __kasan_kmalloc+0xd4/0xd8 [ 16.686322] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.686456] kmalloc_oob_memset_2+0xb0/0x2f8 [ 16.686566] kunit_try_run_case+0x170/0x3f0 [ 16.686681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.686819] kthread+0x328/0x630 [ 16.686929] ret_from_fork+0x10/0x20 [ 16.686966] [ 16.686996] The buggy address belongs to the object at fff00000c6554b00 [ 16.686996] which belongs to the cache kmalloc-128 of size 128 [ 16.687086] The buggy address is located 119 bytes inside of [ 16.687086] allocated 120-byte region [fff00000c6554b00, fff00000c6554b78) [ 16.687395] [ 16.687493] The buggy address belongs to the physical page: [ 16.687603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.687664] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.687788] page_type: f5(slab) [ 16.687865] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.687929] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.687968] page dumped because: kasan: bad access detected [ 16.688131] [ 16.688149] Memory state around the buggy address: [ 16.688179] fff00000c6554a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.688377] fff00000c6554a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.688473] >fff00000c6554b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.688510] ^ [ 16.688586] fff00000c6554b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691001] fff00000c6554c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691048] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.673330] ================================================================== [ 16.673406] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x144/0x2d0 [ 16.673483] Write of size 128 at addr fff00000c6554a00 by task kunit_try_catch/170 [ 16.673625] [ 16.673656] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.673750] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.673916] Hardware name: linux,dummy-virt (DT) [ 16.673960] Call trace: [ 16.674010] show_stack+0x20/0x38 (C) [ 16.674083] dump_stack_lvl+0x8c/0xd0 [ 16.674130] print_report+0x118/0x5d0 [ 16.674181] kasan_report+0xdc/0x128 [ 16.674226] kasan_check_range+0x100/0x1a8 [ 16.674272] __asan_memset+0x34/0x78 [ 16.674323] kmalloc_oob_in_memset+0x144/0x2d0 [ 16.674368] kunit_try_run_case+0x170/0x3f0 [ 16.674414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.674465] kthread+0x328/0x630 [ 16.674504] ret_from_fork+0x10/0x20 [ 16.674549] [ 16.674574] Allocated by task 170: [ 16.674602] kasan_save_stack+0x3c/0x68 [ 16.674644] kasan_save_track+0x20/0x40 [ 16.674680] kasan_save_alloc_info+0x40/0x58 [ 16.674731] __kasan_kmalloc+0xd4/0xd8 [ 16.674767] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.674805] kmalloc_oob_in_memset+0xb0/0x2d0 [ 16.674841] kunit_try_run_case+0x170/0x3f0 [ 16.675123] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.675179] kthread+0x328/0x630 [ 16.675303] ret_from_fork+0x10/0x20 [ 16.675350] [ 16.675370] The buggy address belongs to the object at fff00000c6554a00 [ 16.675370] which belongs to the cache kmalloc-128 of size 128 [ 16.675632] The buggy address is located 0 bytes inside of [ 16.675632] allocated 120-byte region [fff00000c6554a00, fff00000c6554a78) [ 16.675791] [ 16.675841] The buggy address belongs to the physical page: [ 16.675899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.675996] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.676076] page_type: f5(slab) [ 16.676182] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.676292] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.676388] page dumped because: kasan: bad access detected [ 16.676483] [ 16.676500] Memory state around the buggy address: [ 16.676530] fff00000c6554900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.676882] fff00000c6554980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677002] >fff00000c6554a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.677101] ^ [ 16.677250] fff00000c6554a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677353] fff00000c6554b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.677422] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.663627] ================================================================== [ 16.663690] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x3bc/0x438 [ 16.663757] Read of size 16 at addr fff00000c3eef560 by task kunit_try_catch/168 [ 16.663808] [ 16.663839] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.664154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.664184] Hardware name: linux,dummy-virt (DT) [ 16.664214] Call trace: [ 16.664236] show_stack+0x20/0x38 (C) [ 16.664286] dump_stack_lvl+0x8c/0xd0 [ 16.664334] print_report+0x118/0x5d0 [ 16.664463] kasan_report+0xdc/0x128 [ 16.664537] __asan_report_load16_noabort+0x20/0x30 [ 16.664589] kmalloc_uaf_16+0x3bc/0x438 [ 16.664769] kunit_try_run_case+0x170/0x3f0 [ 16.664830] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.664884] kthread+0x328/0x630 [ 16.664940] ret_from_fork+0x10/0x20 [ 16.664997] [ 16.665015] Allocated by task 168: [ 16.665043] kasan_save_stack+0x3c/0x68 [ 16.665083] kasan_save_track+0x20/0x40 [ 16.665119] kasan_save_alloc_info+0x40/0x58 [ 16.665158] __kasan_kmalloc+0xd4/0xd8 [ 16.665193] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.665231] kmalloc_uaf_16+0x140/0x438 [ 16.665273] kunit_try_run_case+0x170/0x3f0 [ 16.665310] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.665352] kthread+0x328/0x630 [ 16.665384] ret_from_fork+0x10/0x20 [ 16.665419] [ 16.665436] Freed by task 168: [ 16.665460] kasan_save_stack+0x3c/0x68 [ 16.665495] kasan_save_track+0x20/0x40 [ 16.665540] kasan_save_free_info+0x4c/0x78 [ 16.665579] __kasan_slab_free+0x6c/0x98 [ 16.665615] kfree+0x214/0x3c8 [ 16.665647] kmalloc_uaf_16+0x190/0x438 [ 16.665680] kunit_try_run_case+0x170/0x3f0 [ 16.665729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.665771] kthread+0x328/0x630 [ 16.665801] ret_from_fork+0x10/0x20 [ 16.665835] [ 16.665852] The buggy address belongs to the object at fff00000c3eef560 [ 16.665852] which belongs to the cache kmalloc-16 of size 16 [ 16.666024] The buggy address is located 0 bytes inside of [ 16.666024] freed 16-byte region [fff00000c3eef560, fff00000c3eef570) [ 16.666151] [ 16.666175] The buggy address belongs to the physical page: [ 16.666206] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.666261] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.666452] page_type: f5(slab) [ 16.666492] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.666570] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.666629] page dumped because: kasan: bad access detected [ 16.666677] [ 16.666695] Memory state around the buggy address: [ 16.666763] fff00000c3eef400: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.666833] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.666876] >fff00000c3eef500: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 16.666914] ^ [ 16.666951] fff00000c3eef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.666992] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667028] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.652738] ================================================================== [ 16.653084] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8 [ 16.653184] Write of size 16 at addr fff00000c3eef500 by task kunit_try_catch/166 [ 16.653247] [ 16.653285] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.653386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.653441] Hardware name: linux,dummy-virt (DT) [ 16.653503] Call trace: [ 16.653541] show_stack+0x20/0x38 (C) [ 16.653606] dump_stack_lvl+0x8c/0xd0 [ 16.653689] print_report+0x118/0x5d0 [ 16.653789] kasan_report+0xdc/0x128 [ 16.653836] __asan_report_store16_noabort+0x20/0x30 [ 16.653888] kmalloc_oob_16+0x3a0/0x3f8 [ 16.653931] kunit_try_run_case+0x170/0x3f0 [ 16.654105] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.654348] kthread+0x328/0x630 [ 16.654437] ret_from_fork+0x10/0x20 [ 16.654513] [ 16.654531] Allocated by task 166: [ 16.654558] kasan_save_stack+0x3c/0x68 [ 16.654614] kasan_save_track+0x20/0x40 [ 16.654704] kasan_save_alloc_info+0x40/0x58 [ 16.654810] __kasan_kmalloc+0xd4/0xd8 [ 16.654873] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.654955] kmalloc_oob_16+0xb4/0x3f8 [ 16.654990] kunit_try_run_case+0x170/0x3f0 [ 16.655027] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.655069] kthread+0x328/0x630 [ 16.655112] ret_from_fork+0x10/0x20 [ 16.655147] [ 16.655166] The buggy address belongs to the object at fff00000c3eef500 [ 16.655166] which belongs to the cache kmalloc-16 of size 16 [ 16.655239] The buggy address is located 0 bytes inside of [ 16.655239] allocated 13-byte region [fff00000c3eef500, fff00000c3eef50d) [ 16.655348] [ 16.655382] The buggy address belongs to the physical page: [ 16.655599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.655695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.655831] page_type: f5(slab) [ 16.655981] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.656076] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.656191] page dumped because: kasan: bad access detected [ 16.656270] [ 16.656319] Memory state around the buggy address: [ 16.656383] fff00000c3eef400: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.656434] fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 16.656626] >fff00000c3eef500: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.656665] ^ [ 16.656692] fff00000c3eef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.656952] fff00000c3eef600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.657049] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.644371] ================================================================== [ 16.644419] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x4c8/0x520 [ 16.644466] Read of size 1 at addr fff00000c638a400 by task kunit_try_catch/164 [ 16.644514] [ 16.644544] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.644621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.644646] Hardware name: linux,dummy-virt (DT) [ 16.644675] Call trace: [ 16.644695] show_stack+0x20/0x38 (C) [ 16.644757] dump_stack_lvl+0x8c/0xd0 [ 16.644833] print_report+0x118/0x5d0 [ 16.644881] kasan_report+0xdc/0x128 [ 16.644930] __asan_report_load1_noabort+0x20/0x30 [ 16.644980] krealloc_uaf+0x4c8/0x520 [ 16.645023] kunit_try_run_case+0x170/0x3f0 [ 16.645069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.645120] kthread+0x328/0x630 [ 16.645160] ret_from_fork+0x10/0x20 [ 16.645207] [ 16.645234] Allocated by task 164: [ 16.645261] kasan_save_stack+0x3c/0x68 [ 16.645308] kasan_save_track+0x20/0x40 [ 16.645345] kasan_save_alloc_info+0x40/0x58 [ 16.645393] __kasan_kmalloc+0xd4/0xd8 [ 16.645430] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.645469] krealloc_uaf+0xc8/0x520 [ 16.645503] kunit_try_run_case+0x170/0x3f0 [ 16.645539] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.645581] kthread+0x328/0x630 [ 16.645620] ret_from_fork+0x10/0x20 [ 16.645664] [ 16.645682] Freed by task 164: [ 16.645706] kasan_save_stack+0x3c/0x68 [ 16.645753] kasan_save_track+0x20/0x40 [ 16.645796] kasan_save_free_info+0x4c/0x78 [ 16.645835] __kasan_slab_free+0x6c/0x98 [ 16.645870] kfree+0x214/0x3c8 [ 16.645907] krealloc_uaf+0x12c/0x520 [ 16.645943] kunit_try_run_case+0x170/0x3f0 [ 16.645988] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.646037] kthread+0x328/0x630 [ 16.646068] ret_from_fork+0x10/0x20 [ 16.646102] [ 16.646130] The buggy address belongs to the object at fff00000c638a400 [ 16.646130] which belongs to the cache kmalloc-256 of size 256 [ 16.646196] The buggy address is located 0 bytes inside of [ 16.646196] freed 256-byte region [fff00000c638a400, fff00000c638a500) [ 16.646257] [ 16.646275] The buggy address belongs to the physical page: [ 16.646315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.646367] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.646412] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.646462] page_type: f5(slab) [ 16.646506] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.646556] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.646610] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.646659] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.646717] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.646765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.646803] page dumped because: kasan: bad access detected [ 16.646833] [ 16.646850] Memory state around the buggy address: [ 16.646879] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646920] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.646961] >fff00000c638a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.646998] ^ [ 16.647346] fff00000c638a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.647417] fff00000c638a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.647495] ================================================================== [ 16.637841] ================================================================== [ 16.637977] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x180/0x520 [ 16.638049] Read of size 1 at addr fff00000c638a400 by task kunit_try_catch/164 [ 16.638104] [ 16.638135] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.638282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.638310] Hardware name: linux,dummy-virt (DT) [ 16.638365] Call trace: [ 16.638504] show_stack+0x20/0x38 (C) [ 16.638562] dump_stack_lvl+0x8c/0xd0 [ 16.638627] print_report+0x118/0x5d0 [ 16.638692] kasan_report+0xdc/0x128 [ 16.638796] __kasan_check_byte+0x54/0x70 [ 16.638849] krealloc_noprof+0x44/0x360 [ 16.638895] krealloc_uaf+0x180/0x520 [ 16.638937] kunit_try_run_case+0x170/0x3f0 [ 16.638983] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.639040] kthread+0x328/0x630 [ 16.639081] ret_from_fork+0x10/0x20 [ 16.639127] [ 16.639145] Allocated by task 164: [ 16.639172] kasan_save_stack+0x3c/0x68 [ 16.639236] kasan_save_track+0x20/0x40 [ 16.639283] kasan_save_alloc_info+0x40/0x58 [ 16.639331] __kasan_kmalloc+0xd4/0xd8 [ 16.639368] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.639406] krealloc_uaf+0xc8/0x520 [ 16.639440] kunit_try_run_case+0x170/0x3f0 [ 16.639477] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.639519] kthread+0x328/0x630 [ 16.639550] ret_from_fork+0x10/0x20 [ 16.639600] [ 16.639633] Freed by task 164: [ 16.639677] kasan_save_stack+0x3c/0x68 [ 16.639972] kasan_save_track+0x20/0x40 [ 16.640199] kasan_save_free_info+0x4c/0x78 [ 16.640315] __kasan_slab_free+0x6c/0x98 [ 16.640433] kfree+0x214/0x3c8 [ 16.640468] krealloc_uaf+0x12c/0x520 [ 16.640503] kunit_try_run_case+0x170/0x3f0 [ 16.640568] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.640610] kthread+0x328/0x630 [ 16.640643] ret_from_fork+0x10/0x20 [ 16.640691] [ 16.640728] The buggy address belongs to the object at fff00000c638a400 [ 16.640728] which belongs to the cache kmalloc-256 of size 256 [ 16.640986] The buggy address is located 0 bytes inside of [ 16.640986] freed 256-byte region [fff00000c638a400, fff00000c638a500) [ 16.641103] [ 16.641132] The buggy address belongs to the physical page: [ 16.641228] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.641358] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.641476] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.641579] page_type: f5(slab) [ 16.641768] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.641902] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.641953] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.642041] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.642441] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.642574] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.642651] page dumped because: kasan: bad access detected [ 16.643251] [ 16.643271] Memory state around the buggy address: [ 16.643303] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643345] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643387] >fff00000c638a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.643424] ^ [ 16.643450] fff00000c638a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.643491] fff00000c638a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.643528] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.530284] ================================================================== [ 16.530487] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.530671] Write of size 1 at addr fff00000c638a2da by task kunit_try_catch/158 [ 16.530813] [ 16.530847] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.530927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.530996] Hardware name: linux,dummy-virt (DT) [ 16.531064] Call trace: [ 16.531113] show_stack+0x20/0x38 (C) [ 16.531291] dump_stack_lvl+0x8c/0xd0 [ 16.531537] print_report+0x118/0x5d0 [ 16.531624] kasan_report+0xdc/0x128 [ 16.531699] __asan_report_store1_noabort+0x20/0x30 [ 16.531902] krealloc_less_oob_helper+0xa80/0xc50 [ 16.531979] krealloc_less_oob+0x20/0x38 [ 16.532146] kunit_try_run_case+0x170/0x3f0 [ 16.532244] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.532381] kthread+0x328/0x630 [ 16.532423] ret_from_fork+0x10/0x20 [ 16.532496] [ 16.532643] Allocated by task 158: [ 16.532694] kasan_save_stack+0x3c/0x68 [ 16.532913] kasan_save_track+0x20/0x40 [ 16.533149] kasan_save_alloc_info+0x40/0x58 [ 16.533368] __kasan_krealloc+0x118/0x178 [ 16.533538] krealloc_noprof+0x128/0x360 [ 16.533593] krealloc_less_oob_helper+0x168/0xc50 [ 16.533741] krealloc_less_oob+0x20/0x38 [ 16.533810] kunit_try_run_case+0x170/0x3f0 [ 16.534009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.534203] kthread+0x328/0x630 [ 16.534284] ret_from_fork+0x10/0x20 [ 16.534412] [ 16.534430] The buggy address belongs to the object at fff00000c638a200 [ 16.534430] which belongs to the cache kmalloc-256 of size 256 [ 16.534491] The buggy address is located 17 bytes to the right of [ 16.534491] allocated 201-byte region [fff00000c638a200, fff00000c638a2c9) [ 16.534567] [ 16.534593] The buggy address belongs to the physical page: [ 16.534625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.534677] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.534894] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.535046] page_type: f5(slab) [ 16.535103] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.535287] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.535363] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.535520] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.535596] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.535661] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.535703] page dumped because: kasan: bad access detected [ 16.536080] [ 16.536300] Memory state around the buggy address: [ 16.536370] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.536434] fff00000c638a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.536545] >fff00000c638a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.536612] ^ [ 16.536701] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.536755] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.536792] ================================================================== [ 16.523164] ================================================================== [ 16.523212] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.523273] Write of size 1 at addr fff00000c638a2d0 by task kunit_try_catch/158 [ 16.523322] [ 16.523351] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.523429] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.523454] Hardware name: linux,dummy-virt (DT) [ 16.523483] Call trace: [ 16.523504] show_stack+0x20/0x38 (C) [ 16.523550] dump_stack_lvl+0x8c/0xd0 [ 16.523595] print_report+0x118/0x5d0 [ 16.523641] kasan_report+0xdc/0x128 [ 16.523685] __asan_report_store1_noabort+0x20/0x30 [ 16.524876] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.524956] krealloc_less_oob+0x20/0x38 [ 16.525014] kunit_try_run_case+0x170/0x3f0 [ 16.525081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.525147] kthread+0x328/0x630 [ 16.525189] ret_from_fork+0x10/0x20 [ 16.525254] [ 16.525271] Allocated by task 158: [ 16.525313] kasan_save_stack+0x3c/0x68 [ 16.525403] kasan_save_track+0x20/0x40 [ 16.525462] kasan_save_alloc_info+0x40/0x58 [ 16.525502] __kasan_krealloc+0x118/0x178 [ 16.525544] krealloc_noprof+0x128/0x360 [ 16.525586] krealloc_less_oob_helper+0x168/0xc50 [ 16.525624] krealloc_less_oob+0x20/0x38 [ 16.525658] kunit_try_run_case+0x170/0x3f0 [ 16.525694] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.525883] kthread+0x328/0x630 [ 16.525926] ret_from_fork+0x10/0x20 [ 16.526139] [ 16.526296] The buggy address belongs to the object at fff00000c638a200 [ 16.526296] which belongs to the cache kmalloc-256 of size 256 [ 16.526495] The buggy address is located 7 bytes to the right of [ 16.526495] allocated 201-byte region [fff00000c638a200, fff00000c638a2c9) [ 16.526578] [ 16.526788] The buggy address belongs to the physical page: [ 16.526829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.526964] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.527058] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.527177] page_type: f5(slab) [ 16.527240] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.527418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.527471] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.527534] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.527879] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.528011] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.528089] page dumped because: kasan: bad access detected [ 16.528253] [ 16.528283] Memory state around the buggy address: [ 16.528349] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.528651] fff00000c638a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.528785] >fff00000c638a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.528942] ^ [ 16.529050] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529187] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.529256] ================================================================== [ 16.612819] ================================================================== [ 16.612870] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xb9c/0xc50 [ 16.612926] Write of size 1 at addr fff00000c78960d0 by task kunit_try_catch/162 [ 16.612975] [ 16.613007] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.613085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.613110] Hardware name: linux,dummy-virt (DT) [ 16.614735] Call trace: [ 16.614769] show_stack+0x20/0x38 (C) [ 16.614823] dump_stack_lvl+0x8c/0xd0 [ 16.614870] print_report+0x118/0x5d0 [ 16.614917] kasan_report+0xdc/0x128 [ 16.614962] __asan_report_store1_noabort+0x20/0x30 [ 16.615013] krealloc_less_oob_helper+0xb9c/0xc50 [ 16.615060] krealloc_large_less_oob+0x20/0x38 [ 16.615107] kunit_try_run_case+0x170/0x3f0 [ 16.615153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.615205] kthread+0x328/0x630 [ 16.615245] ret_from_fork+0x10/0x20 [ 16.615291] [ 16.615310] The buggy address belongs to the physical page: [ 16.615341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.615512] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.615579] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.615630] page_type: f8(unknown) [ 16.615667] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.615726] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.615774] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.615824] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.615932] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.615993] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.616048] page dumped because: kasan: bad access detected [ 16.616101] [ 16.616119] Memory state around the buggy address: [ 16.616148] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.616310] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.616355] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.616411] ^ [ 16.616533] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.616591] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.616628] ================================================================== [ 16.619761] ================================================================== [ 16.619814] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.619862] Write of size 1 at addr fff00000c78960ea by task kunit_try_catch/162 [ 16.619911] [ 16.620078] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.620181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.620206] Hardware name: linux,dummy-virt (DT) [ 16.620235] Call trace: [ 16.620255] show_stack+0x20/0x38 (C) [ 16.620330] dump_stack_lvl+0x8c/0xd0 [ 16.620501] print_report+0x118/0x5d0 [ 16.620617] kasan_report+0xdc/0x128 [ 16.620832] __asan_report_store1_noabort+0x20/0x30 [ 16.620885] krealloc_less_oob_helper+0xae4/0xc50 [ 16.620937] krealloc_large_less_oob+0x20/0x38 [ 16.621282] kunit_try_run_case+0x170/0x3f0 [ 16.621387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.621528] kthread+0x328/0x630 [ 16.621572] ret_from_fork+0x10/0x20 [ 16.621619] [ 16.621638] The buggy address belongs to the physical page: [ 16.621807] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.621904] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.621991] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.622053] page_type: f8(unknown) [ 16.622138] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.622220] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.622316] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.622386] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.622436] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.622617] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.622743] page dumped because: kasan: bad access detected [ 16.622865] [ 16.622985] Memory state around the buggy address: [ 16.623097] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.623158] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.623199] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.623242] ^ [ 16.623281] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.623322] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.623554] ================================================================== [ 16.538009] ================================================================== [ 16.538058] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xae4/0xc50 [ 16.538107] Write of size 1 at addr fff00000c638a2ea by task kunit_try_catch/158 [ 16.538155] [ 16.538366] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.538473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.538499] Hardware name: linux,dummy-virt (DT) [ 16.538545] Call trace: [ 16.538566] show_stack+0x20/0x38 (C) [ 16.538617] dump_stack_lvl+0x8c/0xd0 [ 16.538665] print_report+0x118/0x5d0 [ 16.538721] kasan_report+0xdc/0x128 [ 16.538766] __asan_report_store1_noabort+0x20/0x30 [ 16.538817] krealloc_less_oob_helper+0xae4/0xc50 [ 16.538864] krealloc_less_oob+0x20/0x38 [ 16.538915] kunit_try_run_case+0x170/0x3f0 [ 16.538961] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.539013] kthread+0x328/0x630 [ 16.539054] ret_from_fork+0x10/0x20 [ 16.539101] [ 16.539118] Allocated by task 158: [ 16.539152] kasan_save_stack+0x3c/0x68 [ 16.539201] kasan_save_track+0x20/0x40 [ 16.539245] kasan_save_alloc_info+0x40/0x58 [ 16.539283] __kasan_krealloc+0x118/0x178 [ 16.539319] krealloc_noprof+0x128/0x360 [ 16.539355] krealloc_less_oob_helper+0x168/0xc50 [ 16.539393] krealloc_less_oob+0x20/0x38 [ 16.539429] kunit_try_run_case+0x170/0x3f0 [ 16.539794] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.539875] kthread+0x328/0x630 [ 16.539909] ret_from_fork+0x10/0x20 [ 16.540055] [ 16.540122] The buggy address belongs to the object at fff00000c638a200 [ 16.540122] which belongs to the cache kmalloc-256 of size 256 [ 16.540435] The buggy address is located 33 bytes to the right of [ 16.540435] allocated 201-byte region [fff00000c638a200, fff00000c638a2c9) [ 16.540563] [ 16.540622] The buggy address belongs to the physical page: [ 16.540808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.540913] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.541087] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.541181] page_type: f5(slab) [ 16.541390] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.541507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.541604] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.541781] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.541853] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.541945] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.542083] page dumped because: kasan: bad access detected [ 16.542150] [ 16.542216] Memory state around the buggy address: [ 16.542248] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.542557] fff00000c638a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.542703] >fff00000c638a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.542804] ^ [ 16.542933] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543007] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543093] ================================================================== [ 16.624178] ================================================================== [ 16.624226] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.624275] Write of size 1 at addr fff00000c78960eb by task kunit_try_catch/162 [ 16.624324] [ 16.624355] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.624677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.624782] Hardware name: linux,dummy-virt (DT) [ 16.624848] Call trace: [ 16.624913] show_stack+0x20/0x38 (C) [ 16.625039] dump_stack_lvl+0x8c/0xd0 [ 16.625110] print_report+0x118/0x5d0 [ 16.625477] kasan_report+0xdc/0x128 [ 16.625556] __asan_report_store1_noabort+0x20/0x30 [ 16.625687] krealloc_less_oob_helper+0xa58/0xc50 [ 16.625766] krealloc_large_less_oob+0x20/0x38 [ 16.625868] kunit_try_run_case+0x170/0x3f0 [ 16.626183] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.626304] kthread+0x328/0x630 [ 16.626383] ret_from_fork+0x10/0x20 [ 16.626502] [ 16.626749] The buggy address belongs to the physical page: [ 16.626784] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.627020] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.627203] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.627349] page_type: f8(unknown) [ 16.627388] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.627690] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.627828] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.627944] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.628103] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.628209] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.628249] page dumped because: kasan: bad access detected [ 16.628520] [ 16.628615] Memory state around the buggy address: [ 16.628724] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.628841] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.628893] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.628939] ^ [ 16.629217] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.629328] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.629458] ================================================================== [ 16.517396] ================================================================== [ 16.517454] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.517947] Write of size 1 at addr fff00000c638a2c9 by task kunit_try_catch/158 [ 16.518112] [ 16.518281] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.518362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.518388] Hardware name: linux,dummy-virt (DT) [ 16.518418] Call trace: [ 16.518439] show_stack+0x20/0x38 (C) [ 16.518489] dump_stack_lvl+0x8c/0xd0 [ 16.518537] print_report+0x118/0x5d0 [ 16.518590] kasan_report+0xdc/0x128 [ 16.518669] __asan_report_store1_noabort+0x20/0x30 [ 16.518907] krealloc_less_oob_helper+0xa48/0xc50 [ 16.519032] krealloc_less_oob+0x20/0x38 [ 16.519194] kunit_try_run_case+0x170/0x3f0 [ 16.519304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.519355] kthread+0x328/0x630 [ 16.519396] ret_from_fork+0x10/0x20 [ 16.519443] [ 16.519461] Allocated by task 158: [ 16.519488] kasan_save_stack+0x3c/0x68 [ 16.519989] kasan_save_track+0x20/0x40 [ 16.520050] kasan_save_alloc_info+0x40/0x58 [ 16.520307] __kasan_krealloc+0x118/0x178 [ 16.520345] krealloc_noprof+0x128/0x360 [ 16.520381] krealloc_less_oob_helper+0x168/0xc50 [ 16.520419] krealloc_less_oob+0x20/0x38 [ 16.520454] kunit_try_run_case+0x170/0x3f0 [ 16.520494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.520548] kthread+0x328/0x630 [ 16.520580] ret_from_fork+0x10/0x20 [ 16.520614] [ 16.520886] The buggy address belongs to the object at fff00000c638a200 [ 16.520886] which belongs to the cache kmalloc-256 of size 256 [ 16.520954] The buggy address is located 0 bytes to the right of [ 16.520954] allocated 201-byte region [fff00000c638a200, fff00000c638a2c9) [ 16.521019] [ 16.521039] The buggy address belongs to the physical page: [ 16.521071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.521126] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.521184] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.521236] page_type: f5(slab) [ 16.521523] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.521615] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.521902] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.521955] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.522004] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.522052] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.522093] page dumped because: kasan: bad access detected [ 16.522123] [ 16.522140] Memory state around the buggy address: [ 16.522170] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522216] fff00000c638a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.522258] >fff00000c638a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.522295] ^ [ 16.522329] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522371] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522408] ================================================================== [ 16.617248] ================================================================== [ 16.617313] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa80/0xc50 [ 16.617380] Write of size 1 at addr fff00000c78960da by task kunit_try_catch/162 [ 16.617474] [ 16.617572] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.617651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.617701] Hardware name: linux,dummy-virt (DT) [ 16.617755] Call trace: [ 16.617793] show_stack+0x20/0x38 (C) [ 16.617859] dump_stack_lvl+0x8c/0xd0 [ 16.617911] print_report+0x118/0x5d0 [ 16.617963] kasan_report+0xdc/0x128 [ 16.618017] __asan_report_store1_noabort+0x20/0x30 [ 16.618068] krealloc_less_oob_helper+0xa80/0xc50 [ 16.618115] krealloc_large_less_oob+0x20/0x38 [ 16.618162] kunit_try_run_case+0x170/0x3f0 [ 16.618208] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.618259] kthread+0x328/0x630 [ 16.618299] ret_from_fork+0x10/0x20 [ 16.618344] [ 16.618363] The buggy address belongs to the physical page: [ 16.618402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.618454] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.618500] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.618550] page_type: f8(unknown) [ 16.618585] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618634] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618683] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.618751] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.618801] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.618849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.618887] page dumped because: kasan: bad access detected [ 16.618917] [ 16.618934] Memory state around the buggy address: [ 16.618963] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.619004] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.619045] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.619081] ^ [ 16.619117] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.619158] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.619195] ================================================================== [ 16.544255] ================================================================== [ 16.544454] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa58/0xc50 [ 16.544524] Write of size 1 at addr fff00000c638a2eb by task kunit_try_catch/158 [ 16.544579] [ 16.544619] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.544699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.544735] Hardware name: linux,dummy-virt (DT) [ 16.545027] Call trace: [ 16.545094] show_stack+0x20/0x38 (C) [ 16.545223] dump_stack_lvl+0x8c/0xd0 [ 16.545279] print_report+0x118/0x5d0 [ 16.545345] kasan_report+0xdc/0x128 [ 16.545398] __asan_report_store1_noabort+0x20/0x30 [ 16.545507] krealloc_less_oob_helper+0xa58/0xc50 [ 16.545574] krealloc_less_oob+0x20/0x38 [ 16.545619] kunit_try_run_case+0x170/0x3f0 [ 16.545671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.545955] kthread+0x328/0x630 [ 16.546027] ret_from_fork+0x10/0x20 [ 16.546081] [ 16.546098] Allocated by task 158: [ 16.546126] kasan_save_stack+0x3c/0x68 [ 16.546259] kasan_save_track+0x20/0x40 [ 16.546326] kasan_save_alloc_info+0x40/0x58 [ 16.546383] __kasan_krealloc+0x118/0x178 [ 16.546497] krealloc_noprof+0x128/0x360 [ 16.546551] krealloc_less_oob_helper+0x168/0xc50 [ 16.546609] krealloc_less_oob+0x20/0x38 [ 16.546645] kunit_try_run_case+0x170/0x3f0 [ 16.546681] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.547039] kthread+0x328/0x630 [ 16.547082] ret_from_fork+0x10/0x20 [ 16.547118] [ 16.547137] The buggy address belongs to the object at fff00000c638a200 [ 16.547137] which belongs to the cache kmalloc-256 of size 256 [ 16.547291] The buggy address is located 34 bytes to the right of [ 16.547291] allocated 201-byte region [fff00000c638a200, fff00000c638a2c9) [ 16.547391] [ 16.547411] The buggy address belongs to the physical page: [ 16.547658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.547823] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.547932] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.548149] page_type: f5(slab) [ 16.548228] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.548303] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.548491] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.548554] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.548799] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.548905] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.548964] page dumped because: kasan: bad access detected [ 16.549076] [ 16.549176] Memory state around the buggy address: [ 16.549253] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.549597] fff00000c638a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.549646] >fff00000c638a280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.549683] ^ [ 16.549757] fff00000c638a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.550037] fff00000c638a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.550103] ================================================================== [ 16.599064] ================================================================== [ 16.599125] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xa48/0xc50 [ 16.599181] Write of size 1 at addr fff00000c78960c9 by task kunit_try_catch/162 [ 16.599243] [ 16.599276] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.599355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.599381] Hardware name: linux,dummy-virt (DT) [ 16.599411] Call trace: [ 16.599432] show_stack+0x20/0x38 (C) [ 16.601224] dump_stack_lvl+0x8c/0xd0 [ 16.601650] print_report+0x118/0x5d0 [ 16.602279] kasan_report+0xdc/0x128 [ 16.602886] __asan_report_store1_noabort+0x20/0x30 [ 16.603016] krealloc_less_oob_helper+0xa48/0xc50 [ 16.603190] krealloc_large_less_oob+0x20/0x38 [ 16.603672] kunit_try_run_case+0x170/0x3f0 [ 16.604304] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.604656] kthread+0x328/0x630 [ 16.604990] ret_from_fork+0x10/0x20 [ 16.605437] [ 16.605543] The buggy address belongs to the physical page: [ 16.605622] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.606112] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.606378] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.606831] page_type: f8(unknown) [ 16.607426] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.607668] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.608064] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.608399] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.608629] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.608680] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.609316] page dumped because: kasan: bad access detected [ 16.609555] [ 16.609574] Memory state around the buggy address: [ 16.609607] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.610053] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.610273] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.610457] ^ [ 16.610494] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.610817] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.611063] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.490256] ================================================================== [ 16.490316] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.490371] Write of size 1 at addr fff00000c638a0eb by task kunit_try_catch/156 [ 16.490420] [ 16.490451] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.490539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.490641] Hardware name: linux,dummy-virt (DT) [ 16.490672] Call trace: [ 16.490774] show_stack+0x20/0x38 (C) [ 16.490972] dump_stack_lvl+0x8c/0xd0 [ 16.491079] print_report+0x118/0x5d0 [ 16.491304] kasan_report+0xdc/0x128 [ 16.491351] __asan_report_store1_noabort+0x20/0x30 [ 16.491402] krealloc_more_oob_helper+0x60c/0x678 [ 16.491450] krealloc_more_oob+0x20/0x38 [ 16.491650] kunit_try_run_case+0x170/0x3f0 [ 16.491706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.491768] kthread+0x328/0x630 [ 16.492217] ret_from_fork+0x10/0x20 [ 16.492415] [ 16.492617] Allocated by task 156: [ 16.492984] kasan_save_stack+0x3c/0x68 [ 16.493263] kasan_save_track+0x20/0x40 [ 16.493396] kasan_save_alloc_info+0x40/0x58 [ 16.493455] __kasan_krealloc+0x118/0x178 [ 16.493492] krealloc_noprof+0x128/0x360 [ 16.493586] krealloc_more_oob_helper+0x168/0x678 [ 16.493625] krealloc_more_oob+0x20/0x38 [ 16.493660] kunit_try_run_case+0x170/0x3f0 [ 16.493921] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.494084] kthread+0x328/0x630 [ 16.494120] ret_from_fork+0x10/0x20 [ 16.494169] [ 16.494188] The buggy address belongs to the object at fff00000c638a000 [ 16.494188] which belongs to the cache kmalloc-256 of size 256 [ 16.494247] The buggy address is located 0 bytes to the right of [ 16.494247] allocated 235-byte region [fff00000c638a000, fff00000c638a0eb) [ 16.494311] [ 16.494653] The buggy address belongs to the physical page: [ 16.494899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.494962] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.495015] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.495342] page_type: f5(slab) [ 16.495389] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.495897] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.495952] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.496001] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.496075] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.496231] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.496308] page dumped because: kasan: bad access detected [ 16.496593] [ 16.496612] Memory state around the buggy address: [ 16.496719] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.496835] fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.496891] >fff00000c638a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.497007] ^ [ 16.497047] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.497088] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.497212] ================================================================== [ 16.498659] ================================================================== [ 16.498757] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.498812] Write of size 1 at addr fff00000c638a0f0 by task kunit_try_catch/156 [ 16.498884] [ 16.499039] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.499196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.499264] Hardware name: linux,dummy-virt (DT) [ 16.499295] Call trace: [ 16.499315] show_stack+0x20/0x38 (C) [ 16.499670] dump_stack_lvl+0x8c/0xd0 [ 16.499848] print_report+0x118/0x5d0 [ 16.499988] kasan_report+0xdc/0x128 [ 16.500203] __asan_report_store1_noabort+0x20/0x30 [ 16.500326] krealloc_more_oob_helper+0x5c0/0x678 [ 16.500417] krealloc_more_oob+0x20/0x38 [ 16.500468] kunit_try_run_case+0x170/0x3f0 [ 16.500521] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.500942] kthread+0x328/0x630 [ 16.501197] ret_from_fork+0x10/0x20 [ 16.501339] [ 16.501357] Allocated by task 156: [ 16.501481] kasan_save_stack+0x3c/0x68 [ 16.501522] kasan_save_track+0x20/0x40 [ 16.501559] kasan_save_alloc_info+0x40/0x58 [ 16.501618] __kasan_krealloc+0x118/0x178 [ 16.501968] krealloc_noprof+0x128/0x360 [ 16.502189] krealloc_more_oob_helper+0x168/0x678 [ 16.502270] krealloc_more_oob+0x20/0x38 [ 16.502306] kunit_try_run_case+0x170/0x3f0 [ 16.502381] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.502455] kthread+0x328/0x630 [ 16.502489] ret_from_fork+0x10/0x20 [ 16.502523] [ 16.502542] The buggy address belongs to the object at fff00000c638a000 [ 16.502542] which belongs to the cache kmalloc-256 of size 256 [ 16.502600] The buggy address is located 5 bytes to the right of [ 16.502600] allocated 235-byte region [fff00000c638a000, fff00000c638a0eb) [ 16.502664] [ 16.502684] The buggy address belongs to the physical page: [ 16.502725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10638a [ 16.503050] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.503108] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.503348] page_type: f5(slab) [ 16.503764] raw: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.503901] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.503951] head: 0bfffe0000000040 fff00000c0001b40 dead000000000122 0000000000000000 [ 16.504217] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.504367] head: 0bfffe0000000001 ffffc1ffc318e281 00000000ffffffff 00000000ffffffff [ 16.504429] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.504514] page dumped because: kasan: bad access detected [ 16.504675] [ 16.504699] Memory state around the buggy address: [ 16.504740] fff00000c6389f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.504841] fff00000c638a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.504882] >fff00000c638a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.504923] ^ [ 16.505024] fff00000c638a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505226] fff00000c638a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505264] ================================================================== [ 16.576766] ================================================================== [ 16.576833] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x5c0/0x678 [ 16.576890] Write of size 1 at addr fff00000c78960f0 by task kunit_try_catch/160 [ 16.577013] [ 16.577097] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.577208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.577263] Hardware name: linux,dummy-virt (DT) [ 16.577311] Call trace: [ 16.577356] show_stack+0x20/0x38 (C) [ 16.577407] dump_stack_lvl+0x8c/0xd0 [ 16.577474] print_report+0x118/0x5d0 [ 16.577589] kasan_report+0xdc/0x128 [ 16.577654] __asan_report_store1_noabort+0x20/0x30 [ 16.577705] krealloc_more_oob_helper+0x5c0/0x678 [ 16.577956] krealloc_large_more_oob+0x20/0x38 [ 16.578069] kunit_try_run_case+0x170/0x3f0 [ 16.578137] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.578190] kthread+0x328/0x630 [ 16.578245] ret_from_fork+0x10/0x20 [ 16.578311] [ 16.578336] The buggy address belongs to the physical page: [ 16.578385] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.578493] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.578557] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.578648] page_type: f8(unknown) [ 16.578761] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.578812] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.578896] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.578951] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.579017] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.579066] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.579113] page dumped because: kasan: bad access detected [ 16.579143] [ 16.579187] Memory state around the buggy address: [ 16.579522] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.579620] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.579701] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.579842] ^ [ 16.579884] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.579961] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.580047] ================================================================== [ 16.561684] ================================================================== [ 16.561811] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x60c/0x678 [ 16.561883] Write of size 1 at addr fff00000c78960eb by task kunit_try_catch/160 [ 16.561975] [ 16.562011] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.562093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.562119] Hardware name: linux,dummy-virt (DT) [ 16.562155] Call trace: [ 16.562329] show_stack+0x20/0x38 (C) [ 16.562457] dump_stack_lvl+0x8c/0xd0 [ 16.562526] print_report+0x118/0x5d0 [ 16.562615] kasan_report+0xdc/0x128 [ 16.562660] __asan_report_store1_noabort+0x20/0x30 [ 16.562731] krealloc_more_oob_helper+0x60c/0x678 [ 16.562887] krealloc_large_more_oob+0x20/0x38 [ 16.563013] kunit_try_run_case+0x170/0x3f0 [ 16.563139] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.563317] kthread+0x328/0x630 [ 16.563399] ret_from_fork+0x10/0x20 [ 16.563454] [ 16.563474] The buggy address belongs to the physical page: [ 16.563506] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107894 [ 16.563765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.564399] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.565792] page_type: f8(unknown) [ 16.565858] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.566336] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.566634] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.566686] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.568078] head: 0bfffe0000000002 ffffc1ffc31e2501 00000000ffffffff 00000000ffffffff [ 16.568478] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.568536] page dumped because: kasan: bad access detected [ 16.568568] [ 16.568587] Memory state around the buggy address: [ 16.568619] fff00000c7895f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.569307] fff00000c7896000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.570396] >fff00000c7896080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.570774] ^ [ 16.570926] fff00000c7896100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.571271] fff00000c7896180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.571802] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.453216] ================================================================== [ 16.453397] BUG: KASAN: invalid-free in kfree+0x270/0x3c8 [ 16.453666] Free of addr fff00000c7890001 by task kunit_try_catch/150 [ 16.453806] [ 16.453841] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.453943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.453970] Hardware name: linux,dummy-virt (DT) [ 16.454047] Call trace: [ 16.454076] show_stack+0x20/0x38 (C) [ 16.454318] dump_stack_lvl+0x8c/0xd0 [ 16.454447] print_report+0x118/0x5d0 [ 16.454498] kasan_report_invalid_free+0xc0/0xe8 [ 16.454565] __kasan_kfree_large+0x5c/0xa8 [ 16.454647] free_large_kmalloc+0x64/0x190 [ 16.454691] kfree+0x270/0x3c8 [ 16.454743] kmalloc_large_invalid_free+0x108/0x270 [ 16.454791] kunit_try_run_case+0x170/0x3f0 [ 16.454839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.454980] kthread+0x328/0x630 [ 16.455035] ret_from_fork+0x10/0x20 [ 16.455082] [ 16.455101] The buggy address belongs to the physical page: [ 16.455173] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 16.455238] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.455375] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.455545] page_type: f8(unknown) [ 16.455590] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.455640] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.455732] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.455780] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.455935] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 16.456077] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.456188] page dumped because: kasan: bad access detected [ 16.456311] [ 16.456405] Memory state around the buggy address: [ 16.456467] fff00000c788ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.456833] fff00000c788ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.456900] >fff00000c7890000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.457009] ^ [ 16.457103] fff00000c7890080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.457146] fff00000c7890100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.457486] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.444877] ================================================================== [ 16.444953] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2cc/0x2f8 [ 16.445194] Read of size 1 at addr fff00000c7890000 by task kunit_try_catch/148 [ 16.445259] [ 16.445340] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.445453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.445487] Hardware name: linux,dummy-virt (DT) [ 16.445517] Call trace: [ 16.445693] show_stack+0x20/0x38 (C) [ 16.445814] dump_stack_lvl+0x8c/0xd0 [ 16.445920] print_report+0x118/0x5d0 [ 16.445974] kasan_report+0xdc/0x128 [ 16.446018] __asan_report_load1_noabort+0x20/0x30 [ 16.446125] kmalloc_large_uaf+0x2cc/0x2f8 [ 16.446172] kunit_try_run_case+0x170/0x3f0 [ 16.446218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.446436] kthread+0x328/0x630 [ 16.446525] ret_from_fork+0x10/0x20 [ 16.446612] [ 16.446651] The buggy address belongs to the physical page: [ 16.446748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 16.446805] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.446866] raw: 0bfffe0000000000 ffffc1ffc31e2508 fff00000da478c40 0000000000000000 [ 16.446921] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.447106] page dumped because: kasan: bad access detected [ 16.447164] [ 16.447266] Memory state around the buggy address: [ 16.447351] fff00000c788ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447461] fff00000c788ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.447504] >fff00000c7890000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.447541] ^ [ 16.447568] fff00000c7890080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.447798] fff00000c7890100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.448007] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.434193] ================================================================== [ 16.434296] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x278/0x2b8 [ 16.434435] Write of size 1 at addr fff00000c789200a by task kunit_try_catch/146 [ 16.434487] [ 16.434860] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.434965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.434992] Hardware name: linux,dummy-virt (DT) [ 16.435118] Call trace: [ 16.435144] show_stack+0x20/0x38 (C) [ 16.435235] dump_stack_lvl+0x8c/0xd0 [ 16.435407] print_report+0x118/0x5d0 [ 16.435476] kasan_report+0xdc/0x128 [ 16.435559] __asan_report_store1_noabort+0x20/0x30 [ 16.436049] kmalloc_large_oob_right+0x278/0x2b8 [ 16.436139] kunit_try_run_case+0x170/0x3f0 [ 16.436305] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.436409] kthread+0x328/0x630 [ 16.436539] ret_from_fork+0x10/0x20 [ 16.436614] [ 16.436651] The buggy address belongs to the physical page: [ 16.437009] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107890 [ 16.437092] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.437147] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.437268] page_type: f8(unknown) [ 16.437309] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.437358] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.437408] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.437467] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.437525] head: 0bfffe0000000002 ffffc1ffc31e2401 00000000ffffffff 00000000ffffffff [ 16.437582] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.437632] page dumped because: kasan: bad access detected [ 16.437671] [ 16.437688] Memory state around the buggy address: [ 16.437861] fff00000c7891f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.437903] fff00000c7891f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.437944] >fff00000c7892000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.437981] ^ [ 16.438008] fff00000c7892080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.438066] fff00000c7892100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.438103] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.421592] ================================================================== [ 16.421655] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.422369] Write of size 1 at addr fff00000c65fdf00 by task kunit_try_catch/144 [ 16.422482] [ 16.422519] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.422881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.422919] Hardware name: linux,dummy-virt (DT) [ 16.423035] Call trace: [ 16.423097] show_stack+0x20/0x38 (C) [ 16.423216] dump_stack_lvl+0x8c/0xd0 [ 16.423301] print_report+0x118/0x5d0 [ 16.423398] kasan_report+0xdc/0x128 [ 16.423749] __asan_report_store1_noabort+0x20/0x30 [ 16.423893] kmalloc_big_oob_right+0x2a4/0x2f0 [ 16.423994] kunit_try_run_case+0x170/0x3f0 [ 16.424152] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.424250] kthread+0x328/0x630 [ 16.424410] ret_from_fork+0x10/0x20 [ 16.424519] [ 16.424640] Allocated by task 144: [ 16.424948] kasan_save_stack+0x3c/0x68 [ 16.425017] kasan_save_track+0x20/0x40 [ 16.425139] kasan_save_alloc_info+0x40/0x58 [ 16.425269] __kasan_kmalloc+0xd4/0xd8 [ 16.425378] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.425454] kmalloc_big_oob_right+0xb8/0x2f0 [ 16.425598] kunit_try_run_case+0x170/0x3f0 [ 16.425731] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.425779] kthread+0x328/0x630 [ 16.425874] ret_from_fork+0x10/0x20 [ 16.426090] [ 16.426112] The buggy address belongs to the object at fff00000c65fc000 [ 16.426112] which belongs to the cache kmalloc-8k of size 8192 [ 16.426264] The buggy address is located 0 bytes to the right of [ 16.426264] allocated 7936-byte region [fff00000c65fc000, fff00000c65fdf00) [ 16.426341] [ 16.426381] The buggy address belongs to the physical page: [ 16.426603] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f8 [ 16.426811] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.426975] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.427080] page_type: f5(slab) [ 16.427276] raw: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.427413] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.427479] head: 0bfffe0000000040 fff00000c0002280 dead000000000122 0000000000000000 [ 16.427528] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.427576] head: 0bfffe0000000003 ffffc1ffc3197e01 00000000ffffffff 00000000ffffffff [ 16.427932] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.427976] page dumped because: kasan: bad access detected [ 16.428017] [ 16.428035] Memory state around the buggy address: [ 16.428066] fff00000c65fde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.428109] fff00000c65fde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.428151] >fff00000c65fdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.428189] ^ [ 16.428215] fff00000c65fdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.428256] fff00000c65fe000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.428294] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.402156] ================================================================== [ 16.402285] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.402347] Write of size 1 at addr fff00000c6554878 by task kunit_try_catch/142 [ 16.402416] [ 16.402609] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.402942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.402981] Hardware name: linux,dummy-virt (DT) [ 16.403028] Call trace: [ 16.403053] show_stack+0x20/0x38 (C) [ 16.403151] dump_stack_lvl+0x8c/0xd0 [ 16.403204] print_report+0x118/0x5d0 [ 16.403433] kasan_report+0xdc/0x128 [ 16.403482] __asan_report_store1_noabort+0x20/0x30 [ 16.403844] kmalloc_track_caller_oob_right+0x40c/0x488 [ 16.403935] kunit_try_run_case+0x170/0x3f0 [ 16.404078] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.404186] kthread+0x328/0x630 [ 16.404331] ret_from_fork+0x10/0x20 [ 16.404381] [ 16.404434] Allocated by task 142: [ 16.404636] kasan_save_stack+0x3c/0x68 [ 16.404782] kasan_save_track+0x20/0x40 [ 16.404932] kasan_save_alloc_info+0x40/0x58 [ 16.405002] __kasan_kmalloc+0xd4/0xd8 [ 16.405185] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.405351] kmalloc_track_caller_oob_right+0xa8/0x488 [ 16.405478] kunit_try_run_case+0x170/0x3f0 [ 16.405566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.405633] kthread+0x328/0x630 [ 16.405869] ret_from_fork+0x10/0x20 [ 16.405999] [ 16.406037] The buggy address belongs to the object at fff00000c6554800 [ 16.406037] which belongs to the cache kmalloc-128 of size 128 [ 16.406163] The buggy address is located 0 bytes to the right of [ 16.406163] allocated 120-byte region [fff00000c6554800, fff00000c6554878) [ 16.406239] [ 16.406259] The buggy address belongs to the physical page: [ 16.406396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.406486] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.406639] page_type: f5(slab) [ 16.406744] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.406832] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.406873] page dumped because: kasan: bad access detected [ 16.406910] [ 16.407119] Memory state around the buggy address: [ 16.407285] fff00000c6554700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.407431] fff00000c6554780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.407502] >fff00000c6554800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.407547] ^ [ 16.407586] fff00000c6554880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408300] fff00000c6554900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408377] ================================================================== [ 16.409705] ================================================================== [ 16.409789] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488 [ 16.409962] Write of size 1 at addr fff00000c6554978 by task kunit_try_catch/142 [ 16.410026] [ 16.410113] CPU: 1 UID: 0 PID: 142 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.410227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.410253] Hardware name: linux,dummy-virt (DT) [ 16.410289] Call trace: [ 16.410381] show_stack+0x20/0x38 (C) [ 16.410458] dump_stack_lvl+0x8c/0xd0 [ 16.410524] print_report+0x118/0x5d0 [ 16.410618] kasan_report+0xdc/0x128 [ 16.410665] __asan_report_store1_noabort+0x20/0x30 [ 16.410731] kmalloc_track_caller_oob_right+0x418/0x488 [ 16.410785] kunit_try_run_case+0x170/0x3f0 [ 16.411003] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.411157] kthread+0x328/0x630 [ 16.411202] ret_from_fork+0x10/0x20 [ 16.411257] [ 16.411465] Allocated by task 142: [ 16.411614] kasan_save_stack+0x3c/0x68 [ 16.411753] kasan_save_track+0x20/0x40 [ 16.411851] kasan_save_alloc_info+0x40/0x58 [ 16.411891] __kasan_kmalloc+0xd4/0xd8 [ 16.411960] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.412004] kmalloc_track_caller_oob_right+0x184/0x488 [ 16.412044] kunit_try_run_case+0x170/0x3f0 [ 16.412081] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.412123] kthread+0x328/0x630 [ 16.412154] ret_from_fork+0x10/0x20 [ 16.412189] [ 16.412207] The buggy address belongs to the object at fff00000c6554900 [ 16.412207] which belongs to the cache kmalloc-128 of size 128 [ 16.412456] The buggy address is located 0 bytes to the right of [ 16.412456] allocated 120-byte region [fff00000c6554900, fff00000c6554978) [ 16.412623] [ 16.412646] The buggy address belongs to the physical page: [ 16.413101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.413277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.413373] page_type: f5(slab) [ 16.413487] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.413537] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.413822] page dumped because: kasan: bad access detected [ 16.413922] [ 16.413976] Memory state around the buggy address: [ 16.414054] fff00000c6554800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.414153] fff00000c6554880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414195] >fff00000c6554900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.414243] ^ [ 16.414408] fff00000c6554980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414522] fff00000c6554a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.388571] ================================================================== [ 16.388742] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x2f4/0x330 [ 16.388816] Read of size 1 at addr fff00000c65d7000 by task kunit_try_catch/140 [ 16.388901] [ 16.389032] CPU: 1 UID: 0 PID: 140 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.389156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.389189] Hardware name: linux,dummy-virt (DT) [ 16.389219] Call trace: [ 16.389242] show_stack+0x20/0x38 (C) [ 16.389294] dump_stack_lvl+0x8c/0xd0 [ 16.389343] print_report+0x118/0x5d0 [ 16.389389] kasan_report+0xdc/0x128 [ 16.389434] __asan_report_load1_noabort+0x20/0x30 [ 16.389484] kmalloc_node_oob_right+0x2f4/0x330 [ 16.389581] kunit_try_run_case+0x170/0x3f0 [ 16.389641] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.389702] kthread+0x328/0x630 [ 16.389983] ret_from_fork+0x10/0x20 [ 16.390093] [ 16.390208] Allocated by task 140: [ 16.390403] kasan_save_stack+0x3c/0x68 [ 16.390560] kasan_save_track+0x20/0x40 [ 16.390619] kasan_save_alloc_info+0x40/0x58 [ 16.390676] __kasan_kmalloc+0xd4/0xd8 [ 16.390733] __kmalloc_cache_node_noprof+0x178/0x3d0 [ 16.390815] kmalloc_node_oob_right+0xbc/0x330 [ 16.390883] kunit_try_run_case+0x170/0x3f0 [ 16.390939] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.391126] kthread+0x328/0x630 [ 16.391185] ret_from_fork+0x10/0x20 [ 16.391267] [ 16.391300] The buggy address belongs to the object at fff00000c65d6000 [ 16.391300] which belongs to the cache kmalloc-4k of size 4096 [ 16.391457] The buggy address is located 0 bytes to the right of [ 16.391457] allocated 4096-byte region [fff00000c65d6000, fff00000c65d7000) [ 16.391651] [ 16.391769] The buggy address belongs to the physical page: [ 16.391986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065d0 [ 16.392203] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.392610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff) [ 16.392844] page_type: f5(slab) [ 16.392981] raw: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.393102] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.393334] head: 0bfffe0000000040 fff00000c0002140 dead000000000122 0000000000000000 [ 16.393421] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.393597] head: 0bfffe0000000003 ffffc1ffc3197401 00000000ffffffff 00000000ffffffff [ 16.393683] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.393861] page dumped because: kasan: bad access detected [ 16.394005] [ 16.394053] Memory state around the buggy address: [ 16.394102] fff00000c65d6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.394194] fff00000c65d6f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.394320] >fff00000c65d7000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394359] ^ [ 16.394393] fff00000c65d7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394549] fff00000c65d7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.394614] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.370056] ================================================================== [ 16.370119] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x2ec/0x320 [ 16.370173] Read of size 1 at addr fff00000c3eef4df by task kunit_try_catch/138 [ 16.370239] [ 16.370377] CPU: 1 UID: 0 PID: 138 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.370459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370485] Hardware name: linux,dummy-virt (DT) [ 16.370636] Call trace: [ 16.370735] show_stack+0x20/0x38 (C) [ 16.370798] dump_stack_lvl+0x8c/0xd0 [ 16.370846] print_report+0x118/0x5d0 [ 16.370980] kasan_report+0xdc/0x128 [ 16.371026] __asan_report_load1_noabort+0x20/0x30 [ 16.371183] kmalloc_oob_left+0x2ec/0x320 [ 16.371279] kunit_try_run_case+0x170/0x3f0 [ 16.371520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.371626] kthread+0x328/0x630 [ 16.371772] ret_from_fork+0x10/0x20 [ 16.371843] [ 16.371860] Allocated by task 47: [ 16.371889] kasan_save_stack+0x3c/0x68 [ 16.371929] kasan_save_track+0x20/0x40 [ 16.371967] kasan_save_alloc_info+0x40/0x58 [ 16.372005] __kasan_kmalloc+0xd4/0xd8 [ 16.372319] __kmalloc_node_track_caller_noprof+0x194/0x4b8 [ 16.372452] kvasprintf+0xe0/0x180 [ 16.372556] __kthread_create_on_node+0x16c/0x350 [ 16.372639] kthread_create_on_node+0xe4/0x130 [ 16.372735] create_worker+0x380/0x6b8 [ 16.372771] worker_thread+0x808/0xf38 [ 16.373074] kthread+0x328/0x630 [ 16.373171] ret_from_fork+0x10/0x20 [ 16.373261] [ 16.373327] The buggy address belongs to the object at fff00000c3eef4c0 [ 16.373327] which belongs to the cache kmalloc-16 of size 16 [ 16.373441] The buggy address is located 19 bytes to the right of [ 16.373441] allocated 12-byte region [fff00000c3eef4c0, fff00000c3eef4cc) [ 16.373539] [ 16.373743] The buggy address belongs to the physical page: [ 16.373908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103eef [ 16.374037] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.374102] page_type: f5(slab) [ 16.374194] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 16.374245] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.374293] page dumped because: kasan: bad access detected [ 16.374470] [ 16.374608] Memory state around the buggy address: [ 16.374688] fff00000c3eef380: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 16.374796] fff00000c3eef400: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.374857] >fff00000c3eef480: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 16.374893] ^ [ 16.375172] fff00000c3eef500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.375304] fff00000c3eef580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.375430] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.357220] ================================================================== [ 16.357260] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 16.357307] Write of size 1 at addr fff00000c6554778 by task kunit_try_catch/136 [ 16.357367] [ 16.357398] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.357478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.357503] Hardware name: linux,dummy-virt (DT) [ 16.357532] Call trace: [ 16.357553] show_stack+0x20/0x38 (C) [ 16.357600] dump_stack_lvl+0x8c/0xd0 [ 16.357646] print_report+0x118/0x5d0 [ 16.357691] kasan_report+0xdc/0x128 [ 16.357766] __asan_report_store1_noabort+0x20/0x30 [ 16.357826] kmalloc_oob_right+0x538/0x660 [ 16.357880] kunit_try_run_case+0x170/0x3f0 [ 16.357927] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.357979] kthread+0x328/0x630 [ 16.358019] ret_from_fork+0x10/0x20 [ 16.358065] [ 16.358092] Allocated by task 136: [ 16.358119] kasan_save_stack+0x3c/0x68 [ 16.358158] kasan_save_track+0x20/0x40 [ 16.358195] kasan_save_alloc_info+0x40/0x58 [ 16.358234] __kasan_kmalloc+0xd4/0xd8 [ 16.358274] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.358317] kmalloc_oob_right+0xb0/0x660 [ 16.358352] kunit_try_run_case+0x170/0x3f0 [ 16.358396] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.358439] kthread+0x328/0x630 [ 16.358470] ret_from_fork+0x10/0x20 [ 16.358504] [ 16.358522] The buggy address belongs to the object at fff00000c6554700 [ 16.358522] which belongs to the cache kmalloc-128 of size 128 [ 16.358587] The buggy address is located 5 bytes to the right of [ 16.358587] allocated 115-byte region [fff00000c6554700, fff00000c6554773) [ 16.358652] [ 16.358670] The buggy address belongs to the physical page: [ 16.358699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.359014] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.359083] page_type: f5(slab) [ 16.359359] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.359417] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.359471] page dumped because: kasan: bad access detected [ 16.359501] [ 16.359519] Memory state around the buggy address: [ 16.360193] fff00000c6554600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.360238] fff00000c6554680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360280] >fff00000c6554700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.360318] ^ [ 16.360357] fff00000c6554780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360398] fff00000c6554800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360435] ================================================================== [ 16.360779] ================================================================== [ 16.360830] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 16.360876] Read of size 1 at addr fff00000c6554780 by task kunit_try_catch/136 [ 16.360931] [ 16.360959] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 16.361037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.361063] Hardware name: linux,dummy-virt (DT) [ 16.361091] Call trace: [ 16.361111] show_stack+0x20/0x38 (C) [ 16.361157] dump_stack_lvl+0x8c/0xd0 [ 16.361276] print_report+0x118/0x5d0 [ 16.361352] kasan_report+0xdc/0x128 [ 16.361432] __asan_report_load1_noabort+0x20/0x30 [ 16.361498] kmalloc_oob_right+0x5d0/0x660 [ 16.361563] kunit_try_run_case+0x170/0x3f0 [ 16.361635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.361689] kthread+0x328/0x630 [ 16.361768] ret_from_fork+0x10/0x20 [ 16.361834] [ 16.361860] Allocated by task 136: [ 16.361887] kasan_save_stack+0x3c/0x68 [ 16.361927] kasan_save_track+0x20/0x40 [ 16.361963] kasan_save_alloc_info+0x40/0x58 [ 16.362002] __kasan_kmalloc+0xd4/0xd8 [ 16.362177] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.362231] kmalloc_oob_right+0xb0/0x660 [ 16.362267] kunit_try_run_case+0x170/0x3f0 [ 16.362369] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.362416] kthread+0x328/0x630 [ 16.362448] ret_from_fork+0x10/0x20 [ 16.362482] [ 16.362927] The buggy address belongs to the object at fff00000c6554700 [ 16.362927] which belongs to the cache kmalloc-128 of size 128 [ 16.363035] The buggy address is located 13 bytes to the right of [ 16.363035] allocated 115-byte region [fff00000c6554700, fff00000c6554773) [ 16.363122] [ 16.363181] The buggy address belongs to the physical page: [ 16.363219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.363314] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.363360] page_type: f5(slab) [ 16.363396] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.363445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.363484] page dumped because: kasan: bad access detected [ 16.363646] [ 16.363663] Memory state around the buggy address: [ 16.363694] fff00000c6554680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363818] fff00000c6554700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.363891] >fff00000c6554780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.363968] ^ [ 16.364057] fff00000c6554800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.364129] fff00000c6554880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.364210] ================================================================== [ 16.349802] ================================================================== [ 16.350544] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 16.351480] Write of size 1 at addr fff00000c6554773 by task kunit_try_catch/136 [ 16.351588] [ 16.352342] CPU: 1 UID: 0 PID: 136 Comm: kunit_try_catch Tainted: G N 6.16.0-rc6 #1 PREEMPT [ 16.352488] Tainted: [N]=TEST [ 16.352520] Hardware name: linux,dummy-virt (DT) [ 16.352770] Call trace: [ 16.352944] show_stack+0x20/0x38 (C) [ 16.353079] dump_stack_lvl+0x8c/0xd0 [ 16.353142] print_report+0x118/0x5d0 [ 16.353191] kasan_report+0xdc/0x128 [ 16.353237] __asan_report_store1_noabort+0x20/0x30 [ 16.353289] kmalloc_oob_right+0x5a4/0x660 [ 16.353335] kunit_try_run_case+0x170/0x3f0 [ 16.353387] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.353439] kthread+0x328/0x630 [ 16.353483] ret_from_fork+0x10/0x20 [ 16.353637] [ 16.353674] Allocated by task 136: [ 16.353816] kasan_save_stack+0x3c/0x68 [ 16.353885] kasan_save_track+0x20/0x40 [ 16.353922] kasan_save_alloc_info+0x40/0x58 [ 16.353961] __kasan_kmalloc+0xd4/0xd8 [ 16.353997] __kmalloc_cache_noprof+0x16c/0x3c0 [ 16.354037] kmalloc_oob_right+0xb0/0x660 [ 16.354072] kunit_try_run_case+0x170/0x3f0 [ 16.354110] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 16.354153] kthread+0x328/0x630 [ 16.354185] ret_from_fork+0x10/0x20 [ 16.354238] [ 16.354296] The buggy address belongs to the object at fff00000c6554700 [ 16.354296] which belongs to the cache kmalloc-128 of size 128 [ 16.354388] The buggy address is located 0 bytes to the right of [ 16.354388] allocated 115-byte region [fff00000c6554700, fff00000c6554773) [ 16.354456] [ 16.354533] The buggy address belongs to the physical page: [ 16.354738] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106554 [ 16.355010] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 16.355297] page_type: f5(slab) [ 16.355583] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000 [ 16.355647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.355768] page dumped because: kasan: bad access detected [ 16.355809] [ 16.355834] Memory state around the buggy address: [ 16.356056] fff00000c6554600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.356120] fff00000c6554680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.356174] >fff00000c6554700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.356227] ^ [ 16.356308] fff00000c6554780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.356350] fff00000c6554800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.356410] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 96.662586] WARNING: CPU: 0 PID: 656 at lib/math/int_log.c:120 intlog10+0x38/0x48 [ 96.663992] Modules linked in: [ 96.664203] CPU: 0 UID: 0 PID: 656 Comm: kunit_try_catch Tainted: G B D W N 6.16.0-rc6 #1 PREEMPT [ 96.664952] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 96.665530] Hardware name: linux,dummy-virt (DT) [ 96.666020] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.666789] pc : intlog10+0x38/0x48 [ 96.667178] lr : intlog10_test+0xe4/0x200 [ 96.667734] sp : ffff800082427c10 [ 96.668108] x29: ffff800082427c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.668913] x26: 1ffe000018b1f721 x25: 0000000000000000 x24: ffff800082427ce0 [ 96.669699] x23: ffff800082427d00 x22: 0000000000000000 x21: 1ffff00010484f82 [ 96.670500] x20: ffff988710a89d80 x19: ffff800080087990 x18: 000000005c88bf89 [ 96.671265] x17: 0000000051a637fa x16: fff00000c097583c x15: 00000000f6ec48a3 [ 96.672031] x14: 00000000e8542135 x13: 1ffe00001b48e9cd x12: ffff7310e2923379 [ 96.672741] x11: 1ffff310e2923378 x10: ffff7310e2923378 x9 : ffff98870e035e5c [ 96.673094] x8 : ffff988714919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.673433] x5 : ffff700010484f82 x4 : 1ffff00010010f3a x3 : 1ffff310e21513b0 [ 96.673879] x2 : 1ffff310e21513b0 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.674599] Call trace: [ 96.674885] intlog10+0x38/0x48 (P) [ 96.675292] kunit_try_run_case+0x170/0x3f0 [ 96.675814] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.676456] kthread+0x328/0x630 [ 96.676835] ret_from_fork+0x10/0x20 [ 96.677219] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 96.622503] WARNING: CPU: 0 PID: 638 at lib/math/int_log.c:63 intlog2+0xd8/0xf8 [ 96.623660] Modules linked in: [ 96.623953] CPU: 0 UID: 0 PID: 638 Comm: kunit_try_catch Tainted: G B D N 6.16.0-rc6 #1 PREEMPT [ 96.624426] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 96.624704] Hardware name: linux,dummy-virt (DT) [ 96.624999] pstate: 12402009 (nzcV daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 96.625291] pc : intlog2+0xd8/0xf8 [ 96.625531] lr : intlog2_test+0xe4/0x200 [ 96.625896] sp : ffff800082397c10 [ 96.626104] x29: ffff800082397c90 x28: 0000000000000000 x27: 0000000000000000 [ 96.626620] x26: 1ffe000019034f81 x25: 0000000000000000 x24: ffff800082397ce0 [ 96.626980] x23: ffff800082397d00 x22: 0000000000000000 x21: 1ffff00010472f82 [ 96.627343] x20: ffff988710a89c80 x19: ffff800080087990 x18: 00000000b45e766f [ 96.627799] x17: 000000009e81d5a5 x16: fff00000c097583c x15: fff00000ff616b08 [ 96.628252] x14: 0000000000018fff x13: 1ffe00001b48e9cd x12: ffff7310e2923379 [ 96.628696] x11: 1ffff310e2923378 x10: ffff7310e2923378 x9 : ffff98870e03605c [ 96.629179] x8 : ffff988714919bc3 x7 : 0000000000000001 x6 : 00000000f1f1f1f1 [ 96.629582] x5 : ffff700010472f82 x4 : 1ffff00010010f3a x3 : 1ffff310e2151390 [ 96.629979] x2 : 1ffff310e2151390 x1 : 0000000000000003 x0 : 0000000000000000 [ 96.630365] Call trace: [ 96.630540] intlog2+0xd8/0xf8 (P) [ 96.630790] kunit_try_run_case+0x170/0x3f0 [ 96.631091] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 96.631443] kthread+0x328/0x630 [ 96.631762] ret_from_fork+0x10/0x20 [ 96.632049] ---[ end trace 0000000000000000 ]---